General discussion

Locked

Isass.exe system error (on title bar)

By computab ·
This probably is not a virus as this newly installed PC has Panda antivirus updated. Can't tell if it's L, i or 1 at start. The message box says 'I/O error operation initiated by the registry failed unrecoverably. The registry could not read in, read out, or flush, one of the files that contained the system's image of the registry. New PC with Celeron 2800, 256MB, 40GB, Win XP Home, SP2,.

This conversation is currently closed to new comments.

5 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by BFilmFan In reply to Isass.exe system error (o ...

Sounds like Lsass or a critical sub-component has become corrupted.

Do an in-place recovery.

Collapse -

by computab In reply to

What does that mean, the options are run registry mechanic, use the recovery console to restore the registry, test for faulty RAM/hard drive, format HD & reinstall windows. These all require me to go to the user's PC. I was looking for a user-action solution.

Collapse -

by Haris In reply to Isass.exe system error (o ...

hi,

lsass.exe is a system process of the Microsoft Windows security mechanisms. It specifically deals with local security and login policies. Note: lsass.exe also relates to the Windang.worm, irc.ratsou.b, Webus.B, MyDoom.L, Randex.AR, Nimos.worm which spread via floppy disk drives, mass-mailing and peer-to-peer sharing.

See if you have either the win.log file in your root directory on c or any file in your windows system directory with a randomnumers_up.exe. A file named win.log is created on the root of the C: drive. This file contains the IP address of the localhost. Copies of the worm are created in the Windows System directory as #_up.exe.
Examples
* c:\WINDOWS\system32\11583_up.exe
* c:\WINDOWS\system32\16913_up.exe
* c:\WINDOWS\system32\29739_up.exe


Here is the Microsoft Security link and patch: http://www.microsoft.com/technet/security/bulletin/ms04-011.mspx

If you do deterimine that you have the sasser worm or one of it's variants be sure to turn off system restore before cleaning the virus from you machine. If you don't it will just come back. Once it is removed turn system restore back on and set a restore point. Sasser is fairly easy to remove and is not a major threat unless you are on a network. After cleaning get the windows updates to fix the vulnerability that it exploits.

Collapse -

by computab In reply to

I tested the hard disk, memory. The hard disk was faulty, replacing it solved the problem. Thanks for your help.

Collapse -

by computab In reply to Isass.exe system error (o ...

This question was closed by the author

Back to Windows Forum
5 total posts (Page 1 of 1)  

Related Discussions

Related Forums