We had relatives over for the holidays, and I let them use my laptop to check e-mail, etc (mainly so my little cousin could play his flash games). Didn't think much of it, and didn't keep taps on what people were doing.
Last night, when I booted up, the first thing that popped up was a program I never saw before, called 'SpyAxe'. It appeared to be an anti-spyware / adware program, and started a scan. I already had spybot installed, so.. no biggie, went to add / remove programs and uninstalled it.
Later that night, I rebooted, and to my suprise, found the program still installed. I uninstalled again and restarted. A few minutes after boot up, the program was back. Now believing it was adware, I ran spybot, updated and performed a full scan. It picked up Spyaxe and 3 or so other things. hit fix and restarted.
It came back again. A little worried now, I performed the uninstalled, verified that its directory under program files was gone, then did a modified date serach and found its setup files under Docs and settings \ Local settings \ Temp. deleted those, and restarted system.
within minutes, spyaxe had reinstalled itself. did a quick search again and found its install file back in the same place. Now, convinced i was dealing with a trojan, fired up AntiVir, updated and ran a full scan. It detected nothing. A little worried now, i downloaded NetLimiter to see if I can pick up anything. Nothing showed up there either.
Did a quick google search, and found the tool "SmitRem" downloaded and ran that, but besides reverting me to classic windows theme, it didn't do anything.
After that, It was nearly 2am, and I had work early this morning, so I couldn't deal with it anymore.
I did a little searching this morning at work, and found that it is indeed a trojan named 'Zlob.cy' but i'm lost as to why it wasn't detected by AntiVir. I'm planning to put back my old copy of Norton that came with the laptop and see if that's able to detect it.
Has anybody had this before? are there other steps I can try in case norton fails?
Thanks
Last night, when I booted up, the first thing that popped up was a program I never saw before, called 'SpyAxe'. It appeared to be an anti-spyware / adware program, and started a scan. I already had spybot installed, so.. no biggie, went to add / remove programs and uninstalled it.
Later that night, I rebooted, and to my suprise, found the program still installed. I uninstalled again and restarted. A few minutes after boot up, the program was back. Now believing it was adware, I ran spybot, updated and performed a full scan. It picked up Spyaxe and 3 or so other things. hit fix and restarted.
It came back again. A little worried now, I performed the uninstalled, verified that its directory under program files was gone, then did a modified date serach and found its setup files under Docs and settings \ Local settings \ Temp. deleted those, and restarted system.
within minutes, spyaxe had reinstalled itself. did a quick search again and found its install file back in the same place. Now, convinced i was dealing with a trojan, fired up AntiVir, updated and ran a full scan. It detected nothing. A little worried now, i downloaded NetLimiter to see if I can pick up anything. Nothing showed up there either.
Did a quick google search, and found the tool "SmitRem" downloaded and ran that, but besides reverting me to classic windows theme, it didn't do anything.
After that, It was nearly 2am, and I had work early this morning, so I couldn't deal with it anymore.
I did a little searching this morning at work, and found that it is indeed a trojan named 'Zlob.cy' but i'm lost as to why it wasn't detected by AntiVir. I'm planning to put back my old copy of Norton that came with the laptop and see if that's able to detect it.
Has anybody had this before? are there other steps I can try in case norton fails?
Thanks
Facebook
Twitter