I found some mal-ware on an XPsp2 machine called sinuzuta.dll. Avast did not catch this. Has anyone heard of it and if so is there anyway to get rid of it? I have tried running through the registry deleting every instance that I find but it replicates on reboot.
http://www.prevx.com/filenames/390937124965927120-X1/SINUZUTA.DLL.html
Try this
MBAM http://filehippo.com/download_malwarebytes_anti_malware/
update and run quick scan, click the button “remove selected” to quarantine anything found
SAS http://filehippo.com/download_superantispyware/
Are cookies really spyware and are they dangerous?
http://www.superantispyware.com/supportfaqdisplay.html?faq=26
come back and post scan logs here
And update your WinXP to SP3. A total of 1,174 fixes have been included in SP3. when released in 2008 + all later fixes
cool thx will give it a go.
Hi Mortanus,
The filename SINUZUTA.DLL was last seen on 01.16.2009, and it is considered unsafe.
Threat name
Win32.X
Filename
[System32Root]\sinuzuta.dll
Filesize
Unknown
Last seen
01.16.2009
Status
Known as unsafe.
This file can perform following behavior.
- Usualy created by unsafe process.
- Registered as a Dynamic Link Library File.
- Usualy have random filename and refers to many versions of a dynamic link library.
- Can be injected/attached to the legitimate Windows process such as explorer.exe or other,SINUZUTA.DLL Language: English
Infected Platform: Windows 98, ME, NT, 2000, XP, Server 2003;
MD5 : ge38993lgi657vrf38993sadf7438krc3899334fd38993;
Update Time:2009-1-20 15:56:52;
Infected Times:389935
SINUZUTA.DLL File type: PE5SINUZUTA.DLL remove instruction
-
Temporarily Disable System Restore, Reboot computer in SafeMode;
-
Locate SINUZUTA.DLL virus files and uninstall SINUZUTA.DLL files program. Follow the screen step-by-step screen instructions to complete uninstallation of SINUZUTA.DLL.
-
Delete/Modify any values added to the registry related with SINUZUTA.DLL,Exit registry editor and restart the computer;
-
Clean/delete all SINUZUTA.DLLinfected file(s):SINUZUTA.DLL and related,or rename SINUZUTA.DLL virus files;
-
Please delete all your IE temp files with SINUZUTA.DLL manually,
run a whole scan with antimalware program like MBAM and/or SAS;
polonus