Malware

Win32/Kryptik.GDQS removal guide

Malware Removal

The Win32/Kryptik.GDQS is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Win32/Kryptik.GDQS virus can do?

  • Executable code extraction
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Queries information on disks, possibly for anti-virtualization

How to determine Win32/Kryptik.GDQS?


File Info:

crc32: 12A0263C
md5: c93f10a45e43804d55058e665490817f
name: C93F10A45E43804D55058E665490817F.mlw
sha1: bdd1fc9cd51de1bb0960a7c0a871bfb5f659ea84
sha256: 1e4e31211d2ed2035b7b66c157a5b59b47872edb9925173392f3bb0a3307a282
sha512: b0c9d382c5bcfe41f9c26e0838c06bfad9a0cd88f7e7f73f5d64b09515039ddf255550f41dfc800c2987b944fc3e1615985ef84e15df7eb454e116a6af7cbdd6
ssdeep: 24576:k/ef36DaCuLJxeVsfUjj+l4wW8YDXm5LWZMkY8Avrb2vcO4z1Pq3eAvI:k/g36DHSfg8W/ATyvcO4z1Pq3eAQ
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

0: [No Data]

Win32/Kryptik.GDQS also known as:

K7AntiVirusTrojan ( 00537eb21 )
Elasticmalicious (high confidence)
DrWebTrojan.InstallCube.2682
CynetMalicious (score: 100)
CAT-QuickHealTrojan.Ekstak.A02
ALYacGen:Variant.Zusy.405483
CylanceUnsafe
ZillyaTrojan.Generic.Win32.387762
AlibabaTrojan:Win32/Katusha.9e986113
K7GWTrojan ( 005236cf1 )
Cybereasonmalicious.45e438
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.GDQS
APEXMalicious
AvastWin32:AdwareX-gen [Adw]
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Zusy.405483
NANO-AntivirusTrojan.Win32.InstallCube.eygenl
MicroWorld-eScanGen:Variant.Zusy.405483
TencentMalware.Win32.Gencirc.114cee29
Ad-AwareGen:Variant.Zusy.405483
SophosGeneric PUA LN (PUA)
ComodoApplication.Win32.ICLoader.GBFV@7jejfn
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionPacked-VJ!C93F10A45E43
FireEyeGeneric.mg.c93f10a45e43804d
EmsisoftApplication.AdLoad (A)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Generic.cvalv
AviraADWARE/ICLoader.Gen7
eGambitUnsafe.AI_Score_95%
Antiy-AVLTrojan/Generic.ASMalwS.29BA196
MicrosoftPUADlManager:Win32/InstallCube
GDataGen:Variant.Zusy.405483
AhnLab-V3PUP/Win32.ICLoader.R222045
Acronissuspicious
McAfeePacked-VJ!C93F10A45E43
MAXmalware (ai score=96)
VBA32BScope.Trojan.Ekstak
MalwarebytesAdware.LoadMoney
PandaTrj/Genetic.gen
RisingTrojan.Kryptik!1.AFA6 (CLASSIC)
YandexTrojan.GenAsa!MNd/VX05CiA
IkarusPUA.FileTour
MaxSecureAdware.ICLoader.gen
FortinetW32/CoinMiner.GYQC!tr
AVGWin32:AdwareX-gen [Adw]
Paloaltogeneric.ml

How to remove Win32/Kryptik.GDQS?

Win32/Kryptik.GDQS removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment