Trojan.Win32.Zenfly.ld removal guide

The Trojan.Win32.Zenfly.ld is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Trojan.Win32.Zenfly.ld virus can do?

Executable code extraction
Creates RWX memory
A process attempted to delay the analysis task.
Reads data out of its own binary image
Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)
The binary likely contains encrypted or compressed data.
The executable is compressed using UPX
Uses Windows utilities for basic functionality
Creates a hidden or system file
Attempts to modify proxy settings

Related domains:

z.whorecord.xyz

a.tomx.xyz

www.xmgq68.com

www.bing.com

How to determine Trojan.Win32.Zenfly.ld?


File Info:
crc32: 4474E639
md5: 2cbec8140e278438ca54b16ba714596d
name: gqkd.exe
sha1: 5cefafb2a5bac5e008f09ddbe37427fb459ba481
sha256: 91ac6f5bb77d295458bd10953c39eaa4c1fa74e62236d67914bc443c0c9ab8e4
sha512: a16497374505d19579321b27487df1def0b923a488310821f5d35c61d7f248508fec8ad3063e3f0dc0ebe75d88a1b9bc8ebf3bb1159983dcd3f9ef45b4266a75
ssdeep: 98304:FCCufOOTk2M15tv16ex9KeK6/0tEHtl3HFheIqPjxldnL:FBuffk9x6C5sST3Hajd
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed

Version Info:
LegalCopyright: x56fax4e54x5de5x4f5cx5ba4
FileVersion: 7.0.0.0
CompanyName: x56fax4e54x5de5x4f5cx5ba4
Comments: x6570x767ex5bb6x5febx9012x6279x91cfx67e5x8be2x5de5x5177
ProductName: x56fax4e54x5febx9012x67e5x8be2x52a9x624b
ProductVersion: 7.0.0.0
FileDescription: x5febx9012x516cx53f8x81eax52a8x8bc6x522bx3001x5febx9012x5355x53f7x6279x91cfx67e5x8be2x8f6fx4ef6
Translation: 0x0804 0x04b0

Trojan.Win32.Zenfly.ld also known as:

Bkav	W32.AIDetectVM.malware2
MicroWorld-eScan	Trojan.GenericKD.41893209
FireEye	Generic.mg.2cbec8140e278438
McAfee	Artemis!2CBEC8140E27
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
AegisLab	Trojan.Win32.Zenfly.4!c
BitDefender	Trojan.GenericKD.41893209
Cybereason	malicious.40e278
BitDefenderTheta	Gen:NN.ZexaF.34100.0pKfaqw4O4mb
F-Prot	W32/Trojan.CLL.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Paloalto	generic.ml
GData	Trojan.GenericKD.41893209
Kaspersky	Trojan.Win32.Zenfly.ld
Alibaba	Trojan:Win32/Zenfly.6f430318
NANO-Antivirus	Virus.Win32.Agent.dvixmz
Avast	Win32:Malware-gen
Tencent	Win32.Trojan.Zenfly.Huqg
Ad-Aware	Trojan.GenericKD.41893209
Sophos	Mal/Generic-S
Comodo	Packed.Win32.Cryptcf.A@4pwi81
F-Secure	Trojan.TR/Tonmye.wmfdt
Zillya	Trojan.Zenfly.Win32.50
Invincea	heuristic
McAfee-GW-Edition	BehavesLike.Win32.Generic.wc
Emsisoft	Trojan.GenericKD.41893209 (B)
SentinelOne	DFI – Malicious PE
Cyren	W32/Trojan.CLL.gen!Eldorado
Avira	TR/Tonmye.wmfdt
Antiy-AVL	Trojan/Win32.Zenfly
Endgame	malicious (moderate confidence)
Arcabit	Trojan.Generic.D27F3D59
ZoneAlarm	Trojan.Win32.Zenfly.ld
Microsoft	Trojan:Win32/Tonmye.gen!rfn
Acronis	suspicious
VBA32	BScope.Trojan.Tiggre
ALYac	Trojan.GenericKD.41893209
MAX	malware (ai score=99)
Malwarebytes	RiskWare.BlackMoon
ESET-NOD32	a variant of Win32/Packed.BlackMoon.A potentially unwanted
Rising	Trojan.Kryptik!1.B3E8 (TFE:5:51PKsw7xEiM)
Yandex	Trojan.Zenfly!
Ikarus	Virus.Win32.Heur
eGambit	Unsafe.AI_Score_99%
Fortinet	W32/QQWare.A!tr
AVG	Win32:Malware-gen
Panda	Trj/CI.A
CrowdStrike	win/malicious_confidence_90% (W)
MaxSecure	Trojan.Malware.74556257.susgen

How to remove Trojan.Win32.Zenfly.ld?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Trojan.Win32.Zenfly.ld removal guide