G
Guest
I am receiving "Intitiated by NT Authority/System...the system process C:\Windows\System32\lsass.exe terminated unexpectedly with status code 1073741819 - the system will shut down now and restart. How do I resolve?
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
C
Carey Frisch [MVP]
Apparently, your PC has suffered a major security breech and is now
infected with latest "malware" ("The Sasser Worm") because:
1. The latest Windows XP Critical Updates have apparently not been installed......
2. The PC's firewall apparently has not been properly enabled.....
3. Out-of-date or no AntiVirus program has been installed......
If your computer is constantly attempting to shutdown
or reboot, quickly go to:
Start > Run and type: CMD , and hit enter.
This opens the Command Prompt window.
Then type: shutdown -a , and hit enter.
This should halt the rebooting problem.
Follow these directions to remove The Sasser Worm from your computer:
http://www3.telus.net/dandemar/sasser.htm
[Courtesy of MS-MVP Jupiter Jones]
What You Should Know About the Sasser Worm and Its Variants
http://www.microsoft.com/security/incident/sasser.asp
PSS Security Response Team Alert - Sasser Worm and Variants
http://www.microsoft.com/technet/Security/alerts/sasser.mspx
W32.Sasser.B.Worm Critical Information
http://securityresponse.symantec.com/avcenter/venc/data/w32.sasser.b.worm.html
W32.Sasser Removal Tool
http://securityresponse.symantec.com/avcenter/venc/data/w32.sasser.removal.tool.html
3 Steps to Help Ensure your PC is Protected
http://www.microsoft.com/security/protect/
Frequently Asked Questions About Antivirus Software
http://www.microsoft.com/security/protect/antivirus.asp
Special note if you use AOL:
America Online installs its own connection settings that override
the ones that come with Windows XP. America Online's
connection settings don't include a way to turn on Windows XP's
built-in firewall.
Visit the following web site for instructions on downloading
a FREE firewall program for your computer.
Ref: http://www.updatexp.com/free.html
Consider purchasing a top-notch Internet Security program
that will help protect your PC from future viruses, hackers, and
privacy threats:
http://www.symantec.com/sabu/nis/nis_pe/
--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User
Be Smart! Protect your PC!
http://www.microsoft.com/security/protect/
----------------------------------------------------------------------------------------------
|I am receiving "Intitiated by NT Authority/System...the system process C:\Windows\System32\lsass.exe
terminated unexpectedly with status code 1073741819 - the system will shut down now and restart. How do I
resolve?
infected with latest "malware" ("The Sasser Worm") because:
1. The latest Windows XP Critical Updates have apparently not been installed......
2. The PC's firewall apparently has not been properly enabled.....
3. Out-of-date or no AntiVirus program has been installed......
If your computer is constantly attempting to shutdown
or reboot, quickly go to:
Start > Run and type: CMD , and hit enter.
This opens the Command Prompt window.
Then type: shutdown -a , and hit enter.
This should halt the rebooting problem.
Follow these directions to remove The Sasser Worm from your computer:
http://www3.telus.net/dandemar/sasser.htm
[Courtesy of MS-MVP Jupiter Jones]
What You Should Know About the Sasser Worm and Its Variants
http://www.microsoft.com/security/incident/sasser.asp
PSS Security Response Team Alert - Sasser Worm and Variants
http://www.microsoft.com/technet/Security/alerts/sasser.mspx
W32.Sasser.B.Worm Critical Information
http://securityresponse.symantec.com/avcenter/venc/data/w32.sasser.b.worm.html
W32.Sasser Removal Tool
http://securityresponse.symantec.com/avcenter/venc/data/w32.sasser.removal.tool.html
3 Steps to Help Ensure your PC is Protected
http://www.microsoft.com/security/protect/
Frequently Asked Questions About Antivirus Software
http://www.microsoft.com/security/protect/antivirus.asp
Special note if you use AOL:
America Online installs its own connection settings that override
the ones that come with Windows XP. America Online's
connection settings don't include a way to turn on Windows XP's
built-in firewall.
Visit the following web site for instructions on downloading
a FREE firewall program for your computer.
Ref: http://www.updatexp.com/free.html
Consider purchasing a top-notch Internet Security program
that will help protect your PC from future viruses, hackers, and
privacy threats:
http://www.symantec.com/sabu/nis/nis_pe/
--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User
Be Smart! Protect your PC!
http://www.microsoft.com/security/protect/
----------------------------------------------------------------------------------------------
|I am receiving "Intitiated by NT Authority/System...the system process C:\Windows\System32\lsass.exe
terminated unexpectedly with status code 1073741819 - the system will shut down now and restart. How do I
resolve?
H
Haus
Hello
http://www.microsoft.com/security/incident/sasser.asp
--
Hope This Helps
Haus
Not a MS-MVP
Not a MVP
Not nothing, just a good ole boy.
1073741819 - the system will shut down now and restart. How do I resolve?
http://www.microsoft.com/security/incident/sasser.asp
--
Hope This Helps
Haus
Not a MS-MVP
Not a MVP
Not nothing, just a good ole boy.
C:\Windows\System32\lsass.exe terminated unexpectedly with status codeThomas said:I am receiving "Intitiated by NT Authority/System...the system process
1073741819 - the system will shut down now and restart. How do I resolve?
F
fa344251
I cannot even get to a prompt.
When I try to run the system in the no failure mode it keeps rebooting all
the time.
Of course I cannot get ot the Start<Run prompt.
I have downloaded a virus cleaning to on a diskette but I cannot run it.
Please help
When I try to run the system in the no failure mode it keeps rebooting all
the time.
Of course I cannot get ot the Start<Run prompt.
I have downloaded a virus cleaning to on a diskette but I cannot run it.
Please help
down now and restart. How do ICarey Frisch said:Apparently, your PC has suffered a major security breech and is now
infected with latest "malware" ("The Sasser Worm") because:
1. The latest Windows XP Critical Updates have apparently not been installed......
2. The PC's firewall apparently has not been properly enabled.....
3. Out-of-date or no AntiVirus program has been installed......
If your computer is constantly attempting to shutdown
or reboot, quickly go to:
Start > Run and type: CMD , and hit enter.
This opens the Command Prompt window.
Then type: shutdown -a , and hit enter.
This should halt the rebooting problem.
Follow these directions to remove The Sasser Worm from your computer:
http://www3.telus.net/dandemar/sasser.htm
[Courtesy of MS-MVP Jupiter Jones]
What You Should Know About the Sasser Worm and Its Variants
http://www.microsoft.com/security/incident/sasser.asp
PSS Security Response Team Alert - Sasser Worm and Variants
http://www.microsoft.com/technet/Security/alerts/sasser.mspx
W32.Sasser.B.Worm Critical Information
http://securityresponse.symantec.com/avcenter/venc/data/w32.sasser.b.worm.html
W32.Sasser Removal Tool
http://securityresponse.symantec.com/avcenter/venc/data/w32.sasser.removal.tool.html
3 Steps to Help Ensure your PC is Protected
http://www.microsoft.com/security/protect/
Frequently Asked Questions About Antivirus Software
http://www.microsoft.com/security/protect/antivirus.asp
Special note if you use AOL:
America Online installs its own connection settings that override
the ones that come with Windows XP. America Online's
connection settings don't include a way to turn on Windows XP's
built-in firewall.
Visit the following web site for instructions on downloading
a FREE firewall program for your computer.
Ref: http://www.updatexp.com/free.html
Consider purchasing a top-notch Internet Security program
that will help protect your PC from future viruses, hackers, and
privacy threats:
http://www.symantec.com/sabu/nis/nis_pe/
--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User
Be Smart! Protect your PC!
http://www.microsoft.com/security/protect/
-------------------------------------------------------------------------- --------------------
|I am receiving "Intitiated by NT Authority/System...the system process C:\Windows\System32\lsass.exe
terminated unexpectedly with status code 1073741819 - the system will shut
R
Robert
_________________________________fa344251 said:I cannot even get to a prompt.
When I try to run the system in the no failure mode it keeps
rebooting all the time.
Of course I cannot get ot the Start<Run prompt.
I have downloaded a virus cleaning to on a diskette but I cannot run
it.
Please help
Greetings--
You need to use the XP CD-ROM and the Recovery Console.
Visit http://support.microsoft.com/default.aspx?scid=kb;EN-US;307654
for details ("HOW TO: Install and Use the Recovery Console in Windows XP
")
You will find further information at the following addresses:
http://www.wown.com/j_helmig/wxprcons.htm
http://www.theeldergeek.com/recovery_console.htm
http://www.jsiinc.com/SUBG/TIP3200/rh3201.htm
http://www.kellys-korner-xp.com/win_xp_rec.htm
Use the Recovery Console to copy the Sasser.A and Sasser.B Worm Removal
Tool
to your C: drive then run it from there. Available from
http://www.microsoft.com/downloads/details.aspx?familyid=76C6DE7E-1B6B-4
FC3-90D4-9FA42D14CC17&displaylang=en
B
Bruce Chambers
Greetings --
You've apparently contracted the latest worm, W32.Sasser.Worm,
specifically designed to attack people who do not update their
computers promptly and who do not practice "safe hex." In other
words, like Blaster, this worm was developed and distributed _after_ a
patch for the vulnerability was announced and made publicly available.
Further, and also like Blaster, this worm could not affect any
computer whose user had taken the basic precaution of using a properly
configured firewall.
To stay on-line long enough to get the necessary updates, patches,
and removal tools, click Start > Run, and enter "shutdown -a" when the
next RPC countdown begins. This will abort the shut down. Also, make
sure you've enabled a firewall before starting, to preclude any more
intrusions while getting the updates/patches/tools.
What You should Know about the Sasser Worm and its Variants
http://www.microsoft.com/security/incident/sasser.asp
Microsoft Security Bulletin MS04-011
http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx
W32.Sasser.Worm
http://www.symantec.com/avcenter/venc/data/w32.sasser.worm.html
A tool is available to remove the Sasser worm variants
http://support.microsoft.com/default.aspx?scid=kb;EN-US;841720
W32.Sasser.Worm Removal Tool
http://securityresponse.symantec.com/avcenter/venc/data/w32.sasser.removal.tool.html
McAfee AVert Stinger Virus Removal Tool
http://vil.nai.com/vil/stinger/
Bruce Chambers
--
Help us help you:
You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
You've apparently contracted the latest worm, W32.Sasser.Worm,
specifically designed to attack people who do not update their
computers promptly and who do not practice "safe hex." In other
words, like Blaster, this worm was developed and distributed _after_ a
patch for the vulnerability was announced and made publicly available.
Further, and also like Blaster, this worm could not affect any
computer whose user had taken the basic precaution of using a properly
configured firewall.
To stay on-line long enough to get the necessary updates, patches,
and removal tools, click Start > Run, and enter "shutdown -a" when the
next RPC countdown begins. This will abort the shut down. Also, make
sure you've enabled a firewall before starting, to preclude any more
intrusions while getting the updates/patches/tools.
What You should Know about the Sasser Worm and its Variants
http://www.microsoft.com/security/incident/sasser.asp
Microsoft Security Bulletin MS04-011
http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx
W32.Sasser.Worm
http://www.symantec.com/avcenter/venc/data/w32.sasser.worm.html
A tool is available to remove the Sasser worm variants
http://support.microsoft.com/default.aspx?scid=kb;EN-US;841720
W32.Sasser.Worm Removal Tool
http://securityresponse.symantec.com/avcenter/venc/data/w32.sasser.removal.tool.html
McAfee AVert Stinger Virus Removal Tool
http://vil.nai.com/vil/stinger/
Bruce Chambers
--
Help us help you:
You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
W
We Live For The One We Die For The One
No its not becuase they are idiots its Xp full of holes and makes it
simple for people to do these things with worms, its not your fault
MAN maybe they will do some bug testing in the Next version of their
OS.
simple for people to do these things with worms, its not your fault
MAN maybe they will do some bug testing in the Next version of their
OS.
J
Jupiter Jones [MVP]
Sasser as well as Blaster would both have been non-issues if the
appropriate patches were applied, patches which were available weeks
before exploit.
Also a firewall protects your computer from both.
Therefore the only people getting caught by Sasser are those with
unprotected computers.
A firewall is not a new idea nor is the need for a firewall new.
Therefore even though you seem to want to point all the blame to
Microsoft, the users actually share the blame for leaving their
computers unprotected.
Also as far as I see, no one called anyone "idiots", that is your
idea.
Why do you think they are "idiots"?
appropriate patches were applied, patches which were available weeks
before exploit.
Also a firewall protects your computer from both.
Therefore the only people getting caught by Sasser are those with
unprotected computers.
A firewall is not a new idea nor is the need for a firewall new.
Therefore even though you seem to want to point all the blame to
Microsoft, the users actually share the blame for leaving their
computers unprotected.
Also as far as I see, no one called anyone "idiots", that is your
idea.
Why do you think they are "idiots"?
G
Guest
XP is not user friendly and it has major problems. Along with AOL you don't
get anything done. That is a full time job.
get anything done. That is a full time job.
M
Mark Jacobs
I've just finished setting up the security level for the Internet zone in Internet Explorer 6 on my XP SP1 PC.
I have disabled *EVERYTHING* except Scripting (Javascript). Now, it won't download anything, it won't run
*ANY* activex stuff, and anything else has been disabled (navigate frames across subdomains?!?). The browser
is fine, until you want to download something. Then you have to use Opera! I run ZoneAlarm (latest free
version - a great firewall) and AdAware (latest free version - stops tracking cookies and a whole lot more). I
also run Startup Monitor (also free - this checks your registry "autostart" keys for any changes : something
which Trojans attempt to do every time), so goodbye trojans. I am a computer expert - I know what to get and
where to get it from. I feel sorry for noobs who cannot be expected to have these lofty levels of security
understanding.
www.zonelabs.com for Zone Alarm
www.lavasoft.de for AdAware
www.mlin.net for Startup Monitor
To set the very highest security level for IE, go to Tools, Options, Security tab, and under Internet Zone,
click on Custom button. A long series of radio-buttoned captions appears. Make every single one "Disable"
except for "Software Channel Permissions" which should be "High Safety", "Submit Non-Encrypted Form Data"
which should be "Enable", and "Active Scripting" which should be "Enable".
These draconian measures ensure my survival in a sea of electronic mischief!
I have disabled *EVERYTHING* except Scripting (Javascript). Now, it won't download anything, it won't run
*ANY* activex stuff, and anything else has been disabled (navigate frames across subdomains?!?). The browser
is fine, until you want to download something. Then you have to use Opera! I run ZoneAlarm (latest free
version - a great firewall) and AdAware (latest free version - stops tracking cookies and a whole lot more). I
also run Startup Monitor (also free - this checks your registry "autostart" keys for any changes : something
which Trojans attempt to do every time), so goodbye trojans. I am a computer expert - I know what to get and
where to get it from. I feel sorry for noobs who cannot be expected to have these lofty levels of security
understanding.
www.zonelabs.com for Zone Alarm
www.lavasoft.de for AdAware
www.mlin.net for Startup Monitor
To set the very highest security level for IE, go to Tools, Options, Security tab, and under Internet Zone,
click on Custom button. A long series of radio-buttoned captions appears. Make every single one "Disable"
except for "Software Channel Permissions" which should be "High Safety", "Submit Non-Encrypted Form Data"
which should be "Enable", and "Active Scripting" which should be "Enable".
These draconian measures ensure my survival in a sea of electronic mischief!
R
Richard Schafer
With all due respect for your sensible advice... the problem, as I see
it, is that MS patches themselves can cause problems... the patch for
sasser is a good example...
I generally do not install patches as soon as they show up... I follow
groups like this one to see how many people have problems with it...
for example, the patch for sasser had more than the usual number of
problem posts... in the end, I watch CNN and check certain other web
sites... if a virus or worm reportedly breaks loose, I then weigh the
risks (patch problems or virus problems)... in this case, I installed
the patch (fortunately without problems on my machine) as soon as I
heard the vulnerability had been exploited and a virus/worm was
spreading fast...
Very stressful having to work this way...
R.
=============On Tue, 4 May 2004 20:43:44 -0600, "Bruce Chambers"
it, is that MS patches themselves can cause problems... the patch for
sasser is a good example...
I generally do not install patches as soon as they show up... I follow
groups like this one to see how many people have problems with it...
for example, the patch for sasser had more than the usual number of
problem posts... in the end, I watch CNN and check certain other web
sites... if a virus or worm reportedly breaks loose, I then weigh the
risks (patch problems or virus problems)... in this case, I installed
the patch (fortunately without problems on my machine) as soon as I
heard the vulnerability had been exploited and a virus/worm was
spreading fast...
Very stressful having to work this way...
R.
=============On Tue, 4 May 2004 20:43:44 -0600, "Bruce Chambers"
Ask a Question
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.