General discussion

  • Creator
    Topic
  • #2187223

    Isass.exe system error (on title bar)

    Locked

    by computab ·

    This probably is not a virus as this newly installed PC has Panda antivirus updated. Can’t tell if it’s L, i or 1 at start. The message box says ‘I/O error operation initiated by the registry failed unrecoverably. The registry could not read in, read out, or flush, one of the files that contained the system’s image of the registry. New PC with Celeron 2800, 256MB, 40GB, Win XP Home, SP2,.

All Comments

  • Author
    Replies
    • #3244691

      Reply To: Isass.exe system error (on title bar)

      by bfilmfan ·

      In reply to Isass.exe system error (on title bar)

      Sounds like Lsass or a critical sub-component has become corrupted.

      Do an in-place recovery.

      • #3244604

        Reply To: Isass.exe system error (on title bar)

        by computab ·

        In reply to Reply To: Isass.exe system error (on title bar)

        What does that mean, the options are run registry mechanic, use the recovery console to restore the registry, test for faulty RAM/hard drive, format HD & reinstall windows. These all require me to go to the user’s PC. I was looking for a user-action solution.

    • #3244984

      Reply To: Isass.exe system error (on title bar)

      by haris ·

      In reply to Isass.exe system error (on title bar)

      hi,

      lsass.exe is a system process of the Microsoft Windows security mechanisms. It specifically deals with local security and login policies. Note: lsass.exe also relates to the Windang.worm, irc.ratsou.b, Webus.B, MyDoom.L, Randex.AR, Nimos.worm which spread via floppy disk drives, mass-mailing and peer-to-peer sharing.

      See if you have either the win.log file in your root directory on c:\ or any file in your windows system directory with a randomnumers_up.exe. A file named win.log is created on the root of the C: drive. This file contains the IP address of the localhost. Copies of the worm are created in the Windows System directory as #_up.exe.
      Examples
      * c:\WINDOWS\system32\11583_up.exe
      * c:\WINDOWS\system32\16913_up.exe
      * c:\WINDOWS\system32\29739_up.exe

      Here is the Microsoft Security link and patch: http://www.microsoft.com/technet/security/bulletin/ms04-011.mspx

      If you do deterimine that you have the sasser worm or one of it’s variants be sure to turn off system restore before cleaning the virus from you machine. If you don’t it will just come back. Once it is removed turn system restore back on and set a restore point. Sasser is fairly easy to remove and is not a major threat unless you are on a network. After cleaning get the windows updates to fix the vulnerability that it exploits.

    • #3243546

      Reply To: Isass.exe system error (on title bar)

      by computab ·

      In reply to Isass.exe system error (on title bar)

      This question was closed by the author

Viewing 2 reply threads