To talk on Icrontic, just register!

It only takes 30 seconds.

Have an account? Sign in:

Forgot?
 
Reply to Discussion Options
Jonshandbrake
Ultimate Folding Addict
Jonshandbrake
65 Posts
15 Feb 2004, 10:16pm

lsass.exe error....Puta wont boot

G'day to everyone and I thank you in advance for any help you can give.

I'm not too sure of my puta's internals as my hubby has all that info in his head. I know it is a P4 272mhz something with 80 & 60 gig Hard drives. OS is windows XP home edition

Well I am experiencing a bootup problem. I keep receiving the error message "lsass.exe The endpoint format is invalid" then the system just stays on this black blank screen with this error message. I keep restarting, the system almost logs on then the same error message pops up again.

I have restarted in safe mode and done a system restore twice to take the system back to when it worked correctly. The system restores both worked and reinstalled the system to an earlier date and time but it didn't fix up the lsass.exe problem. I can only log on now in safe mode.

Please help.......is there a fix or a patch that can fix my problem

Hugs

Sally
__________________ Confucius says:, "Do not remove a fly from a friends head with a hatchet".
[folding_sig1] [folding_sig2]
There are no unanswered prayers, sometimes the answer is no.
Reply with Quote
Leonardo
Buzzwinkle the Moose FTW
Leonardo
14,843 Posts
16 Feb 2004, 12:03am
Have you tried running Windows "Error-checking" for the affected drive? (It should be your C: partition/drive.) I'd try that first. If that doesn't work, I would suggest doing a Windows XP installation in restore mode. I don't know of a simpler solution. If you need help performing either of those operations, just post again. We'll get your system working right again.
__________________ HEATWARE 208/0/0

1. Gigabyte GA-P35-DS4, Q6600/G0 3.2GHz, Seasonic M12D 850 PSU, 4GB OCZ DDR2 800, 2 X EVGA 9800GX2, TR Ultra120E; 2. Gigabyte EP45-UPD3, Q6600/G0 3.2GHz, BFG EX 1000 PSU, 4GB G.Skill DDR2 800, ECS 9800GX2, EVGA 9800GX2, Prolimatech Megahalems; 3. Gigabyte GA-X38-DS4, Q6600/G0 3.2GHz, Cooler Master RS-850-EMBA PSU, 4GB G.Skill DDR2 800, 2 X EVGA 9800GX2, Prolimatech Megahalems; 4. Gigabyte GA-P35-DS4, Q6600/G0 3.2GHz, Cooler Master RS-850-EMBA PSU, 4GB Patriot DDR2 800, PNY 9800GX2, EVGA 9800GX2, Prolimatech Megahalems
Reply with Quote
Jonshandbrake
Ultimate Folding Addict
Jonshandbrake
65 Posts
16 Feb 2004, 12:23am
Could you please help with instructions on how to do these options.

Would a system repair work???? I know how to do this

Regards

Sally
Reply with Quote
Straight_Man
Playing with Virtual Painter
Straight_Man
3,716 Posts
16 Feb 2004, 12:43am
Technically, you might try the KB828028 patch run in safe mode if you can get it as an archive on another box and then get it on the hurt box's HD via CD read or over a direct box-to-box connection. Unfortunately, easiest way to get rid of error and get to normal boot will probbaly break your networking, so the repair install (AKA quick install, which is a recovery via CD installation that will fix some things including some networking which is involved in this) from a full retail CD of XP might be best. If you can repeat the rollback and get on the web long enough to apply the fix, you can get rid of part of your problem that way also.

ADDED AND MODIFIED after more looking: If not, have hubby help fix if this is at all possible-- the fix is to edit the registry in safe mode, and that gets complex. He needs to remove registered links using lsass.exe to download things. These are entries that are in the registry to fix so you can patch if the direct patch load does not pull them for you. I could give you examples, but there are many possible ways to get what you have, he needs to look at the registry for web calls that invoke lsass.ex with a substring that includes '+lsass.exe' and pull only the web call registry entries. This one is not your fault, someone exploited a hole.

Basicly, once it is back up, the preventive fix is explained in Microsoft Security Bulletin MS04-007. There is a hole in ASN 1.0, which comes with XP. One of the things this hole lets remote folks do is feed things that overflow lsass.exe (and get them entered into the registry to load at startup) and that is part of what might be happening here. You can also look up KB828028 at Microsoft.com and there will be a download link for a new version of ASN that will patch this (should end up with ASN 3.0 after installing download on XP), and there are also other things that patch fixes. That patch will help keep this from happening again once it is fixed this time.

Microsoft is grading this one a critical patch. I recommend everyone with 2000 or XP read KB828028 if it is not on WindowsUpdate openly yet (new installs like mine day before yesterday of XP SP1a DID get it on first update run).

For those of you who are interested, look at http://cve.mitre.org/ , then click the index, choose to search the cve stuff (it is (might still be when you look, might be accepted in the meantime) a CVE candidate), and the search of the cve list will pull it up, and use keyword lsass.exe . Follow the links (via cut-n-paste into a browser tab or window address bar), they show major discussions that make sense--above and beyond what Microsoft explains.

John D.
Reply with Quote
Straight_Man edited : 16 Feb 2004 at 1:11am .
Leonardo
Buzzwinkle the Moose FTW
Leonardo
14,843 Posts
16 Feb 2004, 12:47am
For Windows files check: go to either Windows Explorer or My Computer, right click on your drive C:, select properties, select tools at the tab above, select "Check Now" button at "Error-checking". After that selection, there will be two boxes - check them both. You will probably get a message during the operation that states your computer has to be restarted for the file checking to complete. Do restart the computer.

If this doesn't fix the problem, then you should try re-installing Windows XP in repair mode (I believe I said "restore" mode last time). If you do have a "Restore Point" where everything worked, you could try that as well, but you would lose any settings changes you've made since that restore point. A re-installation of Windows in "Repair" mode will not change your settings or remove any data.
Reply with Quote
Straight_Man
Playing with Virtual Painter
Straight_Man
3,716 Posts
16 Feb 2004, 1:22am
Leonardo, the way the problem happened is that there is a way to induce lsass.exe to have a work heap overflow. When that happens, it is quite possible for bad code to be pushed through a registered pipe created in registry. File check is a good preventive thing (and also a good idea), but the reg keys are what it is yelling about, and it is lsass.exe which has been put in an error state that is hanging the boot.

The ANS1 patch and upgrade eliminates the exploit and the overflow possibility. This problem was first found in July, 2003, and the finder agreed to keep silent until Microsoft could fix it. In fact, the finder helped get it fixed also. It was submitted as a CVE candidate in August, 2003, AFAIK (I have seen different dates at different times, think it was submitted more than once).

John D.
Reply with Quote
Leonardo
Buzzwinkle the Moose FTW
Leonardo
14,843 Posts
16 Feb 2004, 2:45am
John, where we are at now is helping the lady get her system fixed an running. Yes, I understand - the problem may recur for her if she doesn't fix the root cause. Nevertheless, we need to get her up and running.
Reply with Quote
dragonV8
RIP SM
dragonV8
3,935 Posts
16 Feb 2004, 11:02pm
G'day guys. As some of you will know, i'm Jon, Sally's MUCH better half.
As i just flew back in from the minesite, i found she has this problem. As per my avatar comment, "I don't know very much". I/we certainly appreciate all the help/advise we are getting from you folks. At the moment i am not real sure where Sally is at, fixing this problem. She said something about it last night, but as i just finished night-shift i'm not thinking very clearly.

I do know her puter is running at the moment, so hopefully it's ok.
Very shortly, a backup will be done of the existing puter data and then i will be taking the case to our local puter shop for a planned upgrade. I have been led to believe there will be a format and fresh install of XP as the mobo, ram and cpu will all be replaced.

Presently it is a PIV 2.4g , 512m ram and when we get it back it will be PIV 3.2g , 1G ram. New mobo will be HT, so with all this in mind, my little bit of knowledge is hoping we may possibly be DELETING the root cause of her problem.

I do know she is learning about all of this stuff at a rate that is astonishing me. When i ask about a problem with my laptop, she makes more sense than a computer salesperson. Not too bad for someone her age. Womans perogaritive to keep it secret.
All i can say is, she is just a few years younger then me, and i have just turned 57, hehehe.

Thanks for helping guys. Hopefully after today's work all will be well. We will keep you informed as to how it goes.

Cheerio Jon
__________________ I live this life, till this life won't let me live here anymore.
Big & Rich - a horse of a different color.
requiescat in pace Short-Media
Reply with Quote
edcentric
Must keep folding
edcentric
2,481 Posts
17 Feb 2004, 6:38pm
Jon (and Sally), I am glad to see someone else here that is not 'just out of school'. There are actually quite a few of us that have been around a while and are still rather new to the hardware.
I look forward to seeing both of you around these forums.
ed
__________________ A couple of folding boxes;

DFI LP Nf4 U-D, A64X2, 2GB ram, is folding again
MSI P965 Pt, C2D E6300, 2GB ram, old reliable

2.5 million points and counting
Reply with Quote
DonDaniels
New to the neighborhood
DonDaniels
1 Posts
11 Dec 2006, 9:32am
For the boot problem "lsass.exe System Error: The endpoint is invalid" create a new pagefile on another disk while setting the current disk(s) to no pagefile, then reboot the system. Once fixed, you can delete the old pagefile(s) and recreate original setting(s). Contact D2 at GAP dot NET for more info.
Reply with Quote
HeadHurtBad
New to the neighborhood
HeadHurtBad
2 Posts
29 Nov 2007, 1:33pm
had same problem, googled to here, DonDaniels suggestion about swapping pagefile to different disk worked. btw puta in spanish means prostitute.
Reply with Quote
primesuspect
The Icrontic Guy
primesuspect
28,248 Posts
29 Nov 2007, 2:55pm
Quoting HeadHurtBad
btw puta in spanish means prostitute.
lol. Thanks for letting us know

Glad it worked out for you. Many land here from google, few stay, but those who do really are better for the experience.

Stick around!
__________________ "I offer my genius to the world, all I ask is you pick up my expenses"
Reply with Quote
HeadHurtBad
New to the neighborhood
HeadHurtBad
2 Posts
29 Nov 2007, 10:09pm
With all the different ways a computer can stop working, it's good to find an answer that fixes the problem. That usually means I'll be lurking, in hopes of helping somebody back.
Reply with Quote
Similar Threads
Thread Thread Starter Forum Replies Last Post
WinXP won't boot from SATA reelbigfish Storage 21 16 Nov 2005 3:06pm
Help Dual P4 rig wont boot without removable hard disk. Jimborae Storage 17 19 Aug 2004 4:58pm
Computer tests memory..then freezes at boot evann General Hardware 21 4 Feb 2004 10:12pm
System won't boot with hard drive attached. gtghm General Hardware 4 3 Feb 2004 3:14am
won't boot without CD scott General Hardware 4 22 Dec 2003 4:27pm

Go Back   Icrontic Forums > Tech: Hardware > General Hardware
Reload this Page lsass.exe error....Puta wont boot
Jump to
This Thread Search this Thread
Search this Thread:

Advanced Search

Today's Posts - Mark All Read - Contact Us - Icrontic.com - Archive - Top

Current time: 4:41pm (GMT)
Powered by vBulletin®
Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.
Get Vanilla instead. Trust me.