Ransom • Trojan

Trojan-Ransom.Win32.Blocker.klcu malicious file

The Trojan-Ransom.Win32.Blocker.klcu is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan-Ransom.Win32.Blocker.klcu virus can do?

Anomalous binary characteristics

How to determine Trojan-Ransom.Win32.Blocker.klcu?


File Info:
crc32: B08F2734
md5: 655bbcb046c8107552a073668eeb4442
name: 655BBCB046C8107552A073668EEB4442.mlw
sha1: 7ba0e5d457dab558762236f7f65d65b1d95c9c97
sha256: 0420ed1ce5f6c2f0a6229463fd97b1ffe90567d921a76bfe3d0f242e8e148de0
sha512: 303dd4408df7b06b39e25d38235f4c5537c14f2c6af544eee9e9d8e82c4aace44662366fa5b4e51e1debae07e48194eedb58b36ff08891c945e9d7cee6e91094
ssdeep: 3072:ADKW1LgppLRHMY0TBfJvjcTp5X3KZmVix+SeAp9Z:ADKW1Lgbdl0TBBvjc/6ZmYuAx
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
Translation: 0x0000 0x04b0
LegalCopyright: Copyright xa9  2017
Assembly Version: 1.0.0.0
InternalName: NewtonMarkViewer.exe
FileVersion: 1.0.0.0
ProductName: NewtonMarkViewer
ProductVersion: 1.0.0.0
FileDescription: NewtonMarkViewer
OriginalFilename: NewtonMarkViewer.exe

Trojan-Ransom.Win32.Blocker.klcu also known as:

Bkav	W32.AIDetect.malware2
K7AntiVirus	Riskware ( 0040eff71 )
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKD.6178488
ALYac	Trojan.GenericKD.6178488
Cylance	Unsafe
Zillya	Trojan.Blocker.Win32.62201
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (W)
BitDefender	Trojan.GenericKD.6178488
K7GW	Riskware ( 0040eff71 )
Cybereason	malicious.046c81
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Paloalto	generic.ml
Cynet	Malicious (score: 100)
Kaspersky	Trojan-Ransom.Win32.Blocker.klcu
Alibaba	Ransom:Win32/Blocker.7500ca48
NANO-Antivirus	Trojan.Win32.Blocker.euykvy
SUPERAntiSpyware	Trojan.Agent/Gen-MSIL
Tencent	Win32.Trojan.Blocker.Wnmp
Ad-Aware	Trojan.GenericKD.6178488
Sophos	Mal/Generic-S
BitDefenderTheta	Gen:NN.ZexaF.34608.lq0@aeSmKpm
VIPRE	Trojan.Win32.Generic!BT
McAfee-GW-Edition	BehavesLike.Win32.Generic.cc
FireEye	Generic.mg.655bbcb046c81075
Emsisoft	Trojan.GenericKD.6178488 (B)
eGambit	Unsafe.AI_Score_99%
Arcabit	Trojan.Generic.D5E46B8
AegisLab	Trojan.Multi.Generic.4!c
GData	Trojan.GenericKD.6178488
Acronis	suspicious
McAfee	Artemis!655BBCB046C8
MAX	malware (ai score=82)
VBA32	Trojan-Ransom.Blocker
Rising	Trojan.Kryptik!1.C864 (CLOUD)
SentinelOne	Static AI – Suspicious PE
Fortinet	W32/Blocker.KLCU!tr
Panda	Trj/CI.A
Qihoo-360	Win32/Trojan.Ransom.f63

How to remove Trojan-Ransom.Win32.Blocker.klcu?

Trojan-Ransom.Win32.Blocker.klcu removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X