| tarty |
| (regular) |
| Fri Mar 16 2007 01:38 PM |
Computer restarting!!!
|
Hi there hope someone can help please. Problem starting with my sons computer permanently restarting, it would get past xp start up and let you log on, get to desktop then would keep doing this over and over again. So started in safe mode and did a system restore, this let me log on and connect to internet for a couple of minutes then it shut down and restarted. However this time it went straight to a black screen saying "the following file is missing or corrupt
<windows root>\system32\ntoskrnl.exe please re-install a copy". When you press return at this stage it keeps restarting again! So I restarted in last known good configuration, safe mode etc eventually it let me on, but every now and again keeps restarting. I really would like my computer back and his sorted so if anyone can help it would be very much appreciated. Thankyou
| Spiritusmundi |
| (regular) |
| Fri Mar 16 2007 02:55 PM |
Re: Computer restarting!!!
|
Try the instructions here
| Febus |
| (regular) |
| Sun Mar 18 2007 12:37 PM |
Re: Computer restarting!!!
|
Do the following in case you'll be able to log on for a few minutes:
start>>settings>>control panel>>system>>advanced>> under "startup and recovery" press settings>> under "system failure" unmark "automatically restart" and mark "write an event to the system log" . Post here an error message.
| tarty |
| (regular) |
| Mon Mar 19 2007 11:23 AM |
|
Re: Computer restarting!!!
|
Hi, thanks for the advice but I can't log on for long enough to do that, as soon as I get to the desktop it goes straight to the blue error screen saying that a problem has been detected and windows has shut the computer down to prevent damage and the following error code:
Stop: 0x0000008E (0xC0000005, 0XF65575B3, 0XF2FA7A20, 0X00000000)
System32: 1zx32.sys address F6AD55B3 base at F6AD3000 date stamp 45F5a5a0
Beginning dump of physical memory
physical memory dump complete
Has anyone got further advice please as I really havnt got a clue. Have started in safe mode but can't find anything wrong (not that I know what I'm looking for!!) Many thanks.
| greysts |
| (regular) |
| Mon Mar 19 2007 11:31 AM |
|
Re: Computer restarting!!!
|
Everything I've read on the net about 1zx32.sys suggests that your PC has been infected by a Rootkit. If you can still open in Safe Mode you need to click this link , follow the instructions and post your own log in that thread.
| Spiritusmundi |
| (regular) |
| Mon Mar 19 2007 11:42 AM |
|
Re: Computer restarting!!!
|
Place your Windows XP cd in tray. Restart PC and you should get a message to Press any key to boot from CD rom. Choose the option for Recovery Console. When it asks you which Windows installation choose the number 1 and press return. Then follow these instructions:
Once at the command prompt, type in the following commands:
cd c:\windows\system32
copy "..\driver cache\i386\ntoskrnl.exe"
If prompted to overwite the existing file, type y and enter.
If you receive a file not found error, make sure that the path in the copy command is correct. If it is correct and you still receive the error, then try the following commands:
cd "c:\windows\driver cache\i386"
expand sp1.cab -F:ntoskrnl.exe c:\windows\system32
Again, if you are prompted to overwrite the file, type y and then enter.
Also, if your OS is installed on a partition/drive other than C:, then replace any occurance of C: with the correct letter. (D: for example).
Replace any occurence of 'windows' with what is appropriate for your system. (winnt for example)
Reboot. Your system should start up normally
| greysts |
| (regular) |
| Mon Mar 19 2007 12:42 PM |
|
Re: Computer restarting!!!
|
Please note that this user has a rootkit infection. Using the Recovery Console will not solve that problem. In any case, he can boot up in Safe Mode which means that the file is OK.
| Febus |
| (regular) |
| Mon Mar 19 2007 12:58 PM |
|
Re: Computer restarting!!!
|
I hope this will help you.
| greysts |
| (regular) |
| Mon Mar 19 2007 02:22 PM |
|
Re: Computer restarting!!!
|
How many more times!! It's a rootkit infection. We need to see an HJT log as mentioned in my previous thread. I will now close this one and wait for the OP to post a log.
| greysts |
| (regular) |
| Fri Mar 30 2007 04:47 PM |
|
Re: Computer restarting!!!
|
I have opened this thread temporarily to make a few comments.
This user had a heavily infected computer, to the degree that our HJT experts were seriously considering advising the user to format the hard disk and start afresh. If you look at this thread you will see that Joe has finally cleaned up the PC but only after some very hard work.
Two lessons to be learnt from this. Before offering advice, use Google to search for the error message and consider what you see. Secondly, make sure you steer clear of some of the stuff that Tarty's son has been looking at!!