Malware

Win32/Kryptik.AEGF removal guide

Malware Removal

The Win32/Kryptik.AEGF is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Kryptik.AEGF virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Creates RWX memory
  • The binary likely contains encrypted or compressed data.
  • Steals private information from local Internet browsers
  • Exhibits behavior characteristic of Pony malware
  • Exhibits possible ransomware file modification behavior
  • Creates a hidden or system file
  • Harvests credentials from local FTP client softwares

Related domains:

spna.ca

How to determine Win32/Kryptik.AEGF?



File Info:

crc32: 4A232684
md5: b2eda99aad21d20d9462d24957c8ce2c
name: B2EDA99AAD21D20D9462D24957C8CE2C.mlw
sha1: 84d22970938665c406e33e58376376bdfde08682
sha256: 2213dfa0542f7e14d95cfaaa34db8431f4ccdecf0e584d529597d441a263e40b
sha512: 84e7cc1c60bdd5f68f297a0085286dfb35cd02dcebb939fc0f5afd0b976172b0be581a5e5b0f43463fd998f6d770c4b6c537a9a031a4ea53dcbfc9d13b764068
ssdeep: 3072:o0C+7uOwhv6jKh48D7zOXbUEbp4h+vT/m9flq7:5CoMlcKV/Wa6gl6
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: xa9 Microsoft Corporation. All rights reserved.
InternalName: DFDWiz.exe
FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
CompanyName: Microsoft Corporation
ProductName: Microsoftxae Windowsxae Operating System
ProductVersion: 6.1.7600.16385
FileDescription: Windows Disk Diagnostic User Resolver
OriginalFilename: DFDWiz.exe
Translation: 0x0409 0x04b0

Win32/Kryptik.AEGF also known as:

BkavW32.AIDetectVM.malware1
Elasticmalicious (high confidence)
DrWebTrojan.PWS.Multi.600
MicroWorld-eScanGen:Variant.Razy.764854
FireEyeGeneric.mg.b2eda99aad21d20d
ALYacGen:Variant.Razy.764854
CylanceUnsafe
VIPRETrojan.Win32.Reveton.ca (v)
SangforMalware
K7AntiVirusTrojan ( 0040f02a1 )
BitDefenderGen:Variant.Razy.764854
K7GWTrojan ( 0040f02a1 )
Cybereasonmalicious.aad21d
TrendMicroTROJ_REVETON.SMZ
BitDefenderThetaAI:Packer.E06E11301F
SymantecPacked.Generic.459
APEXMalicious
AvastWin32:Kryptik-ILG [Trj]
ClamAVWin.Packed.Zbot-9759666-0
KasperskyTrojan-PSW.Win32.Fareit.feuo
ViRobotTrojan.Win32.A.Foreign.125604[UPX]
TencentMalware.Win32.Gencirc.11b105b2
Ad-AwareGen:Variant.Razy.764854
TACHYONTrojan/W32.Krap.136288
SophosTroj/Zbot-DHN
BaiduWin32.Adware.Kryptik.b
InvinceaTroj/Zbot-DHN
McAfee-GW-EditionPWS-Zbot.gen.bey
EmsisoftGen:Variant.Razy.764854 (B)
JiangminTrojan/PSW.Tepfer.ix
AviraTR/PSW.Fareit.C
Antiy-AVLGrayWare/Win32.Kryptik.ehls
MicrosoftPWS:Win32/Fareit
GridinsoftSpy.Win32.Zbot.vl!i
ArcabitTrojan.Razy.DBABB6
ZoneAlarmTrojan-PSW.Win32.Fareit.feuo
GDataGen:Variant.Razy.764854
CynetMalicious (score: 90)
AhnLab-V3Trojan/Win32.RL_Reveton.R355321
McAfeeGenericRXAA-AA!B2EDA99AAD21
MAXmalware (ai score=86)
VBA32BScope.Malware-Cryptor.SB.01798
ESET-NOD32a variant of Win32/Kryptik.AEGF
TrendMicro-HouseCallTROJ_REVETON.SMZ
RisingWorm.Picsys!8.157 (TFE:3:3FyIIRhJBxL)
SentinelOneStatic AI – Malicious PE
FortinetW32/Lockscreen.LOA!tr
AVGWin32:Kryptik-ILG [Trj]
CrowdStrikewin/malicious_confidence_100% (D)
Qihoo-360HEUR/QVM19.1.44A7.Malware.Gen

How to remove Win32/Kryptik.AEGF?

Win32/Kryptik.AEGF removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment