What Is The Zlob Trojan And What Does It Do?
What is the Zlob Trojan and what does it do? Well, the answer is that it’s a nasty little Trojan horse that can sneak into a personal computer (PC) by convincing the computer user that it is an anti-spyware program when in fact what it really is is a way for a virus called Zlob to get into the hard drive and operating system of a computer. As a result, computers often will then experience unending shutdowns and reboots.
Initially, a computer user ends up getting this virus when he or she downloads a codec for a video file and in which the Trojan is hidden. Usually, the Trojan will say that an ActiveX codec is needed. It’s in this little piece of code that the Trojan hides and begins its attack upon downloading of that fake ActiveX file.
After the Trojan gains entrance a series of pop ups begin to appear that resemble something that Microsoft might use to warn a user that his or her computer has been infected with a virus. Clicking anywhere on the pop up can trigger the download of that fake anti-spyware program — the most common variants of the fake spyware program are Virus Heat and MS Antivirus — which will actually implant the real Trojan horse.
Many times, the Trojan will also try to masquerade as an executable file that needs to be downloaded and that will also cause the Microsoft Windows Security icon to appear in order to give a more genuine look to the attack and fooled the person into thinking that the antivirus program comes from Microsoft itself. This is particularly devious, so beware.
If this file is enabled — and installing it will usually enable it — it can cause a great number of problems with the computer, including one commanded shutdowns of the PC and also reboots that are caused by those programs using the Windows Scheduled Tasks function to run a specific file called “zlberfker. Exe”. Needless to say, at minimum, a PC user will be confronted with endless random reboots and shutdowns until the problem can be addressed.
One other thing the Trojan does is cause redirects to sites that may be under the control of certain Russian criminal organizations or entities in that country who want to generate visits to websites that many people might not actually want to visit, including pornographic types.
As to what to do if those pop-up ads appear, the quick answer is to never, ever click on them. Instead, do what’s called a hard shutdown cutting off power to the PC immediately and then waiting a couple of seconds and then rebooting it and ordering a disk scan for consistency in order to ensure that the download was interrupted.
For a list of Zlob Removal Tools click here.