Worm: Lsas.Blaster.keylogr

View previous topic View next topic Go down

Worm: Lsas.Blaster.keylogr

Post by RonSiegel on Sat Jul 11, 2009 2:57 pm

I'm a new member, so please forgive my mistakes. I am trying to help my daughter and son-in-law -- who are not very knowledgeable about their computer. It is a Dell desktop system, running Windows XP (Home Edition). Their ISP is AOL and they've been using only the security suite that is included with their AOL membership.
(They tell me that...) As they were net-surfing last night, they began to get many pop-ups that seemed to be trying to frighten them into buying a spyware & malware remover -- which they did buy (from AOL for $79), download and install. This morning, they're experiencing scare-tactic pop-ups AGAIN -- and they're blocked in their attempts to get online.
I've asked them what the Pop-Ups say, and my daughter tells me that there are several -- and they keep popping open and closed (and are quickly replaced by more), so she is having trouble giving me a word-for-word version of their messages.
My daughter also told me that, "at the bottom of my screen is something about Lsas.Blaster.keylogr " Apparently this ISN'T a pop-up (or at least it's not popping in and out like the rest).
MY system (if this makes any difference) is a Gateway desktop running Windows XP. I'm online with a cable modem and my ISP is Comcast. Will you please advise ME on how I can perhaps help THEM? Thanks!

RonSiegel
Beginner
Beginner

Status :
Online
Offline

Posts : 3
Joined : 2009-07-11
OS : XP

View user profile

Back to top Go down

Re: Worm: Lsas.Blaster.keylogr

Post by Belahzur on Sat Jul 11, 2009 4:41 pm

We need a Hijack This log from the infected machine before we can do anything.

Please download the current version of HijackThis from [You must be registered and logged in to see this link.]

  • Double click and run the installer.
  • It will install to C:\Program Files\Trend Micro\HijackThis\hijackthis.exe
  • After installing, you should get the user agreement, press accept and Hijack This will run.
  • Select Do a system scan and save a log file. This will open a notepad file of everything Hijack This found, copy and paste it back here.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Worm: Lsas.Blaster.keylogr

Post by RonSiegel on Sun Jul 12, 2009 1:06 am

Thank You! Since my daughter's computer cannot access the internet - even for her e-mail - I have put HJTInstall.exe on a floppy and will give it to her tomorrow morning. Tomorrow evening I will phone and walk her through installing and running HighJack This. She will make a copy of the logfile that it creates and drive here on Monday to give me that copy. I will then immediately cut-and-paste, and send it to you ASAP. So please be aware that it may be Monday evening or Tuesday before I'll be able to send you the copy of the logfile. Thanks for your Patience!

RonSiegel
Beginner
Beginner

Status :
Online
Offline

Posts : 3
Joined : 2009-07-11
OS : XP

View user profile

Back to top Go down

Re: Worm: Lsas.Blaster.keylogr

Post by Belahzur on Sun Jul 12, 2009 1:09 am

Okay, just post the logfile so the topic gets bumped up, otherwise I won't notice it. Smile


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Worm: Lsas.Blaster.keylogr

Post by RonSiegel on Sun Jul 12, 2009 11:27 pm

Dear Belahzur -
My daughter's husband's brother thinks that he can fix this computer problem. Her husband wants to give his brother a chance to succeed at that before "putting things in my hands". So-o-o-o, I'll happily let him Take It From Here. Thanks for your willingness to help. Be assured that I'll be back for your help if that want my (our) participation. Thanks again, Ron Siegel

RonSiegel
Beginner
Beginner

Status :
Online
Offline

Posts : 3
Joined : 2009-07-11
OS : XP

View user profile

Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum