Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

PC Randomly reboots, probably WinFixer?!


  • Please log in to reply

#1
Rebooter

Rebooter

    New Member

  • Member
  • Pip
  • 2 posts
Hi, A few days ago I had WinFixer pop-ups. the fake error messages which I closed with Alt+F4, there were 3 or 4 consecutive pop-ups then they stopped. A few days later these pop-ups stopped to appear, but once in a blue moon when I'm using IE 6.0 I get a full-window WinFixer pop-up which I close before it can fully load: http://www.winfixer....&ed=2&ex=1&ax=2

Now my PC is randomly rebooting, it may reboot after 30 mins, 25 mins, 10 mins, 5 mins even 2 mins and yesterday I've managed to use it for 5 hours without rebooting, today it's completely random, no matter what I'm doing, the only time the PC doesn't reboot is when I leave it idle, at screen-saver or running SpyBot/Avast anti-virus/Lavasoft Ad-aware SE, anything else might reboot after a while.

I ran those three programs and found a few malware/spyware and I think a couple of virus but everything seemed to be fixed, yet my PC is still randomly rebooting, Spybot doesn't find anything new and neither does Avast nor Ad-aware. I have Windows XP with SP-2 and I don't know what else could be causing these reboots, since that WinFixer pop-up seldomly appears I believe maybe WinFixer is hidden somewhere in my PC, this is very frustrating if anyone have any ideas please help me, here are some stuff Avast found (I also ran a boot scan when it asked me to do it because right after installing Avast it told me there was a virus loaded in memory, for that scan I have no log but it found a bunch of malware/spyware/etc and I chose to delete each and every one of them):

------------------------------------------

Sign of "JS:ClassLoader-9" has been found in "C:\Documents and Settings\Mauro\Dados de aplicativos\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-13617126-161f4ecb.zip" file.

Sign of "Win32:Rameh [Trj]" has been found in "C:\Downloads\artmoney709eng.exe\Temp\adware.exe\[UPX]" file.

Sign of "Win32:Trojan-gen. {UPX!}" has been found in "C:\Downloads\WinRAR 3.20\Winrar.2.6-3.20.rar\Winrar.2.6-3.20.Keygen.exe" file.

Sign of "Win32:Klez-H [Wrm]" has been found in "F:\Documents and Settings\Mauro\Configurações locais\Dados de aplicativos\Identities\{BA82AE0D-FCFC-43DD-8C13-58B249E9362D}\Microsoft\Outlook Express\Itens excluídos.dbx\Undeliverable mail---Interativas-.eml#1892384\href.exe#755158202" file.

Sign of "Win32:Trojan-gen. {UPX!}" has been found in "F:\Downloads\FS9\tu154b2_mal.zip\tu154b2_mal.exe" file.

Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\System Volume Information\_restore{C94D83DE-197B-4258-8040-EB9ECE14E6E7}\RP596\A0272420.exe" file.

Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\System Volume Information\_restore{C94D83DE-197B-4258-8040-EB9ECE14E6E7}\RP596\A0272421.exe" file.

Sign of "Win32:Conhook-B [Trj]" has been found in "C:\System Volume Information\_restore{C94D83DE-197B-4258-8040-EB9ECE14E6E7}\RP596\A0272422.dll" file.

9/9/2005 16:09:50 Mauro 3148 Sign of "Win32:Adan-062 [Adw]" has been found in "c:\arquivos de programas\flashget\fgiebar.dll" file.
9/9/2005 21:06:10 Mauro 2636 Sign of "JS:ClassLoader-9" has been found in "C:\Documents and Settings\Mauro\Dados de aplicativos\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-13617126-161f4ecb.zip" file.
10/9/2005 14:09:32 Mauro 1132 Sign of "Win32:Rameh [Trj]" has been found in "C:\Downloads\artmoney709eng.exe\Temp\adware.exe\[UPX]" file.
10/9/2005 14:46:28 Mauro 1132 Sign of "Win32:Trojan-gen. {UPX!}" has been found in "C:\Downloads\WinRAR 3.20\Winrar.2.6-3.20.rar\Winrar.2.6-3.20.Keygen.exe" file.
10/9/2005 15:50:37 Mauro 1132 Sign of "Win32:Klez-H [Wrm]" has been found in "F:\Documents and Settings\Mauro\Configurações locais\Dados de aplicativos\Identities\{BA82AE0D-FCFC-43DD-8C13-58B249E9362D}\Microsoft\Outlook Express\Itens excluídos.dbx\Undeliverable mail---Interativas-.eml#1892384\href.exe#755158202" file.
10/9/2005 16:21:08 Mauro 1132 Sign of "Win32:Trojan-gen. {UPX!}" has been found in "F:\Downloads\FS9\tu154b2_mal.zip\tu154b2_mal.exe" file.
11/9/2005 15:42:01 Mauro 272 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\System Volume Information\_restore{C94D83DE-197B-4258-8040-EB9ECE14E6E7}\RP596\A0272420.exe" file.
11/9/2005 15:42:34 Mauro 272 Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\System Volume Information\_restore{C94D83DE-197B-4258-8040-EB9ECE14E6E7}\RP596\A0272421.exe" file.
11/9/2005 15:42:40 Mauro 272 Sign of "Win32:Conhook-B [Trj]" has been found in "C:\System Volume Information\_restore{C94D83DE-197B-4258-8040-EB9ECE14E6E7}\RP596\A0272422.dll" file.

------------------------------------------------------------------------

Spybot found a bunch of entries including WinFixer and supposedly "fixed" them all, as now when I run it it doesn't find any problems. But since the rebooting remains, here's my HiJackThis log, I see some highly suspicious or weird itens on this list but need your analysis and instructions:

Logfile of HijackThis v1.99.1
Scan saved at 16:19:56, on 11/9/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Intel® Active Monitor\imontray.exe
C:\WINDOWS\System32\CTHELPER.EXE
C:\Arquivos de programas\Logitech\iTouch\iTouch.exe
C:\ARQUIV~1\MI948F~1\GAMECO~1\Common\SWTrayV4.exe
C:\WINDOWS\Wcgopsvc.exe
C:\Arquivos de programas\Microsoft IntelliPoint\point32.exe
C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe
C:\Arquivos de programas\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Arquivos de programas\ATI Technologies\ATI.ACE\CLI.exe
C:\Arquivos de programas\InterVideo\WinDVR\WinScheduler.exe
C:\WINDOWS\system32\Wtablet\TabUserW.exe
C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\Tablet.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Intel\Intel® Active Monitor\imonnt.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe
C:\Downloads\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll
O2 - BHO: MSEvents Object - {827DC836-DD9F-4A68-A602-5812EB50A834} - C:\WINDOWS\System32\geedd.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\ARQUIV~1\FlashGet\jccatch.dll
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IMONTRAY] C:\Program Files\Intel\Intel® Active Monitor\imontray.exe
O4 - HKLM\..\Run: [farstone] NULL
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Arquivos de programas\Creative\SBAudigy\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [CTStartup] C:\Arquivos de programas\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RegKillElbyCheck] "C:\Arquivos de programas\Elaborate Bytes\DVD Region Killer\ElbyCheck.exe" /L RegKill
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Arquivos de programas\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [SideWinderTrayV4] C:\ARQUIV~1\MI948F~1\GAMECO~1\Common\SWTrayV4.exe
O4 - HKLM\..\Run: [WebCam Go Plus Sti Service Application] Wcgopsvc
O4 - HKLM\..\Run: [IntelliPoint] "C:\Arquivos de programas\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Arquivos de programas\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - Startup: ActMaker.lnk = C:\Arquivos de programas\ActMak\ActMak25.exe
O4 - Startup: Gangsters2Setup.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Arquivos de programas\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Arquivos de programas\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: InterVideo WinScheduler.lnk = C:\Arquivos de programas\InterVideo\WinDVR\WinScheduler.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\Wtablet\TabUserW.exe
O8 - Extra context menu item: Download All by FlashGet - C:\Arquivos de programas\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Arquivos de programas\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\ARQUIV~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\ARQUIV~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\MSMSGS.EXE
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsof...ss/allinone.asp
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ub...s/GSManager.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplane...DC_1_0_0_44.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1126455650546
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\Documents and Settings\Administrador\Configurações locais\Temp\EI40_\msxml4.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/...s/msnchat45.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{934D0588-6278-4EE7-82B0-B6C6F48D0788}: NameServer = 200.177.250.10,200.176.2.10
O20 - Winlogon Notify: geedd - C:\WINDOWS\System32\geedd.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Intel® Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel® Active Monitor\imonnt.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\System32\Tablet.exe

I beg for your help!

Edited by Rebooter, 11 September 2005 - 01:29 PM.

  • 0

Advertisements


#2
Rebooter

Rebooter

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Out of desperation to stop the rebooting I rebooted the PC and tapped F5 to select "Safe Mode", in "safe Mode" I used VundoFix's KillVundo.bat and typed:

C:\WINDOWS\System32\geedd.dll

Pressed enter, F6, then enter and typed:

C:\WINDOWS\System32\ddeeg.*

Then I don't remember what I pressed but it eventually opened HiJackThis, I chose to do a system scan only and selected:

O20 - Winlogon Notify: geedd - C:\WINDOWS\System32\geedd.dll

There was a "(no file)" notice after the filename if I remember correctly, and after it Fixed I closed HiJackThis and pressed Enter to reboot then ran CleanUp! on Custom settings with only "Empty Recycle Bins"; "Delete Cookies"; "Prefetch Files" and "CleanUP! All Users" selected. It deleted 9600 files worth 527.7mb. Then I shutted down the PC and when I turned it on again I was deeply saddened to watch while the PC Rebooted 6 or 7 times before finally initializing Windows, when it finally did I ran HiJackThis on a system scan with log and here is the log file:

Logfile of HijackThis v1.99.1
Scan saved at 23:34:50, on 11/9/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Intel\Intel® Active Monitor\imontray.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\CTHELPER.EXE
C:\Arquivos de programas\Logitech\iTouch\iTouch.exe
C:\ARQUIV~1\MI948F~1\GAMECO~1\Common\SWTrayV4.exe
C:\WINDOWS\Wcgopsvc.exe
C:\Arquivos de programas\Microsoft IntelliPoint\point32.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe
C:\Arquivos de programas\ATI Technologies\ATI.ACE\cli.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\Tablet.exe
C:\Arquivos de programas\ATI Technologies\ATI.ACE\CLI.exe
C:\Arquivos de programas\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Intel\Intel® Active Monitor\imonnt.exe
C:\Arquivos de programas\InterVideo\WinDVR\WinScheduler.exe
C:\WINDOWS\system32\Wtablet\TabUserW.exe
C:\Arquivos de programas\ActMak\ActMak25.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Downloads\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\ARQUIV~1\FlashGet\jccatch.dll
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IMONTRAY] C:\Program Files\Intel\Intel® Active Monitor\imontray.exe
O4 - HKLM\..\Run: [farstone] NULL
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Arquivos de programas\Creative\SBAudigy\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [CTStartup] C:\Arquivos de programas\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RegKillElbyCheck] "C:\Arquivos de programas\Elaborate Bytes\DVD Region Killer\ElbyCheck.exe" /L RegKill
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Arquivos de programas\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [SideWinderTrayV4] C:\ARQUIV~1\MI948F~1\GAMECO~1\Common\SWTrayV4.exe
O4 - HKLM\..\Run: [WebCam Go Plus Sti Service Application] Wcgopsvc
O4 - HKLM\..\Run: [IntelliPoint] "C:\Arquivos de programas\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Arquivos de programas\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - Startup: ActMaker.lnk = C:\Arquivos de programas\ActMak\ActMak25.exe
O4 - Startup: Gangsters2Setup.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Arquivos de programas\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Arquivos de programas\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: InterVideo WinScheduler.lnk = C:\Arquivos de programas\InterVideo\WinDVR\WinScheduler.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\Wtablet\TabUserW.exe
O8 - Extra context menu item: Download All by FlashGet - C:\Arquivos de programas\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Arquivos de programas\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\ARQUIV~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\ARQUIV~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\MSMSGS.EXE
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsof...ss/allinone.asp
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ub...s/GSManager.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplane...DC_1_0_0_44.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1126455650546
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\Documents and Settings\Administrador\Configurações locais\Temp\EI40_\msxml4.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/...s/msnchat45.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{934D0588-6278-4EE7-82B0-B6C6F48D0788}: NameServer = 200.177.250.10,200.176.2.10
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Intel® Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel® Active Monitor\imonnt.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\System32\Tablet.exe

So, while testing the rebooting by opening Internet Explorer and Mount & Blade a 3d Game I could confirm the Rebooting remains, it is completely random but it only happens when I use some programs like IE, games (any) or other program (excluding Avast/SpyBot/Ad-Aware and Defrag which I managed to run for hours). Is there anything else in this log that could cause this rebooting?! I'm very, very frustrated right now. :tazz:
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP