Fatal System Error blue screen, windows wont' start up

Hi,

I have a Dell Inspiron 530 with Windows XP.

I was doing a google search for (don't laugh) the cost of a veggie tray at costco. Found an inncent looking link, clicked on it, and was sent to a weird page. Exited the page and right away my AVG (free version) started warning me that a threat was detected. I told AVG to remove the threat, and AVG said something about "white listed - cannot remove file, attached to system file". I panicked and shut down the computer. AVG is the only virus software I use, and I occasionally do a scan/sweep with ad-aware (free version).

Now, when I try to reboot, I get the windows screen, then the blue screen with "Stop: C000021a fatal system error blablabla the system has shut down".

I have the original CD/software for the operating system. I also have an external hard drive that backs up all my computer files via mimeo (computer tech set it up for us, thank goodness!!). The last back up was done before the bug hit. I turned the power off on the external drive for now, as I don't know if the bug will hit it as well.

What steps do I take next? I think I need to re-load windows from the disks, but that sounds scary, I'm afraid I'll ruin something. And will that remove the bug that caused all this? will I need to search for malware before I can trust my computer (or is this a virus)? Then how do I re-load all my files from the external drive to the computer (copy and paste??).

Thank you so much for your help!!

 

Greetings, amandajsmom.

Can you boot into Safe Mode? If you can, then do so and run a full AVG scan while disconnected from the internet. Reboot once the scan and any quarantine/cleaning process finishes, and see if your symptoms change.

 

Hi Caliban,

In short - no, I can't boot in safe mode.

When I power up the computer, I hit F8, selected boot in safe mode. The computer screen went black, then came up with multiple lines of text that started with: "multi(0)disk(0)rdisk(0)partition(2)\windows(then some more text that I didn't have time to write down)"

Then I got the beloved BSOD again.

Next step?

 

The fact that you have a backup and that you have the OS CD certainly gives us some margin of safety. Normally, a format/reinstall of the OS will certainly rid you of most malware.

When you reboot and press F8 upon startup, are you presented with any other options such as 'Last Good Configuration', 'Repair', etc.?

 

Yes, I had about 7 or 8 options, and "last good config" was definately one of them.

 

Try that, see if you can get the machine to any sort of running or Safe mode.

 

Selected last safe config, got the BSOD.

 

Are the "original CD/software for the operating system" OEM disks, or do you have a valid Windows disk?

The next step is really up to you: do you wish to continue to try to repair the machine, or do you wish to prepare to format and reinstall Windows?

 

I have the dell reinstallation cd Microsoft windows xp pro (service pack 2).

Well, I'd like to repair the machine if possible, but it's not looking promising. So, prepare to format and install windows it is.

Hopefully I won't lose much, right?

 

I'd try Safe Mode first, and then use System Restore.

It will set your computer back to a time before you clicked on that link.

 

Hi Mekanic, are you the night crew?

I can't get into safe mode, we tried using F8, selecting safe mode, and then I got the blue screen.

Any other ideas?

 

What you can do, is pop in the Dell disc, and follow the steps to re-install XP.

Hopefully, after selecting F8, you will see an option to "Repair a Windows installation". Performing a repair leaves the file system intact, but installs a fresh copy of Windows.

This means you will have to update Windows, and re-install your applications, but your computer will be usable again. If you don't see the "Repair" option, there is another way to do it, it just requires more steps.

How critical is the data on the PC, and do you have it backed up?

BTW, I guess you could call me the "night crew", as I'm usually on in the evening.

 

The Repair might be worth a shot, but be advised that since this started with a malware infection, the possibility exists that you might just be back to square one - a Windows repair will not necessarily clean out malware.

That being said: if you can complete the Repair process, you may reach a state where you'll be able to run some cleaning procedures listed here.

If the Repair doesn't work, then we can walk you through the format/reinstall.

 

Exactly. Getting Windows usable is a good thing, especially if she wants to recover any data.

Hopefully, it was just some crappy execution file that will get wiped out on the repair.

Hopefully...

 

So, I get to the repair mode from an F8 command? Here are the choices I'm given:
*last know good configuration (which resulted in BSOD)
*Directory services restore mode
*Debugging mode
*Disable automatic restart
*start normal
*reboot
*return to OS choices menu
*safe mode (which resulted in BSOD)
*Safe with networking
*Safe with command prompt

OR - do I need to put the Dell disk in and look for a Repair option?

Sorry, but I'm a bookkeeper and not an IT person. And yes, it's my work computer (of course) so I'm crossing fingers that the backup drive has all my files.

I'll be back in the morning, around 9am MST, to see what I need to do to start a repair.

Thanks !!

 

You must boot to the XP disk. Insert the disk, reboot, and you should be presented with the disk's menu.

* If the machine will not boot to the disk, restart your computer. When the blue Dell logo is displayed, you must watch for the F12 prompt to appear. Once this F12 prompt appears, press <F12> immediately, and change your boot order to "CD Drive" first. Save and exit, and the machine should boot to the XP disk.

Once booted to the disk, you should attempt a non-destructive rebuild of Windows. A very good walkthrough of this procedure is located here.

If, however, this is not a standard XP Installation disk, but a Dell restore disk, you might be presented with different options. If you have any questions, let us know.

 

Hi and good morning!
I was able to use F12 and boot to disk.

I now have 3 options:
enter=continue (windows xp professional setup)
R=repair
and q=quit

should I try the repair? or based on the fact that I have some bug, should I just run the setup?

 

I borrowed a laptop so that I can read the XP sheet you referred me to. It tells me to select "repair" on the 8th screen in.... did that, and keep your fingers crossed!

 

Gotta love this message: "Screen Nine
There's no fanfare, but this is one of the nicer parts of the Repair process: Setup retains what it can in the current Registry so that already-installed hardware and software will remain installed."

awesome, might not have to re-do all the drivers and software!!!

 

This is good news.

I still advise not accessing the internet until the rebuild is complete, and until your machine is free of malicious files.

If you can get the machine to boot to a normal Windows, or even Safe Mode, I'd strongly suggest you perform any possible steps in the Malware Forum's Read & Run Me First thread, and attach the requested logs to a new thread in that forum. The experts there can then help you with cleaning the machine thoroughly.

 

Wish I would have asked about that sooner....

Connected the ethernet cable, and on the reboot, it froze

So, I'm disconnecting the internet, shutting it down, and will start the WinXP rebuild again later today. For now, I have to go to work...

Still hopeful that I'll get a clean machine soon!

 

No problem. The early 'trojan' warning means that whatever malware infection you have is trying to access the internet, as evidenced by the crash.

At least now you know that you've got a viable machine to work with. Don't worry - we'll get it sorted.

 

The exact same problem happened to a co-worker and I've got her machine trying to fix. I've followed all of the instructions, but I've yet to connect to the internet.

I've done an AVG scan and a Malwarbytes scan. Both are clean. Do I dare now connect to the internet or should I re-start in safe mode and do a system restore?

Thanks.

 

Red Bear, please follow the rules of the forum, and begin your own thread.

:cool

 

Okay, back home, turned on the machine and hit F12 to begin a boot from disk again. For some reason (slow on the button?) it did not go to the boot menu. Instead, it loaded windows!! so, I'm thinking it just got hung up on the last step of the new install, and just needed a boot? My desktop and everything pulled up. Not sure of what to do next, I turned the computer off.

So, should I assume I have a working version of Windows now, and follow the steps for malware removal in the read & run me file? at what point do I connect to the internet (as I need to install ccleaner)? or do I mess with any System Restore stuff? I haven't set a restore point that I can remember.

And do I start posting in malware, or stay in this thread, if I start the read & Run malware process?

I'm not turning the computer back on till I hear from ya, Caliban.

 

Caliban?? Mekanic?? should I start on the Malware read & run steps? when is it safe to connect back to the internet?? thanks!!

 

Wow. Thanks. Nevermind.

 

Aw, Red Bear, don't be offended! Its just that if you don't start your own thread, your posts will get mixed in with mine, and the helpful people around here won't see a separate issue to address. It's just a way to keep things organized. :cool :major

Read through here

Hope you get the help you need for the coworkers machine!

 

That's cool. My issue was EXACTLY as yours and thanks to Caliban, we've received excellent help. I'm just trying to get the nerve up to connect with the internet.... Best of luck to you.

 

Follow along with Tim's advice.

Sorry, I sat down to dinner with the Fam, and I was on dishes tonight. :cry

Glad to hear you have a functioning copy of Windows, and I'm more than sure the Malware section of the forum can follow up on this case.

Thanks for stopping by, and helping with Red Bear as well.

:cool

 

yea, pretty scared to connect the cable to the machine, but... i've got a backup and a good os disk, hoping that saves me. good luck to you too my friend!

 

@ amandajsmom: I see that Dr. M. is handling your Malware Forum thread, so you're in good hands. Good luck, and if you need anything from us, give a shout.

@ Red Bear: Hope you get things sorted, and, again - if you need any additional help, we'll do what we can.

@ the mekanic: Thanks for the help! :major

 

You're quite welcome!