Microsoft.exe – Is actually not a Microsoft Program

Microsoft.exe is a file, which is created by the GAOBOT virus. The virus is known to attack the Windows operating system’s LSASS vulnerability. This results in a buffer overflow and leads to the rebooting of your system. The vulnerability is also known as the MS04-011 vulnerability, and Microsoft has actually made a patch, which addresses and treats this problem itself.

The virus is classified as a worm as it is self-replicating, and can spread over networks. It is a security threat and it should be removed from the computer. The location of the virus is generally in the folder c:\windows\system32\. However, in some machines, copies of the virus have existed in other directories as well like C:\Program Files\Common Files\System\. It is therefore recommended that you search for the file using the windows search utility. The file also hides itself and therefore you need to change the folder options in order to find it.

The file is run at the Windows startup as it makes entries in the registry at different locations. It is best to disable and remove Microsoft.exe immediately from the system, as it is most likely to be a virus. The file could also be the backdoor Trojan.Banco/BR-Variant.Process and hence requires removal for the security of your computer.  Most antivirus software can detect and eliminate this virus with ease, and it is therefore recommended to run a scan using a good antivirus software for the removal of all infected files.