Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works

Faking Safe Mode in NT? [CLOSED]

  • This topic is locked This topic is locked



    New Member

  • Member
  • Pip
  • 1 posts
Is there a way to boot up in something similar to safe mode in NT? I am trying desperately to get rid of some malware seeds on my network and deleting files in Safe Mode does the trick for all XP/2000 machines. How can I delete a file that has a "sharing violation" in NT (message: "the source or destination file may be in use")????

Also, please analyze (Thank You!):
P.S. I took the liberty of already deleting some unwanted files...

Logfile of HijackThis v1.99.1
Scan saved at 11:14:00 AM, on 10/6/05
Platform: Windows NT 4 SP6 (WinNT 4.00.1381)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\Program Files\HP CD-Writer\Mmenu\hpcdtray.exe
C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
C:\Program Files\NavExcel\NavHelper\v2.0.4d\navapp.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Anti-Spyware Tools\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit,nddeagnt.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\ANTI-S~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {daa873d4-958c-453c-81ca-3fe6f3676a87} - C:\WINNT\System32\miaa.dll (file missing) [deleted]
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [IBMMon.exe] IBMMon.exe
O4 - HKLM\..\Run: [BrowserWebCheck] loadwc.exe
O4 - HKLM\..\Run: [Adaptec DirectCD] C:\PROGRA~1\HPCD-W~1\DirectCD\directcd.exe
O4 - HKLM\..\Run: [HP CD-Writer] C:\Program Files\HP CD-Writer\Mmenu\hpcdtray.exe
O4 - HKLM\..\Run: [Iomega Startup Options] C:\Program Files\Iomega\Common\ImgStart.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINNT\System32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Fix-It AV] C:\PROGRA~1\VCOM\Fix-It\MemCheck.exe
O4 - HKLM\..\Run: [SchedulingAgent] mstinit.exe /logon
O4 - HKLM\..\Run: [navapp] C:\Program Files\NavExcel\NavHelper\v2.0.4d\navapp.exe
O4 - HKLM\..\Run: [Logitech Utility] LOGI_MWX.EXE
O4 - HKLM\..\Run: [vmtuner] gglib.exe [deleted]
O4 - HKLM\..\Run: [0.29] C:\WINNT\exe82.exe [deleted]
O4 - HKLM\..\Run: [DIVA] C:\WINNT\exe82.exe [deleted]
O4 - HKLM\..\Run: [Microsoft Windows 128bit Subsystem] C:\WINNT\System32\system12.exe [deleted]
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe" [deleted]
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) [deleted]
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) [deleted]
O13 - WWW. Prefix: http://
O15 - Trusted Zone: *.media-motor.net [deleted]
O15 - Trusted Zone: *.popuppers.com [deleted]
O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM) [deleted]
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akama...meInstaller.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefend...can8/oscan8.cab
O23 - Service: AOL Instant Messanger (AIM) - Unknown owner - C:\WINNT\aim.exe [deleted, but still appears on HD]
O23 - Service: Avid Startup (AvidStartup) - Unknown owner - C:\WINNT\system32\AvidStartup.exe
O23 - Service: Fix-It Task Manager - V Communications, Inc. - C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
O23 - Service: IomegaAccess - Iomega Corporation - C:\WINNT\System32\IomegaAccess.exe
O23 - Service: ZipToA - Iomega Corporation - C:\WINNT\System32\ZipToA.exe
  • 0




    Visiting Staff

  • Member
  • PipPipPipPip
  • 1,398 posts
Hello Oiseaux and welcome to Geeks To Go :tazz:

Are you still needing our help? As it's been a couple of days, can you please post a new hijack log.

Edited by John_L, 08 October 2005 - 02:30 PM.

  • 0



    Visiting Staff

  • Member
  • PipPipPipPip
  • 1,398 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP