Win32/GenKryptik.FFIF removal instruction

The Win32/GenKryptik.FFIF is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Win32/GenKryptik.FFIF virus can do?

• Executable code extraction
• Attempts to connect to a dead IP:Port (1 unique times)
• Creates RWX memory
• At least one IP Address, Domain, or File Name was found in a crypto call
• Reads data out of its own binary image

How to determine Win32/GenKryptik.FFIF?

File Info:
crc32: 35570C3E
md5: 9f8ec4203168e2f6bc6e7a7340f50307
name: 9F8EC4203168E2F6BC6E7A7340F50307.mlw
sha1: 434d6315df08a620a4704a74fd6fb447cb064bed
sha256: 52243eebd8535958d91ac6f2e50bfaeafff4fb7d967ff18c8b5da0eaf57a7ee2
sha512: da4299a2e2e9be717f0236258fd8f05e1f6446b34b4f729a1dbf785e6f38ed07d9a28570af70005c1ef40de995ff3650626a039be93073554d673cfed705438e
ssdeep: 12288:AbMr9Z/ztemeF414FB4ycKSHtqAYLHVa+SbwwG:AbaZ/zU414hRSHiHAhbzG
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: Copyright (C) 2002
InternalName: kromptEdit_Demo
FileVersion: 1, 0, 0, 1
CompanyName: 
LegalTrademarks: 
ProductName: kromptEdit_Demo Application
ProductVersion: 1, 0, 0, 1
FileDescription: kromptEdit_Demo MFC Application
OriginalFilename: kromptEdit_Demo.EXE
Translation: 0x0409 0x04b0

Win32/GenKryptik.FFIF also known as:

How to remove Win32/GenKryptik.FFIF?

• Download and install GridinSoft Anti-Malware.
• Open GridinSoft Anti-Malware and perform a “Standard scan“.
• “Move to quarantine” all items.
• Open “Tools” tab – Press “Reset Browser Settings“.
• Select proper browser and options – Click “Reset”.
• Restart your computer.