Backdoor:Win32/Quicdy.A removal

The Backdoor:Win32/Quicdy.A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Backdoor:Win32/Quicdy.A virus can do?

Executable code extraction
Injection (inter-process)
Compression (or decompression)
Creates RWX memory
Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
Unconventionial language used in binary resources: Polish
Collects information to fingerprint the system
Anomalous binary characteristics

Related domains:

barthrtada.com

sourpuss.net

ns1.opennameserver.org

freya.stelas.de

ns.dotbit.me

ns1.moderntld.com

How to determine Backdoor:Win32/Quicdy.A?


File Info:
crc32: 2122CA2F
md5: ae39c323218af31016f0ba9a2b58b984
name: n1.exe
sha1: 6a225eb1d9186aa1bf001509e40341521590a201
sha256: 61a2e05d5ec897847fe7309ffad64bc2c7960e9c94c3766df7720f7473e529d5
sha512: d03d90a6fc12032e686e686356664ca5ca01ac41e4df0e5209af8c75ad6a269984a4d92e271928eb38e5c8e48fdfd2eff7fdcde47d7e1077e08addd2436ba5a7
ssdeep: 6144:qEboKtaJsb1ua38O1EGyWGClvppe2vDnFJQq65y:qwlRug11EGVGC9f5nEFM
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
0: [No Data]

Backdoor:Win32/Quicdy.A also known as:

Bkav	W32.AIDetectVM.malware
DrWeb	Trojan.Encoder.25965
MicroWorld-eScan	Trojan.GenericKDZ.47017
FireEye	Generic.mg.ae39c323218af310
Qihoo-360	Generic/HEUR/QVM10.2.D935.Malware.Gen
McAfee	GenericRXGK-WE!AE39C323218A
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
AegisLab	Trojan.Win32.Jimmy.4!c
Sangfor	Malware
K7AntiVirus	Trojan ( 0053b72b1 )
BitDefender	Trojan.GenericKDZ.47017
K7GW	Trojan ( 0053b72b1 )
Cybereason	malicious.3218af
TrendMicro	Trojan.Win32.SODINOK.SM.hp
BitDefenderTheta	Gen:NN.ZexaF.34106.tyW@auNqF7lG
Cyren	W32/Kryptik.IE.gen!Eldorado
APEX	Malicious
Avast	Win32:MalwareX-gen [Trj]
GData	Trojan.GenericKDZ.47017
Kaspersky	HEUR:Trojan.Win32.Generic
Alibaba	Trojan:Win32/Kryptik.e179c802
NANO-Antivirus	Trojan.Win32.Coins.fhocwq
Tencent	Win32.Trojan.Generic.Lnxx
Ad-Aware	Trojan.GenericKDZ.47017
Sophos	Mal/GandCrab-B
Comodo	Malware@#1gke4knfskbbl
F-Secure	Heuristic.HEUR/AGEN.1102756
Zillya	Trojan.GenericKD.Win32.179212
Invincea	heuristic
McAfee-GW-Edition	BehavesLike.Win32.Generic.fh
Trapmine	malicious.high.ml.score
Emsisoft	Trojan.GenericKDZ.47017 (B)
SentinelOne	DFI – Suspicious PE
F-Prot	W32/Kryptik.IE.gen!Eldorado
Jiangmin	Trojan.PSW.Coins.bbw
Webroot	W32.Adware.Installcore
Avira	HEUR/AGEN.1102756
Antiy-AVL	Trojan[PSW]/Win32.Coins
Endgame	malicious (high confidence)
Arcabit	Trojan.Generic.DB7A9
ZoneAlarm	HEUR:Trojan.Win32.Generic
Microsoft	Backdoor:Win32/Quicdy.A
AhnLab-V3	Win-Trojan/Gandcrab08.Exp
Acronis	suspicious
VBA32	BScope.Trojan.Vigorf
ALYac	Trojan.GenericKDZ.47017
MAX	malware (ai score=100)
Malwarebytes	Trojan.MalPack
Panda	Trj/GdSda.A
Zoner	Trojan.Win32.72207
ESET-NOD32	a variant of Win32/Kryptik.GKIB
TrendMicro-HouseCall	Trojan.Win32.SODINOK.SM.hp
Rising	Trojan.Vigorf!8.EAEA (CLOUD)
Yandex	Trojan.Agent!O19UCy4do4U
Ikarus	Trojan.Win32.Crypt
eGambit	Unsafe.AI_Score_99%
Fortinet	W32/Kryptik.GKJF!tr
AVG	Win32:MalwareX-gen [Trj]
Paloalto	generic.ml
CrowdStrike	win/malicious_confidence_100% (W)
MaxSecure	Trojan.Malware.73700185.susgen

How to remove Backdoor:Win32/Quicdy.A?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Backdoor:Win32/Quicdy.A removal