Posted by Marcin Kleczynski on August 20th, 2008
New Zlob has been released again. It installs the following files, and registry entries.
C:\Windows\System32\kcekz.dll
C:\Windows\System32\377186\377186.dll
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
{D3A71378-AB7F-414F-B33C-66E335D1CF40}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
{8DC71747-ACE0-40C1-8947-54F107D0639B} = enorganic
We have provided removal instructions for anybody unfortunate to have been infected by this trojan.
Removal instructions for Trojan.Zlob
Posted by Marcin Kleczynski on August 17th, 2008
New Zlob has been released again. It installs the following files, and registry entries.
C:\Windows\System32\euwoeu.dll
C:\Windows\System32\857060\857060.dll
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
{6CCBAFC1-5285-494F-93F1-6894C87A9C43}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
{0FE36C74-667B-454B-828E-75E4E72CBEF8} = causes
We have provided removal instructions for anybody unfortunate to have been infected by this trojan.
Removal instructions for Trojan.Zlob
Posted by Marcin Kleczynski on August 16th, 2008
A new rogue application using a legit program name has been released.
If you have seen any of the windows above on your computer, it is recommended that you follow these instructions. We have provided removal instructions for anybody unfortunate to have downloaded these applications.
Removal instructions for Antivir64
Marcin Kleczynski
Posted by Marcin Kleczynski on August 13th, 2008
VideoAccessCodec has been updated. The codec installs the following files.
C:\Windows\wbqxfpgl.dll
C:\Windows\vwsrfton.dll
C:\Windows\tpabfelq.dll
C:\Windows\ateqoflr.exe
We have provided removal instructions for anybody unfortunate to have been infected by this codec.
Removal instructions for VideoAccessCodec
Posted by Marcin Kleczynski on August 13th, 2008
New Zlob has been released again. It installs the following files, and registry entries.
C:\Windows\System32\ouhzw.dll
C:\Windows\System32\604262\604262.dll
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
{4F006697-FB04-4B67-86BB-0DCA9C0514B4}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
{97D2DFAC-9ACB-4D6F-AC2B-AB6EE090F649} = bebization
We have provided removal instructions for anybody unfortunate to have been infected by this trojan.
Removal instructions for Trojan.Zlob
Posted by Marcin Kleczynski on August 12th, 2008
Two new rogue applications were discovered this week, Internet Antivirus and WinProtector.
If you have seen any of the windows above on your computer, it is recommended that you follow these instructions. We have provided removal instructions for anybody unfortunate to have downloaded these applications.
Removal instructions for Internet Antivirus
Removal instructions for WinProtector
Marcin Kleczynski
Posted by Marcin Kleczynski on August 4th, 2008
VideoAccessCodec has been updated. The codec installs the following files.
C:\Windows\bgrqfetx.dll
C:\Windows\lnvegaow.exe
C:\Windows\tfnslopk.dll
C:\Windows\xokvrpwg.dll
We have provided removal instructions for anybody unfortunate to have been infected by this codec.
Removal instructions for VideoAccessCodec
Posted by Marcin Kleczynski on August 4th, 2008
New Zlob has been released again. It installs the following files and registry entries.
C:\Windows\System32\zgyhw.dll
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
{2f199d0e-f3e7-41a7-a060-816c24cceea0} = hypoch
We have provided removal instructions for anybody unfortunate to have been infected by this trojan.
Removal instructions for Trojan.Zlob
Recent Comments