My computer keeps restarting over and over and over again before I can log in. It appears to be on a timer because it happens even when I don't attempt to log in. Before this cycle started I saw a download window pop up. Hmm... Here's my stuff:
Logfile of HijackThis v1.99.1
Scan saved at 12:05:40 AM, on 1/12/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Owner\Desktop\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - (00110011-4b0b-44d5-9718-90c88817369b) - (no file)
O2 - BHO: Yahoo! Toolbar Helper - (02478D38-C3F9-4EFB-9B51-7695ECA05670) - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - (11904ce8-632a-4856-a7cc-00b33fe71bd8) - (no file)
O2 - BHO: (no name) - (15ACE85C-0BB1-42d1-9E32-07EB0506675A) - (no file)
O2 - BHO: (no name) - (202a961f-23ae-42b1-9505-ffe3c818d717) - (no file)
O2 - BHO: (no name) - (479fd0cf-5be9-4c63-8cda-b6d371c67bd5) - (no file)
O2 - BHO: (no name) - (5753791b-f607-48ca-814e-91c14d081f9e) - (no file)
O2 - BHO: (no name) - (7070a8f9-08a4-ca47-0ab0-1eb9e4ee1f3b) - (no file)
O2 - BHO: (no name) - (746455fe-d059-47e7-af0e-140e03f5a447) - (no file)
O2 - BHO: (no name) - (77701e16-9bfe-4b63-a5b4-7bd156758a37) - (no file)
O2 - BHO: (no name) - (7a7e6d97-b492-4884-9abb-c31281dcc4f2) - (no file)
O2 - BHO: (no name) - (860c2f6b-ca82-4282-9187-beccbb66f0af) - (no file)
O2 - BHO: (no name) - (87185e78-a61b-4db3-965a-3235bbd7a622) - (no file)
O2 - BHO: (no name) - (8dc8f96d-34f7-1501-a2a4-631341aa3ac1) - (no file)
O2 - BHO: (no name) - (9c5875b8-93f3-429d-ff34-660b206d897a) - (no file)
O2 - BHO: (no name) - (a2595f37-48d0-46a1-9b51-478591a97764) - (no file)
O2 - BHO: ASGP32.ASGP - (AB268D16-3B58-482F-91EB-8D305534302F) - C:\WINDOWS\System32\asgp32.dll
O2 - BHO: (no name) - (b212d577-05b7-4963-911e-4a8588160dfa) - (no file)
O2 - BHO: (no name) - (cf021f40-3e14-23a5-cba2-717765721306) - (no file)
O2 - BHO: (no name) - (d1ac752e-883f-4ed8-8828-b618c3a72152) - (no file)
O2 - BHO: (no name) - (e2b2b5a1-b48c-4886-a318-723916a01024) - (no file)
O2 - BHO: (no name) - (e3eebbe8-9cab-4c76-b26a-747e25ebb4c6) - (no file)
O2 - BHO: (no name) - (e6d5237d-a6c7-4c83-a67f-f9f15586fa62) - (no file)
O2 - BHO: (no name) - (fe2d25c1-c1db-4b5e-9390-af1cb5302f32) - (no file)
O2 - BHO: (no name) - (FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF) - (no file)
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Radio - (8E718888-423F-11D2-876E-00A0C9082467) - C:\Program Files\ContMedia\Anatomy Atlas 4HRI\MSDXM.OCX
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [QUVGVwEx] C:\PROGRA~1\vossrvvo\fcQAFoxN.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKLM\..\Run: [Start Page] C:\WINDOWS\system32\svcnt32.exe home
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [37.tmp] C:\DOCUME~1\Owner\LOCALS~1\Temp\37.tmp.exe
O4 - HKLM\..\Run: [38.tmp] C:\DOCUME~1\Owner\LOCALS~1\Temp\38.tmp.exe
O4 - HKLM\..\Run: [6.tmp] C:\DOCUME~1\Owner\LOCALS~1\Temp\6.tmp.exe
O4 - HKLM\..\Run: [7.tmp] C:\DOCUME~1\Owner\LOCALS~1\Temp\7.tmp.exe
O4 - HKLM\..\Run: [6.tmp.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\6.tmp.exe
O4 - HKLM\..\Run: [7.tmp.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\7.tmp.exe
O4 - HKLM\..\Run: [A.tmp] C:\DOCUME~1\Owner\LOCALS~1\Temp\A.tmp.exe
O4 - HKLM\..\Run: [A.tmp.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\A.tmp.exe
O4 - HKLM\..\Run: [17.tmp] C:\DOCUME~1\Owner\LOCALS~1\Temp\17.tmp.exe
O4 - HKLM\..\Run: [17.tmp.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\17.tmp.exe
O4 - HKLM\..\Run: [1E.tmp] C:\DOCUME~1\Owner\LOCALS~1\Temp\1E.tmp.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [glght.exe] C:\WINDOWS\System32\glght.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [InstantTray] C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: AIM - (AC9E2541-2814-11d5-BC6D-00B0D0A1DE45) - C:\Program Files\AIM95\aim.exe
O16 - DPF: (04E214E5-63AF-4236-83C6-A7ADCBF9BD02) (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (9841D1AE-9C0B-11D3-9452-00105A098C21) - http://70.150.224.48/controls/prntpro2.CAB
O16 - DPF: (9A9307A0-7DA4-4DAF-B042-5009F29E09E1) (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: (B38870E4-7ECB-40DA-8C6A-595F0A5519FF) (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\(01D1C6CD-6D44-46B6-BA89-10155A459FBE): NameServer = 85.255.116.106,85.255.112.73
O17 - HKLM\System\CCS\Services\Tcpip\..\(864076FA-9332-4CFE-808D-8DAE740F3A3B): NameServer = 85.255.116.106,85.255.112.73
O17 - HKLM\System\CCS\Services\Tcpip\..\(8BA41CE8-2325-46C9-B8F2-9DDD2CF9CDA2): NameServer = 85.255.116.106,85.255.112.73
O17 - HKLM\System\CCS\Services\Tcpip\..\(B811EBDB-D601-4639-A38A-4DA0EDC3DEB1): NameServer = 85.255.116.106,85.255.112.73
O17 - HKLM\System\CCS\Services\Tcpip\..\(C5FBFFC6-E115-4633-B23B-E51C1B402DC1): NameServer = 85.255.116.106,85.255.112.73
O17 - HKLM\System\CCS\Services\Tcpip\..\(C87E5847-D658-4244-A27B-980E112F83CF): NameServer = 85.255.116.106,85.255.112.73
O17 - HKLM\System\CCS\Services\Tcpip\..\(CF20E463-EBE1-48F3-995E-7BAA1D7E296D): NameServer = 85.255.116.106,85.255.112.73
O17 - HKLM\System\CCS\Services\Tcpip\..\(E58D8711-D4F3-4FF9-9DD1-51F434B2366F): NameServer = 85.255.116.106,85.255.112.73
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.106 85.255.112.73
O17 - HKLM\System\CS1\Services\Tcpip\..\(01D1C6CD-6D44-46B6-BA89-10155A459FBE): NameServer = 85.255.116.106,85.255.112.73
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.106 85.255.112.73
O21 - SSODL: ryYxujAshx - (BC9E7CA8-1634-D602-E96B-91D0A7E54126) - C:\WINDOWS\System32\qurbh.dll (file missing)
O21 - SSODL: SystemCheck2 - (54645654-2225-4455-44A1-9F4543D34546) - C:\WINDOWS\System32\vbsys2.dll (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Microsoft authenticate service (MsaSvc) - Unknown owner - C:\WINDOWS\System32\msasvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
owbist
randy_ca
Related Discussions
cucumbers stopped producing -- restart??
Q
Restarting pond
Q
restart rooting process
Q
A\C compressor stops; won't restart until system down for 5 min.
Q