Isass.exe Help Needed !!!

A

Adam Bouzaid

On the 1/5/04 we found out that i have received a virus
called Isass.exe, we have noticed that the computer has
been shutting down all the time. I have found the main
Location to the " Virus "

Eg. \WINDOWS\system\Isass.exe - but unable to find the
Isass.exe File, and also searching via " Regedit " in the
run file. I have done a Norton Anti Virus Live Update and
a C:\\ drive scan, but come up with nothing. If you have
any other ways of finding out how to remove this virus,
please contact to this Post as soon as possible !

Thank you for your time. If need to contact via email
please send an email to (e-mail address removed).
 
G

Guest

It is about a warm: sasser

Once executed, the worm drops a file in the Windows directory (%WINDIR%)

%WINDIR%\avserve.exe -- Win32.Worm.Sasser.
%WINDIR%\avserve2.exe -- Win32.Worm.Sasser.B,

and creates the registry key

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ru
with the value

"avserve.exe" = "%WINDIR%\avserve.exe" -- Win32.Worm.Sasser.
"avserve2.exe" = "%WINDIR%\avserve2.exe" -- Win32.Worm.Sasser.B,

For more info and a free removal tool see
http://bitdefender.com/bd/site/virusinfo.php?menu_id=1&v_id=248
 
B

Bruce Chambers

Greetings --

You've apparently contracted the latest worm, W32.Sasser.Worm,
specifically designed to attack people who do not update their
computers promptly and who do not practice "safe hex." In other
words, like Blaster, this worm was developed and distributed _after_ a
patch for the vulnerability was announced and made publicly available.
Further, and also like Blaster, this worm could not affect any
computer whose user had taken the basic precaution of using a properly
configured firewall.

To stay on-line long enough to get the necessary updates, patches,
and removal tools, click Start > Run, and enter "shutdown -a" when the
next RPC countdown begins. This will abort the shut down. Also, make
sure you've enabled a firewall before starting, to preclude any more
intrusions while getting the updates/patches/tools.

What You should Know about the Sasser Worm and its Variants
http://www.microsoft.com/security/incident/sasser.asp

Microsoft Security Bulletin MS04-011
http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx

W32.Sasser.Worm
http://www.symantec.com/avcenter/venc/data/w32.sasser.worm.html

A tool is available to remove the Sasser worm variants
http://support.microsoft.com/default.aspx?scid=kb;EN-US;841720

W32.Sasser.Worm Removal Tool
http://securityresponse.symantec.com/avcenter/venc/data/w32.sasser.removal.tool.html

McAfee AVert Stinger Virus Removal Tool
http://vil.nai.com/vil/stinger/


Bruce Chambers

--
Help us help you:




You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
 
G

Guest

this is not lsass.exe worm. it is called sasser worm . do not try to remove lsass.exe. the one you are trying to remove is avserve.exe or avserve2 exe. best off to search symantec on internet explorer and read up on sasser worm and its variant

----- Adam Bouzaid wrote: ----

On the 1/5/04 we found out that i have received a virus
called Isass.exe, we have noticed that the computer has
been shutting down all the time. I have found the main
Location to the " Virus "

Eg. \WINDOWS\system\Isass.exe - but unable to find the
Isass.exe File, and also searching via " Regedit " in the
run file. I have done a Norton Anti Virus Live Update and
a C:\\ drive scan, but come up with nothing. If you have
any other ways of finding out how to remove this virus,
please contact to this Post as soon as possible

Thank you for your time. If need to contact via email
please send an email to (e-mail address removed).
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Corrupted isass.exe 18
Urgent Help Need: Critical Issue with Isass 5
W32.Bropia.M 3
Isass.exe error message 1
isass.exe error - Plz help! 4
Help with ISASS.EXE error 2
PLEASE HELP!: Isass.exe, a worm, and a standstill problem 3
ISASS.exe error message and the pc reboots. 4

Top