Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Faking Safe Mode in NT? [CLOSED]


  • This topic is locked This topic is locked

#1
Oiseaux

Oiseaux

    New Member

  • Member
  • Pip
  • 1 posts
Is there a way to boot up in something similar to safe mode in NT? I am trying desperately to get rid of some malware seeds on my network and deleting files in Safe Mode does the trick for all XP/2000 machines. How can I delete a file that has a "sharing violation" in NT (message: "the source or destination file may be in use")????


Also, please analyze (Thank You!):
P.S. I took the liberty of already deleting some unwanted files...

Logfile of HijackThis v1.99.1
Scan saved at 11:14:00 AM, on 10/6/05
Platform: Windows NT 4 SP6 (WinNT 4.00.1381)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\spoolss.exe
C:\WINNT\system32\RpcSs.exe
C:\WINNT\System32\ZipToA.exe
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
c:\winnt\system32\pstores.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\nddeagnt.exe
C:\WINNT\System32\SysTray.Exe
C:\WINNT\System32\IBMMon.exe
C:\WINNT\System32\loadwc.exe
C:\PROGRA~1\HPCD-W~1\DirectCD\directcd.exe
C:\Program Files\HP CD-Writer\Mmenu\hpcdtray.exe
C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
C:\Program Files\NavExcel\NavHelper\v2.0.4d\navapp.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINNT\System32\ddhelp.exe
C:\WINNT\explorer.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Anti-Spyware Tools\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit,nddeagnt.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\ANTI-S~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {daa873d4-958c-453c-81ca-3fe6f3676a87} - C:\WINNT\System32\miaa.dll (file missing) [deleted]
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [IBMMon.exe] IBMMon.exe
O4 - HKLM\..\Run: [BrowserWebCheck] loadwc.exe
O4 - HKLM\..\Run: [Adaptec DirectCD] C:\PROGRA~1\HPCD-W~1\DirectCD\directcd.exe
O4 - HKLM\..\Run: [HP CD-Writer] C:\Program Files\HP CD-Writer\Mmenu\hpcdtray.exe
O4 - HKLM\..\Run: [Iomega Startup Options] C:\Program Files\Iomega\Common\ImgStart.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINNT\System32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Fix-It AV] C:\PROGRA~1\VCOM\Fix-It\MemCheck.exe
O4 - HKLM\..\Run: [SchedulingAgent] mstinit.exe /logon
O4 - HKLM\..\Run: [navapp] C:\Program Files\NavExcel\NavHelper\v2.0.4d\navapp.exe
O4 - HKLM\..\Run: [Logitech Utility] LOGI_MWX.EXE
O4 - HKLM\..\Run: [vmtuner] gglib.exe [deleted]
O4 - HKLM\..\Run: [0.29] C:\WINNT\exe82.exe [deleted]
O4 - HKLM\..\Run: [DIVA] C:\WINNT\exe82.exe [deleted]
O4 - HKLM\..\Run: [Microsoft Windows 128bit Subsystem] C:\WINNT\System32\system12.exe [deleted]
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe" [deleted]
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) [deleted]
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) [deleted]
O13 - WWW. Prefix: http://
O15 - Trusted Zone: *.media-motor.net [deleted]
O15 - Trusted Zone: *.popuppers.com [deleted]
O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM) [deleted]
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akama...meInstaller.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefend...can8/oscan8.cab
O23 - Service: AOL Instant Messanger (AIM) - Unknown owner - C:\WINNT\aim.exe [deleted, but still appears on HD]
O23 - Service: Avid Startup (AvidStartup) - Unknown owner - C:\WINNT\system32\AvidStartup.exe
O23 - Service: Fix-It Task Manager - V Communications, Inc. - C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
O23 - Service: IomegaAccess - Iomega Corporation - C:\WINNT\System32\IomegaAccess.exe
O23 - Service: ZipToA - Iomega Corporation - C:\WINNT\System32\ZipToA.exe
  • 0

Advertisements


#2
John_L

John_L

    Visiting Staff

  • Member
  • PipPipPipPip
  • 1,398 posts
Hello Oiseaux and welcome to Geeks To Go :tazz:

Are you still needing our help? As it's been a couple of days, can you please post a new hijack log.

Edited by John_L, 08 October 2005 - 02:30 PM.

  • 0

#3
John_L

John_L

    Visiting Staff

  • Member
  • PipPipPipPip
  • 1,398 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP