THis Log you submitted is identical to the log of a botnet an long time botherder, spammer, malware identity thief perp has been installing on people's machines. Your computer is no longer a stand alone computer, but a workstation. You are in a botnet, also called zombie net.

The Operating System: 5.1:2600 is the version of Microsoft's Network. That is what is running your system, not your operating system. WHen you get on the web, you are being channeled through his server. The process lsasse.exe is a virus, known by several names, one of them "Futro" -- an identity theft virus. He incorporates MSN messenger chat, most likely for a logging feature. In this system are programs that capture bank account, credit card, Social and other identity numbers, plus to feed back passwords to every program you use. ALSO a keylogger is usually installed which captures every stroke you type.

Some who have been in his botnet have found their machines being accessed in the middle of the night -- most likely to send out spam and hard core porn which is on this site, hacking into other people"s computers.

The IP address he uses 127.0.0.1 is one reserved for a loopback within one's own machine. However....a rogue IP going under the name "secure13.apollohosting.com -- and "bitlogic". The person who set up that rogue server has now 440 sub hosts under it. It is in Chicago, Illinois and if you run that name, "bitlogic" or "secure13.apollohosting.com" you will find the name and address of the company's officer; one Arius Kaufman residing in MacClean, VA.

The botherder suspect goes by the name Barney Keith. He resides in Williamsburg, VA and is probably packing to leave the country since numerous complaints have been filed against him with the IC3 (FBI) for his botnet. He has made statements that he is heading to the UK, Stockholm. But for sure, he's packing up to leave Virginia.

The reason I know this is that I, too, am one of his victims. But I found and read the program, plus the DNS-1 log that shows the installation of his network, line by line -- with the instructions to override my operating system. Your config.sys and autoexec.bat files should = "0". The file running your computer, instead, is "config.NT" NT, of course, stands for network. And have talked with other victims.

It is imperative that you file a complaint with the IC3 at IC3.org. This is the joint commission of the FBI and White Collar Crime Center which screens the complaints and then forwards to the appropriate authorities, state/local, FBI or Interpol.

This man has worked a social networking site of Various, Inc., with full access to all its 20 million claimed members' files -- credit card numbers, names, personal profiles, email addresses -- for five (5) years. So this botnet is spread, literally, all over the world

If the FBI doesn't pick him up before he gets on a plane [and he IS packing now], then Interpol or another country will.

But prudence mandates you file a complaint with the IC3, then take the steps with credit bureau, bank accounts, credit cards that you need to to keep not just your identity, but your assets safe.

Barney Keith uses the handle in the AdultFriendfinder site of "2Jessie". That stands in brief for his full handle, "2JessieJames" -- his email address on gmail. The Second Jessie James, bank robber.

Good luck to you and I hope you follow up taking the steps you need to. The only way to clean since you don't have his password is to image your drive [save the evidence] -- then have a tech do a destructive wipe and reformat. Probably with a magnet.

You gave good advice. However, the essential parts of this program cannot be cleaned nor deleted.

The owner no longer has administrator privileges, so the malware remains. The process are hardwritten in. It is written so that one cannot download or update from many of the spyare sites, either.

Her only solution is a hard wipe of her drive.

Yes, wipe the drive + reinstall

btw is wrong. NT = New Technology e.g Windows NT as opposed to windows "old technology" (DOS)

Ah, jb, i was a babe in the woods back then, still am, check my signature... I would now min suggest a panda scan which would have thrown it up, or Kaspersky... but was put off by the hijackthis report showing file missing....
One day, when I know it all, everything there is to know, I'll light a lil candle and have a quiet celebration...