Multiple IExplore instances badly need help

[howard_hopkinso]

The LZX32.sys file does indeed belong to the Rustock rootkit family and is probably the reason for your BSOD problems. The Rustock removal tool should have got rid of it.

See how your system runs and post back if you continue to have problems.

Regards Howard

This thread is for the use of santoshakhilesh only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[santoshakhilesh]

So you mean I am infected with this? and the tool couldnt delete it ?
Is this the problem of my not going to Safe mode.
Is there any solution or I just need to reinstall the OS ?

Thanks anyways , You have been great help man , Just dont have words to explain my feelings. If ever in India just give me a call (ask me the no cant post for all ;-)), It would be pleasure meeting you.

 

[howard_hopkinso]

It seems you`re in some doubt as to whether the removal tool has got rid of the rootkit infection. So, just to make doubly sure, download and run this TOOL. let me know the results.

Regards Howard

This thread is for the use of santoshakhilesh only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[santoshakhilesh]

Yes this is exactly my doubt. I ran the tool and got following result.

How about safe mode problem? Is there any way to fix it or I just need to live with having no such option ?

 

[howard_hopkinso]

That log looks fine, so I assume your rootkit infection has gone.

Does your computer still reboot when you try and enter safe mode? If so, try the following

Right click my computer and select properties. Click the Advanced tab and under startup and recovery, click the settings button. Untick the box next to where it says Automatically Restart. Also, make sure that under write debugging information it is set to Small Memory Dump(64K) and that the overwrite existing file box is unchecked. Click ok/apply/ok

Now try booting into safe mode and let me know the results.

Look in this folder and attach any minidump fils that are there C:\windows\minidump folder.

Regards Howard

This thread is for the use of santoshakhilesh only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[santoshakhilesh]

Yes Indeed I still cant login in safe mode.

I tried your way but didnot get any dump under specified folder.

 

[howard_hopkinso]

Ok, try doing a Windows repair as per this thread HERE.

Let me know the results please.

Regards Howard

This thread is for the use of santoshakhilesh only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[santoshakhilesh]

Now I have no Windows XP CD handy ,I will arrange it from some of my friends and follow the steps and then let you know. Please bear with me till then.

Any way thanks for all the help and my initial problem is solved.

Hope you are doing well with your health.

Thanks a lot and Regards,
Santosh Akhilesh

 

[santoshakhilesh]

Query about rootkit

Dear Howard,

I have a strange feeling that I still may not be free from rootkit virus.

If you remember when I first ran the tool and rebooted it tried to delete LZX32.sys

Then you asked me to run the tool again as I was not aware of the .sys file exactly.

I did the same and again when I rebooted and it again tried to delete the LZX32.sys file.

Why this happened second time ? as it should have been deleted first time itself and second time it wouldnot have found this file.

So does it mean this file still exist in my system , I tried to search it on my PC but I didn't find.

But these virus are very starnge and they may be knowing how to hide from search.

What do you think about it ?

Regards,
Santosh Akhilesh

 

[howard_hopkinso]

All I can suggest at this stage is you run this removal tool again and let me know if it still finds the rootkit. If it does and can`t delete it, it`s possible you have a new variant of the rootkit and only a reformat will get rid of it.

Download a fresh copy, as there may have been updates added.

Go HERE and follow the instructions for the Rustock rootkit removal

Let me know the results please.

Regards Howard

This thread is for the use of santoshakhilesh only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[santoshakhilesh]

I am new to this Computer stuff. I was just curious why do people write such malicious piece of code and infect others ? What do they get by doing this ?

Someone pays them ? Do antivirus companies do these themselver secretly else who will buy such things ?

I am kind annoyed so I am writing this.

 

[howard_hopkinso]

I don`t blame you for being annoyed.

Take a look HERE and HERE for info on the why`s and wherefore`s of virus writers.

Personally, I`d like to shoot the bloody lot of them.

Regards Howard

This thread is for the use of santoshakhilesh only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[santoshakhilesh]

But at the flip side if they are not there we would never had such a wonderful forum. So as long as there are people like u we can be saved of hackers , crackers whatever they call them.

How about windows vista I heard it has no such problems except some speech software problem.

but to install vista I ineed to buy a new piece of h/w which I cant afford now.

 

[howard_hopkinso]

How about windows vista I heard it has no such problems except some speech software problem.

I`m not sure what the position is with Vista, but I doubt very much that it will be immune to the virus writers.

What were the results of the rootkit scan?

Regards Howard

This thread is for the use of santoshakhilesh only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[santoshakhilesh]

The rootkit scan again tried to delete the file while bootup so I feel there is sthg wrong and I may need to reformat. However I am not finding any issue in running my system.

 

[howard_hopkinso]

Lets try this. Download the AVG Anti-Rootkit programme.

Run a scan and post the results of what it finds, if anything and where it finds it.

Regards Howard

This thread is for the use of santoshakhilesh only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[santoshakhilesh]

Windows time change after restart

Hi ,

I have a typical problem with my system (Windows XP Home Edition), Whenever I restart my machine my system time changes lagging by some hours.

Is there any any to find why and if any known fixes.

Regards,
Santosh

 

[howard_hopkinso]

That sounds like you need to replace your cmos battery.

See HERE for info.

Regards Howard

This thread is for the use of santoshakhilesh only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[santoshakhilesh]

Thanks , But what if I dont change it am I going to face more problems ?
I dont know how do I locate it. I have an Acer 3000 series laptop.

 

[howard_hopkinso]

If it`s a failing cmos battery that`s causing your problems and you don`t change it, then of course the problems only going to get worse.

Your best bet is to contact Acer and see what they say.

Regards Howard

This thread is for the use of santoshakhilesh only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.