I've got a Trojan

  • Thread starter Thread starter Ben Stevenson
  • Start date Start date
B

Ben Stevenson

Happen to be looking thru Windows Task Manager, looking under "Processes"
saw the "isass.exe" under SYSTEM. Decided to look it up on the Net and found
it to be a Trojan. How can I get rid of it? Are there any good freebies
Trojan finders/killers for me to use regularly? I have AVG anti-virus
updated daily on auto, and use the Ad-aware, Spybot, SpywareBlaster,
CWShredder, regularly.
TIA
 
AdAware, Spybot Search and Destroy, Microsoft Antispyware (beta), and
Stinger. Google for each. There are others but these get the most mentions
on this newsgroup.
 
Ben said:
Happen to be looking thru Windows Task Manager, looking under
"Processes" saw the "isass.exe" under SYSTEM. Decided to look it up
on the Net and found it to be a Trojan. How can I get rid of it? Are
there any good freebies Trojan finders/killers for me to use
regularly? I have AVG anti-virus updated daily on auto, and use the
Ad-aware, Spybot, SpywareBlaster, CWShredder, regularly.
Click to expand...

http://housecall.trendmicro.com
 
Ben Stevenson said:
Happen to be looking thru Windows Task Manager, looking under "Processes"
saw the "isass.exe" under SYSTEM. Decided to look it up on the Net and found
it to be a Trojan. How can I get rid of it? Are there any good freebies
Trojan finders/killers for me to use regularly? I have AVG anti-virus
updated daily on auto, and use the Ad-aware, Spybot, SpywareBlaster,
CWShredder, regularly.
TIA
Click to expand...

Do not confuse isass.exe with lsass.exe
Try this for 30 days free.
http://tds.diamondcs.com.au/
NOTE: near the bottom of the page is a link to download the latest database
update and instructions on how to use them.
 
Ben said:
Happen to be looking thru Windows Task Manager, looking under
"Processes" saw the "isass.exe" under SYSTEM. Decided to look it up
on the Net and found it to be a Trojan. How can I get rid of it? Are
there any good freebies Trojan finders/killers for me to use
regularly? I have AVG anti-virus updated daily on auto, and use the
Ad-aware, Spybot, SpywareBlaster, CWShredder, regularly.
TIA
Click to expand...

You know just enough to be dangerous and not enough to correctly interpret
what you're looking at. What you saw as an uppercase 'I' is, in fact, a
lowercase 'l'. The process is a complete valid Windows process. You're
confusing it with the Sasser executable but Sasser has some very obvious
symptoms the most obvious of which is, like Blaster, would cause the
launching of the RPC (Remote Procedure Call) shutdown procedure. Unless you
are seeing these symptoms, the process is completely valid (which you would
have known had you Googled for the correct file name). lsass is the Local
Security Authority Service and, as I stated, is completely valid.
 
Back
Top