TechSpot

How to delete rofl.sys?

By Kelly Marie
Nov 18, 2005
  1. Hi, I've tried to delete c:\\WINDOWS\system32\rofl.sys trojan and I've had no luck. I ran a housecall, an AVG, a panda scan... tons of stuff. It just won't go away. I attached my log file, although I'm not too sure what it even means.
    Thanks in advance if someone can help me.
     
  2. RealBlackStuff

    RealBlackStuff TS Rookie Posts: 6,503

    C:\Documents and Settings\Kelly Dingman\Local Settings\Temp\Temporary Directory 2 for hijackthis.zip\HijackThis.exe
    Put HijackThis in e.g. C:\Program Files\HJT and NOT in Temp or on the Desktop!.

    First Read: Only use these HJT-instructions when asked!
    /P/ Process needs to be stopped
    /S/ Service needs to be stopped
    /U/ UNinstall anything to do with this
    Transfer the text from between these dotted lines underneath to between the dotted lines of that post.
    Make sure to follow ALL instructions in SEQUENCE, and in HiJackThis tick/fix ALL lines indicated here!
    ...................................................................................................
    /P/U/ O4 - HKLM\..\Run: [TonsAxisExtraLong] C:\Documents and Settings\All Users\Application Data\Base Proc Tons Axis\keep mpeg.exe
    /P/ O4 - HKLM\..\Run: [Microsoft Update 64 BIT] wininit32.exe
    /S/ O4 - HKLM\..\RunServices: [Microsoft Update 64 BIT] wininit32.exe
    /P/U/ O4 - HKCU\..\Run: [dupephone] C:\DOCUME~1\KELLYD~1\APPLIC~1\PLUSMA~1\Wave Time.exe
    O4 - Global Startup: BTTray.lnk = ?
    O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
    Tick/Fix ALL your O16 - DPF: entries
    O20 - Winlogon Notify: awvvs - awvvs.dll (file missing)
    O20 - Winlogon Notify: iexplore - g11ml.dll (file missing)
    O20 - Winlogon Notify: jkkjj - C:\WINDOWS\System32\jkkjj.dll (file missing)
    O20 - Winlogon Notify: vtutq - C:\WINDOWS\System32\vtutq.dll (file missing)
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
    O21 - SSODL: HE0AIHCF - {47881F66-6E09-6CDA-27E9-2926435E3B5E} - C:\WINDOWS\System32\Mpopdl32.dll (file missing)
    O23 - Service: AOL Instant Messanger (AIM) - Unknown owner - C:\WINDOWS\aim.exe (file missing)
    O23 - Service: Microsoft Client Agent Service (Microsoft Client Agent) - Unknown owner - C:\WINDOWS\msclient.exe (file missing)
    ...................................................................................................

    STOP using that crappy IE (other than for Windows-updates)
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...