Malware

Generik.DDPQRGD removal tips

Malware Removal

The Generik.DDPQRGD is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generik.DDPQRGD virus can do?

  • Executable code extraction
  • At least one process apparently crashed during execution
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Compression (or decompression)
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • A process created a hidden window
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Uses Windows utilities for basic functionality
  • Attempts to restart the guest VM
  • Executed a process and injected code into it, probably while unpacking
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • Mimics the file times of a Windows system file
  • Installs itself for autorun at Windows startup
  • Attempts to identify installed AV products by registry key
  • Attempts to modify browser security settings
  • Creates a copy of itself
  • Attempts to disable Windows Defender
  • Attempts to modify user notification settings

How to determine Generik.DDPQRGD?



File Info:

crc32: 8A7AA5A8
md5: b4395d31e38954f34f2ab844b00f2999
name: B4395D31E38954F34F2AB844B00F2999.mlw
sha1: 2733d693ed8e0ee07116938df113f2c6c470b341
sha256: 0b8339e5636d7ddc5ed0e00c6584e881d226aabaa966735e8733c323cef4d714
sha512: d6b65be85c9cea84a433eec4b1b2a0a6de8f31b12c2bed25a30d8b489eef761cbed5f672e62179ea74bca6ae2e42961b764782752cc847854a78ed33c5467284
ssdeep: 6144:KiRDiMHQwxIXvnQVw9FW+r/R2xAbU/J6IpmFSr/IAtZEZF1Iji/HEYBq2K0BZA1:Ki9rQnQVwnWoJ7AJ6I0mIcSr1IG/EYS
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed


Version Info:

LegalCopyright: Copyright xa9 1995-Present  KUMASERSOFT
FileVersion: 6.6.9.7
CompanyName: KUMASERSOFT
LegalTrademarks: Copyright xa9 1995-Present  KUMASERSOFT
Comments: Incremental Scaled Toggled Division Vermaat
ProductName: Beast
ProductVersion: 6.6.9.7
FileDescription: Incremental Scaled Toggled Division Vermaat
OriginalFilename: Beast.exe
Translation: 0x0409 0x04b0

Generik.DDPQRGD also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 0053a1a21 )
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
CylanceUnsafe
ZillyaTrojan.Yakes.Win32.69054
SangforRiskware.Win32.Wacapew.C
CrowdStrikewin/malicious_confidence_80% (W)
AlibabaTrojan:Win32/Yakes.d2dd0f2b
K7GWTrojan ( 0053a1a21 )
Cybereasonmalicious.3ed8e0
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Generik.DDPQRGD
APEXMalicious
AvastWin32:Malware-gen
KasperskyTrojan.Win32.Yakes.wxva
BitDefenderTrojan.GenericKD.36638480
MicroWorld-eScanTrojan.GenericKD.36638480
TencentMalware.Win32.Gencirc.114d4b75
Ad-AwareTrojan.GenericKD.36638480
SophosMal/Generic-S
BitDefenderThetaGen:NN.ZexaF.34670.xmKfaCs9W9mi
McAfee-GW-EditionBehavesLike.Win32.BadFile.fc
FireEyeGeneric.mg.b4395d31e38954f3
EmsisoftTrojan.GenericKD.36638480 (B)
SentinelOneStatic AI – Suspicious PE
JiangminTrojan.Yakes.aana
AviraHEUR/AGEN.1141115
eGambitUnsafe.AI_Score_93%
MicrosoftTrojan:Win32/Wacatac.B!ml
GDataTrojan.GenericKD.36638480
Acronissuspicious
McAfeeArtemis!B4395D31E389
VBA32BScope.Trojan.Yakes
MalwarebytesMalware.Heuristic.1003
TrendMicro-HouseCallTROJ_GEN.R002H0CD521
RisingTrojan.Kryptik!8.8 (CLOUD)
YandexTrojan.Yakes!KU1aSximGbU
IkarusTrojan-Ransom.GandCrab
FortinetW32/Yakes.DDPQRGD!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml
Qihoo-360Win32/Botnet.Yakes.HgIASRsA

How to remove Generik.DDPQRGD?

Generik.DDPQRGD removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment