Backdoor

Should I remove “Backdoor:Win32/Vonost.A”?

Malware Removal

The Backdoor:Win32/Vonost.A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor:Win32/Vonost.A virus can do?

  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Backdoor:Win32/Vonost.A?



File Info:

name: DC825563B099898D35BE.mlw
path: /opt/CAPEv2/storage/binaries/9339d51983cef7f20e2fd3b5221624568225fcb2b1f82f99ee6be2160f39ba80
crc32: 5E3802AE
md5: dc825563b099898d35bed3c1eb344038
sha1: 87020ff0edc43b7708a5c5a75974365b66cf61c5
sha256: 9339d51983cef7f20e2fd3b5221624568225fcb2b1f82f99ee6be2160f39ba80
sha512: 57ec56a5961610c2214feebf1c36f5c04d9d68702238eab911f489f59ff78b4f450d38a548a7dbc405b869d6f545ad040d7d53e171a2fab8d46298cf1b630ae5
ssdeep: 1536:sTQeF7f8hnZd9tpjgfnvGhsA3tuNADq8GvSowOO2FdN5KLv:skeFoh3FCehsAtu+sO2Fv5KLv
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C8A35B10B5C6C172C046103548E6C7B29BB9BD356B78D9D3F7941B7A6F222C1BA3E349
sha3_384: 705af178cf867464f0543213337a0e53b5ae4ef7c4efef76ca2481d50426f45ff277c58d6a745c1be6eafb7d8f3dd288
ep_bytes: e8f9620000e978feffff6a0c68687241
timestamp: 2012-03-19 11:40:20


Version Info:

FileDescription: 更新程序
FileVersion: 1, 0, 0, 1
InternalName: 更新程序
LegalCopyright: 更新程序
OriginalFilename: 更新程序
ProductName: 更新程序
ProductVersion: 1, 0, 0, 1
Translation: 0x0804 0x04b0

Backdoor:Win32/Vonost.A also known as:

LionicTrojan.Win32.Generic.4!c
tehtrisGeneric.Malware
MicroWorld-eScanTrojan.GenericKD.68680887
FireEyeGeneric.mg.dc825563b099898d
McAfeeRDN/Generic BackDoor
MalwarebytesMalware.AI.1684732967
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 00082cd81 )
AlibabaBackdoor:Win32/Vonost.2035135f
K7GWTrojan ( 00082cd81 )
BitDefenderThetaGen:NN.ZexaF.36662.gq0@aWEbHiej
SymantecBackdoor.Trojan
ESET-NOD32a variant of Win32/Agent.PIC
APEXMalicious
BitDefenderTrojan.GenericKD.68680887
AvastWin32:MalwareX-gen [Trj]
TencentWin32.Trojan.Agent.Dkjl
SophosMal/Generic-S
F-SecureTrojan.TR/Agent.pfspw
DrWebDLOADER.Trojan
VIPRETrojan.GenericKD.68680887
TrendMicroTROJ_GEN.R002C0DHH23
McAfee-GW-EditionRDN/Generic BackDoor
EmsisoftTrojan.GenericKD.68680887 (B)
GDataTrojan.GenericKD.68680887
WebrootW32.Malware.Gen
AviraTR/Agent.pfspw
Antiy-AVLTrojan[Backdoor]/Win32.Vonost
ArcabitTrojan.Generic.D417FCB7
MicrosoftBackdoor:Win32/Vonost.A
CynetMalicious (score: 99)
VBA32suspected of Trojan.Downloader.gen
ALYacTrojan.GenericKD.68680887
MAXmalware (ai score=88)
Cylanceunsafe
PandaTrj/Chgt.AD
TrendMicro-HouseCallTROJ_GEN.R002C0DHH23
RisingBackdoor.Vonost!1.6476 (CLASSIC)
MaxSecureTrojan.Malware.215845432.susgen
FortinetW32/Agent.QSJ!tr
AVGWin32:MalwareX-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Backdoor:Win32/Vonost.A?

Backdoor:Win32/Vonost.A removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment