PohTayToez

I know I got some bad malware awhile ago, and I got rid of most of if, however I am still experiencing restarts. Mostly, when my computer restarts, Windows will load, but generally within two minutes or so after booting, it will restart again. If I just let it sit, it will generally restart about the time that all of my start up programs load, however if I try and open applications during startup then it generally will restart sooner.

Also, it only restarts about 80% of the time, and if I get a good startup, my computer will be good to go for days without restarts, however it still happens randomly, but it seems that I'm always using the computer when it restarts... I leave my computer sit during the night and when I'm away, and it never restarts then.

Also, probably the oddest problem, is when I try to run SUPERAntiSpyware. It will go through and check all of the files for malware, but when it goes to check the registry, it will ALWAYS restart, ALWAYS around the same place/time.

Here is my log:

Logfile of HijackThis v1.99.1
Scan saved at 11:35:34 PM, on 6/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Razer\Copperhead\razerhid.exe
C:\Program Files\Common Files\Logitech\LCD Manager\lcdmon.exe
C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDClock.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Razer\Copperhead\razertra.exe
C:\Program Files\Razer\Copperhead\razerofa.exe
C:\Program Files\HijackThis\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {B71FA585-B351-4E48-8DA8-22F6F705EC73} - C:\WINDOWS\system32\tuvwxvu.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Copperhead] C:\Program Files\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Common Files\Logitech\LCD Manager\lcdmon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: tuvwxvu - tuvwxvu.dll (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

Thanks for any help in advance.

__________________
Desktop / Laptop
AMD Athlon 3200+ @ 2.50Ghz / AMD Athlon X2 TK-53 @ 1.70Ghz
MSI GeForce 7800GT / GeForce Go 6150
2 x 512MB DDR / 2 x 1GB DDR2
250GB SATA II / 80GB 5400RPM SATA
2 x DVD Burner / 8X DVD±R/RW

patrickv

am no good at reading Logs but if you download this
http://www.simplysup.com/
some of your problems would be resolve.

hmm..i 've always wonder what is the lsas thingy !!

__________________
Laptop: Thinkpad X60: Core2Duo T7200 @ 2Ghz,1GB DDR2,110GB SATA -winXP ProSP2
Work Desktop: Core Duo E2180 @ 2Ghz,1.5GB DDR2,240GB HD - XP PRO SP2
Home: Core Duo E2180 2Ghz,1.5GB DDR2,Nvidia GForce 6200TB,320 GB (2x160GB) -Dual boot - XP / OSX 10.5.2

patrickv

yeah i once had the problem whereby when you type regedit your pc reboots..i also lost my "folder options" (check if your is there)
hopefully BUZZ will come along and help you out

__________________
Laptop: Thinkpad X60: Core2Duo T7200 @ 2Ghz,1GB DDR2,110GB SATA -winXP ProSP2
Work Desktop: Core Duo E2180 @ 2Ghz,1.5GB DDR2,240GB HD - XP PRO SP2
Home: Core Duo E2180 2Ghz,1.5GB DDR2,Nvidia GForce 6200TB,320 GB (2x160GB) -Dual boot - XP / OSX 10.5.2

PohTayToez

Not the same problem... I can access regedit and folder options...

__________________
Desktop / Laptop
AMD Athlon 3200+ @ 2.50Ghz / AMD Athlon X2 TK-53 @ 1.70Ghz
MSI GeForce 7800GT / GeForce Go 6150
2 x 512MB DDR / 2 x 1GB DDR2
250GB SATA II / 80GB 5400RPM SATA
2 x DVD Burner / 8X DVD±R/RW

PohTayToez

Sorry, but *bump*

I'd really appreciate some feedback from someone with HijackThis Log experience.

__________________
Desktop / Laptop
AMD Athlon 3200+ @ 2.50Ghz / AMD Athlon X2 TK-53 @ 1.70Ghz
MSI GeForce 7800GT / GeForce Go 6150
2 x 512MB DDR / 2 x 1GB DDR2
250GB SATA II / 80GB 5400RPM SATA
2 x DVD Burner / 8X DVD±R/RW