W32.Zlob Trojan Virus Description
W32.Zlob refers to a group of related Trojan Viruses that will modify your computer’s Internet Explorer settings and will redirect your default home and Internet search pages. The Zlob Trojan is also known as a “Backdoor Trojan” that will provide a remote hacker or attacker a means to remotely control your computer and install additional computer malware, steal your identity, and modify files on your computer. The Zlob Trojan is also referred to as a Trojan Downloader because of some of the fake anti-spyware programs that it has been known to download onto the target computer.
MalwarePayload
W32.Zlob will attempt to download and install additional malware and spyware to your computer once its fully installed. The W32.Zlob will also attempt to hijack your computer’s default homepage and redirect search engine homepages to those predefined by the virus author to expose you to additional malware. Some of the known malware that Zlob has been observed downloading onto attacked computers are: IE Defender, Anti VirGear, VirusProtect, SpyCrush, and SpyLocked. The longer that your computer is infected with Zlob, the greater number of infections that it will download onto your computer.
W32.Zlob Trojan Malware Processes and Files
Win32.Zlob Trojan virus are known to perform the following actions on your computer once installed:
- Copy itself on your computer in the following locations:
Program Files\Messenger\msmsgs.exe
System32\tgbrfv_.exe
System32\cmd.exe
where most personal computers will use the “c” drive for the folder locations.
The W32.Zlob Trojan will also make itself an “auto start” program that will be started each time you reboot your computer.
The W32.Zlob Trojan is also known to inject iteself into other legitimate computer programs that are running on your computer such as: winlogon.exe, services.exe, svchost.exe, explorer.exe, spoolsv.exe, msmsgs.exe, and vmsrvc.exe.
W32.Zlob will also attempt to connect to remote web servers using port 80 (since it is normally open for web surfing) and modify your computer’s HOSTS file to redirect attempts to navigate to Search Engines and other common websites to those pre-defined by the malware author.
Zlob DLL Files
oyopu.dll
yronl.dll
isadd.dll
pkgvyg.dll
qzviz.dll
Ygjun.dll
yuspej.dll
czxtyx.dll
bpvol.dll
splug.dll
dxovx.dll
lcsrsrv.dll
iesplg.dll (new)
iesbpl.dll (new)
vzfhprk.dll (new)
hymww.dll (new)
Basic Removal Steps
The W32.Zlob Trojan virus is complex and it is not recommended to attempt manual removal. Automatic removal using an updated anti-virus program is the recommended means for removal.
Click here for automatic removal instructions for removing the W32.Zlob Trojan Virus.
No related posts.
Related posts brought to you by Yet Another Related Posts Plugin.
[...] Tags: Fake Anti-spyware, Fake Anti-Spyware Removal, Malware Alarm, Malware Alarm Removal, Malware Alarm Software, Malware Alarm Tools, Malware Dictionary, malware protection, Rogue Anti-Spyware, Rogue Anti-Spyware Removal, Spyware Malware Alarm is one of the numerous rogue anti-spyware programs on the Internet that are really a variant of computer spyware. Malware Alarm will attempt to trick you into purchasing the full commercial version of the product by displaying fake infection messages every time that you restart Windows. If you click “Ok” on one of the warning messages that Malware Alarm displays, it will automatically load the parent website of the malware in your Web Browser. It may or may not then automatically install the primary payload on your computer. Malware Alarm can be difficult to remove from your computer and will serve as a gateway to additional computer malware being downloaded to your computer. It is also known to be distributed as the payload of Trojan Viruses such as Zlob. [...]