Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't boot in safe mode & get popups when internet is enabled


  • This topic is locked This topic is locked
3 replies to this topic

#1 thmobiletronics

thmobiletronics

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:11 PM

Posted 15 February 2010 - 01:28 PM

hp/compaq nx6325 running xp pro

Can't boot in safe mode to do any meaningfull scans
Also as soon as i go online to get updates i'm getting a bunch of popups.

If I get a highjack this log would it be safe to copy to a thumb drive then transfer to my home pc (the one I'm on now) and paste here?

BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,565 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:04:11 PM

Posted 15 February 2010 - 01:59 PM

Malware logs do not belong in the XP forum, this forum deals with XP O/S issues, not malware. Although members/visitors might want to attempt assisting you...this is not the place for users to post known/suspected malware issues.

If you want to post a malware log, I suggest following the administrative procedures at BC Virus, Trojan, Spyware, and Malware Removal Logs - http://www.bleepingcomputer.com/forums/f/22/virus-trojan-spyware-and-malware-removal-logs/.

<<...as soon as i go online to get updates i'm getting a bunch of popups.>>

What sort of popups? Please try to be as definitive as possible when describing situations.

Louis

#3 Ken-in-West-Seattle

Ken-in-West-Seattle

  • Members
  • 518 posts
  • OFFLINE
  •  
  • Local time:03:11 PM

Posted 15 February 2010 - 07:53 PM

From the spec sheet for your laptop:

HP Backup and Recovery Manager
Each unit is shipped with HP Backup and Recovery Manager. HP Backup and Recovery Manager can provide data and system file protection for HP business PCs to enable fast recovery if the system becomes corrupted or if important information is accidentally deleted. HP Backup and Recovery Manager can perform scheduled or manual backups of the entire drive or individual files and folders. Up to 8GB of the hard drive is reserved for the system recovery software. HP Backup and Recovery Manager can also create software recovery CDs or DVDs (requires optional hardware).


XP versions for HP models of this time frame should have a choice of destructive or non destructive recovery available at the f-10 or f-11 prompt at the bios splash screen.

Non destructive may allow you to then get documents, music and images off the drive onto external storage. The non destructive may not clean or remove all malware but it usually remove those active programs that load at start up and replaces those damaged windows files that may inhibit normal boot or safe mode.

If rootkit or trojan signatures or residue are detected after the non destructive recovery (and since non destructive pretty much kills the functioning of installed programs) you should then do a full destructive reload from the recovery partition after backing up you important data.

Note: Your system may have shipped in that time frame when HP allowed the choice of HP or vista at first install as well as 32 vs 64 bit install. What exactly is on the recovery partition is not possible to guess.
If it were on my workbench, I would image the entire drive with clonezilla to an external hard drive and then be able to experiment with impunity.

good luck

#4 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,112 posts
  • ONLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:05:11 PM

Posted 19 February 2010 - 11:08 PM

Hello,

Now that you have posted a log here: http://www.bleepingcomputer.com/forums/t/297071/infected-with-win32zbot-i-think/ you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a HJT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the HJT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the HJT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the HJT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days, up to two weeks perhaps less, to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

To avoid confusion, I am closing this topic. Good luck with your log.

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Internet Security, NoScript Firefox ext.


animinionsmalltext.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users