This little curiosity has been rattling around in my head for a little bit, so I thought I'd ask. About oh, a month ago, I was subject to a moment of extreme stupidity on my part when I tried launching an executable that was infected with the zero access rootkit, as part of a legitimate product. My antivirus stepped in and promptly prevented delivery of the payload. Annoyed, I turned the thing off, wanting to install my software. That didn't even happen. All I managed to do was infect myself.
Anyway, it didn't end up being quite as bad as it might seem. A few scans, and whatever was inside that executable was eradicated. The last of these was a malwarebytes sweep. It found a few remnants, and required a reboot. Upon startup, windows crashed to a blue screen. After thinking about this for a few minutes I tried booting to "Last Known Good Configuration" and that worked, so I didn't trouble myself with this any longer.
However, I'm wondering why a blue screen might occur in the first place. It doesn't seem likely that a critical file would just randomly be removed by an antivirus scanner as part of a fix. This doesn't seem like a rare occurrence either (we have a subforum dedicated to these problems)
Is there a general reason why this happens so often?