lsass.exe – trojan Bumat
Alex NightWatcher: Solved! Fix it immediately: The file lsass.exe is identified as the Trojan Program that is used for stealing bank information and users passwords. To delete lsass.exe we recommend you to use UnHackMe: http://www.unhackme.com Malware Analysis of lsass.exe Executed: Sons of anarchy.exe Removed: lsass.exe. Full path: C:\WINDOWS\CIDD_P\lsass.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: configuration [...]
lsass.exe – trojan Tracur
Alex NightWatcher: Solved! Fix it immediately: We checked up the file lsass.exe and found it hazardous. The file lsass.exe must be deleted from the system immediately. Kill the process lsass.exe and remove lsass.exe from the Windows startup. Malware Analysis of lsass.exe Executed: NULL.exe Removed: lsass.exe. Full path: C:\Documents and Settings\Administrator\Application Data\SysWin\lsass.exe —————————————————————————————————————————- Detected by UnHackMe: [...]
Removed: csrss.exe, lsass.exe, msn11.exe, winpro.exe (trojan VB)
Alex NightWatcher: Solved! Fix it immediately: Malware: indir.exe Removed: C:\WINDOWS\csrss.exe C:\WINDOWS\lsass.exe C:\WINDOWS\msn11.exe C:\WINDOWS\winpro.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: csrss Author: 23423423ewere Related File: C:\WINDOWS\CSRSS.EXE Type: Registry Run Item Name: csrss.exe Author: Related File: C:\WINDOWS\CSRSS.EXE Type: Running Processes Item Name: winpro.exe Author: www.hamaci.org Related File: C:\WINDOWS\WINPRO.EXE Type: Running Processes Item Name: lsass.exe Author: mIRC Co. [...]
Removed: C:\Documents and Settings\Administrator\Application Data\Microsoft\lsass.exe (trojan Injector)
Alex NightWatcher: Solved! Fix it immediately: Malware: crypted.exe Removed: C:\Documents and Settings\Administrator\Application Data\Microsoft\lsass.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: Registry Driver Author: Unknown Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MICROSOFT\LSASS.EXE Type: Registry Run Item Name: lsass.exe Author: Unknown Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MICROSOFT\LSASS.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How [...]
Removed: lsass.exe, msvbvm6032.exe, odbcbcp32.exe, rsaenh32.exe, avicap3232.dll, msvbvm6032.dll (trojan Tracur)
Alex NightWatcher: Solved! Fix it immediately: Malware: QuickTime_Update_KB596180.exe Removed: C:\Documents and Settings\Administrator\Application Data\SysWin\lsass.exe C:\WINDOWS\system32\msvbvm6032.exe C:\WINDOWS\system32\odbcbcp32.exe C:\WINDOWS\system32\rsaenh32.exe C:\WINDOWS\system32\avicap3232.dll C:\WINDOWS\system32\msvbvm6032.dll —————————————————————————————————————————- Detected by UnHackMe: Item Name: {59558EC7-1F34-6B59-E88A-C752DCF00C59} Author: Borland Software Corporation Related File: C:\WINDOWS\SYSTEM32\MSVBVM6032.DLL Type: Browser Helper Objects Item Name: {ACEDA6ED-18B6-412C-B3CE-C47FCE9E41Eb} Author: Borland Software Corporation Related File: C:\WINDOWS\SYSTEM32\AVICAP3232.DLL Type: Browser Helper Objects Item Name: RTHDBPL Author: Borland [...]
Removed: C:\Documents and Settings\Administrator\Application Data\logon.exe, C:\Documents and Settings\Administrator\Application Data\lsass.exe (trojan KDV)
Alex NightWatcher: Solved! Fix it immediately: Malware: kl.exe Removed: C:\Documents and Settings\Administrator\Application Data\logon.exe C:\Documents and Settings\Administrator\Application Data\lsass.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: shell Author: Unknown Related File: Explorer.exe “C:\Documents and Settings\Administrator\Application Data\lsass.exe” Type: System.ini Item Name: System32 Author: Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\LOGON.EXE Type: Registry Run Item Name: MSWUpdate Author: Related File: C:\DOCUMENTS [...]
Removed: C:\Documents and Settings\Administrator\Application Data\lsass.exe (trojan Agent)
Alex NightWatcher: Solved! Fix it immediately: Malware: IMG5643.exe Removed: C:\Documents and Settings\Administrator\Application Data\lsass.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: shell Author: Unknown Related File: Explorer.exe “C:\Documents and Settings\Administrator\Application Data\lsass.exe” Type: System.ini Item Name: MSWUpdate Author: Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\LSASS.EXE Type: Registry Run Item Name: lsass.exe Author: Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\LSASS.EXE Type: [...]
Removed: setupupdater0002.exe, ohydy.exe, regedit.exe, sdra64.exe, lsass.exe, svc.exe, svw.exe, svx.exe, ope17.exe, opeB.exe, fFollower.exe (multi trojan – TDSS, Zeus, FakeAV – Antimalware Doctor)
Alex NightWatcher: Solved! Fix it immediately: Malware: g16b2e.exe Removed: C:\Documents and Settings\Administrator\Application Data\B34B7AF9CB40065433C8C631C37A9A2D\setupupdater0002.exe C:\Documents and Settings\Administrator\Application Data\ohydy.exe C:\WINDOWS\system32\regedit.exe C:\WINDOWS\system32\sdra64.exe C:\WINDOWS\lsass.exe C:\WINDOWS\svc.exe C:\WINDOWS\svw.exe C:\WINDOWS\svx.exe C:\Documents and Settings\Administrator\Local Settings\Temp\ope17.exe C:\Documents and Settings\Administrator\Local Settings\Temp\opeB.exe C:\Documents and Settings\Administrator\Local Settings\Temp\fFollower.exe —————————————————————————————————————————- Detected by RegRun Warrior: 1. RegRun Reanimator: 1.1 Item Name: UserInit Author: Unknown Related File: C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe, Type: UserInit Value [...]
Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\lsass.exe (trojan Swisyn)
Alex NightWatcher: Solved! Fix it immediately: Malware: m4l.exe Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\lsass.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: Windows Kernel Host Author: V951227GC594242kBc3313 Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\LSASS.EXE Type: Registry Run Item Name: lsass.exe Author: Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\LSASS.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: [...]
Removed: lsass.exe, lToRo.exe (trojan Jorik.Lolbot)
Alex NightWatcher: Solved! Fix it immediately: Malware: Dervie.exe Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\lsass.exe C:\Documents and Settings\Administrator\Local Settings\Temp\lToRo.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: Windows Firewall Author: NRCr Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\LSASS.EXE Type: Registry Run Item Name: lsass.exe Author: Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\LSASS.EXE Type: Running Processes Item Name: {CLVQ0DSR-QSFT-LBKV-FZYX-CVZEGNEMN16E} Author: NRCr Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\LTORO.EXE Type: ActiveSetup Item Name: [...]
Removed: ndisrd.sys, 2488.exe, vpe0.exe, mgrls32.exe, msftldr.dll, aect.sys, qgcl.exe, scand.dll, scand.lnk, lsass.exe, srenum.sys (trojan Harnig)
Alex NightWatcher: Solved! Fix it immediately: Malware: C:\sand-box\norton_personal_firewall__8.0.2.5-keygen.exe Removed: C:\WINDOWS\system32\drivers\ndisrd.sys C:\Documents and Settings\Administrator\Local Settings\Temp\2488.exe C:\Documents and Settings\Administrator\Local Settings\Temp\vpe0.exe C:\RECYCLER\S-1-5-21-9847229874-5677669606-071316190-4569\mgrls32.exe C:\Documents and Settings\Administrator\Application Data\TeraCopy\msdllvcl72\msftldr.dll C:\WINDOWS\system32\drivers\aect.sys C:\Documents and Settings\Administrator\Local Settings\Temp\qgcl.exe C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\scand.dll C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\scand.lnk C:\lsass.exe C:\WINDOWS\system32\drivers\srenum.sys —————————————————————————————————————————- Detected by UnHackMe: Item Name: ndisrd.sys Author: NT Kernel Resources Related File: C:\WINDOWS\SYSTEM32\DRIVERS\NDISRD.SYS Type: Drivers Item [...]
Removed: C:\WINDOWS\system32\drivers\winyyy.sys C:\WINDOWS\lsass.exe C:\WINDOWS\winhost.exe (trojan Tesefo)
Alex NightWatcher: Solved! Fix it immediately: Malware: ie2.exe Removed: C:\WINDOWS\system32\drivers\winyyy.sys C:\WINDOWS\lsass.exe C:\WINDOWS\winhost.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: WinMSS Author: Microsoft Corporation Related File: C:\WINDOWS\winhost.exe Type: Auto Services Item Name: winyyy.sys Author: Windows (R) 2000 DDK provider Related File: C:\WINDOWS\SYSTEM32\DRIVERS\WINYYY.SYS Type: Drivers Item Name: lsass.exe Author: Microsoft Corporation Related File: C:\WINDOWS\LSASS.EXE Type: Running Processes Removal [...]
Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\lsass.exe (trojan Injector)
Alex NightWatcher: Solved! Fix it immediately: Malware: DSC73467465JPG.exe Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\lsass.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: Local Security Authority Process Author: bthgzegy1425gsdbsdgzeg Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\LSASS.EXE Type: Registry Run Item Name: lsass.exe Author: Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\LSASS.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? [...]
Removed: sdra64.exe aecq.sys 917ded.exe fFollower.exe lsass.exe (combination trojans: Zbot + Harnig)
Alex NightWatcher: Solved! Fix it immediately: Malware: g6064a.exe Removed: C:\WINDOWS\system32\sdra64.exe C:\WINDOWS\system32\drivers\aecq.sys C:\Documents and Settings\Administrator\Local Settings\Temp\917ded.exe C:\Documents and Settings\Administrator\Local Settings\Temp\fFollower.exe C:\lsass.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: UserInit Author: Unknown Related File: C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe, Type: UserInit Value Item Name: aecq.sys Author: Microsoft Corporation Related File: C:\WINDOWS\SYSTEM32\DRIVERS\AECQ.SYS Type: Drivers Item Name: h612wm Author: Unknown Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\917DED.EXE Type: [...]
Removed: C:\Documents and Settings\%USERNAME%\Application Data\lsass.exe (trojan Malex)
Alex NightWatcher: Solved! Fix it immediately: Malware: vfqy.exe Removed: C:\Documents and Settings\Administrator\Application Data\lsass.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: Local Security Auth. Server Author: Company A Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\LSASS.EXE Type: Registry Run Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Local Security Auth. Server Value: [...]
Removed: servicelayer.exe, svw.exe, C:\WINDOWS\lsass.exe, svc.exe, svchosty.exe, C:\WINDOWS\ctfmon.exe (trojan Microjoin)
Alex NightWatcher: Solved! Fix it immediately: Malware: Removed: C:\WINDOWS\servicelayer.exe C:\WINDOWS\svw.exe C:\WINDOWS\lsass.exe C:\WINDOWS\svc.exe C:\Documents and Settings\Administrator\Local Settings\Temp\ope6.exe C:\Documents and Settings\Administrator\Local Settings\Temp\svchosty.exe C:\WINDOWS\ctfmon.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: servicelayer Author: Unknown Related File: C:\WINDOWS\SERVICELAYER.EXE Type: Registry Run Item Name: netw Author: Unknown Related File: C:\WINDOWS\SVW.EXE Type: Registry Run Item Name: lsass Author: Unknown Related File: C:\WINDOWS\LSASS.EXE [...]
Removed: ..\SystemProc\lsass.exe (trojan Dursg)
Alex NightWatcher: Solved! Fix it immediately: Malware: C:\sand-box\blacko_DpAnOrOlBEnGo.exe Removed: C:\Documents and Settings\Administrator\Application Data\SystemProc\lsass.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: RTHDBPL Author: QJwQtGUCTFJj Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\SYSTEMPROC\LSASS.EXE Type: Explorer Run Item Name: lsass.exe Author: Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\SYSTEMPROC\LSASS.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version [...]
Removed: PROGRAMS\STARTUP\lsass.exe (trojan Clicker)
Alex NightWatcher: Solved! Fix it immediately: Malware: C:\sand-box\lsass.exe Removed: C:\sand-box\lsass.exe C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\lsass.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: lsass.exe Author: ahhaa Related File: C:\SAND-BOX\LSASS.EXE Type: Registry Run Item Name: lsass.exe Author: ahhaa Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\START MENU\PROGRAMS\STARTUP\LSASS.EXE Type: Startup Folder Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last [...]
Removed: ope4.exe, svchosty.exe, lsass.exe, svc.exe, svw.exe (trojan Microjoin)
Alex NightWatcher: Solved! Fix it immediately: Malware: asd23434ff.exe Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\ope4.exe C:\Documents and Settings\Administrator\Local Settings\Temp\svchosty.exe C:\WINDOWS\lsass.exe C:\WINDOWS\svc.exe C:\WINDOWS\svw.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: netw Author: Unknown Related File: C:\WINDOWS\SVW.EXE Type: Registry Run Item Name: lsass Author: Unknown Related File: C:\WINDOWS\LSASS.EXE Type: Registry Run Item Name: netc Author: Unknown Related File: C:\WINDOWS\SVC.EXE Type: [...]
Removed: ..\Local Settings\Application Data\LSASS.EXE
Alex NightWatcher: Solved! Fix it immediately: Malware: nopic.jpg.EXE —————————————————————————————————————————- Removed: C:\Documents and Settings\Administrator\ Local Settings\Application Data\LSASS.EXE —————————————————————————————————————————- Detected by UnHackMe: Item Name: AASSKK2 Author: JPEG Image Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\LSASS.EXE Type: Registry Run Item Name: LSASS.EXE Author: Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\LSASS.EXE Type: Running Processes Removal Results: Success Number of [...]
Removed: ..application data\systemproc\lsass.exe
Alex NightWatcher: Solved! Fix it immediately: Malware: load.exe —————————————————————————————————————————- Removed: c:\documents and settings\administrator\application data\systemproc\lsass.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.04.12 Suspicious:W32/Malware!Gemini Kaspersky 7.0.0.125 2010.04.12 P2P-Worm.Win32.Agent.aam Microsoft 1.5605 2010.04.12 VirTool:Win32/VBInject.FB NOD32 5021 2010.04.12 probably a variant of Win32/Injector.BHD —————————————————————————————————————————- Additional information File size: 299008 bytes MD5 : d11d76c6ecf6a9a87dcd510294104a66 SHA1 : ed147998d1435ac667fd05165013d11a5e24b846 SHA256: a5a9100a3a614de13b8a660714f499bebca125b2dbb21e9d40072aa13b887f77 —————————————————————————————————————————- Detected [...]
Removed: C:\Win\lsass.exe
Alex NightWatcher: Solved! Fix it immediately: Malware: 1544e334965af8becf6c767059890997.exe Removed: C:\Win\lsass.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.01.06 Gen:Trojan.Heur.HmNfrbUYmYkib Kaspersky 7.0.0.125 2010.01.06 Trojan-Spy.Win32.KeyLogger.cor McAfee 5852 2010.01.05 W32/YahLover.worm.gen Microsoft 1.5302 2010.01.06 – NOD32 4747 2010.01.06 Win32/Autoit.FL —————————————————————————————————————————- Additional information File size: 551669 bytes MD5 : d01ef1cc38f805230942d2bb55bfd976 SHA1 : 775bec567155d2ab5ac1d830ba801a243e68312e SHA256: aee6121605f8266079ae0919bbc7ba2b46311c903334d4e8eddb628e9934c515 —————————————————————————————————————————- Installation When [...]
Removed: lsass.exe, odbnsy.exe, sms.exe, svc.exe, svw.exe
Alex NightWatcher: Solved! Fix it immediately: Malware: 55ttr.exe Removed: C:\WINDOWS\lsass.exe C:\WINDOWS\odbnsy.exe C:\WINDOWS\sms.exe C:\WINDOWS\svc.exe C:\WINDOWS\svw.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.24 – Kaspersky 7.0.0.125 2010.03.24 – McAfee 5930 2010.03.24 – Microsoft 1.5605 2010.03.24 TrojanDropper:Win32/Microjoin.gen!B NOD32 4971 2010.03.24 a variant of Win32/Kryptik.DFO —————————————————————————————————————————- Additional information File size: 2015744 bytes MD5 : 769c38d76e3e99a0fbf4ea58b071b371 SHA1 [...]
Removed: ihaupd32.exe, vhg32.exe, vqovnpnr.exe, lsass.exe
Alex NightWatcher: Solved! Fix it immediately: Malware: C:\sand-box\n2ivc.exe Removed: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\ihaupd32.exe C:\RECYCLER\S-1-5-21-6794555250-5983174292-887858100-2781\vhg32.exe C:\Documents and Settings\Administrator\Local Settings\Temp\vqovnpnr.exe C:\lsass.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.22 – Kaspersky 7.0.0.125 2010.03.22 – McAfee 5927 2010.03.21 – Microsoft 1.5605 2010.03.21 – NOD32 4963 2010.03.21 – —————————————————————————————————————————- Additional information File size: 21504 bytes MD5 : [...]
Removed: ctfmon.exe, lsass.exe, odbnsy.exe, sms.exe, svc.exe, svw.exe
Alex NightWatcher: Solved! Fix it immediately: Malware: 50.exe Removed: C:\WINDOWS\ctfmon.exe C:\WINDOWS\lsass.exe C:\WINDOWS\odbnsy.exe C:\WINDOWS\sms.exe C:\WINDOWS\svc.exe C:\WINDOWS\svw.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.17 Trojan-Dropper:W32/Mudrop.D Kaspersky 7.0.0.125 2010.03.17 Trojan-Dropper.Win32.Mudrop.hch McAfee 5922 2010.03.16 – Microsoft 1.5605 2010.03.17 TrojanDropper:Win32/Microjoin.gen!B NOD32 4950 2010.03.16 a variant of Win32/Kryptik.CZA —————————————————————————————————————————- Additional information File size: 2384384 bytes MD5 : a8edb5fae8980dcfd4bfa83c415dd761 SHA1 : df248d95560bb7c03c70fcfa053f9f2f52a4e306 [...]
Removed: ihaupd32.exe, ihxql.exe, lsass.exe
Alex NightWatcher: Solved! Fix it immediately: Malware: your_exe.exe Removed: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\ihaupd32.exe C:\Documents and Settings\Administrator\Local Settings\Temp\ihxql.exe C:\lsass.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.02.26 Trojan.Generic.3235063 Kaspersky 7.0.0.125 2010.02.26 Backdoor.Win32.Small.iyl McAfee 5904 2010.02.26 Generic Dropper.qo Microsoft 1.5502 2010.02.26 TrojanDownloader:Win32/Harnig.gen!P NOD32 4899 2010.02.26 a variant of Win32/Kryptik.CNF Symantec 20091.2.0.41 2010.02.26 Trojan.Zbot —————————————————————————————————————————- Additional [...]
Removed: lsass.exe
Alex NightWatcher: Solved! Fix it immediately: Malware: load.exe Removed: C:\Documents and Settings\Administrator\Application Data\SystemProc\lsass.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.02.24 – Kaspersky 7.0.0.125 2010.02.25 Trojan.Win32.VBKrypt.fc McAfee 5902 2010.02.24 – Microsoft 1.5406 2010.02.25 – NOD32 4893 2010.02.24 a variant of Win32/Injector.AXX Symantec 20091.2.0.41 2010.02.25 Trojan Horse —————————————————————————————————————————- Additional information File size: 274432 bytes [...]
Removed: wnzip32.exe, scoamk.exe, lsass.exe, kbdsock.dll, mshlps.dll
Alex NightWatcher: Solved! Fix it immediately: Malware: C:\sand-box\4u.exe Removed: C:\RECYCLER\S-1-5-21-2130249521-2072838755-887256846-1386\wnzip32.exe C:\scoamk.exe C:\lsass.exe C:\WINDOWS\system32\kbdsock.dll C:\WINDOWS\system32\mshlps.dll —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.02.13 Trojan.CryptRedol.Gen.5 Kaspersky 7.0.0.125 2010.02.13 Trojan-Downloader.Win32.Genome.aimt McAfee 5890 2010.02.12 – Microsoft 1.5406 2010.02.13 TrojanDownloader:Win32/Harnig NOD32 4862 2010.02.12 a variant of Win32/Kryptik.CIW Symantec 20091.2.0.41 2010.02.13 Packed.Generic.265 —————————————————————————————————————————- Additional information File size: 20480 bytes [...]
Removed: shell.exe, PPlayer.2.1.58130.251.(508).dll, finks32.exe, bbb.exe, winhelp.exe, winhelp32.exe, xcmab.sys, appmgmts.dll, mtlrd.sys, LSASS.EXE
Alex NightWatcher: Solved! Fix it immediately: Malware: C:\sand-box\011.exe Removed: C:\WINDOWS\system32\shell.exe C:\WINDOWS\PPlayer.2.1.58130.251.(508).dll C:\WINDOWS\system32\finks32.exe C:\WINDOWS\system32\bbb.exe C:\WINDOWS\system32\winhelp.exe C:\WINDOWS\system32\winhelp32.exe C:\WINDOWS\system32\DRIVERS\xcmab.sys C:\WINDOWS\system32\appmgmts.dll C:\Documents and Settings\All Users\Application Data\Microsoft\Media Player\wmp\mtlrd.sys You must restore the original files are changed virus: C:\WINDOWS\system32\LSASS.EXE —————————————————————————————————————————- Classification: Antivirus Version Last Update Result Kaspersky 7.0.0.125 2010.02.07 Trojan.Win32.VB.aart McAfee 5884 2010.02.06 Generic VB.z Microsoft 1.5406 2010.02.07 – NOD32 4842 [...]
Removed: d3dx10_3732.dll, d3dx10_3532.dll, lsass.exe
Alex NightWatcher: Solved! Fix it immediately: Malware: update_for_media_player_(KB972036).exe Removed: C:\WINDOWS\System32\d3dx10_3732.dll C:\WINDOWS\System32\d3dx10_3532.dll C:\Documents and Settings\Administrator\Application Data\SystemProc\lsass.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.02.08 Suspicious:W32/Riskware!Online Kaspersky 7.0.0.125 2010.02.08 Trojan.Win32.Agent.dgxh McAfee 5886 2010.02.08 – Microsoft 1.5406 2010.02.08 – NOD32 4849 2010.02.08 Win32/TrojanDownloader.Agent.PSH —————————————————————————————————————————- Additional information File size: 562176 bytes MD5 : cdba7ebcd7ef6810d8df3feca09fc624 SHA1 : 3c47a59eda98cd6da84503e7e14c458c89bb51bc [...]
