Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

unable to boot into windows vista


  • Please log in to reply
7 replies to this topic

#1 vistafailure

vistafailure

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:47 AM

Posted 13 April 2011 - 11:06 PM

Hi all,

I was watching some sports stream and I got this message

The system has detected a problem with one or more installed IDE / SATA hard disks. It is recommended that you restart the system.

I knew that I was infected with some virus. I went ahead and restarted my systems hoping I could use system restore to restore my system. But this time around, it no longer boots into windows. I have tried booting up using safe mode. Every time I try booting it up, it shuts down and restarts and reaches the same screen, shuts down and restarts again. I also have ubuntu installed on the same system and I was able to load up and use ubuntu. I am posting this from ubuntu. It would be great if someone can help me out.

Let me know if you need any more info.

Thanks in advance,
Aravind

Edited by hamluis, 14 April 2011 - 10:12 AM.
Moved from Vista to Am i Infected.


BC AdBot (Login to Remove)

 


#2 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,316 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:04:47 PM

Posted 23 April 2011 - 03:24 PM

Hi Aravind and sorry for the delay. If you still need help, do the steps below.

We Need to Diagnose Your BlueScreen
  • When you boot your machine, press F8 to list the startup options, exactly as you would if you were trying to enter Safe Mode
  • Select "Disable Automatic Restart on System Failure", as shown here:
    Posted Image
  • When your system BSODs, write down the STOP error code, as well as any written out error message back here. The STOP error will always appear, but the message may not. You are looking for this:
    Posted Image
Please post me the error(s).

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#3 vistafailure

vistafailure
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:47 AM

Posted 27 April 2011 - 09:32 PM

Sorry for the late response...I wasnt sure if someone was looking into this...Really appreciate your help. Here is the message from blue screen. Not sure how to insert .jpg image.

A problem has been detected and windows has been shutdown to prevent damage to your computer

volsnap.sys

PAGE_FAULT_IN_NONPAGED_AREA

Let me know if you need the technical information. Its difficult for me to write that down since I am not able to insert the image.

Thanks,
Aravind

Edited by vistafailure, 27 April 2011 - 09:33 PM.


#4 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,316 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:04:47 PM

Posted 28 April 2011 - 04:06 AM

Thank you, this is exactly the information I needed. :)

Try this please. You will need a USB drive.

Download GETxPUD.exe to the desktop of your clean computer
  • Run GETxPUD.exe
  • A new folder will appear on the desktop.
  • Open the GETxPUD folder and click on the get&burn.bat
  • The program will download xpud_0.9.2.iso, and upon finished will open BurnCDCC ready to burn the image.
  • Click on Start and follow the prompts to burn the image to a CD.
  • Next download driver.sh to your USB drive
  • Remove the USB & CD and insert it in the sick computer
  • Boot the Sick computer with the CD you just burned
  • The computer must be set to boot from the CD
  • Gently tap F12 and choose to boot from the CD
  • Follow the prompts
  • A Welcome to xPUD screen will appear
  • Press File
  • Expand mnt
  • sda1,2...usually corresponds to your HDD
  • sdb1 is likely your USB
  • Click on the folder that represents your USB drive (sdb1 ?)
  • Confirm that you see driver.sh that you downloaded there
  • Press Tool at the top
  • Choose Open Terminal
  • Type bash driver.sh -f
  • Press Enter
  • Type volsnap.sys and press enter.
  • After it has finished a report will be located on your USB drive named filefind.txt
  • Remove the USB drive and insert it back in your working computer and navigate to filefind.txt

    Please note - all text entries are case sensitive
Copy and paste the filefind.txt for my review

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#5 vistafailure

vistafailure
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:47 AM

Posted 29 April 2011 - 08:36 AM

Took some time for me to get all that done...Anyways here are the contents from the file


Search results for volsnap.sys

80dc0c9bcb579ed9815001a4d37cbfd5 /mnt/sda1/Windows/SoftwareDistribution/Download/c0a17eb89d8e2d806cdee4a2d05890b4/x86_volume.inf_31bf3856ad364e35_6.0.6000.16586_none_137ff950ff29e447/volsnap.sys
206.1K Oct 26 2007

327639d2ec931b057f3826a51adc73e9 /mnt/sda1/Windows/SoftwareDistribution/Download/c0a17eb89d8e2d806cdee4a2d05890b4/x86_volume.inf_31bf3856ad364e35_6.0.6000.20709_none_146318401803edb5/volsnap.sys
206.1K Oct 26 2007

4564f3e574884224ddea8969122e5d89 /mnt/sda1/Windows/System32/drivers/volsnap.sys
203.6K Nov 2 2006

11ef6c1caef76b685233450a126125d6 /mnt/sda1/Windows/System32/DriverStore/FileRepository/volume.inf_9320b452/volsnap.sys
203.6K Nov 2 2006

80dc0c9bcb579ed9815001a4d37cbfd5 /mnt/sda1/Windows.old/Windows/System32/drivers/volsnap.sys
206.1K May 6 2008

11ef6c1caef76b685233450a126125d6 /mnt/sda1/Windows.old/Windows/System32/DriverStore/FileRepository/volume.inf_9320b452/volsnap.sys
203.6K Nov 2 2006

80dc0c9bcb579ed9815001a4d37cbfd5 /mnt/sda1/Windows.old/Windows/System32/DriverStore/FileRepository/volume.inf_f47b2c78/volsnap.sys
206.1K May 6 2008

80dc0c9bcb579ed9815001a4d37cbfd5 /mnt/sda1/Windows.old/Windows/winsxs/x86_volume.inf_31bf3856ad364e35_6.0.6000.16586_none_137ff950ff29e447/volsnap.sys
206.1K May 6 2008

327639d2ec931b057f3826a51adc73e9 /mnt/sda1/Windows.old/Windows/winsxs/x86_volume.inf_31bf3856ad364e35_6.0.6000.20709_none_146318401803edb5/volsnap.sys
206.1K May 6 2008



Regards,
Aravind

#6 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,316 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:04:47 PM

Posted 29 April 2011 - 10:15 AM

Have you upgraded or reinstalled windows at some point?

Please use xPUD and navigate to the following file: /mnt/sda1/Windows/SoftwareDistribution/Download/c0a17eb89d8e2d806cdee4a2d05890b4/x86_volume.inf_31bf3856ad364e35_6.0.6000.16586_none_137ff950ff29e447/volsnap.sys <-- right click the file and select Copy.

Now navigate to /mnt/sda1/windows/system32/drivers/volsnap.sys <-- right click the file and select Rename. Rename the file to volsnap.vir
Now right click in an empty space in the Drivers folder and select Paste.

When done, restart your computer normally and let me know what happens.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#7 vistafailure

vistafailure
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:47 AM

Posted 29 April 2011 - 03:53 PM

Sometime last year, I believe I re-installed vista on an existing installation. The earlier installation just seemed to have a lot of driver errors. I was hoping they would get resolved by re-installing it again. After re installation I havent had any issues with the drivers so far.

I followed your instructions and I restarted my machine...I was able to boot into windows. After it booted up, some program called windows restore started scanning the system and came up with a report. The software wanted me to fix the errors. But I wasnt sure about the nature of the software. So I closed it and shut down my system. Let me know the further steps that I need to follow.

Thanks,
Aravind

#8 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,316 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:04:47 PM

Posted 29 April 2011 - 03:56 PM

That is a rogue, and its "reports" are pure fiction. :)

Please follow the steps in this removal guide

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users