Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Trojan.Agent?

Started by jkenzie , Apr 04 2009 10:12 PM

Please log in to reply

#1
jkenzie

Posted 04 April 2009 - 10:12 PM

New Member

Member
1 posts

Since last evening, I’ve been hit by several Trojans.
Win32/Cryptor
PSW.Generic7.BSO
Downloader.Zlob_r.EX
Constructor.DER

I have been able to remove most of them but there is something still on my system that keeps returning. There is a .DLL file in my Windows root that has a dynamic name every time the infection comes back. It’s currently calling itself ilegarorohugewu.dll. This is related to a registry entry
O4 - HKLM\..\Run: [Rselixudumos] rundll32.exe "C:\WINDOWS\ilegarorohugewu.dll",e
Anyone have a clue what this is and how I can get rid of it.
Malwarebites is the only scanner that sees it but it always comes back after reboot. MB is calling it Trojan.Agent but I can’t find what is loading it back everytime.
I’m still getting an occasional search engine redirect

John