lsass.exe (5.1.2600.1106)

Содержали в средстве программирования
Имя:	Windows XP Home Edition, Deutsch
Лицензия:	коммерчески
Соединение информации:	http://www.microsoft.com/windowsxp/
Детали архива
Курс архива:	C:\WINDOWS\system32 \ lsass.exe
Дата архива:	2002-08-29 14:00:00
Вариант:	5.1.2600.1106
Размер архива:	11.776 байты
Hashes checksum и архива
CRC32:	D2697D2E
MD5:	5823 9984 742E 8FD4 CD3F CEEB 5453 66C1
SHA1:	7010 716E 0C17 E3B9 88FC 87A2 F079 AFF4 E3FD C33A
Данные по ресурса варианта
Имя компании:	Microsoft Corporation
Описание архива:	LSA Shell (Export Version)
Оперативная система архива:	Windows NT, Windows 2000, Windows XP, Windows 2003
Тип архива:	Dynamic Link Library (DLL)
Вариант архива:	5.1.2600.1106
Внутренне имя:	lsass.exe
Законное авторское право:	� Microsoft Corporation. All rights reserved.
Первоначально filename:	lsass.exe
Имя продукта:	Microsoft� Windows� Operating System
Вариант продукта:	5.1.2600.1106

lsass.exe было найдено в following рапортах:


W32.Nimos.Worm
Технически детали ...Copies itself as %Windows%SystemLsass.exe. Note: %Windir% is a variable.... ..."System Handler"="%Windir%SystemLSASS.EXE" to the registry keys:... Инструкции удаления ..."System Handler"="%Windir%SystemLSASS.EXE" Do one of the following:... ..."System Handler"="%Windir%SystemLSASS.EXE" Navigate to the registry key:... Источник: http://securityresponse.symantec.com/avcenter/venc/data/w32.nimos.worm.html
Backdoor.IRC.Ratsou.D
Технически детали ...Libparse.exe (A nonmalicious file) Lsass.exe (Detected as Backdoor.IRC.Ratsou.D)... ..."HID.EXE"="%windir%system32dsdn36lsass.exe" "lsass"="%windir%system32dsdn36lsass.exe"... ...which call %Windir%System32Dsdn36lsass.exe when chat files are opened.... Инструкции удаления ..."HID.EXE"="%windir%system32dsdn36lsass.exe" "lsass"="%windir%system32dsdn36lsass.exe"... Источник: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.irc.ratsou.d.html
W32.Sasser.G
О W32.Sasser.G ...W32.Sasser.G is a variant of W32.Sasser.Worm that attempts to exploit the LSASS vulnerability described in Microsoft Security Bulletin MS04-011.... Оценка угрозой ...Computer will restart when Lsass.exe process crashes. Releases confidential info:... ...Unpatched systems vulnerable to LSASS exploit - MS04-011 ... Технически детали ...Note: The Lsass.exe process will crash after the worm exploits the Windows LSASS vulnerability.... Инструкции удаления ...following text in the Comment box: Delay Lsass.exe shutdown. Click OK.... Источник: http://securityresponse.symantec.com/avcenter/venc/data/w32.sasser.g.html
Backdoor.Queen
О W32.Sasser.G ...The Trojan attempts to disguise itself as the normal Windows process named "LSASS.EXE." The Trojan has two components:... Технически детали ...Attempts to create a remote thread in "LSASS.EXE" and inject itself into it.... Источник: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.queen.html
Backdoor.Lassrv
Технически детали ...This file injects lsasrv32.dll into the Windows file Lsass.exe. lsarv32.dll.... ...If the .exe file is executed, it injects lsasrv32.dll as a thread into Lsass.exe. The thread connects to ports... Источник: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.lassrv.html
W32.HLLW.Lovgate.D@mm
О W32.Sasser.G ...2000, or XP, the worm attempts to disguise itself as the normal Windows process, Lsass.exe. This threat is written in... Технически детали ...Injects a thread into "LSASS.EXE" and starts a listening server that provides a command shell on port 20168,... Источник: http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.lovgate.d@mm.html
Backdoor.IRC.Ratsou.B
Технически детали ...LibParse.exe, a process viewer, clean. Lsass.exe, hacked mIRC32 client, detected as Backdoor.IRC.Ratsou.B.... ..."HID.EXE"="%System%HID.EXE" "lsass"="%Windir%DebugUserModelsass.exe"... ...extensions in HKEY_LOCAL_MACHINSoftwareClasses, which call %Windir%DebugUserModelsass.exe when chat files are opened.... Инструкции удаления ...HID.EXE lsass Exit the Registry Editor.... Источник: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.irc.ratsou.b.html
Hacktool.Asni
Технически детали ...When Hacktool.Asni is executed on a remote machine, it attempts to crash the LSASS.exe process, which handles some Windows log-on authentication tasks.... Источник: http://securityresponse.symantec.com/avcenter/venc/data/hacktool.asni.html
W32.Sasser.F.Worm
О W32.Sasser.G ...This worm attempts to exploit the LSASS vulnerability described in Microsoft Security Bulletin MS04-011.... Оценка угрозой ...Unpatched systems vulnerable to LSASS exploit - MS04-011. ... Технически детали ...For example, 74354_up.exe. The Lsass.exe process will crash after the worm exploits the Windows LSASS vulnerability.... Инструкции удаления ...following text in the Comment box: Delay Lsass.exe shutdown. Click OK.... Источник: http://securityresponse.symantec.com/avcenter/venc/data/w32.sasser.f.worm.html
W32.HLLW.Lovgate@mm
О W32.Sasser.G ...XP, the worm will attempt to disguise itself as the normal Windows process, "LSASS.EXE." W32.HLLW.Lovgate@mm is written... Технически детали ...If the worm detects the process, "LSASS.EXE," it will attempt to create a remote thread in that particular process and... ...Injects another thread into "LSASS.EXE", which starts a listening server that provides a command shell on port 20168... ...... Источник: http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.lovgate@mm.html

lsass.exe (5.1.2600.1106)

Содержали в средстве программирования

Детали архива

Hashes checksum и архива

Данные по ресурса варианта

lsass.exe было найдено в following рапортах:

W32.Nimos.Worm

Backdoor.IRC.Ratsou.D

W32.Sasser.G

Backdoor.Queen

Backdoor.Lassrv

W32.HLLW.Lovgate.D@mm

Backdoor.IRC.Ratsou.B

Hacktool.Asni

W32.Sasser.F.Worm

W32.HLLW.Lovgate@mm

Навигация