Hi. I had a pc fixed up a few months ago by everyone here....all was fine until a few days ago. Its my kids pc so Im not sure what they may have done.

Its Running Windows XP.....all up to date with updates ect. We run AVG antivirus.

I cant get passed a "windows has recovered form a serious error" message.....I click ok....and it pops back up...this happens 3-4 times and then the machine reboots again.

I can start the machine in safe-mode without this happening however.

I'd like to be able to post a hijack log....but cant get passed the error message without re-booting.

ANy advice?

Thanks

hi RKennedy,

startup in safe mode and run system file checker.
go to start>run> and type in sfc /scannow (there is a space after the c in sfc)
windows will scan for and replace corrupt files. you may be prompted for the windows install cd.


shelf life

I did have scan disk run. It seemed to repair some files....but the problem persists.

I boot up.....and the "windows has recovered from a serious error" message pops up. I hit ok 3-4 times...and the sytem reboots.

Enve if I dont hit ok...the system reboots after what seems like about 2 minutes.

At this point I cannot get online with the pc. I had to burn this hijack log quickly to a cd...before it rebooted again:

Logfile of HijackThis v1.99.1
Scan saved at 3:01:54 PM, on 9/17/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.EXE
C:\Spyware stuff\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://store.presario.net/scripts/redirectors/presario/storeredir2.dll?s=consumerfav&c=3c01&lc=0409
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Compaq
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 3.1\aoltb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 3.1\aoltb.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 3.1\aoltb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Smapp] Smtray.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - Global Startup: Smart Wizard Wireless Settings.lnk = C:\Program Files\NETGEAR\WG111 Configuration Utility\WG111CFG.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 3.1\resources\en-US\local\search.html
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 3.1\aoltb.dll
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Support - {7B1D247C-23B1-4235-A747-A12275990B97} - C:\Program Files\Internet Explorer\SIGNUP\Presario.htm (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://store.presario.net/scripts/redirectors/presario/storeredir2.dll?s=consumerfav&c=3c01&lc=0409
O16 - DPF: Yahoo! Cribbage - http://download.games.yahoo.com/games/clients/y/it0_x.cab
O16 - DPF: {0713E8D2-850A-101B-AFC0-4210102A8DA7} (Microsoft ProgressBar Control, version 5.0 (SP2)) - http://bin.mcafee.com/molbin/Shared/ComCtl32/6,0,80,22/ComCtl32.cab
O16 - DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} (BrowseFolderPopup Class) - http://download.mcafee.com/molbin/Shared/MGBrwFld.cab
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - http://link.mindleaders.com/dpec/shared/cabs/awswaxf.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://bin.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,9/mcinsctl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1146810178765
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1154673891718
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/essentials/ymmapi_0727.dll
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} - http://www.live365.com/players/play365.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://webolr3.microgaming.com/luckynugget/webolr/OCX/FlashAX.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.yahoo.com/dl/toolbar/my/yiebio5_0_2_4.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab
O18 - Protocol: ezpp - {810403FA-E82E-11D5-8AAB-0010A404A3DE} - C:\WINDOWS\System32\EZTOOL~1.DLL
O20 - AppInit_DLLs: wbsys.dll, NVDESK32.DLL
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll
O20 - Winlogon Notify: WB - C:\Program Files\Stardock\Object Desktop\WindowBlinds\fastload.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - Unknown owner - C:\WINDOWS\system32\pctspk.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe

hi RKennedy,

hjt log looks ok.


I did have scan disk run
scandisk and sfc /scannow arent the same thing. sfc /scannow will check for and replace any corrupt files you might have.

you might also try the "last known good configuration" option, but this dosnt repair any corrupt files.
----------------------------------
there are other options to attempt to repair or reinstall windows with or without reformating the hd.

shelf life

I attempted to run the sfc /scannow.....but it willnot run in safe mode. The screen flashes....and then nothing.

I didnt mean to write "scandisk" before....the machine went though a few operations where it was checking the files...and "fixing" missing files....etc....not sure if this was sfc /scannow or not.....because it did it on its own.

I was looking around thinking that maybe the problem was connected to my wireless adapter. I looked in hardware.....and it looks like it keeps installing:

"Instant wireless usb network adpater ver. 2.6 Packet scheduler miniport..and followed by # 2

It repeats 17 times! Each time a new number..#3-#4-#5 etc...

Im guessing it keeps doing it with each reboot? It will not allow me to unistall these. When I attempt to uninstall it says... unable to uninstall file...

Whats weird is that the machine boots....everything seems fine.....but then the message pops up...and then....boom a reboot.

You think that windows is corrupted? WOuld the machine boot all the way then?

hi RKennedy


You think that windows is corrupted?
no not anymore. like you said, might be the adapter. first thing i would do is visit the adapters webpage and poke around the FAQ/troubleshooting guides. most even have forums for problems.

hi RKennedy


no not anymore. like you said, might be the adapter. first thing i would do is visit the adapters webpage and poke around the FAQ/troubleshooting guides. most even have forums for problems.

Thats not my wireless adapter though! Im not sure where that is coming from...I use a netgear adapter...I uninstalled my Netgear adapter.

This is really driving me nuts. I am able to bootup....get online.....everything is fine....and boom.....a reboot. I tried disconnecting the automatic reboot and then I get a blue screen of death.

Seems like I get about 3 minutes before theproblem kicks in.

I am able to boot into safe mode....

Nothing in that hijack log is suspicious? Are there any other things I can run/test to see if something is wrong somewhere else?

THanks

hi RKennedy,

the log looks ok. see if you can locate this file in the windows dir.

C:\WINDOWS\System32\EZTOOL~1.DLL

if so, go here, browse for the file and upload it to this web site:

http://www.kaspersky.com/scanforvirus
------------------------------------------------------
a computer rebooting could be lots of things, hardware, heat. does the BSOD provide any error messages? you might poke around in device manager (right click on my computer, i think)click on the + signs and look for any exclamation marks.


shelf life

hi RKennedy,

the log looks ok. C:\WINDOWS\System32\EZTOOL~1.DLL




shelf life

That file is not found on the computer.

hi RKennedy,

try this first, then go back and look for the file:

FOr XP: on the desktop double click my computer,go to tools>folder options>view> then select "show hidden files and folders", then UNcheck "hide protected operating system files " also UNcheck "hide extensions for known file types" click apply to all folders, apply then ok

It's still not finding that file. It is finding eztoollibs.dll

I thought of something else. One of the times that it asked to send the error information to microsoft..I said ok....and I looked at what it said (on the microsoft site)the cause might be....it listed IOMEGA devices. I did have a external IOMEGA zip drive installed. I have since uninstalled it...to see if that made a difference...it has not.

At this point:

I can boot to safe mode....computer runs fine (in safe mode anyway)...without the reboot.

When I reboot normally....the computer boots up......everything seems fine for about 2-3 minutes. Then....I get a "the system has recovered from a serious error" message.....I click ok....another message pops up saying the same thing....and then the system reboots.

SInce the computer will stay running during safe mode...doesnt that rule out hardware/heat issues....and make the problem have to do with some process that is running in normal mode?

By the way....I am still not able to run the sfc /scannow thing in safe mode.

Thanks

hi RKennedy,

that file was a long shot. it was the only questionable item in the log and probably not the cause of the problems.

SInce the computer will stay running during safe mode...doesnt that rule out hardware/heat issues

a heat issue yes, a hardware/driver issue no. safe mode only loads minimal drivers, devices. have you updated any drivers lately? or installed any new software or hardware lately?
see if thsi is checked:
settings / control panel / system / advanced / startup and recovery / settings. Make sure the box is not checked where it says "Automatically Restart" under System Failure."

shelf life

This topic has been closed to prevent others with similar issues posting in it.
If you need it re-opened please send me or your helper a private message (pm) and provide a link to the thread.

Applies only to the original topic starter.