lsass.exe.error

[i wish i knew more about pc's]

lsass.exe encountered an error (lsa shell (export
version), gave me two diff. status codes 1)-1073741819 and
2)-c0000005. Looking at the search results at msdn it
says that this is a problem w/ Windows 2000 and NT4.0 and
can be resolved by installing service packs. This is
interesting considering i have xp home and the "updates"
would not have an effect would it? In addition, my pc
reverted to "default user" for logon, wtf?!

Dismayed and confused,

aNc13n7 n00b

 

[Carey Frisch [MVP]]

Apparently, your PC has suffered a security breech because:

1. Critical Updates have not been installed......
2. The PC's firewall has not been properly enabled.....
3. Out-of-date or no antivirus program has been installed......

What You Should Know About the Sasser Worm and Its Variants
http://www.microsoft.com/security/incident/sasser.asp

W32.Sasser.B.Worm Critical Information
http://securityresponse.symantec.com/avcenter/venc/data/w32.sasser.b.worm.html

W32.Sasser Removal Tool
http://securityresponse.symantec.com/avcenter/venc/data/w32.sasser.removal.tool.html

3 Steps to Help Ensure your PC is Protected
http://www.microsoft.com/security/protect/

Frequently Asked Questions About Antivirus Software
http://www.microsoft.com/security/protect/antivirus.asp

Special note if you use AOL:

America Online installs its own connection settings that override
the ones that come with Windows XP. America Online's
connection settings don't include a way to turn on Windows XP's
built-in firewall.

Visit the following web site for instructions on downloading
a FREE firewall program for your computer.

Ref: http://www.updatexp.com/free.html

--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User

Be Smart! Protect your PC!
http://www.microsoft.com/security/protect/

----------------------------------------------------------------------------------------------------------------


| lsass.exe encountered an error (lsa shell (export
| version), gave me two diff. status codes 1)-1073741819 and
| 2)-c0000005. Looking at the search results at msdn it
| says that this is a problem w/ Windows 2000 and NT4.0 and
| can be resolved by installing service packs. This is
| interesting considering i have xp home and the "updates"
| would not have an effect would it? In addition, my pc
| reverted to "default user" for logon, wtf?!
|
| Dismayed and confused,
|
| aNc13n7 n00b

 

[Xoana]

-----Original Message-----
lsass.exe encountered an error (lsa shell (export
version), gave me two diff. status codes 1)-1073741819 and
2)-c0000005. Looking at the search results at msdn it
says that this is a problem w/ Windows 2000 and NT4.0 and
can be resolved by installing service packs. This is
interesting considering i have xp home and the "updates"
would not have an effect would it? In addition, my pc
reverted to "default user" for logon, wtf?!

Dismayed and confused,

aNc13n7 n00b
.

 

[Xoana]

Courtesy of the MVP Spanish
Virs sasster:
http://www.vsantivirus.com/faq-sasser.htm

mainly read the subject that "you must format"
10. Why if I have cleaned the worm, still they request to
me that I must to format my pc?
http://www.vsantivirus.com/faq-sasser.htm#10

 

[CS]

lsass.exe encountered an error (lsa shell (export
version), gave me two diff. status codes 1)-1073741819 and
2)-c0000005. Looking at the search results at msdn it
says that this is a problem w/ Windows 2000 and NT4.0 and
can be resolved by installing service packs. This is
interesting considering i have xp home and the "updates"
would not have an effect would it? In addition, my pc
reverted to "default user" for logon, wtf?!

Dismayed and confused,

aNc13n7 n00b

You have the Sasser Worm. You need to download and install the MS
security patch from Windows critical update. Update number "835732".

Be sure to turn on your firewall and use a good up to date AV program.

Go to the McAfee web site http://us.mcafee.com/default.asp and use
their free virus scan tools. Also download and use their "Stinger"
removal tool: http://vil.nai.com/vil/stinger/

 

[Bruce Chambers]

Greetings --

You've apparently contracted the latest worm, W32.Sasser.Worm,
specifically designed to attack people who do not update their
computers promptly and who do not practice "safe hex." In other
words, like Blaster, this worm was developed and distributed _after_ a
patch for the vulnerability was announced and made publicly available.
Further, and also like Blaster, this worm could not affect any
computer whose user had taken the basic precaution of using a properly
configured firewall.

To stay on-line long enough to get the necessary updates, patches,
and removal tools, click Start > Run, and enter "shutdown -a" when the
next RPC countdown begins. This will abort the shut down. Also, make
sure you've enabled a firewall before starting, to preclude any more
intrusions while getting the updates/patches/tools.

What You should Know about the Sasser Worm and its Variants
http://www.microsoft.com/security/incident/sasser.asp

Microsoft Security Bulletin MS04-011
http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx

W32.Sasser.Worm
http://www.symantec.com/avcenter/venc/data/w32.sasser.worm.html

A tool is available to remove the Sasser worm variants
http://support.microsoft.com/default.aspx?scid=kb;EN-US;841720

W32.Sasser.Worm Removal Tool
http://securityresponse.symantec.com/avcenter/venc/data/w32.sasser.removal.tool.html

McAfee AVert Stinger Virus Removal Tool
http://vil.nai.com/vil/stinger/


Bruce Chambers

--
Help us help you:




You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH