lsass.exe is the file which supports IPSec (IP security feature). It
authenticates, and encrypts all traffic in and out of your TCP/IP- based
network. It is the "policy Agent" service. It is part of XP Pro. That's
about all I know about it.
"sluggo" wrote:
> Thanks Etowahgirl - did your error message mention lsass.exe? If not, then I
> think we're talking about a different situation. You're able to boot the OS
> and do file operations, my machine is halting during the boot process.
>
> What disturbs me is that I never had any problems with this machine until I
> loaded SP2 onto it. This indicates that the problem may have something to do
> with changes introduced by SP2.
>
> What does lsass.exe do and what about it's operation has changed with the
> advent of SP2? I'm hesitant to reload the OS and then update to SP2 again
> unless I'm sure I won't just see this problem again.
>
> "Etowahgirl" wrote:
>
> > I received the same message ..file too large, etc. after installing SP2.
> > Never had it before and the file was one picture so I don't think it was too
> > large at all. I closed out the capture program and re-scanned the pix and
> > that time it took the pix with no problem. I know this doesn't fix anything,
> > but at least you know it's probably not a worm, just a glitch.
> >
> > "sluggo" wrote:
> >
> > > I have two machines running XP home edition. I updated one to SP2 about a
> > > month ago, saw that everything seemed okay, and so used the same file to
> > > update the second machine. On the first reboot after installing SP2 on the
> > > second machine, I got an error message right after the XP splash screen, but
> > > before the user login screen. The error message was:
> > >
> > > "lsass.exe - The data was too large to fit into the specified buffer"
> > >
> > > Clicking "OK" on this error window initiates a cold boot, so I'm stuck in a
> > > loop.
> > >
> > > Booting to Safe Mode makes no difference. The same error message appears at
> > > the same time.
> > >
> > > Although this looks like a Sasser attack, I don't see how it could be. I've
> > > been behind a hardware firewall for several years, with no virus or worm
> > > problems. I patch at least once a month, and the Sasser patch is over 5
> > > months old. I run Symantec virus protection, and their latest tool to
> > > specifically remove Sasser code shows no virus on the disk (I moved the hard
> > > drive to the "clean" machine for scanning). Finally, the error symptoms and
> > > message are not common to any of the Sasser attacks I've read about.
> > >
> > > I'd prefer not to reformat the drive. Any tips from the pros on this one?
|
Similar Threads
Linear Mode
