Trojan:Win32/Znyonm removal instruction

The Trojan:Win32/Znyonm is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan:Win32/Znyonm virus can do?

Reads data out of its own binary image
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Trojan:Win32/Znyonm?


File Info:
name: 1DA8210F15BDEB76D760.mlw
path: /opt/CAPEv2/storage/binaries/0fa80698a35b4c2a50017e5c61ee63df5ee39ff18b1d1c97d9381401ec1c3c5a
crc32: 2F56B81C
md5: 1da8210f15bdeb76d760c405c2c021c1
sha1: 7c4c2814edeb35fdbc619f151c235487da262acc
sha256: 0fa80698a35b4c2a50017e5c61ee63df5ee39ff18b1d1c97d9381401ec1c3c5a
sha512: 5d52823c84c3c24bfa0a11e26c5704c555327ca21a60c89d9827ba5d3be9872137cb6d6230b6bb3c1ff64bb72eae93d2da98465c5764d71a2cd4614c000119e3
ssdeep: 3072:HDQkrZoosbILXJbb2lc5qqRyrFSvMP9ih/A+pk4hSGSniH1qW:HDpoe56lyq8ypSvM10/Bk44IJ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19A14D04AB280E16BFA427B72CD77C298C374AD111731A74F77A87B6A67332826D17103
sha3_384: 60ce726b1693e45f7a09e6cdaa27d1d0ccb7655b8efba63b178508c93665ec7672cb368990383e70d72fd2331f68886a
ep_bytes: 81ec8401000053555633db57895c2418
timestamp: 2014-05-11 20:03:36

Version Info:
CompanyName: Liz Claiborne Inc.
FileDescription: LastPass
LegalCopyright: Hewlett-Packard Company
LegalTrademarks: Nullsoft Install System
Translation: 0x0409 0x04e4

Trojan:Win32/Znyonm also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Generic.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKD.71832607
FireEye	Generic.mg.1da8210f15bdeb76
Malwarebytes	Trojan.GuLoader
Sangfor	Trojan.Win32.Agent.V5c4
K7AntiVirus	Riskware ( 00584baa1 )
K7GW	Riskware ( 00584baa1 )
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Cynet	Malicious (score: 100)
BitDefender	Trojan.GenericKD.71832607
Emsisoft	Trojan.GenericKD.71832607 (B)
F-Secure	Trojan.TR/Crypt.XPACK.Gen
VIPRE	Trojan.GenericKD.71832607
TrendMicro	Trojan.Win32.CRYPT.USBLC724
Trapmine	malicious.high.ml.score
Ikarus	Trojan.Crypt
GData	Trojan.GenericKD.71832607
Google	Detected
Avira	TR/Crypt.XPACK.Gen
Antiy-AVL	Trojan/Win32.Agent
Kingsoft	Win32.Troj.Undef.a
Arcabit	Trojan.Generic.D448141F
Microsoft	Trojan:Win32/Znyonm
Varist	W32/Injector.YZPE-3832
ALYac	Trojan.GenericKD.71832607
MAX	malware (ai score=82)
Cylance	unsafe
Panda	Trj/Chgt.AD
TrendMicro-HouseCall	Trojan.Win32.CRYPT.USBLC724
Rising	Trojan.Generic@AI.100 (RDML:Khl+pmIummeLOytjxYs2vQ)
MaxSecure	Trojan.Malware.236557283.susgen
Fortinet	W32/PossibleThreat
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_70% (D)

How to remove Trojan:Win32/Znyonm?

Trojan:Win32/Znyonm removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X