 Lzx32.sys |
Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
When posting your problem, do not run and post a ComboFix logs. ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. Any posts containing CF Logs will be ignored.
To receive help, you should instead provide a detailed description of your problem, detailed word-for-word error messages that you are receiving, screenshots of strange behaviour, and your operating system. This information is much more useful to our helpers than a ComboFix log.
  |
 Mar 24 2007, 03:20 PM
Post
#1
|
|
|
Member  Group: Members Posts: 25 Joined: 27-August 05 Member No.: 32,438  |
My laptop jumps to a blue screen about 1 minute after switching it on. A get a message 'A problem has been detected and windows has been shut down to prevent damage to your computer.' The technical information says: *** STOP: 0x0000008E (0xc0000005, 0xAA7885B3, 0xA93DOA20, 0x00000000) *** lzx32.sys - address AA7885B3 base at AA786000, dtestamp 45f5a5a0 The laptop doesn't have hijack this installed and I can't get it to work long enough to install it. Any help or advice would be much appreciated. |
 |
 
|
|
Mar 24 2007, 03:49 PM
Post
#2
|
|
|
Forum Addict Group: Members Posts: 3,935 Joined: 14-April 06 Member No.: 64,042 |
http://www.bleepingcomputer.com/startups/l....sys-15548.html
Can you get into safemode? What antimalware programs do you have installed and updated on your computer? |
|
|
|
|
Mar 24 2007, 03:52 PM
Post
#3
|
|
|
New Member Group: Members Posts: 6 Joined: 24-March 07 Member No.: 119,658 |
Lzx32.sys is a file associated with the Rustock.B Trojan.
http://www.symantec.com/security_response/...-99&tabid=2 You can reference this bleepingcomputer post BleepingComputer.com/Security/HJT Logs to aid in cleaning it off using http://www.uploads.ejvindh.net/rustbfix.exe or http://uploads.ejvindh.andymanchesta.com/Rustbfix.exe. Since you are unable to get into Windows normally without a blue screen, you'll need to download these files on a seperate computer, and burn them to a CD or save them to some other type of media. Then, try to log into your laptop in Safe Mode. Restart your computer After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually; Instead of Windows loading as normal, the Advanced Options Menu should appear; Select the first option, to run Windows in Safe Mode, then press Enter. Choose your usual account. If you aren't able to log into Safe Mode then post here so people can give you other suggestions on things to try. If you are, then run the fix programs while in safe mode, then restart your computer and see if that stops the blue screen problem. Afterwards I would suggest running HighJack This and posting the log in case you have anything else that needs to be cleaned off. |
|
|
|
|
Mar 25 2007, 07:26 AM
Post
#4
|
|
 Bleepin' Janitor Group: Global Moderator Posts: 18,900 Joined: 9-July 05 From: Virginia, USA Member No.: 26,513 |
I have split your HJT log away from this thread and moved it into the HJT forum.
You can find it here: http://www.bleepingcomputer.com/forums/topic86022.html Now that your log is posted there, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files on your own, etc.) unless advised by a HJT Team member. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make may cause confusion for the member assisting you and complicate the malware removal process. Please be patient and wait for a response from an HJT Team member. It may take a while to get a response because team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. While waiting, please DO NOT make another reply to your log until it has been responded to by a member of the HJT Team. Generally the staff checks the forum for postings that have no replies as this makes it easier for them to identify those who have not been helped. If you post another response, a team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond. -------------------- "THE BAD GUYS DON'T NEED A SEARCH WARRANT. ARE YOU PROTECTED?"
Microsoft MVP - Windows Security 2007-2010  Member of UNITE, Unified Network of Instructors and Trusted Eliminators |
|
|
|
|
Mar 25 2007, 12:55 PM
Post
#5
|
|
|
New Member Group: Members Posts: 6 Joined: 24-March 07 Member No.: 119,658 |
I'm glad to hear the RustBfix worked for that part of your problem. The HJT team will now be able to help you clean off anything else that might still be on your computer. Good luck to you.
|
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 9th February 2010 - 12:44 PM |
© 2003-2010 All Rights Reserved Bleeping Computer LLC.