FANDOM



Trojan.Win32.BSOD or BSOD is a trojan that runs on Microsoft Windows that creates a fake Blue Screen of Death. Hence its name, the virus is based off the BSOD itself. It's icon is a frog.

Payload

When executed, the trojan displays a fake Blue Screen of Death screen. It is notable due to the different shade of blue, the different font (Tahoma), the word "Windows" is not highlighted white, and the word "occurred" is misspelled as "occurend". Upon restart, the trojan will install itself to the Windows Registry to run at startup, thus causing this BSoD on restart in a similar manner to Duksten and Annoyer. To remove this, the user should reboot to Safe Mode and delete its files and registry entry.

Removal

  • Boot into Safe Mode
  • Launch "regedit.exe" in the "Run" app (or the Windows Search in Windows 7 & 8.1)
  • Navigate to the following entry in the registry:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
  • Find and delete the value in "_system"
  • Delete the copy of the file in the Windows directory
  • The system will now reboot into Windows without issues, here you can delete the shortcut on the desktop.

Media

Community content is available under CC-BY-SA unless otherwise noted.