#1
Inactive
Profile: Join Date: Aug 2008
Posts: 7
Computer Experience:
Failure to boot in Safe Mode
When I restart and try to go into safe mode, tapping F8, it will bring up the window where you pick safe mode, and it'll do that file stuff, but when it trys to boot into safe mood, it just automatically boots right back into regular windows, or tells me files are corrupt or some stuff.
Didn't find the information you thought to find?Similar Threads
#2
Inactive
Profile: Join Date: Aug 2002
Posts: 4,147
Hi Sam
#3
Inactive
Profile: Join Date: Aug 2008
Posts: 7
Computer Experience:
I am trying to access Safe Mode, to remove spyware that I think I have. But when I try to download a Hi Jack this program it closes out my browser so I don't guess I will be able to download that. My computer is FRIED!
#4
Inactive
Profile: Join Date: Aug 2002
Posts: 4,147
OK Sam cool down you are at the right place, so skip the moaning and spend that time giving me details about this issue.HJT but can you download anything?http://www.xblock.com/download/xclean_micro.exe http://www.malwarebytes.org/mbam.php
#5
Profile: Join Date: Dec 2001
Location: Birkirkara, Malta
Posts: 9,700
Computer Experience:
Since user indicates probable Spyware infection, moved to Malware and Virus Removal forum.
#6
Staff
Profile: Join Date: Mar 2003
Location: Washington State
Posts: 4,541
Computer Experience:
Hi Samhere or here and save the file to your desktop.mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware , then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select 'Perform Quick Scan ', then click Scan .
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked , and click Remove Selected .
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note below)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Post the entire report in your next reply along with a fresh HijackThis log. HJT to download.
#7
Inactive
Profile: Join Date: Aug 2008
Posts: 7
Computer Experience:
When I tried to do the Chkdsk it said "The type of file system NTFS can't access volume denied".HJT it still is closing my browser!http://internetsearchservice.com/search?q=%s ) Good: (http://www.google.com/ ) -> Quarantined and deleted successfully.http://internetsearchservice.com/search?q=%s ) Good: (http://www.google.com/ ) -> Quarantined and deleted successfully.http ://internetsearchservice.com/search?q={searchTerms}) Good: (http://www.google.com/ ) -> Quarantined and deleted successfully.http ://internetsearchservice.com/search?q={searchTerms}) Good: (http://www.google.com/ ) -> Quarantined and deleted successfully.
#8
Staff
Profile: Join Date: Mar 2003
Location: Washington State
Posts: 4,541
Computer Experience:
Hi Sam HijackThis installer from here Killer.exe Click OK.Double-click on the HJTintall.exe icon on your desktop.
Continue to click Next in the setup dialogue boxes until you get to the Select Additional Tasks dialogue.
Put a check by Create a desktop icon and then click Next again.
Continue to follow the rest of the prompts from there.
At the final dialogue box click Finish and it will launch HijackThis.
Click on the Do a system scan only button.
HJT .Deckard's System Scanner (dss .exe) Note: You must be logged onto an account with administrator privileges to complete the following. Close all other windows before proceeding. Double-click on dss .exe
When it has finished, dss main.txt and extra.txt -- please copy and then paste the contents of main.txt and extra.txt in your next reply.
#9
Inactive
Profile: Join Date: Aug 2008
Posts: 7
Computer Experience:
Ok I downloaded HJT Killer.exe it acted like it was gonna run, it just FLASHED
#10
Inactive
Profile: Join Date: Aug 2008
Posts: 7
Computer Experience:
here is the DSS MAIN.txtAd -AwareTotal Physical Memory: 511 MiB (512 MiB recommended). Ad -Aware\aawservice.exedss .exehttp://www.google.com/ie http://www.google.com http://www.google.com http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com http://www.yahoo.com/ http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com http://us.rd.yahoo.com/customize/ie/...ch/search.html http://www.yahoo.com/ http://www.google.com/ie https://care.alltel.com (HKCU)http://care.alltel.com (HKCU)http://locator.cdn.imageservr.com (HKCU)http://www.apple.com/qtactivex/qtplugin.cab http://housecall65.trendmicro.com/ho...vex/hcImpl.cab http://a516.g.akamai.net/f/516/25175...at-no-eula.cab http://forms.real.com/real/player/do...e_Inst_Win.cab http://lads.myspace.com/upload/MySpaceUploader1005.cab http://clubgames.pogo.com/online2/po...esLauncher.cab ms -help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dllAd -Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad -Aware\aawservice.exe
#11
Inactive
Profile: Join Date: Aug 2008
Posts: 7
Computer Experience:
-- HijackThis Fixed Entries (C:\HJT \backups\) ----------------------------------http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com http://go.microsoft.com/fwlink/?LinkId=54896 http://www.bigfishgames.com/online/b...ploader_v6.cab http://us.rd.yahoo.com/customize/ie/...ch/search.html http://www.pinncom.com http://us.rd.yahoo.com/customize/ie/...ch/search.html .ini - inifile - shell\open\command - C:\WINDOWS\SYSTEM32\NOTEPAD.EXE %1 .js - JSFile - shell\open\command - %SystemRoot%\System32\CScript.exe "%1" %* .reg - regfile - shell\open\command - regedit.exe "%1" %* .scr - scrfile - shell\open\command - "%1" %* .txt - txtfile - shell\open\command - C:\WINDOWS\SYSTEM32\NOTEPAD.EXE %1 .vbs - VBSFile - shell\open\command - %SystemRoot%\System32\CScript.exe "%1" %*
#12
Inactive
Profile: Join Date: Aug 2008
Posts: 7
Computer Experience:
-- Device Manager: Disabled ----------------------------------------------------PCI Fast Ethernet NIC PCI \VEN_10EC&DEV_8139&SUBSYS_805B1043&REV_10\4&25296D99&0&68F0PCI Fast Ethernet NIC PCI \VEN_10EC&DEV_8139&SUBSYS_805B1043&REV_10\4&25296D99&0&68F0SafeBoot registry key needs repairs. This machine cannot enter Safe Mode. www.babe.the-killer.bz www.babe.k-lined.com www.did.i-used.cc www.coolwwwsearch.com www.hi.studioaperto.net
#13
Staff
Profile: Join Date: Mar 2003
Location: Washington State
Posts: 4,541
Computer Experience:
Hi Samdss log you posted you will see ending of these entries in the registry section with a bunch of policies under them.dss .exe must be on the desktop for the following command to work. **"%userprofile%\desktop\dss .exe" /daft Click Start>Run and paste the command in the run box, then hit enter.
An interface of Deckards file association fix will open.
Click Scan.
Check the box next to the following, then click Fix..js
.reg
.vbs
.txt
.scr
.ini
Exit when complete.
here Here disable realtime protection applications as they sometimes interfere with the tool. this link for any applicable programs you may have.Close all open programs and windows Double click combofix.exe and follow the prompts.
Vista users When finished, it shall produce a log for you. Post the Combofix log
Note: Do not mouseclick combofix's window while its running. That may cause it to stall Note - ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.Note - Combofix makes some changes when run to prevent autorun/autoplay of ALL CDs, floppies and USB devices, to assist with malware removal & increase security. If this is an issue or makes it difficult for you to use those devices, please ask how to reset it.
All times are GMT +1. The time now is 12:38 .
