If you have been keeping up with the news lately then you may very well be aware of an espionage ring dubbed ‘Red October‘ by Kaspersky Lab. This sophisticated piece of malware has been in circulation for over 5 years and has only just recently been detected.
If you are running a critical network then you may be concerned that this piece of modular malware has found its way on there.
If so you can remove it manually by killing svchost.exe and then removing two files:
- C:\Program Files\Windows NT\svchost.exe
- C:\Program Files\Windows NT\lhafd.gcp
Alternatively, if you don’t feel comfortable doing that then you can utilise a new free tool from BitDefender which will do the same job for you in an automated manner.
You can download the BitDefender Red October Removal Tool from http://labs.bitdefender.com/2013/01/bitdefender-releases-free-red-october-removal-tool/