Re: BSOD possible Virus Issue
- From: "Scherbina Vladimir" <vladimir.scherbina@xxxxxxxxx>
- Date: Wed, 18 Jan 2006 11:28:25 +0200
BSOD might be caused by rootkits (that modifies SDT in kernel mode) or by
applications that're using Device\PhysicalMemory to access physical memory
under administrator.
--
Vladimir
<zorba990@xxxxxxxxx> wrote in message
news:1137567297.487731.305210@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
>
> I am using Windows 2000 on serveral older machines.
> On three sperate machines, within the space of 10 weeks,
> the following has happened:
>
> (I found out the following through various occasions of this happening
> and not all at once unfortunately).
>
> The machine locks up or blue screens. When the machine is rebooted,
> it won't boot. From all appearances the boot sector is corrupted.
>
> Norton Antivirus is unable to find any boot sector or other virus.
> (Neither is the free mcaffee or microsoft malicious software tool
> scanners)
>
> In this most recent case (on Windows 2000 Server Machine with
> RAID 1) Placing the disk(s) in another system running windows xp,
> the system is able to see the disk(s) and files so it appears that the
> problem is related to the boot sector only. On the first machine much
> more of the file system was corrupted.
>
> On the first machine I spent 3 weeks fudging with it to get it back
> up. It took a total of Spinrite, A parallel windows install, copying
> the parallel install's system files (dlls and .exes over) and an XP
> upgrade to get it back up. At each stage the machine was better
> restored,
> but it took all of that plus many times following bogus leads about
> restoring the system hive, and following various online notes about
> using windows system recovery console. In the end the machine came up
> and all my stuff is there (including the desktop). Thanks the lords of
> Kobol for small miracles (nerd alert).
>
> At this point I have one dead machine I havn't messed with, one
> machine restored to a new version of XP Pro, and one machine
> (server 2000) that has two RAID disks I can see on the XP machine
> but cannot yet get to boot up. (First got the dreaded 7B message and
> now just says No Operating System Found).
>
> Since three seperate machines are involved, i am guessing this was
> caused
> by a virus. But I can never find anything with any virus scanner. I
> find
> it hard to believe that 3 machines would die with boot sector problems
> within
> such a short period of time. Especially since they are all different
> ages,
> and two of the machines were running server software and were never
> used
> to surf the net or run programs other than their dedicated functions.
>
>
> Other machines on the network are XP and have been unaffected.
>
> So before I start mucking with the 2000 server's drives, I am wondering
>
> if anyone has any suggestions as to what is going on and what I
> can do to make sure this isn't some unfound virus that will come back
> to haunt me at some future date. I've scanned both drives with Norton
> (updated definitions today) and found nothing.
>
> I'd be happy to hear an explanation that can discount the virus theory,
> because at this point I'm stuck thinking I have an unidentified virus
> or someone is somehow hacking into my network and crashing my machines.
> (IOW I am in extreme paranoid mode and would like to dial it down a
> bit).
>
> Thanks for any help or just listening to my sad tale...
>
.
- References:
- BSOD possible Virus Issue
- From: zorba990
- BSOD possible Virus Issue
- Prev by Date: Re: Removal of SpywareStrike v2.5
- Next by Date: Re: General structure of an anti virus product
- Previous by thread: BSOD possible Virus Issue
- Index(es):
Relevant Pages
|
