615 replies to this topic

[rikkkki]

hottiecakes. You might take a look in your event viewer and check what sort of errors you are getting around the time that this happens. Look in your your event viewer/ "system" first, and then you can check your "security", and then "application" logs. Right click on "my comptuer" click "manage" then double click on "event viewer" and your'e there. good luck.

[Swimmer]

Here is what I found out about this thing.. i dont have the time to read 48 pages of posts..
http://www.ozzu.com/ftopic24247.html
http://extremetechsu...d.phtml?t=64852

Sasser variant..
http://securityrespo...moval.tool.html

I also guess that MS released a patch for this exploit a while back.. so you might want to remove the worm then reapply the patch..

[cak46]

Hottiecakes, try 69 Rats and Swimmers fixes.  Most likely Sasser variant, but viruses generally don't come back unless you re-install with a program or file that you keep reloading after formatting and reinstall.

[Swimmer]

if you do quick format it could be possible..

[cak46]

Quote

if you do quick format it could be possible..

Yeah, I suppose, but wiping the allocation tables/indexes would only leave room for a possible boot sector virus.  Unlikely nowadays, but still a possibility.  Not Sasser, though.....  He could also be getting the virus back from the web prior to updating his xp install as well.  I ran across NYB  (a boot sector virus) about 2 weeks ago.  Talk about a blast from the past. 

[rikkkki]

Well EVERYBODY  This a sad day indeed. I fixed the problem, but not. I went around the lsass error and installed a fresh copy of xp on a seperate partition that I had on the same drive. So I guess I did a parallel install. It works great, but we will never know what caused it in the first place. 61 days is a long time to work on one problem, no doubt, but not finding it may haunt me, so to speak. There may be other issues than come up and I will post them as needed. What a learning curve. cak46 put his heart into this one for sure, but he supports my decision, albeit "incomplete". Cholla helped a great deal too. Thank you all for your efforts. I still have that error in there(in the other partition) maybe someting will come up. I will not destroy that OS, just in case. Besides, all the boot stuff is on that partition.

BTW if any of you have a usb keyboard (mine is a new DasKeyboard) and your'e going to boot from a cd(during post-"hit any key to boot from cd") and it doesn't work, then it's because it's not on yet. You will have to change back to a PS2 keyboard to "hit that key". I'll sign off for now and a good night to all.

[php]

I just have to say... congrats to both of you (and cholla) for working so hard on figuring this out... I've been following since the beginning
Too bad you couldn't get it figured out, but maybe a fresh install is the best thing to do after 2 months

[rikkkki]

Thank you php. I almost feel like I've let the viewers down. I know this can't go on forever, but at the same there may have been some people out there that were depending on a "fix find". If any of these people DO find something (fix) out there, then maybe they could post. It was tough though, not being a vurus. Again thank you for the kudos. Maybe this won't be in vain?

[Swimmer]

try zeroing the partition.. i am wondering if there is something wrong with the partition..  For you guys to work 60+ days on it and not find something..   If you do find out what happend please let us know!

[cholla]

69 RAT I'm glad I was some help But I'm giving the real credit to you & cak46 .You two worked long & hard on this.I don't blame you for calling it enough.It is too bad the fix wasn't found.

[Swimmer]

The mods have decided to sticky this thread.. you guys have worked hard and we dont want this work to go to waste..

[cak46]

Quote

Well EVERYBODY  This a sad day indeed. I fixed the problem, but not. I went around the lsass error and installed a fresh copy of xp on a seperate partition that I had on the same drive. So I guess I did a parallel install. It works great, but we will never know what caused it in the first place. 61 days is a long time to work on one problem, no doubt, but not finding it may haunt me, so to speak. There may be other issues than come up and I will post them as needed. What a learning curve. cak46 put his heart into this one for sure, but he supports my decision, albeit "incomplete". Cholla helped a great deal too. Thank you all for your efforts. I still have that error in there(in the other partition) maybe someting will come up. I will not destroy that OS, just in case. Besides, all the boot stuff is on that partition.

BTW if any of you have a usb keyboard (mine is a new DasKeyboard) and your'e going to boot from a cd(during post-"hit any key to boot from cd") and it doesn't work, then it's because it's not on yet. You will have to change back to a PS2 keyboard to "hit that key". I'll sign off for now and a good night to all.

You stuck in there 69 RAT .......  the kudos go to you.......    I just wish we had found the answer.  It is going to stick with me as well.   I'm glad the new install is treating you well.      Who knows, maybe tomorrow someone will find the answer.   

[rikkkki]

Quote

The mods have decided to sticky this thread.. you guys have worked hard and we dont want this work to go to waste..

Well I guess it's learning time again. Sticky this thread? Somehow draw other people to it? Just a guess. I like it anyhow.It has been alot of work but I wouldn't have been able to go this far without cak46 and his desire to not let a machine beat us out. Ya know, I'm not really excited about having done this, cause the old one is right here on the same disc! I mean, "great, I have an OS that works good", but nothing has changed with the old one. The problem still lurks. I suppose that if someone came up with an idea from time to time, that I could boot into the other OS to try out the suggestion?

Cholla, thanks for the kind thoughts. Maybe we can consider this "over but not over"? 

[cak46]

Quote

Well I guess it's learning time again. Sticky this thread? Somehow draw other people to it? Just a guess. I like it anyhow.It has been alot of work but I wouldn't have been able to go this far without cak46 and his desire to not let a machine beat us out. Ya know, I'm not really excited about having done this, cause the old one is right here on the same disc! I mean, "great, I have an OS that works good", but nothing has changed with the old one. The problem still lurks. I suppose that if someone came up with an idea from time to time, that I could boot into the other OS to try out the suggestion?

Cholla, thanks for the kind thoughts. Maybe we can consider this "over but not over"?

A sticky:  If you look at the "Help with Other Stuff" page, the topic will stay at the top of the list.  They use these as "primers" for threads.     "Over but not over"......  sounds good......   

[tommie gorman]

You might try this link 
http://www.grisoft.c...01?uti=Vcleaner

[tommie gorman]

Sorry did not that was 41 pages ago. Lol