Sasser Worm

[1cem4n]

I just found a process on my computer which is using 5,000 kbs of memory. It's called lsass.exe and I think maybe its the sasser worm. I just want to make sure because last time I deleted the "virus" it turned out to be a very important registry file. Any idea?

-1cem4n

 

[Know Nuttin]

lsass.exe is a normal windows process.

 

[dicecca112]

lsass - lsass.exe - Process Information

Process File: lsass or lsass.exe
Process Name: Local Security Authority Service

Description:
lsass.exe is a system process of the Microsoft Windows security mechanisms. It specifically deals with local security and login policies.

Note: lsass.exe also relates to the Windang.worm, irc.ratsou.b, Webus.B, MyDoom.L, Randex.AR, Nimos.worm which spread via floppy disk drives, mass-mailing and peer-to-peer sharing. Please review file path for clarification of this.
For More Information About lsass.exe - Get WinTasks 5 Pro Now!

Author: Microsoft Corp.
Part Of: Microsoft Windows Operating System

System Process: Yes
Background Process: Yes
Uses Network: Yes
Hardware Related: No
Common Errors: N/A
Memory Usage: N/A ( Free Up Memory )

Security Risk (0-5): 0
Spyware: No ( Remove )
Adware: No ( Remove )
Virus: No ( Remove )
Trojan: No ( Remove )

Remove lsass.exe: Use WinTasks
Boost Your PC: Use SpeedUpMyPC

Administrators: Troubleshoot Your PCs

 

[Enablingwolf]

Edit: Minute to slow hahaha


Copied from: http://www.liutilities.com/products/wintaskspro/processlibrary/lsass/


lsass - lsass.exe - Process Information

Process File: lsass or lsass.exe
Process Name: Local Security Authority Service

Description:
lsass.exe is a system process of the Microsoft Windows security mechanisms. It specifically deals with local security and login policies.

 

[1cem4n]

So its completely harmless? I heard that it IS the Sasser Worm.

-1cem4n

 

[Nexus Realized]

It is harmless. Not sure why someone told you it is a virus.

 

[RJARRRPCGP]

So its completely harmless? I heard that it IS the Sasser Worm.

-1cem4n

Wrong. The Sasser virus uses an exploit to crash LSASS.EXE and thus the error message you see is from Windows, because LSASS.EXE crashed.

 

[aeiou]

I think sasser had a slightly different name, just to make it look legit, but not really. Cna't remember what it was.

 

[Know Nuttin]

I think you may have it confused with issas.exe, which is a virus. LSASS.exe is normal.

 

[redduc900]

If you're unsure, download and run the W32.Sasser Removal Tool available from Symantec here ...

W32.Sasser Removal Tool
http://securityresponse.symantec.com/avcenter/venc/data/w32.sasser.removal.tool.html

...just to be on the safe side.

 

[3DFlyer]

I wouldn't be too worried about viruses with Anit-Virus software on your computer. You do have AV Software right?

 

[gusdagoos]

I have the sasser worm but i cant get into windows normally or through safe mode. how can i remove it?

 

[Warren G]

NOD32 ftw!!

 

[gusdagoos]

WHAT?! lol

 

[hallen]

Anyone know of a virus/worm that disables Task Manager? It just happened to me this AM. I never turned it off intentionally. Can't find a way to turn it back on. Hard to find out what is happening on the system without Task Manager.