How to remove isass.com

Discussion in 'Malware Help (A Specialist Will Reply)' started by Isabela, Jun 26, 2006.

  1. Isabela

    Isabela Private E-2

    Hello,
    I came back from a trip and found my computer infected with this file named isass.com . I don't know what it does, but my sister told me that she, very incautiously, clicked on a link a friend sent her and now this file is showing on my desktop and can't be deleted... What should I do?

    Thanks a lot,

    Isabela
     
    Isabela, Jun 26, 2006
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Are you sure it isass.com??? Is the "i" really a lower case L ? And is it .com or .exe ?

    If you are having malware problems, please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.
    • Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support
    • Make sure you check version numbers and get all updates.
    • Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.
    • After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:
    • When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too (these scans are covered in steps 6 & 7 of the READ & RUN ME sticky)
      • Bitdefender
      • Panda Scan
      • HijackThis
    .
     
    chaslang, Jun 26, 2006
    #2
  3. Isabela

    Isabela Private E-2

    Re: How to remove isass.com- I already followed all the first instructions

    Yes, you are right, its with an upper case, Isass.com (not .exe, though).

    I followed all the instructions: did everything you suggested, all scans, online scans, everything. I ran all the steps of the tutorial and nothing was found except when I used Bit Defender and Panda Active Scan (logs attached). I also attached the hijackthis log.

    I don't know if I still have the problem or not, but the fact is that the Isass.com icon disappeared from my desktop where it was; however, I obviously still have problems... What should I do next?

    Thank you very much,

    Isabela
     

    Attached Files:

    Isabela, Jun 26, 2006
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    In October of last year I asked you the below questions and you never responded:

    The only thing I can tell you for sure right now is that you need to manually delete all the bad emails that Bitdefender found and could not fix or delete.

    Where are you seeing lsass.com? Is it in C:\windows\system32 ? Delete it! But DO NOT delete c:\windows\system32\lsass.exe

    You should also delete the below file:
    C:\CONGWIN\CongZip_exe.vir
     
    Last edited: Jun 27, 2006
    chaslang, Jun 27, 2006
    #4
  5. Isabela

    Isabela Private E-2

    Thanks, Chasslang. I removed the file you told me to, and tried to delete what had been found by Bitdefender. However, as far as I know, Bitdefender already deleted all files it couldn't disinfect... or maybe I didn't understand it. One thing I didn't understand is that after it deletes a file , in the following line it says "updated"(in two lines) and then it says "updated failed"... should I do anything about it?

    I don't know what these two programs are for ...
    (O4 - HKLM\..\Run: [cploader.exe] C:\WINDOWS\System32\cploader.exe
    O4 - HKLM\..\Run: [revisorsystray.exe] C:\WINDOWS\System32\revisorsystray.exe

    What should I do now?

    Thank you,

    Isabela
     
    Isabela, Jun 28, 2006
    #5
  6. Isabela

    Isabela Private E-2

    I'm sorry, I forgot to mention Isass.com . I don't see it anywhere anymore. Thanks
     
    Isabela, Jun 28, 2006
    #6
  7. Isabela

    Isabela Private E-2

    Sorry for not asking everything in the same message, but I just remembered one more thing: what about the things found by the Panda Active Scan? Thanks.
     
    Isabela, Jun 28, 2006
    #7
  8. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    I already gave you the only thing to delete from Panda in message number 4:

    C:\CONGWIN\CongZip_exe.vir



    How is everything working right now?
     
    chaslang, Jun 28, 2006
    #8
  9. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Bitdefender was not able to delete or "update" the files which means it is not fixed. You need to locate the files from within you email program and delete them.

    Use the below online file scanner to scan each of the above files and post the results back here.

    http://virusscan.jotti.org/

    Just click the above link and then click the Browse button and locate the file on your PC (one at a time) and select the file and click Submit.
     
    chaslang, Jun 28, 2006
    #9

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds