If you recently got an IM from your friend to download a cool Christmas Screensaver, IT IS AN AIM VIRUS!! HEre's what the message said...
This AIM user has sent you a Christmas Card! To open it please visit: hxxp://greetings.aol.com/index.pd?source=greetingscard?my_christmas_card.scr
This senders personal note: Merry Christmas!
The sinker is that the link really take you to hxxp://209.235.17.26/My_Christmas_Card.SCR WHICH IS A VIRUS!
To get rid of it... here's what you do....
Let me tell you its sneaky! It disguises itself as lsass.exe which is
a legitimate windows process, BUT, this virus lists it as a service, which the legitimate lsass.exe is not! the fake lsass.exe also lists itself in the C:\windows\ directory, the real lsass.exe is located in
the C:\WIndows\system32\ directory.... SOOO here's how to kill teh
dork...
Start->run-> Services.msc
Locate the "Local security Authority Subsystem Service" and right
click-> propertires.. You can't stop it so select 'disable' from the
startup options list. Then restart your computer. Go to C:\windows
and delete lsass.exe VOILA! all gone!!!
DO NOT DELETE C:\windows\system32\lsass.exe THIS IS A LEGIT PROCESS!!!!
This AIM user has sent you a Christmas Card! To open it please visit: hxxp://greetings.aol.com/index.pd?source=greetingscard?my_christmas_card.scr
This senders personal note: Merry Christmas!
The sinker is that the link really take you to hxxp://209.235.17.26/My_Christmas_Card.SCR WHICH IS A VIRUS!
To get rid of it... here's what you do....
Let me tell you its sneaky! It disguises itself as lsass.exe which is
a legitimate windows process, BUT, this virus lists it as a service, which the legitimate lsass.exe is not! the fake lsass.exe also lists itself in the C:\windows\ directory, the real lsass.exe is located in
the C:\WIndows\system32\ directory.... SOOO here's how to kill teh
dork...
Start->run-> Services.msc
Locate the "Local security Authority Subsystem Service" and right
click-> propertires.. You can't stop it so select 'disable' from the
startup options list. Then restart your computer. Go to C:\windows
and delete lsass.exe VOILA! all gone!!!
DO NOT DELETE C:\windows\system32\lsass.exe THIS IS A LEGIT PROCESS!!!!