Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with "Troj/Rustok-N"


  • This topic is locked This topic is locked
1 reply to this topic

#1 irish07

irish07

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:08:55 PM

Posted 03 February 2009 - 01:43 PM

RESOLVED. THANK YOU!



Hi, I've had a history with Spyware, but I have always kicked its ass, even when it took me hours to figure out. Yesterday I went on xvideos.com and was told I could not view videos because my computer is infected with "Troj/Rustok-N". My web browsers also appeared to be hijacked because I'd google a query, click a result, and be taken to a slew of different webpages.

I ran MBAM, SUPERAntiSpyware but the website told me I was still infected. I then moved up to ComboFix and this did in fact fix the problem. I can now view videos on that website. BUT, I did not run the recovery/backup module.

The problem is: I believe services for my IBM Thinkpad have been turned off. I can't use my hotkeys, nor am I getting my dispay when I turn the volume or monitor up or down. Some other programs related to school do not load when Windows starts. If I saw a list I would be able to recognize what to turn back on, but I'm not sure how to do this. msconfig doesn't appear to be edited.

Attached is a zip file with: Attach.txt (from DDS), DDS.txt (from DDS), hijackthis.log, and log.txt (from combofix).

Those programs, with the exception of ComboFix, were ran in SafeMode, Windows XP Tablet edition.

Thanks,

Irish


ORDER of programs ran:
Normal mode: MBAM, SAS, ComboFix
Safe mode: DDS, Hijackthis

Attached Files


Edited by irish07, 03 February 2009 - 02:24 PM.


BC AdBot (Login to Remove)

 


#2 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:09:55 AM

Posted 05 February 2009 - 05:07 AM

Thank you for notify us.. I will now close this topic.. Please pm any Moderator or HJT Team should you need to re-open this topic..


Regards
fenzodahl512

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users