What are these ?

[Guest]

To start...everytime I run my AVG system scan (Updated) the results shows
File-"ntoskrnl.exe" Result/Infection- " change".
Also... I have through "SearchF&F"- two Lsass.exe. One is
"Lsass.exe/System32". The other is "Lsass.exe/System32dllcache".
Also in a recent "SearchF&F" of Lsass there was "LSASS.EXE-28237D89.pf"
(Whatever a pf file is)
I opened it in Notepad and it was half encripted. The last half was readable.
It was...in part...
"A R D D I S K V O L U M E 8 \ W I N D O W S \ S Y S T E M 3 2 \ S O R T T
B L S . N L S \ D E V I C E \ H A R D D I S K V O L U M E 8 \ W I N D O W S
\ S Y S T E M 3 2 \ A D V A P I 3 2 . D L L \ D E V I C E \ H A R D D I S K
V O L U M E 8 \ W I N D O W S \ S Y S T E M 3 2 \ R P C R T 4 . D L L \ D E
V I C E \ H A R D D I S K V O L U M E 8 \ W I N D O W S \ S Y S T E M 3 2 \ L
S ".....etc.
I moved this to a folder on a back drive. It does not show up in any
Searches on my OS drive,anymore, and has had no efect in restarting the PC
haveing it removed.
Any Ideas?

 

[Guest]

Sorry...also...
Is there such a thing as "IE Repair Tool" in XP like there was in 98SE?
I am running IE6sp2.
I tried IE7,before, and did not like it.

 

[Guest]

To start...everytime I run my AVG system scan (Updated) the results shows
File-"ntoskrnl.exe" Result/Infection- " change".
Also... I have through "SearchF&F"- two Lsass.exe. One is
"Lsass.exe/System32". The other is "Lsass.exe/System32dllcache".
Also in a recent "SearchF&F" of Lsass there was "LSASS.EXE-28237D89.pf"
(Whatever a pf file is)
I opened it in Notepad and it was half encripted. The last half was readable.
It was...in part...
"A R D D I S K V O L U M E 8 \ W I N D O W S \ S Y S T E M 3 2 \ S O R T T
B L S . N L S \ D E V I C E \ H A R D D I S K V O L U M E 8 \ W I N D O W S
\ S Y S T E M 3 2 \ A D V A P I 3 2 . D L L \ D E V I C E \ H A R D D I S K
V O L U M E 8 \ W I N D O W S \ S Y S T E M 3 2 \ R P C R T 4 . D L L \ D E
V I C E \ H A R D D I S K V O L U M E 8 \ W I N D O W S \ S Y S T E M 3 2 \ L
S ".....etc.
I moved this to a folder on a back drive. It does not show up in any
Searches on my OS drive,anymore, and has had no efect in restarting the PC
haveing it removed.
Any Ideas?

Hi Poatt,
Here are the location of the LSA:
Isass.exe :
C:\windows\System32
C:\Windows\ServicePackFiles\i386
C:\Windows\SoftwareDistribution\SelfUpdate\2ey435y455y5hnss
Other than these I don't have anywhere on the machine.
Try a scan from another vendor to make sure all clear.
HTH.
nass

 

[Guest]

Sorry forget:
PF for Prefetch Files:
http://support.microsoft.com/kb/915163

 

[Gordon]

Sorry...also...
Is there such a thing as "IE Repair Tool" in XP like there was in 98SE?
I am running IE6sp2.
I tried IE7,before, and did not like it.

Who are you talking to and about what?

Please QUOTE the post you are replying to and don't change the subject
line.....


http://www.netmeister.org/news/learn2quote.html

Thank you.

 

[PA Bear]

AVG Free Support Forum
http://forum.grisoft.cz/freeforum/

 

[PA Bear]

No.

 

[mae]

I don't know why you want to mess with your system files.
I have these locations:
Name : lsass.exe
In Folder : C:\WINDOWS\$NtServicePackUninstall$
Size : 12 KB
Type : Application
Date Modified : 08/29/02 05:41
Date Created : 09/01/04 16:16


Name : lsass.exe
In Folder : C:\WINDOWS\ServicePackFiles\i386
Size : 13 KB
Type : Application
Date Modified : 08/04/04 02:56
Date Created : 08/29/03 19:39

Name : lsass.exe
In Folder : C:\WINDOWS\system32
Size : 13 KB
Type : Application
Date Modified : 08/04/04 02:56
Date Created : 08/18/01 07:00

Name : lsass.exe
In Folder : C:\WINDOWS\system32\dllcache
Size : 13 KB
Type : Application
Date Modified : 08/04/04 02:56
Date Created : 08/18/01 07:00

--
mae

| To start...everytime I run my AVG system scan (Updated) the results shows
| File-"ntoskrnl.exe" Result/Infection- " change".
| Also... I have through "SearchF&F"- two Lsass.exe. One is
| "Lsass.exe/System32". The other is "Lsass.exe/System32dllcache".
| Also in a recent "SearchF&F" of Lsass there was "LSASS.EXE-28237D89.pf"
| (Whatever a pf file is)
| I opened it in Notepad and it was half encripted. The last half was
readable.
| It was...in part...
| "A R D D I S K V O L U M E 8 \ W I N D O W S \ S Y S T E M 3 2 \ S O R T T
| B L S . N L S \ D E V I C E \ H A R D D I S K V O L U M E 8 \ W I N D O W
S
| \ S Y S T E M 3 2 \ A D V A P I 3 2 . D L L \ D E V I C E \ H A R D D I S
K
| V O L U M E 8 \ W I N D O W S \ S Y S T E M 3 2 \ R P C R T 4 . D L L \ D
E
| V I C E \ H A R D D I S K V O L U M E 8 \ W I N D O W S \ S Y S T E M 3 2 \
L
| S ".....etc.
| I moved this to a folder on a back drive. It does not show up in any
| Searches on my OS drive,anymore, and has had no efect in restarting the PC
| haveing it removed.
| Any Ideas?

 

[Davy]

The first thing to do is to back up any important files - just incase,
dya agree?

There should be some help here for you here-:
http://support.microsoft.com/kb/318378 and also
http://www.theeldergeek.com/repair_ie6.htm

You can stop IE7 from auto download downloading here-:
http://www.microsoft.com/downloads/...F7-5D44-482B-9DBD-869B4A90159C&displaylang=en

Download the tool, click merge and no IE7 auto download, I must admit
I don't like it either, no fancy bright looking stuff here, just
something that work's and easy to use to get the job done..!

Davy