HTML: RedirME-inf Trj

Sidebar Sidebar
mangaman

mangaman

Estimable
Jun 13, 2015
24
0
4,570
So after avast scanned my PC, it found a virus called HTML: RedirME-in Trj in chrome. I don't use chrome that much so I'm not sure where it came from. After deleting the virus, I rescanned my pc using avast, hitman pro and malwarebytes and came up clean. My question is how dangerous is this virus and how did it appear on my pc? It did not install anything on my computer and I don't see anything specious in the task manager running. Should I still be worried?

Edit: I should also mention that the HTML: RedirME-in Trj made no registry edits in the registry. Here are the registry that I checked

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit

Again found nothing suspicious.
 
Solution
androbourne
I'd say that's a false positive. The RunOnce is legit but is normally deleted once it has ran. It looks like it left items behind so Avast called it out as an infection, but it really is most likely not. You should be safe to remove the finding with Avast as according to the article below. It should have automatically removed the RunOnce entry after the application\installation of whatever program it was for was done processing.

Or you can tell Avast to simply ignore then. Then run some malware and adware scans just to be safe.

https://msdn.microsoft.com/en-us/library/windows/desktop/aa376977%28v=vs.85%29.aspx?f=255&MSPPError=-2147217396
Sort by date Sort by votes
androbourne

androbourne

Prominent
Jul 18, 2017
149
0
710
I'd say that's a false positive. The RunOnce is legit but is normally deleted once it has ran. It looks like it left items behind so Avast called it out as an infection, but it really is most likely not. You should be safe to remove the finding with Avast as according to the article below. It should have automatically removed the RunOnce entry after the application\installation of whatever program it was for was done processing.

Or you can tell Avast to simply ignore then. Then run some malware and adware scans just to be safe.

https://msdn.microsoft.com/en-us/library/windows/desktop/aa376977%28v=vs.85%29.aspx?f=255&MSPPError=-2147217396
 
Upvote 0 Downvote
Solution
mangaman

mangaman

Estimable
Jun 13, 2015
24
0
4,570


Thanks for the reply. I ran hitman pro as well as malwarebytes and came up clean. It was in the chrome directory and since I don't use chrome anymore, I let avast delete it as well as uninstalling chrome all together. It just spooked me, as I never download anything from suspicious sites. People on other sites have been saying that the HTML: RedirME-inf Trj is quite serious and can install itself on the host's computer. But as stated, I never found anything about it in the registry.
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

E
  • Question
Question Have you ever seen anything like this "RolledbackPlatformHealthData" turn up in the registry or events for Windows Defender?
Replies
2
Views
5K
Antivirus / Security / Privacy
Eric642
E
A
Question Relentlessly getting hacked :(
Replies
1
Views
3K
Laptop General Discussion
Boristheengineer
B
A
  • Question
Question Please, help to detect virus, BitDefender just blocks symptoms
Replies
2
Views
5K
Antivirus / Security / Privacy
AlexDzhus
A
Relicx
  • Locked
  • Solved
Solved! My laptop got a virus that disables access to any antivirus softwares
Replies
1
Views
3K
Laptop General Discussion
rgd1101
rgd1101
J
  • Solved
Solved! Had a virus and i THINK i solved it
Replies
1
Views
6K
Antivirus / Security / Privacy
COLGeek
COLGeek

TRENDING THREADS

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom