Register

Forgot Password

Site FAQ

Home > IT Answers > Security > how to get rid of lsass.exe

Mizzmarxy

5 pts.

how to get rid of lsass.exe

Antivirus, isass.exe

I have a dell laptop inspiron 1501 that is just a little over a year old. when we turn it on it loads the windows screen and goes directly to a blue/gray screen that says lsass.exe. Cannot go any further...can i repair this some way by logging on in safe mode? Please help..have been without my computer for about 2 months now.

Software/Hardware used:

ASKED: April 2, 2008 2:25 PM

UPDATED: February 2, 2011 8:27 PM

RELATED QUESTIONS

Answer Wiki:

Download the latest engine and signature updates for your anti-virus program from another computer so that you have them in case you cannot access the Internet from the infected computer. Then boot into safe mode on the infected computer, update the anti-virus software and perform a full scan. This should remove the infection if it is a computer virus. If it is another form of malware then you will need to employ other tactics (see below). Spybot Search & Destroy <a href="http://www.download.com/3000-8022-10122137.html?tag=pao">http://www.download.com/3000-8022-10122137.html?tag=pao</a> Ad-Aware SE Personal Edition <a href="http://www.download.com/Ad-Aware-SE-Personal-Edition/3000-8022_4-10045910.html?tag=pao">http://www.download.com/Ad-Aware-SE-Personal-Edition/3000-8022_4-10045910.html?tag=pao</a> Microsoft Windows Defender <a href="http://www.microsoft.com/athome/security/spyware/software/default.mspx">http://www.microsoft.com/athome/security/spyware/software/default.mspx</a> Microsoft Windows Malicious Software Removal Tool <a href="http://www.microsoft.com/downloads/details.aspx?FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356&displaylang=en">http://www.microsoft.com/downloads/details.aspx?FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356&displaylang=en</a> Microsoft Windows Update <a href="http://www.microsoft.com/downloads/details.aspx?FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356&displaylang=en">http://www.microsoft.com/downloads/details.aspx?FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356&displaylang=en</a> Microsoft Windows XP - Start the Computer In Safe Mode <a href="http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/boot_failsafe.mspx">http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/boot_failsafe.mspx</a> Free online anti-virus and malware scans: Panda Software <a href="http://www.pandasecurity.com/usa/homeusers/solutions/activescan/default.htm?track=80383">http://www.pandasecurity.com/usa/homeusers/solutions/activescan/default.htm?track=80383</a>Symantec Security Check <a href="http://security.symantec.com/sscv6/home.asp?langid=ie&venid=sym&plfid=23&pkj=INBEMUYTACDCOYWOBWY">http://security.symantec.com/sscv6/home.asp?langid=ie&venid=sym&plfid=23&pkj=INBEMUYTACDCOYWOBWY</a> Microsoft Live OneCare http://www.microsoft.com/protect/products/computer/safetyscanner.mspx General computer security recommendations from Microsoft: <a href="http://www.microsoft.com/protect/computer/default.mspx">http://www.microsoft.com/protect/computer/default.mspx</a>

Spybot Search & Destroy
<a href="http://www.download.com/3000-8022-10122137.html?tag=pao">http://www.download.com/3000-8022-10122137.html?tag=pao</a>
Ad-Aware SE Personal Edition
<a href="http://www.download.com/Ad-Aware-SE-Personal-Edition/3000-8022_4-10045910.html?tag=pao">http://www.download.com/Ad-Aware-SE-Personal-Edition/3000-8022_4-10045910.html?tag=pao</a>
Microsoft Windows Defender
<a href="http://www.microsoft.com/athome/security/spyware/software/default.mspx">http://www.microsoft.com/athome/security/spyware/software/default.mspx</a>
Microsoft Windows Malicious Software Removal Tool
<a href="http://www.microsoft.com/downloads/details.aspx?FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356&displaylang=en">http://www.microsoft.com/downloads/details.aspx?FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356&displaylang=en</a>
Microsoft Windows Update
<a href="http://www.microsoft.com/downloads/details.aspx?FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356&displaylang=en">http://www.microsoft.com/downloads/details.aspx?FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356&displaylang=en</a>
Microsoft Windows XP - Start the Computer In Safe Mode
<a href="http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/boot_failsafe.mspx">http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/boot_failsafe.mspx</a>
Free online anti-virus and malware scans:
Panda Software <a href="http://www.pandasecurity.com/usa/homeusers/solutions/activescan/default.htm?track=80383">http://www.pandasecurity.com/usa/homeusers/solutions/activescan/default.htm?track=80383</a>Symantec Security Check <a href="http://security.symantec.com/sscv6/home.asp?langid=ie&venid=sym&plfid=23&pkj=INBEMUYTACDCOYWOBWY">http://security.symantec.com/sscv6/home.asp?langid=ie&venid=sym&plfid=23&pkj=INBEMUYTACDCOYWOBWY</a>
Microsoft Live OneCare http://www.microsoft.com/protect/products/computer/safetyscanner.mspx
General computer security recommendations from Microsoft:
<a href="http://www.microsoft.com/protect/computer/default.mspx">http://www.microsoft.com/protect/computer/default.mspx</a>

Last Wiki Answer Submitted: April 19, 2008 3:59 am by Wrobinson

5,610 pts.

All Answer Wiki Contributors: Wrobinson

5,610 pts.

To see all answers submitted to the Answer Wiki: View Answer History.

RSS - Discussions Help

Discuss This Question:

_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

POSTED: Apr 21, 2008 2:19 PM (GMT)

Just a note: lsass.exe is a windows process (Local Security Service). Apparently, your has been corrupted or infected in some way. Follow the steps above and you SHOULD be able to fix the issue: if not, you will need to boot from a parallel installation (another hard drive with Windows installed, or a PE disk like Bart PE or UBCD4Win) and run a virus scan and any other necessary remediation steps from the parallel install.

FYI, one well known virus which might cause issues with lsass.exe is “W32.sasser.worm” – the sasser virus

Pressler2904

2,175 pts.

POSTED: Feb 2, 2011 8:27 PM (GMT)

how would booting from a parellel system help…

It wouldn’t help. But that’s not what was suggested. The suggestion was to boot from a “parallel installation”, not a “parellel system”.

The parallel install would be on the same system but on a different disk. The different disk should probably be a CD, but you might be able to install a second hard drive that you could boot from. You’d use the clean booted operating system to run processes that cleaned the original hard drive (which you’d temporarily have as a second drive).

Tom

TomLiotta

108,310 pts.

Ask a Question

Browse IT Answers by Topic

>>VIEW ALL TAGS

Community Blog | About Us | Contact Us | FAQ | Terms of Use | DMCA Policy

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organization's IT projects - with its network of technology-specific Web sites, events and magazines.
All Rights Reserved, Copyright 1999-2013, TechTarget | Read our Privacy Policy
Questions and Answers Index 1 | Questions and Answers Index 2 | IT Topics Index 1 | IT Topics Index 2 | Blogs Index | Blogs Tags