Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PC Randomly Shutting Down And Re-Booting Itself


  • Please log in to reply
15 replies to this topic

#1 srossi

srossi

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Local time:08:58 AM

Posted 16 April 2009 - 12:58 PM

I was referred to this forum by Jat90, one of your colleagues in the Malware Removal forum. Let me briefly explain my situation. About 3 weeks ago I was infected with malware that first was causing pop-ups and then was preventing me from getting on the Internet entirely. After following Jat90's instructions, all of the malware appears to be gone and my logs seem to be completely clean. However at some point during the clean-up process, my PC started to shut down and re-boot on a continuous loop, sometimes for hours at a time, and I could only stay on in Safe Mode. After some more fixes at Jat90's recommendation, this has improved but I'm still randomly shutting down from time to time. It's completely unpredictable now, sometimes shutting down within 5 minutes, sometimes shutting down after a couple of hours. Please advise. The below is a link to the thread where Jat90 was helping me and includes all the latest. Let me know if you need any additional information from me.

http://www.bleepingcomputer.com/forums/topic214524-30.html

BC AdBot (Login to Remove)

 


#2 Guest_tylerisdabest_*

Guest_tylerisdabest_*

  • Guests
  • OFFLINE
  •  

Posted 16 April 2009 - 01:41 PM

Try this

Reboot, tap F8 until you get into a menu, scroll up to disable automatic restart on system failure, and press enter twice. You should get a blue screen of death. Tell us what the blue screen says.

#3 srossi

srossi
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  

Posted 16 April 2009 - 05:45 PM

I've done a Crash Analysis if anyone knows how to interpret this:


Too many crashes have been detected. Only the latest 40 crashes will be displayed.

On Fri 2009-04-17 10:26:59 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000008E (0xC0000005, 0x8056987B, 0xEF68ABC4, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Fri 2009-04-17 10:01:52 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000000A (0xE, 0xFF, 0x0, 0x804DB65C)
Error: Unknown
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Fri 2009-04-17 09:55:26 your computer crashed
This was likely caused by the following module: ntfs.sys
Bugcheck code: 0x24 (0x1902FE, 0xEE8C89C4, 0xEE8C86C0, 0x804E3619)
Error: NTFS_FILE_SYSTEM
file path: C:\WINDOWS\system32\drivers\ntfs.sys
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT File System Driver
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Fri 2009-04-17 09:48:17 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x0, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Fri 2009-04-17 09:38:26 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000000A (0x3, 0xFF, 0x0, 0x804F4885)
Error: Unknown
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Thu 2009-04-16 10:35:57 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000000A (0xE, 0xFF, 0x0, 0x804DB65C)
Error: Unknown
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Thu 2009-04-16 10:20:19 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x16, 0x2, 0x0, 0x804E4A7A)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Thu 2009-04-16 10:17:23 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x0, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Wed 2009-04-15 11:25:40 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x0, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Wed 2009-04-15 11:20:37 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x1, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Wed 2009-04-15 10:28:41 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x10000050 (0xEED10A60, 0x1, 0xF74FC8C1, 0x0)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Wed 2009-04-15 09:35:08 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x0, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Tue 2009-04-14 04:28:34 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x0, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Tue 2009-04-14 03:59:47 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x17, 0x2, 0x0, 0x804E4A7A)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Mon 2009-04-13 21:38:20 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x0, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Mon 2009-04-13 21:34:33 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000008E (0xC0000005, 0x80569763, 0xEE23ABC4, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Mon 2009-04-13 04:46:32 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000000A (0x3, 0xFF, 0x0, 0x804F4885)
Error: Unknown
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Mon 2009-04-13 04:44:13 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x0, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Mon 2009-04-13 04:41:25 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000000A (0xE, 0xFF, 0x0, 0x804DB65C)
Error: Unknown
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Mon 2009-04-13 04:36:29 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x0, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Mon 2009-04-13 04:32:03 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000000A (0xE, 0xFF, 0x0, 0x804DB65C)
Error: Unknown
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Mon 2009-04-13 04:24:46 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x1, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Mon 2009-04-13 04:13:19 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x0, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Mon 2009-04-13 04:10:54 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000000A (0xE, 0xFF, 0x0, 0x804DB65C)
Error: Unknown
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Mon 2009-04-13 04:06:26 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000000A (0x3, 0xFF, 0x0, 0x804F4885)
Error: Unknown
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Mon 2009-04-13 02:44:47 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000000A (0x3, 0xFF, 0x0, 0x804F4885)
Error: Unknown
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Mon 2009-04-13 02:32:40 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x0, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Mon 2009-04-13 01:21:11 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000000A (0xE, 0xFF, 0x0, 0x804DB65C)
Error: Unknown
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Mon 2009-04-13 00:48:07 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x0, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Mon 2009-04-13 00:13:53 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x1, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Mon 2009-04-13 00:03:43 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x17, 0x2, 0x0, 0x804E4A7A)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Sun 2009-04-12 21:02:22 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000000A (0xE, 0xFF, 0x0, 0x804DB65C)
Error: Unknown
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Sun 2009-04-12 20:19:39 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x1, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Sun 2009-04-12 20:04:41 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x0, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Sun 2009-04-12 20:00:47 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000008E (0xC0000005, 0x8056987B, 0xEF437A70, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Sun 2009-04-12 19:57:53 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x0, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Sun 2009-04-12 19:53:49 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x17, 0x2, 0x0, 0x804E4A7A)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Sun 2009-04-12 19:49:23 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000000A (0x3, 0xFF, 0x0, 0x804F4906)
Error: Unknown
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Sun 2009-04-12 19:45:41 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000000A (0xE, 0xFF, 0x0, 0x804DB65C)
Error: Unknown
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Sun 2009-04-12 19:33:58 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000000A (0x3, 0xFF, 0x0, 0x804F4906)
Error: Unknown
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.




--------------------------------------------------------------------------------
Conclusion
--------------------------------------------------------------------------------

93 crash dumps have been found on your computer. Only 40 have been analyzed. Note that it's not always possible to state with certainty whether a reported driver is really responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.

#4 srossi

srossi
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Local time:08:58 AM

Posted 17 April 2009 - 08:16 AM

Try this

Reboot, tap F8 until you get into a menu, scroll up to disable automatic restart on system failure, and press enter twice. You should get a blue screen of death. Tell us what the blue screen says.


Thank you Tyler. I will do that when I get home from work.

#5 Guest_tylerisdabest_*

Guest_tylerisdabest_*

  • Guests
  • OFFLINE
  •  

Posted 17 April 2009 - 10:22 AM

you don’t need to do that now, it was only to help us get info but you did a crash analysis witch is better then what I had in mind

#6 srossi

srossi
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Local time:08:58 AM

Posted 17 April 2009 - 12:47 PM

file path: C:\WINDOWS\system32\drivers\vffilter.sys
file path: C:\WINDOWS\system32\ntoskrnl.exe

These seem to be the 2 issues again and again. Anyone know how I can repair that?

#7 Guest_tylerisdabest_*

Guest_tylerisdabest_*

  • Guests
  • OFFLINE
  •  

Posted 17 April 2009 - 02:42 PM

do you have a windows cd?

Edited by tylerisdabest, 17 April 2009 - 05:01 PM.


#8 srossi

srossi
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  

Posted 17 April 2009 - 03:53 PM

I'm going to double-check when I get home, but I don't think so.

#9 Guest_tylerisdabest_*

Guest_tylerisdabest_*

  • Guests
  • OFFLINE
  •  

Posted 17 April 2009 - 04:18 PM

also tell me if its home, pro, or media.

#10 srossi

srossi
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Local time:08:58 AM

Posted 17 April 2009 - 07:37 PM

Unfortunately I don't.

#11 srossi

srossi
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  

Posted 21 April 2009 - 09:08 AM

also tell me if its home, pro, or media.


Apologies for the delay, it's been a busy few days. It's Home.

#12 hamluis

hamluis

    Moderator


  • Moderator
  • 55,248 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:08:58 AM

Posted 24 April 2009 - 01:11 PM

You might start thinking "infection".

Summary data for one of the files mentioned doesn't appear to be conclusive.

http://www.prevx.com/filenames/X1680430604...FILTER.SYS.html

If you are running any programs by Gear Software...I suggest uninstalling same and then reinstalling (since the drivers for same may be corrupt).

Louis

#13 srossi

srossi
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  

Posted 24 April 2009 - 01:56 PM

Thanks. I'm heading out of town for the weekend but will check on this on Monday. Appreciate it.

#14 srossi

srossi
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Local time:08:58 AM

Posted 28 April 2009 - 08:16 AM

I didn't see any other programs by Gear Software, but I did run the free Prevx scan and it discovered 2 infections: WJQS.EXE in C:\WINDOWS\system32\drivers and VFIND.EXE in C:\WINDOWS. Prevx will not remove without me paying for a subscription. Is Prevx safe and reliable? Are there any other ways to remove for free?

http://www.prevx.com/filenames/21291945141...1/WJQS.EXE.html

http://www.prevx.com/filenames/81733687999.../VFIND.EXE.html

#15 hamluis

hamluis

    Moderator


  • Moderator
  • 55,248 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:08:58 AM

Posted 28 April 2009 - 08:55 AM

Best suggestion I can make: Copy the link for this page (at the top, address bar) and then return to BleepingComputer.com - Am I infected What do I do - http://www.bleepingcomputer.com/forums/f/103/am-i-infected-what-do-i-do/

The folks there will know how to advise you on your newfound information :thumbsup:.

Louis




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users