LSMASS.EXE is Trojan Dapato

Malware No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Is the file LSMASS.EXE located on your computer? Then your computer is infected.
We do suggest you should remove LSMASS.EXE from your computer as soon as possible.
LSMASS.EXE is Trojan/Backdoor.
Kill the process LSMASS.EXE and remove LSMASS.EXE from the Windows startup.

Malware Analysis of LSMASS.EXE
Full path on a computer: %Program Files Common%\lsmass.exe

Detected by UnHackMe:

Item Name: Windows-Network Component
Author:
Related File: %PROGRAM FILES COMMON%\LSMASS.EXE
Type: Explorer Run

WSCNTFY.EXE
Default location: %COMMON APPDATA%\WSCNTFY.EXE

Removal Results: Success
Number of reboot: 1

LSMASS.EXE is known as:

Trojan.Dapato

LSMASS.EXE hash:

  • MD5: 676f69219417672c46a1948aa183ec3c
The file is used for downloading and installing other malware, Trojans, viruses by the commands received from the Command Center.
How to quickly detect LSMASS.EXE presence?

Registry:
  • HKLM\Software\Microsoft\Active Setup\Installed Components\{61832be3-2feb-11de-a55e-806d6172696f}\StubPath: “%Common Appdata%\wscntfy.exe -r”
  • HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\Windows-Network Component: “%Program Files Common%\lsmass.exe”
  • HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Windows-Audio Driver: “%Common Appdata%\wscntfy.exe”
Files:
  • %Temp%\qrJgN3j1wV.exe
  • %Common Appdata%\wscntfy.exe
  • %Program Files Common%\lsmass.exe

Comments

Loading... Logging you in...
Dashboard | Edit profile | Logout
  • Logged in as
Login or signup now to comment.
There are no comments posted yet. Be the first one!

Comments by

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images