Posted 10 July 2009 - 08:56 AM
Hi, recently, I have been having some slight computer problems. I went do a certain website and was told:
"Your computer (IP: 126.96.36.199) generates an attacking DOS requests at our servers. This attack was provoked by the spyware/virus named 'Troj/Rustok-N'
We cannot provide you with an access to our content for browsing purposes as it will lead to the inevitable crush of our website.
We strongly recommend you to run your antivirus edition and, if necessary, check it for the latest updates available.
You may also download recommended software, which has been approved by a number of our surfers who encountered the same problem and used this software to overcome it.
Make sure your computer is protected before continue browsing. Without this antivirus software your computer becomes a pushover for hackers.
Leaving computer unprotected may lead to:
- Computer performance slowdown and operating system crash
- Serious drop of traffic caused by hidden advertising
- Leak of personal and credit card information
- The inappropriate use of your personal photos by web sites
- Using you machine as a source for spam spreading
- Infection spreading to other removable devices such as memory cards, writable CD and DVD disks
- Getting your cell phone infected through USB. The first sign of infection in your cell phone device will appear as sms-messages sent to paid numbers
Make sure you use effective antivirus software. We recommend you to check your computer right now and the software that have already helped thousands of our visitors.
We apologize for the inconvenience, and hope we'll see you again on www.redtube.com
Find more comments on the software at: aumhaphpbb.com"
I did download it, stupidly, but quickly uninstalled that program and used CCleaner to remove any file extents related to it. I have MBAM, but it does not launch at all, and some other programs can't update/launch to remove this trojan. For any other info, just ask, please help me get my computer back asap.
(Fake Edit): I have also realized that explorer.exe, the user is running under "Alex" (mine login name) and not SYSTEM like any other SYSTEM programs should.