Get all recent user permissions / network files entries / user’s permissions

$filteracl = {$_.IdentityReference -match “domain user” -and ($_.FileSystemRights -band 131241 -or $_.FileSystemRights -band 278)}
$objects = Get-ChildItem \\domain.local\dfs\department -Recurse -Force | Export-Csv c:\user.txt
foreach ($i in $objects)
{
$i.GetAccessControl().Access | Where $filteracl | Select `
@{n=”Path”;e={$i.fullname}},
@{n=”User”;e={$_.IdentityReference}},
@{n=”Permission”;e={$_.FileSystemRights}}
}

Trojan:Win32/Shapouf.A

Trojan:Win32/Shapouf.A

This trojan infects pc from phishing mail attachment sent from some bank institute etc.
Fully updated Microsoft Windows 7 SP1 with real time scanning msft essential security antivirus is disarmed by this trojan!
Safety scanner detects this tojan but not purges it!
Reinstalled msft security essential tries to clean it, but unsuccessful!
Try better antvirus or completely reinstall/recover system.
Don’t open phishing mail!!!

http://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=Trojan%3aWin32%2fShapouf.A

Vulnerability of Sophos Endpoint Security and Control

VIRUSDalši hrozby zasazují rány systému Sophos Endpoint Security and Control.
Patrně ohlášená “automatická” (tomu snad nikdo nevěří) aktualizace Sophosu na v. 10.3. v avizovaném termínu 2.-9.10. má patrně spasit tento “děravý” systém?
Během poslední doby jsem zaregistroval, že plně aktualizovaný systém byl kompletně “odzbroje” hrozbou ve formě phisingu na Českou poštu a to konkrétně malwarem: Win32/Hesperbot.A.
Dále díru na lochnu (J) rozšířil “přiblblý” trojan, který v profilu nakaženého “vytapetuje na bílo”!
Kdo spoléhá na sophos, nechť radši skenuje ještě něčím jiným.

Another threat beating the Sophos Endpoint Security and Control. Probably announced “automatic” (no one believes) update of Sophos to v. 10.3 in term 2nd-9th Oct. should heal the “leaky” system? During the last time I noticed that a fully updated system was completely “disarmed” by threat in the form of phishing e-mail to Cze Mail corp. – malware: Win32/Hesperbot.A. Furthermore biger “hole” (J) expanded the “dumb” trojan that infects user profile with white screen (user can’t work)! WWho rely on the Sophos, rather scan with something else.

PXE-T01: File not found PXE:E3B: TFTP Error- File not found PXE-MOF : Exiting Intel Boot Agent

PXE-T01: File not found
PXE:E3B: TFTP Error- File not found
PXE-MOF : Exiting Intel Boot Agent

1. Remove the SMS PXE role. Look at the PXESetup.log file to verify that the uninstall is complete and successful.

2. Uninstall the WDS server.

3. Reboot the machine.

4. Reboot again.

5. Rename the folder “RemoteInstall”.

6. Rename c:\windows\temp to c:\windows\temp.old

7. Re-install the WDS server, but “do not configure it”. Do nothing at all other than installing WDS.

8. Add the SMS PXE role. Look at the PXESetup.log file to verify that the installation is complete and successful.

9. Add the boot images to the SMS PXE DP share. Look at the distmgr.log file to verify that the replication of the boot image to the DP is complete and successful.

10. Try booting a PXE client.

-=BTW: Maybe only the step 6 can solve the problem=-