1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Windows XP Help

Discussion in 'Malware and Virus Removal Archive' started by SamWilson18, 2007/01/14.

  1. 2007/01/14
    SamWilson18

    SamWilson18 Inactive Thread Starter

    Joined:
    2007/01/14
    Messages:
    4
    Likes Received:
    0
    Ok I downloaded this Boot98SE.exe it's a Boot Disk for Windows 98 for someone. I just saved it to my desktop to save it to a Floppy disk. Well now after I am done doing all that, I can't get it to delete. When I try and delete it, it says that it is being used by another program or some other source. I was wondering if ya'll knew anything that would be making it run in the background.

    I also have another problem. When I try to go in Safe Mode, it says something about Sptd.sys or something is not loading and won't load Safe Mode. Does anyone know how I could fix this or anything?

    I would really appreciate you people's help. Thanks,

    I also did a HiJack Scan Here it is:

    Logfile of HijackThis v1.99.1
    Scan saved at 6:05:30 PM, on 1/14/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
    C:\Program Files\compaq\Compaq Advisor\bin\compaq-rba.exe
    C:\WINDOWS\System32\CTsvcCDA.exe
    C:\WINDOWS\System32\mnmsrvc.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\WINDOWS\system32\wwSecure.exe
    C:\WINDOWS\Explorer.exe
    C:\windows\system\hpsysdrv.exe
    C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\Greatis\REGRUN~1\WatchDog.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\iTunes\iTunes.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    C:\Program Files\YahELite\YahELite.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Sam\Desktop\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.pinncom.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by ALLTEL
    R3 - URLSearchHook: (no name) - - (no file)
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {9BA469A1-337E-8C1C-4CB9-4A9A37CF2034} - (no file)
    O2 - BHO: (no name) - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00309} - (no file)
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
    O4 - HKLM\..\Run: [CTSysVol] "C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe" /r
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe "
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Windows] "C:\WINDOWS\explorer.exe "
    O4 - HKCU\..\Run: [Regrun2] C:\PROGRA~1\Greatis\REGRUN~1\WatchDog.exe
    O4 - HKCU\..\Run: [Registry] "C:\Program Files\Greatis\RegRunSuite\lsoon.exe" -1 30 "C:\Program Files\Greatis\RegRunSuite\rescue.exe" /a "c:\backreg\rstore.ini "
    O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia\vidalia.exe "
    O4 - Global Startup: Privoxy.lnk = C:\Program Files\Privoxy\privoxy.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
    O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
    O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
    O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing)
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing)
    O11 - Options group: [INTERNATIONAL] International*
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.pinncom.com
    O15 - Trusted Zone: http://locator.cdn.imageservr.com
    O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.5) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
    O16 - DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} (Rhapsody Player Engine) - http://forms.real.com/real/player/d.../mrkt/rhapx/RhapsodyPlayerEngine_Inst_Win.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {97B79133-88F0-45F0-8D57-0F2EF27D9C66} - http://85.255.114.166/1/rdgUS2404.exe
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {CEDDF50D-9FA7-41A8-BCD0-6350D1ED2306} - https://care.alltel.com/lwp/static/installers/WebflowActiveXInstaller_3-0-0.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://www.bigfishgames.com/online/bejeweled2/popcaploader_v6.cab
    O18 - Protocol: asp - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
    O18 - Protocol: bw+0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: ezstor - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
    O18 - Protocol: hsp - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: x-asp - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
    O18 - Protocol: x-cnote - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
    O18 - Protocol: x-hsp - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
    O18 - Protocol: x-zip - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
    O18 - Protocol: zip - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O20 - Winlogon Notify: sisc - C:\WINDOWS\Config\sisc.dll (file missing)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Compaq Advisor (Compaq_RBA) - NeoPlanet - C:\Program Files\compaq\Compaq Advisor\bin\compaq-rba.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    O23 - Service: Washer AutoComplete (wwSecSvc) - Webroot Software, Inc. - C:\WINDOWS\system32\wwSecure.exe
     
    Last edited: 2007/01/14
    SamWilson18,
    #1
  2. 2007/01/14
    surferdude2

    surferdude2 Inactive

    Joined:
    2004/07/04
    Messages:
    4,009
    Likes Received:
    23
    Hi Sam and welcome!

    Try dumping your Temporary internet files. Many times that causes some downloads to be listed as in use.

    As for the other problem of getting into Safe Mode, I think you have an alcohol problem. No, not that kind. ;) Check with the support group for Alcohol problems at http://support.alcohol-soft.com/en/changelog.php

    I hope they can get you fixed up since I don't use that software.

    Good luck.
     
    surferdude2,
    #2


  3. to hide this advert.

  4. 2007/01/14
    TeMerc

    TeMerc Inactive Alumni

    Joined:
    2006/05/13
    Messages:
    3,226
    Likes Received:
    4
    This machine has an infection or two, I'm moving it over to Spyware & Virus Removal forum. I'll be back later with some removal insdtructions, as I'm at Dads and he's on dial up plus I don't have all my required replies handy.
     
    TeMerc,
    #3
  5. 2007/01/24
    SamWilson18

    SamWilson18 Inactive Thread Starter

    Joined:
    2007/01/14
    Messages:
    4
    Likes Received:
    0
    Noone has ever came back and gave me a replay on this request that I made I would like to know. Thanks.

    Here's updated just another one, dont think much has changed thanks HiJackLog! Thanks

    Logfile of HijackThis v1.99.1
    Scan saved at 9:59:14 PM, on 1/24/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
    C:\Program Files\compaq\Compaq Advisor\bin\compaq-rba.exe
    C:\WINDOWS\System32\CTsvcCDA.exe
    C:\WINDOWS\System32\mnmsrvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\WINDOWS\system32\wwSecure.exe
    C:\WINDOWS\Explorer.EXE
    C:\windows\system\hpsysdrv.exe
    C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    C:\Program Files\YahELite\YahELite.exe
    C:\Program Files\YahELite\YahVox.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Sam\Desktop\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.pinncom.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by ALLTEL
    R3 - URLSearchHook: (no name) - - (no file)
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {9BA469A1-337E-8C1C-4CB9-4A9A37CF2034} - (no file)
    O2 - BHO: (no name) - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00309} - (no file)
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
    O4 - HKLM\..\Run: [CTSysVol] "C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe" /r
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe "
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exe
    O4 - Startup: Check Windows Disk Protection.lnk = C:\Program Files\Microsoft Shared Computer Toolkit\CheckWDP.hta
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O11 - Options group: [INTERNATIONAL] International*
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.pinncom.com
    O15 - Trusted Zone: http://locator.cdn.imageservr.com
    O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.5) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
    O16 - DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} (Rhapsody Player Engine) - http://forms.real.com/real/player/d.../mrkt/rhapx/RhapsodyPlayerEngine_Inst_Win.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {97B79133-88F0-45F0-8D57-0F2EF27D9C66} -
    O16 - DPF: {CEDDF50D-9FA7-41A8-BCD0-6350D1ED2306} - https://care.alltel.com/lwp/static/installers/WebflowActiveXInstaller_3-0-0.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://www.bigfishgames.com/online/bejeweled2/popcaploader_v6.cab
    O18 - Protocol: asp - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
    O18 - Protocol: bw+0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: ezstor - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
    O18 - Protocol: hsp - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: x-asp - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
    O18 - Protocol: x-cnote - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
    O18 - Protocol: x-hsp - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
    O18 - Protocol: x-zip - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
    O18 - Protocol: zip - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O20 - Winlogon Notify: sisc - C:\WINDOWS\Config\sisc.dll (file missing)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Compaq Advisor (Compaq_RBA) - NeoPlanet - C:\Program Files\compaq\Compaq Advisor\bin\compaq-rba.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
    O23 - Service: StarWind iSCSI Service (StarWindService) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (file missing)
    O23 - Service: Washer AutoComplete (wwSecSvc) - Webroot Software, Inc. - C:\WINDOWS\system32\wwSecure.exe
     
    SamWilson18,
    #4
  6. 2007/01/25
    TeMerc

    TeMerc Inactive Alumni

    Joined:
    2006/05/13
    Messages:
    3,226
    Likes Received:
    4
    My sincerest apologies. This one totally slipped by me. No excuse.

    There isn't as much as I'd originally thought, if that's any consolation.

    Below you will find my results and recommendations from your HijackThis! log file analysis. Please read ALL instructions carefully BEFORE proceeding.


    Please follow these instructions, exactly, for proper HJT installation. Please place HJT into ITS OWN PERMANANT FOLDER. It must not be installed on the desktop nor in any temp folders.

    You can do this by going to My Computer (Windows key+e) then double click on C: then right click and select New then Folder and name it HJT. Move HijackThis.exe into this folder (C:\HJT\HijackThis.exe). When you run HijackThis.exe from C:\HJT folder and have it "Fixed checked" it will create a backup file of modifications to use if restore is necessary which is easily accessible.


    Open Hijackthis, select the [Do a system scan only] button and look over the following entries I have listed, check the boxes [] next to them and press the [Fix Checked] button. When you are doing this, make sure you have No IE windows, nor any other browsers open, including this one. Reboot if I have specified below, and post a fresh HijackThis log.

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.pinncom.com

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html

    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com

    R3 - URLSearchHook: (no name) - - (no file)

    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)


    O2 - BHO: (no name) - {9BA469A1-337E-8C1C-4CB9-4A9A37CF2034} - (no file)

    O2 - BHO: (no name) - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00309} - (no file)



    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present<<<<<<USER SET? IF SO, IGNORE FIX

    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present<<<<<<USER SET? IF SO, IGNORE FIX

    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present<<<<<<USER SET? IF SO, IGNORE FIX


    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://www.bigfishgames.com/online/b...ploader_v6.cab


    FIX ALL LOGITECH 018 LINES


    O20 - Winlogon Notify: sisc - C:\WINDOWS\Config\sisc.dll (file missing)


    Reboot, into safe mode, this way:
    Turn on the computer
    Immediately begin tapping the <F8> key.
    Use the arrow keys to highlight Safe Mode and press the <Enter> key.

    Also, enable the 'Show Hidden Folders' option, like this:
    Click Start.
    Open My Computer.
    Select the Tools menu and click Folder Options.
    Select the View Tab. Under the Hidden files and folders heading select Show hidden files and folders.
    Uncheck the Hide protected operating system files (recommended) option.
    Click Yes to confirm.
    Click OK.

    Open 'My Computer' and select the 'Search' feature. Then click the 'All files and folders' button. Click the 'More advanced search options' button and be sure the 'Search system folders', 'Search hidden files and folders' and 'Search subfolders' boxes are check marked then search for and delete, if found, (some may not be present after previous steps) the following files/folders:
    C:\WINDOWS\Config\sisc.dll <<<this file

    To exit Safe Mode, click the Start button, click Turn Off Computer, click Restart.

    Post a new HJT log back into this thread please.
     
    TeMerc,
    #5
  7. 2007/01/28
    SamWilson18

    SamWilson18 Inactive Thread Starter

    Joined:
    2007/01/14
    Messages:
    4
    Likes Received:
    0
    I still can't get into safe mode. Still says something about SPTD.sys can't load Press ESC to cancel. I've tried Safe Mode with Command Prompt and Safe Mode with Networking and then just Safe Mode. None of them work. I don't know what is wrong, SPTD.sys is causing the Safe Mode problem.

    Here is you a new HiJackThisLog!

    Logfile of HijackThis v1.99.1
    Scan saved at 3:22:00 PM, on 1/28/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
    C:\Program Files\compaq\Compaq Advisor\bin\compaq-rba.exe
    C:\WINDOWS\System32\CTsvcCDA.exe
    C:\WINDOWS\System32\mnmsrvc.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\WINDOWS\system32\wwSecure.exe
    C:\WINDOWS\Explorer.EXE
    C:\windows\system\hpsysdrv.exe
    C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\HJT\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by ALLTEL
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
    O4 - HKLM\..\Run: [CTSysVol] "C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe" /r
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe "
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exe
    O4 - Startup: Check Windows Disk Protection.lnk = C:\Program Files\Microsoft Shared Computer Toolkit\CheckWDP.hta
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O11 - Options group: [INTERNATIONAL] International*
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.pinncom.com
    O15 - Trusted Zone: http://locator.cdn.imageservr.com
    O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.5) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
    O16 - DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} (Rhapsody Player Engine) - http://forms.real.com/real/player/d.../mrkt/rhapx/RhapsodyPlayerEngine_Inst_Win.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {97B79133-88F0-45F0-8D57-0F2EF27D9C66} -
    O16 - DPF: {CEDDF50D-9FA7-41A8-BCD0-6350D1ED2306} - https://care.alltel.com/lwp/static/installers/WebflowActiveXInstaller_3-0-0.cab
    O18 - Protocol: ezstor - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
    O18 - Protocol: hsp - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {522F74E7-0D98-4A7A-8D36-50EDF69F06E3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: x-asp - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
    O18 - Protocol: x-cnote - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
    O18 - Protocol: x-hsp - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
    O18 - Protocol: x-zip - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
    O18 - Protocol: zip - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Compaq Advisor (Compaq_RBA) - NeoPlanet - C:\Program Files\compaq\Compaq Advisor\bin\compaq-rba.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
    O23 - Service: StarWind iSCSI Service (StarWindService) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (file missing)
    O23 - Service: Washer AutoComplete (wwSecSvc) - Webroot Software, Inc. - C:\WINDOWS\system32\wwSecure.exe
     
    SamWilson18,
    #6
  8. 2007/01/28
    TeMerc

    TeMerc Inactive Alumni

    Joined:
    2006/05/13
    Messages:
    3,226
    Likes Received:
    4
    I did some Googling and found a thread from Sept '06, was this you?. User name is Sam-my, maybe just coincidence.

    If you had Daemon tools at one point and uninstalled it, the file giving you the troubles may still be present and trying to run.

    Do a file search for it and delete it if you can.

    Then look at the page below for some more specific removal steps
    http://www.greatis.com/security/What is SPTD####.sys.htm

    The log locks to be clear.

    Let us know how that all goes.
     
    TeMerc,
    #7
  9. 2007/01/29
    SamWilson18

    SamWilson18 Inactive Thread Starter

    Joined:
    2007/01/14
    Messages:
    4
    Likes Received:
    0
    Well I did and removed all that from my computer, there is no longer SPTD.sys on my computer. I have REMOVED it all. Just now when I try to go into Safe Mode it just like flash's and then goes right into Regular Boot Up.

    This is the most helpfulness site on the net, that I have ever went to for help and actually got help. And no that wasn't me on that post you found. I have never had Daemon on my computer.

    Is there anymore other reason why my Safe Mode isn't working?
    If you need me to post another hijack this Log on here let me know. You guys are very helpful and responsive to my post. Best forums site I've ever been on yet for help with my computer.
     
    SamWilson18,
    #8
  10. 2007/01/29
    TeMerc

    TeMerc Inactive Alumni

    Joined:
    2006/05/13
    Messages:
    3,226
    Likes Received:
    4
    Ok, lets try a couple of system repair utilities to see if that clears the safe mode problem.

    System File Checker and ChkDsk
     
    TeMerc,
    #9

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...