If you’ve been noticing that your Windows XP machine has stopped working as of last week, there is a very good chance I know why. I ran into this issue this week with a clients computer, and after much investigation into a cause it was a fairly simple fix. As per usual, Microsoft releases security patches every second Tuesday of the month, and there were several for February. One of them, KB977165 specifically,  is causing some installations of Windows XP to have the dreaded BSOD (Blue Screen Of Death) and renders the system unbootable, even in safe mode.  Channelweb has posted instructions on how to remove the update and fix the problem. I followed this procedure and it worked like a charm! Microsoft has since pulled the patch to investigate these issues.

1. Boot from your Windows XP CD or DVD and start the recovery console.
2. Once you are in the Repair Screen, type this command: CHDIR $NtUninstallKB977165$\spuninst.
3. Type this command: BATCH spuninst.txt.
4. When complete, type this command: exit.

Update: According to the Microsoft Security Response Center, they have updated information on this problem. They are currently claiming this BSOD is caused by a rootkit that is present on the system before the update is applied. So, once the procedure to remove the update is performed, it is imperative the computer is checked for this infection. The investigation is still on going.
Update #2: After some investigation the sample computer I have was in fact infected with the suspected rootkit Rootkit.Win32.TDSS . After recovering of the system outlined above, download this program TDSSKiller.zip from Kaspersky. Run it on the system and it should detect and  clean it right away. Then after reboot the computer can finally be properly updated. As added bonus you can try this program as well Hitmanpro 3.5,  this program found all kinds of nasties. Its free for 30 days.

Leave a Reply