I do not see Lssas but I do see lsass.exe which is a legitimate Windows file :).
Printable View
I do not see Lssas but I do see lsass.exe which is a legitimate Windows file :).
Trouble is I have two in System 32 and the larger one came out like this:
Jotti's malware scan 2.99-TRANSITION_TO_3.00
File to upload & scan: Virus
Service
Service load:
0% 100%
File: lssas.exe
Status:
INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database) (Note: only non-destructive malware has been found. Considering the non-destructive nature of samples like these - although they can be a pain -, results will not be stored in the database.)
MD5 b85fdfd93b10f6b56cdc7898bcf05d99
Packers detected:
MORPHINE, UPX
Scanner results
AntiVir
Found BDC/ServU-Based
Avast
Found Win32:Trojan-gen. {Other}
AVG Antivirus
Found nothing
BitDefender
Found Backdoor.ServU.4004.A
ClamAV
Found nothing
Dr.Web
Found BackDoor.Servu.221
F-Prot Antivirus
Found security risk or a "backdoor" program
Fortinet
Found W32/Lssas.U
Kaspersky Anti-Virus
Found not-a-virus:Server-FTP.Win32.Serv-U.25.f
mks_vir
Found Trojan.Servubas
NOD32
Found nothing
Norman Virus Control
Found nothing
VBA32
Found nothing
Evidently they try to hide it by making the L look like an I by using a small case l.
But that file is not showing in any of your logs. Only the one that is spelt lsass not lssas.
Obviously if you have a file there that jhotti has found bad, you should delete it :).
Apologies. I have caused a bit of confusion. lsass.exe is Microsoft. lssas is malware, which I have deleted. :o
All good :).
Hi
Check your Internet Explorer Setting:
Service - Properties - General - Select blank as your home page (about:blank) - Click OK button
Restart Internet Explorer
Hope it will help you