Print | Send on Yahoo! | PDF version | RSS | Filed Under: HOW TO....

How to remove Dropped:Trojan.Zlob.CND

The Trojan.Zlob malware family is usually responsible for spreading rogue security software to infected computers. It is installed as a BHO (Browser Helper Object) and downloads another e-threat, detected by BitDefender as Trojan.Zlob.CND.

This one, in turn, downloads rogue antiviruses like VirusHeat or AntivirusXP versions.

In order to remove the BHO please follow the steps below:

1. Start Autoruns
2. Browse to the Internet Explorer tab

Look for entries like "Xena toolbarModule" which leads to Dynamic-link Libraries named: dadef.dll, idef.dll, ipol.dll, conio.dll, dapol.dll, nada64.dll, opus64.dll, codef.dll, copol.dll etc located in %windir%\system32\.

3. Close all instances of Internet Explorer
4. Delete the entries from Autoruns (write them down for the next step)
5. Delete the files from the hard disk (if you can't do this, go back to step 2)

 

Information in this article is available courtesy of BitDefender Virus Researchers: Daniel Chipiristeanu and Laura Boeriu

Additional notes: this guide is intended for any type of user as long as they follow the exact steps described above. Any damage done to your system as a result of following this guide is your responsibility. Malwarecity.com cannot guarantee a successful removal for any threat version described above.