How to remove “Win32/Kryptik.GZPG”?

The Win32/Kryptik.GZPG is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32/Kryptik.GZPG virus can do?

The binary likely contains encrypted or compressed data.
The executable is compressed using UPX

How to determine Win32/Kryptik.GZPG?


File Info:
crc32: F276BD75
md5: 0834595393a68716e6af02c86fed22c0
name: ztx777.exe
sha1: a1226559a99cec3fb44ca57f7b5afd063d64f46f
sha256: 38227cba098cf881b7ccb7cbce2228ac0aa4577894167cc6bbbfb5f3ca4cd846
sha512: 8f4bf0615725b59b51b6d462f48aad96a3fb57d72747c587251396ddef0370e5f3615459e4884083f60c88bc12fd7a91d3fbbafced05f8194227bb6ea707acdc
ssdeep: 6144:pftVa3cs0EUsc+w52S2z10iYAtCxALslEtkGxcmRdgyuK/6l8ID4:RuvFUsn02SS/CKLsStnmmRdg18ID4
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed

Version Info:
LegalCopyright: Copyright xa9Compass.  All rights reserved.
InternalName: 2500
FileVersion: 2.2.6.4
CompanyName: Compass
LegalTrademarks: Copyright xa9Compass.  All rights reserved.
ProductName: 2500
Languages: English
ProductVersion: 2.2.6.4
FileDescription: Minimize Rim Mdems Attacks Persistent
OriginalFilename: 2500
Translation: 0x0409 0x04b0

Win32/Kryptik.GZPG also known as:

MicroWorld-eScan	Trojan.GenericKD.42127118
FireEye	Generic.mg.0834595393a68716
McAfee	Artemis!0834595393A6
AegisLab	Trojan.Multi.Generic.4!c
BitDefender	Trojan.GenericKD.42127118
K7GW	Trojan ( 0055d9991 )
Symantec	Trojan.Gen.2
APEX	Malicious
ClamAV	Win.Trojan.Agent-7461032-0
GData	Trojan.GenericKD.42127118
Kaspersky	UDS:DangerousObject.Multi.Generic
Rising	Trojan.Generic@ML.82 (RDML:fB8OUd63kC2hafsBgyZ8gw)
Endgame	malicious (moderate confidence)
DrWeb	Trojan.Spynet.33
McAfee-GW-Edition	BehavesLike.Win32.BadFile.dc
Trapmine	malicious.high.ml.score
Emsisoft	Trojan.GenericKD.42127118 (B)
Ikarus	Trojan.Win32.Crypt
Cyren	W32/Trojan.YSAK-2450
MAX	malware (ai score=99)
Arcabit	Trojan.Generic.D282CF0E
ZoneAlarm	UDS:DangerousObject.Multi.Generic
Microsoft	Trojan:Win32/Bomitag.D!ml
VBA32	BScope.Trojan.Bomitag
Ad-Aware	Trojan.GenericKD.42127118
Malwarebytes	Trojan.Downloader
Panda	Trj/CI.A
ESET-NOD32	a variant of Win32/Kryptik.GZPG
Fortinet	W32/Kryptik.GZPG!tr
BitDefenderTheta	Gen:NN.ZexaF.33556.smKfaCsiA9li
CrowdStrike	win/malicious_confidence_60% (W)
Qihoo-360	HEUR/QVM11.1.FB7D.Malware.Gen

How to remove Win32/Kryptik.GZPG?

Win32/Kryptik.GZPG removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X