hello I have a IBM Thincentre 8085-E4U model and Im running windows HOME on this PC unit.
Well I am now… As you see I had to swap hard drives because I had a bad issue with the Win32:vitro Virus.
I neutralized that issue but my hard drive was failing so I just swamped hard drives… and what I noticed is that in the older hard drive… I was getting blue screens allot every time i started windows live messenger on my Old hard drive which had Home then upgraded to PRO so i was running XP sp2 Pro. The build on my msggenger is 8.1.0178.00
aka 8.1
Now I thought it might have been a bad malware issue or worm issue that might have infected Messenger…
Well now… for some odd reason… this is a completely new hard drive mind you. and I used this new Hard drive which is the main backup of the original Hitatchi Hard drive that game with this IBM PC… ive hardly ever used it and its been in the freshest state ever… It has avast and is fully protected etc.
Now Get this. I pre-boot scanned the old hard drive that was having bad sectors and that virus issue… So it wouldnt get into my PC… all viruses and such have been contained in the safe box… urr… the vault…
Now I run 81 same version. Windows Live messenger on here… and You know whats odd?
Im getting blue screens and one of them say …
IBMFilter.sys… Is mentioned… and it mentioned that too on my old hard drive that was failing… which had Pro on it…
I Don’t know what in the world could be causing it but it seems to happen when I start Windows Live messenger and im browsing fire fox… and then it happens… IBMfilter.sys… I keep thinking if it has something to do with one of the IBM components… … I thought it might have been IBM messege center… or something…
But other then that… here is my scan from Hijackthis.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
[b]
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:09:13 PM, on 8/23/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://oca.microsoft.com/resredir.aspx?sid=10&Bucket=0x24_Ntfs!NtfsPerformHotFix%2B458&State=1&ID=ed8cef27-e3b8-42f9-b5ec-5bdd7d11b674&LCID=1033&OS=5.1.2600.2.00010300.2.0
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\Avanquest\SystemSuite\LinkScannerIE.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM..\Run: [UC_Start] C:\Program Files\IBM\Updater\ucstartup.exe
O4 - HKLM..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
O4 - HKLM..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM..\Run: [UpdateManager] “c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe” /r
O4 - HKLM..\Run: [IBMPRC] C:\IBMTOOLS\UTILS\ibmprc.exe
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM..\Run: [Hot Key Kbd Daemon] SKDAEMON.EXE
O4 - HKLM..\Run: [DiscWizardMonitor.exe] C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
O4 - HKLM..\Run: [Acronis Scheduler2 Service] “C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe”
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKCU..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\IBM\Java141\jre\bin\NPJPI141.dll
O9 - Extra ‘Tools’ menuitem: IBM Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\IBM\Java141\jre\bin\NPJPI141.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [JAVA_IBM] Java (IBM)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: IBM Rapid Restore Ultra Service - Unknown owner - C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SystemSuite Task Manager - Avanquest Software USA, Inc. - C:\PROGRA~1\AVANQU~1\SYSTEM~1\MXTask.exe
–
End of file - 6279 bytes
[/b]