ComputerForum.com ComputerForum.com  
TigerDirect
  
Go Back   Computer Forum > Computer Software > Computer Security
computer restarts randomly, hjt log computer restarts randomly, hjt log
Register FAQ Members List Calendar Mark Forums Read

Reply
Page 1 of 5 1 2345 >
 
LinkBack Thread Tools Display Modes
Old 09-23-2006, 08:53 PM   #1 (permalink)
banned
 
Join Date: Dec 2005
Posts: 979
Default computer restarts randomly, hjt log
i have run ewido, superantisyware and cc cleaner in safe mode, but no dice on fixing my problem. any help please? heres the hijack this log(from safe mode, as i cant run it in normal because it restarts before i can):

Logfile of HijackThis v1.99.1
Scan saved at 2:49:09 PM, on 9/23/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aroundtownkc.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.mrfindalot.com/search.asp?si=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = ams-server*;;localhost
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconem.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - K:\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - K:\PartyPokerNet\RunPF.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.rr.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1124666844875
O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} - http://awbeta.net-nucleus.com/FIX/WinATS.cab
O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://download.cdn.winsoftware.com/...reeInstall.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://www.shockwave.com/content/bej...ploader_v6.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\tmp_m8.dll
O20 - Winlogon Notify: SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WASHData - C:\WINDOWS\system32\jt6m07j1e.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Windows Security Drivers (csrs) - Unknown owner - C:\WINDOWS\csrss.exe (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Freenet 0.7 darknet (freenet-darknet) - Unknown owner - C:\Program Files\freenet\bin\wrapper-windows-x86-32.exe" -s ../wrapper.conf (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
palmmann is offline   Reply With Quote


Old 09-23-2006, 08:55 PM   #2 (permalink)
Platinum Member
 
Join Date: Jul 2006
Posts: 812
Default
Try running ad-aware, spybot search and destroy and also Spyware terminator. If those don't fix your problem, post back.
soccerdude is offline   Reply With Quote
Old 09-23-2006, 09:15 PM   #3 (permalink)
Diamond Member
 
PC eye's Avatar
 
Join Date: Apr 2006
Location: Inside a pc
Posts: 19,717
Default
How often do you see the systems restarts? Are you running particular at that time? Generally spywares, adwares, and other malwares don't see sudden restarts. If you are having a temp or supply problem you would be looking at hardware not software.
PC eye is offline   Reply With Quote
Old 09-23-2006, 09:18 PM   #4 (permalink)
banned
 
Join Date: Jun 2006
Posts: 1,299
Default
[Content Removed]
Last edited by Arm_Pit; 09-24-2006 at 02:30 AM.
Arm_Pit is offline   Reply With Quote
Old 09-24-2006, 12:02 AM   #5 (permalink)
banned
 
Join Date: Dec 2005
Posts: 979
Default
Quote:
Originally Posted by PC eye View Post
How often do you see the systems restarts? Are you running particular at that time? Generally spywares, adwares, and other malwares don't see sudden restarts. If you are having a temp or supply problem you would be looking at hardware not software.
Quote:
download Memtest86+ and run it overnight imo, ram will cause this often.
it's not overheating and i know it's software because safe mode runs fine. i've run speed fan, and my temps are around 40*C in safe mode, except a bad reading of 123*(it's always been bad).

thanks soccerdude, i'll run those and post back when they're done.


it restarts a couple minutes after it boots into normal mode
Last edited by palmmann; 09-24-2006 at 12:07 AM.
palmmann is offline   Reply With Quote


Old 09-24-2006, 01:49 AM   #6 (permalink)
Diamond Member
 
PC eye's Avatar
 
Join Date: Apr 2006
Location: Inside a pc
Posts: 19,717
Default
Have you tried anything like AVG, Avast, or Antivir? How old is the board? If it is a new board you have to get a bios update. On boards that have been in use for a few years an update or even a battery are the usual things to look at. The idea here is to first rule out any hardware problem.
PC eye is offline   Reply With Quote
Old 09-24-2006, 02:03 AM   #7 (permalink)
banned
 
Join Date: Dec 2005
Posts: 979
Default
ok ok... i gotcha. i've run avast with it finding barely anything, but no avg or antivir. no clue on the age of the board, but a bios update is pretty much out since this is in an emachines computer, not my old sig rig. just incase it matters, i got the comp about 1.5-2 years ago, it's an athlon 64 3200+ with 512 megs of ram, 128 being taken by the radeon 200 express. would it be worth the wait to take the comp back to best buy? it's under 3 year warrentee, so i can't take it apart.

EDIT
btw, i've run adaware and spybot, terminator is running now. adaware found nothing, and spybot found 83 things, 3 of which will be fixed when i next restart.
Last edited by palmmann; 09-24-2006 at 02:05 AM. Reason: forgot something
palmmann is offline   Reply With Quote
Old 09-24-2006, 02:29 AM   #8 (permalink)
Diamond Member
 
PC eye's Avatar
 
Join Date: Apr 2006
Location: Inside a pc
Posts: 19,717
Default
If you are under a warranty you could see if they could determine the problem for you and not void anything on it. They would probably get the bios updated for you at the same time. The support staff usually has to provide you with a link for anything like that unlike Dell or HP with updates, drivers, and other items readily available online.
PC eye is offline   Reply With Quote
Old 09-24-2006, 02:31 AM   #9 (permalink)
Platinum Member
 
Join Date: Jan 2006
Posts: 567
Default
He has a trojan infection.
edifier is offline   Reply With Quote
Old 09-24-2006, 02:36 AM   #10 (permalink)
banned
 
Join Date: Dec 2005
Posts: 979
Default
Quote:
Originally Posted by PC eye View Post
If you are under a warranty you could see if they could determine the problem for you and not void anything on it. They would probably get the bios updated for you at the same time. The support staff usually has to provide you with a link for anything like that unlike Dell or HP with updates, drivers, and other items readily available online.
i'll take it in in a day or two i guess, i was just hoping that it was something that i could fix so i didn't have to.

Quote:
He has a trojan infection.
interesting, not trying to say anything mean or sarcastic, but may i have more info, like maybe how to get rid of it or something?
palmmann is offline   Reply With Quote
Reply
Page 1 of 5 1 2345 >

Bookmarks

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads
Thread Thread Starter Forum Replies Last Post
My Computer Restarts Over & Over! Help! BballSteve Desktop Computers 12 04-24-2006 10:13 PM
HJT log. My first virus. PLEASE help me. dunerider5 Computer Security 22 12-27-2005 05:42 AM
HJT Log for old Computer mpic92 Computer Security 7 12-08-2005 09:58 PM
Help! My Computer Restarts At Logon Prompt!!! sirantonycartwright General Computer Chat 2 10-12-2005 07:02 PM
Help, My Computer Restarts At Log-on!!! sirantonycartwright Computer Memory and Hard Drives 0 10-12-2005 04:36 PM



All times are GMT +1. The time now is 07:44 PM.

Contact Us - Computer Forum - Sitemap - Top

Powered by: vBulletin Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0 ©2008, Crawlability, Inc.
Copyright © 2002-2008 Computer Forum and Web Design Forum