What is “Generik.EBDGQBA”?

The Generik.EBDGQBA is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Generik.EBDGQBA virus can do?

Authenticode signature is invalid
Anomalous binary characteristics

How to determine Generik.EBDGQBA?


File Info:
name: 6945DC0C59D2B5BB0FCC.mlw
path: /opt/CAPEv2/storage/binaries/22d9944e521395d96aff7496e0cf30c32dd7ba6a3d45e8e27cfbf8f1f8cd33d2
crc32: 74C1C2DB
md5: 6945dc0c59d2b5bb0fccbf2b69a68d4f
sha1: c471bc2768e2c7ec9c68bd44aaac12600349d529
sha256: 22d9944e521395d96aff7496e0cf30c32dd7ba6a3d45e8e27cfbf8f1f8cd33d2
sha512: fd1074a44282e8b3b7f56da8871125d5c191748689d6ce55c4174873fabb06e46b3eeab51db0f113975cc3dd98d4c771b4be6023d521f636147204a00fe4d62a
ssdeep: 12288:Tz3zKQeW1zRRaMMMMM2MMMMMF3zKDSDyo1tjV:2K1zRRaMMMMM2MMMMMQmDyo1tjV
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D6252E02931240A7E55438B5C45A7B880750AFF83DA7E67AFD617406FA72BCA44336FE
sha3_384: 57aa529682f576efae44d978feaa2084d6bccff82f58f0cae3ae91a38aa74c092bc63c34d832e3530e1bc5d7823f4821
ep_bytes: 5633f656565656ff150810000156ff15
timestamp: 2002-07-30 01:25:22

Version Info:
CompanyName: Microsoft Corporation
FileDescription: Windows Media Player
FileVersion: 6.4.09.1125
InternalName: MPlayer2.exe
LegalCopyright: Copyright (C) 1992-1999 Microsoft Corp.
OriginalFilename: MPlayer2.exe
ProductName: Microsoft Windows Media Player
ProductVersion: 6.4.09.1125
DirectShow: Windows Media Player
OLESelfRegister: 
Translation: 0x0409 0x04b0

Generik.EBDGQBA also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Johnnie.263431
FireEye	Generic.mg.6945dc0c59d2b5bb
McAfee	Artemis!6945DC0C59D2
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_90% (D)
BitDefender	Gen:Variant.Johnnie.263431
Cyren	W32/Patched.BW.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Generik.EBDGQBA
APEX	Malicious
Paloalto	generic.ml
ClamAV	Win.Trojan.Agent-6949182-1
Alibaba	Trojan:Win32/Zygug.1a0555c4
Ad-Aware	Gen:Variant.Johnnie.263431
Emsisoft	Gen:Variant.Johnnie.263431 (B)
McAfee-GW-Edition	BehavesLike.Win32.Mabezat.dm
Sophos	Mal/Generic-S
Ikarus	Worm.Win32.Mabezat
Jiangmin	Heur.Zygug.h
MaxSecure	Win.MxResIcn.Heur.Gen
Avira	TR/Zygug.AB
Microsoft	Trojan:Win32/Occamy.C
GData	Win32.Trojan.PSE.1WFDCAS
Cynet	Malicious (score: 100)
ALYac	Gen:Variant.Johnnie.263431
MAX	malware (ai score=96)
Tencent	Win32.Trojan.Zygug.Wopx
SentinelOne	Static AI – Suspicious PE
eGambit	Unsafe.AI_Score_93%
Fortinet	W32/Generic.AC.426B!tr
AVG	Win32:Patched-ATD [Trj]
Cybereason	malicious.c59d2b
Avast	Win32:Patched-ATD [Trj]

How to remove Generik.EBDGQBA?

Generik.EBDGQBA removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X