mrmaxx Posted February 12, 2010 Share Posted February 12, 2010 One of my users at work asked me to look at his machine from home which is running Windows Vista Home Premium. It was working fine until Tuesday night / Wednesday when it got an update from Microsoft. After that, it rebooted and now it will only give a blue screen at boot with error 0x0000007E. Google search doesn't turn up much helpful. I've got the original install media, but would rather not reinstall Windows if I can help it. This is remarkably similar to a problem that Windows XP users are having with KB977165. Anyone here know how to fix this problem on Vista machines? I'd really rather avoid reloading the whole computer. I just did that for a machine at work yesterday and it took all day to load Windows and get all the updates! Quote Link to comment Share on other sites More sharing options...
Farelf Posted February 13, 2010 Share Posted February 13, 2010 That doesn't appear to be a particularly general problem but I guess as the days pass there will be more comment appearing on internet searches. That update certainly went through without problem on SWMBO's Vista. I guess there is no way you can boot at all and 'revert' the updates? We've never had the blue screen situation so no idea how to access the recovery console in that circumstance. Not that it was the slightest use in the one situation we needed to try it - but that was an incomplete uninstall of an incompatible printer that was causing our problem, presumably a MS update would be a different matter. Quote Link to comment Share on other sites More sharing options...
petzl Posted February 13, 2010 Share Posted February 13, 2010 (edited) Anyone here know how to fix this problem on Vista machines? I'd really rather avoid reloading the whole computer. I just did that for a machine at work yesterday and it took all day to load Windows and get all the updates! During and just before "boot up" push "F5" (exact moment) then one of the options will be to choose a restore point. Once selected Windows will then load/start to the selected restore point The issue though is likely to be a software one that will not work with the Vista/windows update Consider running CCleaner (particularly Registry it's Freeware) Edited February 14, 2010 by petzl Quote Link to comment Share on other sites More sharing options...
Farelf Posted February 17, 2010 Share Posted February 17, 2010 [mrmaxx] As supposed, more information has emerged on this problem - I've not followed it closely but it now seems instances of the Backdoor.Tidserv (Symantec)/ Backdoor:W32/TDSS (F-Secure)/ BKDR_TDSS (Trend) rootkit infection have been implicated. This (previously) infects a low-level driver, the unrelated kernel module patch in MS10-015 / KB977165 then causes the infected drivers to call invalid addresses and, in turn, that causes blue screens every time Windows boots up. The most commonly affected drivers are said to be atapi.sys, iastor.sys, idechndr.sys, ndis.sys, nvata.sys, vmscsi.sys. That information from http://www.symantec.com/connect/blogs/tidserv-and-ms10-015 with links to http://blogs.technet.com/msrc/archive/2010...g-ms10-015.aspx. So, getting back to the bootable state is just the start of the process, the infection has to be dealt with in that scenario, and then the 'guilty' patch applied all over again. This is apparently the same for all affected machines, including Vista, not just XP. Probably Vista machines aren't as much affected because the virus is fairly old (though its authors are obligingly updating it on the run according to some sources) or because Vista's paranoid by default 'Did you ask for this to be run? Do you really, really want to? querying of code execution actually stops some of the infection malarkey. I would like to think the latter - like airport security etc., hopefully the gross inconveniencing of the majority actually achieves something more than the sly gratification of the ungodly few. Are you on top of this now? Was that behind your problem? Hope you get paid for all of this. Quote Link to comment Share on other sites More sharing options...
mrmaxx Posted February 17, 2010 Author Share Posted February 17, 2010 Ok. Problem is resolved... turns out that Petzl got it right... The user had subscribed to a pay service that handles keeping antivirus, etc up-to-date and when I called that service they walked me through how to fix it so the computer would boot back up normally... had to remove a driver file that their software installed and once that happened, we were good to go... 'Preciate it! Quote Link to comment Share on other sites More sharing options...
Farelf Posted February 17, 2010 Share Posted February 17, 2010 Thanks mrmaxx - and thanks to petzl (chalk up another one, mate). Marking this "resolved". Quote Link to comment Share on other sites More sharing options...
Bishal Shrestha Posted July 5, 2019 Share Posted July 5, 2019 Thank you so much for this article and I was really unknown about using this website. I am very glad that I can post my contents as well. Okay, for more contents click on this link https://starlifemagazine.com/biography/piper-rockelle/ and watch the exciting biographies of some of the famous Hollywood celebs. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.