lsass.exe infected, no internet
- Thread starter dreamz
- Start date
- Mar 8, 2013
- 22,627
Your computer isn't infected. I don't know how to help you further. Try to create new account and if that doesn't help, you'll need to reinstall Windows. I don't even know anymore what is the current problem.
- Mar 29, 2017
- 51
i start scannow, the first thing that came up was as follows. sorry i know you dont like long messages, o
- Mar 29, 2017
- 51
i believe i have a hacker. there is a group. just from what i have explored. there are about 3-5 pid's, ive ran netstat and a few other things. i dont know enough to change the settings in dos so that i can get at least internet back to dowc:n servicing or repaiload anything. i see drivers and remote apps running. i just started sfc operation is currently running,, first thing that came up was this:
properties the font is not true type, the largins are cutting off the left and top, another servicing or repaair operation is currentlu running,
c:\users\adminitrator>R=d:windows, this user is using legacy. i cant see tings changing.
i bought this from my son, he said he downgraded from 10 to 8. but everything shows im windows 10. i dont have a disk, but i did write down the key, although it might need changing.
my admin after running fix in recovery seeemed to work and got the windows screen but cant access start. at boot i get error msc 0x80070426 contact systems admin.there is another admin running this scan sme time im running mine:
c:\user\adminitrator> sfc /SCANFILE=d:\windows\system32\kernel32.dll /OFFBOOT=d\ /OFFWINDI i cant see the rest of this
SFC [/SCANBOW] [/VERIPHONEONLY] [/SCANFILE=<file>] [/VERIIFYFILE=<file>]
i could send you more. whoever it is seems to be taking over. i have another user on there as backup, i gave admin privies to before something else happened.
when i look at ipcongif i see where i am disabled, i do not know how to change that back in regedit. and in the properties box path there is a -k, i have tried to find out what that means with no luck. i have no problem starting from scratch even though i will lose everything. my main account is a hotmail account which i cant get to without internet. also in ipconfig my media shows disabled as well. how to i enable these. i read about creating hidden admin with elevated privies or accessing the one already there, if they havent already taken that. guide me in the right direction please
- Mar 8, 2013
- 22,627
I would really like to help you but the way I am helping over the internet, the issue you have and my limited time makes it impossible to solve this problem. My advice is to completely wipe the system and install Windows 10 from scratch. If you can't do it alone, I suggest to take your computer to the repair shop.
- Mar 29, 2017
- 51
ok, tyvm for your help. i know i have hacker in there. i've snooped around. its that syswow64 came from pro something attched to a file i mustve d/l. can you recommend a good rootkit software? if i could afford to take to shop, i would have. like i said, not enough enough money to buy you a buy. thanks again. if you think any of the others might have an idea let me know. where can i get a fresh windows media to d/l?
jenn
jenn
- Mar 8, 2013
- 22,627
You can get a Windows 10 from here:
Download Windows 10
Rootkit scanning can be done with almost any anti malware software.
Download Windows 10
Rootkit scanning can be done with almost any anti malware software.
- Mar 29, 2017
- 51
ok, im a little nervous about all this. there is definitely someone in my computer. i can see them using my internet where mine shows restricted. they are using as part of their path -k, i couldn't find that in my queries. i can see in regedit the files they have blocked, but dont know enough to do anything. they have new drivers, i could go on but i wont. i dont know how to do this. i saw a duel rootkit somewhere. can you recommend one. can you help me do what ever it is i need to do to get my laptop back? ive copied reports from event logs that shows something is wrong. in the meantime, going to try to get complete control to do all of this. ill get a rootkit and run that. im here in front of other laptop, wish me luck.
jenn
Similar threads
