Should I remove "HackTool:Win32/Bootlock.A"?

The HackTool:Win32/Bootlock.A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What HackTool:Win32/Bootlock.A virus can do?

Creates RWX memory
Unconventionial binary language: Russian
Unconventionial language used in binary resources: Russian
The binary likely contains encrypted or compressed data.
The executable is compressed using UPX
Network activity detected but not expressed in API logs
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine HackTool:Win32/Bootlock.A?


File Info:
crc32: D05EC0F6
md5: c8f5f007e75f79d7289568406b450a21
name: C8F5F007E75F79D7289568406B450A21.mlw
sha1: 424232cd270b7e7d255d440d25188097b9f0e465
sha256: be0830713d84ebe82e0fd2a9380d4e4fba59b547691a14069ea024c8562396d4
sha512: 4de27d38bfcdfda879d81703d44a02d3699ce28d924ea509cabb106df9cdd03365f7386afcfdce5a8915555e733579221c152091802061c44c1a920f40873b73
ssdeep: 3072:9PdEbA9i6ZUVXMdvx4JVAKvj62QvOOi2RW8F1CaDNmS4dZbAX/qcNOG+xD9VtxZ:VdE89ZU+dvIfXI3XCaDWZbA0Frt
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed

Version Info:
LegalCopyright: Copyrights damned!
InternalName: 
FileVersion: 0.2.0.0
CompanyName: VaZoNeZ Corp.
LegalTrademarks: 
ProductName: [MBRLocker Builder]
ProductVersion: 0.2.0.0
FileDescription: [MBRLocker Builder]
OriginalFilename: 
Translation: 0x0419 0x04e3

HackTool:Win32/Bootlock.A also known as:

MicroWorld-eScan	Trojan.Generic.KDV.298598
McAfee	GenericRXAA-FA!C8F5F007E75F
Cylance	Unsafe
Zillya	Trojan.MBRlock.Win32.24
AegisLab	Hacktool.Win32.Mblocker.toOL
Sangfor	Trojan.Win32.Generic.K
K7AntiVirus	Riskware ( 0040eff71 )
BitDefender	Trojan.Generic.KDV.298598
K7GW	Riskware ( 0040eff71 )
Cybereason	malicious.7e75f7
Arcabit	Trojan.Generic.KDV.D48E66
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
ClamAV	Win.Trojan.Ransom-43
Kaspersky	Constructor.Win32.MBRLocker.a
Alibaba	HackTool:Win32/MBRLocker.33691079
NANO-Antivirus	Riskware.Win32.Mblocker.cyycqq
Rising	Trojan.MBRlock!1.66BD (CLOUD)
Ad-Aware	Trojan.Generic.KDV.298598
Sophos	Generic PUA EC (PUA)
Comodo	ApplicUnsaf@#23aopcy273o7j
F-Secure	Malware.BOO/Ransom.AB
DrWeb	MBRlock.Generator.1
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	HKTL_MBLOCKER
McAfee-GW-Edition	BehavesLike.Win32.Trojan.cc
MaxSecure	Trojan.Malware.121218.susgen
FireEye	Trojan.Generic.KDV.298598
Emsisoft	Trojan.Generic.KDV.298598 (B)
Jiangmin	Constructor.Mblocker.a
Webroot	W32.Malware.Gen
Avira	BOO/Ransom.AB
MAX	malware (ai score=100)
Antiy-AVL	HackTool[Constructor]/Win32.Mblocker
Kingsoft	Win32.Troj.Generic.(kcloud)
Microsoft	HackTool:Win32/Bootlock.A
ViRobot	Trojan.Win32.Generic.197120.B
ZoneAlarm	Constructor.Win32.MBRLocker.a
GData	Trojan.Generic.KDV.298598
Cynet	Malicious (score: 85)
ALYac	Trojan.Generic.KDV.298598
VBA32	Trojan.Ransom.5705
Malwarebytes	Trojan.MBRLock
Panda	Generic Malware
ESET-NOD32	a variant of Win32/MBRlock.R
TrendMicro-HouseCall	HKTL_MBLOCKER
Tencent	Win32.Trojan.Ransom.Tccb
Yandex	Constructor.Mblocker!VGERIVmxNOg
Ikarus	Trojan-Ransom.Mbro
eGambit	Unsafe.AI_Score_99%
Fortinet	W32/Mblocker.B!kit
BitDefenderTheta	Gen:NN.ZelphiF.34590.mmKfaGl02Lfc
AVG	FileRepMalware
Avast	FileRepMalware
Qihoo-360	Win32/Constructor.aff

How to remove HackTool:Win32/Bootlock.A?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Should I remove “HackTool:Win32/Bootlock.A”?