By jools182 ยท 9 replies
Jul 26, 2006
  1. Hi

    Apologies if this has been asked before, I'm new here!

    I had a popup from Norton on the 28th June 2006 telling me that I had a hacktool.rootkit attack on my machine.

    Norton couldn't fix it so I just put it in quarantine. Since then the computer has become a lot slower and the fan on the processor is on full blast when starting up or connecting to the internet. Its also very slow on connecting to the net

    I had a bit of a surf and found that most people with this kind of attack had Norton installed, so I have since changed to Panda Titanium, I have also installed PC tools Spyware Doctor

    I have done the Lavasoft and Spybot thing, but my machine is still a lot slower than it was and the processor does get hot a lot more than it used to. I only ever used to notice the fan coming on when I was playing a game, but now it does it a lot.

    Do you have any suggestions? I'm not too hot on computer literacy, so please be patient

  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    Go HERE and follow the instructions.

    If that doesn`t help there is a programme called Unhackme that claims to get rid of rootkit infections. I cannot vouch for this programmes effectiveness, but it may be worth a try. http://www.greatis.com/unhackme.zip

    If none of the above helps, then backing up your important data and reformatting the hard drive, maybe the only way to get rid of the rookit infection you have.

    Regards Howard :wave: :wave:
  3. jools182

    jools182 TS Enthusiast Topic Starter Posts: 104


    I tried the first link, and then the download suggested on the first link but got this message

    Pattern file "LPT$VPN.*" is missing. Please download a copy

    Not sure where I should get it or what it is!

    Also not sure what a HJT scan is!

    Sorry for being slow!
  4. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Read the instructions HERE. It explains where to get the pattern file.

    HJT won`t do anything against a rootkit infection.

    However, if you manage to get rid of the rootkit, then go and read this thread HERE.

    Then, post a HJT log as a .txt attachment.

    Regards Howard :)
  5. jools182

    jools182 TS Enthusiast Topic Starter Posts: 104

    HJT log


    i have tried the anti virus/spybot/search and destroy advice

    could someone look at my HJT log and see if there is anything suspicious as my computer is still being strange

  6. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    There`s nothing particularly nasty in your HJT log.

    Before I start telling you what you can get rid of, I`d like to know if your rootkit problem has gone?

    I have merged your new thread into this one.

    Regards Howard :)
  7. jools182

    jools182 TS Enthusiast Topic Starter Posts: 104

    Thanks Howard

    The machine still seems slow, and is pausing quite a bit on start-up.

    Still getting the fan running on full when I start up, then when I connect to the internet and then intermittently when not really doing much on the PC

    this is how the machine has been since I had the hacktool.rootkit pop up from Norton, and it doesn't seem to have got any better
  8. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Im sorry to hear you`re still having major problems.

    Rootkits are notoriously bad and very difficult to get rid of completely.

    I honestly think, you`d be better off backing up your important data and doing a reformat and reinstall. At least you`d know the rootkit would be gone.

    As I said, I can`t see anything in your HJT log that would account for the problems you`re having. Sure there are one or two things we could get rid of, but I doubt very much whether it would solve your problem.

    Regards Howard :(
  9. jools182

    jools182 TS Enthusiast Topic Starter Posts: 104

    Thanks for your help Howard

    If I do a backup and reinstall, would the infection not just be transferred from my back-up files back to the PC?

    Could you also tell me whats worth deleting from my HJT log just so I can try and see if it makes any difference. I would like my machine to be as clean as possible!

  10. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Backing up your important data should be ok. The rootkit is embedded in your registry and shouldn`t cause a problem once you`ve reformatted the drive.

    There`s no point in trying to use HJT to clean your system. There`s nothing in your HJT log that would cause the problems you are having.

    Since doing a format will remove evrything from your hard drive, it`s pointless using HJT to get rid of anything.

    The fact is, most rootkit infections can only be got rid of by reformating the hard drive. I realise this isn`t what you want to hear, but it really is the best way forward.

    Regards Howard :)

    This thread is for the use of jools182 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...