0x000000B4 (Video driver failed to initialize) on three computers today -- new spyware issue?

I'm a computer tech of 12 years, specializing in spyware removal.  Today we've had three separate customer computers hit the bench that have all had the same symptom -- they will either not boot into XP Home at all, or if they do, they will give "memory referenced" errors and not open the programs.  If you try to boot into "Last Known", same thing.  Any of the "safe mode" boot options return a BSOD, STOP 0x000000B4 "The video driver failed to initialize".  Also interesting is that the first three memory addresses after the stop error are different, but the fourth is always 0x00050000.

Two of the computers have been Dell systems, one was a custom-built one (not from us).  One has onboard video, two had video cards (both nVidia).  All three are Intel-based.  Two have XP Home, one has XP MCE 2005.

All of them said they were getting popups before it stopped working.  Is this a new virus/spyware that's going around and hitting fast?  We're not in a big area, and for three to hit the bench with this same problem before noon is pretty unbelievable.  I'm still working with getting them up and running, but figured I'd ask if anyone else is seeing this explode all of a sudden over the past few days.

EDIT: Not many points on this because I'm not particularly looking for a solution, just opening a discussion on the topic to see if this is something we should be watching for.
Who is Participating?
Look for Trojan: TDSS.
I had almost identical symptoms on one of my customers PCs today
I moved the "infected" drive to a new build XP PC with the latest version of malwarebytes installed
I got Malwarebytes to scan the infetd drive.  It found and dealt with 7 TDSS infections. It required a reboot to be sure they were destroyed
Put the "infected drive back where it belonged in my customer's PC and I am now able to boot to the customers original windows xp installation after 4 days of head scratching!
If this helps or you need any more guidance then please let me know.
Wish they would have told you what the pop up's were. The first thing that comes to mind is MS updates. I believe they were pushed this past Tuesday. My systems at work and home received multiple updates. Perhaps this caused an issue?
Zeromus-XAuthor Commented:
I haven't gotten any of them up and running yet, so I'm not 100% sure.  If there was a major update that caused this, it would explain why I'm getting so many.  I only have three benches here and there are about ten in line, so it's quite possible that there are more exhibiting this same thing.

I've gotten one to the point where it'll boot to XP, but won't allow you to run any programs after about the first 20 seconds of being booted (just gives memory address instruction errors; can't run .exe or .com files... can run .bat but if they run any .exe or .com they crash).  I managed to sneak HijackThis into the Startup folder so that it runs within that ~20 second window, and the log file is clean -- no rogue services, files, etc to be seen.  I stuck a CMD in the startup too and if I navigate to the Windows or System32, there are thousands of files of the format xx???.exe, xx???32.exe, xx???.dll, xx???32.dll, where 'xx' is two letters and ??? are three seemingly random characters.  All of them have random file create dates and all of them have a file size of '0'.  Not hidden or anything.

ComboFix can't run using the startup folder trick because it bascially just executes lots of GREP commands and such, it seems.  If I try to put any kind of antispyware programs in the startup, they run for about five seconds and then close automatically.  That's what most makes me think this is a malware issue.  I've tried SpySweeper, MalwareBytes' Anti-Malware, Spybot, Ad-Aware, even random programs like CWShredder close.  Oddly enough, HijackThis doesn't close.  And booting to safe mode is impossible due to the STOP error.

System file check didn't fix it, doing a repair checkdisk from the XP disc did nothing, and a repair install puts the computer into a situation where it can't finish Setup due to not being able to execute anything after a certain point.

Heck of a bug.
Zeromus-XAuthor Commented:
Wasn't really a question, per se, but I've got to give it to someone, and your reply is basically what we ended up doing on two of the systems... so anyone who is searching for this problem, have at it.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.