Support Forum Articles File Help Startup DB Tips Service DB Hijack This! Analyzer

 

HijackThis automated log analyzer! Submit a log and you will receive ALL the information we have in our DB's on everything on your system INSTANTLY!
Page 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18

Avserve.exe


Click here to Run a Free Scan for Avserve.exe Related Errors

What is it?
WORM_SASSER.A - AVSERVE.EXE

What does it do?
This worm exploits the Windows LSASS vulnerability , which is a buffer overrun that allows remote code execution and enables an attacker to gain full control of affected systems.This vulnerability is discussed in detail in the following pages:

To propagate, it scans the network for vulnerable systems. When it finds a vulnerable system, this malware sends a specially crafted packet to produce a buffer overflow on LSASS.EXE.

It creates the script file CMD.FTP, which contains instructions for the vulnerable system to download and execute a copy of this malware from a remote infected system using FTP on TCP port 5554.

Removal:
Trend Micro has the full dirt ( HERE )


Fix Avserve.exe Errors: Free Scan

Recommended: Free PC Speed Test - what is slowing down your PC?


Avserve.exe is Spyware!

Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2)
Startup DB Entries: