triger49 Posted June 5, 2009 Share Posted June 5, 2009 This machine is an HP a614n ....512 meg ram .... 2.6ghz P4 XP Home sp3.Long story short, this came to me with a year's worth of neglect....almost 2 gig of crap files.....etc etc.Spent several hours, cleaning up, updated video drivers and Directx, latest bios flash. Thing ran like a swiss watch for about 3 days. Just before I was ready to return it , I turned auto update back on. Ouch ... Auto update did it's thing for several minutes and froze. Power off, endless reboots.Turn off auto reboot produces this error / bsod0x0000008e (0xc0000005 0xeee508d3 0xf8a38968 0x00000000 )After hours of tracing my steps, checking for trojans, I reinstalled Service pack 3 from safe mode...it booted and seemed normal so I created a restore point. Next reboot it goes back to the endless reboots.....I can however, always boot to that restore point and it will run with no problems.From what I have been able to gather, it is a driver issue....can somebody give me a clue?TIAJake Link to comment Share on other sites More sharing options...
Tripredacus Posted June 5, 2009 Share Posted June 5, 2009 Since you are able to get into Windows with one method, you are going to need to follow these instructions:http://www.msfn.org/board/index.php?showtopic=130003 Link to comment Share on other sites More sharing options...
triger49 Posted June 10, 2009 Author Share Posted June 10, 2009 Just for what it's worth ..... After digging around for days....was set'n here trying to decide about a clean install.....came across this tool I had downloaded several months ago...(one of those "dark and stormy night-save my bacon tools")FSecure Blacklight.....wonder of wonders, it found 6 files that a whole bunch of others missed...did a clean and rename....bingo, boots everytime.Also, looks they came from MSN messenger....gonna do a google trace on the file names...if anybody is interested, I'll post back with the results.......Jake Link to comment Share on other sites More sharing options...
JoeMSFN Posted June 10, 2009 Share Posted June 10, 2009 ...if anybody is interested, I'll post back with the results.....Of course people are interested!Lack of response does not indicate lack of interest.Sometimes I find threads that are over a year old (some times more) and wish the results were posted because that thread happened to be of interest to me.. well years after it was posted.Heck even if it took you several months and you would've stumbled upon the thread you left, and posted the tool you used. I'd be very happy to know the tool you used (or perhaps the folder that the malware created).Not only that if the search engine re-spiders the thread (don't know if they do that), then the answers to the questions will be found.Thank you for the tool name. I'll have to check it out and add it to my arsenal. Link to comment Share on other sites More sharing options...
triger49 Posted June 10, 2009 Author Share Posted June 10, 2009 ...if anybody is interested, I'll post back with the results.....Of course people are interested!Lack of response does not indicate lack of interest..Thank you for the tool name. I'll have to check it out and add it to my arsenal.Thanks ...you know, until this, I would have probably given 2 to 1 odds this machine was malware clean.... Here is a file list ........system32\lowsec\local.dssystem32\lowsec\user.dssystem32\lowsec\user.ds.lllsystem32\sdra64.exesystem32\drivers\str.syssystem32\drivers\ezvoiefzihcsvt.sysF-secure blacklight took care of everything except Sdra64.exe and folder lowsec. They reappeared.....Mcafee rootkit detective handled the rest by doing a nuke on boot.Now the really strange part, took a trip back over to Bitdefender's online scan. The second scan revealed copies of the above files all thru system restore points under MSN and Real toolbar and was able to remove them. Sdra64 is a really scurvy piece of Malware....it does keyboard logging, and can replicate registry entrys in seconds.Download links .....http://www.f-secure.com/en_EMEA/security/s...ces/blacklight/http://vil.nai.com/vil/stinger/rkstinger.aspxJake Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now