Blue screen of death: what is your experience ?

Discussion in 'Anti-Virus' started by FromTheRafters, Oct 26, 2010.

  1. It sounds like a scareware application. Malware, but not a virus.
    Yes, the malware could be interfering with the installation program.
    DOS 6.22 won't natively handle the NTFS filesystem that XP uses by
    default.

    It would be better to use SUPERantispyware or Malwarebytes' Anti-Malware
    for removal.

    I always suggest visiting bleepingcomputer.com and following their
    instructions for removal of the exact version of scareware you are
    having problems with. First, it would help if you could get past the
    "not sure what" aspect.
     
    FromTheRafters, Oct 26, 2010
    #1
    1. Advertisements

  2. From: "sl@exabyte" <>

    | A pc in my company is infected with virus (not sure what); I now know it
    | pops up messages every now and then about pc being infected and click to
    | remove.

    | I slot in Windows XP to reinstall. On reboot, the pc reads in various device
    | drivers, but on 'starting windows..', a blue screen of death appears
    | (something like GP fault 0x0000....07).

    | Questions
    | ----------

    | 1.Could it be the virus causing the blue screen ?

    | 2. If it is, could I make a bootable CD with DOS6.22 on it to reboot the PC
    | (just thinking that probably virus won't handle DOS anymore) ?


    It could be "malware" causing problems but not neccessarily a virus and if you get pop-ups
    "about pc being infected" chances are likely you have a fake anti malware backed by a
    rootkit.

    If you want to re-install Windows then you will have to WIPE the PC (remove the hard disk
    partition, re-install the hard disk partition and re-format the hard disk partition). and
    then re-install the OS.

    Booting from an alternate OS is a good idea but not DOS. As FTR noted it is a for FAT not
    NTFS partitions.

    The Avira Rescue System is an alternate.
    http://www.avira.com/en/support-download-avira-antivir-rescue-system
     
    David H. Lipman, Oct 26, 2010
    #2
    1. Advertisements

  3. That depends on the CMOS stored settings. If, for instance, the boot
    order was the HD followed by the CD - then the mere absence of a
    bootable HD would cause booting from the CD.
    No need to muck with those settings IMO. I'm not sure what the OP means
    by "I slot in Windows XP..." if he is attempting a repair install, that
    might not work either (active malware must be deactivated first), if he
    is attempting a clean install, he should boot from clean media.
     
    FromTheRafters, Oct 26, 2010
    #3
  4. That's why they call it a 'boot order' instead of a boot choice.
    I'm still guessing the OP tried a repair install which didn't work. The
    method described by DHL would have completely eliminated the chance of any
    interference by the suspected malware.
    The default used to be CD then HD (Floppy A, then HD before that) IIRC - now
    USB is probably in there somewhere. You are correct that he might need to
    access the CMOS to enable booting from a CD if that's what he wants to do
    and it is not the default.

    If I leave my Linux Live CD in my CD tray and reboot, it comes up in Linux -
    no problem.
    No, I'm just saying that it need not be the installation disk (it could be a
    preinstallation environment disk, or any boot media that creates a clean
    environment in which to run the installation program).
     
    FromTheRafters, Oct 26, 2010
    #4
  5. FromTheRafters

    sl@exabyte Guest

    A pc in my company is infected with virus (not sure what); I now know it
    pops up messages every now and then about pc being infected and click to
    remove.

    I slot in Windows XP to reinstall. On reboot, the pc reads in various device
    drivers, but on 'starting windows..', a blue screen of death appears
    (something like GP fault 0x0000....07).

    Questions
    ----------

    1.Could it be the virus causing the blue screen ?

    2. If it is, could I make a bootable CD with DOS6.22 on it to reboot the PC
    (just thinking that probably virus won't handle DOS anymore) ?
     
    sl@exabyte, Oct 27, 2010
    #5
  6. You're welcome.
     
    FromTheRafters, Oct 27, 2010
    #6
  7. FromTheRafters

    Dustin Guest

    That's because his eyes are functional and yours aren't.
    When it shuts down with a blue screen during startup, it isn't
    bootable. It's still failing to complete startup.
    I don't recall the OP providing that much detail. It's not a good idea
    to assume a person did this or that.
    Many times. Not XP specifically, but original discs. yes.
     
    Dustin, Oct 27, 2010
    #7
  8. The humble virus.
     
    FromTheRafters, Oct 27, 2010
    #8
  9. From: "FromTheRafters" <>


    | The humble virus.

    http://www.windowsitpro.com/article/antivirus/microsoft-inadvertently-ships-nimda-virus-in-visual-studio-net.aspx

    http://www.devcomments.com/Samsung-s-Bada-Powered-Wave-Smartphone-Shipped-With-A-Virus-i30369.htm

    http://www.apple.com/support/windowsvirus/

    http://news.techworld.com/security/10635/seagate-hard-disks-ship-with-chinese-virus/

    http://phandroid.com/2010/03/09/malware-packed-htc-magic-sold-shipped-by-vodafone/

    http://www.secureworks.com/research/blog/index.php/category/trojans/
     
    David H. Lipman, Oct 27, 2010
    #9
  10. From: "~BD~" <~BD~@nomail.afraid.org>





    | Thank you for those examples, DHL - some I'd seen before.

    | Let me rephrase my question.

    | Can a genuine, Microsoft manufactured, Windows XP CD taken straight from
    | a sealed box (i.e. assumed 'clean') ever be contaminated by using it in
    | a computer?

    | If so - how can this be done?

    http://www.windowsitpro.com/article/antivirus/microsoft-inadvertently-ships-nimda-virus-in-visual-studio-net.aspx
     
    David H. Lipman, Oct 28, 2010
    #10
  11. [...]
    No, the contamination can't happen to read-only (or WORM) media. The
    "program" would have to have been 'contaminated' prior to the creation
    of the program as stored on the optical disc. Those examples include
    this sort of "trusted source" malware infiltration (both inadvertent and
    purposeful).
     
    FromTheRafters, Oct 28, 2010
    #11
  12. FromTheRafters

    Dustin Guest

    I don't know. I haven't been interested enough to go back and re-read the
    OP.
    I'm saying a retail software package has been known in the past to come
    prepackaged with an actual virus.
    An infected machine(s) at the pressing plant.
     
    Dustin, Oct 28, 2010
    #12
  13. FromTheRafters

    Dustin Guest

    Yet, by reading below; it's clear you ignored them...
    Don't bother.
     
    Dustin, Oct 28, 2010
    #13
  14. From: "~BD~" <~BD~@nomail.afraid.org>


    | [....]



    | Maybe I'm misreading things, but I don't feel you have answered my
    | *exact* question, Mr Lipman.

    | I accept the response from FromTheRafters.

    That because (as Dustin so well pointed out) you have eyes but fail to see.
     
    David H. Lipman, Oct 28, 2010
    #14
  15. From: "~BD~" <~BD~@nomail.afraid.org>


    | One more time!

    | See http://en.wikipedia.org/wiki/Write_Once_Read_Many

    | "Can a genuine *CLEAN* CD/DVD ever be contaminated by using it in a
    | computer?"

    That's a NEW question of the thread, not a "One more time!" question.
     
    David H. Lipman, Oct 28, 2010
    #15
  16. His original question was badly worded - can a program on a manufacturer
    supplied read-only disc *be* contaminated as opposed to can it *become*
    contaminated.

    Obviously (to most of us) if it can't be written to, it can't *become*
    contaminated by using it in a suspected contaminated computer. Such
    contamination would have to happen to the program *before* it was
    written (or *while* it is being written) to disc.

    That doesn't mean that the program itself can't *become* contaminated
    before execution on the target machine - only that the program as it
    exists on the disc cannot become contaminated (a distinction BD might
    not be aware of).

    I'm glad that those references got posted by you, but I wasn't going to
    go there...(I do quite enough already to feed his paranoia).

    It seemed to me that the original question in BD's mind was about how
    much trust one should put in supposedly "clean media" (i.e., his XP disc
    from Microsoft). You answered *that* question with those good references
    (some of which I was not previously aware).
     
    FromTheRafters, Oct 28, 2010
    #16
  17. FromTheRafters

    Dustin Guest

    Well, here's to hope! World peace and all that snazz.
    If it's CLEAN from pressing/shrinkwrap to your door, and is not a
    rewritable, no.

    OTH, if the computers at the pressing plant have something on them, the
    cdrom you got in that shiny plastic might too. <G>

    Do you understand now?
     
    Dustin, Oct 28, 2010
    #17
  18. From: "sl@exabyte" <>




    | Hi guys, are you still reading ?

    | The CD that I used is a bootable CD; I want to re-format the HD.

    | I used win98 boot diskette image and burn it onto CD (the computer has no
    | diskette). The pc
    | boots up, but alas it cannot recognize SATA DVD ROM. So no go.

    | I then tried SUSE Linux disc. It boots to install screen, the light-blue
    | screen with boot options.
    | BUT, shih, the keyboard jams, and then the pc boots from HD (nothing there
    | at this moment).

    | Tell me what to do now ?

    | Open the PC and connect an ATA CD-ROM ?


    You need to boot off a Windows XP distribution CD and use it to wipe, reformat and
    re-install the OS.

    It will use compatibility mode drivers to see the SATA DVD/CD drive.

    Using a Win98 boot diskette image is the wrong way to go.
     
    David H. Lipman, Oct 29, 2010
    #18
  19. FromTheRafters

    sl@exabyte Guest

    I have tried using bootable XP SP2. It hangs at "starting windows...", then
    the blue screen.

    I used win98 to remove partition and re-format. There is an EXT DOS
    partition which I cannot remove.
    It says the partition cannot be removed while there is a logical drive, but
    I tried to remove logical drive, it says
    no logical drive defined !!??

    I then used SUSE Linux to remove the partition, but it hangs the keyboard (I
    mentioned earlier) !!!!
     
    sl@exabyte, Oct 29, 2010
    #19
  20. FromTheRafters

    sl@exabyte Guest

    By the way, I have used my bootable windows xp disc many times. Thanks.
     
    sl@exabyte, Oct 29, 2010
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.