Recommended Driver Scanner

Member Panel

Remember me ?

Forgot password?   

Sponsors and Ads

Noticeboard
PC Forum PC Help Forum » Security & Safety » Anti-Virus » Isass.exe, what now?

Anti-Virus - Isass.exe, what now? posted in the Security & Safety forums; ok, so heres the problem my sister was on msn talking to her friends when she got a message "hey is this profile you? [link]" she opened the link and ...

JOIN US NOW to remove these Ads

Post New Thread  Reply
  #1  
Old 11-27-2006
Bronze Member
  
Join Date: Aug 2005
Posts: 51
Trigunner - See this Members User comments on their Profile page
Exclamation Isass.exe, what now?
ok, so heres the problem my sister was on msn talking to her friends when she got a message "hey is this profile you? [link]" she opened the link and it is now sending the same like to all of her friends. Standard msn virus procedure.

now im trying to remove it. the process isass.exe is running in task manager and i cant end it. i was looking through the registry for shady characters when i found " EPIC_NAME" with a value of J Tao. this was found in

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\

maybe it means something. maybe not.

ok so this virus is stoping me from accessing alot of antivirus sites. "page cannot be displayed" this includes the "hijackthis" page in the prework.

any ideas?

here is what symantec has to say about the virus:
Symantec Security Response - W32.Bropia.M
  #2  
Old 11-27-2006
GaRHaR's Avatar
Elite Member
My PC
 
Join Date: Jul 2006
Location: Western Australia
Posts: 6,042
PC Experience: Elite PC Guru
GaRHaR - See this Members User comments on their Profile page GaRHaR - See this Members User comments on their Profile page GaRHaR - See this Members User comments on their Profile page GaRHaR - See this Members User comments on their Profile page GaRHaR - See this Members User comments on their Profile page GaRHaR - See this Members User comments on their Profile page
Send a message via ICQ to GaRHaR Send a message via MSN to GaRHaR Send a message via Yahoo to GaRHaR
Default
Hi Trigunner,

Can you please follow the prework link in my signiture? One of the security tech's will browse through the logs and help you out.


__________________


"Study without desire spoils the memory, and it retains nothing that it takes in."
- Leonardo da Vinci

"I believe in Christianity as I believe that the sun has risen: not only because I see it, but because by it I see everything else."
- C. S. Lewis
  #3  
Old 11-28-2006
Bronze Member
  
Join Date: Aug 2005
Posts: 51
Trigunner - See this Members User comments on their Profile page
Default
I tried to do the prework earlier but my access to most antivirus sites has been block by the virus. On my second try i used a proxy to access and download hijack this. Ive just run a scan and will post the log.

Log:
http://www.pchelpforum.com/hijackthi...tml#post158067


Last edited by Trigunner; 11-28-2006 at 09:07 PM.
  #4  
Old 11-28-2006
upgrader's Avatar
Site Manager
My PC
 
Join Date: Jul 2006
Location: /home/upgrader/
Posts: 6,533
PC Experience: Some Experience
upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page
Send a message via MSN to upgrader Send a message via Skype™ to upgrader
Default
Ouch that MSN virus i have had that sent to me but recognized the file type and said NO! there are also many variants of it going around.


__________________
PCHF Rules--PCHF Prework--PCHF Downloads
  #5  
Old 11-28-2006
Bronze Member
  
Join Date: Aug 2005
Posts: 51
Trigunner - See this Members User comments on their Profile page
Default
Yeah, it's rough. I had turned off my antivirus to play the supreme commander open beta, I couldnt connect with AVG on. I must have forgotten to turn it back on when I was done. Just bad luck that I got infected that night.

the more i look at the log the more i think that lsass isnt the problem. in the hijackthis log its shows Lsass and the virus form of the file is called isass. according to:
lsass.exe or isass.exe - virus or system file? Find out which process is good and which is evil.


Last edited by Trigunner; 11-28-2006 at 11:44 PM.
  #6  
Old 12-06-2006
Bronze Member
  
Join Date: Dec 2006
Location: Maarssen
Posts: 3
Barendje68 - See this Members User comments on their Profile page
Default
To Solve the problem I did a system restore to a point one day earlier when I had not that virus.
And that helps me to sovle this problem
Ofcourse you have to scan your computer again for a virus
  #7  
Old 12-06-2006
upgrader's Avatar
Site Manager
My PC
 
Join Date: Jul 2006
Location: /home/upgrader/
Posts: 6,533
PC Experience: Some Experience
upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page
Send a message via MSN to upgrader Send a message via Skype™ to upgrader
Default
Barend, you will however still have a virus present if you use that restore as the restore is undoable.


__________________
PCHF Rules--PCHF Prework--PCHF Downloads

Reply
Satellite TV on your PC - over 3000 Channels! Click Here!

Bookmarks

« RegCreateKeyEx failed; code 5, Access is Denied | New Antivirus/Spyware protection »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On

Contact Us - PC Help Forum - Site Map - Privacy Statement - Top
All times are GMT +1. The time now is 09:35 AM.
Powered by vBulletin
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0 RC7
All Graphics & Content Copyright © 2004-2008 - PC Help Forum.com


Back to Top