If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
Lsass.exe System error XP Home SP2
Did you manage to solve this problem? I am having exactly the same problem
but this is the first system I have attempted to build. Everything was going fine then this error message started to appear. It goes on to restart the PC 2 or 3 times then you can get past it and log on to windows ok! I havent got as far as installing a modem so I am baffled as to the cause. HELP! "My Toy" wrote: I have been receiving the following erroe message on a system I am building Lsass.exe-System Error "An I/O operation initiated by the Registry failed unrecoverably. The Registry could not read in,or write out, or flush, one of the files that contain system's image of the Registry" To me, this seems to be a software error, or an error generated because of a corrupted file when Lsass.exe executes. so I ran fdisk, took out the partitions, set them again, reformatted and reinstalled the operating system. I have flushed the MB registry several times,still the same message. Any ideas |
Ads |
#2
|
|||
|
|||
From: "kazzabojangles"
| Did you manage to solve this problem? I am having exactly the same problem | but this is the first system I have attempted to build. Everything was going | fine then this error message started to appear. It goes on to restart the PC | 2 or 3 times then you can get past it and log on to windows ok! I havent got | as far as installing a modem so I am baffled as to the cause. HELP! | | "My Toy" wrote: | Download the patch (below). Put the patch, Stinger and Sysclean (below) on media (CDROM, ZIP Disk, USB Flash drive, etc) disconnect the affected PC from the Internet and install the patch. Then reboot the PC and perform the following scan of the PC using Stinger and Trend Sysclean ! Go to; Start -- Run enter; shutdown -a This will halt the shutdown and give you a chance to Download the McAfee worm removal tool, Stinger: http://vil.nai.com/vil/stinger/ Please read the following URL: http://www.microsoft.com/security/in...r_printxp.mspx Please install the patch that fixes the Lsass vulnerability that the Sasser and other infectors exploit -- KB835732 http://www.microsoft.com/downloads/d...displaylang=en You also need a FireWall. If you don't patch the PC and not use a FireWall then you will just be re-infected. I also suggest the installation of ALL MS Critical Updates ASAP. Dump the contents of the IE Temporary Internet Folder cache (TIF) Start -- Settings -- Control Panel -- Internet Options -- Delete Files Dump the contents of the Mozilla FireFox Cache { if you use FireFox } Tools -- Options -- Privacy -- Cache -- Clear 1) Download the TrendMicro Sysclean Front End Download the utility SYSCLEAN_FE at the following URL -- http://www.ik-cs.com/got-a-virus.htm SYSCLEAN_FE automates the download and execution process of the Trend Sysclean Package. Direct URL -- http://www.ik-cs.com/programs/virtools/Sysclean_FE.exe 2) Download and install Ad-aware SE (free personal version v1.06) http://www.lavasoftusa.com/ Update Ad-aware with the latest definitions and then exit the software. 3) Execute; SYSCLEAN_FE.EXE Choose; Unzip Choose; Close Execute; c:\sysclean\SYSCLEAN_FE.BAT { or Double-click on 'SYSCLEAN_FE Link' in c:\sysclean } when you get to the menu dhoose [1] so you can boot into Safe Mode. 4) Disable System Restore http://vil.nai.com/vil/SystemHelpDoc...SysRestore.htm 5) Reboot your PC into Safe Mode and shutdown as many applications as possible. 6) Execute; c:\sysclean\SYSCLEAN_FE.BAT { or Double-click on 'SYSCLEAN_FE Link' in c:\sysclean } Choose [2] on the menu and let SYCLEAN.COM scan your computer. when done, execute Ad-aware SE and perform a full scan of your PC and delete all objects found. 7) Restart your PC and perform a "final" Full Scan of your platform Execute; c:\sysclean\SYSCLEAN_FE.BAT { or Double-click on 'SYSCLEAN_FE Link' in c:\sysclean } Choose [2] on the menu and let SYCLEAN.COM scan your computer. when done, execute Ad-aware SE and perform a final scan of your PC and delete all objects found. 8) Re-enable System Restore and re-apply any System Restore preferences, (e.g. HD space to use suggested 400 ~ 600MB), 9) Reboot your PC. 10) Create a new Restore point * * * Please report back your results * * * -- Dave http://www.claymania.com/removal-trojan-adware.html http://www.ik-cs.com/got-a-virus.htm |
#3
|
|||
|
|||
Thankyou for responding. I can't understand how I could be infected when
this PC has never been connected to the internet. Is it possible that it could be to do with the fact that I purchased the XP full version disk from a Computer Fair? Is it possible that this could be the cause of the problem? "David H. Lipman" wrote: From: "kazzabojangles" | Did you manage to solve this problem? I am having exactly the same problem | but this is the first system I have attempted to build. Everything was going | fine then this error message started to appear. It goes on to restart the PC | 2 or 3 times then you can get past it and log on to windows ok! I havent got | as far as installing a modem so I am baffled as to the cause. HELP! | | "My Toy" wrote: | Download the patch (below). Put the patch, Stinger and Sysclean (below) on media (CDROM, ZIP Disk, USB Flash drive, etc) disconnect the affected PC from the Internet and install the patch. Then reboot the PC and perform the following scan of the PC using Stinger and Trend Sysclean ! Go to; Start -- Run enter; shutdown -a This will halt the shutdown and give you a chance to Download the McAfee worm removal tool, Stinger: http://vil.nai.com/vil/stinger/ Please read the following URL: http://www.microsoft.com/security/in...r_printxp.mspx Please install the patch that fixes the Lsass vulnerability that the Sasser and other infectors exploit -- KB835732 http://www.microsoft.com/downloads/d...displaylang=en You also need a FireWall. If you don't patch the PC and not use a FireWall then you will just be re-infected. I also suggest the installation of ALL MS Critical Updates ASAP. Dump the contents of the IE Temporary Internet Folder cache (TIF) Start -- Settings -- Control Panel -- Internet Options -- Delete Files Dump the contents of the Mozilla FireFox Cache { if you use FireFox } Tools -- Options -- Privacy -- Cache -- Clear 1) Download the TrendMicro Sysclean Front End Download the utility SYSCLEAN_FE at the following URL -- http://www.ik-cs.com/got-a-virus.htm SYSCLEAN_FE automates the download and execution process of the Trend Sysclean Package. Direct URL -- http://www.ik-cs.com/programs/virtools/Sysclean_FE.exe 2) Download and install Ad-aware SE (free personal version v1.06) http://www.lavasoftusa.com/ Update Ad-aware with the latest definitions and then exit the software. 3) Execute; SYSCLEAN_FE.EXE Choose; Unzip Choose; Close Execute; c:\sysclean\SYSCLEAN_FE.BAT { or Double-click on 'SYSCLEAN_FE Link' in c:\sysclean } when you get to the menu dhoose [1] so you can boot into Safe Mode. 4) Disable System Restore http://vil.nai.com/vil/SystemHelpDoc...SysRestore.htm 5) Reboot your PC into Safe Mode and shutdown as many applications as possible. 6) Execute; c:\sysclean\SYSCLEAN_FE.BAT { or Double-click on 'SYSCLEAN_FE Link' in c:\sysclean } Choose [2] on the menu and let SYCLEAN.COM scan your computer. when done, execute Ad-aware SE and perform a full scan of your PC and delete all objects found. 7) Restart your PC and perform a "final" Full Scan of your platform Execute; c:\sysclean\SYSCLEAN_FE.BAT { or Double-click on 'SYSCLEAN_FE Link' in c:\sysclean } Choose [2] on the menu and let SYCLEAN.COM scan your computer. when done, execute Ad-aware SE and perform a final scan of your PC and delete all objects found. 8) Re-enable System Restore and re-apply any System Restore preferences, (e.g. HD space to use suggested 400 ~ 600MB), 9) Reboot your PC. 10) Create a new Restore point * * * Please report back your results * * * -- Dave http://www.claymania.com/removal-trojan-adware.html http://www.ik-cs.com/got-a-virus.htm |
#4
|
|||
|
|||
From: "kazzabojangles"
| Thankyou for responding. I can't understand how I could be infected when | this PC has never been connected to the internet. Is it possible that it | could be to do with the fact that I purchased the XP full version disk from a | Computer Fair? Is it possible that this could be the cause of the problem? | Possible but not probable. -- Dave http://www.claymania.com/removal-trojan-adware.html http://www.ik-cs.com/got-a-virus.htm |
#5
|
|||
|
|||
"kazzabojangles" wrote in message ... Did you manage to solve this problem? I am having exactly the same problem but this is the first system I have attempted to build. Everything was going fine then this error message started to appear. It goes on to restart the PC 2 or 3 times then you can get past it and log on to windows ok! I havent got as far as installing a modem so I am baffled as to the cause. HELP! "My Toy" wrote: I have been receiving the following erroe message on a system I am building Lsass.exe-System Error "An I/O operation initiated by the Registry failed unrecoverably. The Registry could not read in,or write out, or flush, one of the files that contain system's image of the Registry" To me, this seems to be a software error, or an error generated because of a corrupted file when Lsass.exe executes. so I ran fdisk, took out the partitions, set them again, reformatted and reinstalled the operating system. I have flushed the MB registry several times,still the same message. Any ideas I had a problem with this and it turned out to be virus kind of activity. I did a clean installation and it fixed it in the end. |
#6
|
|||
|
|||
Thankyou for the previous responses but I am still stuck on this! I tried
reformatting and setup went fine but within 5 mins same error message appeared! I still can't understand how it could be a virus. This is a newly built system that has not run any programs at all yet and never been online. Is it poss that any of the installation software I am using could be corrupted? If I cant solve it by reinstalling Windows what else can I do? "My Toy" wrote: I have been receiving the following erroe message on a system I am building Lsass.exe-System Error "An I/O operation initiated by the Registry failed unrecoverably. The Registry could not read in,or write out, or flush, one of the files that contain system's image of the Registry" To me, this seems to be a software error, or an error generated because of a corrupted file when Lsass.exe executes. so I ran fdisk, took out the partitions, set them again, reformatted and reinstalled the operating system. I have flushed the MB registry several times,still the same message. Any ideas |
#7
|
|||
|
|||
kazzabojangles wrote:
Thankyou for the previous responses but I am still stuck on this! I tried reformatting and setup went fine but within 5 mins same error message appeared! I still can't understand how it could be a virus. This is a newly built system that has not run any programs at all yet and never been online. Is it poss that any of the installation software I am using could be corrupted? If I cant solve it by reinstalling Windows what else can I do? Have you tested your RAM and hard drive? Steve "My Toy" wrote: I have been receiving the following erroe message on a system I am building Lsass.exe-System Error "An I/O operation initiated by the Registry failed unrecoverably. The Registry could not read in,or write out, or flush, one of the files that contain system's image of the Registry" To me, this seems to be a software error, or an error generated because of a corrupted file when Lsass.exe executes. so I ran fdisk, took out the partitions, set them again, reformatted and reinstalled the operating system. I have flushed the MB registry several times,still the same message. Any ideas |
#8
|
|||
|
|||
From: "kazzabojangles"
| Thankyou for the previous responses but I am still stuck on this! I tried | reformatting and setup went fine but within 5 mins same error message | appeared! I still can't understand how it could be a virus. This is a newly | built system that has not run any programs at all yet and never been online. | Is it poss that any of the installation software I am using could be | corrupted? If I cant solve it by reinstalling Windows what else can I do? | | "My Toy" wrote: | You failed to follow my advice ! I didn't tell you to reformat and re-install. I did state - "If you don't patch the PC and not use a FireWall then you will just be re-infected." As long as you fail to heed my information, you will continue to be exploited ! -- Dave http://www.claymania.com/removal-trojan-adware.html http://www.ik-cs.com/got-a-virus.htm |
#9
|
|||
|
|||
"David H. Lipman" wrote in message ... From: "kazzabojangles" | Thankyou for the previous responses but I am still stuck on this! I tried | reformatting and setup went fine but within 5 mins same error message | appeared! I still can't understand how it could be a virus. This is a newly | built system that has not run any programs at all yet and never been online. | Is it poss that any of the installation software I am using could be | corrupted? If I cant solve it by reinstalling Windows what else can I do? | | "My Toy" wrote: | You failed to follow my advice ! I didn't tell you to reformat and re-install. I did state - "If you don't patch the PC and not use a FireWall then you will just be re-infected." As long as you fail to heed my information, you will continue to be exploited ! -- Dave http://www.claymania.com/removal-trojan-adware.html http://www.ik-cs.com/got-a-virus.htm The kind of virus I felt this was did not come from email it seemed to be some kind of other virus. |
#10
|
|||
|
|||
From: "Jones"
| | The kind of virus I felt this was did not come from email it seemed to be | some kind of other virus. There are a few types of LSASS Exploits but most are Internet worms that attack and try to infect via TCP port 445. -- Dave http://www.claymania.com/removal-trojan-adware.html http://www.ik-cs.com/got-a-virus.htm |
#11
|
|||
|
|||
"David H. Lipman" wrote in message ... From: "Jones" | | The kind of virus I felt this was did not come from email it seemed to be | some kind of other virus. There are a few types of LSASS Exploits but most are Internet worms that attack and try to infect via TCP port 445. -- Dave http://www.claymania.com/removal-trojan-adware.html http://www.ik-cs.com/got-a-virus.htm It seems awful that these programs can randomly get into your system and mess it up without even opening up an email! |
#12
|
|||
|
|||
I'm sorry to sound like I am ignoring your advice on this, I am really
grateful for all your suggestions - but again I have to ask - how can this be a virus issue when this PC is brand new and has not yet been hooked up to the net? - it does not even have a modem installed. Also I did download the patch you suggested from another PC and when I uploaded it I received a M/S window telling me that SP2 is already installed and is more up to date than the patch I am trying to install. I also reformatted again (I know, you told me not to but I'm clutching at straws here!) and this time I used a new XP package and it still happened so that would suggest to me that it isnt to do with the O/S. Please can you suggest anything else? "Jones" wrote: "David H. Lipman" wrote in message ... From: "Jones" | | The kind of virus I felt this was did not come from email it seemed to be | some kind of other virus. There are a few types of LSASS Exploits but most are Internet worms that attack and try to infect via TCP port 445. -- Dave http://www.claymania.com/removal-trojan-adware.html http://www.ik-cs.com/got-a-virus.htm It seems awful that these programs can randomly get into your system and mess it up without even opening up an email! |
#13
|
|||
|
|||
What have you done to your computer re configuring it. Especially memory =
tuning? Or memory or disk error. Memory Tester =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D http://oca.microsoft.com/en/windiag.asp Use the recovery console to test the disk. That message text is the text for error 1016 (type in Start Run=20 cmd /k net helpmsg 1016 ) You can look through here. http://www.google.com.au/search?num=...&q=3DLsass+%2= 2An+I%2FO+operation+initiated+by+the+registry+fail ed%22&meta=3D http://groups.google.com.au/groups?q...%20operation%= 20initiated%20by%20the%20registry%20failed%22&num= 3D100&hl=3Den&lr=3D&saf= e=3Doff&sa=3DN&tab=3Dwg --=20 -------------------------------------------------------------------------= ------------------------- http://webdiary.smh.com.au/archives/...nt/001075.html =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D "kazzabojangles" wrote in = message ... I'm sorry to sound like I am ignoring your advice on this, I am really = grateful for all your suggestions - but again I have to ask - how can = this be=20 a virus issue when this PC is brand new and has not yet been hooked up = to the=20 net? - it does not even have a modem installed. Also I did download = the=20 patch you suggested from another PC and when I uploaded it I received = a M/S=20 window telling me that SP2 is already installed and is more up to date = than=20 the patch I am trying to install. I also reformatted again (I know, = you told=20 me not to but I'm clutching at straws here!) and this time I used a = new XP=20 package and it still happened so that would suggest to me that it isnt = to do=20 with the O/S. Please can you suggest anything else? =20 "Jones" wrote: =20 =20 "David H. Lipman" wrote in message=20 ... From: "Jones" | | The kind of virus I felt this was did not come from email it = seemed to=20 be | some kind of other virus. There are a few types of LSASS Exploits but most are Internet = worms that=20 attack and try to infect via TCP port 445. --=20 Dave http://www.claymania.com/removal-trojan-adware.html http://www.ik-cs.com/got-a-virus.htm =20 It seems awful that these programs can randomly get into your system = and=20 mess it up without even opening up an email! =20 =20 =20 |
#14
|
|||
|
|||
Thankyou all for your many suggestions re this error. It appears to be
finally solved! And it was as simple as replacing the cables running from the hard drive and the dvd drive! Have been using the PC with no problems for the last 2 days - fingers crossed it stays that way! "David Candy" wrote: What have you done to your computer re configuring it. Especially memory tuning? Or memory or disk error. Memory Tester ============ http://oca.microsoft.com/en/windiag.asp Use the recovery console to test the disk. That message text is the text for error 1016 (type in Start Run cmd /k net helpmsg 1016 ) You can look through here. http://www.google.com.au/search?num=...led%22&meta = http://groups.google.com.au/groups?q...ff&sa=N&tab=wg -- -------------------------------------------------------------------------------------------------- http://webdiary.smh.com.au/archives/...nt/001075.html ================================================= "kazzabojangles" wrote in message ... I'm sorry to sound like I am ignoring your advice on this, I am really grateful for all your suggestions - but again I have to ask - how can this be a virus issue when this PC is brand new and has not yet been hooked up to the net? - it does not even have a modem installed. Also I did download the patch you suggested from another PC and when I uploaded it I received a M/S window telling me that SP2 is already installed and is more up to date than the patch I am trying to install. I also reformatted again (I know, you told me not to but I'm clutching at straws here!) and this time I used a new XP package and it still happened so that would suggest to me that it isnt to do with the O/S. Please can you suggest anything else? "Jones" wrote: "David H. Lipman" wrote in message ... From: "Jones" | | The kind of virus I felt this was did not come from email it seemed to be | some kind of other virus. There are a few types of LSASS Exploits but most are Internet worms that attack and try to infect via TCP port 445. -- Dave http://www.claymania.com/removal-trojan-adware.html http://www.ik-cs.com/got-a-virus.htm It seems awful that these programs can randomly get into your system and mess it up without even opening up an email! |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Lsass.exe System error XP Home SP2 | My Toy | Windows Service Pack 2 | 4 | February 3rd 05 11:01 PM |
Retain files/programs during XP Home install? | furitive glance | General XP issues or comments | 4 | January 29th 05 10:56 PM |
poor xp performance | sealpup | Performance and Maintainance of XP | 10 | January 23rd 05 08:46 AM |
xp sp2 | Jagdish Chandra | Windows Service Pack 2 | 4 | December 13th 04 09:33 AM |
Differences between XP Home and XP Pro? | KunK | General XP issues or comments | 13 | November 9th 04 05:08 PM |