MyCity » Ambulanta -> Arhiva Ambulante » KAKO SE RESITI lsass.exe?

KAKO SE RESITI lsass.exe?

Napisano na dan: 18.11.2008

Strana:
1
2

KAKO SE RESITI lsass.exe?

Pagination

Prethodna strana

Odgovori

Strana:
1
2

VULETICA Poslao: 20 Nov 2008 20:40 Idi na vrh
offline VULETICA Građanin Pridružio: 18 Nov 2008 Poruke: 45 Gde živiš: NEWCASTLE UPON TYNE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: mycity.rs/must-login.png evo cfs skript izvestaja ComboFix 08-11-19.08 - Owner 2008-11-20 19:12:45.3 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.441 [GMT 0:00] Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Owner\Desktop\CFSCRIPT.txt * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: c:\windows\system32\avkrokwp.dll c:\windows\system32\bjvaaqjm.dll c:\windows\system32\cuycqaef.dll c:\windows\system32\jefgoswj.dll c:\windows\system32\kciwqptl.dll c:\windows\system32\kUuCefii.ini c:\windows\system32\rlweuijo.dll c:\windows\system32\tidcxytu.dll c:\windows\system32\ttibivdw.dll c:\windows\system32\wvrlagoj.dll . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\avkrokwp.dll c:\windows\system32\bjvaaqjm.dll c:\windows\system32\cuycqaef.dll c:\windows\system32\jefgoswj.dll c:\windows\system32\kciwqptl.dll c:\windows\system32\kUuCefii.ini c:\windows\system32\rlweuijo.dll c:\windows\system32\tidcxytu.dll c:\windows\system32\ttibivdw.dll c:\windows\system32\wvrlagoj.dll . ((((((((((((((((((((((((( Files Created from 2008-10-20 to 2008-11-20 ))))))))))))))))))))))))))))))) . 2008-11-17 18:30 . 2008-11-17 18:30 <DIR> d-------- c:\documents and settings\All Users\Application Data\ESET 2008-11-16 20:22 . 2008-11-17 18:23 0 --a------ C:\log.tmp 2008-11-16 20:17 . 2008-11-16 20:17 <DIR> d-------- c:\program files\Ashampoo 2008-11-16 19:40 . 2008-11-16 19:40 <DIR> d-------- c:\documents and settings\All Users\Application Data\NortonInstaller 2008-11-16 12:18 . 2008-11-16 12:18 <DIR> d-------- c:\documents and settings\MIMI\Application Data\Ahead 2008-11-16 11:10 . 2008-11-16 11:10 <DIR> d-------- c:\program files\AVG 2008-11-16 08:42 . 2008-11-16 08:42 <DIR> d-------- c:\documents and settings\MIMI\Application Data\PC Tools 2008-11-15 22:58 . 2008-11-15 22:58 <DIR> d-------- c:\program files\Common Files\PC Tools 2008-11-15 22:51 . 2008-11-16 11:10 <DIR> d-------- c:\documents and settings\All Users\Application Data\Avg8 2008-11-12 22:34 . 2008-11-19 22:44 <DIR> d-------- c:\windows\system32\CatRoot2 2008-11-10 18:52 . 2008-11-10 18:52 <DIR> d-------- c:\documents and settings\Mama\Application Data\ScanSoft 2008-11-10 18:18 . 2008-11-10 18:18 <DIR> d-------- c:\documents and settings\Mama\Application Data\Sony 2008-11-07 22:18 . 2008-11-07 22:18 <DIR> d-------- c:\program files\Common Files\Gibinsoft Shared 2008-11-07 21:39 . 2008-11-07 22:18 <DIR> d-------- c:\program files\GiPo@Utilities 2008-11-07 21:38 . 2008-11-07 21:38 <DIR> d-------- c:\windows\Downloaded Installations 2008-11-06 21:41 . 2008-11-06 20:29 61,440 --a------ c:\windows\system32\flcss.exe 2008-11-05 12:00 . 2008-11-11 08:48 <DIR> d-------- c:\program files\Common Files\Symantec Shared 2008-11-05 11:59 . 2008-11-10 22:43 <DIR> d-------- c:\program files\Norton Security Scan 2008-11-05 11:17 . 2008-11-05 11:17 <DIR> d-------- c:\documents and settings\NetworkService\Application Data\EAST Technologies 2008-11-05 02:17 . 2008-11-05 02:17 <DIR> d-------- c:\documents and settings\Administrator\Application Data\EAST Technologies 2008-11-04 11:36 . 2007-04-27 17:54 40,960 --a------ c:\windows\exitwx.exe 2008-11-03 21:08 . 2008-11-03 21:08 <DIR> d-------- c:\documents and settings\Owner\Application Data\Publish Providers 2008-11-03 20:50 . 2008-11-03 20:50 <DIR> d-------- c:\documents and settings\Owner\Application Data\Sony 2008-11-03 20:46 . 2008-11-03 20:46 <DIR> d-------- c:\program files\Vstplugins 2008-11-03 20:44 . 2008-11-03 20:44 <DIR> d-------- c:\program files\Sony Setup 2008-11-02 21:22 . 2008-11-02 21:22 <DIR> d-------- c:\program files\Jfuse 2008-11-02 12:59 . 2008-11-02 12:59 <DIR> d-------- c:\documents and settings\Mama\Application Data\Corel 2008-11-02 12:37 . 2008-11-02 12:37 <DIR> d-------- c:\documents and settings\Mama\Application Data\iolo 2008-11-02 12:18 . 1996-09-06 08:02 960,000 --a------ c:\windows\system32\evysh7.dll 2008-11-02 12:17 . 1996-12-10 12:21 39,095 --------- c:\windows\iccsigs.dat 2008-11-02 12:16 . 1998-04-15 09:07 218,112 --a------ c:\windows\system32\scint80.dll 2008-11-02 12:16 . 1996-09-06 08:02 90,112 --a------ c:\windows\system32\evysh7us.dll 2008-11-02 12:15 . 2008-11-02 12:15 <DIR> d-------- c:\windows\Profiles 2008-11-02 12:15 . 2008-11-02 12:15 <DIR> d-------- c:\windows\Favorites 2008-11-02 12:15 . 2008-11-02 12:15 <DIR> d-------- C:\Corel 2008-11-02 12:10 . 2008-11-02 12:10 <DIR> d-------- c:\documents and settings\Mama\Application Data\TuneUp Software 2008-10-31 17:37 . 2008-10-31 19:17 <DIR> d-------- C:\_$Temp 2008-10-30 21:33 . 2008-10-30 21:34 124,790,784 -r-h----- c:\windows\dcdisk0_0 2008-10-30 21:33 . 2008-10-30 21:33 4,204,544 -r-h----- c:\windows\dclog.bin 2008-10-30 21:33 . 2008-10-30 21:33 0 --a------ c:\windows\dclock.dc 2008-10-30 21:32 . 2008-11-04 11:37 <DIR> d-------- c:\program files\FarStone 2008-10-30 20:40 . 2008-10-30 20:41 <DIR> d-------- c:\program files\R-Drive Image 2008-10-30 20:29 . 2008-10-30 20:29 <DIR> d-------- c:\program files\Runtime Software 2008-10-29 20:48 . 2008-10-29 20:48 <DIR> d-------- c:\program files\Avanquest update 2008-10-29 20:48 . 2008-10-29 20:48 <DIR> d-------- c:\documents and settings\All Users\Application Data\BVRP Software 2008-10-29 20:43 . 2008-06-04 06:34 122,024 --a------ c:\windows\system32\drivers\s1018mdm.sys 2008-10-29 20:43 . 2008-06-04 06:34 117,544 --a------ c:\windows\system32\drivers\s1018unic.sys 2008-10-29 20:43 . 2008-06-04 06:34 115,368 --a------ c:\windows\system32\drivers\s1018mgmt.sys 2008-10-29 20:43 . 2008-06-04 06:34 111,784 --a------ c:\windows\system32\drivers\s1018obex.sys 2008-10-29 20:43 . 2008-06-04 06:34 25,768 --a------ c:\windows\system32\drivers\s1018nd5.sys 2008-10-29 20:43 . 2008-06-04 06:34 15,016 --a------ c:\windows\system32\drivers\s1018mdfl.sys 2008-10-29 20:43 . 2008-06-04 06:34 12,200 --a------ c:\windows\system32\drivers\s1018cmnt.sys 2008-10-29 20:43 . 2008-06-04 06:34 12,200 --a------ c:\windows\system32\drivers\s1018cm.sys 2008-10-29 20:43 . 2008-06-04 06:34 10,792 --a------ c:\windows\system32\drivers\s1018cr.sys 2008-10-29 20:42 . 2008-06-04 06:34 90,408 --a------ c:\windows\system32\drivers\s1018bus.sys 2008-10-29 20:42 . 2008-06-04 06:34 12,200 --a------ c:\windows\system32\drivers\s1018whnt.sys 2008-10-29 20:42 . 2008-06-04 06:34 12,200 --a------ c:\windows\system32\drivers\s1018wh.sys 2008-10-29 20:38 . 2008-10-29 20:38 <DIR> d-------- c:\documents and settings\All Users\Application Data\Sony Ericsson 2008-10-29 20:28 . 2008-10-29 20:38 <DIR> d-------- c:\program files\Sony Ericsson 2008-10-29 20:28 . 2008-11-03 20:49 <DIR> d-------- c:\program files\Sony 2008-10-29 20:28 . 2008-10-29 20:28 <DIR> d-------- c:\program files\Common Files\Sony Shared 2008-10-27 20:01 . 2008-10-27 20:01 <DIR> d-------- c:\documents and settings\Owner\Application Data\Thinstall 2008-10-27 18:22 . 2008-10-27 18:22 <DIR> d-------- c:\documents and settings\Owner\Application Data\Corel 2008-10-27 18:18 . 2008-11-04 12:10 <DIR> d-------- C:\TEMP 2008-10-27 18:16 . 1997-07-30 14:43 211,456 --a------ c:\windows\system32\qd3d_ir2.q3x 2008-10-27 18:15 . 1997-08-21 11:44 229,376 --a------ c:\windows\system32\rpza32.qtc 2008-10-27 18:15 . 1997-08-21 11:44 165,888 --a------ c:\windows\system32\smc32.qtc 2008-10-27 18:15 . 1997-07-30 14:58 70,656 --a------ c:\windows\system32\3dviewer.dll 2008-10-27 18:15 . 1997-08-21 11:44 32,768 --a------ c:\windows\system32\cmgr32.dll 2008-10-27 18:14 . 1997-07-30 14:21 553,984 --a------ c:\windows\system32\rave.dll 2008-10-27 18:14 . 1997-06-03 03:31 108,032 --a------ c:\windows\system32\sh33w32.dll 2008-10-27 18:14 . 1997-08-21 11:44 83,456 --a------ c:\windows\system32\iv32qt32.qtc 2008-10-27 18:14 . 1997-08-21 11:44 35,840 --a------ c:\windows\system32\navg32.qtc 2008-10-27 18:14 . 1997-08-21 11:44 24,064 --a------ c:\windows\system32\dci32.qtc 2008-10-27 18:14 . 1997-08-21 11:44 20,480 --a------ c:\windows\system32\raw32.qtc 2008-10-27 18:13 . 1997-07-30 11:59 909,312 --a------ c:\windows\system32\qd3d.dll 2008-10-27 18:13 . 1997-08-21 11:44 345,600 --a------ c:\windows\system32\qtim32.dll 2008-10-27 18:13 . 1997-08-21 11:44 151,040 --a------ c:\windows\system32\cvid32.qtc 2008-10-27 18:13 . 1997-08-21 11:44 128,000 --a------ c:\windows\system32\mc32.qtc 2008-10-27 18:13 . 1997-08-21 11:44 34,816 --a------ c:\windows\system32\jpeg32.qtc 2008-10-27 18:12 . 1997-08-21 11:44 38,912 --a------ c:\windows\system32\dhio32.qtc 2008-10-27 18:11 . 1997-08-21 11:44 103,936 --a------ c:\windows\system32\rle32.qtc 2008-10-27 18:10 . 2008-11-02 12:22 <DIR> d-------- c:\windows\Corel 2008-10-25 19:39 . 2008-10-25 19:39 <DIR> d-------- c:\program files\iOrgSoft 2008-10-25 19:27 . 2008-10-25 19:28 <DIR> d-------- c:\documents and settings\All Users\Application Data\{DE097E60-7F86-4350-B083-1F09B6906C92} 2008-10-23 22:39 . 2008-10-23 22:42 <DIR> d-------- c:\program files\Chess3D 2008-10-23 22:39 . 2008-10-23 22:39 286,720 --a------ c:\windows\iun506.exe 2008-10-23 15:07 . 2008-10-23 15:07 99,904 --a------ c:\windows\system32\drivers\AnyDVD.sys 2008-10-22 09:42 . 2008-11-05 20:34 <DIR> d-------- c:\documents and settings\Owner\Application Data\ICQ 2008-10-21 19:52 . 2008-10-21 19:52 <DIR> d-------- c:\program files\MuvEnum 2008-10-21 19:48 . 2008-10-21 19:48 <DIR> d-------- C:\scripts 2008-10-21 19:48 . 2008-10-27 20:03 <DIR> d-------- c:\program files\Finjan Secure Browsing . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-11-20 19:17 7,322,144 --sha-w c:\windows\system32\drivers\fidbox.dat 2008-11-20 19:17 58,284 --sha-w c:\windows\system32\drivers\fidbox.idx 2008-11-20 19:17 4,972 --sha-w c:\windows\system32\drivers\fidbox2.idx 2008-11-20 19:17 1,138,720 --sha-w c:\windows\system32\drivers\fidbox2.dat 2008-11-20 18:42 --------- d-----w c:\documents and settings\Owner\Application Data\Skype 2008-11-20 17:15 --------- d-----w c:\documents and settings\Owner\Application Data\skypePM 2008-11-20 12:19 --------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab 2008-11-18 15:19 --------- d-----w c:\program files\Pirate Poppers 2008-11-18 15:19 --------- d-----w c:\documents and settings\Owner\Application Data\PlayFirst 2008-11-17 21:37 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2008-11-12 22:45 --------- d-----w c:\documents and settings\Owner\Application Data\DNA 2008-11-12 21:44 --------- d-----w c:\program files\DNA 2008-11-07 20:44 --------- d-----w c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters 2008-11-05 20:34 --------- d-----w c:\documents and settings\MIMI\Application Data\ICQ 2008-11-05 20:33 --------- d-----w c:\documents and settings\Mama\Application Data\ICQ 2008-11-05 11:42 --------- d-----w c:\documents and settings\Owner\Application Data\EAST Technologies 2008-11-05 10:10 --------- d-----w c:\program files\Common Files\Wise Installation Wizard 2008-11-05 02:56 96,976 ----a-w c:\windows\system32\drivers\klin.dat 2008-11-05 02:56 87,855 ----a-w c:\windows\system32\drivers\klick.dat 2008-11-04 12:05 --------- d--h--w c:\program files\InstallShield Installation Information 2008-11-04 11:10 --------- d-----w c:\program files\NCH Software 2008-11-04 10:40 --------- d-----w c:\documents and settings\All Users\Application Data\SlySoft 2008-11-04 10:35 --------- d-----w c:\program files\SlySoft 2008-11-02 12:55 --------- d-----w c:\documents and settings\Mama\Application Data\Skype 2008-11-02 12:43 --------- d-----w c:\documents and settings\Mama\Application Data\skypePM 2008-11-01 10:50 --------- d-----w c:\documents and settings\Owner\Application Data\LimeWire 2008-10-31 20:42 --------- d-----w c:\program files\ICQToolbar 2008-10-27 20:00 --------- d-----w c:\documents and settings\Owner\Application Data\XnView 2008-10-19 14:00 --------- d-----w c:\program files\Desktop Clock 2008-10-19 13:33 --------- d-----w c:\program files\Rainlendar2 2008-10-19 13:20 --------- d-----w c:\program files\Moo0 2008-10-19 13:16 --------- d-----w c:\program files\SystemRequirementsLab 2008-10-19 13:15 --------- d-----w c:\documents and settings\Owner\Application Data\SystemRequirementsLab 2008-10-19 13:14 --------- d-----w c:\documents and settings\Owner\Application Data\MailWasherPro 2008-10-17 21:21 --------- d-----w c:\program files\MagicISO 2008-10-17 14:27 --------- d-----w c:\program files\MAGIX 2008-10-17 13:42 352,050 ----a-w c:\documents and settings\Owner\griffith_backup.zip 2008-10-17 13:42 --------- d-----w c:\documents and settings\Owner\Application Data\gtk-2.0 2008-10-17 13:41 --------- d-----w c:\documents and settings\Owner\Application Data\griffith 2008-10-11 18:18 --------- d-----w c:\documents and settings\MIMI\Application Data\ICQ Toolbar 2008-10-07 22:06 --------- d-----w c:\program files\Realtek AC97 2008-10-07 21:35 --------- d-----w c:\program files\NVIDIA Corporation 2008-10-07 21:35 --------- d-----w c:\program files\Common Files\NVIDIA Shared 2008-10-07 20:57 --------- d-----w c:\program files\Driver-Soft 2008-10-07 20:37 --------- d-----w c:\program files\Network Stumbler 2008-10-07 09:23 --------- d-----w c:\program files\iTunes 2008-10-07 09:23 --------- d-----w c:\program files\iPod 2008-10-07 09:23 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2008-10-06 18:33 --------- d-----w c:\program files\Common Files\xing shared 2008-10-06 18:32 --------- d-----w c:\program files\Common Files\Real 2008-10-05 09:42 --------- d-----w c:\program files\Skype 2008-10-04 14:48 --------- d-----w c:\documents and settings\MIMI\Application Data\iolo 2008-10-01 07:55 --------- d-----w c:\documents and settings\LocalService\Application Data\iolo 2008-09-30 18:08 --------- d-----w c:\documents and settings\LocalService\Application Data\Acronis 2008-09-30 14:04 --------- d-----w c:\documents and settings\Owner\Application Data\iolo 2008-09-30 14:04 --------- d-----w c:\documents and settings\All Users\Application Data\iolo 2008-09-30 13:35 44,384 ----a-w c:\windows\system32\drivers\tifsfilt.sys 2008-09-30 13:35 --------- d-----w c:\documents and settings\All Users\Application Data\Acronis 2008-09-30 13:34 441,760 ----a-w c:\windows\system32\drivers\timntr.sys 2008-09-30 13:34 368,480 ----a-w c:\windows\system32\drivers\tdrpman.sys 2008-09-30 13:34 132,224 ----a-w c:\windows\system32\drivers\snapman.sys 2008-09-30 13:34 --------- d-----w c:\program files\Common Files\Acronis 2008-09-30 13:14 --------- d-----w c:\program files\CityMedia Player 2008-09-30 12:46 --------- d-----w c:\documents and settings\Owner\Application Data\Ahead 2008-09-29 16:11 --------- d-----w c:\documents and settings\MIMI\Application Data\PlayFirst 2008-09-26 17:49 --------- d-----w c:\program files\Text Express 2 2008-09-26 17:39 --------- d-----w c:\documents and settings\Owner\Application Data\SpinTop 2008-09-26 00:27 --------- d-----w c:\documents and settings\All Users\Application Data\Ahead 2008-09-26 00:21 --------- d-----w c:\program files\Common Files\Ahead 2008-09-26 00:19 --------- d-----w c:\program files\Nero 2008-09-25 23:57 --------- d-----w c:\documents and settings\All Users\Application Data\Nero 2008-09-25 22:49 --------- d-----w c:\program files\Unlocker 2008-09-25 22:48 --------- d-----w c:\documents and settings\Owner\Application Data\Desktopicon 2008-09-25 19:45 --------- d-----w c:\program files\Zylom Games 2008-09-24 17:16 --------- d-----w c:\documents and settings\Owner\Application Data\Zylom 2008-09-23 20:54 --------- d-----w c:\documents and settings\Owner\Application Data\dvdcss 2008-09-23 20:06 --------- d-----w c:\program files\Software Informer 2008-09-23 12:59 --------- d-----w c:\program files\QuickTime 2008-09-23 12:58 --------- d-----w c:\program files\Common Files\Apple 2008-09-23 12:42 --------- d-----w c:\program files\Apple Software Update 2008-09-22 20:48 --------- d-----w c:\program files\Paragon Software 2008-09-22 20:44 74,703 ----a-w c:\windows\system32\mfc45.dll 2008-09-22 20:26 --------- d-----w c:\program files\TuneUp Utilities 2007 2008-09-22 15:34 --------- d-----w c:\program files\Tumblebugs 2 2008-09-21 22:37 --------- d-----w c:\program files\LimeWire 2008-09-21 16:40 --------- d-----w c:\documents and settings\Owner\Application Data\Eyeblaster 2008-08-21 02:19 425,984 ----a-w c:\windows\system32\ATIDEMGX.dll 2008-08-21 02:18 314,880 ----a-w c:\windows\system32\ati2dvag.dll 2008-08-21 02:08 184,320 ----a-w c:\windows\system32\atipdlxx.dll 2008-08-21 02:08 143,360 ----a-w c:\windows\system32\Oemdspif.dll 2008-08-21 02:07 43,520 ----a-w c:\windows\system32\ati2edxx.dll 2008-08-21 02:07 26,112 ----a-w c:\windows\system32\Ati2mdxx.exe 2008-08-21 02:07 143,360 ----a-w c:\windows\system32\ati2evxx.dll 2008-08-21 02:05 573,440 ----a-w c:\windows\system32\ati2evxx.exe 2008-08-21 02:04 53,248 ----a-w c:\windows\system32\ATIDDC.DLL 2008-08-21 02:01 10,084,352 ----a-w c:\windows\system32\atioglxx.dll 2008-08-21 01:55 4,094,560 ----a-w c:\windows\system32\ati3duag.dll 2008-08-21 01:50 307,200 ----a-w c:\windows\system32\atiiiexx.dll 2008-08-21 01:38 2,377,856 ----a-w c:\windows\system32\ativvaxx.dll 2008-08-21 01:23 48,640 ----a-w c:\windows\system32\amdpcom32.dll . ((((((((((((((((((((((((((((( snapshot@2008-11-19_22.44.33.45 ))))))))))))))))))))))))))))))))))))))))) . - 2008-11-19 22:39:44 32,768 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat + 2008-11-20 07:47:06 32,768 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat - 2008-11-19 22:39:44 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat + 2008-11-20 07:47:06 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat - 2008-11-19 22:39:44 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2008-11-20 07:47:06 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - 1996-01-12 16:00:00 24,576 ----a-w c:\windows\system32\STKIT432.DLL + 1996-01-12 17:00:00 24,576 ----a-w c:\windows\system32\STKIT432.DLL . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360] "Gadwin PrintScreen"="c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2007-08-20 495616] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 255528] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-10-06 185872] "AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2008-04-25 201992] "SoundMan"="SOUNDMAN.EXE" [2007-04-16 c:\windows\soundman.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] c:\documents and settings\Owner\Start Menu\Programs\Startup\ Moo0 SystemMonitor 1.18.lnk - c:\program files\Moo0\SystemMonitor 1.18\SystemMonitor.exe [2008-10-19 1323008] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk] backup=c:\windows\pss\Bluetooth.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Corel MEDIA FOLDERS INDEXER 8.LNK] backup=c:\windows\pss\Corel MEDIA FOLDERS INDEXER 8.LNKCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk] backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^UDPixel.lnk] backup=c:\windows\pss\UDPixel.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] c:\windows\system32\dumprep 0 -k [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service] --a------ 2008-04-09 19:14 136472 c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] --a--c--- 2008-01-11 21:16 39792 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD] --a------ 2008-11-04 10:36 2259904 c:\program files\SlySoft\AnyDVD\AnyDVDtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICustomerCare] --a------ 2007-10-04 17:38 307200 c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] --a------ 2006-09-13 10:12 139264 c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA] --a------ 2008-11-12 20:51 342336 c:\program files\DNA\btdna.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrMfcWnd] --------- 2007-03-12 13:51 663552 c:\program files\Brother\Brmfcmon\BrMfcWnd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3] --------- 2007-01-26 14:58 65536 c:\program files\Brother\ControlCenter3\BrCtrCen.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixCamera] --a--c--- 2007-07-11 15:09 20480 c:\windows\FixCamera.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch] --a--c--- 2007-01-29 20:10 46632 c:\program files\ScanSoft\PaperPort\IndexSearch.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] --a------ 2008-10-01 17:57 289576 c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2006-01-12 15:40 155648 c:\program files\Common Files\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVMixerTray] --a------ 2004-12-20 16:12 131072 c:\program files\NVIDIA Corporation\NvMixer\NvMixerTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD] --a------ 2007-01-29 20:12 30248 c:\program files\ScanSoft\PaperPort\pptd40nt.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2008-09-06 14:09 413696 c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2std] --a------ 2005-11-16 15:14 344064 c:\windows\vsnp2std.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd3] --a------ 2006-09-19 08:07 827392 c:\windows\vsnpstd3.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite] --a------ 2008-07-02 16:16 393216 c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate] --a--c--- 2006-10-25 08:03 210472 c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a--c--- 2008-06-10 03:27 144784 c:\program files\Java\jre1.6.0_07\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] --a------ 2008-10-06 18:30 185872 c:\program files\Common Files\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrayServer] --a------ 2008-02-07 11:00 90112 c:\program files\MAGIX\Movie_Edit_Pro_14_PLUS_Download_version\Trayserver.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnp2std] --a--c--- 2005-11-14 17:47 110592 c:\windows\tsnp2std.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnpstd3] --a------ 2007-04-21 08:37 270336 c:\windows\tsnpstd3.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] --------- 2006-10-18 19:05 204288 c:\program files\Windows Media Player\wmpnscfg.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent] --a------ 2004-08-04 12:00 110592 c:\windows\system32\bthprops.cpl [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P17Helper] --a------ 2005-05-03 18:38 64512 c:\windows\system32\P17.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "TryAndDecideService"=2 (0x2) "AcrSch2Svc"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"= "c:\\WINDOWS\\system32\\mmc.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R0 hotcore3;hotcore3;c:\windows\system32\drivers\hotcore3.sys [2008-09-22 40368] R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-01-29 32784] R0 si3112r;si3112r;c:\windows\system32\drivers\si3112r.sys [2008-06-02 97408] R0 SiWinAcc;SiWinAcc;c:\windows\system32\drivers\SiWinAcc.sys [2008-06-02 19240] R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\DRIVERS\klfltdev.sys [2008-03-13 26640] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\DRIVERS\klim5.sys [2008-03-25 24592] S1 efbDisk;efbDisk; [] S2 ousbehci;OrangeWare USB Enhanced Host Controller Service;c:\windows\system32\Drivers\ousbehci.sys [2008-06-06 46080] S2 UxTuneUp;TuneUp Theme Extension;c:\windows\System32\svchost.exe -k netsvcs [2004-08-04 14336] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [2008-06-11 1527900] S3 ousb2hub;OrangeWare USB 2.0 Root Hub Support;c:\windows\system32\DRIVERS\ousb2hub.sys [2008-06-06 56960] S3 R-ImageDisk;R-ImageDisk;\??\c:\program files\R-Drive Image\R-ImageDisk.sys [2008-08-07 126551] S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [2008-10-29 90408] S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [2008-10-29 15016] S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [2008-10-29 122024] S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [2008-10-29 115368] S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [2008-10-29 25768] S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [2008-10-29 111784] S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [2008-10-29 117544] S3 SNP2STD;USB2.0 PC Camera (SNP2STD);c:\windows\system32\DRIVERS\snp2sxp.sys [2008-06-14 10192896] . Contents of the 'Scheduled Tasks' folder 2008-11-14 c:\windows\Tasks\1-Click Maintenance.job - c:\program files\TuneUp Utilities 2007\SystemOptimizer.exe [2007-08-02 18:35] 2008-11-11 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] . - - - - ORPHANS REMOVED - - - - HKLM-Run-RegistryMechanic - (no file) ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-11-20 19:19:50 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- PROCESS: c:\windows\explorer.exe -> c:\program files\Unlocker\UnlockerHook.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\ati2evxx.exe c:\windows\system32\ati2evxx.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe c:\windows\system32\IoctlSvc.exe c:\windows\system32\wscntfy.exe . ************************************************************************ . Completion time: 2008-11-20 19:25:02 - machine was rebooted [Owner] ComboFix-quarantined-files.txt 2008-11-20 19:24:54 ComboFix2.txt 2008-11-19 22:45:29 ComboFix3.txt 2008-11-19 19:53:56 Pre-Run: 205,531,254,784 bytes free Post-Run: 205,523,177,472 bytes free 396

Profil

dr_Bora Poslao: 20 Nov 2008 22:00 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Obriši c:\windows\system32\flcss.exe Kakvo je sada stanje?

Profil

VULETICA Poslao: 20 Nov 2008 22:23 Idi na vrh
offline VULETICA Građanin Pridružio: 18 Nov 2008 Poruke: 45 Gde živiš: NEWCASTLE UPON TYNE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! obrisao sam otkad sam uradio prvi combofix skan internet mi izgleda ok, ne blokira, nije spor, ne izbacuje nikakve poruke, a kaspersky skan vise ne nalazi lsass.exe, mada trenutno radim full skan

Profil

dr_Bora Poslao: 20 Nov 2008 22:36 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Javi se kada završi skeniranje... Imaćemo još nešto za odraditi.

Profil

VULETICA Poslao: 21 Nov 2008 00:38 Idi na vrh
offline VULETICA Građanin Pridružio: 18 Nov 2008 Poruke: 45 Gde živiš: NEWCASTLE UPON TYNE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! dogovoreno trenutno je na %60 Dopuna: 21 Nov 2008 0:38 skan je zavrsen, kaspersky nije nasao nista ozbiljno, kaze da imam 12 vulnerability i 8 adware koji su u system32 neki dll fajlovi koje sam obrisao

Profil

dr_Bora Poslao: 21 Nov 2008 15:30 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uradi sledeće: Klikni START a zatim RUN U liniju za unos teksta ukucaj Combofix /u i klikni OK Sačekaj da se proces deinstalacije završi Gornja procedura će: Obrisati sledeće: ComboFix i njegove file-ove i foldere VundoFix Backups folder, ako postoji C:\Deckard folder, ako postoji C:\OtMoveIt folder, ako postoji Resetovati podešavanja sata na kompjuteru Sakriti ekstenzije file-ova, ako je potrebno Sakriti sistemske/skrivene file-ove/foldere, ako je potrebno Resetovati System Restore To je sve.

Profil

VULETICA Poslao: 23 Nov 2008 19:14 Idi na vrh
offline VULETICA Građanin Pridružio: 18 Nov 2008 Poruke: 45 Gde živiš: NEWCASTLE UPON TYNE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! napravljeno, combofix obrisan Dopuna: 23 Nov 2008 19:14 da se zahvalim na pomoci i efikasnosti, svaka cast aleksa

Profil

MyCity » Ambulanta -> Arhiva Ambulante » KAKO SE RESITI lsass.exe?

Ko je trenutno na forumu

Ukupno su 493 korisnika na forumu :: 4 registrovanih, 0 sakrivenih i 489 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: deimos25, milenko crazy north, ruma, vukovi

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by