How to remove “Trojan.Win32.Zenpak.vbm”?

The Trojan.Win32.Zenpak.vbm is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan.Win32.Zenpak.vbm virus can do?

Executable code extraction
Creates RWX memory
Unconventionial language used in binary resources: Chinese (Traditional)
Network activity detected but not expressed in API logs
Anomalous binary characteristics

How to determine Trojan.Win32.Zenpak.vbm?


File Info:
crc32: 0397DF22
md5: 11b8efff764fbce74b43aea7f4c95b14
name: soft.exe
sha1: 7a94694d7e5684310b665e82b7ce77cc16282b32
sha256: a9bb9b749030ba6312d598ae897d3a22388476bd31a3f6b38ebd4a62a50145aa
sha512: f60da34be97bb53b7c8bf22b9feb4dd44e8d9fa6229d9e6bfd10185b6ae70c139c8a18703824e80637c6170d388519c08225b864ddef689ebb57a07932ac3990
ssdeep: 384:Xz2RKr1Ys0Kp2AoXLB6z0/VhhBQe4XpYkPxVuSobXmvUxiQ0p2d6600zEJ:XGKrEYyPQe4XqkJVuSUWvc6/6tw
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
Translation: 0x0404 0x04b0
InternalName: Amfibiet2
FileVersion: 1.00
CompanyName: Unlove4
Comments: Allegorie7
ProductName: Damozel
ProductVersion: 1.00
FileDescription: Indskrn
OriginalFilename: Amfibiet2.exe

Trojan.Win32.Zenpak.vbm also known as:

DrWeb	Trojan.DownLoader33.2866
MicroWorld-eScan	Trojan.GenericKD.33287266
FireEye	Trojan.GenericKD.33287266
Qihoo-360	Win32/Trojan.377
McAfee	Fareit-FRM!11B8EFFF764F
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Malware
K7AntiVirus	Trojan ( 00560ad61 )
BitDefender	Trojan.GenericKD.33287266
K7GW	Trojan ( 00560ad61 )
BitDefenderTheta	Gen:NN.ZevbaF.34090.dm0@aSa8VXgb
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
GData	Trojan.GenericKD.33287266
Kaspersky	Trojan.Win32.Zenpak.vbm
Alibaba	Backdoor:Win32/KZip.3e4c3a20
NANO-Antivirus	Trojan.Win32.GenKryptik.hbaimx
Rising	Trojan.GenKryptik!8.AA55 (CLOUD)
Ad-Aware	Trojan.GenericKD.33287266
Sophos	Mal/Generic-S
McAfee-GW-Edition	BehavesLike.Win32.Trojan.qt
Trapmine	suspicious.low.ml.score
Emsisoft	Trojan.GenericKD.33287266 (B)
Ikarus	Trojan.Win32.Krypt
MAX	malware (ai score=85)
Arcabit	Trojan.Generic.D1FBEC62
AegisLab	Trojan.Win32.Zenpak.4!c
ZoneAlarm	Trojan.Win32.Zenpak.vbm
Microsoft	Trojan:Win32/Occamy.C
ALYac	Trojan.GenericKD.33287266
Malwarebytes	Trojan.MalPack.VB
Panda	Trj/GdSda.A
ESET-NOD32	a variant of Win32/Injector.EKOW
SentinelOne	DFI – Suspicious PE
eGambit	Unsafe.AI_Score_76%
Fortinet	W32/Zenpak.EDOU!tr
AVG	Win32:Trojan-gen
Avast	Win32:Trojan-gen
CrowdStrike	win/malicious_confidence_60% (W)

How to remove Trojan.Win32.Zenpak.vbm?

Trojan.Win32.Zenpak.vbm removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X