HOW TO....

How to remove Dropped:Trojan.Zlob.CND

The Trojan.Zlob malware family is usually responsible for spreading rogue security software to infected computers. It is installed as a BHO (Browser Helper Object) and downloads another e-threat, detected by BitDefender as Trojan.Zlob.CND.

This one, in turn, downloads rogue
antiviruses like VirusHeat or AntivirusXP versions.

In order to remove the BHO please follow
the steps below:

  1. Start Autoruns
  2. Browse to the Internet Explorer tab

Look for entries like “Xena
toolbarModule” which leads to Dynamic-link Libraries named: dadef.dll, idef.dll, ipol.dll,
conio.dll, dapol.dll, nada64.dll, opus64.dll, codef.dll, copol.dll etc located
in %windir%system32.

  1. Close all instances of
    Internet Explorer
  2. Delete the entries from
    Autoruns (write them down for the next step)
  3. Delete the files from the
    hard disk (if you can’t do this, go back to step 2)


Information in
this article is available courtesy of BitDefender Virus Researchers: Daniel
Chipiristeanu and Laura Boeriu

Additional notes: this guide is intended
for any type of user as long as they follow the exact steps described above.
Any damage done to your system as a result of following this guide is your
responsibility. cannot guarantee a successful removal for any
threat version described above.