Posted 12 May 2006 - 10:57 AM
The other day I encountered a problem browsing the internet with Firefox, some applet or something wasn't running, so I copied the URL into IE, which worked fine. A few minutes later my anti-virus and anti-spyware programs started going crazy and flashing, warning me about things trying to lower internet security settings or just general malware and stuff they'd found on my PC.
I opened up Microsoft anti-spyware and ran a full system scan, it found a trojan virus named 'Zlob', so I removed it. The warnings persisted so I scanned again and found the same trojan, so I was a little unnerved. I searched on google for guides on how to remove it, of which I found a few.
So I turned off system restore, booted my PC in safe mode, opened up NOD32 and performed as in depth a scan as the software allows and deleted everything it found (of course checking it wasn't a system critical file).
Now, back in normal mode, the warnings have cut down a lot, but according to Microsoft Anti-spyware something is still trying to lower my internet security settings every 20 minutes, so I have to keep clicking 'block'. I'm pretty sure it's not spreading and has been well contained, but I hate the thought of there being stuff like this on my PC.
A rootkit revealer scan found some suspicious stuff, what do you make of this:
C:\Documents and Settings\Tom Pankovas\Local Settings\Temporary Internet Files\Content.IE5\ARWT0T83\B1856767.4;sz=234x60;ord=554893543