Troj/Rustok-N and WINBLUESOFT

  • Thread starter Thread starter GimmeShelter
  • Start date Start date
G

GimmeShelter

Hello,

I have both of the above unrelated malware/virus/whatever, and am in
quite a bit of trouble as a result. Are there any known solid prodecures for
removing these? I have Windows XP SP3. Thanks

P.S. the Trojan mention in the title is also known as DNSChanger/DNSHijacker
and 'redirect virus'.
'WINBLUESOFT' is a malicious, fake antivirus tool.
 
http://www.bleepingcomputer.com/forums/index.php?showtopic=229409&hl=DNSChanger

Can the system access security-related links or forums, such as the one
above ? BTW, the malwares *are* directly related.

IF the system is connected wirelessly via a router, than you may have to
disconnect from the router and use an ethernet cable to directly connect
to the modem. If that's the case, then the router itself is infected, too.

Strongly suggest you post to a reputable anti-malware forum for further
assistance:

http://www.atribune.org/forums/index.php?showforum=9
http://aumha.net/viewforum.php?f=30
http://www.bleepingcomputer.com/forums/forum22.html
http://www.dslreports.com/forum/cleanup
http://www.cybertechhelp.com/forums/forumdisplay.php?f=25
http://www.geekstogo.com/forum/Malware_Removal_HiJackThis_Logs_Go_Here-f37.html
http://gladiator-antivirus.com/forum/index.php?showforum=170
http://spywarehammer.com/simplemachinesforum/index.php?board=10.0
http://spywarewarrior.com/viewforum.php?f=5

*Please* read the guidelines of the forum of your choice prior to posting.


MowGreen
===============
*-343-* FDNY
Never Forgotten
===============
 
From: "GimmeShelter" <[email protected]>

| Hello,

| I have both of the above unrelated malware/virus/whatever, and am in
| quite a bit of trouble as a result. Are there any known solid prodecures for
| removing these? I have Windows XP SP3. Thanks

| P.S. the Trojan mention in the title is also known as DNSChanger/DNSHijacker
| and 'redirect virus'.
| 'WINBLUESOFT' is a malicious, fake antivirus tool.



Download and execute HiJack This! (HJT)
http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe

Then post the contents of the HJT log in your post with a full explanation of your problem
and what you have done to date in one of the below expert forums...

{ Please - Do NOT post the HJT Log here ! }

Forums where you can get expert advice for HiJack This! (HJT) Logs.

NOTE: Registration is REQUIRED in any of the below before posting a log

Suggested primary:
http://www.thespykiller.co.uk/index.php?board=3.0

Suggested secondary:
http://www.bleepingcomputer.com/forums/forum22.html
http://www.malwarebytes.org/forums/index.php?showforum=7

Suggested tertiary:
http://www.dslreports.com/forum/cleanup
http://www.cybertechhelp.com/forums/forumdisplay.php?f=25
http://www.atribune.org/forums/index.php?showforum=9
http://www.geekstogo.com/forum/Malware_Removal_HiJackThis_Logs_Go_Here-f37.html
http://gladiator-antivirus.com/forum/index.php?showforum=170
http://forum.networktechs.com/forumdisplay.php?f=130
http://forums.maddoktor2.com/index.php?showforum=17
http://www.spywarewarrior.com/viewforum.php?f=5
http://forums.spywareinfo.com/index.php?showforum=18
http://forums.techguy.org/f54-s.html
http://forums.tomcoyote.org/index.php?showforum=27
http://forums.subratam.org/index.php?showforum=7
http://www.5starsupport.com/ipboard/index.php?showforum=18
http://aumha.net/viewforum.php?f=30
http://makephpbb.com/phpbb/viewforum.php?f=2
http://forums.techguy.org/54-security/
http://forums.security-central.us/forumdisplay.php?f=13
 
GimmeShelter said:
I have both of the above unrelated malware/virus/whatever, and am in
quite a bit of trouble as a result. Are there any known solid prodecures for
removing these? I have Windows XP SP3. Thanks

P.S. the Trojan mention in the title is also known as DNSChanger/DNSHijacker
and 'redirect virus'.
'WINBLUESOFT' is a malicious, fake antivirus tool.
Click to expand...

The best procedure in this case is this:

http://technet.microsoft.com/en-us/library/cc512587.aspx

You don't know which other malware has been installed on your computer
by the trojan by now which will go may go completely undetected. You may
find instructions how to remove one virus or another but that won't help
you against additional malware which has been loaded by now.

If you want to use the computer in the future for anything where you
have to enter a password or some other information which you don't want
to get stolen, flatten the computer. Anything else is just playing with
the odds and probably a big waste of time, too...

Gerald
 
Back
Top