Virus causing blue-screen loop

Hi there. Ironically, I've helped clean a bajillion computers of friends and coworkers, etc., while keeping my own computers clean for a few years now. I just got struck with something really nasty on my home desktop PC, however, and I have no clue how to fix it.

To start, I have XP Pro SP3. I was surfing the net and a bunch of popups came up. Naturally, I reboot and attempt safe mode, but I get a blue screen (which flashes before I can even read it) and reboot. Additionally, last known config also causes a blue screen loop.

• With my laptop, I created an Avira rescue CD and booted with it. It cleaned a few things that I've never suspected of having problems (I believe false positives). Nonetheless, after it finishes, I tried to reboot again in safe mode. No good.

• Next, booted with Windows CD > Recovery Console > chkdsk /r which claims to have repaired some issues... still can't boot.

• Finally, I attempted a repair at my MBR. Basically, loaded back into the recovery console, and:
  ATTRIB -H C:\\boot.ini
  ATTRIB -S C:\\boot.ini
  ATTRIB -R C:\\boot.ini
  del boot.ini
  BOOTCFG /Rebuild
  CHKDSK /R
  C: FIXBOOT

Again, I can't boot. Now, granted, I've never done a repair of my boot.ini as I'm the kinda person that would rather just reformat under serious conditions. However, after the above procedure, I now have two Windows XP entries to boot from, which makes me think that I didn't properly delete my boot.ini... At any rate, I'm not even sure a boot.ini rebuild is necessary... I'm just desperate to get into safe mode to clean this virus out.

Could anyone provide any pointers before I reformat? I would absolutely hate to reformat, as this is my recording studio PC and will literally take forever for me to reconfig, but you know.... gotta do what ya gotta do...

Thanks!

 

I've run into a couple different malwares that do this. Luckily every time Combofix has taken care of the safe-mode blue screen problems. I'd recommend downloading combofix, but be sure to rename the executable when you save it. Then execute it and let it run. See if that fixes you up. I'm assuming this is a function of the malware and you can still boot into a normal explorer shell of course.

 

Thanks for the reply. I was not able to boot into Windows in any format. I believe it may have been the Windows update that caused tons of people's XP boxes to go into a BSOD loop, even in safe mode. Sadly, I reformatted before I attempted to fix it (which required going into the recovery console and removing the update via DOS).

Anyways, thanks for the reply.

 

Do feel bad about the re-do. If your computer blue screened on KB977165, it meant your atapi.sys was infected with a rootkit; anyway that is the latest news. This rootkit is extremely hard to detect. So you actually cleaned the computer of some malware you were not aware that you had.