[filename.info logo]
[cn lsass.exe][de lsass.exe][es lsass.exe][fr lsass.exe][gb lsass.exe][it lsass.exe][jp lsass.exe][kr lsass.exe][nl lsass.exe][pt lsass.exe][ru lsass.exe][us lsass.exe]
 

lsass.exe (5.1.2600.1106)

Bevat in software

Naam:Windows XP Home Edition, Deutsch
Vergunning:commercieel
De verbinding van de informatie:http://www.microsoft.com/windowsxp/

De details van het dossier

De weg van het dossier:C:\WINDOWS\system32 \ lsass.exe
De datum van het dossier:2002-08-29 14:00:00
Versie:5.1.2600.1106
De grootte van het dossier:11.776 bytes

De knoeiboel van de controlesom en van het dossier

CRC32:D2697D2E
MD5:5823 9984 742E 8FD4 CD3F CEEB 5453 66C1
SHA1:7010 716E 0C17 E3B9 88FC 87A2 F079 AFF4 E3FD C33A

Het middelinformatie van de versie

Firmanaam:Microsoft Corporation
De beschrijving van het dossier:LSA Shell (Export Version)
Het werkende systeem van het dossier:Windows NT, Windows 2000, Windows XP, Windows 2003
Het type van dossier:Dynamic Link Library (DLL)
De versie van het dossier:5.1.2600.1106
Interne naam:lsass.exe
Wettelijk auteursrecht:© Microsoft Corporation. All rights reserved.
Originele filename:lsass.exe
De naam van het product:Microsoft® Windows® Operating System
De versie van het product:5.1.2600.1106

lsass.exe werd gevonden in de volgende rapporten:

W32.Nimos.Worm

Technische details
...Copies itself as %Windows%SystemLsass.exe. Note: %Windir% is a variable....
..."System Handler"="%Windir%SystemLSASS.EXE" to the registry keys:...
De instructies van de verwijdering
..."System Handler"="%Windir%SystemLSASS.EXE" Do one of the following:...
..."System Handler"="%Windir%SystemLSASS.EXE" Navigate to the registry key:...
Bron: http://securityresponse.symantec.com/avcenter/venc/data/w32.nimos.worm.html

Backdoor.IRC.Ratsou.D

Technische details
...Libparse.exe (A nonmalicious file) Lsass.exe (Detected as Backdoor.IRC.Ratsou.D)...
..."HID.EXE"="%windir%system32dsdn36lsass.exe" "lsass"="%windir%system32dsdn36lsass.exe"...
...which call %Windir%System32Dsdn36lsass.exe when chat files are opened....
De instructies van de verwijdering
..."HID.EXE"="%windir%system32dsdn36lsass.exe" "lsass"="%windir%system32dsdn36lsass.exe"...
Bron: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.irc.ratsou.d.html

W32.Sasser.G

OngeveerW32.Sasser.G
...W32.Sasser.G is a variant of W32.Sasser.Worm that attempts to exploit the LSASS vulnerability described in Microsoft Security Bulletin MS04-011....
De beoordeling van de bedreiging
...Computer will restart when Lsass.exe process crashes. Releases confidential info:...
...Unpatched systems vulnerable to LSASS exploit - MS04-011 ...
Technische details
...Note: The Lsass.exe process will crash after the worm exploits the Windows LSASS vulnerability....
De instructies van de verwijdering
...following text in the Comment box: Delay Lsass.exe shutdown. Click OK....
Bron: http://securityresponse.symantec.com/avcenter/venc/data/w32.sasser.g.html

Backdoor.Queen

OngeveerW32.Sasser.G
...The Trojan attempts to disguise itself as the normal Windows process named "LSASS.EXE." The Trojan has two components:...
Technische details
...Attempts to create a remote thread in "LSASS.EXE" and inject itself into it....
Bron: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.queen.html

Backdoor.Lassrv

Technische details
...This file injects lsasrv32.dll into the Windows file Lsass.exe. lsarv32.dll....
...If the .exe file is executed, it injects lsasrv32.dll as a thread into Lsass.exe. The thread connects to ports...
Bron: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.lassrv.html

W32.HLLW.Lovgate.D@mm

OngeveerW32.Sasser.G
...2000, or XP, the worm attempts to disguise itself as the normal Windows process, Lsass.exe. This threat is written in...
Technische details
...Injects a thread into "LSASS.EXE" and starts a listening server that provides a command shell on port 20168,...
Bron: http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.lovgate.d@mm.html

Backdoor.IRC.Ratsou.B

Technische details
...LibParse.exe, a process viewer, clean. Lsass.exe, hacked mIRC32 client, detected as Backdoor.IRC.Ratsou.B....
..."HID.EXE"="%System%HID.EXE" "lsass"="%Windir%DebugUserModelsass.exe"...
...extensions in HKEY_LOCAL_MACHINSoftwareClasses, which call %Windir%DebugUserModelsass.exe when chat files are opened....
De instructies van de verwijdering
...HID.EXE lsass Exit the Registry Editor....
Bron: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.irc.ratsou.b.html

Hacktool.Asni

Technische details
...When Hacktool.Asni is executed on a remote machine, it attempts to crash the LSASS.exe process, which handles some Windows log-on authentication tasks....
Bron: http://securityresponse.symantec.com/avcenter/venc/data/hacktool.asni.html

W32.Sasser.F.Worm

OngeveerW32.Sasser.G
...This worm attempts to exploit the LSASS vulnerability described in Microsoft Security Bulletin MS04-011....
De beoordeling van de bedreiging
...Unpatched systems vulnerable to LSASS exploit - MS04-011. ...
Technische details
...For example, 74354_up.exe. The Lsass.exe process will crash after the worm exploits the Windows LSASS vulnerability....
De instructies van de verwijdering
...following text in the Comment box: Delay Lsass.exe shutdown. Click OK....
Bron: http://securityresponse.symantec.com/avcenter/venc/data/w32.sasser.f.worm.html

W32.HLLW.Lovgate@mm

OngeveerW32.Sasser.G
...XP, the worm will attempt to disguise itself as the normal Windows process, "LSASS.EXE." W32.HLLW.Lovgate@mm is written...
Technische details
...If the worm detects the process, "LSASS.EXE," it will attempt to create a remote thread in that particular process and...
...Injects another thread into "LSASS.EXE", which starts a listening server that provides a command shell on port 20168...
......
Bron: http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.lovgate@mm.html



Valid HTML 4.01!