Jump to content

BSOD 0x0000007B loop


Recommended Posts

Hoping that a kind soul can get help me out here. I basically cannot boot up into Windows 7 partition, none of the recovery options work, cannot log in into Safe mode or do any type of system restores, and none of the bootrec commands helped with restoring MBR to a bootable condition. I know I have a TDL4 infection that might be responsible for this, as a few days earlier before getting to this point I attempted to clean it up with Combofix and MB and a few other cleaners, but it didn't take. Up to that point though, it was fairly harmless and simply gave me some slowdowns with google redirects and some crashes. One day it just crashed, and that was it.

I do have access to Ubuntu, Win 7 disk or Hiren's boot cd(mini Win XP) from which I tried to do some work, but still unable to rectify the BSOD. Also ran Kaspersky recovery cd, and it didn't find anything.

I have tried to rectify the registry as suggested by microsoft, tried changing the atapi.sys file(as I have suspected it might have been an atapi rootkit), and tried a few other things that have not worked.

I'm running out of options that I can think or find, and I do not want to reinstall Windows just yet. Is there anything else that can be done to get past this damn 0x0000007B BSOD? I'm posting some logs of my Win 7 partition a few days before the lock out, may be that will help? Is it possible to load a hive from regedit somehow to get past this?

Thanks in advance.


DDS (Ver_10-11-27.01) - NTFSx86

Run by sam davydov at 17:18:10.14 on Thu 12/02/2010

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_21

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3582.2371 [GMT -5:00]

AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {11638345-E4FC-4BEE-BB73-EC754659C5F6}

SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}

FW: Avira Firewall *disabled* {11638345-E4FC-4BEE-BB73-EC754659C5F6}

============== Running Processes ===============



C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService


C:\Program Files\Avira\AntiVir Desktop\sched.exe



C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork


C:\Program Files\DellTPad\Apoint.exe

C:\Program Files\Lexmark X1100 Series\LXBKbmgr.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe

C:\Program Files\DellTPad\ApMsgFwd.exe



C:\Program Files\DellTPad\HidFind.exe

C:\Windows\System32\svchost.exe -k Akamai

C:\Program Files\DellTPad\Apntex.exe


C:\Program Files\Avira\AntiVir Desktop\avguard.exe


C:\Windows\system32\svchost.exe -k apphost

C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe

C:\Windows\System32\svchost.exe -k ipripsvc


C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation


C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\svchost.exe -k iissvcs

C:\Program Files\Softomotive\WinAutomation\WinAutomation.ServiceAgent.exe



C:\Program Files\Avira\AntiVir Desktop\avmailc.exe

C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE

C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe


C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe



C:\Program Files\Internet Explorer\iexplore.exe




C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\sam davydov\Desktop\dds.scr



============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll

BHO: Java

Link to post
Share on other sites

  • 2 weeks later...

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.