How to remove “Win32/TrojanDownloader.Zlob.BXN”?

The Win32/TrojanDownloader.Zlob.BXN is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32/TrojanDownloader.Zlob.BXN virus can do?

Yara rule detections observed from a process memory dump/dropped files/CAPE
Authenticode signature is invalid

How to determine Win32/TrojanDownloader.Zlob.BXN?


File Info:
name: 1A601CE23819C3FD0BA6.mlw
path: /opt/CAPEv2/storage/binaries/be99bc77a81c7e5dcf7d1ad5a134b21399b13f66458494cdba46720a554145cc
crc32: 9FA13C40
md5: 1a601ce23819c3fd0ba6a87808224c54
sha1: 325d223ae0ac1adee18f42c0d6c375eccea3ec13
sha256: be99bc77a81c7e5dcf7d1ad5a134b21399b13f66458494cdba46720a554145cc
sha512: ba31c0f60c254868049766ab22bf851e91c8bbb79e4a44b4a26649ad0ce5212b32db0fb5b00cd1f7b0a313ab2ffeb35dbcdd30513de6e0258a6901d5504a5737
ssdeep: 1536:H8SX3PE+OCvGo/KV4lZb4AFsp54sstLvtio728DTTf:HrvGoiulZbTIYvYoy8DH
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15F737E63B885447BE193013109F46B64FBBE793B1534DDE79B1849C26C288C2B7BF24A
sha3_384: d9ed29c6a24a11b75a9af1bb11a84f20776e8bfdd4eabfe77a683e7e2c2a132f2b061aaeab50d2a33500ea1485306ec4
ep_bytes: 41be01004000f7d94981c63f2001008b
timestamp: 2007-12-07 15:03:11

Version Info:
0: [No Data]

Win32/TrojanDownloader.Zlob.BXN also known as:

Bkav	W32.AIDetect.malware1
DrWeb	BackDoor.Mbot
MicroWorld-eScan	Gen:Heur.Conjar.9
FireEye	Generic.mg.1a601ce23819c3fd
Cylance	Unsafe
VIPRE	Gen:Heur.Conjar.9
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Trojan ( 000219791 )
K7GW	Trojan ( 000219791 )
Cybereason	malicious.23819c
BitDefenderTheta	Gen:NN.ZexaF.34698.eeW@amzMTJd
VirIT	Win32.CryptorGen.A
Cyren	W32/Trojan2.AJNE
Symantec	Trojan.Gen.MBT
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/TrojanDownloader.Zlob.BXN
APEX	Malicious
TrendMicro-HouseCall	TROJ_GEN.R067C0OIS22
ClamAV	Win.Malware.Conjar-9957981-0
Kaspersky	Trojan.Win32.DNSChanger.apn
BitDefender	Gen:Heur.Conjar.9
SUPERAntiSpyware	Trojan.Unclassified/K-Series
Avast	Win32:DNSChanger-SK [Trj]
Tencent	Malware.Win32.Gencirc.10d096e0
Ad-Aware	Gen:Heur.Conjar.9
Sophos	Mal/Behav-010
Comodo	TrojWare.Win32.DNSChanger.APN@k133q
TrendMicro	TROJ_GEN.R067C0OIS22
McAfee-GW-Edition	BehavesLike.Win32.Duptwux.lh
Trapmine	malicious.high.ml.score
Emsisoft	Gen:Heur.Conjar.9 (B)
SentinelOne	Static AI – Malicious PE
Google	Detected
Avira	BDS/Backdoor.Gen
MAX	malware (ai score=83)
Antiy-AVL	Trojan/Generic.ASMalwS.143
Microsoft	Trojan:Win32/Sabsik.FL.A!ml
ZoneAlarm	Trojan.Win32.DNSChanger.apn
GData	Gen:Heur.Conjar.9
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.Generic.R513627
Acronis	suspicious
McAfee	generic!bg.enl
VBA32	suspected of Trojan-Downloader.Agent.31
Malwarebytes	Malware.AI.3591242858
Rising	Trojan.Zlob!1.A07E (CLASSIC)
Yandex	Trojan.GenAsa!cONGUGy0GTw
Ikarus	Trojan.Win32.DNSChanger
Fortinet	W32/PackRPCrypt.RPA!tr
AVG	Win32:DNSChanger-SK [Trj]
Panda	Generic Malware
CrowdStrike	win/malicious_confidence_90% (W)

How to remove Win32/TrojanDownloader.Zlob.BXN?

Win32/TrojanDownloader.Zlob.BXN removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X