Recommended Tests

Try these 2 links. They are safe and really work great. I have trusted both for over a year and I have no idea how to read hijack this logs. Both sites do the for you.  Never crashed my xp once.   http://www.hijackthis.de/  or  http://www.help2go.com/modules.php?name=HJTDetective 

69 rat &cak46 I put in this link http://www.enigmasoftwaregroup.com/affiliate/link.php?ref=42&productid=4
I tried it  & it was a DL for Spy Hunter version 2.0.1086 the  site said it would get rid of the
Lsass.exe.I  ran it on my OS but I do not have the Lsass.exe  virus   so I can't say it will remove it .It looked like just another anti spyware program to me.
One thing  I found said don't delete Lsass.exe  from the system 32 folder

cak46 I didn't think it was on my ME but since I had DL a new anti spyware program I ran it anyway.It didn't find anything so I guess spybot & adaware are taking care of spyware alright for my os. Because some members were saying how good Kaspersky is I went to their site.The have a beta web search scan(this is not the same thing as their onlie scan for a single file) anyway it scans your pc for viruses like you had the Kaspersky program it just does it online.I ran it twice & it found zero viruses  so I guess my AVG is finding everything.

cak46 I haven't had the chance to look around in a xp registry but I never found anything like that in 98 or ME.I had a trojan that got in with a DL  called Zipitfast an unzipping program.
I did some research & found that stinger would get rid of it in safe mode.Thats when I got stinger & it worked.I don't remember the name of the trojan now .

You guys should check this page out: http://www.answersthatwork.com/

Click "Task List", click the "L" and then scroll down to "lsass".

Not saying it will fix anything, just saying it should be read first.

Hey guys. Ya answersthatwork.com is the program that I was talking about. I have it and it is VERY helpful with MANY different things. It's called TUT ( The Ultimate Troubleshooter) I was also VERY suspicious about my entry that had all those dlls tagged on the end. Highjack This says that generally Trojan types use this  for their dll initiation. I will copy and paste onto my mail to MS today.My first info from MS today was to try 3 different things. Enable Windows Firewall, Check for updates with McAfee and clear my restore points I have run a full system scan in safe mode, I have the latest updates for my firewall and anti-virus and clearing the restore points didn't do anything, so for now I will at least send them the dll info cause I think there is something going on there that could help all of us understand this lsass.exe thing a little better The irony is that this file MUST stay intact for us to use. I ran a search for lsass.exe and came up with 4 files. Two are with SPack and one is for downloading purposes and of course the main one,,,,,,,,,,,,,,,stay tuned

Agreed.  You can disable the funky registry entry in msconfig without deleting it.  It would be a good idea to backup your registry first if you decide to do this..

  Well-update, maybe. I told Microsoft yesterday that I had run an HT scan and that it had a suspicious multiple dll listing in the log. Well, they wrote me back and said to go ahead and download HT and run a scan/log and send it to them   Ah, HELLO, Microsoft, how did I run the scan if I didn't have HT in the first place>??? After I got done laughing I went ahead and sent them the same thing that I posted here in this forum. Sometimes I think that I am a day ahead of them ;) ;) ;)