Jump to content

Welcome to MSFN Forum
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. This message will be removed once you have signed in.
Login to Account Create an Account



Photo

Black Screen of Death Actually Caused by Malware

- - - - -

  • Please log in to reply
3 replies to this topic

#1
stephens316

stephens316

    Junior

  • Member
  • Pip
  • 55 posts
  • Joined 30-October 03
  • OS:Windows 7 x64
  • Country: Country Flag
Black Screen of Death Actually Caused by Malware

A couple of days ago we wrote about the Black Screen of Death, a problem that caused Windows-based machines to freeze and lock out users, leaving them teary-eyed and black-screened.

The issue, however, doesn’t seem to be a common one, nor is it tied to Microsoft’s security updates, as we’d previously thought. In fact, UK security company Prevx, who pointed out the issue (and actually offered a software fix), admitted that the problem is likely caused by malware and not by Microsoft’s error.
You can enter a maximum of four (4) lines of text in your signature for a text-only signature, or one (1) line of text above or below a signature that contains an image. - MSFN Rules - Tarun


How to remove advertisement from MSFN

#2
jaclaz

jaclaz

    The Finder

  • Developer
  • 15,467 posts
  • Joined 23-July 04
  • OS:none specified
  • Country: Country Flag

The issue, however, doesn’t seem to be a common one, nor is it tied to Microsoft’s security updates, as we’d previously thought. In fact, UK security company Prevx, who pointed out the issue (and actually offered a software fix), admitted that the problem is likely caused by malware and not by Microsoft’s error.


Thanks for the news. :)

I cannot avoid to point out that whenever I see the word "likely" in the same sentence where a fix for a technical issue is described :w00t: my legs tremble a bit.

We might introduce a trinary state:
0=OFF
1=ON
A suffusion of yellow="LIKELY" (or "LIKELY NOT", it doesn't make much difference in the result)

Besides the flamewar between the companies, have we learned that by removing accidentally a null in a REG_SZ key we can create a BLACK, NOT Blue, SOD on almost any MS OS?

Maybe some more "robust" shell (or design) might have been advisable. :unsure:


I find preoccupying how one side uses Google results:
http://www.prevx.com...sta-and-XP.html

If you Google Black Screen then you will find a whopping 80Million plus results, mostly dominated by people searching for a fix to this problem. Thousands of users have resorted to reloading Windows as a last ditch effort to fix the problem, avoid that at all cost. We hope we can help a good many of you avoid the need to reload.


To substantiate a pointless claim:
http://homepages.tes...ess-metric.html

And how the other one:
http://blogs.technet...ty-updates.aspx
uses "not broad":

We’ve also checked with our worldwide Customer Service and Support organization, and they’ve told us they’re not seeing “black screen” behavior as a broad customer issue.

to diminish the phenomenon.

Both guys should go back to school and learn a bit about "scientific method", "logics" and "statistics", IMHO.

:P

jaclaz

P.S.: maybe they went to the same school the Seagate Customer and Technical Support guys went... :whistling:

Edited by jaclaz, 03 December 2009 - 02:15 PM.


#3
cluberti

cluberti

    Gustatus similis pullus

  • Supervisor
  • 11,021 posts
  • Joined 09-September 01
  • OS:Windows 8.1 x64
  • Country: Country Flag

Donator

Well, Microsoft has never released an update for XP, Vista, or Win7 for that matter that modified the shell reg key/value pair. Either it was caused by malware, 3rd party software, or perhaps the user themselves inadvertently (the last bit is probably unlikely, but you can never rule anything out). Most people complain about the registry, but having the registry means memory-mapping sections of a VERY large settings database which is very performant (more so that reading/writing files), provides a standard interface for developing and storing/retrieving said information without having to know anything else about a program or the OS, and also allows for centralized control via security ACLs, reporting/auditing, and Group Policy control. It's not perfect, but it's no better or worse than having hundreds or thousands of config files scattered about the disk (or even in one directory like OS X does). The registry is pretty robust and secure as far as settings databases go, although I do agree it could probably be protected better. The problem is with hundreds of millions of users, you might have the same percentage of idiots that'll hork their boxes, but .5% of 500 million is a lot more than, say, .5% of 10 million.
MCTS Windows Internals, MCITP Server 2008 EA, MCTS MDT/BDD, MCSE/MCSA Server 2003, Server 2012, Windows 8
--------------------
Please read the rules before posting!
Please consider donating to MSFN to keep it up and running!

#4
herbalist

herbalist

    paranoid independent

  • Member
  • PipPipPipPipPip
  • 733 posts
  • Joined 15-December 06
  • OS:98
  • Country: Country Flag
This incident doesn't say anything good about either party. If this is malware caused, PrevX failed to detect it and allowed the activity. It doesn't say much for Windows 7 either if that's all it takes to bring it down. If this is caused by malware, what else is being disabled at this time, and is anything else taking place while the screen is black? They need to do better than "likely"




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users