Fix for the Zlob Trojan
The Zlob trojan is a common trojan that affects the Windows operating system. The Zlob trojan runs automatically every time you turn on an infected computer. Once it is running, the Zlob trojan causes a host of problems. Fortunately, the Zlob trojan can be removed automatically or manually.
Other People Are Reading
-
Function
-
The Zlob trojan is a backdoor trojan. This means that once it infects your computer, the Zlob trojan opens a security hole. This security hole can then be used by a remote hacker to access your personal information, change your computer settings, and modify your files. In addition, the Zlob trojan slows your computer, reduces your virtual memory and installs several rogue anti-spyware programs, including SpyShredder, WintAntiVirus Pro 2007, Ultimate Cleaner and SecurePCCleaner.
Automatic Removal
-
You may be able to remove the Zlob trojan by running an up to date anti-malware program. Windows users can run Windows Defender, a free anti-malware program included with the Windows Vista and 7 operating systems. To run Windows Defender, click "Start," "All Programs" and "Windows Defender." Then click "Scan" and select "Full Scan" from the drop-down menu. Windows Defender will scan your computer and automatically remove the Zlob trojan (see Resources).
-
Manual Removal
-
If you do not have an anti-malware program, or your anti-malware program is unable to detect the Zlob trojan, you can remove the trojan manually. Keep in mind that manually removing the Zlob trojan is a technical process that should not be attempted by inexperienced users. Making a wrong move, such as deleting the wrong dynamic link library, can cause significant systemwide errors. To remove the Zlob trojan manually, delete the following processes, registry entries, dynamic link libraries and files respectively.
msmsgs.exe
nvctrl.exe
msmsgs.exe
nvctrl.exe
HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsNTCurrentVersionWinlogonShell=explorer.exe
HKEY_LOCAL_MACHINE SoftwareMicrosoftWindows NT CurrentVersionWinlogonShell=explorer.exe
HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunRegSvr32=%System%msmsgs.exe
HKEY_LOCAL_MACHINE SoftwareMicrosoftWindows CurrentVersionRunRegSvr32=%System%msmsgs.exe
uimcu.dll
antzozc.dll
dtjby.dll
uimcu.dll
antzozc.dll
dtjby.dll
dumpserv.com
zxserv0.com
vnp7s.net
Protect
RSA
ncompat.tlb
msvol.tlb
hp[X].tmp
msmsgs.exe
nvctrl.exe
dumpserv.com
zxserv0.com
vnp7s.net
%UserProfile%\Application Data\Microsoft\Protect
%UserProfile%\Application Data\Microsoft\Crypto\RSA
ncompat.tlb
msvol.tlb
hp[X].tmp
Prevention
-
Trojans, including the Zlob trojan, disguise themselves as legitimate files in order to trick users into downloading them. Consequently, you should never execute programs unless they are from a trusted source, never open e-mail attachments unless you know who sent them, and avoid clicking on suspicious links and advertisements. Moreover, run an up-to-date anti-malware program at all times and consider installing and running a firewall. (see ref 2)
-
References
Resources
- Photo Credit Jupiterimages/Photos.com/Getty Images
