LSA Shell ale to nie koniec:/
zaczne od poczatku,gdy kompa wlaczam wyswietla mi sie komunikat lsass.exe–blad aplikacji o tresci "instrukcja spod"0x0000000"odwoluje sie do pamieci pod adresem"0x0000000".Pamiec nie moze byc"read".i po wcisnieciu czegokolwiek zamyka sie mi system po odliczeniu minuty i ponowanie uruchamia.Ponadto pojawia sie komunikat LSA Shell(Export Version)napotkal problem i musi zostac zamkniety,po nacisnieciu nie wysylaj robi sie podobnie zamyka sie system po minucie.Malo tego Kaspersky Anti–Virus Personal wykrywa wirusa Net–Worm32.Padobot.z w C:\...\ATGYZ66L\XXXXXXXX[..] oraz jakiegos w C:\windows\system32\fsb.exe .Sciagnelam latke do lsass zainstalowalam ja,takze problem nie zniknal.scanowalam rowniez sasserem i nic.Prosze o pomoc.please.oto moj log,ktory podobno jest czysty:
Logfile of HijackThis v1.99.0
Scan saved at 13:21:03, on 2005–10–05
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Borland\IntrBase\bin\ibguard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Borland\IntrBase\bin\ibserver.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lexmark 5200 series\lxbtbmgr.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Lexmark 5200 series\lxbtbmon.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Gadu–Gadu\gg.exe
C:\WINDOWS\system32\dumprep.exe
C:\WINDOWS\System32\dwwin.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\wir\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 – BHO: (no name) – {53707962–6F74–2D53–2644–206D7942484F} – C:\Program Files\Spybot – Search & Destroy\SDHelper.dll
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD–4d91–8333–CF10577473F7} – c:\program files\google\googletoolbar2.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – c:\program files\google\googletoolbar2.dll
O4 – HKLM\..\Run: [KAVPersonal50] C:\Program Files\Kaspersky Lab\Kaspersky Anti–Virus Personal\kav.exe /minimize
O4 – HKLM\..\Run: [Lexmark 5200 series] "C:\Program Files\Lexmark 5200 series\lxbtbmgr.exe"
O4 – HKLM\..\Run: [LXBTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBTtime.dll,_RunDLLEntry@16
O4 – HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 – HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 –u
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [Gadu–Gadu] "C:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 – Extra context menu item: &Google Search – res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 – Extra context menu item: Backward &Links – res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 – Extra context menu item: Cac&hed Snapshot of Page – res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 – Extra context menu item: Si&milar Pages – res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 – Extra context menu item: Translate into English – res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O16 – DPF: {E7544C6C–CFD6–43EA–B4E9–360CEE20BDF7} (MainControl Class) – http://skaner.mks.com.pl/SkanerOnline.cab
O21 – SSODL: B0CFICEJ – {1AA64F37–78D8–3C6C–2CF9–73663A153191} – C:\WINDOWS\System32\Lbolqaoc.dll (file missing)
O21 – SSODL: mtklefap – {E4D43D74–546C–443E–9DA9–55335423ACE5} – C:\WINDOWS\System32\wlerl32.dll (file missing)
O21 – SSODL: mtklefa – {C9817F09–EDFB–4F48–8BA6–B3EE47CACAA4} – C:\WINDOWS\System32\zdgfu32.dll (file missing)
O23 – Service: InterBase Guardian – Borland Software Corporation – C:\Program Files\Borland\IntrBase\bin\ibguard.exe
O23 – Service: InterBase Server – Borland Software Corporation – C:\Program Files\Borland\IntrBase\bin\ibserver.exe
O23 – Service: kavsvc – Kaspersky Lab – C:\Program Files\Kaspersky Lab\Kaspersky Anti–Virus Personal\kavsvc.exe
O23 – Service: lxbt_device – Lexmark International, Inc. – C:\WINDOWS\System32\lxbtcoms.exe
dziekuje
Logfile of HijackThis v1.99.0
Scan saved at 13:21:03, on 2005–10–05
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Borland\IntrBase\bin\ibguard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Borland\IntrBase\bin\ibserver.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lexmark 5200 series\lxbtbmgr.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Lexmark 5200 series\lxbtbmon.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Gadu–Gadu\gg.exe
C:\WINDOWS\system32\dumprep.exe
C:\WINDOWS\System32\dwwin.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\wir\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 – BHO: (no name) – {53707962–6F74–2D53–2644–206D7942484F} – C:\Program Files\Spybot – Search & Destroy\SDHelper.dll
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD–4d91–8333–CF10577473F7} – c:\program files\google\googletoolbar2.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – c:\program files\google\googletoolbar2.dll
O4 – HKLM\..\Run: [KAVPersonal50] C:\Program Files\Kaspersky Lab\Kaspersky Anti–Virus Personal\kav.exe /minimize
O4 – HKLM\..\Run: [Lexmark 5200 series] "C:\Program Files\Lexmark 5200 series\lxbtbmgr.exe"
O4 – HKLM\..\Run: [LXBTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBTtime.dll,_RunDLLEntry@16
O4 – HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 – HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 –u
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [Gadu–Gadu] "C:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 – Extra context menu item: &Google Search – res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 – Extra context menu item: Backward &Links – res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 – Extra context menu item: Cac&hed Snapshot of Page – res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 – Extra context menu item: Si&milar Pages – res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 – Extra context menu item: Translate into English – res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O16 – DPF: {E7544C6C–CFD6–43EA–B4E9–360CEE20BDF7} (MainControl Class) – http://skaner.mks.com.pl/SkanerOnline.cab
O21 – SSODL: B0CFICEJ – {1AA64F37–78D8–3C6C–2CF9–73663A153191} – C:\WINDOWS\System32\Lbolqaoc.dll (file missing)
O21 – SSODL: mtklefap – {E4D43D74–546C–443E–9DA9–55335423ACE5} – C:\WINDOWS\System32\wlerl32.dll (file missing)
O21 – SSODL: mtklefa – {C9817F09–EDFB–4F48–8BA6–B3EE47CACAA4} – C:\WINDOWS\System32\zdgfu32.dll (file missing)
O23 – Service: InterBase Guardian – Borland Software Corporation – C:\Program Files\Borland\IntrBase\bin\ibguard.exe
O23 – Service: InterBase Server – Borland Software Corporation – C:\Program Files\Borland\IntrBase\bin\ibserver.exe
O23 – Service: kavsvc – Kaspersky Lab – C:\Program Files\Kaspersky Lab\Kaspersky Anti–Virus Personal\kavsvc.exe
O23 – Service: lxbt_device – Lexmark International, Inc. – C:\WINDOWS\System32\lxbtcoms.exe
dziekuje
Odpowiedzi: 0
Strona 0 / 0