What is "Ransom:Win32/Genasom!MSR"?

The Ransom:Win32/Genasom!MSR is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Ransom:Win32/Genasom!MSR virus can do?

Exhibits possible ransomware file modification behavior
Writes a potential ransom message to disk
Network activity detected but not expressed in API logs
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Ransom:Win32/Genasom!MSR?


File Info:
crc32: F6532CB3
md5: e6353f79779a553c822deab899649b1b
name: E6353F79779A553C822DEAB899649B1B.mlw
sha1: 112e82faa9e11c9d5b5723770178062fcb421ceb
sha256: 96056182d93b582b3d56bd82a560bafd5cde413c4ca216f4f62ab446c61c9b6a
sha512: 70f5b97019dd0504ed4206abcd8420df3d2f4a6265f10d772d076d3ea74f5152e61d3e8c7a90e575d75189eb7723099644e5defb902d8fb122c0c4641581e81d
ssdeep: 1536:WcD19HJsK6Fdsr4kSu32CYOGwpin2yyENyK7yHqkc8r:7D1p6nsrZN32CYOGwpin2JuEJc8r
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
0: [No Data]

Ransom:Win32/Genasom!MSR also known as:

Bkav	W32.AIDetect.malware1
Elastic	malicious (high confidence)
ClamAV	Win.Ransomware.MountLocker-9802291-0
CAT-QuickHeal	Trojan.Agent
McAfee	Ransomware-HBF!E6353F79779A
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
AegisLab	Trojan.Win32.Zudochka.4!c
Sangfor	Ransom.Win32.MountLocker.IOC
K7AntiVirus	Riskware ( 0040eff71 )
BitDefender	Trojan.AgentWDCR.ABRT
K7GW	Riskware ( 0040eff71 )
Cybereason	malicious.9779a5
Arcabit	Trojan.AgentWDCR.ABRT
Cyren	W32/Ransom.ADTH-0369
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Paloalto	generic.ml
Cynet	Malicious (score: 100)
Kaspersky	Trojan.Win32.Zudochka.evg
Alibaba	Ransom:Win32/generic.ali2000010
NANO-Antivirus	Trojan.Win32.Zudochka.hufutk
MicroWorld-eScan	Trojan.AgentWDCR.ABRT
Tencent	Win32.Trojan.Filecoder.Airl
Ad-Aware	Trojan.AgentWDCR.ABRT
Emsisoft	Trojan.AgentWDCR.ABRT (B)
Comodo	Malware@#3drgchr1silu7
F-Secure	Trojan.TR/Genasom.ledfg
DrWeb	Trojan.Encoder.32696
Zillya	Trojan.Zudochka.Win32.423
TrendMicro	Ransom.Win32.MOUNTLOCKER.A
McAfee-GW-Edition	BehavesLike.Win32.Generic.lt
MaxSecure	Trojan.Malware.106783860.susgen
FireEye	Generic.mg.e6353f79779a553c
Sophos	Mal/Generic-S + Troj/Ransom-GBR
Ikarus	Trojan-Ransom.Rokku
Jiangmin	Trojan.Zudochka.hk
Webroot	W32.Trojan.Gen
Avira	TR/Genasom.ledfg
MAX	malware (ai score=100)
Antiy-AVL	Trojan/Win32.Zudochka
Kingsoft	Win32.Troj.Zudochka.e.(kcloud)
Microsoft	Ransom:Win32/Genasom!MSR
ViRobot	Trojan.Win32.S.Ransom.72704.B
ZoneAlarm	Trojan.Win32.Zudochka.evg
GData	Win32.Trojan.Agent.6IMUXC
AhnLab-V3	Trojan/Win32.Genasom.C4193559
VBA32	Trojan.Zudochka
ALYac	Trojan.Ransom.Filecoder
TACHYON	Ransom/W32.MountLocker.72704
Malwarebytes	Ransom.MountLocket
Panda	Trj/WLT.F
Zoner	Trojan.Win32.97805
ESET-NOD32	Win32/Filecoder.ODH
TrendMicro-HouseCall	Ransom.Win32.MOUNTLOCKER.A
Rising	Malware.Ursnif!8.E941 (KTSE)
Yandex	Trojan.Filecoder!NhwKKOskVAE
SentinelOne	Static AI – Malicious PE
Fortinet	W32/Zudochka.EVG!tr.ransom
BitDefenderTheta	AI:Packer.DC1AEE111E
AVG	Other:Malware-gen [Trj]
Avast	Other:Malware-gen [Trj]
CrowdStrike	win/malicious_confidence_100% (W)
Qihoo-360	Win32/Trojan.e04

How to remove Ransom:Win32/Genasom!MSR?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

What is “Ransom:Win32/Genasom!MSR”?