Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Software Troubleshooting
Maybe (not) is problem with process lsass.exe
Message
<blockquote data-quote="Parsh" data-source="post: 860291" data-attributes="member: 58090"><p>Didn't catch you, which certificate(s) are you comparing?</p><p></p><p>Ignore the services shown for now, they are standard.</p><p>As [USER=85798]@manchesterunited[/USER] hinted, the connections may be related to getting your sign-in workflow processed. Digsigtrust for certificate related queries.</p><p>When it comes to ISP, it is common for machines to by default use the DNS server provided by your ISP. This might be it. Did lsass.exe really make the connection to your ISP? From what i know, DNS resolution is commonly done by svchost.</p><p>Assuming that</p><ul> <li data-xf-list-type="ul">the lsass.exe is from the original location (C:/Windows/System32) and</li> <li data-xf-list-type="ul">there may have been no apparent process injection into lsass (lsass does often get triggered when launching such apps with accounts) and</li> <li data-xf-list-type="ul">that the IP addresses (domain name: akamaitechnologies & hostname: digsigtrust that belongs to identrust.com) do not seem to be shady in this case</li> </ul><p>you should be good.</p><p>Blocking lsass.exe in this case may perhaps have an effect on your Office account re-signing-in. However, if it's working well right now, you're good. Let us know.</p></blockquote><p></p>
[QUOTE="Parsh, post: 860291, member: 58090"] Didn't catch you, which certificate(s) are you comparing? Ignore the services shown for now, they are standard. As [USER=85798]@manchesterunited[/USER] hinted, the connections may be related to getting your sign-in workflow processed. Digsigtrust for certificate related queries. When it comes to ISP, it is common for machines to by default use the DNS server provided by your ISP. This might be it. Did lsass.exe really make the connection to your ISP? From what i know, DNS resolution is commonly done by svchost. Assuming that [LIST] [*]the lsass.exe is from the original location (C:/Windows/System32) and [*]there may have been no apparent process injection into lsass (lsass does often get triggered when launching such apps with accounts) and [*]that the IP addresses (domain name: akamaitechnologies & hostname: digsigtrust that belongs to identrust.com) do not seem to be shady in this case [/LIST] you should be good. Blocking lsass.exe in this case may perhaps have an effect on your Office account re-signing-in. However, if it's working well right now, you're good. Let us know. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
