Can anyone elaborate on what type of service MCSTRM is....

I never heard from MCSTRM. Try searching for the program on your HDD (use basic search from win explorer).

If you find it, try renaming it from MCSTRM.exe to MCSTRM.exe1 or something like that. As I don't know it, i guess it's not that critical for your system. If your system starts behaving oddly after a reboot, it might be wise to rename it back to the original filename.

If it's still in use, terminate it by using CTRL+ALT+DEL.

Also, run MSConfig.exe from Start|Run. Under the Tab Startup search for MCSTRM and uncheck that line. It now won't be restarted with windows.

You might also search your services for occurencies of MCSTRM. Do this by going to Start|Run and type services.msc. Then search the list for MCSTRM. If it's in the list, right-click the entry and choose Properties. Choose as startup type Disabled.

Hope this helps,
Evarest

Thanks for the replies.

1. Cant find MSTRM using  MSconfig or services.msc nor in a windows search.
2. I will try to induce the error or restart and give a new hijack.

thanks

Event Type:      Error
Event Source:      Service Control Manager
Event Category:      None
Event ID:      7000
Date:            9/7/2004
Time:            7:25:28 PM
User:            N/A
Computer:      MIKE-B7RKAHSS5S
Description:
The MCSTRM service failed to start due to the following error:
The system cannot find the file specified.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

I put a random cd into my lite on dvdrw drive and cause a reboot.  my recovery settings for automatic restart is unchecked.
I restarted and the windows loaded and then restart itself to a save dump.  I rebooted to last good config.

here is the bug check
Event Type:      Information
Event Source:      Save Dump
Event Category:      None
Event ID:      1001
Date:            9/7/2004
Time:            7:25:03 PM
User:            N/A
Computer:      MIKE-B7RKAHSS5S
Description:
The computer has rebooted from a bugcheck.  The bugcheck was: 0x00000024 (0x001902fe, 0xf7d00d4c, 0xf7d00a48, 0xf3260d42). A dump was saved in: C:\WINDOWS\Minidump\Mini090704-02.dmp.  

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

This tends to happen when a load a disc from either optical drive.

Hijack file-
Logfile of HijackThis v1.97.7
Scan saved at 7:35:46 PM, on 9/7/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\runservice.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\ssoftsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Messenger\msmsgs.exe
D:\Documents and Settings\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = http://windowsupdate.microsoft.com/
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [SpyHunter] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} (MSSecurityAdvisor Class) - http://download.microsoft.com/download/0/5/c/05c905f4-dd30-427d-a3de-373c3e5552fc/msSecAdv.cab?1092957777287
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/20d3d0cae4a3e811c300/netzip/RdxIE601.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38201.2751041667
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab

What now?  btw what is the best way to get rid of runservice.exe

also autoplay for both drives are set to ask me to choose an action.

but wait here are a couple more error messages that happened while typing this-
Event Type:      Error
Event Source:      Service Control Manager
Event Category:      None
Event ID:      7034
Date:            9/7/2004
Time:            7:41:05 PM
User:            N/A
Computer:      MIKE-B7RKAHSS5S
Description:
The LicCtrl Service service terminated unexpectedly.  It has done this 1 time(s).

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


AND


Event Type:      Error
Event Source:      Application Hang
Event Category:      None
Event ID:      1001
Date:            9/7/2004
Time:            7:41:29 PM
User:            N/A
Computer:      MIKE-B7RKAHSS5S
Description:
Fault bucket 127043675.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20   Bucket:
0008: 31 32 37 30 34 33 36 37   12704367
0010: 35 0d 0a                  5..    


Event Type:      Error
Event Source:      Application Hang
Event Category:      (101)
Event ID:      1002
Date:            9/7/2004
Time:            7:41:18 PM
User:            N/A
Computer:      MIKE-B7RKAHSS5S
Description:
Hanging application explorer.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74   Applicat
0008: 69 6f 6e 20 48 61 6e 67   ion Hang
0010: 20 20 65 78 70 6c 6f 72     explor
0018: 65 72 2e 65 78 65 20 36   er.exe 6
0020: 2e 30 2e 32 39 30 30 2e   .0.2900.
0028: 32 31 38 30 20 69 6e 20   2180 in
0030: 68 75 6e 67 61 70 70 20   hungapp
0038: 30 2e 30 2e 30 2e 30 20   0.0.0.0
0040: 61 74 20 6f 66 66 73 65   at offse
0048: 74 20 30 30 30 30 30 30   t 000000
0050: 30 30                     00      


and

Event Type:      Error
Event Source:      Application Error
Event Category:      None
Event ID:      1001
Date:            9/7/2004
Time:            7:40:24 PM
User:            N/A
Computer:      MIKE-B7RKAHSS5S
Description:
Fault bucket 00733296.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20   Bucket:
0008: 30 30 37 33 33 32 39 36   00733296
0010: 0d 0a                     ..      


and

Event Type:      Error
Event Source:      Application Error
Event Category:      (100)
Event ID:      1000
Date:            9/7/2004
Time:            7:40:04 PM
User:            N/A
Computer:      MIKE-B7RKAHSS5S
Description:
Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module dbghelp.dll, version 5.1.2600.2180, fault address 0x0001295d.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74   Applicat
0008: 69 6f 6e 20 46 61 69 6c   ion Fail
0010: 75 72 65 20 20 64 72 77   ure  drw
0018: 74 73 6e 33 32 2e 65 78   tsn32.ex
0020: 65 20 35 2e 31 2e 32 36   e 5.1.26
0028: 30 30 2e 30 20 69 6e 20   00.0 in
0030: 64 62 67 68 65 6c 70 2e   dbghelp.
0038: 64 6c 6c 20 35 2e 31 2e   dll 5.1.
0040: 32 36 30 30 2e 32 31 38   2600.218
0048: 30 20 61 74 20 6f 66 66   0 at off
0050: 73 65 74 20 30 30 30 31   set 0001
0058: 32 39 35 64               295d    


These logs really mean nothing to me.  What else can I give you to help?

>> The LicCtrl Service service terminated unexpectedly.  It has done this 1 time(s).

this is this process >> C:\WINDOWS\runservice.exe >> http://www.2-spyware.com/file-runservice-exe.html
if u cannot find this service in msconfig or servies, then u can try renaming this runservice.exe to something else in C:\Windows

restart and check now ??

ogfile of HijackThis v1.97.7
Scan saved at 8:19:32 PM, on 9/7/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\ssoftsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\mmc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Messenger\msmsgs.exe
D:\Documents and Settings\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = http://windowsupdate.microsoft.com/
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [SpyHunter] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} (MSSecurityAdvisor Class) - http://download.microsoft.com/download/0/5/c/05c905f4-dd30-427d-a3de-373c3e5552fc/msSecAdv.cab?1092957777287
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/20d3d0cae4a3e811c300/netzip/RdxIE601.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38201.2751041667
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Here is a better timeline of events:

Anytime I restart I get the BSOD along with the the messages:

Event Type:      Error
Event Source:      Service Control Manager
Event Category:      None
Event ID:      7000
Date:            9/7/2004
Time:            8:17:02 PM
User:            N/A
Computer:      MIKE-B7RKAHSS5S
Description:
The MCSTRM service failed to start due to the following error:
The system cannot find the file specified.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

AND

Event Type:      Error
Event Source:      Service Control Manager
Event Category:      None
Event ID:      7000
Date:            9/7/2004
Time:            8:17:02 PM
User:            N/A
Computer:      MIKE-B7RKAHSS5S
Description:
The LicCtrl Service service failed to start due to the following error:
The system cannot find the file specified.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.  

AND  Something like this  

Event Type:      Information
Event Source:      Save Dump
Event Category:      None
Event ID:      1001
Date:            9/7/2004
Time:            8:16:44 PM
User:            N/A
Computer:      MIKE-B7RKAHSS5S
Description:
The computer has rebooted from a bugcheck.  The bugcheck was: 0x00000024 (0x001902fe, 0xf7d2cd4c, 0xf7d2ca48, 0xf2b1cd42). A dump was saved in: C:\WINDOWS\Minidump\Mini090704-04.dmp.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

I retrieved these logs after a reboot (f8) to last good config.  THe  hijack file above is the most recent after the reboot.  Of note-  everytime I go into last good config.  windows re-recognize my optical drives as new hardware  (liteon dvdrw recently installed and pioneer dvd rom.)  the drives are in the secondary controller and master/ slave respectively.  This is the same as the original config with the oem cd rw that I replace.  

This is fun!

When a boot is done into the last good config, does this refer only to the registry??

I think I should up the point totally on this one.

I found the MCSTRM file in the registry.  I am not sure what the info listed means but here it is-

Key Name:          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MCSTRM
Class Name:        <NO CLASS>
Last Write Time:   9/7/2004 - 8:15 PM
Value 0
  Name:            Type
  Type:            REG_DWORD
  Data:            0x1

Value 1
  Name:            Start
  Type:            REG_DWORD
  Data:            0x2

Value 2
  Name:            ErrorControl
  Type:            REG_DWORD
  Data:            0x1

Value 3
  Name:            DisplayName
  Type:            REG_SZ
  Data:            MCSTRM

Value 4
  Name:            Group
  Type:            REG_SZ
  Data:            MCSTRM


Key Name:          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MCSTRM\Security
Class Name:        <NO CLASS>
Last Write Time:   8/19/2004 - 6:36 PM
Value 0
  Name:            Security
  Type:            REG_BINARY
  Data:            
00000000   01 00 14 80 90 00 00 00 - 9c 00 00 00 14 00 00 00  ................
00000010   30 00 00 00 02 00 1c 00 - 01 00 00 00 02 80 14 00  0...............
00000020   ff 01 0f 00 01 01 00 00 - 00 00 00 01 00 00 00 00  ÿ...............
00000030   02 00 60 00 04 00 00 00 - 00 00 14 00 fd 01 02 00  ..`.........ý...
00000040   01 01 00 00 00 00 00 05 - 12 00 00 00 00 00 18 00  ................
00000050   ff 01 0f 00 01 02 00 00 - 00 00 00 05 20 00 00 00  ÿ........... ...
00000060   20 02 00 00 00 00 14 00 - 8d 01 02 00 01 01 00 00   ...............
00000070   00 00 00 05 0b 00 00 00 - 00 00 18 00 fd 01 02 00  ............ý...
00000080   01 02 00 00 00 00 00 05 - 20 00 00 00 23 02 00 00  ........ ...#...
00000090   01 01 00 00 00 00 00 05 - 12 00 00 00 01 01 00 00  ................
000000a0   00 00 00 05 12 00 00 00 -                          ........


Key Name:          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MCSTRM\Enum
Class Name:        <NO CLASS>
Last Write Time:   9/7/2004 - 8:16 PM
Value 0
  Name:            0
  Type:            REG_SZ
  Data:            Root\LEGACY_MCSTRM\0000

Value 1
  Name:            Count
  Type:            REG_DWORD
  Data:            0x1

Value 2
  Name:            NextInstance
  Type:            REG_DWORD
  Data:            0x1

Value 3
  Name:            INITSTARTFAILED
  Type:            REG_DWORD
  Data:            0x1

It must be a non-plug and play service or driver.
Open the device manager.  Select View/show hidden devices.
Look at the non-plug and play drivers.
Click the item in question/disable.

Also, you can just delete the key in the registry:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MCSTRM

Dave

>> I found the MCSTRM file in the registry.

ofcourse,,,, backup this key\folder and then delete it..... coz first of all its unknown service, second this is not found on ur system, third its creating problems, so there is no need of it to present in the services registry folder !!

infact, i will say to remove this LicCtrl Service also from registry.... its that process runservice.exe which is not required by u, and this is failing also..... so remove these both !!

I will try these fixes and update after work.  thanks

Driver : MCSTRM
Description : RealNetworks Virtual Path Manager®
Version : 5.0.2195.7
Company : RealNetworks, Inc.

Off  of yahoo.

now what is this RealNetworks Virtual Path Manager :-?
Real.com has nothing related to it on its site.... neither Google came up with anything =\

I did install and uninstall realplayer a few weeks ago to try the 49 cent downloads.   the realplayer library wasn't  easy to use and crashed a lot  so i uninstalled it.  Perhaps it is a remnant of real service, maybe radiopass?

hmmmmm radio pass... i dont use it, i have the free real player and that can be the reason i dont have such service ??

Maybe it's a driver to support the ipod management?? wild guess.

hmmmmmmmm, btw just tell me one thing,,,,, are u abel to boot from the CD without this rebooting problem ??
or when u boot into safemode, and insert a CD or DVD, same thing happens there also ??

"when u boot into safemode, and insert a CD or DVD, same thing happens there also ??"

I haven't tried to create the problem in safe mood yet.  But I will tonight.

"are u abel to boot from the CD without this rebooting problem ??"

not sure what you mean by this.


I emailed tech support a real concerning MCSTRM, hopefully they will reply this year.

So tonight i plan to back up and delete the registries for MCSRTM and liccrtl

I will run chkdsk on both my hard drives to check for errors.

I will download bootdisks for xp sp2 (I have nothing to boot from besides whats on the hard drive).

I will update again,  any other suggestions?

>> not sure what you mean by this.

coz i was thinking, if it wud be a firmware or motherboard compatibility problem, u wud be unable to boot from the bootable cds..... coz as soon as it tries to access the CD, it shud restart or freeze ur system.... right :-?

UPDATE----

1. backed up MCSTRM and licctrl registry entries and delete in normal windows.
2. Found MCSTRM in hidden device manager non plug and play- uninstalled it in normal windows.

rebooted to windows and had the same problem as before - BSOD with MCSTRM and Licctrl error messages.
I rebooted into safe mode  and logged on as admin.  Computer stated admin file could not be find and logged me in as default user.  I could not delete MCSTRM or Licctrl in this safe mode profile-  error message was something like "cannot not delete files-error in deleting"

So.. i rebooted to safemode under my user name without a problem.  MCSTRM and Licctrl dont exist in this profile.  I tried disc in both optical drives and both worked fine without  any problems.  so here i sit.

hijack of safemode currently-

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\mmc.exe
C:\Program Files\Lavalys\EVEREST Home Edition\everest.bin
C:\WINDOWS\regedit.exe
D:\Documents and Settings\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = http://windowsupdate.microsoft.com/
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} (MSSecurityAdvisor Class) - http://download.microsoft.com/download/0/5/c/05c905f4-dd30-427d-a3de-373c3e5552fc/msSecAdv.cab?1092957777287
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/20d3d0cae4a3e811c300/netzip/RdxIE601.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38201.2751041667
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Here is a everest profile:

--------[ EVEREST Home Edition (c) 2003, 2004 Lavalys, Inc. ]-----------------------------------------------------------

    Version                                           EVEREST v1.10.106
    Homepage                                          http://www.lavalys.com/
    Report Type                                       Report Wizard
    Computer                                          MIKE-B7RKAHSS5S
    Generator                                         Mike
    Operating System                                  Microsoft Windows XP Home Edition 5.1.2600 (WinXP Retail)
    Date                                              2004-09-08
    Time                                              19:37


--------[ Summary ]-----------------------------------------------------------------------------------------------------

    Computer:
      Operating System                                  Microsoft Windows XP Home Edition
      OS Service Pack                                   Service Pack 2
      Internet Explorer                                 6.0.2900.2180
      DirectX                                           4.09.00.0904 (DirectX 9.0)
      Computer Name                                     MIKE-B7RKAHSS5S
      User Name                                         Mike

    Motherboard:
      CPU Type                                          Intel Pentium 4, 1500 MHz
      Motherboard Name                                  Unknown
      Motherboard Chipset                               Intel Brookdale i845
      System Memory                                     768 MB
      BIOS Type                                         Award Medallion (08/28/01)
      Communication Port                                Communications Port (COM1)
      Communication Port                                Communications Port (COM2)
      Communication Port                                ECP Printer Port (LPT1)

    Display:
      Video Adapter                                     nVIDIA GeForce FX 5600
      3D Accelerator                                    nVIDIA GeForce FX 5600

    Multimedia:
      Audio Adapter                                     Creative Audigy Platinum Sound Card

    Storage:
      IDE Controller                                    Intel(r) 82801BA Bus Master IDE Controller
      Floppy Drive                                      Floppy disk drive
      Disk Drive                                        ST380011A  (80 GB, 7200 RPM, Ultra-ATA/100)
      Disk Drive                                        Maxtor 4D040H2  (40 GB, 5400 RPM, Ultra-ATA/100)
      Optical Drive                                     LITE-ON DVDRW SOHW-812S
      Optical Drive                                     PIONEER DVD-ROM DVD-116  (16x/40x DVD-ROM)
      SMART Hard Disks Status                           OK

    Partitions:
      C: (NTFS)                                         34558 MB (16118 MB free)
      D: (NTFS)                                         76316 MB (54302 MB free)

    Input:
      Keyboard                                          Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
      Mouse                                             PS/2 Compatible Mouse

    Network:
      Network Adapter                                   Intel(R) PRO/100 VE Network Connection  (24.217.149.115)

    Peripherals:
      USB1 Controller                                   Intel 82801BA(M) ICH2X/M - USB Controller 1 [C-0]
      USB1 Controller                                   Intel 82801BA(M) ICH2X/M - USB Controller 2 [C-0]
      USB Device                                        Generic USB Hub
      USB Device                                        USB Printing Support
      USB Device                                        Visioneer 87XX/89XX USB Scanner


--------[ Debug - PCI ]-------------------------------------------------------------------------------------------------

    B00 D1F F02:  Intel 82801BA(M) ICH2X/M - USB Controller 1 [C-0]
                 
      Offset 00:  86 80 42 24  00 00 00 00  12 00 03 0C  00 00 00 00
      Offset 10:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 20:  00 00 00 00  00 00 00 00  00 00 00 00  43 10 28 80
      Offset 30:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 40:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 50:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 60:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 70:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 80:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 90:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset A0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset B0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset C0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset D0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset E0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset F0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00

    B00 D1F F04:  Intel 82801BA(M) ICH2X/M - USB Controller 2 [C-0]
                 
      Offset 00:  86 80 44 24  00 00 00 00  12 00 03 0C  00 00 00 00
      Offset 10:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 20:  00 00 00 00  00 00 00 00  00 00 00 00  43 10 28 80
      Offset 30:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 40:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 50:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 60:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 70:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 80:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 90:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset A0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset B0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset C0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset D0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset E0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset F0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00

    B01 D00 F00:  nVIDIA GeForce FX 5600 Video Adapter
                 
      Offset 00:  DE 10 12 03  00 00 00 00  A1 00 00 03  00 00 00 00
      Offset 10:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 20:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 30:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 40:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 50:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 60:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 70:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 80:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 90:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset A0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset B0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset C0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset D0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset E0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset F0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00

    B00 D1F F01:  Intel 82801BA ICH2X/M - ATA-100 IDE Controller [C-0]
                 
      Offset 00:  86 80 4B 24  00 00 00 00  12 00 01 01  00 00 00 00
      Offset 10:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 20:  00 00 00 00  00 00 00 00  00 00 00 00  43 10 28 80
      Offset 30:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 40:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 50:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 60:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 70:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 80:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 90:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset A0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset B0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset C0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset D0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset E0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset F0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00

    B02 D0A F00:  Creative Audigy Platinum Sound Card
                 
      Offset 00:  02 11 04 00  00 00 00 00  03 00 80 04  00 00 00 00
      Offset 10:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 20:  00 00 00 00  00 00 00 00  00 00 00 00  02 11 51 00
      Offset 30:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 40:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 50:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 60:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 70:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 80:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 90:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset A0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset B0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset C0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset D0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset E0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset F0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00

    B02 D0A F01:  Creative Audigy Game Port
                 
      Offset 00:  02 11 03 70  00 00 00 00  03 00 80 04  00 00 00 00
      Offset 10:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 20:  00 00 00 00  00 00 00 00  00 00 00 00  02 11 40 00
      Offset 30:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 40:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 50:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 60:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 70:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 80:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 90:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset A0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset B0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset C0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset D0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset E0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset F0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00

    B02 D08 F00:  Intel PRO/100 VE Network Connection
                 
      Offset 00:  86 80 49 24  00 00 00 00  03 00 00 02  00 00 00 00
      Offset 10:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 20:  00 00 00 00  00 00 00 00  00 00 00 00  86 80 13 30
      Offset 30:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 40:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 50:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 60:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 70:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 80:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 90:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset A0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset B0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset C0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset D0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset E0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset F0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00

    B00 D1F F00:  Intel 82801BA ICH2X/M - LPC Bridge [C-0]
                 
      Offset 00:  86 80 40 24  00 00 00 00  12 00 00 08  00 00 00 00
      Offset 10:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 20:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 30:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 40:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 50:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 60:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 70:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 80:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 90:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset A0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset B0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset C0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset D0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset E0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset F0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00

    B00 D01 F00:  Intel 82845 AGP Controller [A-3]
                 
      Offset 00:  86 80 31 1A  00 00 00 00  03 00 00 08  00 00 00 00
      Offset 10:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 20:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 30:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 40:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 50:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 60:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 70:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 80:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 90:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset A0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset B0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset C0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset D0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset E0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset F0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00

    B00 D00 F00:  Intel 82845 Memory Controller Hub [A-3]
                 
      Offset 00:  86 80 30 1A  00 00 00 00  03 00 00 08  00 00 00 00
      Offset 10:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 20:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 30:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 40:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 50:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 60:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 70:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 80:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 90:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset A0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset B0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset C0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset D0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset E0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset F0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00

    B00 D1E F00:  Intel 82801BA I/O Controller Hub 2X/M (ICH2X/M) [C-0]
                 
      Offset 00:  86 80 4E 24  00 00 00 00  12 00 00 08  00 00 00 00
      Offset 10:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 20:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 30:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 40:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 50:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 60:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 70:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 80:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 90:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset A0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset B0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset C0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset D0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset E0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset F0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00

    B02 D0B F00:  Texas Instruments TSB43AB23 1394A-2000 OHCI PHY/Link-Layer Controller
                 
      Offset 00:  4C 10 24 80  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 10:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 20:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 30:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 40:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 50:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 60:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 70:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 80:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 90:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset A0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset B0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset C0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset D0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset E0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset F0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00

    B02 D09 F00:  Texas Instruments OHCI Compliant FireWire Controller
                 
      Offset 00:  4C 10 20 80  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 10:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 20:  00 00 00 00  00 00 00 00  00 00 00 00  35 12 20 80
      Offset 30:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 40:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 50:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 60:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 70:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 80:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 90:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset A0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset B0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset C0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset D0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset E0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset F0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00

    B02 D0A F02:  Creative Audigy IEEE1394 Firewire Controller
                 
      Offset 00:  02 11 01 40  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 10:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 20:  00 00 00 00  00 00 00 00  00 00 00 00  02 11 10 00
      Offset 30:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 40:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 50:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 60:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 70:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 80:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset 90:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset A0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset B0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset C0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset D0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset E0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
      Offset F0:  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00


--------[ Debug - Video BIOS ]------------------------------------------------------------------------------------------

    C000:0000  U.~.K7400.L.w.VIDEO ....,.@...IBM VGA Compatible......z.04/04/03
    C000:0040  .................u......_@@`..@........."....u..|.PMIDl.o.......
    C000:0080  .....3...........NV..'..x8 1.................D.P..O...?.?#G.F.F
    C000:00C0  ..'..p.........2...`...0W...q.r.r.r.r.r.r2.>.............r.B....
    C000:0100  .....G.b.R.....................q0.7.=..s....(#..end bmp.....h.O.
    C000:0140  ...G...........S.k..............................U...}...........
    C000:0180  ....................0u..z........n........@...n,...........n....
    C000:01C0  ........r.............0u......n,.......4...n........P...z.......
    C000:0200  .n............k.r.....................k.rq..PCIR............~...
    C000:0240  ....GeForce FX 5600 BIOS........................................
    C000:0280  .....................Version 4.31.20.38.00 ...Copyright (C) 1996
    C000:02C0  -2003 NVIDIA Corp...............................................
    C000:0300  ....NV31 Board - p141nz  ..............Chip Rev   ..............
    C000:0340  ......1.......7.......A...I.f.L.....a......oe.D...............n.
    C000:0380  ....q...>.t.....).x...9.#.f`....q................u..fa.?u....f`3
    C000:03C0  ....fa....C.*....F.......u.........8...t......2.....t..Q........


--------[ Debug - Unknown ]---------------------------------------------------------------------------------------------

    Motherboard     08/28/2001-I845 -P4B-LA


------------------------------------------------------------------------------------------------------------------------

The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
ANything else I can give you???

thanks, mike


Let me know if i can give any more info to you.

Another Question-

Should I delete all instances of MCSTRM and Licctrl from the registry???

ok i cannot see tha runservice.exe process now,,,,, and if this problem is not happening in safemode, means in Normal mode there must be those services active, and are causing this......
yes u can delete all instances of MCSTRM and Licctrl from the registry, but dont forget to backup them first for precuations :)

I am still at a loss....

I have cleaned the registry of all instances of MCSTRM and Licctlr




Key Name:          HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit
Class Name:        <NO CLASS>
Last Write Time:   9/8/2004 - 7:17 PM
Value 0
  Name:            View
  Type:            REG_BINARY
  Data:            
00000000   2c 00 00 00 00 00 00 00 - 01 00 00 00 ff ff ff ff  ,...........ÿÿÿÿ
00000010   ff ff ff ff ff ff ff ff - ff ff ff ff 42 00 00 00  ÿÿÿÿÿÿÿÿÿÿÿÿB...
00000020   42 00 00 00 9a 02 00 00 - dd 01 00 00 d8 00 00 00  B.......Ý...Ø...
00000030   78 00 00 00 78 00 00 00 - 20 01 00 00 01 00 00 00  x...x... .......


Value 1
  Name:            FindFlags
  Type:            REG_DWORD
  Data:            0xe

Value 2
  Name:            LastKey
  Type:            REG_SZ
  Data:            My Computer\HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_MCSTRM


Key Name:          HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\Favorites
Class Name:        <NO CLASS>
Last Write Time:   9/8/2004 - 7:13 PM

and


Key Name:          HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\*
Class Name:        <NO CLASS>
Last Write Time:   9/8/2004 - 7:15 PM
Value 0
  Name:            a
  Type:            REG_SZ
  Data:            C:\Documents and Settings\Administrator.MIKE-B7RKAHSS5S\My Documents\mcstrm.reg

Value 1
  Name:            MRUList
  Type:            REG_SZ
  Data:            ba

Value 2
  Name:            b
  Type:            REG_SZ
  Data:            C:\Documents and Settings\Administrator.MIKE-B7RKAHSS5S\My Documents\licctrl.reg


and several others where mcstrm an lictrl are mentioned in data strings.  I not sure about dumping these.


I reboot and a still get dumped back to bsod after windows load up.  the last to error messages associated mention licctrl only, however.

Event Type:      Error
Event Source:      Service Control Manager
Event Category:      None
Event ID:      7000
Date:            9/9/2004
Time:            7:04:36 PM
User:            N/A
Computer:      MIKE-B7RKAHSS5S
Description:
The LicCtrl Service service failed to start due to the following error:
The system cannot find the file specified.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


I also received a response from real network tech support directing me to delete certain files in windows assc. with real player, which i did.   interestingly I found a regkey that was strange and deleted it as well (it contained mention of runservice, mcstrm, and the -.dll files real told me to delete.  here is that key-


[HKEY_CURRENT_USER\Software\Microsoft\Search Assistant]
"InstallDir"="C:\\WINDOWS\\srchasst\\"
"Actor"="c:\\windows\\srchasst\\chars\\rover.acs"
"UsageCount"=dword:0000000a

[HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru]

[HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603]
"000"="Sete3260.dll"
"001"="Rnuninst.exe"
"002"="Rmoc3260.dl"
"003"="Prefscpl.cpl"
"004"="Pnen3260.dll"
"005"="Pndx5016.dll"
"006"="Pndx5032.dll"
"007"="runservice"
"008"="mcstrm"
"009"="WDM"

[HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5604]

[HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\Tips]

[HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\Tips\SrchAssCtl]

[HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\Tips\SrchAssCtl\fa0]
"TimesResisted"=dword:00000000
"TimesDisplayed"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\Tips\SrchAssCtl\fa1]
"TimesResisted"=dword:00000000
"TimesDisplayed"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\Tips\SrchAssCtl\fa2]
"TimesResisted"=dword:00000000
"TimesDisplayed"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\Tips\SrchAssCtl\fa4]
"TimesResisted"=dword:00000000
"TimesDisplayed"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\Tips\SrchAssCtl\fa5]
"TimesResisted"=dword:00000000
"TimesDisplayed"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\Tips\SrchAssCtl\fa6]
"TimesResisted"=dword:00000000
"TimesDisplayed"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\Tips\SrchAssCtl\fa8]
"TimesResisted"=dword:00000000
"TimesDisplayed"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\Tips\SrchAssCtl\fa9]
"TimesResisted"=dword:00000000
"TimesDisplayed"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\Tips\SrchAssCtl\faa]
"TimesResisted"=dword:00000000
"TimesDisplayed"=dword:00000000

any more suggestions anyone???  My wife is starting to think I'm having a internet affair now.

ok before going into mroe depth,,,, try an easy step first.....
create a new user and then login with it
check if same BSOD problem is happening or not ??

thanks, i will try.

btw- i have elicence control folder in my control panel and it is empty-- signifcant???

also, here is the last error message i got after bsod

Event Type:      Error
Event Source:      Service Control Manager
Event Category:      None
Event ID:      7001
Date:            9/9/2004
Time:            7:38:36 PM
User:            N/A
Computer:      MIKE-B7RKAHSS5S
Description:
The SAVScan service depends on the SAVRT service which failed to start because of the following error:
A device attached to the system is not functioning.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
thanks again.

i created a new user in safe mode (correct?) and tried to logon normal windows. The user was there but
windows said it cannot find the file for the user.  it logged me into windows as the default account and presto
bsod with this error:
Event Type:      Error
Event Source:      Service Control Manager
Event Category:      None
Event ID:      7001
Date:            9/9/2004
Time:            8:03:03 PM
User:            N/A
Computer:      MIKE-B7RKAHSS5S
Description:
The SAVScan service depends on the SAVRT service which failed to start because of the following error:
A device attached to the system is not functioning.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.



and


Event Type:      Error
Event Source:      Service Control Manager
Event Category:      None
Event ID:      7026
Date:            9/9/2004
Time:            8:03:03 PM
User:            N/A
Computer:      MIKE-B7RKAHSS5S
Description:
The following boot-start or system-start driver(s) failed to load:
ATMhelpr
Fips
Processor
SAVRT
SAVRTPEL

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.as



of note- all safe modes are functional-- even the safemode for directory service whatever that is

also-

Licctrol is listed in the services (start up disabled)-  the path to executable is C:\WINDOWS\runservice.exe, which does not exist..

those error previously appeared related to norton av 2004

recommend re-install of norton?

Ok whatever i did worked.  I don't know what happened.  I rebooted into last good config then imediately restarted.  Maybe this is what i should have done all along.  So far everything is good.  I can load disc into either drive without any problems.  any suggestions at this point to make sure i will stay good?

Anyway thanks to Sheharyaar and Daveexnet.  I learned a lot about how to troubleshoot and not to fear the registry monster so much.  

wowwwww.... see the length of this thread.... and see the Final solution..... why windows cannot behave like a gentleman =\

lol.. anywayzzzzzz im gald that finally u are back with ur system and happy that registry monster has gone from ur house ;-)
Cheers ^_^

I know that this thread has already been answered. However, I wanted to add some information here anyways so that people will know how to solve the problems that Realplayer and Rhapsody have on Windows Vista.

First, I wanted to clarify for everyone that the mcstrm.sys file is put in the system32/drivers folder by Realplayer. It is a required file for Rhapsody to work.

The problem with the file location is actually in the registry. In order to stop getting errors in your system log about the file being not a valid Win32 application or the path being invalid, you must:

1. Run regedit
2. Go to HKLM > SYSTEM > ControlSet001 > Services > MCSTRM (or you can search for mcstrm in the registry until you get to a key that contains a ImagePath string value
3. Change the ImagePath value to this EXACTLY: System32\DRIVERS\mcstrm.sys

- This should be the location where mcstrm is installed. If this doesn't work the first time, delete the file mcstrm.sys from C:\Windows\System32\drivers and then reinstall Real and Rhapsody.They will work fine. Even on Vista Home Edition.

Ben Sigman
Rent-A-Geek
rentageekla.com