WickedFire - Affiliate Marketing Forum - Internet Marketing Webmaster SEO Forum

Go Back   WickedFire - Affiliate Marketing Forum - Internet Marketing Webmaster SEO Forum > Free Section > Shooting The Shit

Shooting The Shit Anything goes, seriously. Come meet and network with your peers, it's a fun way to take a break out of your busy day of posting at other boring forums.


Welcome to the WickedFire - Affiliate Marketing Forum - Internet Marketing Webmaster SEO Forum forums.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today!

If you have any problems with the registration process or your account login, please contact contact us.

Reply
 
LinkBack Thread Tools Display Modes
Old 05-14-2011, 03:13 AM   #1 (permalink)
Senior Member
 
tencentpiece's Avatar
 
Join Date: Nov 2010
Location: Melbourne, Australia
Posts: 4,434
iTrader: 278 / 99%
tencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond repute
Sogay Bluescreen of death + can't boot into safe mode or reinstall windows??

Hi guys,

So at the moment I am having an issue with my laptop and one of my desktops, fairly certain it's virus related but not 100% sure.

Anyways, when I boot it up it'll come up with the following:

Blue screen followed by something along the lines of

an error has been found blah blah blah, volsnap.sys seems to be the file causing this issue.

Then the computer automatically restarts and I get another screen that says

Windows failed to start. A recent hardware of softwarechange might be the cause.

If windows files have been damaged or configured incorrectly, startup repair can help diagnose and fix the problem. If power was interrupted during startup, choose start windows normally.

> Launch start up repair
> Start windows normally

When I launch the repair, it can't find any error and it can't find a version that was working either. I've tried to reinstall windows, but it sticks on the starting windows reload screen and then just reboots the computer. I've tried restarting in safe mode and it still sticks on the windows screen.

What are my options? Ideally I'd like to keep the data on these PC's, but I have recent back ups so it's not a mega issue.
__________________

Find out what tools I use | PM me to find out about niche specific links
tencentpiece is offline   Reply With Quote
Sponsored Links
Old 05-14-2011, 03:26 AM   #2 (permalink)
*****
 
Moxie's Avatar
 
Join Date: Mar 2009
Posts: 3,994
iTrader: 11 / 100%
Moxie has a reputation beyond reputeMoxie has a reputation beyond reputeMoxie has a reputation beyond reputeMoxie has a reputation beyond reputeMoxie has a reputation beyond reputeMoxie has a reputation beyond reputeMoxie has a reputation beyond reputeMoxie has a reputation beyond reputeMoxie has a reputation beyond reputeMoxie has a reputation beyond reputeMoxie has a reputation beyond repute
Quote:
Originally Posted by tencentpiece View Post
I've tried to reinstall windows, but it sticks on the starting windows reload screen and then just reboots the computer.
Did you go into the BIOS and tell it to load from the disc drive before the hard drive?
__________________
Moxie is offline   Reply With Quote
Old 05-14-2011, 03:28 AM   #3 (permalink)
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ ▬▬▬▬▬
 
gutterseo's Avatar
 
Join Date: Feb 2009
Posts: 1,264
iTrader: 54 / 100%
gutterseo has a reputation beyond reputegutterseo has a reputation beyond reputegutterseo has a reputation beyond reputegutterseo has a reputation beyond reputegutterseo has a reputation beyond reputegutterseo has a reputation beyond reputegutterseo has a reputation beyond reputegutterseo has a reputation beyond reputegutterseo has a reputation beyond reputegutterseo has a reputation beyond reputegutterseo has a reputation beyond repute
__________________

gutterseo is offline   Reply With Quote
Old 05-14-2011, 03:31 AM   #4 (permalink)
ゲイウェブマスター
 
goldmercury's Avatar
 
Join Date: Sep 2009
Posts: 596
iTrader: 2 / 100%
goldmercury has a reputation beyond reputegoldmercury has a reputation beyond reputegoldmercury has a reputation beyond reputegoldmercury has a reputation beyond reputegoldmercury has a reputation beyond reputegoldmercury has a reputation beyond reputegoldmercury has a reputation beyond reputegoldmercury has a reputation beyond reputegoldmercury has a reputation beyond reputegoldmercury has a reputation beyond reputegoldmercury has a reputation beyond repute
Sounds like dodgy hardware use memtest live cd to test the memory if that's okay then it's either your mobo or hard drive.

Get your hands on a copy of Microsoft Diagnostic and Recovery Toolset iso - boot into that check the system logs for disk errors. If there are none it's your motherboard at fault.

Swap out bad hardware - might want to plug your HD into another machine and pull the data for a backup before you start any of these steps.
goldmercury is offline   Reply With Quote
Old 05-14-2011, 03:36 AM   #5 (permalink)
Senior Member
 
tencentpiece's Avatar
 
Join Date: Nov 2010
Location: Melbourne, Australia
Posts: 4,434
iTrader: 278 / 99%
tencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond repute
Quote:
Originally Posted by Moxie View Post
Did you go into the BIOS and tell it to load from the disc drive before the hard drive?
Yep, I've tried this. It goes windows is loading files....

Then says starting windows, pauses for a bit and then just shows a black screen with a cursor - I can move the cursor around but there are no options to select. Not 100% sure, but after a while of this I am pretty sure it just restarts itself.

In terms of linux, that would be great but I need a lot of programs that run on windows only and don't work very well if at all with wine.
__________________

Find out what tools I use | PM me to find out about niche specific links
tencentpiece is offline   Reply With Quote
Old 05-14-2011, 04:15 AM   #6 (permalink)
Junior Member
 
Join Date: May 2011
Posts: 10
iTrader: 0 / 0%
Cyberchip has a spectacular aura about
I've seen this issue many times. However the rules of this forum have me paranoid about what to do as I have free or what may have been free applications i use. I could describe generically.

However basically you'd want to access files using favorite method, not booting up. Rename offender or suspected offender, hey why would the OS lie (cause it's the virus waiting to taunt you when you try to rename the file and it's not the one?)
Anyway renaming may generate an error but shouldn't cause a failure to load. It's likely the intruder is embedded elsewhere also but this may let you boot up in some mode or another.

Droidx-Tapatalk
Cyberchip is offline   Reply With Quote
Old 05-14-2011, 04:22 AM   #7 (permalink)
Senior Member
 
tencentpiece's Avatar
 
Join Date: Nov 2010
Location: Melbourne, Australia
Posts: 4,434
iTrader: 278 / 99%
tencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond repute
Quote:
Originally Posted by Cyberchip View Post
I've seen this issue many times. However the rules of this forum have me paranoid about what to do as I have free or what may have been free applications i use. I could describe generically.

However basically you'd want to access files using favorite method, not booting up. Rename offender or suspected offender, hey why would the OS lie (cause it's the virus waiting to taunt you when you try to rename the file and it's not the one?)
Anyway renaming may generate an error but shouldn't cause a failure to load. It's likely the intruder is embedded elsewhere also but this may let you boot up in some mode or another.

Droidx-Tapatalk
I didn't follow this at all. If somebody else can make sense of it please let me know.

Quote:
Originally Posted by goldmercury View Post
Sounds like dodgy hardware use memtest live cd to test the memory if that's okay then it's either your mobo or hard drive.

Get your hands on a copy of Microsoft Diagnostic and Recovery Toolset iso - boot into that check the system logs for disk errors. If there are none it's your motherboard at fault.

Swap out bad hardware - might want to plug your HD into another machine and pull the data for a backup before you start any of these steps.
This seems unlikely considering it's affecting both my laptop and one of my desktop computers?


Whoever can help me fix this issue can have some free xrumer links as well.
__________________

Find out what tools I use | PM me to find out about niche specific links
tencentpiece is offline   Reply With Quote
Old 05-14-2011, 04:33 AM   #8 (permalink)
Junior Member
 
Join Date: May 2011
Posts: 10
iTrader: 0 / 0%
Cyberchip has a spectacular aura about
I get responses like this from Linux users all the time. (One of my best friends for example) My usual response would be something like... yes it's easy to avoid infection when the target audience is so small the blaggards think, "why bother ". or It's not the OS that saves them, it's the 'relatively small number of users and the ensuing anonymity that protects them. " or, when I want to return to DOS days and the inception of Windows (2.0?) I'll think about taking up Linux. Still, as a MS man, there's nothing like learning a new language and learning to socialize by poking pinholes in your eyelids to restrict the light and praying nothing sees you, or you them, to protecting yourself from attack. It works for the ostrich.

Droidx-Tapatalk
Cyberchip is offline   Reply With Quote
Old 05-14-2011, 04:37 AM   #9 (permalink)
Junior Member
 
Join Date: May 2011
Posts: 10
iTrader: 0 / 0%
Cyberchip has a spectacular aura about
Hey its hard to pass volumes of info wo taking short cuts don't give up that easy.
And yes some of these bugs are smart why wouldn't the other machine be infected, it got in one didn't it. All that rules out is hardware, yep mos def a bug.

Droidx-Tapatalk
Cyberchip is offline   Reply With Quote
Old 05-14-2011, 04:41 AM   #10 (permalink)
Junior Member
 
Join Date: May 2011
Posts: 10
iTrader: 0 / 0%
Cyberchip has a spectacular aura about
You didn't even mention which windows. I'm presuming legit licensing as MS can zap and do this in a heartbeat if your COAs overused. I'm also presuming OS was working before problem???

Droidx-Tapatalk
Cyberchip is offline   Reply With Quote
Old 05-14-2011, 04:43 AM   #11 (permalink)
Banned
 
Join Date: Mar 2011
Posts: 246
iTrader: 1 / 67%
AuthorAji has a reputation beyond reputeAuthorAji has a reputation beyond reputeAuthorAji has a reputation beyond reputeAuthorAji has a reputation beyond reputeAuthorAji has a reputation beyond reputeAuthorAji has a reputation beyond reputeAuthorAji has a reputation beyond reputeAuthorAji has a reputation beyond reputeAuthorAji has a reputation beyond reputeAuthorAji has a reputation beyond reputeAuthorAji has a reputation beyond repute
Quote:
Originally Posted by Cyberchip View Post
I get responses like this from Linux users all the time. (One of my best friends for example) My usual response would be something like... yes it's easy to avoid infection when the target audience is so small the blaggards think, "why bother ". or It's not the OS that saves them, it's the 'relatively small number of users and the ensuing anonymity that protects them. " or, when I want to return to DOS days and the inception of Windows (2.0?) I'll think about taking up Linux. Still, as a MS man, there's nothing like learning a new language and learning to socialize by poking pinholes in your eyelids to restrict the light and praying nothing sees you, or you them, to protecting yourself from attack. It works for the ostrich.

Droidx-Tapatalk
Quote:
Originally Posted by Cyberchip View Post
I've seen this issue many times. However the rules of this forum have me paranoid about what to do as I have free or what may have been free applications i use. I could describe generically.

However basically you'd want to access files using favorite method, not booting up. Rename offender or suspected offender, hey why would the OS lie (cause it's the virus waiting to taunt you when you try to rename the file and it's not the one?)
Anyway renaming may generate an error but shouldn't cause a failure to load. It's likely the intruder is embedded elsewhere also but this may let you boot up in some mode or another.

Droidx-Tapatalk
What the fuck are you talking about?
AuthorAji is offline   Reply With Quote
Old 05-14-2011, 04:50 AM   #12 (permalink)
Junior Member
 
Join Date: May 2011
Posts: 10
iTrader: 0 / 0%
Cyberchip has a spectacular aura about
Ex: with XP use UBCD or other bootable to gain access to the file system. Rename your something.sys file to like old'something'sys.jnk then try to reboot. I can tell be the name of the file what the blackhat was up to.. need to see your post again (dang handheld) might have to get up off my butt and walk over to the 'puter on this one. If there's no response from you yet, I'll wait until tomorrow to see if anyone wants to come to your aid. Simply put... want help? Don't be rude, and give pertinent information. My clairvoyance is frizzy tonight.

Droidx-Tapatalk
Cyberchip is offline   Reply With Quote
Old 05-14-2011, 04:50 AM   #13 (permalink)
Junior Member
 
Phuoc N's Avatar
 
Join Date: May 2011
Location: Australia
Posts: 12
iTrader: 0 / 0%
Phuoc N has a spectacular aura about
Reformat it!

i think you just gotta reformat it and that should solve the problem. make sure you have a legit windows reinstall cd
Phuoc N is offline   Reply With Quote
Old 05-14-2011, 04:54 AM   #14 (permalink)
Junior Member
 
Join Date: May 2011
Posts: 10
iTrader: 0 / 0%
Cyberchip has a spectacular aura about
Quote:
Originally Posted by AuthorAji View Post
What the fuck are you talking about?
Don't jerk people around by posting my whole response for a lame response like that. It's clear you know little about both OSs. One... maybe. Both... obviously not.
To your question... could you be more specific about that to which you refer? Clear enough.

Droidx-Tapatalk
Cyberchip is offline   Reply With Quote
Old 05-14-2011, 04:56 AM   #15 (permalink)
Junior Member
 
Join Date: May 2011
Posts: 10
iTrader: 0 / 0%
Cyberchip has a spectacular aura about
Sure you can do that but I thought you would try the easy way first!
What if your doctor said that to you?

Droidx-Tapatalk
Cyberchip is offline   Reply With Quote
Old 05-14-2011, 04:56 AM   #16 (permalink)
Senior Member
 
Chianti's Avatar
 
Join Date: Apr 2010
Posts: 624
iTrader: 0 / 0%
Chianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond repute
If the two computers were networked, it's probably a rootkit, and probably TDSS.
In which case you're probably fucked.
Chianti is offline   Reply With Quote
Old 05-14-2011, 05:17 AM   #17 (permalink)
Junior Member
 
Join Date: May 2011
Posts: 10
iTrader: 0 / 0%
Cyberchip has a spectacular aura about
Quote:
Originally Posted by Cyberchip View Post
Ex: with XP use UBCD or other bootable to gain access to the file system. Rename your something.sys file to like old'something'sys.jnk then try to reboot. I can tell be the name of the file what the blackhat was up to..

Droidx-Tapatalk
Ok.. the name of his file is a joke (to himself) volsnap.sys is he turns off ex: makes take a 'nap' the 'vols' a term used to describe the drive when it's mounted. So, he unmounts 'nap' the drive 'vols' and it's embedded as a sys(tem) file at boot. Renaming will cause sys to ignore (can't find) the file and should/may give you back enough controll. Another option would be to rename (I like to look at the code layer) volsnap and make new zero length file named volsnap.sys and change privilege to owner, or restrict read or Somesuch.
Plus the name is double entendre could be "vol" 'snap' but as in snap, jokes on you. I know this a-hole, seen his work. Usually OS part is so slow to load if you get to desktop you can roll system back to early date. If I do reinstall, i rename window's dir as backup. Do install just to get clean basic registry, export registry, rename new windows dir and name old windows dir back and import saved clean install registry to clean the EXTensions. Clean, run regs while at it and.. done in an hour or less everything intact and bad guy permanently locked out.

Droidx-Tapatalk
Cyberchip is offline   Reply With Quote
Old 05-14-2011, 05:31 AM   #18 (permalink)
Junior Member
 
Join Date: May 2011
Posts: 10
iTrader: 0 / 0%
Cyberchip has a spectacular aura about
As I said, no one hears, I've seen this.. and it's not a root. Effective, yes. Persistent... yes. Sophisticated.. yes, but the level of sophistication is so high it takes too long to boot. Still, break the molesters boot strap and he can't make the next walk. He hobbled and is slow to start moving. Spends time waiting for something that never happens. Time out, smack down and too late to root tootie. Best to catch him before the reboot. That's why I teach my clients "hands off" when in doubt call first. And yes he has a network component but if network is designed right.. he only gets to knock and ring bells. "intruder alert ". I know this a-hole and he's a smart ass braggart. Likes to say your whole system is infected. Hah, he wishes he were that good! I'm done.

Droidx-Tapatalk
Cyberchip is offline   Reply With Quote
Old 05-14-2011, 05:40 AM   #19 (permalink)
Senior Member
 
Chianti's Avatar
 
Join Date: Apr 2010
Posts: 624
iTrader: 0 / 0%
Chianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond repute
> As I said, no one hears, I've seen this.. and it's not a root[kit]

Let me Google that for you

He might have some luck overwriting the MBR, but the chances are that this thing will just come straight back. Worse, the second time it might not cause the bluescreen, so his computers become part of a botnet, and perhaps his passwords and credit card info is stolen because he thinks the machines are clean. I'd rather format than fuck around for hours trying to fix it, and then never truly know if I got it or not.

Out of interest, what were the last couple of torrents/usenet downloads you ran?
Chianti is offline   Reply With Quote
Old 05-14-2011, 05:48 AM   #20 (permalink)
Hot Metal and Methedrine
 
amateursurgeon's Avatar
 
Join Date: Apr 2007
Location: The Uncanny Valley
Posts: 3,864
iTrader: 3 / 100%
amateursurgeon has a reputation beyond reputeamateursurgeon has a reputation beyond reputeamateursurgeon has a reputation beyond reputeamateursurgeon has a reputation beyond reputeamateursurgeon has a reputation beyond reputeamateursurgeon has a reputation beyond reputeamateursurgeon has a reputation beyond reputeamateursurgeon has a reputation beyond reputeamateursurgeon has a reputation beyond reputeamateursurgeon has a reputation beyond reputeamateursurgeon has a reputation beyond repute
Quote:
Originally Posted by Cyberchip View Post
As I said, no one hears, I've seen this.. and it's not a root. Effective, yes. Persistent... yes. Sophisticated.. yes, but the level of sophistication is so high it takes too long to boot. Still, break the molesters boot strap and he can't make the next walk. He hobbled and is slow to start moving. Spends time waiting for something that never happens. Time out, smack down and too late to root tootie. Best to catch him before the reboot. That's why I teach my clients "hands off" when in doubt call first. And yes he has a network component but if network is designed right.. he only gets to knock and ring bells. "intruder alert ". I know this a-hole and he's a smart ass braggart. Likes to say your whole system is infected. Hah, he wishes he were that good! I'm done.

Droidx-Tapatalk
Watching your responses in this thread is like the time I was having a weekend-long ecstasy binge with some friends. One of them took more than he could handle. He spent most of the day attempting to join in with our conversation, but failing to understand the meanings of words and just dribbling complete nonsense. We'd be talking about the weather, he'd chime with how much he hated soft cheese. He also kept bumping into furniture and apologising to it.

It was quite amusing, but also unsettling.
amateursurgeon is offline   Reply With Quote
Old 05-14-2011, 07:38 AM   #21 (permalink)
Banned
 
Join Date: Mar 2011
Posts: 246
iTrader: 1 / 67%
AuthorAji has a reputation beyond reputeAuthorAji has a reputation beyond reputeAuthorAji has a reputation beyond reputeAuthorAji has a reputation beyond reputeAuthorAji has a reputation beyond reputeAuthorAji has a reputation beyond reputeAuthorAji has a reputation beyond reputeAuthorAji has a reputation beyond reputeAuthorAji has a reputation beyond reputeAuthorAji has a reputation beyond reputeAuthorAji has a reputation beyond repute
Alright, I think I found something that might be a bit relevant.

Blue screen from volsnap.sys during boot-up

It discusses the errors caused (similar to what you mentioned) and their solution using the Virtual Environments like BartPE or even a live Knoppix CD.

All you need to do is copy a fresh volsnap.sys to a USD drive - then boot from a Knoppix live CD or something similar and reokace your existing file with the new one.

This should have you good to go!
AuthorAji is offline   Reply With Quote
Old 05-14-2011, 08:30 AM   #22 (permalink)
Senior Member
 
Chianti's Avatar
 
Join Date: Apr 2010
Posts: 624
iTrader: 0 / 0%
Chianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond repute
> This should have you good to go!

It is likely not a system bug, because it happened on two different computers. Assuming they were part of a home network, then it is more likely to be a trojan rootkit travelling from one to the other. Either that or he may have installed the same torrented app on both machines recently.
Chianti is offline   Reply With Quote
Old 05-14-2011, 09:09 AM   #23 (permalink)
Elite Blackhatter
 
igl00's Avatar
 
Join Date: Jul 2009
Posts: 2,337
iTrader: 75 / 100%
igl00 has a reputation beyond reputeigl00 has a reputation beyond reputeigl00 has a reputation beyond reputeigl00 has a reputation beyond reputeigl00 has a reputation beyond reputeigl00 has a reputation beyond reputeigl00 has a reputation beyond reputeigl00 has a reputation beyond reputeigl00 has a reputation beyond reputeigl00 has a reputation beyond reputeigl00 has a reputation beyond repute
try to take out the graphi card or ram
__________________
#1 IM REVIEW BLOG - ENTER BLACKHATPWNAGE.com[the biggest software discounts online]
igl00 is offline   Reply With Quote
Old 05-14-2011, 09:27 AM   #24 (permalink)
Advertise Here
 
Fatbat's Avatar
 
Join Date: May 2008
Location: Costa del Sol, Spain
Posts: 6,224
iTrader: 3 / 100%
Fatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond repute
Quote:
Originally Posted by Cyberchip View Post
You didn't even mention which windows. I'm presuming legit licensing as MS can zap and do this in a heartbeat if your COAs overused. I'm also presuming OS was working before problem???

Droidx-Tapatalk
LOL wut? You're high.
Fatbat is offline   Reply With Quote
Old 05-14-2011, 10:25 AM   #25 (permalink)
Advertise Here
 
Fatbat's Avatar
 
Join Date: May 2008
Location: Costa del Sol, Spain
Posts: 6,224
iTrader: 3 / 100%
Fatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond repute
Quote:
Originally Posted by igl00 View Post
try to take out the graphi card or ram
Yeah, that sounds like a great solution

Hate to say this OP, cause it sucks to hear it, but I have to agree with Chianti... if you've been rooted then you're wasting your time doing anything but a complete reformat.

Also, if you have websites on a server somewhere and use an FTP program like Filezilla, you better check to make sure your server(s) hasn't been compromised. I had my box rooted about a year ago, and I know another WF user that had his hit about a month ago, and both of us had sites on our servers infected with the same script that infected us because we used regular FTP instead of SFTP and the login info was stolen out of Filezilla.
Fatbat is offline   Reply With Quote
Old 05-14-2011, 11:11 AM   #26 (permalink)
HC SVNT DRACONES
 
-God-'s Avatar
 
Join Date: Jun 2009
Posts: 1,503
iTrader: 4 / 100%
-God- has a reputation beyond repute-God- has a reputation beyond repute-God- has a reputation beyond repute-God- has a reputation beyond repute-God- has a reputation beyond repute-God- has a reputation beyond repute-God- has a reputation beyond repute-God- has a reputation beyond repute-God- has a reputation beyond repute-God- has a reputation beyond repute-God- has a reputation beyond repute
Quote:
Originally Posted by Cyberchip View Post
Ok.. the name of his file is a joke (to himself) volsnap.sys is he turns off ex: makes take a 'nap' the 'vols' a term used to describe the drive when it's mounted. So, he unmounts 'nap' the drive 'vols' and it's embedded as a sys(tem) file at boot. Renaming will cause sys to ignore (can't find) the file and should/may give you back enough controll. Another option would be to rename (I like to look at the code layer) volsnap and make new zero length file named volsnap.sys and change privilege to owner, or restrict read or Somesuch.
Plus the name is double entendre could be "vol" 'snap' but as in snap, jokes on you. I know this a-hole, seen his work. Usually OS part is so slow to load if you get to desktop you can roll system back to early date. If I do reinstall, i rename window's dir as backup. Do install just to get clean basic registry, export registry, rename new windows dir and name old windows dir back and import saved clean install registry to clean the EXTensions. Clean, run regs while at it and.. done in an hour or less everything intact and bad guy permanently locked out.

Droidx-Tapatalk
I'll have some of whatever you're having. Although a little less of it please, because you're clearly off your face. Or trolling.
-God- is offline   Reply With Quote
Old 05-14-2011, 01:13 PM   #27 (permalink)
#1 Soccer Hater
 
Rage9's Avatar
 
Join Date: Jan 2008
Posts: 6,021
iTrader: 18 / 100%
Rage9 has a reputation beyond reputeRage9 has a reputation beyond reputeRage9 has a reputation beyond reputeRage9 has a reputation beyond reputeRage9 has a reputation beyond reputeRage9 has a reputation beyond reputeRage9 has a reputation beyond reputeRage9 has a reputation beyond reputeRage9 has a reputation beyond reputeRage9 has a reputation beyond reputeRage9 has a reputation beyond repute
Save yourself time and a headache.

Download a destop version of a Linux Distro (Ubuntu, Fedora, etc..). Boot up in to the installer, drop to the desktop. Mount the old file system and connect an external hard drive to the computer. Copy off anything you need. Reformat and reinstall.
__________________
Rage9 is offline   Reply With Quote
Old 05-14-2011, 01:24 PM   #28 (permalink)
Senior Member
 
jacky8's Avatar
 
Join Date: Mar 2008
Posts: 2,535
iTrader: 146 / 100%
jacky8 has a reputation beyond reputejacky8 has a reputation beyond reputejacky8 has a reputation beyond reputejacky8 has a reputation beyond reputejacky8 has a reputation beyond reputejacky8 has a reputation beyond reputejacky8 has a reputation beyond reputejacky8 has a reputation beyond reputejacky8 has a reputation beyond reputejacky8 has a reputation beyond reputejacky8 has a reputation beyond repute
Quote:
Originally Posted by Cyberchip View Post
I get responses like this from Linux users all the time. (One of my best friends for example) My usual response would be something like... yes it's easy to avoid infection when the target audience is so small the blaggards think, "why bother ". or It's not the OS that saves them, it's the 'relatively small number of users and the ensuing anonymity that protects them. " or, when I want to return to DOS days and the inception of Windows (2.0?) I'll think about taking up Linux. Still, as a MS man, there's nothing like learning a new language and learning to socialize by poking pinholes in your eyelids to restrict the light and praying nothing sees you, or you them, to protecting yourself from attack. It works for the ostrich.

Droidx-Tapatalk
Quote:
Originally Posted by Cyberchip View Post
Ok.. the name of his file is a joke (to himself) volsnap.sys is he turns off ex: makes take a 'nap' the 'vols' a term used to describe the drive when it's mounted. So, he unmounts 'nap' the drive 'vols' and it's embedded as a sys(tem) file at boot. Renaming will cause sys to ignore (can't find) the file and should/may give you back enough controll. Another option would be to rename (I like to look at the code layer) volsnap and make new zero length file named volsnap.sys and change privilege to owner, or restrict read or Somesuch.
Plus the name is double entendre could be "vol" 'snap' but as in snap, jokes on you. I know this a-hole, seen his work. Usually OS part is so slow to load if you get to desktop you can roll system back to early date. If I do reinstall, i rename window's dir as backup. Do install just to get clean basic registry, export registry, rename new windows dir and name old windows dir back and import saved clean install registry to clean the EXTensions. Clean, run regs while at it and.. done in an hour or less everything intact and bad guy permanently locked out.

Droidx-Tapatalk
lmao this reminds me how we used to write in theory exam papers while in engineering college but damn you are really an expert at it. Its too hard to figure out the nonsense by just skimming, one will need to read it all to make sure it is nonsense.
__________________
Quote:
Originally Posted by thehobbster View Post
I'd love to hold everyone's hand, but alas, my hand won't let go of my dick.
jacky8 is offline   Reply With Quote
Old 05-14-2011, 01:28 PM   #29 (permalink)
Self-Mastery
 
Staccs's Avatar
 
Join Date: May 2010
Location: Toronto
Posts: 886
iTrader: 29 / 100%
Staccs has a reputation beyond reputeStaccs has a reputation beyond reputeStaccs has a reputation beyond reputeStaccs has a reputation beyond reputeStaccs has a reputation beyond reputeStaccs has a reputation beyond reputeStaccs has a reputation beyond reputeStaccs has a reputation beyond reputeStaccs has a reputation beyond reputeStaccs has a reputation beyond reputeStaccs has a reputation beyond repute
Quote:
Originally Posted by Rage9 View Post
Save yourself time and a headache.

Download a destop version of a Linux Distro (Ubuntu, Fedora, etc..). Boot up in to the installer, drop to the desktop. Mount the old file system and connect an external hard drive to the computer. Copy off anything you need. Reformat and reinstall.
Can't believe it took 20+ replies for this. tencentpiece, do this ^.
Staccs is offline   Reply With Quote
Old 05-14-2011, 01:39 PM   #30 (permalink)
Wicked Fire Elite Member
 
IMHopeful's Avatar
 
Join Date: Mar 2010
Location: Canada
Posts: 1,058
iTrader: 5 / 100%
IMHopeful has a reputation beyond reputeIMHopeful has a reputation beyond reputeIMHopeful has a reputation beyond reputeIMHopeful has a reputation beyond reputeIMHopeful has a reputation beyond reputeIMHopeful has a reputation beyond reputeIMHopeful has a reputation beyond reputeIMHopeful has a reputation beyond reputeIMHopeful has a reputation beyond reputeIMHopeful has a reputation beyond reputeIMHopeful has a reputation beyond repute
Quote:
Originally Posted by Rage9 View Post
Save yourself time and a headache.

Download a destop version of a Linux Distro (Ubuntu, Fedora, etc..). Boot up in to the installer, drop to the desktop. Mount the old file system and connect an external hard drive to the computer. Copy off anything you need. Reformat and reinstall.
Agreed. When you eventually do your reformat (because you will have to) put the Distro on (dual boot, or whatever) so you can play around with it when you're bored. You might actually like it more than windows, at least for your non-business activities.
IMHopeful is offline   Reply With Quote
Old 05-14-2011, 01:55 PM   #31 (permalink)
Senior Member
 
Join Date: Jul 2008
Location: 127.0.0.1
Posts: 224
iTrader: 10 / 100%
mikecarquote has a reputation beyond reputemikecarquote has a reputation beyond reputemikecarquote has a reputation beyond reputemikecarquote has a reputation beyond reputemikecarquote has a reputation beyond reputemikecarquote has a reputation beyond reputemikecarquote has a reputation beyond reputemikecarquote has a reputation beyond reputemikecarquote has a reputation beyond reputemikecarquote has a reputation beyond reputemikecarquote has a reputation beyond repute
You're not running Vista are you? Before moving to Win 7 I had Vista and it would break a lot, usually after some kind of update was pushed out.
mikecarquote is offline   Reply With Quote
Old 05-14-2011, 02:31 PM   #32 (permalink)
Senior Member
 
tencentpiece's Avatar
 
Join Date: Nov 2010
Location: Melbourne, Australia
Posts: 4,434
iTrader: 278 / 99%
tencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond repute
Quote:
Originally Posted by Fatbat View Post
Yeah, that sounds like a great solution

Hate to say this OP, cause it sucks to hear it, but I have to agree with Chianti... if you've been rooted then you're wasting your time doing anything but a complete reformat.

Also, if you have websites on a server somewhere and use an FTP program like Filezilla, you better check to make sure your server(s) hasn't been compromised. I had my box rooted about a year ago, and I know another WF user that had his hit about a month ago, and both of us had sites on our servers infected with the same script that infected us because we used regular FTP instead of SFTP and the login info was stolen out of Filezilla.
I know this sounds like a retarded question, but what's the best way to do a complete reformat? As I said, I really don't care about the files on either of those PC's because they are mostly for farming/scarping anyway. I just want them to be usable - I've tried reinstalling windows without luck. When you say "completely reformat" how can I go about that (assuming I am semi retarded).

I've already changed all of my passwords that were accessed on either of those PCs as well.

Quote:
Originally Posted by mikecarquote View Post
You're not running Vista are you? Before moving to Win 7 I had Vista and it would break a lot, usually after some kind of update was pushed out.

Nope, was always using win 7 on both of these computers.
__________________

Find out what tools I use | PM me to find out about niche specific links
tencentpiece is offline   Reply With Quote
Old 05-14-2011, 02:35 PM   #33 (permalink)
King Of Backlinks
 
masterjani's Avatar
 
Join Date: Oct 2010
Location: Internet
Posts: 1,202
iTrader: 92 / 99%
masterjani has a reputation beyond reputemasterjani has a reputation beyond reputemasterjani has a reputation beyond reputemasterjani has a reputation beyond reputemasterjani has a reputation beyond reputemasterjani has a reputation beyond reputemasterjani has a reputation beyond reputemasterjani has a reputation beyond reputemasterjani has a reputation beyond reputemasterjani has a reputation beyond reputemasterjani has a reputation beyond repute
There are Two softwares there.

1.Copywipe.

2.UBCD

In that download any of that.And make it a bootable CD.
Load it and choose the option Wipe complete drive or reformat with 0000
Done.
You can install fresh xp.If you have any more doubt ask me.
masterjani is offline   Reply With Quote
Old 05-14-2011, 02:44 PM   #34 (permalink)
Wicked Fire Elite Member
 
IMHopeful's Avatar
 
Join Date: Mar 2010
Location: Canada
Posts: 1,058
iTrader: 5 / 100%
IMHopeful has a reputation beyond reputeIMHopeful has a reputation beyond reputeIMHopeful has a reputation beyond reputeIMHopeful has a reputation beyond reputeIMHopeful has a reputation beyond reputeIMHopeful has a reputation beyond reputeIMHopeful has a reputation beyond reputeIMHopeful has a reputation beyond reputeIMHopeful has a reputation beyond reputeIMHopeful has a reputation beyond reputeIMHopeful has a reputation beyond repute
Use dban

It's open source and does the trick. You'll have to burn the program on to a disk, then set your bios to load from the cd/dvd drive. When the program loads you can choose what wiping method you want (dod, gutman, etc.) and how many passes you want it to make of the harddrive.

It doesn't really matter though: You can set it to make a single pass with whichever method you want and you'll be ready for a reinstall. If you didn't have a bug on there, it would be much easier, but I'd wipe it before reinstalling.
IMHopeful is offline   Reply With Quote
Old 05-14-2011, 03:18 PM   #35 (permalink)
yeah, makes perfect sense
 
Uptime's Avatar
 
Join Date: Dec 2009
Location: Keys and Carolinas
Posts: 1,042
iTrader: 4 / 100%
Uptime has a reputation beyond reputeUptime has a reputation beyond reputeUptime has a reputation beyond reputeUptime has a reputation beyond reputeUptime has a reputation beyond reputeUptime has a reputation beyond reputeUptime has a reputation beyond reputeUptime has a reputation beyond reputeUptime has a reputation beyond reputeUptime has a reputation beyond reputeUptime has a reputation beyond repute
Quote:
Originally Posted by Fatbat View Post
. . . Also, if you have websites on a server somewhere and use an FTP program like Filezilla, you better check to make sure your server(s) hasn't been compromised. I had my box rooted about a year ago, and I know another WF user that had his hit about a month ago, and both of us had sites on our servers infected with the same script that infected us because we used regular FTP instead of SFTP and the login info was stolen out of Filezilla.
(OP pardon the side step)

Fatbat sounds like I'm flying without a net here. What ftp program did you switch too?
__________________
Uptime is offline   Reply With Quote
Old 05-14-2011, 04:48 PM   #36 (permalink)
Senior Member
 
Deliguy's Avatar
 
Join Date: Sep 2006
Location: Oregon
Posts: 5,180
iTrader: 11 / 100%
Deliguy has a reputation beyond reputeDeliguy has a reputation beyond reputeDeliguy has a reputation beyond reputeDeliguy has a reputation beyond reputeDeliguy has a reputation beyond reputeDeliguy has a reputation beyond reputeDeliguy has a reputation beyond reputeDeliguy has a reputation beyond reputeDeliguy has a reputation beyond reputeDeliguy has a reputation beyond reputeDeliguy has a reputation beyond repute
wow so many complicated pain in the ass solutions for such a simple problem. No offense but you guys are never allowed near my computer when there's data to be lost

Boot from the windows cd. Go to the repair console (not a windows repair, its the second option (R) when you go start a fresh install. It'll bring you to a command prompt)
chkdsk /r <-this will scan your system files for curruption and replace them with the originals on the cd.
fixmbr <-this will fix the problem by restoring your masterbootrecord.
exit <-this will restart your computer.
__________________

Quote:
Originally Posted by Jon View Post
My goal in life is to be like Eli. He knows it too.
Deliguy is offline   Reply With Quote
Old 05-14-2011, 04:59 PM   #37 (permalink)
Senior Member
 
Chianti's Avatar
 
Join Date: Apr 2010
Posts: 624
iTrader: 0 / 0%
Chianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond reputeChianti has a reputation beyond repute
> What ftp program did you switch to?

Can't speak for fatbat, but I can tell you that when I found out that Filezilla kept my passwords in plaintext, I looked at other ftp programs and couldn't find one I liked better. So I still use filezilla, but keep all the passwords in KeePass instead.

I would use sftp, except that both my VPS servers have a really weird, undocumented bug whereby if sftp is enabled/allowed, the ftp program can break out of the cpanel and browse directories above where you're supposed to be able to. I won't use sftp until I've nailed the reason for that.
Chianti is offline   Reply With Quote
Old 05-14-2011, 08:00 PM   #38 (permalink)
Wicked Fire Elite Member
 
IMHopeful's Avatar
 
Join Date: Mar 2010
Location: Canada
Posts: 1,058
iTrader: 5 / 100%
IMHopeful has a reputation beyond reputeIMHopeful has a reputation beyond reputeIMHopeful has a reputation beyond reputeIMHopeful has a reputation beyond reputeIMHopeful has a reputation beyond reputeIMHopeful has a reputation beyond reputeIMHopeful has a reputation beyond reputeIMHopeful has a reputation beyond reputeIMHopeful has a reputation beyond reputeIMHopeful has a reputation beyond reputeIMHopeful has a reputation beyond repute
Quote:
Originally Posted by Deliguy View Post
wow so many complicated pain in the ass solutions for such a simple problem. No offense but you guys are never allowed near my computer when there's data to be lost

Boot from the windows cd. Go to the repair console (not a windows repair, its the second option (R) when you go start a fresh install. It'll bring you to a command prompt)
chkdsk /r <-this will scan your system files for curruption and replace them with the originals on the cd.
fixmbr <-this will fix the problem by restoring your masterbootrecord.
exit <-this will restart your computer.
Most newer laptops also have a factory partition that allows these options as well. It's usually a matter of holding a specific button while powering it on.

You're saying this will completely correct any virus issues, or that it will allow him to just fix the boot error? The way you're wording it he can boot the pc up after and be worry free. I know this is what most repair shops would do, but is it the safest? On my laptop there is a specific warning about not using this feature to fix virus-related problems.
IMHopeful is offline   Reply With Quote
Old 05-14-2011, 08:35 PM   #39 (permalink)
*****
 
Moxie's Avatar
 
Join Date: Mar 2009
Posts: 3,994
iTrader: 11 / 100%
Moxie has a reputation beyond reputeMoxie has a reputation beyond reputeMoxie has a reputation beyond reputeMoxie has a reputation beyond reputeMoxie has a reputation beyond reputeMoxie has a reputation beyond reputeMoxie has a reputation beyond reputeMoxie has a reputation beyond reputeMoxie has a reputation beyond reputeMoxie has a reputation beyond reputeMoxie has a reputation beyond repute
Quote:
Originally Posted by Cyberchip View Post
I get responses like this from Linux users all the time. (One of my best friends for example) My usual response would be something like... yes it's easy to avoid infection when the target audience is so small the blaggards think, "why bother ".
The way linux is structured with the root permissions and such, even if virus makers made it their #1 target, it would still be very hard for them to get many infections.
__________________
Moxie is offline   Reply With Quote
Old 05-14-2011, 08:38 PM   #40 (permalink)
Senior Member
 
Deliguy's Avatar
 
Join Date: Sep 2006
Location: Oregon
Posts: 5,180
iTrader: 11 / 100%
Deliguy has a reputation beyond reputeDeliguy has a reputation beyond reputeDeliguy has a reputation beyond reputeDeliguy has a reputation beyond reputeDeliguy has a reputation beyond reputeDeliguy has a reputation beyond reputeDeliguy has a reputation beyond reputeDeliguy has a reputation beyond reputeDeliguy has a reputation beyond reputeDeliguy has a reputation beyond reputeDeliguy has a reputation beyond repute
Quote:
Originally Posted by IMHopeful View Post
Most newer laptops also have a factory partition that allows these options as well. It's usually a matter of holding a specific button while powering it on.

You're saying this will completely correct any virus issues, or that it will allow him to just fix the boot error? The way you're wording it he can boot the pc up after and be worry free. I know this is what most repair shops would do, but is it the safest? On my laptop there is a specific warning about not using this feature to fix virus-related problems.
It'll revert any system files and the master boot records that got corrupted by the virus with clean ones from the install cd, so you can get into windows and start do a virus scan to get rid of the virus itself. It's a safer way to go because viruses often infect the recovery partition as well. It's a good idea to never trust the recovery files when you have a virus. Think about it, if it got to your protected volsnap it probably got to your recovery partition
__________________

Quote:
Originally Posted by Jon View Post
My goal in life is to be like Eli. He knows it too.
Deliguy is offline   Reply With Quote
Old 05-14-2011, 09:00 PM   #41 (permalink)
Advertise Here
 
Fatbat's Avatar
 
Join Date: May 2008
Location: Costa del Sol, Spain
Posts: 6,224
iTrader: 3 / 100%
Fatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond repute
Quote:
Originally Posted by Staccs View Post
Can't believe it took 20+ replies for this. tencentpiece, do this ^.
It was said about 4 times in the first 20 posts.

Quote:
Originally Posted by Uptime View Post
(OP pardon the side step)

Fatbat sounds like I'm flying without a net here. What ftp program did you switch too?
It was a wakeup call for sure. I was using an Excel spreadsheet for my passwords previously. Luckily that wasn't compromised or things would have been much worse. I've since changed my ways.

Like Chianti, I still use Filezilla using SFTP and store my passwords in KeePass.

Quote:
Originally Posted by tencentpiece View Post
I know this sounds like a retarded question, but what's the best way to do a complete reformat? As I said, I really don't care about the files on either of those PC's because they are mostly for farming/scarping anyway. I just want them to be usable - I've tried reinstalling windows without luck. When you say "completely reformat" how can I go about that (assuming I am semi retarded).

I've already changed all of my passwords that were accessed on either of those PCs as well.

Nope, was always using win 7 on both of these computers.
When you boot up the Windows CD you should have the option to either boot into the Windows desktop or to install Windows from a non desktop environment giving you the options to delete, format and partition your drive. That's all I've ever had to do, but for more in depth advice others have already covered it better than I could.

Good luck. I feel your pain.
Fatbat is offline   Reply With Quote
Old 05-14-2011, 10:19 PM   #42 (permalink)
Senior Member
 
Join Date: Mar 2007
Location: End of the rainbow
Posts: 1,467
iTrader: 1 / 100%
dsiomtw has a reputation beyond reputedsiomtw has a reputation beyond reputedsiomtw has a reputation beyond reputedsiomtw has a reputation beyond reputedsiomtw has a reputation beyond reputedsiomtw has a reputation beyond reputedsiomtw has a reputation beyond reputedsiomtw has a reputation beyond reputedsiomtw has a reputation beyond reputedsiomtw has a reputation beyond reputedsiomtw has a reputation beyond repute
You guys might want to check out WS_FTP from Ipswitch. I've been using it for like 10 years. It rocks. It supports SFTP and it doesn't save your passwords in plaintext.
dsiomtw is online now   Reply With Quote
Old 05-15-2011, 01:34 AM   #43 (permalink)
WF Premium Member
 
dooogen's Avatar
 
Join Date: Sep 2009
Location: Florida
Posts: 768
iTrader: 13 / 100%
dooogen has a reputation beyond reputedooogen has a reputation beyond reputedooogen has a reputation beyond reputedooogen has a reputation beyond reputedooogen has a reputation beyond reputedooogen has a reputation beyond reputedooogen has a reputation beyond reputedooogen has a reputation beyond reputedooogen has a reputation beyond reputedooogen has a reputation beyond reputedooogen has a reputation beyond repute
Kinda weird. Same exact problem just happened to my computer. walked away when while running ubot on some phpmotion sites and came back to my computer trying to run startup recovery.
dooogen is offline   Reply With Quote
Old 05-15-2011, 09:46 PM   #44 (permalink)
Senior Member
 
jacky8's Avatar
 
Join Date: Mar 2008
Posts: 2,535
iTrader: 146 / 100%
jacky8 has a reputation beyond reputejacky8 has a reputation beyond reputejacky8 has a reputation beyond reputejacky8 has a reputation beyond reputejacky8 has a reputation beyond reputejacky8 has a reputation beyond reputejacky8 has a reputation beyond reputejacky8 has a reputation beyond reputejacky8 has a reputation beyond reputejacky8 has a reputation beyond reputejacky8 has a reputation beyond repute
None of the above methods are gonna work.

Take out the hard disk and wash it hard with Tide.

That is the best way to clear away the worms and viruses.
__________________
Quote:
Originally Posted by thehobbster View Post
I'd love to hold everyone's hand, but alas, my hand won't let go of my dick.
jacky8 is offline   Reply With Quote
Old 05-15-2011, 10:09 PM   #45 (permalink)
My Member 8=============3
 
Join Date: Oct 2010
Posts: 1,141
iTrader: 4 / 100%
handrewrites has a reputation beyond reputehandrewrites has a reputation beyond reputehandrewrites has a reputation beyond reputehandrewrites has a reputation beyond reputehandrewrites has a reputation beyond reputehandrewrites has a reputation beyond reputehandrewrites has a reputation beyond reputehandrewrites has a reputation beyond reputehandrewrites has a reputation beyond reputehandrewrites has a reputation beyond reputehandrewrites has a reputation beyond repute
question: how safe is windows 7 if I'm running it on a limited user account rather using the admin account like 90% of windows-using retards do?

oh and my 2c: install linux then install windows inside virtualbox.
__________________
Quote:
Originally Posted by MSTeacher View Post
only on wickedfire do a bunch of hack marketers debate alien intervention in a thread filled with memes and stone penises inspired by random old news.
handrewrites is offline   Reply With Quote
Old 05-16-2011, 12:43 AM   #46 (permalink)
(‵▽′)Ψ
 
onigen's Avatar
 
Join Date: Oct 2010
Posts: 428
iTrader: 2 / 100%
onigen has a reputation beyond reputeonigen has a reputation beyond reputeonigen has a reputation beyond reputeonigen has a reputation beyond reputeonigen has a reputation beyond reputeonigen has a reputation beyond reputeonigen has a reputation beyond reputeonigen has a reputation beyond reputeonigen has a reputation beyond reputeonigen has a reputation beyond reputeonigen has a reputation beyond repute
Quote:
Originally Posted by Deliguy View Post
Boot from the windows cd. Go to the repair console (not a windows repair, its the second option (R) when you go start a fresh install. It'll bring you to a command prompt)
chkdsk /r <-this will scan your system files for curruption and replace them with the originals on the cd.
fixmbr <-this will fix the problem by restoring your masterbootrecord.
exit <-this will restart your computer.
^This

Then scan the fuck out of it with several portable AVs.

Some reading Wilders Security Forums - View Single Post - Securing Your PC and Data

Still probably best to reformat and use something like this Keep your system clean. Roll back to a clean state and never worry about virus infections.

Last edited by onigen; 05-16-2011 at 12:46 AM.. Reason: edit
onigen is offline   Reply With Quote
Old 05-16-2011, 01:33 AM   #47 (permalink)
I'm a GIRL, damnit.
 
SilentPen's Avatar
 
Join Date: Jul 2008
Location: Minnesota
Posts: 236
iTrader: 16 / 100%
SilentPen has a reputation beyond reputeSilentPen has a reputation beyond reputeSilentPen has a reputation beyond reputeSilentPen has a reputation beyond reputeSilentPen has a reputation beyond reputeSilentPen has a reputation beyond reputeSilentPen has a reputation beyond reputeSilentPen has a reputation beyond reputeSilentPen has a reputation beyond reputeSilentPen has a reputation beyond reputeSilentPen has a reputation beyond repute
Quote:
Originally Posted by Deliguy View Post
wow so many complicated pain in the ass solutions for such a simple problem. No offense but you guys are never allowed near my computer when there's data to be lost

Boot from the windows cd. Go to the repair console (not a windows repair, its the second option (R) when you go start a fresh install. It'll bring you to a command prompt)
chkdsk /r <-this will scan your system files for curruption and replace them with the originals on the cd.
fixmbr <-this will fix the problem by restoring your masterbootrecord.
exit <-this will restart your computer.
This. And when you're done, since you likely still won't be able to download, install or run any of your programs, you should create a new user with admin privileges, use that to download, install, and run both Trend Micro AND (more importantly) Malwarebytes. Log back into the old account, delete ALL internet files, run the TM and Malwarebytes again, and you should theoretically be good to go. I'm not an expert - but from experience, I'd say you have similar to the iemonster.d virus... there's several variations of it out there, and they all do as you've described.
SilentPen is offline   Reply With Quote
Old 05-16-2011, 02:08 AM   #48 (permalink)
Senior Member
 
tencentpiece's Avatar
 
Join Date: Nov 2010
Location: Melbourne, Australia
Posts: 4,434
iTrader: 278 / 99%
tencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond reputetencentpiece has a reputation beyond repute
I've resolved the problem, what eli suggested wouldn't have worked as when booting from the windows CD it got stuck before those options would even come up.

I ended up just installing ubuntu over the top of the old install and then installing windows7 alongside it.

For some reason my desktop has decided to not recongize my dvd drive and when I try to do a ubuntu install a USB device I get an error. It's probably just one of the cables lose in my PC though so I'll fix that up on the weekend as I don't really need it at the moment.
__________________

Find out what tools I use | PM me to find out about niche specific links
tencentpiece is offline   Reply With Quote
Old 05-16-2011, 02:30 AM   #49 (permalink)
Advertise Here
 
Fatbat's Avatar
 
Join Date: May 2008
Location: Costa del Sol, Spain
Posts: 6,224
iTrader: 3 / 100%
Fatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond reputeFatbat has a reputation beyond repute
Quote:
Originally Posted by SilentPen View Post
This. And when you're done, since you likely still won't be able to download, install or run any of your programs, you should create a new user with admin privileges, use that to download, install, and run both Trend Micro AND (more importantly) Malwarebytes. Log back into the old account, delete ALL internet files, run the TM and Malwarebytes again, and you should theoretically be good to go. I'm not an expert - but from experience, I'd say you have similar to the iemonster.d virus... there's several variations of it out there, and they all do as you've described.
Malwarebytes is an absolute piece of shit. Do not count on it to protect you nor clean you up.
Fatbat is offline   Reply With Quote
Old 05-16-2011, 03:54 AM   #50 (permalink)
Senior Member
 
oknetwork's Avatar
 
Join Date: Jan 2008
Posts: 252
iTrader: 0 / 0%
oknetwork has a reputation beyond reputeoknetwork has a reputation beyond reputeoknetwork has a reputation beyond reputeoknetwork has a reputation beyond reputeoknetwork has a reputation beyond reputeoknetwork has a reputation beyond reputeoknetwork has a reputation beyond reputeoknetwork has a reputation beyond reputeoknetwork has a reputation beyond reputeoknetwork has a reputation beyond reputeoknetwork has a reputation beyond repute
Quote:
Originally Posted by Deliguy View Post
wow so many complicated pain in the ass solutions for such a simple problem. No offense but you guys are never allowed near my computer when there's data to be lost

Boot from the windows cd. Go to the repair console (not a windows repair, its the second option (R) when you go start a fresh install. It'll bring you to a command prompt)
chkdsk /r <-this will scan your system files for curruption and replace them with the originals on the cd.
fixmbr <-this will fix the problem by restoring your masterbootrecord.
exit <-this will restart your computer.
chkdsk is definetly not doing what you saying
__________________
it's 2
oknetwork is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
100% genuine Windows 7 Products keys - All language raffy Sell, Buy & Trade 5 03-22-2011 03:17 PM
Moe Bedard - LoanSafe - Got Job? Work from Home With These Legitimate Opportunites Blastyourass Shooting The Shit 224 09-23-2010 11:31 AM
What kind of spyware or virus is this? Do I have to reinstall windows? MyOwnDemon Shooting The Shit 9 10-02-2008 09:05 AM


All times are GMT -4. The time now is 08:32 PM.


WickedFire.com Copyright 2014 - WickedFire is an international registered Trademark of Coastal Synergy LLC. You may not use any of our trademarks, copyrights, content, or images without a written approval by members of Coastal Synergy LLC.