My tale of woe can be found on another forum on this thread....
http://www.pctechbytes.net/phpBB2/viewtopic.php?t=2136

One reply suggested that I post a HJT log on this forum so I'll put that at the end of this note.

I suspect there's hardware problem at the root of these crashes but it couldn't hurt to eliminate problems that might be displayed by HJT.

This log was made right after I booted up. Although most of my crashes in the last month have occured while more programs were running, just yesterday I had 5 consecutive crashes (4 immediately after rebooting) when I tried to copy some files from a CD to hard drive. As best as I can figure, the log you see on this note should be very very close to how the computer was set up on those 4 crashes yesterday.
I notice a lot of references to IE in the log. Those might not be relevant as I use Opera as my browser and will run IE less than once a month.

Here's the log
-------------
Logfile of HijackThis v1.98.2
Scan saved at 10:00:10 PM, on 8/11/2004
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\ZONELABS\MINILOG.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\UTILITIES\NORTON UTILITIES\NPROTECT.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\UTILITY\MOTHERBOARD MONITOR 5\MBM5.EXE
C:\PROGRAM FILES\ALCATEL\SPEEDTOUCH USB\DRAGDIAG.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE
C:\UTILITY\ZONEALARM\ZONEALARM.EXE
C:\UTILITIES\NORTON UTILITIES\SYSDOC32.EXE
C:\UTILITY\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
D:\UTILITY\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.worldnet.att.net/ie4/search/index.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by ME!
O2 - BHO: (no name) - {CD4C3CF0-4B15-11D1-ABED-709549C10000} - (no file)
O2 - BHO: YBIOCtrl Class - {004A5840-FF59-11d2-B50D-0090271D3FD4} - (no file)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [NPROTECT] C:\utilities\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE c:\windows\SYSTEM\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [MBM 5] "C:\UTILITY\MOTHERBOARD MONITOR 5\MBM5.EXE"
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\AVAST4\ashmaisv.exe
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKLM\..\RunServices: [MiniLog] C:\WINDOWS\SYSTEM\ZONELABS\MINILOG.EXE -service
O4 - HKLM\..\RunServices: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakLogon
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [NPROTECT] C:\utilities\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\RunServices: [avast!] C:\Program Files\Alwil Software\Avast4\ashServ.exe
O4 - Startup: Norton System Doctor.lnk = C:\utilities\Norton Utilities\SYSDOC32.EXE
O4 - Startup: Image.lnk = C:\utilities\Norton Utilities\IMAGE32.EXE
O4 - Startup: Reboot.exe
O4 - User Startup: Norton System Doctor.lnk = C:\utilities\Norton Utilities\SYSDOC32.EXE
O4 - User Startup: Image.lnk = C:\utilities\Norton Utilities\IMAGE32.EXE
O4 - User Startup: Reboot.exe
O4 - Global Startup: ZoneAlarm.lnk = C:\utility\ZoneAlarm\zonealarm.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O12 - Plugin for .bcf: C:\PROGRA~1\INTERN~1\Plugins\NPBelv32.dll
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a224.g.akamai.net/7/224/52/20011004/qtinstall.info.apple.com/qt503/us/win/QuickTimeInstaller.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.4.2) -
-------------

O4 - Startup: Reboot.exe
O4 - User Startup: Reboot.exe

There is a legitimate REBOOT.EXE and there are also Trojans that infect REBOOT.EXE or masquerade as REBOOT.EXE. Even if it is the legitimate one, it seems that it is meant for only MS DOS & Win 3.1 and not for later Win OSes.When using with Windows 3.1, Windows must be exited first, if not, data corruption could occur.REBOOT is an MS-DOS utility........ (http://www.topcatcomputing.com/articles/displayarticle.asp?docid=7)

See if this helps,

Tick the boxes next to all of the following entries, close all other windows, preferably have only HijackThis running, then click Fix Checked.

O2 - BHO: (no name) - {CD4C3CF0-4B15-11D1-ABED-709549C10000} - (no file)
O2 - BHO: YBIOCtrl Class - {004A5840-FF59-11d2-B50D-0090271D3FD4} - (no file)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O4 - Startup: Reboot.exe
O4 - User Startup: Reboot.exe

Perform an online scan at housecall.trendmicro.com (http://housecall.trendmicro.com/) to make sure that you are clean.

Verify the integrity of your operating system files Using System File Checker (http://www.windows-help.net/windows98/start-142.shtml).

Hopefully, this would atleast eliminate the software side of your problem.

Originally posted by shanmuga
O4 - Startup: Reboot.exe
O4 - User Startup: Reboot.exe

There is a legitimate REBOOT.EXE and there are also Trojans that infect REBOOT.EXE or masquerade as REBOOT.EXE. Even if it is the legitimate one, it seems that it is meant for only MS DOS & Win 3.1 ...



The reboot.exe appears to be a file from the K7s5a motherboard software CD.

I did the first step of your suggestion (the Hijack this part) and am about to do the next 2. Just wanted to mention that the crashing problem is getting worse. Had a crash today when I was copying a file from hard disk to hard disk. That's NEVER happened before. a few hours later had a crash when I closed a browser window.

I'll keep you informed.

Ok, I ran the rest of the steps.

Did the viruscheck from trendmicro. Computer crashed while checking a big file on the E: drive. The exact same kind of crash that's been giving me trouble the last month. However, any viruses would likely be on the C or D drives on my computer (where most of my programs and system files are). Also, I had done a virus check just a few days earlier with Avast and a thorough check with avast a week or two before that.

On the System File Check (sfc) that ran ok. It found 3 files that were changed. 2 of them (msisys.vxd, hwinofd.vxd) are notorious for baffling SFC - at least, that what I see when I do a google on those files. The other, Lmouse16.dll, was probably updated when I put a logictech trackball on my computer.

So. I was able to do the steps you wanted and my computer is no better.

I'm getting more and more certain that this is a hardware problem. Can you recommend some steps to narrow down the possibilities?

This whole episode of crashes started shortly before July 1st. By July 1st the crashes were frequent enough that I started logging them. I now recall something interesting that happened shortly before July 1st...

On June 27th my nephew had access to my computer for a few hours and installed "Easy Message" - an instant message program. He used it intensely for a few hours then I found out and told him to get rid of it. He erased it - didn't run the uninstall program. I had to go in and clean up things with Norton Windoctor.

A quick google search doesn't show any bad things about "Easy Message". But I wonder if installing it and erasing it (by deleting it's subdirectory) might have initiated something bad.

He also used Internet Explorer to do a bit of browsing. I try to avoid using IE as much as possible (I use Opera). He might have visited a website that dumped something bad on my computer but I ran spybot S&d right after I kicked him off my computer and didn't find anything.

Maybe these new details might give somebody some ideas...

OK, what do you mean by 'the computer crashes'? Any error messages? If so that would help a lot. If it freezes, no mouse or keyboard, can't do anything but still has the same screen on display, plenty things can cause that, including heavy disk activity on a system with a lot running in the background.

Removing the program you asked about by deleting rather than Add/Remove Programs or its own Uninstall feature might have caused problems, due to shared files that other programs need that either have been corrupted or are no longer in existence. That's why uninstalling properly is always best.

If you're seeing error messages, post those so these guys will have a little more info to go on. And a better description of 'crashing' as you understand the term, would help. Several things can be considered 'crashes'.

Originally posted by Paleo Pete
OK, what do you mean by 'the computer crashes'?

I posted the lengthy details on another forum under this thread...
http://www.pctechbytes.net/phpBB2/viewtopic.php?t=2136

But the short version is that the computer locks up hard. The display freezes. keyboard and mouse are unresponsive. the only recourse is to hit the reset button. No error messages, no warnings until it happens.

It's been happening more and more frequently since the end of June. For example, before this started I was able to routinely
1. run bittorrent
2. watch a video
3. run seti@home
4. burn a cd
all at the same time. I had been doing that and things like that without problem for over a year. Now, that's not possible. It's been crashing more and more frequently lately. A few days ago it crashed 5 times in a row when I tried to copy some files from a CD to the hard disk. After the 5th crash I rebooted and waited a half hour then it worked the 6th time.
note that on crashes 2 through 5 I was just at the desktop - no other programs running (except stuff like Zone Alarm which is always on). And yes, there was at least one time over the last month and a half I tried stopping every process I could and it still crashed.

Day before yesterday was the worst, I had a crash when I tried to copy a file from hard disk to hard disk and another when I closed a browser window.

> That's why uninstalling properly is always best.
Sure. But I wasn't at the computer.

The nephew is off the hook.

I restored an image backup from June 2nd (his escapade was on June 27th) and the computer crashed just as bad. Actually even worse. It crashed when the welcome message played as the Windows desktop appears. Crashed like that 4 times in a row.

I was able to get the computer to work by lowering the CPU speed from the normal 1700mhz to 1300mhz. But, since the problem seems to be getting worse, I bet that is just a stopgap measure.

Hmmm. The computer was running GREAT last June 2nd. If it is crashing after I restore that image doesn't it mean that it HAS to be a hardware problem?

I'm baffled.

Long explanation at the end of this thread
http://www.pctechbytes.net/phpBB2/viewtopic.php?t=2136

Short version. Put in a new, bigger power supply - no crashes.