You are here: Home > windows xp
Tag Archives | windows xp

Blank Windows Screen or ISAPNP.sys Hang = A Zero Bytes .Sys Driver

I had one hell of a mystery on my hands the other day.  A client called me and said she had a blank screen every-time she booted up her Windows XP computer.  I was pretty busy, so I told her I’d pick it up and work on it over the weekend.  I just figured it was a bad vid card or a corrupted Windows XP install.

Here are the things I tried:

  1. Full Scans using my UBCD4WIN…nothin found…
  2. I tried to load safe-mode but it hung on isapnp.sys everytime.
  3. I ran checkdisk /r
  4. I did an in-place Windows XP repair

….nothing would work.

As I was doing a visual check for standard Windows XP drivers I discovered there was a randomly named zero kb .sys file in c:\windows\system32\drivers.  I simply deleted the file and the PC booted up completely normal.

I just wanted to put this out there because it looks like it’s something new.  I’m not sure if it affects other versions of Windows or not.



Read full story · Comments { 13 }

New Rootkit Patches MOUSE.DRV

I ran across 2 rootkits this week that hid inside of Mouse.drv (in Windows\System32).  Both PC’s had CPU’s pegged to 100% from 2 processes running at 50% each.  The processes were svchost.exe and services.exe.

I tried to run GMER and Combofix in safemode, but neither would finish their scans.  Eventually I had to use my UBCD and Avira found 1 infection…mouse.drv.  I deleted mouse.drv and copied another from the Windows XP disc.

I have no idea what this rootkit did (except to piss me off), I suppose I’ll try and find another and upload it to virustotal.com

Read full story · Comments { 7 }

Remove-Malware Traffic Stats