"lsass.exe: System error" every time I boot Windows?

I had a variant of the LSASS worm on my mother's computer. I had tried both Kaspersky AV and AVG Free, both neither could remove the worm. I'm to the point where I will be installing Debian GNU/Linux on her computer the next time I am at her home. The only thing that had stopped me in the past from this was lack of a linux-useable dial-up modem, but now she's on DSL which linux handles perfectly. I recommend Linux to any PC user because of its relative lack of secuirty issues.

Wrong answer. I have the same issue and there's no way its the sasser work (or any other virus). I've restored from a known-good tape system onto new disks and get the same error. In short, I'm screwed.

Hi Dave,

The problem as you clearly mentioned is that the PC doesn't even boot at all! (it doesn't go beyond the "loading windows xp " screen) Hence, there is no way one can log into windows and take the following steps to solve the problem and remove the virus.

I am currently suffering from this and I'll appreciate any immediate solution (or ink to a soultion), please, please, please

Dear Sir,
In my computer I have two Operating systems in C drive and D drive. both are Windows xp Service pack2 Beta versions. initially both are working OK. Now in D drive Operating system is working but in C its not working. while I am trying to booting through c: drive It will take 30 to 40 seconds and without any message it will restart. Still I am trying to go to Safe mode. but it is not possible to me. in this situation what i have to do to boot winodws xp normally and without lossing the data of C drive. Please give me sollution for the above. Thanking you sir.

i'm currently going throught his myself and the only solution to this unfortunate problem isd to reinstall windows

I am having the same problems mentioned most recently (since Oct), running XP home edition. It gets to the splash screen and says lsass.exe system error, object name not found.
The last thing I did was update windows. I have 2 AV, bitdefender, kerio, don't use outlook or any other PC-based email and I sit behind a switch with a private IP. So, I'm wondering if this isn't one of those microsoft worms. Off to find the original windows CD.
Any ideas?

hi,
i have an almost similar problem.my internet speed is teribly slow and the ping results are very high.when i installed a wireless usb device on the pc when i rebooted it after the installation,it gave me a lsass.exe-system Error and said that :an I/O operation initiated by registry failed unrecoverably.The Registry could not read in,or write out, or flush,one of the files that contain the systems's image of the Registry.pls help..what can i do?????

If your computer keeps booting after your get the lsass.exe error, your security registry hive is corrupt.

rename "c:\windows\sytem32\config\security" to security.bak

then copy c:\windows\system32\repair\security to the location above.

that should do it.

My husband's PC just experienced the same error and we can't boot up the PC at all. Nothing worked and I had to reinstall Windows and every application we've ever installed on that PC. We use Norton Anti-virus and Internet Security and we also have Spy Sweeper. We keep up with all updates for both Windows and Norton and Spy Sweeper and still got the worm. Go figure!

Hi

My laptop has come up with this error "when trying to update password, this return status indicates that the value provided as the current password is not correct" Before this it said that C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM was missing or corrupted so I replaced it with one in my back up it now gives me the error at the top how can I fix this would putting the original file that didn't work make it easer to fix?

David

Sounds like the same problem I have. I have been experiencing very poor performance from Office programs on my 3 month old Vaio running XP Home (pre-installed). The problems seemed to be caused by Norton Internet Security (I disconnected my wireless internet connection, disabled Norton and Word and Outlook worked much quicker). I decided to install the OneCare trial. During the install I was forced to remove Norton Internet Security, but apart from that everything went OK. When the machine was shutting down I got an error box saying there was an I/O error and a reference to the registry?

When the machine restarted it hung at the Windows XP logo screen, before the user log in page. I tried to restart in safe mode and it hung a driver (mup.exe). I then restarted again and Chkdsk ran and the machine hung at a black screen with a mouse pointer. I then restarted again and I got the following message box.

lsass.exe - Unable to locate Component

This application failed to start because UxTheme.dll was not found. re-installing the application may fix this problem.

When I click OK the machine hangs at a black screen with the mouse pointer, then reboots itself, runs chkdsk and hangs with the following message box

lsass.exe - Unable to locate Component

This application failed to start because DNSAPI.dll was not found. re-installing the application may fix this problem.

I don't have an XP disk as XP was pre-installed - I know I should have created one. I have a full backup using Norton Ghost on an external hard drive - will there be a XP boot on that and, if so, how do I get to it?

My computer has been down for 3 weeks-still no fix.Win XP Home wont boot.Cant get online to download any fixes.Cant access system to do system restore. Goes to Lsass.exe and quits.Just keeps rebooting.Its not a virus as I was changing accounts and security and must of made an incorrect entry that triggered the Lsass.exe.I don't have a win Xp Home disk as it was preinstalled when I purchased computer.Please help. Thankyou

I have the same problem. My computer's been crashing from an overheating problem lately and yesterday it gave me a 'system file corrupted' error. So i followed the MS kb article about restoring the registry files in the system32/config folder, and now its giving me the exact same error you guys are getting.

I tried replacing the scurity file from the /repair folder but that didn't fix it either.

Someone please help!

I have the same problem - windows won't even load up and I get the lsass.exe - unable to locate component error message

What is the fix? - I don't see it anywhere on this page?

Windows is complete garbage, but unfortunately we are almost required to use it nowadays. What the other people say is true; you will end up having to format your HD and install Windows XP again. I had that error before, as well. What none of the Microsoft Techs, or most other advocates of this horrible OS, will tell you is that there is a way to get the data off that you need.

You use something called a LiveCD / LiveDVD. It is a version of Linux that is booted from the disk itself. You can use it anytime that you would like. Hell, my Windows works fine and I use it my computer occasionally just for kicks. By booting the computer while this disc is in the drive, you can boot into Linux before Windows. This will allow you to use a CD/DVD burner (internal or external) or a flash drive to get all of your data off and onto discs or another computer temporarily. Just be sure that all peripheral devices (including removable media) are plugged in prior to booting into Linux, otherwise Linux may not recognize it.

I had this problem and managed to fix it without a reinstall.
Create the disc at www.ubcd4win.com on a good pc and boot off of it on the bad one. Once in go to Start, Programs, Registry Tools, Registry Restore Wizard. Tell it where Windows is installed (C:\Windows usually). Then pick the date that you want to roll back to. I chose the one closest to todays date and it recovered it fine. Reboot and bingo! It's back. (Well it was for me...!)
Hope this helps someone!

Jon Morris' advice of

"
If your computer keeps booting after your get the lsass.exe error, your security registry hive is corrupt.

rename "c:\windows\sytem32\config\security" to security.bak

then copy c:\windows\system32\repair\security to the location above.

that should do it."

Worked perfectly. You can use your XP disk to boot into recovery mode (recovery mode is just a DOS prompt, there's no reinstallation), or if you don't have an XP CD (and you can't borrow one), you may need to look at a third party tool.

Great advice though, thanks Jon.

I've been getting a diffrent type of lsass.exe error. it tells me "An invalid parameter was passed to a service or function" I tried to repair windows with the XP disk and halfway though the setup it had a crititcal system error and now when it restarts the setup I get the lsass.exe during it. So now for some reason I cant get into the recovery console.

any ideas?

I get "lsass.exe System Error. The specified domain did not exist" then an "OK" button to click. Clicking this button (or the "X" that closes this little window")reboots the computer for another cycle of the same thing. I'm going to try some of the above fixes.

just to quote the following comment

Jon Morris' advice of

"
If your computer keeps booting after your get the lsass.exe error, your security registry hive is corrupt.

rename "c:\windows\sytem32\config\security" to security.bak

then copy c:\windows\system32\repair\security to the location above.

that should do it."

Worked perfectly. You can use your XP disk to boot into recovery mode (recovery mode is just a DOS prompt, there's no reinstallation), or if you don't have an XP CD (and you can't borrow one), you may need to look at a third party tool.

Great advice though, thanks Jon.

the actuall directory of "c:\windows\system32\repair\security" is as follows "c:\windows\repair\security"

Ah yeah, and it's "C:\Windows\System32\Config\Security" not "C:\Windows\Sytem32\Config\Security" as well.

Just before someone finds it doesn't exist.

I went to www.ubcd4win.com (on a good computer) and created a boot CD like one of the posts above mentioned. This boot CD allows you to get into your computer in a psuedo-safe mode so you can at least work on your registry. If you have a CD burner on the bad computer you can also burn files onto a CD to at least recover data if you need to. I couldn't get it to recognize a flash drive though, it would only recognize my installed drives. I found it alot easier than working through the recovery console because you can copy, paste and rename files just like in windows explorer. I was able to change all the files as mentioned in previous posts and my computer was back to normal...for now. =)

i am using xp and it gets corrupted within 20 days of installation . it displays a message that " windows is unable to boot it might have occured due to hardware changes" . infact i never changed any hardware ever and i use my pc normaly. everytime i shutdown properly but this problem persists for last 4 months pls tell me the solution.

rebooted my laptop,
got the message windows cant locate win\sys32\config.sys, may be missing or corrupt,
tried reinstalling the OS
tried fresh install
tried repair install
after setup, chkdsk runs and scans the file system,
scrolling windows startup,
blue screen without logon icons,
error - lsass.exe invalid command was requested.
keeps rebooting and get various lsass.exe error messages.
H E L P !!!

I've downloaded the software.to a system and have burnt it on a cd...
How do I install it when the system cannot log me in?

Instructions would help...

sir,when i boot my win 2003 server pc.it showing lsass.exe file error and sys is nt logging

Hi All

Thank you very much for your advice I had the lsass.exe problem and the comment from jon morris help me fix it. I used Knoppix v5.1 to edit and copy the files on the windows disk it is now being scanned.

Thanks

Kevin

Dear Dave
i have noticed recently that every time i start (boot) my pc it gives the message of updating systme setting. Why it so. Are there any virus which attempt to write in boot area on every boot. How can i correct? Does it need to be corrected?

Hi I,ve tried to repair the security file but I still have the same problem, any suggestions other than re-installing windows?

Pleeeeeze spell it out , exactly, for us dummies.
lsass.exe is killing us.
I can get into the recovery console and rename and copy.
what "above location" are you referring to?
please, type out exactly what to do...thanks

I had this problem with Windows 2003 Server!

- Boot with your Windows system CD
- Go into the repair console
- Now change directory to the C:\windows\system32\config (cd blah blah)
- type: rename security security.bak
- enter
- type: copy c:\windows\repair\security .
- enter
- type: exit
- enter
- or reset the computer manually

Works like a charm, thanks to Jon!! Cheers!!!

Well, I cheered to early.
The first LSASS problem is gone, but on Windows 2003 Server, there will be some pretty hard nuts to crack with regards to the Active directory and SAM.
Without a backup, you can forget about getting Windows 2003 server running properly again.....

I tried the posted solution but now the windows recovery console won't take my administrators password ????

i have win2000 when i on my pc then this take a lot of time to boot. and it is on network and i cheked wire also wire is ok when it boot after a lot of time then i cheked by ping and show reply .
pls tell me how it comes in fast boot.

Just FIXED my problem by following Joh Morris'; advice...Thanks so much Jon.

Requoting Jon Morris' advice of

"
If your computer keeps booting after your get the lsass.exe error, your security registry hive is corrupt.

rename "c:\windows\system32\config\security" to security.bak

then copy c:\windows\system32\repair\security to the location above..."

I have a emachine an it doesn't have "c:\windows\system32\repair folder. Or could I be misreading the instructions. Should I be at the dos prompt or in the windows folder. My computer is doing the same as everyone else and I do not understand the steps. Could someone help me please?

I also can`t even access the computer via safe mode, and a message saying that "there are insufficient system resources available to complete the API"

hi, when i try Jon Morris' advice of

"
If your computer keeps booting after your get the lsass.exe error, your security registry hive is corrupt.

rename "c:\windows\sytem32\config\security" to security.bak

then copy c:\windows\repair\security to the location above."

when i reboot windows the problem continued.
can somebody help me please. can i get step by step instructions. cause nothing is working for me.

Hello

Ive got the lsass.exe problem with the rebooting-cycle thingie..

I tried to do the step by step instructions from above but i havnt got a dir called "c:\windows\system32\repair\ <-" the only "repair" dir ive got is located in the windows directory.. can i use that "security" file?

hi love ur site i am trying to fix a problem
rundll
an exception occured while trying to run
c/windows /system 32 spads .dll derify
also
st trayapp.exe application error
the instruction at 0x10006235 ref memory ox0000003c the memory could not be read

u guys do know that if you start your system on safe mode, and sighn in as administrator instesd of owner, you can run your spyware protection and remove the threat. this worked for me today, i was cought in the issas loop also. ignore the "it is not recogmended to scan in safe mode" warning. after scanning restart your computer. be sure to restart, not shutdown. let your computer boot-up normally and run your virus and spyware protection again. after doing so restart your computer and boot it normaly. doing this worked for me, so it should for you.

I seem to be having a similar problem. My system file became corrupt, and I, knowing how to repair this, did exactly that. Well, it seemed my whole system32 files were corrupt, so I ran the repair console on everything. After repairing the sam file and the security file, the computer reboots itself and gives the error that updating the password was invalid. So, I tried getting into the recovery console again, but then it asked for the Administator password. (There isn't one). I can't even repair the files, any help on this?? Thanks!

GUYs i got the error too it says

isass.exe system error

it says some nmber and a error

i will say tat to u and i\even if i log on safe mode i am not able to get it

I just got this @(#&$* lsass.exe problem.

My computer will not boot up, period! No matter how many options I try from the F8 screen (safe mode, dos prompt, etc.) it always ends up at the lsass.exe error screen (either lsass.exe has passed a function to another program OR the password file is not as expected; or something similar to those words) and the system reboots.
I can never get to a screen in windows OR to a DOS promt to make any file or registry changes to circumvent this nasty B*^tch!

PLEASE HELP ME!!!!

I have tried to boot from the original WIN XP PRO CD, but when I do recovery mode, it asks for a administrator password but leaving "Blank" or putting in my windows administrator password doesn't work, and it crashes after 3 tries.
I tried to do a system restore/repair mode, but when it is finished and re-boots, it returns to the lsass.exe error!!

I have tried booting from a DOS floppy, but even then the when I trie to access "C" drive, it tells me "invalid drive"!!!

I am at my wits end!

PLEASE can anyone help me?

All I want to do is be able to access the C drive to save my data and then I'll reformat the whole thing....

I normally don't respond to these forums but my heart goes out to you fellas.

The reason the administrator password does not work anymore is because when you restore the files from the repair directory, they already have an administrator password associated with them from the OEM (DELL for instance).

Recovery the registry and system files by using www.ubcd4win.com

The correct way to do Jons Tutorial is this

1. Boot into the recovery console using your Windows XP CD.
2. Type: CHDIR sytem32 and press Enter.
3. Type: CHDIR config and press Enter.
4. Type: Rename Security Security.bak and press Enter.
5. Type: Copy C:\Windows\repair\security and press Enter.
6. Type: Exit and press Enter (this will restart your computer).

If all goes well, your PC should work. If not try this:

Quote from above:
"I had this problem and managed to fix it without a reinstall.
Create the disc at www.ubcd4win.com on a good pc and boot off of it on the bad one. Once in go to Start, Programs, Registry Tools, Registry Restore Wizard. Tell it where Windows is installed (C:\Windows usually). Then pick the date that you want to roll back to. I chose the one closest to todays date and it recovered it fine. Reboot and bingo! It's back. (Well it was for me...!)"

Hope this helps someone!

When I change the memory in my e-machines PC (trying to put 1GB, which memory mfg says is below maximum, I get the lsass.exe error that says "endpoint format is invalid", and it will not continue to boot. When I put the old 256MB memory back, it's OK. Any ideas???

I have read some of your suggestions. I am wondering if you could help me. I can't get my laptop to turn on the right way. I went to boot it up and I got this window that said lsass.exe with a message that read application error must terminate application, click OK. Not knowing, I did just that. Now I can't get the laptop on to fix the problem. How can I fix this problem without spending hundreds of dollars?
Thanks.

Dave the time on my pc changes all whenever I restart my pc the time zone and the date remains OK

Iam yet another victim of the lsass.exe error. I have tried most of the advice that I have read and I still have the problem "Unable to locate component LSASRV.dll" along with the black screen and being locked out of safe mode etc...

One thing I haven't been able to figure out though is how to run the UBCD4WIN program. I downloaded it onto CD but I can't get the CD to start up when booting my computer. Any advice? Safe Mode is not an option, since it won't even boot in safe mode.

You have to run the UBCD4Win program from a working computer and then it will create an ISO to burn to a CD. Stick it in and reboot your PC.

I have a hard drive with this issue. I have other functional computers. Can I put this corrupted hard drive into a working computer as a secondary or slave drive and then clean it up and then put it back into the computer the drive is in now?

I was burning a song on my floppy drive.I started getting an error I/O no disk . The it starting effecting both of my floppy drives. then it starting effecting my a drive. Now when I boot my computor all I get is a black screen saying I/O error no disk. Can't get past this.

I have been battling this system 32 error for over a month at least. I have Formatted and reinstalled XP at least 10 times and now can't even install it anymore. Now am using Windows 2000 and am having problems with that too. My computer reboots and I have seen so many errors and blue screens I just laugh. To whoever lost their disc, hopefully you have your key, that is what you need the most. You can always get a copy of the CD.

is there a default admin password for windows? Coz my admin password was reset when i run recovery console (to recover system32) it did boot up but the LSASS.exe keeps rebooting the pc. and now when i return to recovery console it asks for admin password. Is there a default password for this =(

Hey Dave .. It's A Great Site .. It's WONDERFUL !!!!! Keep Up The Good Job ;)!

I Have A Problem Hope You Can Help Me To Fix It ..

I Have An Ecellent Connection * But * I Can't Enter Facebook !! I Mean It's too slow

It wasn't like this before !! I Can't Even Enter The Homepage !
OTHER WEBSITES ARE GREAT .. BUT I HAVE PROBLEMS ONLY ON www.facebook.com

Please Help Me :( And Thanks A Lot ♥
Best Dave Everr ;)! Haha

Except one or two odd all are out of track.

Problem is window is still in installation process.

Most of the discussion is for installed OS.

Is there any real solution.

I also facing the same problem while try to reinstalled from restore CD of my daughter laptop purchased with the machine in UK. - Toshiba Satellite M50-130 with window XP home.

Laptop purchased around three years back.

AFAQ

Quoted Above: "I had this problem and managed to fix it without a reinstall.
Create the disc at www.ubcd4win.com on a good pc and boot off of it on the bad one. Once in go to Start, Programs, Registry Tools, Registry Restore Wizard. Tell it where Windows is installed (C:\Windows usually). Then pick the date that you want to roll back to. I chose the one closest to todays date and it recovered it fine. Reboot and bingo! It's back. (Well it was for me...!)
Hope this helps someone!"

Thanks Matthew for this nice suggestion, i think i saved my desktop to live for another day... it almost took me 2hours to burn the .iso but i dont know why... it's easy to use... burn .iso ---> boot--> registry restore ---> restart and ur computer is same as before being attacked by lsass.exe

I've had a similar problem of the Lass.exe operation. When i try to log into my computer, my account is there, and i can click on it and access it perfectly fine. When i get into my account, i have my blue screen with my cursor (which can move around freely) but no icons, no start menu, no nothing. I tried opening up task manager, and everything seemed to be okay, except the CPU usage was spiking up and down a lot, and so was my network connection. I tried restarting it, shutting it down, and it still came back to the blue screen. I even tried safe mode, and it froze on a black screen with all of the "safe mode" annotations around the sides. My cursor, however, can still move and i could still access taskmanager. No avail. Please help ASAP, as i have not been able to work on it for the past few days.

This post is pertaining to the "lsass.exe error". The error could be "invalid parameter passed" or suspected infection of "Sasser.Worm ".

The scenario being "The user is stuck in a position where he/she does not have the access to get past the restarting cycle.Effectively not able to do any changes or modifications suggested."

To have checklist(before attempting to troubleshoot)
Access to another computer with internet connectivity with CD burner.
WINXP BOOT CD.
Ultra ISO installed on the computer with access to Internet.
--------------------------------------------------
The process.

Log on to the other computer.

open the the below link in the browser.
http://www.avast.com/eng/avast_bart_cd.html

Request for an evaluation copy by way of email.

If you receive the BART CD link fine.

Else Google for creating a Bart CD which is pretty simple.

"Assumption the user has received BART CD IMAGE file download link"

Download the image file.

Visit the below link and download the Sasser worm removal tool.

http://www.symantec.com/security_response/writeup.jsp?docid=2004-050116-1831-99

Open the image file with ultraiso.

Using the add file option add the sasser worm removal tool.

Burn the image file to a CD.
-------------------------------
Trouble shooting.

Power on the system which has to be repaired.

Get into the bios settings an set the boot priority to "BOOT FROM CD/DVD".

Save the settings.

Restart the system and boot with the BART CD.

Run a full scan of your system using the virus scanner.

This would ensure in eliminating if your system has been compromised by other malwares.

You can skip the above option based on your discretion.

Now run the Worm removal tool on the CD.

This would ensure the removal of sasser worm in the event of your system being infected.

Once the worm removal tool is through with it's scan,restart the system booting from the XP CD

Select the option of full install.
Press F8 to accept the EULA.
The existing installed path would be displayed with options of repair,install and exit.

Select the option of Repair.(Do not select the option of fresh or full install).

You can see the drivers and other files being installed which are relevant to your system.

In the process of the repair there is a fair possibility of you encounter the same error.

Press OK at the error message and the system would restart.

Boot the system with BART CD and use the "Servant Salamander" option.

This would give you full privilege to the files on the system and has user friendly navigation.

Next Browse C:\windows\repair.

Use CTRL and left click mouse to select the following files.

System
default
SAM
Software
Security

Right click the mouse and use the copy option to copy the selected files.

Paste(overwrite) the selected files at
C:\Windows\System32\Config

Restart the system

You would find the windows screen displaying "Applying settings" or something similar.

Subsequent to a restart,Windows installation would resume similar to a normal installation.

Your system would have been restored clean.

If you had run an Anti virus Scan or did a registry clean using the BART CD, you might have to reinstall the audio video drivers (remote chances).

Important:
The first process you need to implement after the restoration is have the latest updates installed from Microsoft website.

This post of mine has been compiled to the relevancy from postings from various forums and quite a bit of Google.

I have tested this on couple of machines and works fine.

This Post has been compiled after testing for the benefit of end users who are not comfortable with
Technical Jargons and machine level workarounds.

the www.ubcd4win.com method worked for me.

thank you!

Hey, like few other people, it just wont start at all, keeps going to this errori. I even put the XP disc in to reinstall and it wont read the cd. I know one of the F keys take you to that 'start in safe mode' thing, is there any prompts to make it read the cd or to get into the system registry or anything??? Not that i would know what to do when i get there but i cant see to get it to do anything beyond that safe mode screen which also takes me the error screen, then just black screen with floating arrow from the mouse...

I have an Acer Aspire One laptop running Windows XP. I cannot log on at all.. It just keeps reloading the system startup screen and then the error... lsass.exe - system error comes up saying my system resources are too low to initialize. Then I click OK and it retarts. It is a big circle. I cannot get onto windows at all even through Safe mode. Can you help..!

I had the same problem with my Acer Aspire One laptop...fresh outta the box, but I fixed it! On the boot screen...there's an option you can use that's hidden. Press ALT + F10 and it will take you to Acer eRecovery Management. There I simply restored it to the factory default. It took about 5-7 minutes to restore it, and after it was done, the computer worked like a charm! Yay! No more merry go round and round and round lsass.exe error!

while installing windows xp in laptop that time am getting lsass.exe error how can i overcome this situvation

So This problem has plagued me for a week or more. I have tried everything on these posts excpet for the auto repair as i didnt want to do that and lose settings. So two things i had read on other posts were.. /3gb switch might have an effect and i was using it. and the System Managed swap file option... I had tried the swap file already and it did not work but i did both of them and after trying everything else it just booted... no problems. Just in case that helps someone else.

tried the UBCD4Win method but this software is a little shady. during install my working comp antivirus sent up a red flag for one of the exe files it tries to copy...it was runhide.exe...i was wondering if it was still safe to use?

I started getting the "lsass.exe. system error" message at start-up after a clean install of Windows XP Pro on a laptop that is 2 years old. I did a repair install with the Windows disc and that worked.

The problem is that once I was able to boot up the laptop I started getting SMART warnings for a HD Failure as well as other stop errors. I came to the conclusion that my HD was going bad and that's what had caused the LSASS error in the first place. I verified this by running a full scan of Malwarebytes as well as Stinger and neither found any infection, which you wouldn't have thought as it was a clean install.

So I bought a new HD and reinstalled XP and the laptop has been running like a brand new PC again. Moral of the story is sometimes what looks like a software issue is really a hardware issue.

Hey, I have the same problem that on starting up the Lsass.exe:System error And I can't try what's suggested as my CD drive is corrupt and I am unable to use it. What would I have to do for either my CD drive to work (as I'm a student and never have any cash) or another option to get rid of the error? Lauren

I would like to thank everyone here, I was working on this problem all day tried alot of your solutions. First thing I did was take the drive out and run it as a slave drive and backed everything up was getting ready to wipe it clean, I also copied the sam and security file from the repair folder to the config folder, had no affect. Once the drive was back in tried Recovery Console pressing "r" didn't work for me had to press F10 I didn't backup the files but w/e I copied the sam, security, default,software and system files from the repair folder to the config folder had a problem with the system one wouldn't copy so I deleted it :/ still wouldn't copy so I copied the system.bak file then tried renaming it didn't work after restart it gave security file missing or corrupt error. I tried copying it again but kept giving error I realize now there wasn't a file to copy and I deleted it without backing it up somehow the problem fix it self or maybe I did something not sure either way restarted a couple times. And the error was gone no more missing file no more lsass.exe error. But instead it would freeze at the xp logo screen not the load one but the screen after that one. By this point I had given up all hope had one more thing to try.

While I was doing all of this I was also burning the UBCD4Win cd finally after it was done took forever. Was my last hope really and it worked :p Was so easy and quick wish I had tried it first. Just did as Matthew Cremore said "Once in go to Start, Programs, Registry Tools, Registry Restore Wizard." Restored to earliest date and it works my wife was very happy to have her pc back. Backed up 7 Dvd's worth of data for nothing :) Oh well

Again thx everyone and Matthew Cremore for your post about www.ubcd4win.com

I had the same problem as most of the above.
Even after a normal shutdown I have to wait 5-10mins to boot it back to windows, or else the lsass.exe error window will appear for less than 1 second then my system will shutdown.
Sometimes when I'm in windows, I'm running several processes and games and it will shutdown on itselfs instantanously, giving me no time to react and cancel it's shutdown.
I can't get to safe mode too it crashes once it finishing booting it's processes.
I guess the only way to resolve it is to reinstall windows.

From my above post I would like to continue about my machine.
I just got back my ThinkPad T61 from the service centre yesterday and today I got the error, before my laptop broke down there wasn't this error.
I was having distorted display and the engineer said that the motherboard was encountering problems so he changed the whole motherboard in my laptop and was running fine when I was inspecting it at the collection point.
The problem arised when I reached home.

I had a problem wit hXP similar to the one described above - lsass.exe / administrator password / looping boot cycle.

Eventualy did what Matthew Cremore suggested:

"I had this problem and managed to fix it without a reinstall.
Create the disc at www.ubcd4win.com on a good pc and boot off of it on the bad one. Once in go to Start, Programs, Registry Tools, Registry Restore Wizard. Tell it where Windows is installed (C:\Windows usually). Then pick the date that you want to roll back to. I chose the one closest to todays date and it recovered it fine. Reboot and bingo! It's back. (Well it was for me...!)
Hope this helps someone!"

Worked a treat.

Comments - You really need to read instructions for setting up the boot disk; can be time consuming, but saves all the aggro of a clean install.

This has been by far the most helpful site I have found regarding this problem. I am making the assumption that the issue I have is indeed one and the same (if not it is very close), but I do have a variation.

Even when I boot using UBCD4Win and go to load the OS it still shuts down on me. I do not get a chance to use any of the recovery methods mentioned above. About the only thing I have access to is the offline registry editor.

I have been off the air for 2 days now and am frustrated as hell. Hopefully there are more words of wisdom out there.

I've also had similar problem yesterday evening to my Dell AMD64 X2 PC.
Try the copy files from /system32/config from other PC that have same spec/model but got "dumping physical memory to disk"..
after restart same result..

I have windows 2000 server that giving me the same problem. NO VIRUS on it. Full scan from 3 different types of applications from UBCD and Hiren 9.9

At boot up...waiting for the login/pass and i get this box saying it will reboot because of the LSASS.exe error code 128.

I tried to boot up from ERD commander 2005 no problem and I tried this method of going the repair folder. I dont have that system32/repair folder at all. Do have the config folder but that it.

Is there any other way to fix this damn thing?

Okay, I made a major mistake. Today I connected an old HD as a slave to my computer so I can take the files off the HD. My master has a virus that won't allow me to access anti virus sties to get rid of it. I tried a system restore but upon restarting I got the message 'lsass.exe - System Error

An I/O operation initiated by the Registry failed unrecoverably. The Registry could not read in, or write out, or flush, one of the files that contain the system's image of the Registry.'

I couldn't get past this message, it kept rebooting so I tried to take the drive out. I managed to boot succesfully.

This was my mistake. i then followed Jon Morris' advice, BUT WITH THE FAULTY HD REMOVED. Now whenever I boot the Master HD and try to log on, it says I need to register my windows with Microsoft. Anyone know what the hell I've done and how I can fix it? Please help. Thanks.

Oh, and the computer is running Windows XP SP2. I have no disk, i created a boto disk to access to recovery console. And the slave HD used to be the Mater HD on a different computer also runign XP SP2 so it has the os loaded onto it.

Take a complete registry backup using ERUNT

http://www.winxptutor.com/regback.htm

All of the advice given above is good except for one point...with my daughter's computer we can't get beyond the error screen. We have tried to reinstall windows from the OEM cd's but it's as if they will not even read. Just wondering if this would change by disconnecting the internet...that is a stretch I'm sure...but hey...

What a great site. I hope you'll be able to help me.
All of a sudden I began to get a memory exception (memory cannot be read) at startup on LSASS.EXE. It gives me the choice to accept and the bootup continues, and after several warning popups, everything is normal. Then while trying to run other programs (Photoshop or Dreamweaver) I get similar warning memory exception messages, which I ignore, although it takes 2 or 3 tries to get them to run properly.
I have Windows XP SP3 and I have checked for viruses and spyware with no results. The system restore option is disabled in this system so I cannot go back to a previous working status..
Any ideas? Thanks in advance

After reading dozens of solutions on various sites, I ended up here. I also suffered lsass.exe error because I stupidly installed a malware scanner (spyware doctor from pctools, do not ever install this!) that screwed up my system. Did all the things mentioned here at the top, copied the security, as well as the software files, but that only make things worse.

But many many thanks to Matthews solution using ubcd4win. Indeed it was a simple matter of a corrupt registry, going back to a previous one solved the error.

As a note to all the readers, never ever copy a systemfile over another, without making a backup of it first (as is suggested a few entries before). Luckily I could backout to the normal version of security and software, otherwise I probably would not be writing this with a smile upon my face. :D

I tried Matthew Cremore's advice on retripping the registry and rolling back and it worked.

They need to make a national saints day Saint Cremore!!!

Thank you.

Oh and I used hiren's boot CD V10

care with this virus.......my pc have this virus...after that, i decide to reformat my pc and backup my data using pendrive..after reformat,the virus when back to the pc again.....omg!!!

This is so far the best solution I have found, it had my PC up and running within minutes.

Scroll down to the bottom of the page and see the solution provided by adambeazley

http://www.freeimagebrowser.com/archive/t-5073.html

If you r running CELERON D....

1)Goto da bios
2)Goto H/Q Monitor
3)Disable... all fan setups
4)Disable CPU shutdown temperature

U wont get lsass problem den.. high temperature often causes dis error

I had same lsass.exe error on a client's sbs 2003 box tried all the rescue repair disk - nothing solved it. Copied System32 files and replaced them - did not solved my problem. Until i used chris & elliot's tip - it solved my problem - after 3 days of headache. Recommend to anybody who has encountered lsass.exe system error causing server to continuosly reboot.

- Boot with your Windows system CD
- Go into the repair console
- Now change directory to the C:\windows\system32\config (cd blah blah)
- type: rename security security.bak
- enter
- type: copy c:\windows\repair\security .
- enter
- type: exit
- enter
- or reset the computer manually

thanks again chris & elliot.

Hedam. L 17-12-09

ubcd4win solution is o.k. I have it ready to go but the only registry backup is from a year ago. A year to the day as a matter of fact. I don't want to lose all of the added changes from the entire year.

Has anyone found the actual registry key problem so that we could use ubcd4win to edit the registry instead of just wiping it wholesale with a previous version?

i want to use the fixes listed but i cant get past renaming the security file how do i get past that it says the files in use cant rename what do i do help please im a student who need his comp to run smoothly thank you all!!!!

is there any way to fix this with out restarting the
computer im afraid that if i restart the comp will have the same problems as before and it took hours of restarting before it randomly booted up and all the solutions ive seen involved running programs at the system boot i can rename the security files because its in use please help thank you

Thanks a LOT Matthew Cremore !!