How to remove "Trojan-Ransom.Win32.Gimemo.rms"?

The Trojan-Ransom.Win32.Gimemo.rms is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Trojan-Ransom.Win32.Gimemo.rms virus can do?

Injection (inter-process)
Injection (Process Hollowing)
Creates RWX memory
Possible date expiration check, exits too soon after checking local time
Reads data out of its own binary image
Unconventionial language used in binary resources: Russian
Executed a process and injected code into it, probably while unpacking
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Trojan-Ransom.Win32.Gimemo.rms?


File Info:
crc32: E951F8E9
md5: dc9fa5f97a34e19be958a84693d24bdd
name: DC9FA5F97A34E19BE958A84693D24BDD.mlw
sha1: 548611b3a6cfdab4a7a028cea89f844ea46eab68
sha256: 0787058942edf9bf06d5bf6a95bb129b05f98e88eb6725d5a7787309ee329b42
sha512: dc64a1140dbb6421cd224202b9f486f1d47164c9034fdea6e7118ef564cb0f9f65a80d4e9c5338b07d3a6ac15936287a314d64b78b2b421ca046b2a569f7e02c
ssdeep: 3072:lrzgzXMT8IRBBsg0zlmXDQWmtlPfZpdQGF4REr1Lamvz9KNmI:RzkX+5BCPkDIBH4REkI94
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
0: [No Data]

Trojan-Ransom.Win32.Gimemo.rms also known as:

Bkav	W32.AIDetect.malware2
K7AntiVirus	Trojan ( 0055e3991 )
Elastic	malicious (high confidence)
DrWeb	BackDoor.Andromeda.22
Cynet	Malicious (score: 100)
CAT-QuickHeal	TrojanRansom.Gimemo
ALYac	Gen:Variant.Kazy.59405
Cylance	Unsafe
Zillya	Trojan.Gimemo.Win32.1984
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (D)
Alibaba	Ransom:Win32/Gimemo.8032d79b
K7GW	Trojan ( 0055e3991 )
Cybereason	malicious.97a34e
Cyren	W32/Gimemo.C.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Injector.QWV
APEX	Malicious
Avast	Win32:Citadel [Trj]
ClamAV	Win.Trojan.Gimemo-30
Kaspersky	Trojan-Ransom.Win32.Gimemo.rms
BitDefender	Gen:Variant.Kazy.59405
NANO-Antivirus	Trojan.Win32.Gimemo.qtesv
ViRobot	Trojan.Win32.A.Gimemo.214567
MicroWorld-eScan	Gen:Variant.Kazy.59405
Tencent	Malware.Win32.Gencirc.10b492c2
Ad-Aware	Gen:Variant.Kazy.59405
Sophos	Mal/Generic-R + Troj/Zbot-BUF
Comodo	TrojWare.Win32.Spy.Zbot.DTNY@4pp6dp
F-Secure	Trojan.TR/Ransom.Gimemo.jh
BitDefenderTheta	Gen:NN.ZexaF.34690.nuZ@a8lcqfic
VIPRE	Trojan.Win32.Generic!BT
McAfee-GW-Edition	PWS-Zbot.gen.ym
FireEye	Generic.mg.dc9fa5f97a34e19b
Emsisoft	Gen:Variant.Kazy.59405 (B)
SentinelOne	Static AI – Malicious PE
Jiangmin	Trojan/Gimemo.bvv
Webroot	W32.InfoStealer.Zeus
Avira	TR/Ransom.Gimemo.jh
Kingsoft	Win32.Troj.Generic_a.a.(kcloud)
Microsoft	VirTool:Win32/Obfuscator.XS
Arcabit	Trojan.Kazy.DE80D
AegisLab	Trojan.Win32.Gimemo.tnBx
ZoneAlarm	Trojan-Ransom.Win32.Gimemo.rms
GData	Gen:Variant.Kazy.59405
TACHYON	Trojan/W32.Gimemo.214567
AhnLab-V3	Trojan/Win32.Gimemo.R25158
McAfee	PWS-Zbot.gen.ym
MAX	malware (ai score=100)
VBA32	Hoax.Gimemo
Malwarebytes	Malware.AI.2619437411
Panda	Trj/Genetic.gen
Rising	Trojan.Win32.Generic.12CDB0EB (C64:YzY0OqUycPLIS3Hc)
Yandex	Trojan.GenAsa!FrwBUB+zndc
Ikarus	Trojan-Ransom.Gimemo
MaxSecure	Trojan.Malware.3940400.susgen
Fortinet	W32/Kryptik.WDW!tr
AVG	Win32:Citadel [Trj]
Paloalto	generic.ml

How to remove Trojan-Ransom.Win32.Gimemo.rms?

Trojan-Ransom.Win32.Gimemo.rms removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

How to remove “Trojan-Ransom.Win32.Gimemo.rms”?