Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Legendary BSOD


  • Please log in to reply
17 replies to this topic

#1 Feonix

Feonix

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:27 AM

Posted 24 December 2009 - 11:01 AM

Well, it's happened to me:

Blue Screen Of Death STOP Error: 0xc0000007B

This occured right after I ran a Kaspersky bootable Rescue Disc to kill the virus that disguises itself as "Antivirus Plus." It could either be a boot sector virus that curropted my boot or a hardware malfunction as I had my synthesizer (which is routed to my soundcard) on at the time. Yes, my synth has caused me headaches in the past.

Things I Already Tried:
1. CHKDSK /r -- Took too long, eventually just froze.
2. BOOTCFG /rebuild -- Scanned for other boot files and eventually read "out of system memory."
3. Replaced NTDLR and NTDETECT just to be safe.
4. Loaded up UBCD4Win and cleaned Registry of junk files.
5. Through UBCD4Win I also ran the latest update of McCaffee's Stinger anti-virus application and terminated whatever virus it found.
6. Tried to restore the system by using back-ups of System, Software, Sam, Security and Default files.
7. FIXBOOT -- Said it fixed the boot but made no difference.
8. FIXMBR -- Wrote new master boot record but that didn't change anything.
9. Using UBCD4Win I ran Ace Utilities and deleted all junk files (Temps and dumps to unclog the clotting stored on my PC).
10. Deleted all traces I could find of Antivirus Plus.
11. Replaced BOOT.ini with a fresh copy.
12. Tried Safe Mode and Last Known Good Configuration but couldn't access either of them.
13. Unplugged all hardware, USB, cords, powercords, flash and memory card drives but that didn't work. I even took out my 3GB RAM chips and put them back in.
14. Took out PCI soundcard completely and uninstalled it's drivers in UBCD4Win but to no success.
15. Ran MemTest, but the memory test found no problems.

Recap:
I know all my data is intact because I can see and access it using UBCD4Win. The day of the fatal crash I had installed BitDefender 2010 Internet Security. I have never before used defrag, however, and CHKDSK could not finish. The current solution I am trying is using Spinrite to fix the problem. Is using Spinrite just as good as defragmenting and using CHKDSK to find and fix errors? If so, I have been running Spinrite for the past 10 hours, I have 4 more hours to go (Spinrite estimates it will take 14 hours to finish it's job). Yet Spinrite so far hasn't found any defected sectors, is this normal?

I'd appreciate any help. As you can see I've done a lot of researching and tried a few methods before asking for help. Thank you for reading, I'd appreciate any help or advice.

Specs:
HP m7640n Dual-Core 2.26GHz
Windows Media Center Edition | ServicePack3
AND Athlon 64 X2 5000+
3GB SDRAM
320GB HDD
640GB External HDD
500GB External HDD
M-Audio Audiophile 192 PCIe Soundcard
- Fio

Edited by Feonix, 24 December 2009 - 11:06 AM.


BC AdBot (Login to Remove)

 


#2 OldGrumpyBastard

OldGrumpyBastard

  • Members
  • 781 posts
  • OFFLINE
  •  
  • Location:"Way South of 'da Bridge"
  • Local time:10:27 AM

Posted 24 December 2009 - 11:14 AM

Copied from Microsoft:

Boot-Sector Viruses
You may receive a "Stop 0x0000007B" error message if your computer is infected with a boot-sector virus. If the problem is intermittent and you can start Windows, check your computer for viruses. If you find a virus, also check any floppy disks for viruses before you use them again.

For a list of antivirus software manufacturers, click the following article number to see the article in the Microsoft Knowledge Base:
49500 (http://support.microsoft.com/kb/49500/EN-US/ ) List of Antivirus Software Vendors
Note You may have to use more than one brand of virus-detection software to detect and remove various viruses.

Important If your computer has been infected, it may be open to additional forms of attack. We recommend that you rebuild infected Internet-facing servers by following the guidelines that are published on the CERT (http://www.cert.org/) Web site. Internet-facing servers are servers that function without a firewall or other protection. It is also a good idea to rebuild any other computers that are at risk because of their proximity to infected computers before you put them back in service.

If a virus has infected your Windows XP-based computer and a virus-detection program cannot remove the virus and repair the system, you must repartition and format your hard disk and reinstall Windows XP. For additional information about partitioning and formatting a hard disk with Windows XP, click the following article number to view the article in the Microsoft Knowledge Base:
313348 (http://support.microsoft.com/kb/313348/ ) How to partition and format a hard disk in Windows XP
For more information about how to help protect the boot sector from viruses in Windows XP, click the following article number to view the article in the Microsoft Knowledge Base:
122221 (http://support.microsoft.com/kb/122221/ ) How to protect boot sector from viruses in Windows

It would seem to me that you haven't completely removed your infection which will probably force you to do a completely fresh installation...reformatting, re-partitioning etc...Looks like the only way to go from my stand point...Other options:

http://www.bleepingcomputer.com/virus-remo...-antivirus-plus

Edited by OldGrumpyBastard, 24 December 2009 - 11:24 AM.

Does this look like an OldGrumpyBastard or what?

#3 Feonix

Feonix
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:27 AM

Posted 24 December 2009 - 11:33 AM

I know there must be another way of fixing this. I can easily access my data and plus I've encountered the same problem before. I'm appreciating your help, not saying that it can't be the only solution. But of course I'm trying my hardest not to take that route.

#4 OldGrumpyBastard

OldGrumpyBastard

  • Members
  • 781 posts
  • OFFLINE
  •  
  • Location:"Way South of 'da Bridge"
  • Local time:10:27 AM

Posted 24 December 2009 - 11:37 AM

Try using the above link to remove the virus completely. Pay close attention to the details about not re-starting after running Rkill. Fresh intall as a last resort. Most users don't want to follow that solution but it may be inevitable...
Does this look like an OldGrumpyBastard or what?

#5 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:27 AM

Posted 27 December 2009 - 04:56 PM

You could try a repair install.

How to Perform a Windows XP Repair Install
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#6 Feonix

Feonix
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:27 AM

Posted 27 December 2009 - 05:33 PM

Well, Spinrite spent 15 hours trying to look for a problem but found no problems with my hard drive. I also had Partition Table Doctor look for a problem that took many hours and when Partition Table Doctor finished scraping the disk for errors, it found none!

What is going on here!?

I scanned the boot sectors for any virus with the latest update from Kaspersky and found NO viruses. I just don't understand...

#7 hamluis

hamluis

    Moderator


  • Moderator
  • 56,114 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:10:27 AM

Posted 28 December 2009 - 09:13 AM

The fact that chkdsk /r did not complete...points to a hard drive or NTFS problem, IMO.

Resolving either...normally involves a clean install, after running the appropriate hard drive diagnostic.

I've found that NTFS problems have suggested solutions not involving a clean install...but those have never worked for me.

You seemingly have exhausted many of the other plausible possibilities.

Louis

#8 Crowbar

Crowbar

  • Security Colleague
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:11:27 AM

Posted 28 December 2009 - 03:58 PM

Just had that BSOD problem myself. Trying to kill a boot sector type malware/virus, just as you. Instead of screwing around trying to fix the MBR, I formatted my drive and restored a backup from 2 days previous. Then I went ahead and cleaned up the malware mess.

Before the reload, I did boot to the recovery console and used FIXMBR and FIXBOOT, but to no avail. Formatting seemed to be the best choice for me. I do HOPE you have a recent backup.....

#9 Feonix

Feonix
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:27 AM

Posted 29 December 2009 - 01:22 AM

Yes I do have a back-up. However, I have nearly 700GB worth of material to re-install, formatting isn't an option. If I'm going to format, I think I might as well just buy a new desktop instead :thumbsup:

I've tried everything. There's literally no clear way to recover from ANY BSOD.

#10 Guest_Abacus 7_*

Guest_Abacus 7_*

  • Guests
  • OFFLINE
  •  

Posted 29 December 2009 - 01:51 AM

Yes I do have a back-up. However, I have nearly 700GB worth of material to re-install, formatting isn't an option. If I'm going to format, I think I might as well just buy a new desktop instead :trumpet:

I've tried everything. There's literally no clear way to recover from ANY BSOD.


:flowers:

You could try installing a New HDD, a lot cheaper than a New Desktop, Installing Windows XP on it and use the other as a Secondary Drive? That way all your Data is still intact.

But run Updated Anti Virus, Anti Spyware and Anti Malware on the Problem Drive before clicking it open. You could also do as Hamluis suggested that way too.

I often use this technique to save a HDD that I cant get into to use the Tools to fix it.

:thumbsup:

Edited by Abacus 7, 29 December 2009 - 01:53 AM.


#11 Baltboy

Baltboy

    Bleepin' Flame Head


  • Members
  • 1,432 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pennsylvania

Posted 29 December 2009 - 10:15 AM

My experience with that particular malware you mentioned is that it does not infect the boot sector. I would create a floppy or CD if you don't have a floppy with the base files boot.ini, ntdetect, and Ntldr. Use that to try to start the computer. If it still gives the BSOD Then I would say it is not a boot sector issue but a corrupted driver (best case) or the file system itself is corrupted. I would guess it is the first one based on the fact you had just run a scan attempting to remove the malware issue it may have corrupted the driver or the driver itself may have been selected infected and deleted. Did you try to start the computer using the safe mode command line only option? If that works you can use the system restore command line to roll back to an time before the infection where the driver isn't corrupted or if you can run a upgrade with your windows install disk to try to restore driver functionality. I would not choose the second option if the first one would work since my experiance is that while the upgrade often works it tends to slow the system down for some reason.
Get your facts first, then you can distort them as you please.
Mark Twain

#12 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:27 AM

Posted 29 December 2009 - 08:51 PM

Did you try the repair install?
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#13 Feonix

Feonix
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:01:27 AM

Posted 29 December 2009 - 09:50 PM

Did you try the repair install?


I did. I even tried a parallel install, but it hangs when "examining the disk/checking drive C:\" so it never finishes.

#14 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:27 AM

Posted 29 December 2009 - 11:24 PM

In that case I see no other option than a clean install.

http://michaelstevenstech.com/cleanxpinstall.html
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#15 Crowbar

Crowbar

  • Security Colleague
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:01:27 AM

Posted 04 January 2010 - 01:01 PM

In that case I see no other option than a clean install.

http://michaelstevenstech.com/cleanxpinstall.html


What kind of backups are you making? IMHO the proper way to do it is (XP) ntbackup - make sure you check the system state box and your hard drive(s).

Then after you format the drive and clean install XP, when you reload, everything will be in place, both programs and data.

Probably too late to help you now, but as you now see, it is very important to backup properly.

http://www.lwcomputing.com/tips/static/sysstate.asp discusses the system state backup nicely, make sure you check your hard drive boxes as well, and most important use VERIFY. A failed backup does nobody any good.

Whoops, I meant to reply to the OP, not to Budapest. Sorry about that....

Edited by crowbar6761, 04 January 2010 - 03:02 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users