Solved: Lsas Blaster Keyloger - Page 2

SSSSage · 28-Nov-2009, 05:47 AM **#16**

Quote:

Originally Posted by cybertech

How it the machine now?

Hi cybertech,

Machine is running slower than usual and when I go to shutdown I get message that io device manager is not responding. I have to click end task before it shuts down. Thanks so much for your assistance. I removed malwarebytes and all the programs except for avg before I ran combofix. I did disable resident shield in avg.

Thanks

Sage

SSSSage · 29-Nov-2009, 10:22 AM **#17**

iexplore.exe
Assert in LSP
g_socket_data.Lookup(s)--0

capture\lsp\nolsp\wsp_patch.cpp.1313

cybertech · 29-Nov-2009, 07:12 PM **#18**

Follow these steps to uninstall Combofix and tools used in the removal of malware

Click START then RUN
Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.

I would suggest removing programs to see if you can get back to something that works.

I suggest removing these:
All Google stuff
WeatherBug
WildTangent

Disable these with msconfig:
ALCMTR.EXE
KernelFaultCheck
Adobe Reader Speed Launcher
mbam.exe or SUPERAntiSpyware

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application. Beware it is NOT supported for use in 9x or ME and probably will not install in those systems

Upgrading Java:

Download the latest version of Java SE Runtime Environment JRE 6 Update 17.
Click the "Download" button to the right.
Select your Platform and check the box that says: " I agree to the Java SE Runtime Environment 6u17 with JavaFX 1 License Agreement".
Click on Continue.
Click on the link to download Windows Offline Installation (jre-6u17-windows-i586.exe) and save it to your desktop. Do NOT use the Sun Download Manager..
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
Check any item with Java Runtime Environment (JRE or J2SE) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java version.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on the download to install the newest version. (Vista users, right click on the jre-6u17windows-i586.exe and select "Run as an Administrator.")

As for the last error have a look here:
http://www.winvistatips.com/assert-lsp-t320713.html

Removing the Google stuff should take care of that.

SSSSage · 30-Nov-2009, 05:31 AM **#19**

hey Cybertech

puter cannot find combofix although it is sitting on my desktop. browsing found the log but that's all. Even worse puter cannot find msconfig <sigh>

cybertech · 30-Nov-2009, 08:45 AM **#20**

Delete the version of Combofix you have on your desktop and download it again then try the removal.

SSSSage · 30-Nov-2009, 02:40 PM **#21**

still didn't work

cybertech · 30-Nov-2009, 07:12 PM **#22**

Download OTC. Save this application on your desktop. Once downloaded Double click on the OTC.exe. This should remove most malware tools you downloaded. A restart will be required.

SSSSage · 02-Dec-2009, 09:40 AM **#23**

Hi Cybertech,

I believe I see something running in the background when I shutdown. It just flashes briefly but there is something there.
Thanks
Sage

cybertech · 02-Dec-2009, 10:23 AM **#24**

Ok thanks for the update.

SSSSage · 04-Dec-2009, 07:18 AM **#25**

Is my machine clean now? 2 nights ago I had to manually shut down the computer, when I restarted ckdsk was running in dos? It was going so fast that I had a problem seeing what it was doing but I did see it deleted a file: play_something or other.

Thanks
Sage

cybertech · 04-Dec-2009, 03:48 PM **#26**

You can manually start a ckdsk. Did you do that?

SSSSage · 04-Dec-2009, 06:44 PM **#27**

no, I just had to turn the puter off manually because it froze up.

cybertech · 04-Dec-2009, 07:31 PM **#28**

Are you having hardware problems? Noise from your hard drive, fans, etc?
If not have you considered reloading the machine?

SSSSage · 04-Dec-2009, 11:20 PM **#29**

no hardware probs but really don't want to reload I suppose you mean run recovery?

I really don't want to I want to clean the machine up, if possible.

Thanks

Sage

cybertech · 05-Dec-2009, 05:41 PM **#30**

Download GMER Rootkit Scanner from here or here.

Ensure you have uninstalled any CD Emulation programs before you run GMER as outlined here

Extract the contents of the zipped file to desktop.
Double click GMER.exe.
If it gives you a warning about rootkit activity and asks if you want to run a full scan...click on NO, then use the following settings for a more complete scan..

Click the image to enlarge it
In the right panel, you will see several boxes that have been checked. Ensure the following are UNCHECKED ...
- Sections
- IAT/EAT
- Drives/Partition other than Systemdrive (typically C:\)
- Show All (don't miss this one)
Then click the Scan button & wait for it to finish.
Once done click on the [Save..] button, and in the File name area, type in "ark.txt"
Save it where you can easily find it, such as your desktop post it back here

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Tag Cloud
access acer asus batch bios bsod computer crash desktop driver drivers error ethernet excel freeze gaming hard drive hardware hdmi internet laptop malware memory modem monitor motherboard mouse network printer problem ram registry router slow software sound trojan ubuntu 11.10 uninstall usb video virus vista wifi windows windows 7 windows 7 32 bit windows 7 64 bit windows xp wireless

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Search
Search for:

Find the solution to yourcomputer problem!

Find the solution to your
computer problem!