Hi,
Which Anti-virus software is good at protecting Win 2016 server, and is fine to remove virus like isass.exe? What is the good way to remove isass.exe on Win 2016 server?
Hi,
Which Anti-virus software is good at protecting Win 2016 server, and is fine to remove virus like isass.exe? What is the good way to remove isass.exe on Win 2016 server?
Hi @Jackson1990-7147 ,
This is a quick note to let you know that I am currently performing research on this issue and will get back to you as soon as possible. I appreciate your patience.
If you have any updates during this process, please feel free to let me know.
Best Regards,
Sunny
Hi,
Thank you for your feedback.
You could find the phone number for your region accordingly for the following link:
Global Customer Service phone numbers
And then, you need call that number and describe your issue to our colleague, he/her will give you further instruction regarding of opening a case with Microsoft.
Best Regards,
Sunny
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Windows Server 2016 already had Windows Defender and you just need to make sure it is enabled.
Take a look at:
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-on-windows-server-2016
https://docs.microsoft.com/en-us/windows-server/security/windows-defender/windows-defender-overview-windows-server
It is able to remove all known and also several 0-days and unknown malwares based on their behavior.
Hi,
Thanks for posting in Q&A platform.
As Reza-Ameri mentioned, the Windows Defender Firewall can help you to prevent virus. Please refer to his/her suggestion.
And here are some articles regarding of how to remove Isass.exe for your reference:
How to Delete the Lsass.exe Virus
How to Remove “lsass.exe”
Please Note: Since the websites are not hosted by Microsoft, the links may change without notice. Microsoft does not guarantee the accuracy of this information.
Best Regards,
Sunny
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Hi,
Within details Tab below, I do not see process like "avserve.exe," "avserve2.exe," "skynetave.exe". Can you help?
Have you followed the link I posted earlier?
Did you manage to check the status of Windows Defender?
Hi,
Windows Defender is running below
but Server traffic is high like 200 Mbytes per second, which is abnormal. How to fix it?
Hi,
Thanks for your patient.
Based on my understanding the issue is Isass.exe takes up high memory and you want to remove this process now.
Isass.exe's high occupancy may also be due to some malware forging its name.
First, may I know if the server can access to Internet? I would suggest you run netstat -ano command to check if there are so many external IP addresses establish connection to your server through port 135, 138, 139, or 445. If yes, please remember the PID and check in resource monitor if PID's corresponded process is Isass.exe. If yes, I would suggest you could install a third part anti-virus software to initiate a full scan of the server to remove these virus firstly.
Then I would suggest close ports 135, 138, 139 and 445 in Windows Firewall.
Best Regards,
Sunny
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Hi,
Which is good option (of anti-virus tool) to remove the issue? I will check it further and apply rules on it.
Hi,
Thanks for your prompt feedback.
Please understand we're not familiar with third-party security software. I would suggest you could post in other general forum to get a proper recommendation.
Best Regards,
Sunny
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Hi,
Thanks for your feedback.
Regarding the issue Isass.exe takes up high memory, collecting network traces is necessary for further troubleshooting. According network trace which was captured during the issue time, we could find which protocol and which port were sent these traffics. And please understand network traces analysis is beyond our forum support, I would suggest you open a case with Microsoft where more in-depth investigation can be done. There will be a specific experts contact you, so that you would get a more satisfying explanation and solution to this issue.
Also, in this way ,they can have a clear picture about your issue and your environment by phone communication and live share session.
You may find phone number for your region accordingly from the link below:
https://support.microsoft.com/en-us/gp/customer-service-phone-numbers
Best Regards,
Sunny
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Hi,
I've applied relevant Firewall rules on the mentioned ports and have also performed Virus scan within the server. But there is still traffic like around 80/160/170 Mbps, and sometimes even 490 Mbps. Is there more improvement possible to this?
Can you share the details to open one case through MSDN support?
6 people are following this question.