dxfazax.exe Trojan Virus
Published March 25, 2013 | 
Came across a virus today on a client machine that I couldn’t find any info on through Google, which is pretty unusual. Not sure if this is a new Trojan or just not well documented.
Customer called complaining of her “busy wheel” constantly spinning regardless of actions, though the computer appeared to perform as desired otherwise. She mentioned she had downloaded a .zip file and tried to open it before realizing it wasn’t actually a picture from a coworker. Ran through typical troubleshooting checking updates, drivers etc. and did some optimization but the problem continued.
Sat with a coworker and watched the system process list and noticed a process appearing momentarily and then disappearing labeled dxfazax.exe. Found the file, deleted it and watched it immediately reappear. Set it to run in ’95 compatibility mode and immediately the busy wheel disappeared. Ran MBam to confirm and found 12 trojans. Considering she only installed this file this am, I’m assuming this could have become much worse.
I’m no security expert and we’re not a firm focused on viruses, but I’m betting we start seeing more of this over the next 30 days or so.
