When I use command netstat -aqn I see bound connections. Does this mean I have a snooper?
I traced the connection to a pid named isass.exe. Some web pages say its malware. Is that correct?
the LSASS.EXE file is a Windows System File, located at %WINDIR%\System32 (C:\Windows\System32) If it is showing that it was loaded elsewhere, then more than likley it's a fake and a virus/malware file.
If that is indeed the name of the file and not the valid lsass.exe (starts with the letter "L" and not "I") then it likely is malware. You need to clarify the correct name of the file so we can determine where this thread needs to be.
I've merged the other thread into this one as it explains your concerns more.
You can tell from it's location in the list that it starts with "L' and not "i" so it looks like the valid Local Security Authority Process service.
I'll moved this to the Networking forum for information on those connections.
Status
Not open for further replies.
You have insufficient privileges to reply here.
Related Threads
?
?
?
?
?
Tech Support Guy
9.9M posts
859.7K members
Since 1998
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!