Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.

lsass kako ukloniti

[es] :: Zaštita :: lsass kako ukloniti
(Zaključana tema (lock), by Aleksandar Maletic)

[ Pregleda: 4360 | Odgovora: 5 ] > FB > Twit

Postavi temu

Autor

Pretraga teme: Traži
Markiranje Štampanje RSS

vladant
Beograd

Član broj: 50495
Poruke: 81
*.dynamic.isp.telekom.rs.



+26 Profil

icon lsass kako ukloniti21.11.2010. u 08:39 - pre 162 meseci
proces sa istim imenom kao windows proces
mi je za malo ubio racunar
spyhunter je u stanju da ga drzi disable,
ali ne moze da ga ukloni

izgleda ovako:



putanja koju navodi spyhunter ne znaci nista, tamo ga nema,
ni u regisry-u,ni u app data.(podesim da vidim skrivene i sistemske fajlove)
mozda ga je spyhanter negde prebacio




[Ovu poruku je menjao vladant dana 21.11.2010. u 09:58 GMT+1]


Dođe meni tako pred jesen, da ustanem ispod zemlje, dosadi mi da sam dole
budan sanjam...
...čuvaj, sklanjaj staklo, biće srče, vaskrsavam!
Prikačeni fajlovi
 
0

magna86
Anti Malware Fighter

Član broj: 189287
Poruke: 557

Sajt: www.mycity.rs/Ambulanta


+16 Profil

icon Re: lsass kako ukloniti21.11.2010. u 18:10 - pre 162 meseci
Malwarebytes' Anti-Malware bi trebalo da ga ima u definicijama.

Ukoliko ga on ne ukloni onda preuzmi DDS Program na Desktop

Dvoklikom pokreni dds i kad zavrsi, DDS ce otvoriti dva loga:
1. DDS.txt
2. Attach.txt

Oba izvestaja sacuvaj na Desktop.
Kopiraj mi DDS.txt

 
0

vladant
Beograd

Član broj: 50495
Poruke: 81
*.dynamic.isp.telekom.rs.



+26 Profil

icon Re: lsass kako ukloniti22.11.2010. u 06:23 - pre 162 meseci
DDS (Ver_10-11-10.01) - NTFSx86
Run by Veljko at 7:20:18,60 on pon 22.11.2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.1792.1098 [GMT 1:00]

SP: Spyware Terminator *disabled* (Updated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Cyberlink\Shared files\RichVideo.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Veljko\Downloads\dds.com
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files

\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files

\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program

files\windows live\companion\companioncore.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java

\jre6\bin\jp2ssv.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
mRun: [UnlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe"
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe

/install /silent
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex

\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program

files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program

files\windows live\writer\WriterBrowserExtension.dll
Trusted Zone: raiffeisenbank.rs\rol
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} -

hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -

hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
DPF: {73848533-39E1-49F1-9363-28054268C094} - hxxps://rol.raiffeisenbank.rs/RetailDLL/FSINT9.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-

windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-

windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-

windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} -

hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo

gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs:

================= FIREFOX ===================

FF - ProfilePath - c:\users\veljko\appdata\roaming\mozilla\firefox\profiles\ddf07p4v.default\
FF - prefs.js: browser.search.selectedEngine - Vikipedija (sr)
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://search.bearshare.com/web?src=ffb&systemid=2&q=
FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components

\nprpffbrowserrecordext.dll
FF - component: c:\users\veljko\appdata\roaming\mozilla\firefox\profiles\ddf07p4v.default

\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins

\nprphtml5videoshim.dll
FF - plugin: c:\users\veljko\appdata\local\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\users\veljko\appdata\roaming\mozilla\firefox\profiles\ddf07p4v.default\extensions

\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: c:\users\veljko\appdata\roaming\mozilla\plugins\np-mswmp.dll
FF - plugin: c:\windows\system32\wat\npWatWeb.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox

\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox

\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h",

true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar",

true);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);

============= SERVICES / DRIVERS ===============

R0 amacpi;Microsoft Away Mode System;c:\windows\system32\drivers\null.sys [2009-7-14 4608]
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [2009-9-24 19592]
R0 phmcd;phmcd;c:\windows\system32\drivers\phmcd.sys [2008-4-8 43928]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-10-17

142592]
R2 SpyHunter 4 Service;SpyHunter 4 Service;c:\progra~1\enigma~1\spyhun~1\SH4SER~1.EXE [2010-5-18

327064]
R3 esgiguard;esgiguard;c:\program files\enigma software group\spyhunter\esgiguard.sys [2010-1-27

5248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows

\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-6-

10 136176]
S3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [2009-9-2 2077696]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys

[2009-7-13 229888]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [2009-9-24 22528]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-22 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe

[2010-9-22 1493352]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2009-8-26 25480]
S3 WatAdminSvc;Usluga tehnologije aktivacije operativnog sistema Windows;c:\windows\system32\wat

\WatAdminSvc.exe [2010-11-11 1343400]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh

\wlcrasvc.exe [2010-9-22 51040]

=============== Created Last 30 ================

2010-11-22 05:52:17 -------- d-----w- c:\users\veljko\appdata\roaming\Malwarebytes
2010-11-22 05:52:10 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-22 05:52:09 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-22 05:52:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-11-22 05:52:09 -------- d-----w- c:\progra~2\Malwarebytes
2010-11-19 20:33:02 6273872 ----a-w- c:\progra~2\microsoft\windows defender\definition

updates\{558d145b-850e-44ea-a910-2c137669bb34}\mpengine.dll
2010-11-11 23:09:46 -------- dc----w- c:\users\veljko\appdata\local\MigWiz
2010-11-11 22:41:53 -------- d-----w- c:\windows\LastGood.Tmp
2010-11-11 16:11:27 295936 ----a-w- c:\windows\system32\drivers\vpcvmm.sys
2010-11-11 16:11:26 3330560 ----a-w- c:\windows\system32\vpc.exe
2010-11-11 16:11:26 2171392 ----a-w- c:\windows\system32\VPCWizard.exe
2010-11-11 16:11:26 1003008 ----a-w- c:\windows\system32\VMWindow.exe
2010-11-11 16:07:11 -------- d-----r- c:\users\veljko\Virtual Machines
2010-11-11 16:06:25 -------- d-----w- c:\program files\Windows XP Mode
2010-11-11 11:44:15 14848 ----a-w- c:\windows\system32\vpchbuspipe.dll
2010-11-11 11:44:07 78336 ----a-w- c:\windows\system32\drivers\vpcusb.sys
2010-11-11 11:44:07 55040 ----a-w- c:\windows\system32\drivers\vpcnfltr.sys
2010-11-11 11:44:07 165376 ----a-w- c:\windows\system32\drivers\vpchbus.sys
2010-11-11 11:44:06 793600 ----a-w- c:\windows\system32\vmsal.exe
2010-11-11 11:44:06 559616 ----a-w- c:\windows\system32\VMCPropertyHandler.dll
2010-11-11 11:44:06 1260032 ----a-w- c:\windows\system32\VPCSettings.exe
2010-11-11 11:36:56 -------- d-----w- c:\windows\system32\Wat
2010-11-11 11:32:36 8192 ----a-w- c:\program files\mozilla firefox\plugins

\nprjplug.dll
2010-11-11 11:32:30 140864 ----a-w- c:\program files\mozilla firefox\plugins

\nppl3260.dll
2010-11-11 11:32:29 98304 ----a-w- c:\program files\mozilla firefox\plugins

\nprpjplug.dll
2010-11-11 11:32:24 -------- d-----w- c:\program files\common files\xing shared
2010-11-11 11:32:14 569397 ----a-w- c:\program files\internet explorer\plugins\richfx

\player\nprfxins.dll
2010-11-11 11:32:11 -------- d-----w- c:\program files\common files\Real
2010-11-11 01:47:22 90624 ----a-w- c:\windows\system32\nmwcdcls.dll
2010-11-11 01:47:22 -------- d-----w- c:\program files\Nokia
2010-11-11 01:47:19 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-11-11 01:47:15 -------- d-----w- c:\program files\PC Connectivity Solution
2010-11-11 01:04:21 57960 ----a-w- c:\windows\system32\OpenCL.dll
2010-11-11 01:04:21 14899816 ----a-w- c:\windows\system32\nvoglv32.dll
2010-11-11 01:04:21 10084360 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2010-11-11 01:04:20 888424 ----a-w- c:\windows\system32\nvdispco322050.dll
2010-11-11 01:04:20 813672 ----a-w- c:\windows\system32\nvgenco322030.dll
2010-11-11 01:04:20 4837480 ----a-w- c:\windows\system32\nvcuda.dll
2010-11-11 01:04:20 2912360 ----a-w- c:\windows\system32\nvcuvid.dll
2010-11-11 01:04:20 2666600 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-11-11 01:04:20 13019752 ----a-w- c:\windows\system32\nvcompiler.dll
2010-11-11 01:03:58 -------- d-----w- C:\NVIDIA
2010-11-11 00:11:53 -------- d-----w- c:\program files\SystemRequirementsLab
2010-11-11 00:09:00 758784 ----a-w- c:\windows\system32\cohelper.dll
2010-11-11 00:09:00 11164 ----a-w- c:\windows\system32\drivers\nvphy.bin
2010-11-11 00:08:08 -------- d-----w- c:\progra~2\NVIDIA Corporation
2010-11-11 00:08:01 -------- d-----w- c:\program files\NVIDIA Corporation
2010-11-06 07:51:21 -------- d-----w- c:\users\veljko\appdata\local\Apple Computer
2010-11-06 07:50:58 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-11-06 07:50:58 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2010-11-06 07:50:26 -------- d-----w- c:\program files\iPod
2010-11-06 07:50:25 -------- d-----w- c:\program files\iTunes
2010-11-06 07:50:25 -------- d-----w- c:\progra~2\{429CAD59-35B1-4DBC-BB6D-

1DB246563521}
2010-11-06 07:49:38 -------- d-----w- c:\program files\Bonjour
2010-11-05 08:19:17 -------- d-----w- c:\windows\system32\ivtMobCache
2010-11-01 09:39:16 -------- d-----w- c:\users\veljko\appdata\local\Apple
2010-10-27 06:36:02 641536 ----a-w- c:\windows\system32\CPFilters.dll
2010-10-27 06:36:02 417792 ----a-w- c:\windows\system32\msdri.dll
2010-10-27 06:36:02 204288 ----a-w- c:\windows\system32\MSNP.ax
2010-10-27 06:36:02 199680 ----a-w- c:\windows\system32\mpg2splt.ax
2010-10-27 06:35:29 26504 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2010-10-23 06:40:25 -------- d-----w- c:\users\veljko\appdata\roaming\Windows Live

Writer
2010-10-23 06:40:25 -------- d-----w- c:\users\veljko\appdata\local\Windows Live

Writer

==================== Find3M ====================

2010-11-11 11:32:13 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-11-11 11:32:13 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-10-19 09:41:44 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-16 18:55:00 1719912 ----a-w- c:\windows\system32\nvapi.dll
2010-10-16 18:55:00 10023528 ----a-w- c:\windows\system32\nvd3dum.dll
2010-10-16 11:42:20 600680 ----a-w- c:\windows\system32\nvvsvc.exe
2010-10-16 11:42:20 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-10-16 11:42:16 3420776 ----a-w- c:\windows\system32\nvcpl.dll
2010-10-16 11:42:12 2079336 ----a-w- c:\windows\system32\nvsvc.dll
2010-09-22 22:47:28 49016 ----a-w- c:\windows\system32\sirenacm.dll
2010-09-22 22:32:56 301936 ----a-w- c:\windows\WLXPGSS.SCR
2010-09-21 12:03:14 208768 ----a-w- c:\windows\system32\LIVESSP.DLL
2010-09-15 03:50:37 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-08 10:17:46 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 10:17:46 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-09-08 04:30:04 978432 ----a-w- c:\windows\system32\wininet.dll
2010-09-08 04:28:15 44544 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-08 03:22:31 386048 ----a-w- c:\windows\system32\html.iec
2010-09-08 02:48:16 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-09-01 04:23:49 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2010-09-01 02:34:52 2327552 ----a-w- c:\windows\system32\win32k.sys
2010-08-31 04:32:30 954752 ----a-w- c:\windows\system32\mfc40.dll
2010-08-31 04:32:30 954288 ----a-w- c:\windows\system32\mfc40u.dll
2010-08-27 05:46:48 168448 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 04:39:58 109056 ----a-w- c:\windows\system32\t2embed.dll

============= FINISH: 7:20:41,39 ===============

Dođe meni tako pred jesen, da ustanem ispod zemlje, dosadi mi da sam dole
budan sanjam...
...čuvaj, sklanjaj staklo, biće srče, vaskrsavam!
 
0

magna86
Anti Malware Fighter

Član broj: 189287
Poruke: 557

Sajt: www.mycity.rs/Ambulanta


+16 Profil

icon Re: lsass kako ukloniti22.11.2010. u 12:15 - pre 162 meseci
...pa nisi mi rekao jel i dalje imas problem? :)

log izgleda cisto...
 
0

vladant
Beograd

Član broj: 50495
Poruke: 81
*.dynamic.isp.telekom.rs.



+26 Profil

icon Re: lsass kako ukloniti22.11.2010. u 17:51 - pre 162 meseci
ne, nema problema sada.
zapravo, pre nekoliko meseci se to pojavilo, pocelo da pravi ozbiljne probleme,
odmah sam ugasio racunar, i sa drugim OS pogledao na netu vezano za lsass,
pronasao sam informaciju da bi spyhunter trebao da resi problem.
Safe mode, spyhunter on ga video kao unknown, i imao sam opcije disable, enable...
Naravno, disable... i pomenuti, sta je vec... nije vise pravio probleme.

Proslo je nekoliko meseci, i kao i obicno, s'vremena na vreme...
aktiviram spyhunter, on ne nadje nista, sem nekoliko unknown,
lsass sve vreme je tu, ali disable.
Kako sam ja potpuno zaboravio sta je to oduci da enable lsass, cisto da vidim o cemu se radi.
Kakva greska...
Aha, zauzeo je 99% resursa procesora, napravim screen (sto se i vidi na ppocetku teme),
imao sam i HijackThis log, sa aktivnim, laznim, lsass, ne znam vise gde je...
sve sa idejom da ga se resim uz neciju pomoc...

Sa sledecim boot-om windowsa se pojavio crni ekran, sa nekim, meni ne razumljivim
porukama (ima tema u windows desktop, kako zapomazem za pomoc),
resio sam tako da je instalacioni disk win-a, uradio restore, i fix boot...

lsass je ponovo zarobljen od strane spyhunter-a, ali zarobljen, ne i uklonjen.
Ako padne spyhunter, ne znam sta ce se desiti...

hteo bih da izbegnem ponovno instaliranje OS u buducnosi, zelim da napravim
nekakvu beckap varijantu, ghost, ili sta slicno...
Ne bih bas da u to udje i lazni lsass, sta god da bio...
voleo bih da ga uklonim, to je cela ideja.
Dođe meni tako pred jesen, da ustanem ispod zemlje, dosadi mi da sam dole
budan sanjam...
...čuvaj, sklanjaj staklo, biće srče, vaskrsavam!
 
0

vladant
Beograd

Član broj: 50495
Poruke: 81
*.kbcnet.rs.



+26 Profil

icon Re: lsass kako ukloniti03.02.2013. u 22:14 - pre 135 meseci
Jeste da je dizem iz mrtvih, cisto da ne ostane neresena.
Na kraju (jos uvek isti sistem), ponovo sam uradio isto kao gore pomenuto, i ovoga puta je 'microsoft security essential' ocistio lazni lsass.
eto...
Dođe meni tako pred jesen, da ustanem ispod zemlje, dosadi mi da sam dole
budan sanjam...
...čuvaj, sklanjaj staklo, biće srče, vaskrsavam!
 
0

[es] :: Zaštita :: lsass kako ukloniti
(Zaključana tema (lock), by Aleksandar Maletic)

[ Pregleda: 4360 | Odgovora: 5 ] > FB > Twit

Postavi temu

Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.