Lsass.exe

[rikkkki]

This SDK thing is still installing  Boy the screen you posted is full, mine was just blank. we'll see about what I'm installing now, it's supposed to have the same thing in there somewhere. back soon, this is almost getting exiting 

[cak46]

This SDK thing is still installing Boy the screen you posted is full, mine was just blank. we'll see about what I'm installing now, it's supposed to have the same thing in there somewhere. back soon, this is almost getting exiting

There are quite a bit of tools.  If you go to the first link in my post and click up one level, I think it brings you to the master contents page for the support tools. 

Yeah,  I'm hopeful that it will be apparent which files are necessary (need to be registered) when you open lsass.exe in the utility.  I just downloaded it from the link in my post.  Onlty about a 405 KB download and will run on most all platforms and windows versions......... 

BTW:  ME TOO 

BTW2:  I am close to certifying that HP POS as clean.  One more scan of each id tomorrow, put it back on the net, then clean the tools I installed off of it!    A funny thing happened tonite with it.  It turned itself on.  I think it received the signal thru the nic card from the net to turn on but I'm behind a router.  Very, very strange.........  Disabled that in bios in a big hurry......

[rikkkki]

There are quite a bit of tools.

[cak46]

OK. I wish I had seen your link BEFORE I downloaded this other SDK stuff. It's huge. I will remove it later. I has stuff that you wouldn't believe. It's kinda for developers and maybe even programmers Anyhow, here goes, put your seat belt on,,,,,,,,,,,,,,,,,,,,

Alot of it is just for that.  Debugging and testing software as you code.  Never done any windows specific programming, xcept VBA in Access so I'm not familiar with the tools.  All strapped in.......

[rikkkki]

Well, this is what I found so far. I couln't find lsass. It seems that just about all is .dll's, anyhow, take a look

[rikkkki]

Hold it. That's junk. Stand by,,,,,,,,,,,,,,,,,,,,,,,

[cak46]

Yeah.  It's looking at itself, I think.......

[rikkkki]

Yeah.

[cak46]

Look at the top of my screen that I posted then look at yours  I opened cwsshredder.exe.... look right beside where it says dependency walker on the screen.

Go to file menu , then select open then browse to lsass.exe and try to open it.....

edit:

Everything below the topmost entry is a program module that depends.exe is depending upon.  Widen out the top screen and you'll see the beginning.

[rikkkki]

DUH, I thunk i get it this tim 

[cak46]

And Houston, We may have found the answer.  Now, do a file seach on your hard drive for the two filenames in red. 

I'm gonna stick it out tonite for a bit longer.  Too close to bail now........

[rikkkki]

VERY INTERESTING, WATSON. THEY ARE NO WHERE TO BE FOUND  :!: NOW I THINK I HAVE A LINK TO A .DLL FIND SITE LISTED IN MY MACHINE. I USED IT ONCE TO LOCATE AND REINSTALL A .DLL FILE I HAD LOST. I WILL LOOK FOR IT NOW, HOLD ON

[cak46]

VERY INTERESTING, WATSON. THEY ARE NO WHERE TO BE FOUND :!: NOW I THINK I HAVE A LINK TO A .DLL FIND SITE LISTED IN MY MACHINE. I USED IT ONCE TO LOCATE AND REINSTALL A .DLL FILE I HAD LOST. I WILL LOOK FOR IT NOW, HOLD ON

Hangin' on the Line........

[rikkkki]

Hangin' on the Line........

So am I. Damn. Those guys don't have either one  :cry: BUT, It's just a matter of time before I can find a site that DOES HAVE THEM 

[rikkkki]

HOLD ON A LITTLE MORE, I AM GOING INTO THE KITCHEN AND YOU KNOW WHAT................

[cak46]

Good idea! 

[rikkkki]

Good idea!

[cak46]

I do not know.  the kdcsvc is tied to kerberos authentication.  You could try and extract them from the .cab file you extracted the other files from the other day. 

Edit:  Just found out.  kdcsvc.dll is the domain controller equivalent of the kerberos.dll client computer file.  (At least in a win2000 environment)

I would wait on extracting for now until I can get more info on these files.    Did you notice if there were any errors in the listings from depends as you scrolled thru them?

[rikkkki]

I do not know.

[rikkkki]

Nothing close. Not in either cab file default or sp2. I'll check the kitchen but it wouldn't be there if it didn't show on the search would it?

[cak46]

Thats because those files are for the a server version of software.  They reuse the same code for both their server software and their client software.  Been doing that since nt4.0 came out.  I'm going to have to do some more research tomorrow but if you could, email me a copy of your actual boot.ini file and a copy of the depends results for lsass.exe.  And hey, grab me one while you're there, will ya? :haha:

Most of the info I found was for nt2000 so I'm unsure if the domain controller (server) part applies or not to XP.  Might be a good question for Mr. MS.....    Good evening and be back in the morrow! 

Edit:  Since you have an xp disk, you can go thru the cabs on that and see if its there but I would not suggest extracting them into system32 until we get more info on them.  I think the dll.cab is holding just the installed dlls only, not all .dlls for windows.  More research, I suppose.

Good evening! 

[rikkkki]

I think I sent you a boot.ini last night, didn't you get it?

[rikkkki]

Hi cak46. Well, I'm writing this from my kitchen PC. I had a bright lite go off upstairs at work

[cak46]

Hello again!  Got the files.  What I'm looking for is a copy of your actual boot.ini file, not the bootlog (Ntb...)..... 

To answer your question on server vs. client systems, or try to anyways,

Server in this case means a machine set up with a specialized operating system to perform a multitude of different functions pc's, and pc (client versions) of op. sys's couldn't perform.  If you want I can give a more detailed description of this..... Get medievil techie on your butt...  :haha: 

XP home is a client software, clients access servers which would run for example Windows 2003 Server.

There are alot more functions that run on a server edition than on a client edition of an operating system. 

The two files we found missing are tied explicitly with Domain Controller functions, at least with win2000 Server, anyway.  Still looking into the logs you sent.....

Just saw your note.... You're right about the two files.... Domain controller functions......  missing in depends prog.  does not necessarily mean its required for proper functioning of the dll in question.  Will await you post!   

EDIT:  That other missing file NTDSETUP.DLL file is used for setting up Active Directory, a server function only....  Are you running the exact same service pack level and Operating system version?  Check each in the Control Panel> System icon and compare actual version numbers.  You may be on to something if they are exact.  Also, a side note, are both 'puters same make and model?  Check the version numbers if you would. 

[cak46]

Actually, look at the info at the top of the depends log.... In red this is the log you sent me.

Dependency Walker:      2.1.3623 (32-bit)

Operating System:        Microsoft Windows XP Professional (32-bit)

OS Version:              5.01.2600 Service Pack 2

Processor:              x86 Family 6 Model 10 Stepping 0, AuthenticAMD, ~2193MHz

Number of Processors:    1

Computer Name:         

User Name:             

Local Date:              Monday, July 25, 2005

Local Time:              9:01:25 PM Pacific Daylight Time (GMT-07:00)

OS Language:            0x0409: English (United States)

Memory Load:            46%

Physical Memory Total:  1,073,201,152 (1024 MB)

Physical Memory Used:    503,476,224

Physical Memory Free:    569,724,928

Page File Memory Total:  2,582,675,456

Page File Memory Used:  345,280,512

Page File Memory Free:  2,237,394,944

Virtual Memory Total:    2,147,352,576

Virtual Memory Used:    62,889,984

Virtual Memory Free:    2,084,462,592

Page Size:              0x00001000 (4,096)

Allocation Granularity:  0x00010000 (65,536)

Min. App. Address:      0x00010000 (65,536)

Max. App. Address:      0x7FFEFFFF (2,147,418,111)