Malware

How to remove “Generik.KUNDLUU potentially unwanted”?

Malware Removal

The Generik.KUNDLUU potentially unwanted is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generik.KUNDLUU potentially unwanted virus can do?

  • Presents an Authenticode digital signature
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Performs some HTTP requests
  • The binary likely contains encrypted or compressed data.
  • Attempts to modify proxy settings
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz
get.ytddownloader.com

How to determine Generik.KUNDLUU potentially unwanted?



File Info:

crc32: 7E5F37AF
md5: 17d7492eda58648970d0cfa0ecad0c78
name: 17D7492EDA58648970D0CFA0ECAD0C78.mlw
sha1: 58d9aefc121aef573970474c97e3980d432e4e9b
sha256: c618d8a14b2298602e210072b0304becf1c349269b7041bfeaf80337981760cb
sha512: cec913dd7f2d61a9836587e28b4982473dab6b38495ea1c2df9f2213b63cb2543c541dbab3d8c5b50266d55cb059df4cd5b3c237a0b8ee902af3c927a6d51ef9
ssdeep: 3072:CweqOYEUXPnD7Ozd8yNkaqJC94na4fWT9bM:/EUXb6yyKanl4fw9bM
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: (c) 2015 GreenTree Applications SRL. All rights reserved.
InternalName: YTDStubInstaller
FileVersion: 4.9.2.3
CompanyName: GreenTree Applications SRL
ProductName: YTD Video Downloader
ProductVersion: 4.9.2.3
FileDescription: YTD Video Downloader stub installer
OriginalFilename: YTDStub.exe
Translation: 0x0000 0x04b0

Generik.KUNDLUU potentially unwanted also known as:

DrWebTrojan.DownLoader26.18118
CylanceUnsafe
CrowdStrikewin/malicious_confidence_100% (D)
ESET-NOD32a variant of Generik.KUNDLUU potentially unwanted
ClamAVWin.Adware.Generic-6628996-0
WebrootPua.Ytdownloader
MicrosoftPUA:Win32/YTDVideoDownload
GridinsoftPUP.YTDDownloader.dd!c
GDataWin32.Adware.YTDownloader.B
VBA32Trojan.Downloader
MalwarebytesPUP.Optional.YTDVideoDownloader
YandexPUA.Downware!kg7duxc4o8U

How to remove Generik.KUNDLUU potentially unwanted?

Generik.KUNDLUU potentially unwanted removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment