Thursday, November 20, 2008

Zlob Trojan

How To Remove Zlob?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Zlob is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Hijackers are software programs that modify users' default browser home page,
search settings, error page settings, or desktop wallpaper without adequate notice, disclosure,
or user consent.

When the default home page is hijacked, the browser opens to the web page set by the hijacker
instead of the user's designated home page. In some cases, the hijacker may block users from
restoring their desired home page.

A search hijacker redirects search results to other pages and may
transmit search and browsing data to unknown servers. An error page hijacker directs
the browser to another page, usually an advertising page, instead of the usual error
page when the requested URL is not found.

A desktop hijacker replaces the desktop wallpaper with advertising
for products and services on the desktop.

Hijackers take control of various parts of your web browser, including your home page,
search pages, and search bar. They may also redirect you to certain sites should you
mistype an address or prevent you from going to a website they would rather you not,
such as sites that combat malware. Some will even redirect you to their own search engine
when you attempt a search. NB: hijackers almost exclusively target Internet Explorer.
Trojans-downloaders downloads and installs new malware or adware on the computer.

The pop-ups generally will not be stopped by pop-up stoppers, and often are
not dependent on your having Internet Explorer open.

Zlob It also known as:

[Kaspersky]Trojan-Dropper.Win32.Agent.mu,Trojan-Downloader.Win32.Zlob.bnw,Trojan.Downloader.Win32.Zlob.azc,Trojan-Downloader.Win32.Agent.bbr,Trojan.Win32.Crypt.g,Trojan-Downloader.Win32.Zlob.bcl,Trojan-Downloader.Win32.Zlob.dah,Trojan.Win32.DNSChanger.pi,Adware.Win32.Agent.pz,Trojan-Downloader.Win32.Zlob.bxr,Trojan-Downloader.Win32.Zlob.ehi,Trojan-Downloader.Win32.Zlob.ehw,Trojan-Downloader.Win32.Zlob.enq,Trojan-Downloader.Win32.Obfuscated.bn;
[McAfee]Puper.gen,Generic Downloader,DNSChanger.pi;
[F-Prot]W32/Downloader.BECM;
[Panda]Adware/VideoAddon;
[Other]W32/Zlob.gen4,W32/Renos.gen3,TROJ_ZLOB.BQZ,Zlob.IOD,Trojan-Downloader.Zlob.Media-Codec,Trojan.Zlob.AVP,W32/DLoader.BCQL,Trojan.DownLoader.10588,W32/Zlob.gen70,Trojan.Zlob,Zlob.AGUA,Troj/Zlob-Gen,trojan-downloader-zlob,TROJ_ZLOB.DSI,Trojan-Downloader.Zlob.MediaCodec,W32/Zlob.AIRZ,W32/Zlob.ACPA,Troj/Agent-EOH,Downloader,Troj/Zlob-VH,Trojan-Downloader.Zlob.Media-COdec,Trojan.Emcodec,W32/Zlob.XJU,TrojanDownloader:Win32/Zlob.gen!N,TROJ_ZLOB.DYP,Mal/ZlobInst-A,TrojanDownloader:Win32/Zlob.gen!AA,Zlob.gen94,TrojanDownloader:Win32/Zlob.gen!R,Trojan:Win32/Zlob.ZWC,Troj/Zlobar-Fam

Zlob Symptoms:

Files:
[%COMMON_DOCUMENTS%]\Video ActiveX Object\ot.ico
[%COMMON_DOCUMENTS%]\Video ActiveX Object\ts.ico
[%DESKTOP%]\Viruz\temp.fr????\ot.ico
[%DESKTOP%]\Viruz\temp.fr????\ts.ico
[%PROFILE_TEMP%]\temp.fr????\ot.ico
[%PROFILE_TEMP%]\temp.fr????\ts.ico
[%PROFILE_TEMP%]\NoadwareBkupTemp\ot.ico
[%PROFILE_TEMP%]\NoadwareBkupTemp\ts.ico
[%PROGRAM_FILES%]\Brain Codec\ot.ico
[%PROGRAM_FILES%]\Brain Codec\ts.ico
[%PROGRAM_FILES%]\EliteCodec\ot.ico
[%PROGRAM_FILES%]\EliteCodec\ts.ico
[%PROGRAM_FILES%]\Gold Codec\ot.ico
[%PROGRAM_FILES%]\Gold Codec\ts.ico
[%PROGRAM_FILES%]\Image ActiveX Access\ot.ico
[%PROGRAM_FILES%]\Image ActiveX Access\ts.ico
[%PROGRAM_FILES%]\Image ActiveX Object\ot.ico
[%PROGRAM_FILES%]\Image ActiveX Object\ts.ico
[%PROGRAM_FILES%]\IntCodec\ot.ico
[%PROGRAM_FILES%]\IntCodec\ts.ico
[%PROGRAM_FILES%]\Internet Security\ot.ico
[%PROGRAM_FILES%]\Internet Security\ts.ico
[%PROGRAM_FILES%]\iVideoCodec\ot.ico
[%PROGRAM_FILES%]\iVideoCodec\ts.ico
[%PROGRAM_FILES%]\Key Generator\ot.ico
[%PROGRAM_FILES%]\Key Generator\ts.ico
[%PROGRAM_FILES%]\My Pass Generator\ot.ico
[%PROGRAM_FILES%]\My Pass Generator\ts.ico
[%PROGRAM_FILES%]\Online Add-on\ot.ico
[%PROGRAM_FILES%]\Online Add-on\ts.ico
[%PROGRAM_FILES%]\Online Image Add-on\ot.ico
[%PROGRAM_FILES%]\Online Image Add-on\ts.ico
[%PROGRAM_FILES%]\Online Video Add-on\ot.ico
[%PROGRAM_FILES%]\Online Video Add-on\ts.ico
[%PROGRAM_FILES%]\PCFree\Recovery\[2006-11-23]05_20_36_921\WINDOWS\system32\ot.ico
[%PROGRAM_FILES%]\PCFree\Recovery\[2006-11-23]05_20_36_921\WINDOWS\system32\ts.ico
[%PROGRAM_FILES%]\PCODEC\ot.ico
[%PROGRAM_FILES%]\PCODEC\ts.ico
[%PROGRAM_FILES%]\Perfect Codec\ot.ico
[%PROGRAM_FILES%]\Perfect Codec\ts.ico
[%PROGRAM_FILES%]\PornPass Manager\ot.ico
[%PROGRAM_FILES%]\PornPass Manager\ts.ico
[%PROGRAM_FILES%]\QualityCodec\ot.ico
[%PROGRAM_FILES%]\QualityCodec\ts.ico
[%PROGRAM_FILES%]\Security Tools\ot.ico
[%PROGRAM_FILES%]\Security Tools\ts.ico
[%PROGRAM_FILES%]\Silver Codec\ot.ico
[%PROGRAM_FILES%]\Silver Codec\ts.ico
[%PROGRAM_FILES%]\strCodec\ot.ico
[%PROGRAM_FILES%]\strCodec\ts.ico
[%PROGRAM_FILES%]\Super Codec\ot.ico
[%PROGRAM_FILES%]\Super Codec\ts.ico
[%PROGRAM_FILES%]\TrueCodec\ot.ico
[%PROGRAM_FILES%]\TrueCodec\ts.ico
[%PROGRAM_FILES%]\VidCodecs\ot.ico
[%PROGRAM_FILES%]\VidCodecs\ts.ico
[%PROGRAM_FILES%]\Video Access ActiveX Object\ot.ico
[%PROGRAM_FILES%]\Video Access ActiveX Object\ts.ico
[%PROGRAM_FILES%]\Video ActiveX Access\ot.ico
[%PROGRAM_FILES%]\Video ActiveX Access\ts.ico
[%PROGRAM_FILES%]\Video ActiveX Object\isamini.exe
[%PROGRAM_FILES%]\Video ActiveX Object\isamntr.exe
[%PROGRAM_FILES%]\Video ActiveX Object\ot.ico
[%PROGRAM_FILES%]\Video ActiveX Object\ts.ico
[%PROGRAM_FILES%]\Video Add-on Setup\ot.ico
[%PROGRAM_FILES%]\Video Add-on Setup\ts.ico
[%PROGRAM_FILES%]\Video Add-on\ot.ico
[%PROGRAM_FILES%]\Video Add-on\ts.ico
[%PROGRAM_FILES%]\Video AX Object\ot.ico
[%PROGRAM_FILES%]\Video AX Object\ts.ico
[%PROGRAM_FILES%]\VideoCompressionCodec\ot.ico
[%PROGRAM_FILES%]\VideoCompressionCodec\ts.ico
[%PROGRAM_FILES%]\VideoKeyCodec\ot.ico
[%PROGRAM_FILES%]\VideoKeyCodec\ts.ico
[%PROGRAM_FILES%]\VideosCodec\ot.ico
[%PROGRAM_FILES%]\VideosCodec\ts.ico
[%SYSTEM%]\ismini.exe
[%SYSTEM%]\ot.ico
[%SYSTEM%]\ot.ico_wally
[%SYSTEM%]\ts.ico
[%SYSTEM%]\uvnx.exe
[%WINDOWS%]\msvb.dll
[%WINDOWS%]\netadv.dll
[%WINDOWS%]\sysdx.dll
[%WINDOWS%]\uwcwxwy.exe
[%DESKTOP%]\Online Security Guide.lnk
[%DESKTOP%]\SECURITY
[%DESKTOP%]\Security Troubleshooting.lnk
[%PROFILE%]\cmd.exe
[%PROFILE%]\start
[%STARTMENU%]\Online Security Guide.url
[%STARTMENU%]\Security Troubleshooting.url
[%PROFILE%]\Configuraci%F3n local\Temp\temp.fr????\ot.ico
[%PROFILE%]\Configuraci%F3n local\Temp\temp.fr????\ts.ico
[%PROFILE_TEMP%]\sysmfd.exe
[%PROGRAM_FILES%]\Helper\yourprosearch.dll
[%SYSTEM%]\tvtpwp.dll
[%SYSTEM%]\ymmzwd.dll
[%WINDOWS%]\bndsrwlq.dll
[%COMMON_DOCUMENTS%]\Video ActiveX Object\ot.ico
[%COMMON_DOCUMENTS%]\Video ActiveX Object\ts.ico
[%DESKTOP%]\Viruz\temp.fr????\ot.ico
[%DESKTOP%]\Viruz\temp.fr????\ts.ico
[%PROFILE_TEMP%]\temp.fr????\ot.ico
[%PROFILE_TEMP%]\temp.fr????\ts.ico
[%PROFILE_TEMP%]\NoadwareBkupTemp\ot.ico
[%PROFILE_TEMP%]\NoadwareBkupTemp\ts.ico
[%PROGRAM_FILES%]\Brain Codec\ot.ico
[%PROGRAM_FILES%]\Brain Codec\ts.ico
[%PROGRAM_FILES%]\EliteCodec\ot.ico
[%PROGRAM_FILES%]\EliteCodec\ts.ico
[%PROGRAM_FILES%]\Gold Codec\ot.ico
[%PROGRAM_FILES%]\Gold Codec\ts.ico
[%PROGRAM_FILES%]\Image ActiveX Access\ot.ico
[%PROGRAM_FILES%]\Image ActiveX Access\ts.ico
[%PROGRAM_FILES%]\Image ActiveX Object\ot.ico
[%PROGRAM_FILES%]\Image ActiveX Object\ts.ico
[%PROGRAM_FILES%]\IntCodec\ot.ico
[%PROGRAM_FILES%]\IntCodec\ts.ico
[%PROGRAM_FILES%]\Internet Security\ot.ico
[%PROGRAM_FILES%]\Internet Security\ts.ico
[%PROGRAM_FILES%]\iVideoCodec\ot.ico
[%PROGRAM_FILES%]\iVideoCodec\ts.ico
[%PROGRAM_FILES%]\Key Generator\ot.ico
[%PROGRAM_FILES%]\Key Generator\ts.ico
[%PROGRAM_FILES%]\My Pass Generator\ot.ico
[%PROGRAM_FILES%]\My Pass Generator\ts.ico
[%PROGRAM_FILES%]\Online Add-on\ot.ico
[%PROGRAM_FILES%]\Online Add-on\ts.ico
[%PROGRAM_FILES%]\Online Image Add-on\ot.ico
[%PROGRAM_FILES%]\Online Image Add-on\ts.ico
[%PROGRAM_FILES%]\Online Video Add-on\ot.ico
[%PROGRAM_FILES%]\Online Video Add-on\ts.ico
[%PROGRAM_FILES%]\PCFree\Recovery\[2006-11-23]05_20_36_921\WINDOWS\system32\ot.ico
[%PROGRAM_FILES%]\PCFree\Recovery\[2006-11-23]05_20_36_921\WINDOWS\system32\ts.ico
[%PROGRAM_FILES%]\PCODEC\ot.ico
[%PROGRAM_FILES%]\PCODEC\ts.ico
[%PROGRAM_FILES%]\Perfect Codec\ot.ico
[%PROGRAM_FILES%]\Perfect Codec\ts.ico
[%PROGRAM_FILES%]\PornPass Manager\ot.ico
[%PROGRAM_FILES%]\PornPass Manager\ts.ico
[%PROGRAM_FILES%]\QualityCodec\ot.ico
[%PROGRAM_FILES%]\QualityCodec\ts.ico
[%PROGRAM_FILES%]\Security Tools\ot.ico
[%PROGRAM_FILES%]\Security Tools\ts.ico
[%PROGRAM_FILES%]\Silver Codec\ot.ico
[%PROGRAM_FILES%]\Silver Codec\ts.ico
[%PROGRAM_FILES%]\strCodec\ot.ico
[%PROGRAM_FILES%]\strCodec\ts.ico
[%PROGRAM_FILES%]\Super Codec\ot.ico
[%PROGRAM_FILES%]\Super Codec\ts.ico
[%PROGRAM_FILES%]\TrueCodec\ot.ico
[%PROGRAM_FILES%]\TrueCodec\ts.ico
[%PROGRAM_FILES%]\VidCodecs\ot.ico
[%PROGRAM_FILES%]\VidCodecs\ts.ico
[%PROGRAM_FILES%]\Video Access ActiveX Object\ot.ico
[%PROGRAM_FILES%]\Video Access ActiveX Object\ts.ico
[%PROGRAM_FILES%]\Video ActiveX Access\ot.ico
[%PROGRAM_FILES%]\Video ActiveX Access\ts.ico
[%PROGRAM_FILES%]\Video ActiveX Object\isamini.exe
[%PROGRAM_FILES%]\Video ActiveX Object\isamntr.exe
[%PROGRAM_FILES%]\Video ActiveX Object\ot.ico
[%PROGRAM_FILES%]\Video ActiveX Object\ts.ico
[%PROGRAM_FILES%]\Video Add-on Setup\ot.ico
[%PROGRAM_FILES%]\Video Add-on Setup\ts.ico
[%PROGRAM_FILES%]\Video Add-on\ot.ico
[%PROGRAM_FILES%]\Video Add-on\ts.ico
[%PROGRAM_FILES%]\Video AX Object\ot.ico
[%PROGRAM_FILES%]\Video AX Object\ts.ico
[%PROGRAM_FILES%]\VideoCompressionCodec\ot.ico
[%PROGRAM_FILES%]\VideoCompressionCodec\ts.ico
[%PROGRAM_FILES%]\VideoKeyCodec\ot.ico
[%PROGRAM_FILES%]\VideoKeyCodec\ts.ico
[%PROGRAM_FILES%]\VideosCodec\ot.ico
[%PROGRAM_FILES%]\VideosCodec\ts.ico
[%SYSTEM%]\ismini.exe
[%SYSTEM%]\ot.ico
[%SYSTEM%]\ot.ico_wally
[%SYSTEM%]\ts.ico
[%SYSTEM%]\uvnx.exe
[%WINDOWS%]\msvb.dll
[%WINDOWS%]\netadv.dll
[%WINDOWS%]\sysdx.dll
[%WINDOWS%]\uwcwxwy.exe
[%DESKTOP%]\Online Security Guide.lnk
[%DESKTOP%]\SECURITY
[%DESKTOP%]\Security Troubleshooting.lnk
[%PROFILE%]\cmd.exe
[%PROFILE%]\start
[%STARTMENU%]\Online Security Guide.url
[%STARTMENU%]\Security Troubleshooting.url
[%PROFILE%]\Configuraci%F3n local\Temp\temp.fr????\ot.ico
[%PROFILE%]\Configuraci%F3n local\Temp\temp.fr????\ts.ico
[%PROFILE_TEMP%]\sysmfd.exe
[%PROGRAM_FILES%]\Helper\yourprosearch.dll
[%SYSTEM%]\tvtpwp.dll
[%SYSTEM%]\ymmzwd.dll
[%WINDOWS%]\bndsrwlq.dll

Folders:
[%PROGRAM_FILES%]\VideoAccessCodec
[%PROGRAM_FILES%]\Image Add-on
[%PROGRAM_FILES%]\Video Add-on

Registry Keys:
HKEY_CLASSES_ROOT\CLSID\{a43385f0-7113-496d-96d7-b9b550e3fcca}
HKEY_CLASSES_ROOT\vac.video
HKEY_LOCAL_MACHINE\software\microsoft\videoplugin
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a43385f0-7113-496d-96d7-b9b550e3fcca}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{edbf1bc8-39ab-48eb-a0a9-c75078eb7c8e}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VideoAccessCodec
HKEY_CLASSES_ROOT\clsid\{0b4fe923-0e04-4d8a-bc4f-db8c672a1584}
HKEY_CLASSES_ROOT\clsid\{0dfcfb5e-3974-3338-8f09-0b2552e546a8}
HKEY_CLASSES_ROOT\clsid\{a43385f0-7113-496d-96d7-b9b550e3fcca}
HKEY_CLASSES_ROOT\clsid\{b02534d7-8d91-49be-a864-97dfb8e0bab4}
HKEY_CLASSES_ROOT\clsid\{d8b937a4-cdad-497b-a872-8da7c4c3ef6f}
HKEY_CLASSES_ROOT\optnet.stockbar
HKEY_CLASSES_ROOT\optnet.toolbar.1
HKEY_CLASSES_ROOT\secmediaonline
HKEY_CLASSES_ROOT\vclsdcompression.class
HKEY_CLASSES_ROOT\videopl.chl
HKEY_CURRENT_USER\software\reknu
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{0dfcfb5e-3974-3338-8f09-0b2552e546a8}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{a43385f0-7113-496d-96d7-b9b550e3fcca}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{edbf1bc8-39ab-48eb-a0a9-c75078eb7c8e}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\image add-on
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\multimedia software
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\videoaccesscodec

Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_CLASSES_ROOT\clsid\{edbf1bc8-39ab-48eb-a0a9-c75078eb7c8e}\inprocserver32
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Penfur Trojan Removal
Nutcracker.AB2 Trojan Removal
Removing Pigeon.ADY Trojan
Glupzy Trojan Removal

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)