Backdoor:Win32/Zonebac!E removal tips

The Backdoor:Win32/Zonebac!E is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Backdoor:Win32/Zonebac!E virus can do?

Authenticode signature is invalid

How to determine Backdoor:Win32/Zonebac!E?


File Info:
name: FD26335A43A126619B0E.mlw
path: /opt/CAPEv2/storage/binaries/bfa68a84d0b5757a5a39f2dcba3e99231f6bc9c329145bb139e57cfa6a6b4df0
crc32: 244AB10F
md5: fd26335a43a126619b0ef1aa928b358a
sha1: 082761d7ad68fcf6943a2a8e5566b8333ac76026
sha256: bfa68a84d0b5757a5a39f2dcba3e99231f6bc9c329145bb139e57cfa6a6b4df0
sha512: 36af3a57cbf138aa39d719274fbbf8f7a736dab457a50d31dd8aa88e2bd7476531388fdb05a5cefb61a0ce2b4de5e0ff9a902908529d433a042ae5e6f7707201
ssdeep: 384:RrvHdR4J+vICXMxWtE/+Rt+tDnXOpuV9p/ELl1rihS8VRuNv/HiF73M12J3k+L:RDHdA+pcxcE/+SXWU/ELChS8VRUEztL
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T188039B8BA383CEF3F69C20B6259567D96DE64C612263D6D29CB324F207B25BFD214701
sha3_384: c9a65fb861e5aac18e49f74f85625a3c3c3c30d8a36f4baf5281698615cdd15aca017b66f70f85e3e74cd6e8f414f9c1
ep_bytes: 6a0c68786b0010e8a601000033c04089
timestamp: 2006-09-26 21:55:34

Version Info:
0: [No Data]

Backdoor:Win32/Zonebac!E also known as:

Lionic	Trojan.Multi.Generic.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	DeepScan:Generic.Malware.Pf!dld!.C776802E
FireEye	Generic.mg.fd26335a43a12661
Skyhigh	BehavesLike.Win32.Generic.pt
ALYac	DeepScan:Generic.Malware.Pf!dld!.C776802E
Cylance	unsafe
K7AntiVirus	Trojan-Downloader ( 0055e3da1 )
Alibaba	Backdoor:Win32/Zonebac.c55e20f0
K7GW	Trojan-Downloader ( 0055e3da1 )
CrowdStrike	win/malicious_confidence_90% (W)
Arcabit	DeepScan:Generic.Malware.Pf!dld!.CDBDA62E
BitDefenderTheta	Gen:NN.ZedlaF.36680.cq4@aCaaKJk
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/TrojanDownloader.Agent.RMP
Cynet	Malicious (score: 100)
Kaspersky	UDS:DangerousObject.Multi.Generic
BitDefender	DeepScan:Generic.Malware.Pf!dld!.C776802E
NANO-Antivirus	Trojan.Win32.Zonebac.cypcuw
Avast	Win32:Downloader-EF [Trj]
Tencent	Win32.Trojan-Downloader.Oader.Ssmw
Emsisoft	DeepScan:Generic.Malware.Pf!dld!.C776802E (B)
F-Secure	Trojan.TR/Downloader.Gen
VIPRE	DeepScan:Generic.Malware.Pf!dld!.C776802E
Sophos	Mal/Generic-S
SentinelOne	Static AI – Malicious PE
Avira	TR/Downloader.Gen
Antiy-AVL	Trojan/Win32.SGeneric
Kingsoft	malware.kb.a.999
Xcitium	Malware@#pa26jabvv57i
Microsoft	Backdoor:Win32/Zonebac.gen!E
ZoneAlarm	UDS:DangerousObject.Multi.Generic
GData	DeepScan:Generic.Malware.Pf!dld!.C776802E
Google	Detected
McAfee	Artemis!FD26335A43A1
Panda	Generic Malware
Yandex	Backdoor.Zonebac!SE0XMDzlSIw
Ikarus	Trojan-Dropper.Agent
MaxSecure	Trojan.Malware.8972671.susgen
AVG	Win32:Downloader-EF [Trj]
DeepInstinct	MALICIOUS

How to remove Backdoor:Win32/Zonebac!E?

Backdoor:Win32/Zonebac!E removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X