Windows

Check for the sasser virus. Check MS website, they have detector/remover tool, as do most AV sites.

Check registry keys in the run box like these

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\Run "avserve3.exe" = C:\WINDOWS\avserve3.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\Run "avserve.exe" = C:\WINDOWS\avserve.exe

You could also try to find and delete/rename these files. Search the whole HDD.

Make sure to check C:\_Restore folder.

To remove this virus "by hand", follow these steps:

Here is what McAfee had to say(for one of the variants) :

Reboot the system into Safe Mode (hit the F8 key as soon as the Starting Windows text is displayed, choose Safe Mode.
Delete the file AVSERVE.EXE from your WINDOWS directory (typically c:\windows or c:\winnt)
Edit the registry
Delete the "avserve" value from
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Run
Reboot the system into Default Mode

Good Luck

to perform registry edits, you need to run regedit from start/run box. Standard reference to changing registry keys here. (Please be careful.)

To boot into safe mode to remove Sasser, log on with the administrator account, not your account.
It sounds like Sasser, or variant. If you do not know the Admin password, try unplugging your sytem from any network (remove network cable), and then log in (system will use Cached info). Do not close the lsass error box. I have been able to clean a system using this method, with few reboots. Have handy a cd or flash drive with the Sasser fix (copy it from another system). and quickly run it. It may be able to run completely, if not, try on another reboot. After it runs and reboots, do a manual clean, or if you cannot use the tool, do the manual clean (listed above). reboot, and check 1 more time.

It is best to have the Microsoft patch ready as well, on cd. Install it, reboot, and then try the network again.

Both of the above will work, but with XP remember to disable the System Restore feature first before booting in Safe Mode.

Have you tried booting to the XP CD or if you think you have a virus and have access to another computer you should make an emergency anti virus disk and then use it to boot your computer and run a full system scan. If you don't have access to another computer then boot to the XP CD and do a repair or you might possibly have to reinstall XP over top of itself. These are just a couple of things to try. Good Luck

The first reaction by many to anything associated with lsass.exe is the Sasser worm. However, your symptoms do not appear to be caused by any of the Sasser variations that I have seen. Could be another virus though.

Are you attempting to log onto a Windows 2000/2003 domain? Are any error codes displayed?

Try replacing lsass.exe from recovery console. There have been instances of a corrupt lsass.exe file causing problems.

Good luck.

Dalton