Vista BSOD at Boot. 0x0000008e

Solved
  1. Computer Power

    Computer Power New Member Bronze Member

    Joined:
    Oct 18, 2011
    Posts:
    16
    Likes Received:
    1
    Local time:
    19:26
    My System
    Loading...

    Greetings all,

    I've got a messy one for you, it has me stumped. Windows Vista laptop, a Compaq v6000, presented with an infection that simulated a failed hard drive. Infection has also has modified the hidden attribute on multiple folders and has seemed to screw with permissions as well.

    - Removed the hard drive from the laptop, scanned with NOD32 in our dedicated scanning machine. Found MBR trojans, and several other Kryptik family trojans

    - Reconnected HD to he laptop, booted the Starup Repair command prompt and ran FixMBR and FixBoot to eliminate the MBR virus

    - Booted to Safe Mode, and ran Spybot and MalwareBytes which identified and removed multiple additional infections.

    - Now the computer BSOD's within 10 seconds of booting to normal mode, every time. I see the desktop icons, and the taskbar, and then poof. BSOD code is 0x0000008e

    - Safe Mode boots correctly. But it appears that changes I make there aren't being written correctly. ChkDsk /r results in no chkdsk being run at reboot. Changing the MemoryDump settings results in no memory dump being created at the subsequent reboot & BSOD. Using MSConfig to try to force a selective startup doesn't do anything, I can still see non-Microsoft icons in the system try just before the BSOD

    - I've seen suggestions that this is a rootkit. I try to run Rootkit Revealer, but get an error that the service can't start in safemode. I've also seen someone claim that removing McAfee Security Center has fixed this. I've downloaded the Mcafee uninstaller, but it fails with a service is in use error.

    - Even though I can't generate new minidumps, I do have one from 2 days ago (before NOD32 / SpyBot / Malwarebytes were run). It seems to suggest an error with NTKRNLPA.EXE. I've renamed that exe from command prompt, it does not have any effect on the BSOD.

    - System Restore is of no use, the virus apparently wiped out all the restore points.

    - Memtest has been run, no errors.

    - Any ideas? The idea here is to avoid a fomat/reinstall if possible.

    Attached Files:

  2. samuria

    samuria Network Specialist Staff Member Moderator Elite Member

    Joined:
    Aug 15, 2009
    Posts:
    20,455
    Likes Received:
    1,473
    Location:
    Crewe Uk
    Local time:
    03:26
    My System
    Loading...

    I think the first move is for you to do the prework in my signature below and post the results as our scans are more intense that other run it in safe mode then our security team can help you remove anything left. If its clean at least we know its not virus/malware
    madmonkey likes this.
  3. madmonkey

    madmonkey Moderator Elite Member

    Joined:
    Oct 9, 2006
    Posts:
    20,208
    Likes Received:
    879
    Location:
    South Wales
    Local time:
    03:26
    My System
    Loading...

    Just to pinpoint your problems further CP.. it is McAfee that caused your 0x9F stop error (attached), not sure if it also applies to the 0x8E you mentioned earlier, but it was caused it's firewall component listed below. You should be able to remove this via Safe Mode as well, where the process will not be actively running.
  4. Computer Power

    Computer Power New Member Bronze Member

    Joined:
    Oct 18, 2011
    Posts:
    16
    Likes Received:
    1
    Local time:
    19:26
    My System
    Loading...

    Thank you for your responses. I am in contact with my client and he is sounding like he may just want to format/reinstall afterall. If that's not the case, I will be back to you with the results of your suggestions.
  5. madmonkey

    madmonkey Moderator Elite Member

    Joined:
    Oct 9, 2006
    Posts:
    20,208
    Likes Received:
    879
    Location:
    South Wales
    Local time:
    03:26
    My System
    Loading...

    No problems - keep us updated either way if this is OK CP?
  6. Computer Power

    Computer Power New Member Bronze Member

    Joined:
    Oct 18, 2011
    Posts:
    16
    Likes Received:
    1
    Local time:
    19:26
    My System
    Loading...

    Just as an FYI, this issue went away after the format/reinstall. So it was software afterall, as suspected.
  7. madmonkey

    madmonkey Moderator Elite Member

    Joined:
    Oct 9, 2006
    Posts:
    20,208
    Likes Received:
    879
    Location:
    South Wales
    Local time:
    03:26
    My System
    Loading...

    Fantastic, thanks for the update CP, will mark this one as solved :)
  8. madmonkey

    madmonkey Moderator Elite Member

    Joined:
    Oct 9, 2006
    Posts:
    20,208
    Likes Received:
    879
    Location:
    South Wales
    Local time:
    03:26
    My System
    Loading...

    .
    .
    .


    This thread is now marked as Solved and has been closed. [​IMG]

    If the problem re-occurs, please start a new thread. If for any reason it has any bearing on your original thread then please state this and a member of staff will supply the link to the original post.
    .
    .
Similar Threads
Forum Title Date
Win 7/Vista BSOD Windows Vista random BSODS Nov 21, 2013
Win 7/Vista BSOD BSOD Help. Vista Sep 8, 2013
Win 7/Vista BSOD Windows Vista - STOP c0000269 BSOD Aug 31, 2013
Win 7/Vista BSOD Vista BSOD - Uncorrectable Hardware Error Aug 23, 2013