Spyware free software spyware removal Anti Spyware software free spyware check adware spyware remover anti virus download Anti Spyware Software
Spyware Detector - Home Spyware Detector - Purchase Spyware Detector - Affiliates Spyware Detector - Download Updates Spyware Detector -FAQ Spyware Detector -Contact Us

Home / Spyware Encyclopedia / Trojan.Zlob
  Trojan.Zlob Technical Details
 Category Trojan
 Discovered   12/7/2005 12:58:00 PM
 Modified   11/6/2007 1:37:00 PM
 Threat Level Critical
 Description A program that appears desirable but actually contains something harmful. Masquerades as another, harmless program and allows other computer users to gain access to your computer through a security hole.
 Summary the hosts file was updated with the following url-to-ip mappings : n/a
the following http urls were started :
www.liangfeng.org
www.libertygymnasticscenter.com
prado7.com
generated smtp traffic : n/a
there was a new connection established with a remote irc server : n/a
the following hidden entries created : n/a
the following internet connection was established:
217.161.40.27:80(cw-40-27.iglobalmedia.com)
66.150.208.9:80
82.197.65.53:80(mail2.partygaming.com)
 Processes   actcontroller.exe, winlagons.exe
 Drivers   Hbi34.sys, Gyip73.sys, symavc32.sys
 Behavior   1) It degrades the performance of the PC.
2) It brings the other exe. turbocodec installed.
 When the Trojan is executed, it creates the following files:
 
Name Version Publisher Signature (MD5) File Size (in KB)
..\systemw.exe     a1f2f3e166fa1103aee64bc0fa177a7e 50688
..\dsxehmpi.dll     1f3e1fcaa860df4c7c85ca41485fa88a 110592
..\ilejupqx\gbstsdet.exe     b4876cf5b763b9dd4ab6e6307cd66e4c  
..\jmbgbqpg.dll     0dfd46c08ffea7308001fcffa040ea58 69120
..\kfilkfsz.dll     f2f336fbbf4a4fc96cca887acd840b62 106496
..\mneritwx.dll     632f76f98c3ed1543ba429cca5fa962f 114688
..\ozypepur\cxejsrup.exe     7d2e7e97ab24a48f76c5b503a7683d61 41984
..\pcbqpabs\tgzyrmzw.exe     89f6eec737009cca02da6d14ed905727 36864
..\temp\7be4f73b.tmp     6b14ddb7cf83adad88c2028024800fba 129
..\temp\aa6deb48.tmp     f7037993edb08d0d0b693d3f16f595e5 105
..\temp\b5358c17.tmp     229ecb816e112771a5c86a3aa7fd5597 128
..\WebSoftCodecSetup.exe     34A5E8E0B2B4F9F4304699208BD3C1DE  
..\startup\msn_0803_upd041807.exe     679696a96adba2209ffe3594b9f80771 111104
..\online security test.url        
..\ieupdr2.exe     3cb44ad42389cd79ddbec806858dba31 3013
..\mediacodec-4.207.exe        
..\svchost.t__        
..\antiviirus.exe     43f3fe8bdcaf236ce421fa48493dfefe 21568
..\digikeygen\digikeygen.exe     D0E6BB837749176BDD1E9E5B4DFD8B7C  
..\digikeygen \digikeygen.exe.manifest       632
..\digikeygen\digikeygen.url       67
..\digikeygen\helper.exe     28C6E074370619F656EA02F099BA8D9C  
..\digipass\digipass.exe     6c0bf0537e3b7e285908156cd79850cb 13772
..\digipass\helper.exe     9994B5D56E0C725EAA9C56B5C4D10BE3  
..\dmtcdkfu\xixunkfw.dll     f4ab63765e7eb48acc3771471d54a73e 57344
 When the Trojan is executed, it creates the following Registry entries:
 
..\software\06423464594202453856736610877917
..\software\microsoft\windows\currentversion\explorer\cd burning\drives\volume{4074b138-fbe1-11dc-9020-806d6172696f}
..\software\microsoft\windows\currentversion\internet settings\zonemap\escdomains\softwaredestributiononlinecorp.com
..\software\netproject
..\software\videokey
..\HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video AX Solution
..\software\511000167666b158
..\software\classes\appid\{860b20f5-12c2-44ee-befe-7cd167a7a98e}
..\software\classes\clsid\{0017c0db-2d59-40ab-99a1-135e520c38d7}
..\software\classes\clsid\{0325a129-beed-4164-9d30-58478f25416a}
..\software\classes\clsid\{03bbc751-eabc-4e9b-bddb-d32211f2e239}
..\software\classes\clsid\{04224b09-a9a8-41d2-95f5-73734b0319f2}
..\software\classes\clsid\{04ecb1fc-7900-4abb-b86c-86dfcf75c07f}
..\software\classes\clsid\{07966a3d-bb67-4e25-aae6-3bfa079cf8f7}
..\software\classes\clsid\{0926c183-bba1-46dc-be7d-3be7ff6f7abb}
..\software\classes\clsid\{0a1c9f06-f752-40f1-b4c0-6551962ba21d}
..\software\classes\clsid\{0ab76955-6d1a-420c-9950-b6e84d42d092}
..\software\classes\clsid\{0aecfae3-6ed3-4e6c-8d82-9b01ee3707e8}
..\software\classes\clsid\{0eb0365f-9974-4064-829b-2a9ef1cfb084}
..\software\classes\clsid\{0f089a8d-2b11-4146-8219-f99db8bfa397}
..\software\classes\clsid\{1123f3e3-8e30-448e-982e-064abe0190c6}
..\software\classes\clsid\{11a69ae4-fbed-4832-a2bf-45af82825583}
..\software\classes\clsid\{11e797ab-fba4-4ab9-8360-e218100915f1}
..\software\classes\clsid\{128cc9dd-2b73-4515-b78c-880b89e61131}
..\software\classes\clsid\{12b0a85b-2d21-4ff7-bd34-43134f7a50cd}
 Recommendation to remove Trojan.Zlob
Spyware Detector can remove Trojan.Zlob, and thousands of other Spyware definitions, automatically and instantly. Click here to download Spyware Detector and scan for free.
Download Spyware Detector and Scan for FREE
 
Personalized e-Mail support by our Research Team. You send an "Export Log" report to us, we then add new definition and you eliminate spyware found on YOUR PC in the next Live Update. So, not only do you benefit but the whole community enjoys the feedback. 
Speed up your computer and increase browsing performance by deleting Spyware & Adware
Enjoy continuous protection and security with frequent spyware definition updates so you never have to worry about new threats and outdated software.
Surf the web with confidence knowing your online activities aren't being tracked, and your confidential data is secure from prying eyes.
 
Free Spyware Scan
Testimonials

Read More
Information Desk
Spyware & Adware Categories we scan
   
List of Spyware &
Adware we remove
Submit a Threat
Submit a threat to be reviewed by our research team

Submit a Threat
Home | About Us | Purchase | Contact Us | FAQ | Privacy Policy