I Have Reason To Believe Somethign Is Screwing With My System Files And Or Drivers

Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Important Announcement: We have two terrific contests running on the site that I wanted all our members and guests to know about.

The first contest is the HP Magic Giveaway, which is underway as of November 28th. More information can be found at this topic, which will be updated very soon with further information.

The second contests, is for the chance to win two Seagate FreeAgent external hard drives. More information about this contest can be found here.

These are both amazing contests and I suggest everyone submit an entry for them.

- BleepingComputer Management

BleepingComputer.com > Security > HijackThis Logs and Malware Removal

Forum Guidelines

Read this topic before posting a log.

DO NOT post a ComboFix log unless requested to.

Only members of the HijackThis Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log.

When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc.

Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.

4 Pages

« < 2 3 4

I Have Reason To Believe Somethign Is Screwing With My System Files And Or Drivers

Options

Teenage.Zombiee View Member Profile	Jun 30 2008, 09:36 PM Post #46
Distinguished Member Group: Members Posts: 811 Joined: 25-October 07 From: Sydney, AUSTRALIA :] Member No.: 165,216	UPDATE: I have not had the problem I came to you about ever since I uninstalled Avast. My machine is clean (I ran kaspersky, MBAM, anti vir, Spybot and Dr Web). Nothing found. My computer still appears to be running slow. I can't get a new DSS log until the weekend. Do you see anythign strange in the previous one? -------------------- "People die of disease and accident. Death comes suddenly and there is no notion of good or bad. It leaves, not a dramatic feeling but great emptiness. When you lose someone you loved very much you feel this big empty space and think, 'If I had known this was coming I would have done things differently.' These are the feelings I wanted to arouse in the players with Aerith's death relatively early in the game. Feelings of reality and not Hollywood." - Yoshinori Kitase

Blender View Member Profile	Jul 1 2008, 02:04 AM Post #47
I will eat your Malware Group: HJT Team Coach Posts: 2,345 Joined: 14-November 04 From: Ontario Member No.: 5,056	Hi Thanks for the new logs & update. Couple questions.. You did uninstall SuperAntispyware. Yes? You having trouble with your CDRom/DVD drive? Or had a non bootable cd in there and have cdrom set to boot first? What is in here: C:\WINDOWS\system32\%SystemDrive% <-- this folder. (yes that is the exact name of it) If it shows nothing... Right click folder> properties> it show anything other than 0 bytes for size? Thanks -------------------- I'll have an order of massive trojan attack please with a side order of rootkit and virus dip. Pre-course order of fresh spyware salad please with a side order of polymorphic dressing. And to drink...a nice tall glass of adware! For dessert; can I have a bowl of the freshest worms you have please?. Never Give Up! If you are happy with the service I provided, please consider making a donation to help me continue the fight against Malware

Teenage.Zombiee View Member Profile	Jul 3 2008, 08:33 AM Post #48
Distinguished Member Group: Members Posts: 811 Joined: 25-October 07 From: Sydney, AUSTRALIA :] Member No.: 165,216	I have never had any problems with my CD/DVD drive, although I sometimes forget to take my CDs out before I shut down. Why do you ask? Is something wrong? Heres an image of the properties of that folder here are the folders inside that weird system drive folder two of those folders have one file in them. Here are the screenshots and ---- I still have a problem with Auto Runs.. They seem to be disabled again. I'll post a new DSS log in my next post. If its any help This post has been edited by Teenage.Zombiee: Jul 3 2008, 08:42 AM -------------------- "People die of disease and accident. Death comes suddenly and there is no notion of good or bad. It leaves, not a dramatic feeling but great emptiness. When you lose someone you loved very much you feel this big empty space and think, 'If I had known this was coming I would have done things differently.' These are the feelings I wanted to arouse in the players with Aerith's death relatively early in the game. Feelings of reality and not Hollywood." - Yoshinori Kitase

Teenage.Zombiee View Member Profile	Jul 7 2008, 09:55 AM Post #50
Distinguished Member Group: Members Posts: 811 Joined: 25-October 07 From: Sydney, AUSTRALIA :] Member No.: 165,216	Update: Sorry forgot to answer your question. yes I did uninstall SAS. Ohh.. and I haven't had any problems with my CD/DVD drive.. Until tonight I put in a CD and my system crashed. This is the error in my event viewer Error code 000000b8, parameter1 00000000, parameter2 00000000, parameter3 00000000, parameter4 00000000. I've been browsing around looking for what could be the cause- or answer to this problem. This is the one that fits best DVD Drive Induced XP Crash I'm too frightened to put in another CD to see if it happens again. This is only a recent thing by the way. I get the feeling this may be the begining of the end for my computer. I'm going to run a few scans before bed tonight. Something has to have caused this and I'm going to try my best to find out what. The machine is still as slow as ever. Maybe even slower. -------------------- "People die of disease and accident. Death comes suddenly and there is no notion of good or bad. It leaves, not a dramatic feeling but great emptiness. When you lose someone you loved very much you feel this big empty space and think, 'If I had known this was coming I would have done things differently.' These are the feelings I wanted to arouse in the players with Aerith's death relatively early in the game. Feelings of reality and not Hollywood." - Yoshinori Kitase

Blender View Member Profile	Jul 7 2008, 02:49 PM Post #51
I will eat your Malware Group: HJT Team Coach Posts: 2,345 Joined: 14-November 04 From: Ontario Member No.: 5,056	Hi, Sorry for delay. We will begin with ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool: http://www.bleepingcomputer.com/combofix/how-to-use-combofix Please ensure you read this guide carefully and install the Recovery Console first. The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time. Once installed, you should see a blue screen prompt that says: The Recovery Console was successfully installed. Please continue as follows: Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Click Yes to allow ComboFix to continue scanning for malware. When the tool is finished, it will produce a report for you. Please include the following reports for further review, and so we may continue cleansing the system: C:\ComboFix.txt New HijackThis log. --Do not mouseclick combofix's window while it's running. That may cause it to stall --ComboFix may reset a number of Internet Explorer's settings, including making it the default browser. --Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell me. --Your internet connection will be terminated while ComboFix runs. Do Not attempt to re-enable it. Should ComboFix terminate prematurely, restart the computer to restore connectivity. Thanks -------------------- I'll have an order of massive trojan attack please with a side order of rootkit and virus dip. Pre-course order of fresh spyware salad please with a side order of polymorphic dressing. And to drink...a nice tall glass of adware! For dessert; can I have a bowl of the freshest worms you have please?. Never Give Up! If you are happy with the service I provided, please consider making a donation to help me continue the fight against Malware

Teenage.Zombiee View Member Profile	Jul 7 2008, 11:55 PM Post #52
Distinguished Member Group: Members Posts: 811 Joined: 25-October 07 From: Sydney, AUSTRALIA :] Member No.: 165,216	Heres Combofix.txt ComboFix 08-07-05.1 - Ireland 2008-07-08 14:43:20.8 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.320 [GMT 10:00] Running from: C:\Documents and Settings\Ireland\Desktop\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((( Files Created from 2008-06-08 to 2008-07-08 ))))))))))))))))))))))))))))))) . 2008-07-07 19:30 . 2008-07-07 19:30 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-07-07 19:30 . 2008-07-07 19:30 1,409 --a------ C:\WINDOWS\QTFont.for 2008-07-07 18:43 . 2008-07-07 19:13 <DIR> d-------- C:\Program Files\Paint.NET 2008-07-04 19:45 . 2008-07-04 19:45 34,848 --a------ C:\WINDOWS\system32\drivers\Dvd43.sys 2008-07-04 19:44 . 2008-07-04 19:44 <DIR> d-------- C:\Program Files\DVD43 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-07-07 14:57 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware 2008-07-07 11:17 --------- d-----w C:\Program Files\SpywareBlaster 2008-07-07 08:44 --------- d-----w C:\Program Files\Nokia 2008-07-07 08:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Downloaded Installations 2008-07-07 08:43 --------- d-----w C:\Program Files\Common Files\PCSuite 2008-07-07 08:39 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-07-07 08:39 --------- d-----w C:\Program Files\SpywareGuard 2008-06-28 04:16 34,296 ----a-w C:\WINDOWS\system32\drivers\mbamcatchme.sys 2008-06-28 04:16 17,144 ----a-w C:\WINDOWS\system32\drivers\mbam.sys 2008-05-31 12:43 --------- d-----w C:\Program Files\LimeWire 2008-05-23 13:57 --------- d-----w C:\Program Files\Startup Inspector for Windows 2008-05-23 12:50 16,384 ----a-w C:\WINDOWS\~DF9B04.tmp 2008-05-18 11:58 --------- d-----w C:\Documents and Settings\Ireland\Application Data\wsInspector 2008-05-18 08:58 --------- d-----w C:\Program Files\Avira 2008-05-18 08:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira 2008-05-16 12:07 --------- d-----w C:\Program Files\Recuva 2007-01-02 07:14 5,632 -csha-w C:\Program Files\Thumbs.db 2001-11-23 01:08 712,704 -c--a-w C:\WINDOWS\inf\OTHER\AUDIO3D.DLL 2006-03-19 19:15 56 --sh--r C:\WINDOWS\system32\4B5DCB75DF.sys 2006-03-19 19:15 1,682 -csha-w C:\WINDOWS\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SiteAdvisor"="C:\Program Files\SiteAdvisor\6253\SiteAdv.exe" [2007-02-09 12:39 36904] "COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\cfp.exe" [2008-03-22 15:20 1503488] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720] "DVD43"="C:\Program Files\DVD43\DVD43_Tray.exe" [2004-08-21 14:18 366592] C:\Documents and Settings\Ireland\Start Menu\Programs\Startup\ Last.fm Helper.lnk - C:\Program Files\Last.fm\LastFMHelper.exe [2007-10-27 22:05:08 106496] Last.fm Helper.lnk.disabled [2008-05-18 21:20:21 655] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"= C:\WINDOWS\system32\guard32.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.DIV3"= DivXc32.dll "vidc.DIV4"= DivXc32f.dll "msacm.divxa32"= DivXa32.acm "VIDC.HFYU"= huffyuv.dll "vidc.ffds"= C:\Program Files\ffdshow\ffdshow.ax "VIDC.JPEG"= JpegCode.dll "VIDC.MJPG"= JpegCode.dll HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "PCSuiteTrayApplication"=C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\LimeWire\\LimeWire.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\WINDOWS\\system32\\rtcshare.exe"= "C:\\Program Files\\iTunes\\iTunes.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\WINDOWS\\PCHEALTH\\HELPCTR\\Binaries\\helpctr.exe"= R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;C:\WINDOWS\system32\DRIVERS\cmdguard.sys [2008-03-28 19:00] R1 cmdHlp;COMODO Firewall Pro Helper Driver;C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [2008-03-22 15:20] R3 Dvd43;Dvd43;C:\WINDOWS\system32\DRIVERS\Dvd43.sys [2008-07-04 19:45] . Contents of the 'Scheduled Tasks' folder "2008-01-23 00:50:10 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe . - - - - ORPHANS REMOVED - - - - Notify-!SASWinLogon - (no file) ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-07-08 14:47:59 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- PROCESS: C:\WINDOWS\system32\winlogon.exe -> C:\WINDOWS\system32\guard32.dll PROCESS: C:\WINDOWS\system32\lsass.exe -> C:\WINDOWS\system32\guard32.dll PROCESS: C:\WINDOWS\explorer.exe -> C:\Program Files\SiteAdvisor\6253\saHook.dll . Completion time: 2008-07-08 14:50:21 ComboFix-quarantined-files.txt 2008-07-08 04:50:07 ComboFix2.txt 2008-05-02 10:21:22 Pre-Run: 1,188,450,304 bytes free Post-Run: 1,179,742,208 bytes free 114 --- E O F --- 2008-04-11 16:45:15 New HJT log Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2:53:32 PM, on 7/8/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Comodo\Firewall\cmdagent.exe C:\Program Files\SiteAdvisor\6253\SAService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\SiteAdvisor\6253\SiteAdv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Last.fm\LastFMHelper.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Program Files\Windows Media Player\wmplayer.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myspace.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 0;<local> O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - (no file) O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\cfp.exe" -h O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [DVD43] C:\Program Files\DVD43\DVD43_Tray.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe O4 - Startup: Last.fm Helper.lnk.disabled O8 - Extra context menu item: Add to &Windows Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1172654987125 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) - http://www.trendsecure.com/easy_install/_a...asyInstallX.CAB O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{644A5BCD-E876-488D-9889-BEF3F3EEBB50}: NameServer = 203.2.75.132 198.142.0.51 O17 - HKLM\System\CS1\Services\Tcpip\..\{644A5BCD-E876-488D-9889-BEF3F3EEBB50}: NameServer = 203.2.75.132 198.142.0.51 O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll O23 - Service: Avira AntiVir Personal â€“ Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal â€“ Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- End of file - 6430 bytes The computer is running OK today. I'm going to try and play a CD so I'll let you know if I get that BSOD again Edit: CDs are playing just fine : ) This post has been edited by Teenage.Zombiee: Jul 7 2008, 11:57 PM -------------------- "People die of disease and accident. Death comes suddenly and there is no notion of good or bad. It leaves, not a dramatic feeling but great emptiness. When you lose someone you loved very much you feel this big empty space and think, 'If I had known this was coming I would have done things differently.' These are the feelings I wanted to arouse in the players with Aerith's death relatively early in the game. Feelings of reality and not Hollywood." - Yoshinori Kitase**

Blender View Member Profile	Jul 12 2008, 02:36 PM Post #53
I will eat your Malware Group: HJT Team Coach Posts: 2,345 Joined: 14-November 04 From: Ontario Member No.: 5,056	Hi, Sorry for delay. Missed the noti again. Log looks OK. You can have Hijackthis fix this entry: O2 - BHO: (no name) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - (no file) Everything still running OK? Including video and so on? -------------------- I'll have an order of massive trojan attack please with a side order of rootkit and virus dip. Pre-course order of fresh spyware salad please with a side order of polymorphic dressing. And to drink...a nice tall glass of adware! For dessert; can I have a bowl of the freshest worms you have please?. Never Give Up! If you are happy with the service I provided, please consider making a donation to help me continue the fight against Malware

Teenage.Zombiee

Jul 13 2008, 04:25 AM