Guest ~BD~ Posted November 5, 2008 Posted November 5, 2008 Read the following carefully and notice the double AA ISAASS.EXE is a Windows file ISASS.EXE is Malware and should definitely be cleaned. Just wondering! Dave Quote
Guest FromTheRafters Posted November 5, 2008 Posted November 5, 2008 Taken out of context - it seems so lonely. Filenames tell you nothing in this respect. Actual fully qualified path and filename tells you only slightly more than nothing. It may suggest that Microsoft does indeed ship a file with that name and install it in that location, and the reverse that this is not a filename that Microsoft ships - or that this file has the right name but is in the wrong place - and - there are known malware programs that take advantage of this same name trick. For instance, in Win98 it is possible (with proper access) to put a malicious file named rundll32.exe in IIRC the "system" directory. On my old system anyway, most calls to rundll32.exe result from fully qualified paths (mostly registry entries) except one I noticed called IIRC LoadPowerProfile. If you want to see how often it runs, do what I did. I placed a copy of notepad there renamed rundll32.exe and went about my business. So, in this scenario rundll32.exe is both a windows file and a malware file (or notepad renamed) depending on where it is and what it is doing there. "~BD~" <~BD~@no.mail.afraid.com> wrote in message news:ee2c2$tPJHA.3932@TK2MSFTNGP02.phx.gbl...<span style="color:blue"> > Read the following carefully and notice the double AA > > ISAASS.EXE is a Windows file > > ISASS.EXE is Malware and should definitely be cleaned. > > > > Just wondering! > > Dave > > > </span> Quote
Guest David H. Lipman Posted November 5, 2008 Posted November 5, 2008 From: "~BD~" <~BD~@no.mail.afraid.com> | Read the following carefully and notice the double AA | ISAASS.EXE is a Windows file | ISASS.EXE is Malware and should definitely be cleaned. | | Just wondering! | Dave / NEITHER are legitimate Windows files ! / -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp Quote
Guest ~BD~ Posted November 5, 2008 Posted November 5, 2008 Thank you FTR and Mr Lipman. Here is the original thread: "Peter Foldes" <okf22@hotmail.com> wrote in message news:1225757072_58971@pegasus.annex.net... Linda Read the following carefully and notice the double AA ISAASS.EXE is a Windows file ISASS.EXE is Malware and should definitely be cleaned. Which AV and other Malware\Trojan cleaners do you have -- Peter "Linda" <mylindy@iowatelecom.net> wrote in message news:1225754876_58761@pegasus.annex.net... I have been getting this popup notice: I keep clicking Deny. I've read that it's a trojan and I've also read that it's a process of the Microsoft security. How do I know for sure which one it is? I've scanned the computer with Avast and asquared, also done an online scan, and they are not showing any problems. Please help if you can. Linda Comments from Peter Foldes invited, bearing in mind the comments from FTR and David H Lipman. Dave -- Quote
Guest Peter Foldes Posted November 5, 2008 Posted November 5, 2008 You sick . Did you not read the correction after and not only that the emails that was exchanged after with the OP which you of course did not see. Someone should put you in a straight jacket and leave you in there where the sun don't shine -- Peter Please Reply to Newsgroup for the benefit of others Requests for assistance by email can not and will not be acknowledged. "~BD~" <~BD~@no.mail.afraid.com> wrote in message news:OigPBguPJHA.5076@TK2MSFTNGP03.phx.gbl...<span style="color:blue"> > Thank you FTR and Mr Lipman. Here is the original thread: > > > > "Peter Foldes" <okf22@hotmail.com> wrote in message > news:1225757072_58971@pegasus.annex.net... > Linda > > Read the following carefully and notice the double AA > > ISAASS.EXE is a Windows file > > ISASS.EXE is Malware and should definitely be cleaned. > > Which AV and other MalwareTrojan cleaners do you have > > -- > Peter > > > "Linda" <mylindy@iowatelecom.net> wrote in message > news:1225754876_58761@pegasus.annex.net... > I have been getting this popup notice: > I keep clicking Deny. I've read that it's a trojan and I've also read that > it's a process of the Microsoft security. How do I know for sure which one > it is? I've scanned the computer with Avast and asquared, also done an > online scan, and they are not showing any problems. > Please help if you can. > Linda > > > Comments from Peter Foldes invited, bearing in mind the comments from FTR > and David H Lipman. > > Dave > > -- > ></span> Quote
Guest ~BD~ Posted November 5, 2008 Posted November 5, 2008 Do you mean this one? "Peter Foldes" <okf22@hotmail.com> wrote in message news:1225850080_65240@pegasus.annex.net... Linda I am sorry I mistyped . It should have been an L not an I for the first letter of the valid Windows file -- Peter It should be noted that the date/time stamp of the above was 05 November 2008 01:55 My illuminating post here was made at: 05 November 2008 01:44 Eleven minutes earlier Times GMT You have been caught out yet again, Mr Foldes! Dave -- "Peter Foldes" <okf22@hotmail.com> wrote in message news:uWBucpuPJHA.4372@TK2MSFTNGP04.phx.gbl... You sick . Did you not read the correction after and not only that the emails that was exchanged after with the OP which you of course did not see. Someone should put you in a straight jacket and leave you in there where the sun don't shine -- Peter Please Reply to Newsgroup for the benefit of others Requests for assistance by email can not and will not be acknowledged. "~BD~" <~BD~@no.mail.afraid.com> wrote in message news:OigPBguPJHA.5076@TK2MSFTNGP03.phx.gbl...<span style="color:blue"> > Thank you FTR and Mr Lipman. Here is the original thread: > > > > "Peter Foldes" <okf22@hotmail.com> wrote in message > news:1225757072_58971@pegasus.annex.net... > Linda > > Read the following carefully and notice the double AA > > ISAASS.EXE is a Windows file > > ISASS.EXE is Malware and should definitely be cleaned. > > Which AV and other MalwareTrojan cleaners do you have > > -- > Peter > > > "Linda" <mylindy@iowatelecom.net> wrote in message > news:1225754876_58761@pegasus.annex.net... > I have been getting this popup notice: > I keep clicking Deny. I've read that it's a trojan and I've also read that > it's a process of the Microsoft security. How do I know for sure which one > it is? I've scanned the computer with Avast and asquared, also done an > online scan, and they are not showing any problems. > Please help if you can. > Linda > > > Comments from Peter Foldes invited, bearing in mind the comments from FTR > and David H Lipman. > > Dave > > -- > > </span> Quote
Guest ~BD~ Posted November 5, 2008 Posted November 5, 2008 Oh yes! I forgot to add ................ "the emails that was exchanged after with the OP which you of course did not see" A reminder. "Please Reply to Newsgroup for the benefit of others Requests for assistance by email can not and will not be acknowledged". Quote
Guest ~BD~ Posted November 5, 2008 Posted November 5, 2008 Seems as if one of your own colleagues 'over there' doesn't believe you either, Peter Foldes! "bluepoint" <noone@si.invalid> wrote in message news:1225862618_65934@pegasus.annex.net... <span style="color:blue"> > Hmm, could be you have a typo? You have it reversed. > LSASS.EXE = Windows file > LSAASS.EXE = non Windows file</span> HTH Dave -- Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.