I am using XP Home and twice in the past month, after having reason to reboot my PC, I have received a window entitled “LSASS.EXE – System error”, with “The Endpoint Format is Invalid” text in the window. The mouse pointer is visible but does not move and the PC has hung. This happens after the XP window showing the green bar moving from left to right disappears and is at the point when the users that can be logged on are shown. I have noticed that during boot up my Microsoft Optical USB mouse is illuminated but as soon as the XP window with the green bar appears the light goes out, as if power to the mouse has gone. Also, my USB Alcatel Speedtouch ADSL modem does not power up properly, I get a flashing red light on the left hand light on the modem. I can only press the reset switch to reboot the PC. I have gone into safe mode, where the mouse worked but not the modem. Suspecting that it may be USB related, I removed all my USB devices, scanner, printer, modem, mouse and game pad and reinserted them. The PC then booted up OK.
LSASS.EXE is present under C:\WINDOWS\system32 but I cannot determine what it does. I have searched the web but cannot find any reference to this problem. I can find LSASS.EXE listed many times under Google, but the links don’t provide any help. Any ideas?
Thanks for the responses. I think the USB idea is a red herring, as it did the same thing again after I rebooted after installing new printer drivers, but the USB fix didn't make any difference. After spending most of the afternoon trying various things, I reinstalled XP using the repair option and I was able to get into Windows, albeit with a ton of write delay errors. After cancelling these messages and rebooting several times, I am now back to my original configuration. On each reboot the PC ran chkdsk and found a lot of errors, wrong file sizes, orphaned files etc. I have set a new restore point, but the previous ones did not help me. Woodchip, I have a 300w PSU and run a Radeon 9500 Pro graphics card, 5 USB devices, PCI TV Card, SoundBlaster 4.1 Digital Sound Card and a P4 2.53GHz and it runs on an Asus P4PE mobo, all self-built. THE PSU has the additional power connector for P4 CPU's. Is 300w enough?
Also, and this may be another topic, how do you use the Recovery Console? I was able to get into it, but couldn't see how it could help me, apart from displaying DOS commands.
It sounds a bit small for that lot, If you can remove some hardware that?s not too important and see if it runs any better if it does that prob your answer
Woodchip, I will remove the TV card and see what happens. The problem has only arisen on a reboot, never on start up or whilst the PC is running. I will report back with any news.
I reformatted my hard drive at the end of May and everything was fine until last night. I booted up from cold and got the same message again. It is actually “Isass.exe”, not “Lsass.exe”. So I don’t know if that is a capital “I – pronounced “eye”” or a small “l – pronounced “ell”! I can get into XP in Safe Mode, did a System Restore from a point made a few days ago, but it made no difference. I am sure that it is not a virus, as I scanned the PC, ran Stinger, all the Windows Updates are installed and the firewall is always on. I understand that “Lsass.exe may indicate the Sasser Worm, but not “isass.exe”. There are many references to this on the net, but no solutions. I can reformat my hard drive again, but this seems a bit drastic. Any ideas?
In the Recovery Console you should press R to repair XP
In the Recovery Console you should press R to repair XP. I still think you have a PSU power problem
Virus and spyware writers are getting more cunning. They are now disguising their viruses to look or sound like Windows system files.
Isass.exe lsass.exe The first starts with the letter capital i (I) and second starts with the letter lowercase l (L). The one starting with i (isass.exe) is a virus/Trojan but Windows users may easily mistake it for the very important security process, lsass.exe (starts with a lowercase L, as in lucky).
Process File: lsass or lsass.exe
Process Name: Local Security Authority Service
Description: Windows Local Security Authority Server Process handles Windows security mechanisms. It verifies the validity of user logons to your computer or server. Technically, the software generates the process that is responsible for authenticating users for the Winlogon service
WinTasks Process Library
isass - isass.exe - Process Information
Process File: isass or isass.exe
Process Name: isass
Description: Virus added to the system as a result of variant of the OPTIX PRO TROJAN that opens TCP port 3410 and allows a hacker to control an infected computer
Bitdefender click here
Type sfc /scannow (note space between c and /)
into run box click ok - windows will scan and replace corrupt system files (may require windows disk in CD drive)
Thanks for all the responses. I'm going home now to spend a, hopefully, fruitful few hours sorting this out.
This thread is now locked and can not be replied to.