Bluescreen of death + can't boot into safe mode or reinstall windows??

tencentpiece

tencentpiece

New member
Nov 11, 2010
4,361
104
0
Melbourne, Australia
www.linknarwhal.com
Hi guys,

So at the moment I am having an issue with my laptop and one of my desktops, fairly certain it's virus related but not 100% sure.

Anyways, when I boot it up it'll come up with the following:

Blue screen followed by something along the lines of

an error has been found blah blah blah, volsnap.sys seems to be the file causing this issue.

Then the computer automatically restarts and I get another screen that says

Windows failed to start. A recent hardware of softwarechange might be the cause.

If windows files have been damaged or configured incorrectly, startup repair can help diagnose and fix the problem. If power was interrupted during startup, choose start windows normally.

> Launch start up repair
> Start windows normally

When I launch the repair, it can't find any error and it can't find a version that was working either. I've tried to reinstall windows, but it sticks on the starting windows reload screen and then just reboots the computer. I've tried restarting in safe mode and it still sticks on the windows screen.

What are my options? Ideally I'd like to keep the data on these PC's, but I have recent back ups so it's not a mega issue.
 


tencentpiece said:
I've tried to reinstall windows, but it sticks on the starting windows reload screen and then just reboots the computer.
Click to expand...

Did you go into the BIOS and tell it to load from the disc drive before the hard drive?
 
bsod-linux-flier.png
 
Sounds like dodgy hardware use memtest live cd to test the memory if that's okay then it's either your mobo or hard drive.

Get your hands on a copy of Microsoft Diagnostic and Recovery Toolset iso - boot into that check the system logs for disk errors. If there are none it's your motherboard at fault.

Swap out bad hardware - might want to plug your HD into another machine and pull the data for a backup before you start any of these steps.
 
Moxie said:
Did you go into the BIOS and tell it to load from the disc drive before the hard drive?
Click to expand...

Yep, I've tried this. It goes windows is loading files....

Then says starting windows, pauses for a bit and then just shows a black screen with a cursor - I can move the cursor around but there are no options to select. Not 100% sure, but after a while of this I am pretty sure it just restarts itself.

In terms of linux, that would be great but I need a lot of programs that run on windows only and don't work very well if at all with wine.
 
I've seen this issue many times. However the rules of this forum have me paranoid about what to do as I have free or what may have been free applications i use. I could describe generically.

However basically you'd want to access files using favorite method, not booting up. Rename offender or suspected offender, hey why would the OS lie (cause it's the virus waiting to taunt you when you try to rename the file and it's not the one?)
Anyway renaming may generate an error but shouldn't cause a failure to load. It's likely the intruder is embedded elsewhere also but this may let you boot up in some mode or another.

Droidx-Tapatalk
 
Cyberchip said:
I've seen this issue many times. However the rules of this forum have me paranoid about what to do as I have free or what may have been free applications i use. I could describe generically.

However basically you'd want to access files using favorite method, not booting up. Rename offender or suspected offender, hey why would the OS lie (cause it's the virus waiting to taunt you when you try to rename the file and it's not the one?)
Anyway renaming may generate an error but shouldn't cause a failure to load. It's likely the intruder is embedded elsewhere also but this may let you boot up in some mode or another.

Droidx-Tapatalk
Click to expand...

I didn't follow this at all. If somebody else can make sense of it please let me know.

goldmercury said:
Sounds like dodgy hardware use memtest live cd to test the memory if that's okay then it's either your mobo or hard drive.

Get your hands on a copy of Microsoft Diagnostic and Recovery Toolset iso - boot into that check the system logs for disk errors. If there are none it's your motherboard at fault.

Swap out bad hardware - might want to plug your HD into another machine and pull the data for a backup before you start any of these steps.
Click to expand...

This seems unlikely considering it's affecting both my laptop and one of my desktop computers?


Whoever can help me fix this issue can have some free xrumer links as well.
 
I get responses like this from Linux users all the time. (One of my best friends for example) My usual response would be something like... yes it's easy to avoid infection when the target audience is so small the blaggards think, "why bother ". or It's not the OS that saves them, it's the 'relatively small number of users and the ensuing anonymity that protects them. " or, when I want to return to DOS days and the inception of Windows (2.0?) I'll think about taking up Linux. Still, as a MS man, there's nothing like learning a new language and learning to socialize by poking pinholes in your eyelids to restrict the light and praying nothing sees you, or you them, to protecting yourself from attack. It works for the ostrich.

Droidx-Tapatalk
 
Hey its hard to pass volumes of info wo taking short cuts don't give up that easy.
And yes some of these bugs are smart why wouldn't the other machine be infected, it got in one didn't it. All that rules out is hardware, yep mos def a bug.

Droidx-Tapatalk
 
You didn't even mention which windows. I'm presuming legit licensing as MS can zap and do this in a heartbeat if your COAs overused. I'm also presuming OS was working before problem???

Droidx-Tapatalk
 
Cyberchip said:
I get responses like this from Linux users all the time. (One of my best friends for example) My usual response would be something like... yes it's easy to avoid infection when the target audience is so small the blaggards think, "why bother ". or It's not the OS that saves them, it's the 'relatively small number of users and the ensuing anonymity that protects them. " or, when I want to return to DOS days and the inception of Windows (2.0?) I'll think about taking up Linux. Still, as a MS man, there's nothing like learning a new language and learning to socialize by poking pinholes in your eyelids to restrict the light and praying nothing sees you, or you them, to protecting yourself from attack. It works for the ostrich.

Droidx-Tapatalk
Click to expand...

Cyberchip said:
I've seen this issue many times. However the rules of this forum have me paranoid about what to do as I have free or what may have been free applications i use. I could describe generically.

However basically you'd want to access files using favorite method, not booting up. Rename offender or suspected offender, hey why would the OS lie (cause it's the virus waiting to taunt you when you try to rename the file and it's not the one?)
Anyway renaming may generate an error but shouldn't cause a failure to load. It's likely the intruder is embedded elsewhere also but this may let you boot up in some mode or another.

Droidx-Tapatalk
Click to expand...

What the fuck are you talking about?
 
Ex: with XP use UBCD or other bootable to gain access to the file system. Rename your something.sys file to like old'something'sys.jnk then try to reboot. I can tell be the name of the file what the blackhat was up to.. need to see your post again (dang handheld) might have to get up off my butt and walk over to the 'puter on this one. If there's no response from you yet, I'll wait until tomorrow to see if anyone wants to come to your aid. Simply put... want help? Don't be rude, and give pertinent information. My clairvoyance is frizzy tonight.

Droidx-Tapatalk
 
Reformat it!

i think you just gotta reformat it and that should solve the problem. make sure you have a legit windows reinstall cd
 
AuthorAji said:
What the fuck are you talking about?
Click to expand...

Don't jerk people around by posting my whole response for a lame response like that. It's clear you know little about both OSs. One... maybe. Both... obviously not.
To your question... could you be more specific about that to which you refer? Clear enough.

Droidx-Tapatalk
 
Sure you can do that but I thought you would try the easy way first!
What if your doctor said that to you?

Droidx-Tapatalk
 
If the two computers were networked, it's probably a rootkit, and probably TDSS.
In which case you're probably fucked.
 
Cyberchip said:
Ex: with XP use UBCD or other bootable to gain access to the file system. Rename your something.sys file to like old'something'sys.jnk then try to reboot. I can tell be the name of the file what the blackhat was up to..

Droidx-Tapatalk
Click to expand...

Ok.. the name of his file is a joke (to himself) volsnap.sys is he turns off ex: makes take a 'nap' the 'vols' a term used to describe the drive when it's mounted. So, he unmounts 'nap' the drive 'vols' and it's embedded as a sys(tem) file at boot. Renaming will cause sys to ignore (can't find) the file and should/may give you back enough controll. Another option would be to rename (I like to look at the code layer) volsnap and make new zero length file named volsnap.sys and change privilege to owner, or restrict read or Somesuch.
Plus the name is double entendre could be "vol" 'snap' but as in snap, jokes on you. I know this a-hole, seen his work. Usually OS part is so slow to load if you get to desktop you can roll system back to early date. If I do reinstall, i rename window's dir as backup. Do install just to get clean basic registry, export registry, rename new windows dir and name old windows dir back and import saved clean install registry to clean the EXTensions. Clean, run regs while at it and.. done in an hour or less everything intact and bad guy permanently locked out.

Droidx-Tapatalk
 
As I said, no one hears, I've seen this.. and it's not a root. Effective, yes. Persistent... yes. Sophisticated.. yes, but the level of sophistication is so high it takes too long to boot. Still, break the molesters boot strap and he can't make the next walk. He hobbled and is slow to start moving. Spends time waiting for something that never happens. Time out, smack down and too late to root tootie. Best to catch him before the reboot. That's why I teach my clients "hands off" when in doubt call first. And yes he has a network component but if network is designed right.. he only gets to knock and ring bells. "intruder alert ". I know this a-hole and he's a smart ass braggart. Likes to say your whole system is infected. Hah, he wishes he were that good! I'm done.

Droidx-Tapatalk
 
> As I said, no one hears, I've seen this.. and it's not a root[kit]

Let me Google that for you

He might have some luck overwriting the MBR, but the chances are that this thing will just come straight back. Worse, the second time it might not cause the bluescreen, so his computers become part of a botnet, and perhaps his passwords and credit card info is stolen because he thinks the machines are clean. I'd rather format than fuck around for hours trying to fix it, and then never truly know if I got it or not.

Out of interest, what were the last couple of torrents/usenet downloads you ran?
 
Cyberchip said:
As I said, no one hears, I've seen this.. and it's not a root. Effective, yes. Persistent... yes. Sophisticated.. yes, but the level of sophistication is so high it takes too long to boot. Still, break the molesters boot strap and he can't make the next walk. He hobbled and is slow to start moving. Spends time waiting for something that never happens. Time out, smack down and too late to root tootie. Best to catch him before the reboot. That's why I teach my clients "hands off" when in doubt call first. And yes he has a network component but if network is designed right.. he only gets to knock and ring bells. "intruder alert ". I know this a-hole and he's a smart ass braggart. Likes to say your whole system is infected. Hah, he wishes he were that good! I'm done.

Droidx-Tapatalk
Click to expand...

Watching your responses in this thread is like the time I was having a weekend-long ecstasy binge with some friends. One of them took more than he could handle. He spent most of the day attempting to join in with our conversation, but failing to understand the meanings of words and just dribbling complete nonsense. We'd be talking about the weather, he'd chime with how much he hated soft cheese. He also kept bumping into furniture and apologising to it.

It was quite amusing, but also unsettling.
 
You must log in or register to reply here.
Top Bottom