lsass.exe error on bootup

[Robin Floyd]

XP professional:
When booting (either in normal or SAFE mode) - system gets error before any
type of login screen:
lsass.exe The application failed to initialize properly (0xc00000005).
Click ok to terminate.

If I go into recovery console mode and disable SAMSS, the error still comes
up. It preceeds the login screen, and as stated, it will happen in safe
mode as well. Any ideas besides the obvious virus potential? (Virus should
not be a possible since machine stays up to date on virus sw, and is behind
fireall/nat'd)

 

[armenard]

I'm getting the same error; in winXP, booting fails with a window title
"lsass.exe - Application Error" with the message "The applicatio
failed to initialize properly (0xc0000006). Click OK to terminate th
application."

I'm running XP with service pack 2, with norton firewall and antivirus
all up-to-date (as of a few days ago, so I guess it could be some ne
virus that came out this morning). Nothing appeared to be going wron
before this morning.

Have you gotten any useful advice

 

[Ashokan Achari [MSFT]]

Hi,

Looks like you have been infected by the Sasser Worm or it's variants
(w32.sasser.[a-f].worm)and the w32.blaster.worm and it's variants.

Method
=======
1.) Disconnect your internet connection and boot to safe mode (through F8
on startup)
2.) Log into the administrator account and after the system is loaded press
crtl+alt+del to bring up the system task manager and look in proccesses for
any of the following:
a.)avserve.exe
b.)avserv2.exe
c.)[random five digit number]_up.exe
d.)skynet??.exe
and end task on any of them and then close the task manager
3.) msconfig: dissable any of the above programs from auto starting in the
startup tab and services tab
4.) regedit: search for any of the above programs in the registry and
remove thier keys (might be a good idea to create a backup copy of the
regisrty just in case)
5.) restart into normal mode and if you get the shutdown error use the
above "shutdown -a" to stop it
6.) enable the XP firewall (network connections and then properties on the
type of internet connection you are using and then advanced and check
"protect my computer...")
7.) reconnect your intenet and get the above mentioned security patch from
Microsoft
http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx
8) Select the operating system type, in your case Windows XP
9) After the patch has been installed please update your system from the
site:
http://v5.windowsupdate.microsoft.com
10) Update you Antivirus definitions and do a full system scan.

Please also see "What You Should Know About the Sasser Worm"
http://www.microsoft.com/security/incident/sasser.mspx



Hope this helps ......

Ashok (Ashokan Achari)

The Posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
- - From: armenard <[email protected]>
- - Subject: Re: lsass.exe error on bootup
- - Date: Sun, 29 Aug 2004 12:26:57 -0500
- -
- -
I'm getting the same error; in winXP, booting fails with a window titled
"lsass.exe - Application Error" with the message "The application
failed to initialize properly (0xc0000006). Click OK to terminate the
application."
- -
- - I'm running XP with service pack 2, with norton firewall and antivirus,
all up-to-date (as of a few days ago, so I guess it could be some new
virus that came out this morning). Nothing appeared to be going wrong
before this morning.
- -
- - Have you gotten any useful advice?


--
armenard
------------------------------------------------------------------------
armenard's Profile:
http://extremetechsupport.com/forum/member.phtml?userid=430
View this thread:
http://extremetechsupport.com/forum/showthread.phtml?t=64852

- -

 

[Guest]

I am getting this very same error.... Have you or any other posters seen a
resolution to this issue....