lsas.exe - Dangerous

lsas.exe

Manual removal instructions:

Antivirus Report of lsas.exe:
lsas.exe Malware
lsas.exeDangerous
lsas.exeHigh Risk
lsas.exe
Gaobot Trojan.
Spreads in local network via open shares.
Also it uses DCOM RPC vulnerability (135,445 ports) and WebDav vulnerability (port 80).
Allows to control the victim computer by IRC.
Terminates well known antiviral software.
Removal:
install the patches from Microsoft:
http://www.microsoft.com/technet/securit...
http://www.microsoft.com/technet/securit...
http://www.microsoft.com/technet/securit...
http://www.microsoft.com/technet/securit...
http://www.microsoft.com/technet/securit...
http://www.microsoft.com/technet/securit...
http://www.microsoft.com/technet/securit...
Set the strong passwords for network shares.
Use RegRun "Terminate" feature to erase the virus body files.
They are located in Windows\System32 folder.
Cavapsvc.exe
Csrrs.exe
Cvhost.exe
DIIhost.exe (with capital letter 'i')
Dosrun32.exe
Dos32.exe
Lsas.exe
Regloadr.exe
Schost.exe
Scvhost.exe
Service.exe
Servicess.exe
Sochost.exe
Swchost.exe
System.exe
Update.exe
Wdrun32.exe
Winhlpp32.exe
Winreg.exe
Winupdsdgm.exe

Free removal tool:

Remove lsas.exe now!

Reviewed by:

by

lsas.exe Dangerous Rating: 5 out of 5

Jeff's Story:

My PC had gotten a bad rootkit that my ISP antivirus software (powered by McAfee) could not detect, nor could fix.

I sought a solution on the Internet and discovered your product and tried out the trial of UnHackMe.

You quickly found the rootkit and SAVED my PC!

I haven't had any problems since, and I'm extremely grateful.