No announcement yet.

bootp process on windos XP

  • Filter
  • Time
  • Show
Clear All
new posts

  • bootp process on windos XP

    A few days back, all my RIS builds were failing with 0x000000BB error though they are able to get IP when they are pxe booted. After digging the problem with the help of package capture softwares, it turned out that one the desktop is listening on bootp port and responding to the requests from PXE clients and passing some crap which made the RIS to fail.
    I disconnected that system from network and my RIS is happy now. But I need to identify the problem with that PC and from where this bootp has come. I did the following as part of my troubleshooting but left with no clue.
    * Tried running AV scanning. It was clean
    * Tried with few anti spywears but no help
    * Tried identifiyng the process which is listening on bootp port but to my surprise it is system process(pid 4)
    * Uninstalled all softwares but still infection is there
    Can you please help me with identifying cause and what else can be checked?

  • #2
    Re: bootp process on windos XP

    What is or was running on the offending XP machine?
    Have you spyware programs did you try? My present favourite is Malware Bytes.
    Have you reimaged the offending machine after all, you did remove all the software except O/S so one additional step may solve the problem. You seem most likely to have some Spy/Malware buried deep and if this is the case it will be easier to reimage rather than try to find and remove it. Takes less time to reimage than trying to find and remove this crap.

    Is the user of this machine a surfer or do they bring in USB sticks etc from home to plug into the PC? If they are a fiddler or a troublesome surfer then who knows what has been unknowingly installed.
    Joined: 23rd December 2003
    Departed: 23rd December 2015


    • #3
      Re: bootp process on windos XP

      Sometimes running scans in Safe Mode can sometimes detect other spyware as well. I tend to scanin normal mode, drop to safe mode and then scan in normal mode again.

      However, I tend to usually reimage, if a machine has caused an issue. It depends on who uses or what the PC is used for.