Mike Tech Show - Podcast - #194 - 06-28-08
Podcast: [Mirror]
Show #194 Notes
- Twitter Me: http://twitter.com/miketechshow
- Member of the Techpodcast Network
- Member of the BluBrry Network
- Mike Tech Show Forums
Show Links -
Independent Music -
- Wonderfool - Venus to Vertigo
Support the Mike Tech Show - SkypeOut
posted by Mike at 4:20 PM
1 Comments:
RE: Barbara's trouble. Several times in the past month I've run across a piece of malware that after AVG has removed it - the computer BlueScreens or re-boots on startup. After much self-investigating, the malware edits a registry key that causes the BSOD when the malware file is no longer present. It sounds like Barbara is not formatting the drive before trying the re-install, because formatting would cause the registry to be re-created.
The Blue Screen error has been "STOP c0000135 {Unable To Locate Component}"
Here's the registry key that gets modified:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\SubSystems
The "Windows" value gets modified from this...
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1
ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
...to this...
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=[VIRUS DLL HERE],1
ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
Booting to a CD and modifying the registry fixes the problem I've seen several times.
Post a Comment
<< Home