isass.exe and Isass.exe

Hello,

First question, would TDS-3 detecting this Trojan?

I have this Process running in Taskmanager which I never seen before. I know one is a legitimate Windows process but how to find out between the good one and the bad one?

I did a scan with TDS-3 and it was negative.

Thanks to clarify this.

 

Don't you mean "Lsass.exe"?

This is the local security server used for microsoft logins. It's not a trojan.

 

I had the same confusion when I saw lsass.exe on my task manage processes. So I did a file search for isass.exe (with an "i" and which is the trojan) and came up with nothing. Then I searched for lsass.exe (with an "l") and came up with the proper Windows file.

I usually run a search for any suspect file on my task manager before ending the process.

 

And when in doubt scan with TDS, look with Port Explorer if it makes hidden connections, look if ProcessGuard does anything special with it and you can put the file name of the nasty in the WormGuard block list and you can surf to www.kaspersky.com/remoteviruschk and see it scanned and if still in doubt zip and submit to submit(AT)diamondcs.com.au (replace (AT) with @ )