Generik.HHSJUPO removal

The Generik.HHSJUPO file is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

What Generik.HHSJUPO virus can do?

• Attempts to connect to a dead IP:Port (3 unique times)
• A process attempted to delay the analysis task.
• Starts servers listening on 0.0.0.0:19490
• Expresses interest in specific running processes
• Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
• Unconventionial language used in binary resources: Chinese (Simplified)
• The binary likely contains encrypted or compressed data.
• Installs itself for autorun at Windows startup
• Creates a hidden or system file
• Checks the CPU name from registry, possibly for anti-virtualization
• Creates a copy of itself
• A possible cryptomining command was executed
• A cryptomining command containing a stratum protocol address was executed

How to determine Generik.HHSJUPO?

General:
Operating System: Windows 7 / 8 / 8.1 / 10
Virus Name: Riskware ( 0040eff71 )


File Info:
Name: 360se.exe
Size: 1175552
Type: PE32 executable (GUI) Intel 80386, for MS Windows
MD5: 468f76b72c5195c24e29391cc630ed9f
SHA1: 437b9db082540a8a2f32cad4c4c74db54a5bc442
SH256: 704a255616e281784691fc726ed362aec694aab75de45259145c0b94d8209046
 
Version Info:
 [No Data] 

Generik.HHSJUPO also known as:

ALYac	Generic.Servstart.E.FE57B18A
APEX	Malicious
AVG	FileRepMalware
Ad-Aware	Generic.Servstart.E.FE57B18A
AegisLab	Trojan.Win32.Servstart.4!c
AhnLab-V3	Trojan/Win32.Nitol.C3553726
Alibaba	DDoS:Win32/Miner.3c7b17d1
Antiy-AVL	Trojan/Win32.Miner
Arcabit	Generic.Servstart.E.FE57B18A
Avira	BDS/Zegost.klzeimd
BitDefender	Generic.Servstart.E.FE57B18A
BitDefenderTheta	Gen:Trojan.Heur.RP.hrW@aik!A8hb
CAT-QuickHeal	DDoS.Nitol
ClamAV	Win.Trojan.Agent-7380947-0
Comodo	TrojWare.Win32.TrojanDownloader.Small.DG@1d0x87
CrowdStrike	win/malicious_confidence_100% (W)
Cybereason	malicious.72c519
Cylance	Unsafe
Cyren	W32/KillAV.AU.gen!Eldorado
DrWeb	DLOADER.Trojan
ESET-NOD32	a variant of Generik.HHSJUPO
Emsisoft	Generic.Servstart.E.FE57B18A (B)
Endgame	malicious (high confidence)
F-Prot	W32/KillAV.AU.gen!Eldorado
F-Secure	Backdoor.BDS/Zegost.klzeimd
FireEye	Generic.mg.468f76b72c5195c2
Fortinet	W32/Miner.ACABQ!tr
GData	Generic.Servstart.E.FE57B18A
Ikarus	Trojan.Win32.ServStart
Invincea	heuristic
K7AntiVirus	Riskware ( 0040eff71 )
K7GW	Riskware ( 0040eff71 )
Kaspersky	Trojan.Win32.Miner.acabq
MAX	malware (ai score=99)
Malwarebytes	RiskWare.BitCoinMiner.Drop
MaxSecure	Trojan.Malware.300983.susgen
McAfee	Artemis!468F76B72C51
McAfee-GW-Edition	BehavesLike.Win32.Dropper.tc
MicroWorld-eScan	Generic.Servstart.E.FE57B18A
Microsoft	DDoS:Win32/Nitol.B
Paloalto	generic.ml
Panda	Trj/CI.A
Qihoo-360	Win32/Backdoor.IM.b2a
Rising	Backdoor.Farfli!1.64B3 (CLASSIC)
SentinelOne	DFI – Malicious PE
Sophos	Mal/Behav-026
Symantec	ML.Attribute.HighConfidence
Trapmine	malicious.high.ml.score
TrendMicro	Coinminer.Win32.MALXMR.SMBM4
TrendMicro-HouseCall	Coinminer.Win32.MALXMR.SMBM4
VIPRE	Trojan.Win32.Nitol.b (v)
Webroot	W32.Malware.Gen
ZoneAlarm	Trojan.Win32.Miner.acabq
eGambit	Unsafe.AI_Score_99%

How to remove Generik.HHSJUPO?

• Download and install GridinSoft Anti-Malware.
• Open GridinSoft Anti-Malware and perform a “Standard scan“.
• “Move to quarantine” all items.
• Open “Tools” tab – Press “Reset Browser Settings“.
• Select proper browser and options – Click “Reset”.
• Restart your computer.