1.

Solve : Is this malware, hardware, or just windows being windows??

Answer»

I am not sure this is malware related, but it could be, so I posted here.

I have a Thinkpad X60s. It came with a 100g SATA HD. I am running XP-SP2.
I ran out of room, so I purchased a WD Scorpio Blue 500g HD.
I used Acronis to clone over my existing C and E drives to the new drive, and expanded both. C: is NTFS and E: is a Fat32, with system restore info on it.

Everything went well for about 2 months. Then one day, my new drive would blue screen upon BOOTING. However, I could boot into safe mode.


After virus scans and a bit of hacking, I made no progress. However, this may be irrelevant. Keep reading...

So I swapped back the old drive into the computer and used the new drive via usb.

Here's where it gets weird. I boot the old drive, (which has had no MS updates SINCE December 09). It boots up just fine. I PLUG the new drive in, it gets recognized in Windows explorer, and then the machine immediately blue screens. However, if I boot into safe mode, I can attach the new drive without incident. The new drive plugged into a random XP SP3 machine caused no issues. It also looks fine under OS X and Linux. So what's up? Is there some weird MBR sector thing on the new drive. Is there some malware on the old drive? (That got cloned over to the new one?) It's clearly some driver that's loaded in normal windows and that's not loaded in safe mode, but how do I FIGURE out which one?

I have scanned the old drive with Malwarebytes, SuperAntiSpyware (full scans on both) and they came out clean. I also ran Combofix, and Rootrepeal, and I think they came out clean, but I am not sure I can interpret the output.

I have spent far too much time on this and I am almost ready to reimage the new drive, but I am worried that the same thing will happen again later.

Any advice?

Thanks for listening.

John H

Some additional notes:

I have tried using msconfig to minimize things that get loaded. However, even on msconfig with diagnostic startup (minimal services loaded), I still bluescreen when I plug in the new drive. I also tried disabling all services and disabling all startup. Still bluescreen.


Help!



Discussion

No Comment Found