Ransom Trojan

How to remove “Trojan-Ransom.Win32.Blocker.hgmw”?

Malware Removal

The Trojan-Ransom.Win32.Blocker.hgmw is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Ransom.Win32.Blocker.hgmw virus can do?

  • Executable code extraction
  • Attempts to restart the guest VM
  • Installs itself for autorun at Windows startup
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Trojan-Ransom.Win32.Blocker.hgmw?



File Info:

crc32: CDBFD78E
md5: 32daa0841d55997b8abeae85ada232e6
name: 32DAA0841D55997B8ABEAE85ADA232E6.mlw
sha1: 2e6c91b6af00c60042188ce7d62fc4572aeed470
sha256: a356c0647c6427b6df3458afe126788c60b9fe0c29c384c23e5f816519f65f53
sha512: e97fffc2cb6a9991c53dbefa46075b06cb7640e1583e574ffda554779cf33d3285d3752692f78d4cd65deb356f7ad080052032df5c9d1106a04280b848b623fc
ssdeep: 192:/T2dyO95/DLn2b8swvmb8OyPo+y/ubMp2hAD94BXEP:/T2dyOf/DLn2bCvmbc9y/ubID94BXEP
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

Translation: 0x0409 0x04b0
InternalName: TestFile1
FileVersion: 1.00
CompanyName: 1337 Progz
ProductName: Project1
ProductVersion: 1.00
OriginalFilename: TestFile1.exe

Trojan-Ransom.Win32.Blocker.hgmw also known as:

BkavW32.AIDetect.malware1
CynetMalicious (score: 100)
CylanceUnsafe
ZillyaDownloader.Adload.Win32.801
SangforTrojan.Win32.Adload.buxin
AlibabaRansom:Win32/Blocker.fa0dd291
CyrenW32/Downloader.NHYQ-0921
SymantecTrojan.Gen.MBT
APEXMalicious
AvastWin32:Trojan-gen
ClamAVWin.Trojan.Adload-305
KasperskyTrojan-Ransom.Win32.Blocker.hgmw
NANO-AntivirusTrojan.Win32.Adload.dofqqb
TencentWin32.Trojan-downloader.Adload.Lkny
SophosMal/Generic-S
ComodoMalware@#16df2tef0e61a
BitDefenderThetaGen:NN.ZevbaF.34050.bm0@aiqJRYpi
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.Trojan.mz
FireEyeGeneric.mg.32daa0841d55997b
SentinelOneStatic AI – Suspicious PE
eGambitUnsafe.AI_Score_100%
Antiy-AVLTrojan/Generic.ASMalwS.E6EAFA
GDataWin32.Trojan.Agent.BDEP57
McAfeeArtemis!32DAA0841D55
MAXmalware (ai score=100)
PandaGeneric Malware
YandexTrojan.DL.Adload!/nnvXC75LHA
IkarusTrojan.NewHeur_VB_Trojan
MaxSecureTrojan.Malware.5420559.susgen
FortinetW32/Adload.ACW!tr.dldr
AVGWin32:Trojan-gen
Qihoo-360Win32/Ransom.Blocker.HgAASRMA

How to remove Trojan-Ransom.Win32.Blocker.hgmw?

Trojan-Ransom.Win32.Blocker.hgmw removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment