Ransom Trojan

Trojan-Ransom.Win32.Blocker.kndk removal tips

Malware Removal

The Trojan-Ransom.Win32.Blocker.kndk is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Ransom.Win32.Blocker.kndk virus can do?

  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine Trojan-Ransom.Win32.Blocker.kndk?



File Info:

crc32: A944B9BE
md5: 2feb9a313cafc6d7bc2ef83e0ad43b3f
name: 2FEB9A313CAFC6D7BC2EF83E0AD43B3F.mlw
sha1: 8181ceb5afebf20611696dc6bd0219a41e23f018
sha256: 0eb7c96402f7f8f1143c281713ca8a7de5141d234f07da5b8264e99d584563e7
sha512: b173f3c96f53b9772e91bc511e96ddb7bf7e246174e566d9ba27d7744b9e11c919c66da825cbceb3ba99055f1aad73ce200ae7b727f78b2260bd8b05f9ea35c8
ssdeep: 3072:bDKW1LgppLRHMY0TBfJvjcTp5X7ZZDeH+pn:bDKW1Lgbdl0TBBvjc/7HDeeJ
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

Translation: 0x0000 0x04b0
LegalCopyright:  
Assembly Version: 0.0.0.0
InternalName: servercrypt.exe
FileVersion: 0.0.0.0
ProductVersion: 0.0.0.0
FileDescription:  
OriginalFilename: servercrypt.exe

Trojan-Ransom.Win32.Blocker.kndk also known as:

BkavW32.AIDetect.malware2
K7AntiVirusRiskware ( 0040eff71 )
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
ALYacGen:Variant.Dopping.1
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_70% (D)
K7GWRiskware ( 0040eff71 )
Cybereasonmalicious.13cafc
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Kryptik.OIQ
APEXMalicious
AvastWin32:Malware-gen
KasperskyTrojan-Ransom.Win32.Blocker.kndk
BitDefenderGen:Variant.Dopping.1
NANO-AntivirusTrojan.Win32.Blocker.evzrqk
SUPERAntiSpywareTrojan.Agent/Gen-MSIL
MicroWorld-eScanGen:Variant.Dopping.1
TencentWin32.Trojan.Blocker.Hwxf
Ad-AwareGen:Variant.Dopping.1
SophosMal/Generic-S
ComodoMalware@#2bocayqroztr8
BitDefenderThetaGen:NN.ZexaF.34684.kq0@a8aYJXb
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.Generic.cc
FireEyeGeneric.mg.2feb9a313cafc6d7
EmsisoftGen:Variant.Dopping.1 (B)
SentinelOneStatic AI – Suspicious PE
JiangminHoax.BadJoke.ebk
AviraTR/Dropper.MSIL.Gen
eGambitUnsafe.AI_Score_99%
MicrosoftBackdoor:Win32/Bladabindi!ml
AegisLabTrojan.Win32.Generic.4!c
ZoneAlarmTrojan-Ransom.Win32.Blocker.kndk
GDataGen:Variant.Dopping.1
AhnLab-V3Trojan/Win32.Blocker.C202821
Acronissuspicious
McAfeeArtemis!2FEB9A313CAF
MAXmalware (ai score=99)
VBA32Trojan-Ransom.Blocker
PandaTrj/CI.A
RisingRansom.Blocker!8.12A (CLOUD)
YandexTrojan.Blocker!Hp8Eq/s/TCk
IkarusTrojan.Dropper
FortinetW32/Blocker.KNDK!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml

How to remove Trojan-Ransom.Win32.Blocker.kndk?

Trojan-Ransom.Win32.Blocker.kndk removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment