My HJT Log - Have Had Some Troubles

Status
Not open for further replies.
L

LuK3

Posts: 11   +0
Please Tell Me If I Am Infected, I Followed Some Instructions And Scanned With KaperSky (I Have Report) And I Downloaded Look2Me - Destroyer And Followed The Instructions :D Please Help Me :p
 
Hello and welcome to Techspot.

Your version of HJT is out of date.

Go HERE and follow the instructions exactly.

Post a fresh HJT log, only after doing the above.

Regards Howard :wave: :wave:
 
Thanks Howard. I've had a few problems along the way, but I think it's all done now. could you please take a look again? :)
 
I've helped Luk3 with problems installing files and did some scans (hence the instance of sessmgr.exe). If there's anything major left in the log, it's probably my fault. It's pretty reasonable now though, but I got the logs posted here just for a double check for his own peace of mind. :) Feel free to pick me up if I've missed something - it is late at night here right now after all ;)

edit: I should probably add that the antivirus and firewall issue (lack of) has been taken under advisement, and rock.exe was not present in the windows or system32 folder, nor was it detected by ewido or kaspersky as being nasty.
 
Well done. Your system is almost clean.

Boot into safe mode. See how HERE. http://www.bleepingcomputer.com/forums/tutorial61.html

Turn off system restore.(XP/ME only) See how HERE. http://www.bleepingcomputer.com/forums/tutorial56.html

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE. http://www.bleepingcomputer.com/forums/tutorial62.html

Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

Click on the processes tab and end process for(if there).

rock.exe

Close task manager.

Run HJT with no other programmes open. Have HJT fix the following, by placing a tick in the little box next to(if there).

O4 - HKLM\..\Run: [rock] rock.exe

Click on the fix checked button.

Close HJT.

Locate and delete the following bold file.

rock.exe

Reboot into normal mode and turn system restore back on.

Regards Howard :)
 
That's cool. I didn't recognise the file as a trojan (not seen that one before), and it wasn't detected, so after checking the usual places I left it there just in case it was part of a legit program and assumed someone such as yourself might know better it if it was malware. Plus it's exceedingly late, it was all RA, and I'm tired. (Thats my excuse, and I'm sticking to it! lol)

Thanks Howard - much appreciated for that, as no doubt Luk3 will be when he checks back :)
 
It`s actually, well according to Symantec anyway, a worm by the name of VBS.Slip@mm.

See HERE for more info. It`s the seventh entry from the bottom of the list.

Regards Howard :)
 
Spike said:
Thanks. :) The one obvious location I didn't check too. lol. That's all-nighters for you! :blush: :blush:
Click to expand...

Yeah, I know the feeling mate lol.

I`ll get some sleep myself, one of these days.

Thanks for the pm BTW.

Regards Howard :)
 
Thanks Spike and Howard For All Your Help. I Followed Your Instructions And Here Is My HJT Log, Hopefully I Am 100% Clean :D
 
Status
Not open for further replies.

Similar threads

E
I have been taken over by a software called Astanda using XML to Log everything and roaming to an SQL server.
Replies
0
Views
474
eriksnyman1
E
orangeshadow
Games lag and freeze in 15-20 minute intervals.
Replies
0
Views
463
orangeshadow
orangeshadow
J
Inactive Admin rights are revoked
Replies
18
Views
2K
Broni
Broni

Latest posts

Back