Lsass.exe

[cak46]

:haha: LOL :!: I drink cheap. Hamms is all I drink $12.65 a case But it works just as well. I could ship some to you but it would probably explode before it got there :haha: Some time ago I had two drives and decided I only wanted one. My main drive was 40Gb's and my second one was 80Gb's. Soooooooo, I moved everything from my 80 to my 40 and then cloned the 40 to the 80. That's simple enough but now I just can't quite remember how I got the duplicate stuff. I'll have to work on that for a while. All I remeber is that somewhere along the line I combined these things but I'll be damned if I can how,,,,,,,,,,,,,,,,,,,,,,,,,,I'll think of it,,,,,,,,,,,,,,, :roll:

Cheap is good...Ever heard of Red, White and Blue Beer?  Very cheap brew. 

Not sure how you got the duplicates either, as long as you didn't copy the primary partition (C:) to the other drive. 

Never heard of Hamms brew.  Could be an interesting endeavor.  Will check out the local markets for it.

I'd better log out, before I pass out................. :haha:  Will be back on tomorrow!  May want to consider updating the drivers for each of your hardware components.  This action might overwrite the  bad driver.... just a thought

Good evening, sir... :icon_salut:

     

[rikkkki]

Hamms maybe a mid to west beer. It has been around for a long time. The diity was (to music) "From the land of sky blue waters, Hamms, the beers refreshing, Hamms, the beer refreshing" They don't advertise anymore, that was from years ago.

Never heard of Red White and Blue. Must be an Eastern thing. I know it's not here, though. At one time I had two drives in my puter and transferred all that stuff from one to the other. Both had Xp on them. One had a problem that couldn't be fixed (I forgot what, and I didn't know about this forum!!) So by putting the stuff from one to the other it created the duplicates, all I remember is that I had cloned two different drives at two different times, which left me with three OS. Whew, I'd better quit while I'm behind, I mean ahead

[cholla]

69 RAT:I think one of the large breweries has bought Hamm's so it should be more available.I remember the song & the bear that did the commercials.Personally MGD is what I drink.I havent heard of Red,White & Blue but I'll give most beer a try.I even have a Tee Shirt that says"Bear Whiz Beer brewed nightly in Eagles Nest lake" It has a picture of a bear pissing in the lake  on the front.

[rikkkki]

Hey Cholla. I was just cleaning out my email and noticed your post. You remember the commercial? Cool. I remember it when I was very young maybe in the fifties. I think Hamms was bought out by Miller? Anyhow, it says on the can Milwaukee, but I think they also bought Olympia Beer right here in Olympia, WA, 50 miles away.I would love to have a t-shirt like that.

I also have had MGD and it's very good, had some in Dallas TX, in '95 when we were on a flight to Huston to work on a Tollycraft yacht, actually in Seabrook, TX. Gotta go for now-cheers 

[cholla]

Hey 69RAT : This is a link to the Hamms song

http://www.beerchurch.com/audio/bHamms%20Beer.mpga

This site has the Bear whiz shirts they don't have the exact one I have .The one called Summer has the same picture as mine

But a different slogan.Mine was probably made for Eagles Nest lake in NM.

http://www.eagletshirts.com/store/comersus_listCategoriesAndProducts.asp?idCategory=6

[cak46]

Either of you heard the new Bud Light commercials?  They are hilarious!

Mr. Paranoid of the Ocean Guy is one of my favorites!  :haha:

Edit:  Real Men of Genius ad campaign on the radio

[php]

I have a 31 track cd of Bud Light commercials

The first 20 tracks or so are the "Today, we salute you, Mr...."  they're great

[rikkkki]

HI guys. I'm taking a break tonight, don't wan't that headache again. Nothing to report for the day. Will post tomorrow 

[cak46]

I have a 31 track cd of Bud Light commercials

The first 20 tracks or so are the "Today, we salute you, Mr...." they're great

PHP:  Thats great!  I am anxiously awaiting the next installments to see what they come up with next!  Did you pull those from the net or record them from the radio yourself?

69Rat:  Yeah, good idea.  Still working on the Pavilion but am now making headway.  Got rid of Agent.214 and the worm.rbot.axo.......  They didn't want to give up but I got a medieval on them and am confident they are gone now.  Look2Me is now on the radar screen.  CWS removes it but after reboot, its back.  I'm still not at the point to put the machine online yet, though, but soon.

[php]

PHP: Thats great! I am anxiously awaiting the next installments to see what they come up with next! Did you pull those from the net or record them from the radio yourself?

well, I got them from a friend, but I think they came from the net

[rikkkki]

Hi guys  Well I just opened my mail and got mail from MS. I'll post it here. Instructions on how to do a parallel install. Sounds kinda dicey to me. Notice where he says it's for "testing purposes"  I mean, if I did install this and it worked, wouln't I want to transfer everything over to the "clean" copy  And then he says to NOT acitvate  That sounds like there's only, like 30 days to deal with this before I would have to un-install. 

[cak46]

Hi guys Well I just opened my mail and got mail from MS. I'll post it here. Instructions on how to do a parallel install. Sounds kinda dicey to me. Notice where he says it's for "testing purposes" I mean, if I did install this and it worked, wouln't I want to transfer everything over to the "clean" copy And then he says to NOT acitvate That sounds like there's only, like 30 days to deal with this before I would have to un-install.

I agree.  Of course, if something  goes wrong during the new setup, MS doesn't want responsibility for it.  Get the instructions to change the boot.ini and any other settings back to your original installation from him prior to doing the install so you can at least get your old install going if things go south with the new one.  One would think they would have some type of program which would scan the hardware then scan the drivers installed and see which one is messed up. As I mentioned before, the registry settings cannot be transferred and even if they were, you would be right back in the same boat referencing something that either isn't there or is corrupt.

Have you tried updating the hardware drivers for each device yet?  You could also reinstall each software package one by one.....  When you did the final cloning, did you just copy the folders from one drive to another or did you use a utility like Ghost of PartitionMagic? 

[rikkkki]

When I cloned, I used HDClone. Transfers bit by bit to another drive. but that was last year. As far as I know, all hardware devices are updated, although I use a slightly older one for my video card (Nvidia) cause it seems to work better that the newest ones. The new ones are configured mostly for the new 64 bit stuff that I don't need. The fabulous thing about Nvidia is that you can use just about any dirver they have. I think they call it UDA "Unified Driver Architechture". Anyhow as far as my software goes, I have just about taken everything out at this time. I would have to go back to make sure. BTW I just ran Look2Me and CWS/ came up clean(I had CoolWeb Search at one time, but not now) and then Trend Micro's AnitSpyware program (another 30 day deal) and got rid of a bunch of stuff. It updated right after I got done with the scan so I had to scan again, but it pulled up alot of cooties. Their ditties look really good to me and I'm considering going with Trend Micro for all my major anti-stuff. Maximum PC gives Trend Micro a much higher score with their stuff than McAfee. MUCH higher. The new issue that just come out has "23 utilities reviewed". McAfee didn't do too well in any catagory. SpyBot Search & Destroy got a "KickAss" award for being the best freebie in it's class.SpywareBlaster is the best thing I ever had. It stops thousands of cooties from even getting into your puter in the first place :!: It links right from SBot SD. Getting wordy here. Will stop before I run out of ink :haha:

BTW do you think that the BIOS could have anything to do with this? What if I re-flashed it, just for kicks

[cak46]

Getting wordy here. Will stop before I run out of ink :haha:

I have a tendancy to do that myself,  Might shut us off for using too much bandwidth  :haha: 

Did the clone overwrite the other drive, or add to it.  I guess I don't understand How you got duplicates of everything....The trendmicro I ran on the bad machine got infected with redlof at some point while I was scanning, etc. over the past three days.  No idea how that happened but Avast deleted it for me.  (Should have selected clean, oh well.....)  I've never run spyware blaster.  May give it a test drive!

Bios.... Why not?  Also, check to see if there is an update for the chipset for your motherboard while you are there.  Mine is VIA and there was a separate file for the motherboard devices (Software that installs into Windows to drive the mobo devices).  Maybe one of these is corrupt?  Honestly, I do not even know if they create update drivers for the chipsets any more.  What mobo are you running?.   

[cholla]

Hey cak46 Spyware Blaster is a preventer It doesn't scan & remove .It stops from spyware from getting in .You say the

[cak46]

Cholla:  I don't know why redlof was found in that file.  Many infections are caused by the addition of code to an existing .exe, not replacement.  (This is the old style of virus).  From what I can gather, this one targets web related files like .vbs, .htm, etc..  May have been a false positive as well.  Will just pull a copy of the exe from the zip again.  Here are a few examples of a file becoming "virused up".  This is why you have a clean option in your anti-virus.  http://web.zdnet.de/itsupport/virencenter/dict/cat/cat2_0-wc.html

[cholla]

cak46 : I think I understand.The redlof virus lies dormant until the right type file extension shows up then it infects it.Other virus do the same just to different extensions.The redlof goes after .vbs, .htm ,etc. Because it is an older style virus it may not have still been in the trendmicro definitions thats why it could infect an antivirus program file.I read the link it talked about .com &.exe but it would be the same for whatever file the virus was designed to attack.

[cak46]

cak46 : I think I understand.The redlof virus lies dormant until the right type file extension shows up then it infects it.Other virus do the same just to different extensions.The redlof goes after .vbs, .htm ,etc. Because it is an older style virus it may not have still been in the trendmicro definitions thats why it could infect an antivirus program file.I read the link it talked about .com &.exe but it would be the same for whatever file the virus was designed to attack.

The virus will only run when executed, for example with the redlof virus, it executes when you open a virused up email.  It then does it's dirty work.  The virus is a new.  If you look up redlof, there are a bunch of different variants which are vb scripts usually attached to emails.

 

With viruses that write themselves to legitimate program files, it's just an old way of writing a virus.

Some of the first viruses were ones that attached themselves to legitimate files.  Harder to find.  I don't understand why redlof would have been there in the first place, unless it's a variant that has not been well publicized on the web or is new.  Still, may have been just a false positive too. 

A program, no matter if a VB script, .exe, .com, etc.  can only execute if someone or another program calls for it.  In the case of vb, it's called by your email  program (Outlook Express, etc.) when you open the email  unless scripting has been turned off.  You are right, once executed the virus will do what it was designed to  do from formatting your hard drive to just putting up a funky screen like the old Stoned virus.  Never saw Stoned in action, but I did see michaelangelo.

Does this help or just muddy the water?

[rikkkki]

Hi guys! I'm on my kitchen puter while Kasperskey is running. My mobo is an Abit. I can flash my bios on the fly in windows with their "Abit Guru" utility. Best thing to ever come down the pike. I'll do the flash.Chip set is all Nvidia. Spyware blaster just stops cooties from coming in and that's about it, over 3000 of them so it doesn't really need to scan. It Check for updates once a week and your cool. It's totally free from JavaCool.

My clone utility copies bit for bit the exact info from drive to another. When I get done I have two indentical drives.Great if you have a drive that's going bad and want to transfer everything to a new one, back soon, still doing Kaspersky

[rikkkki]

Abit has updates for their chipset drivers. Remember the one that I tried to update with that wouldn't install? That was for the Audio Pack. It just wouldn't work. I think I have the latest bios drivers but I guess it wouldn't hurt to re-flash it anyhow. Still running Kaspersky, one section at a time

News Flash

[cak46]

Abit has updates for their chipset drivers. Remember the one that I tried to update with that wouldn't install? That was for the Audio Pack. It just wouldn't work. I think I have the latest bios drivers but I guess it wouldn't hurt to re-flash it anyhow. Still running Kaspersky, one section at a time

News Flash  :!: So far Kasperskey shows 4 virus's with the current scan and it's only 25% done  :!: AND 33 infected objects and 8 suspicious objects

Yeah, some could be leftovers from other scans.  With TrojanHunter, it renames the files it finds, but does not delete them.  Found that out the hard way)  It puts a .tcf, I believe, on the end of the full file name. 

[rikkkki]

Ohhhhhhhhhh I don't like that. I would like to see the cooty gone myself. Kaspersky(proper spelling) is at 65% and has about 80 infected objects. I will watch for that ext you mentioned

[cak46]

Just do a search for *.tcf on all folder and drives then delete them then empty the recycle bin. 

[rikkkki]

Just do a search for *.tcf on all folder and drives then delete them then empty the recycle bin.

[cak46]

This is kind of inane but I just figured out redlof is folder spelled backwards.......