I'm working on a client's machine. The original symptom was that Windows hang at the splash screen. I ran some external scans (Norton, MalwareBytes and SuperAntiSpyware) and found a couple trojans. Removed them but had the same results.
I ran a repair install and now it boots, but I get a lsass.exe error. It says "When trying to update a password this return status indicates that the value provided as the current password is incorrect". I went to the recovery console to repair the security file, but it asks for the administrator password. Tried a blank password and that didn’t work. So I ran my password removal tool, but a blank password still does not work.
An interesting thing about the results with my password removal tool: The user's account name didn't show up as one of the accounts. Ordinarily it shows all the account names.
Because it’s a lsass error, I re-scanned using MalwareBytes, but it came up clean.
I’m currently running a virus scan but if I can get some insight while that’s running, I’d appreciate it.