Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Still being re-directed-Infected?


  • Please log in to reply
No replies to this topic

#1 doughboy1

doughboy1

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:01:10 PM

Posted 26 December 2009 - 02:32 PM

I seemed to have previously fixed the re-direct issue. This time it doesn't seem as bad as I get re-directed once at most. Beofre posting a HJT log I see something in the registry (HJT log) that seems odd.
Here it is:
O4 - HKLM\..\Run: [Mjulav] rundll32.exe "C:\WINDOWS\ituziwesi.dll",Startup

Should I delete this? I ran it thru a HJT analyzer and it said it was highly suspicious.

On a side note, I have Avira and get a fair number of threats and delete or deny them.
Such as:Virus or unwanted program 'TR/Drop.HDrop.AM.1 [trojan]'
detected in file 'C:\WINDOWS\Temp\~TMF2.tmp.
Action performed: Delete file
Virus or unwanted program 'JS/Gord.A.1 [virus]'
detected in file 'C:\Documents and Settings\Name\Local Settings\Application Data\{65CB0CBB-C3A9-4CD0-A95C-41FD3DC846B8}\chrome\content\overlay.xul.
Action performed: Delete file
Virus or unwanted program 'TR/Trash.Gen [trojan]'
detected in file 'C:\System Volume Information\_restore{56DC03FC-B660-48B1-9E78-E802C4FAE875}\RP435\A0048939.dll.
Action performed: Deny access
I don't remember ever getting as many threats, so I figure something is off
Many thanks for the help
BTW, when I get these in the futuere should I deny access or Delete File?

BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users