Razy.73730 removal guide

The Razy.73730 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Razy.73730 virus can do?

Executable code extraction
Injection (inter-process)
Injection (Process Hollowing)
Creates RWX memory
Mimics the system’s user agent string for its own requests
Reads data out of its own binary image
The binary likely contains encrypted or compressed data.
Executed a process and injected code into it, probably while unpacking
Behavior consistent with a dropper attempting to download the next stage.
Exhibits behavior characteristic of Locky ransomware

Related domains:

baspcxtca.work

uttpsnmij.ru

hkjjkcw.xyz

wqeewkuq.work

yyaodfr.biz

uaxddxqtvtqwqxk.pw

How to determine Razy.73730?


File Info:
crc32: 5F1923ED
md5: 3b90e75dc1d3949fff1b7a608a2489d7
name: 3B90E75DC1D3949FFF1B7A608A2489D7.mlw
sha1: 27bdf5f8dd5fc197b78ebca3a14acd497c400653
sha256: be2fbd338192cd66f48466162d9256e2f4f89bfdfc9d85e87d55779154b57784
sha512: cd091f2ff785404ba1f4770b5fb4074f6a13acc691dbb9a8f5ede5bf486034e491c11fc66528192c40921098af76b1b335f127066eb4376af8b18212b813bff2
ssdeep: 6144:OsYL6UFyl/sYb7adVDs+1pjP3VIkV+mHE00O0Z49pQm7n:AF9Y3eVDsCphznHENLMpxb
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
0: [No Data]

Razy.73730 also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Trojan ( 004f00a01 )
Lionic	Trojan.Win32.Injector.tn6z
Elastic	malicious (high confidence)
DrWeb	Trojan.Encoder.3976
Cynet	Malicious (score: 100)
CAT-QuickHeal	Ransomware.Generic.WR4
ALYac	Gen:Variant.Razy.73730
Cylance	Unsafe
Zillya	Trojan.Injector.Win32.392532
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (D)
Alibaba	VirTool:Win32/Injector.f05ade39
K7GW	Trojan ( 004f00a01 )
Cybereason	malicious.dc1d39
Cyren	W32/Trojan.YCNL-0723
Symantec	Ransom.Locky!g9
ESET-NOD32	Win32/Filecoder.Locky.C
Zoner	Trojan.Win32.43219
APEX	Malicious
Avast	Win32:Trojan-gen
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Gen:Variant.Razy.73730
NANO-Antivirus	Trojan.Win32.Encoder.edxzzc
ViRobot	Trojan.Win32.Locky.269106.A
MicroWorld-eScan	Gen:Variant.Razy.73730
Tencent	Malware.Win32.Gencirc.114b618f
Ad-Aware	Gen:Variant.Razy.73730
Sophos	Mal/Generic-R + Mal/Isda-D
Comodo	Malware@#1s7mk4xfrew7q
BitDefenderTheta	Gen:NN.ZexaF.34050.quZ@aCR9PQhi
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	Ransom_LOCKY.SMR5
McAfee-GW-Edition	Ransomware-FOV!3B90E75DC1D3
FireEye	Generic.mg.3b90e75dc1d3949f
Emsisoft	Gen:Variant.Razy.73730 (B)
SentinelOne	Static AI – Malicious PE
Jiangmin	Trojan.Banker.Shiotob.bc
Avira	HEUR/AGEN.1120912
eGambit	Unsafe.AI_Score_99%
Antiy-AVL	Trojan/Generic.ASMalwS.197D317
Microsoft	VirTool:Win32/Injector.IM
Arcabit	Trojan.Razy.D12002
SUPERAntiSpyware	Ransom.Locky/Variant
GData	Gen:Variant.Razy.73730
AhnLab-V3	Trojan/Win32.Locky.R183982
McAfee	Ransomware-FOV!3B90E75DC1D3
MAX	malware (ai score=81)
VBA32	Hoax.Locky
Malwarebytes	MachineLearning/Anomalous.97%
Panda	Trj/CI.A
TrendMicro-HouseCall	Ransom_LOCKY.SMR5
Rising	Trojan.Generic@ML.100 (RDML:hN00GcGMPeSHjhVKqiBdaQ)
Ikarus	Trojan-Ransom.Locky
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Bebloh.P!tr
AVG	Win32:Trojan-gen
Paloalto	generic.ml
Qihoo-360	Win32/Trojan.Inject.HwoCEpsA

How to remove Razy.73730?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.