Windows

General discussion

Gravatar
0 Votes
Locked

Win xp lsass.exe system error

By k4k ·
Am running Win xp on my laptop & running through a problem. Win Xp boots up & displays dilog box alog with a login screen, the lsass.exe system error dialog box says The specified domain did not exist. ignoring the error if i try to login to domain the system hangs.
When i close the error dialog box system restarts.

this repeats am not able to log into my system even in safe mode.

whatz causing this behaviour. even if it is a virus the least i need is log into system.

any solutions ?

thanks in advance ..

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

gravatar
Collapse -

by Skidoggeruk In reply to Win xp lsass.exe system ...

Check for the sasser virus. Check MS website, they have detector/remover tool, as do most AV sites.

Check registry keys in the run box like these

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\Run "avserve3.exe" = C:\WINDOWS\avserve3.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\Run "avserve.exe" = C:\WINDOWS\avserve.exe

You could also try to find and delete/rename these files. Search the whole HDD.

Make sure to check C:\_Restore folder.

To remove this virus "by hand", follow these steps:

Here is what McAfee had to say(for one of the variants) :

Reboot the system into Safe Mode (hit the F8 key as soon as the Starting Windows text is displayed, choose Safe Mode.
Delete the file AVSERVE.EXE from your WINDOWS directory (typically c:\windows or c:\winnt)
Edit the registry
Delete the "avserve" value from
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Run
Reboot the system into Default Mode

Good Luck

to perform registry edits, you need to run regedit from start/run box. Standard reference to changing registry keys here. (Please be careful.)

gravatar
Collapse -

by w2ktechman In reply to Win xp lsass.exe system ...

To boot into safe mode to remove Sasser, log on with the administrator account, not your account.
It sounds like Sasser, or variant. If you do not know the Admin password, try unplugging your sytem from any network (remove network cable), and then log in (system will use Cached info). Do not close the lsass error box. I have been able to clean a system using this method, with few reboots. Have handy a cd or flash drive with the Sasser fix (copy it from another system). and quickly run it. It may be able to run completely, if not, try on another reboot. After it runs and reboots, do a manual clean, or if you cannot use the tool, do the manual clean (listed above). reboot, and check 1 more time.

It is best to have the Microsoft patch ready as well, on cd. Install it, reboot, and then try the network again.

gravatar
Collapse -

by matherg In reply to Win xp lsass.exe system ...

Both of the above will work, but with XP remember to disable the System Restore feature first before booting in Safe Mode.

gravatar
Collapse -

by Sue T In reply to Win xp lsass.exe system ...

Have you tried booting to the XP CD or if you think you have a virus and have access to another computer you should make an emergency anti virus disk and then use it to boot your computer and run a full system scan. If you don't have access to another computer then boot to the XP CD and do a repair or you might possibly have to reinstall XP over top of itself. These are just a couple of things to try. Good Luck

gravatar
Collapse -

by willcomp In reply to Win xp lsass.exe system ...

The first reaction by many to anything associated with lsass.exe is the Sasser worm. However, your symptoms do not appear to be caused by any of the Sasser variations that I have seen. Could be another virus though.

Are you attempting to log onto a Windows 2000/2003 domain? Are any error codes displayed?

Try replacing lsass.exe from recovery console. There have been instances of a corrupt lsass.exe file causing problems.

Good luck.

Dalton

Back to Windows Forum

Start or search

Related Discussions

Related Forums