zzbrenkzx.exe removal instructions

zzbrenkzx.exe claims to be genuine Microsoft Windows file when right-clicking the file and looking at the version info. The files states to be a “Restart Manager LUA Restart Client”.  A VirusTotal scan clearly shows that we cannot trust the version information attached to the file:

  • Avast Win32:Malware-gen
  • eSafe Win32.Trojan
  • Norman W32/Suspicious_Gen4.AJROJ
  • Fortinet W32/Gimemo.UWH!tr
  • Comodo UnclassifiedMalware
  • Antiy-AVL Trojan/Win32.Jorik.gen
  • TheHacker Trojan/Jorik.Lolbot.apq
  • Jiangmin Trojan/Jorik.enjy
  • Kaspersky Trojan.Win32.Jorik.Lolbot.apq
  • VIPRE Trojan.Win32.Generic!BT
  • DrWeb Trojan.KillFiles.9354
  • CAT-QuickHeal Trojan.Jorik.Lolbot.apq
  • VBA32 Trojan.Jorik.Lolbot.apq
  • Emsisoft Trojan-Downloader.Win32.Ransom!IK
  • Ikarus Trojan-Downloader.Win32.Ransom
  • K7AntiVirus Trojan
  • TrendMicro-HouseCall TROJ_GEN.R49C7FK
  • TrendMicro TROJ_GEN.R49C7FK
  • Panda Trj/Genetic.gen
  • AntiVir TR/Crypt.ZPACK.Gen2
  • AVG Generic28.BQJJ
  • McAfee Generic.dx!b2yf
  • McAfee-GW-Edition Generic.dx!b2yf
  • BitDefender Gen:Variant.Barys.2215
  • F-Secure Gen:Variant.Barys.2215
  • GData Gen:Variant.Barys.2215
  • Microsoft DoS:Win32/SynFlood.I
  • ESET-NOD32 a variant of Win32/Injector.SOU

Pretty decent detection rate I’d say. 29 out of 46 anti-virus programs detects it. This clearly shows that the version information attached to files cannot be trusted, unless the file is digitally signed.

zzbrenkzx.exe removal instructions

  1. Reboot your computer.
  2. While your machine is rebooting, tap F8. The Advanced Boot Options should appear.
  3. On the Advanced Boot Options screen, use the arrow keys to highlight safe mode and press ENTER. The computer should now start in safe mode.
  4. Start Windows Explorer.
  5. Browse to the folder where zzbrenkzx.exe is located.
  6. Right-click zzbrenkzx.exe and select Delete.

Did this solve your problem?


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s