I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
Is the file LSMASS.EXE located on your computer? Then your computer is infected.
We do suggest you should remove LSMASS.EXE from your computer as soon as possible.
LSMASS.EXE is Trojan/Backdoor.
Kill the process LSMASS.EXE and remove LSMASS.EXE from the Windows startup.
Malware Analysis of LSMASS.EXE
Full path on a computer: %Program Files Common%\lsmass.exe
Detected by UnHackMe:
Item Name: Windows-Network Component
Author:
Related File: %PROGRAM FILES COMMON%\LSMASS.EXE
Type: Explorer Run
WSCNTFY.EXE
Default location: %COMMON APPDATA%\WSCNTFY.EXE
Removal Results: Success
Number of reboot: 1
LSMASS.EXE is known as:
Trojan.Dapato
LSMASS.EXE hash:
- MD5: 676f69219417672c46a1948aa183ec3c
The file is used for downloading and installing other malware, Trojans, viruses by the commands received from the Command Center.
How to quickly detect LSMASS.EXE presence?
Registry:
Files:
Registry:- HKLM\Software\Microsoft\Active Setup\Installed Components\{61832be3-2feb-11de-a55e-806d6172696f}\StubPath: “%Common Appdata%\wscntfy.exe -r”
- HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\Windows-Network Component: “%Program Files Common%\lsmass.exe”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Windows-Audio Driver: “%Common Appdata%\wscntfy.exe”
Files:- %Temp%\qrJgN3j1wV.exe
- %Common Appdata%\wscntfy.exe
- %Program Files Common%\lsmass.exe