Search Members Help

» Welcome Guest
[ Log In :: Register ]

 

[ Track This Topic :: Email This Topic :: Print this topic ]

 reply to topic new topic new poll
Topic: Problem with BartPE, lsass.exe error< Next Oldest | Next Newest >
 Post Number: 1
inside Search for posts by this member.

Avatar



Group: Members
Posts: 2
Joined: Apr. 2006
PostIcon Posted on: Apr. 20 2006,07:48  Skip to the next post in this topic. Ignore posts   QUOTE
I made a DVD iso for backup my PC, it's menu:



"restore" functin and "Hiren's boot" functin work fine, but when i run BartPE , error occured:



Help me plz, i'm new to boot issue.
Many thanks.
Offline
Top of Page Profile Contact Info 
 Post Number: 2
eureka
Unregistered
PostIcon Posted on: Apr. 20 2006,10:49 Skip to the previous post in this topic. Skip to the next post in this topic. Ignore posts   QUOTE
To inside

:O  :O ATTENTION!!!!!!!! Watch out!!!!
I don’t think this “isass.exe” are related to Easyboot or BartPe. I think this is a virus or Trojan.
Isass.exe is registered as the Optix.Pro virus which carries in it's payload, the ability to disable firewalls and local security protections, and a backdoor capability.
http://www.auditmypc.com/process/isass.asp

Recommendation for isass.exe:
DISABLE AND REMOVE IMMEDIATELY. This process is most likely a virus or trojan. You have it most likely somewhere in your computer (and probably on every CD/DVD that you lately have made by your self).

To get control over your running programs this could bee your solution
http://www.liutilities.com/products/campaigns/plib/wintasks/

More links according to this:
http://castlecops.com/postt13642.html
http://www.spyany.com/files/Isass_exe.html

eureka
 Post Number: 3
eureka
Unregistered
PostIcon Posted on: Apr. 20 2006,10:59 Skip to the previous post in this topic. Skip to the next post in this topic. Ignore posts   QUOTE
To inside

Please note that: ”Isass.exe is a file related to trojan. Notice the difference between Isass.exe and Lsass.exe. Isass.exe (in lower case, isass.exe) is related to trojan, while Lsass.exe (in lower case, lsass.exe), is a legitimate Windows file.”
Question is: did you use lower case or uppercase in name isass.exe. If it’s Lsass.exe, you don’t need to whorry.

eureka
 Post Number: 4
eureka
Unregistered
PostIcon Posted on: Apr. 20 2006,11:56 Skip to the previous post in this topic. Skip to the next post in this topic. Ignore posts   QUOTE
To inside

Could it be this one …
http://www.911cd.net/forums....%5C.exe

Regards eureka
 Post Number: 5
inside Search for posts by this member.

Avatar



Group: Members
Posts: 2
Joined: Apr. 2006
PostIcon Posted on: Apr. 21 2006,01:14 Skip to the previous post in this topic. Skip to the next post in this topic. Ignore posts   QUOTE

(Guest @ Apr. 20 2006,14:59)
QUOTE
To inside

Please note that: ”Isass.exe is a file related to trojan. Notice the difference between Isass.exe and Lsass.exe. Isass.exe (in lower case, isass.exe) is related to trojan, while Lsass.exe (in lower case, lsass.exe), is a legitimate Windows file.”
Question is: did you use lower case or uppercase in name isass.exe. If it’s Lsass.exe, you don’t need to whorry.

eureka

hi, it's LSASS.EXE in I386\system32 folder.  :)
THanks for your help, however i stiill stuck at that error  ???
Offline
Top of Page Profile Contact Info 
 Post Number: 6
mionica Search for posts by this member.

Avatar



Group: Members
Posts: 49
Joined: Apr. 2005
PostIcon Posted on: Apr. 22 2006,07:13 Skip to the previous post in this topic. Skip to the next post in this topic. Ignore posts   QUOTE
@inside

It's a problem with some plugin of BartPE, I assume. I received that same message while attempting to access environment variables before the Session Manager (smss.exe) would be fully initialized (in my own attempt to writing a shell), using a REG_EXPAND_SZ registry value; I've heard it can also be produced by a corrupt registry hive.

Try disabling all plugins and test in VMware, then add them one by one, testing after each.

@eureka
It's unlikely that a virus/trojan would target BartPE - at least I haven't hear of any. lsass.exe is just that, the Local Security Authority Subsystem Service.
Offline
Top of Page Profile Contact Info 
 Post Number: 7
eureka
Unregistered
PostIcon Posted on: Apr. 22 2006,08:02 Skip to the previous post in this topic.  Ignore posts   QUOTE
To mionica

I do agree with you. I later analysed “LSASS.EXE” and found out that it was a “legitimate Windows file”  :D

eureka
6 replies since Apr. 20 2006,07:48 < Next Oldest | Next Newest >

[ Track This Topic :: Email This Topic :: Print this topic ]


  		reply to topic new topic new poll

» Quick Reply Problem with BartPE
iB Code Buttons
You are posting as:

Do you wish to enable your signature for this post?
Do you wish to enable emoticons for this post?
Track this topic
View All Emoticons
View iB Code