Windows 2000 Restarting after being left idle

Posted on 2004-08-24
Last Modified: 2010-04-12
A client computer here at work continues to restart when it is left alone for a few minutes.. I have checked the power options and everything there is set to never.   He said it only happens when he goes to lunch, or leave the computer idle  for a few minutes and then he comes back and the login screen is there and everything needs to load up again. Also, I made sure hibernation was set to off.. Should I run HijackThis on the client computer?? What else can i check to try and sort this problem out?? Thanks in advance!!
Question by:PaigePeople
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 12
  • 9
LVL 65

Expert Comment

ID: 11882181
Hello PaigePeople =)

Well are u sure its ACTUALLY restarting,,,, and not just giving the LoginBox after a certain period of time, like after the mniutes u have set for screen saver,,,, it starts screen saver, and on resume its gives the password or login box ??

Author Comment

ID: 11882657
I am pretty sure I looked and that option was not checked (On resume password protect)    He goes to lunch in 30 mins to an hr.. I will hop on his machine and double check to make sure that is not the case... I would feel pretty dumb if that is what it is.. Well more lazy then dumb... Ok i will let you know in a few...

Author Comment

ID: 11883576
OK, I did just check his computer, On resume was checked,   however, he said usually when he goes to lunch, he comes back and enters in his user name/ password    it has to reboot everything.. Any windows he left open are completely closed (all programs closed)   So, if it was the screensaver on resume passwr4od protection, then those programs would not close.  Any other suggestions?
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

LVL 65

Expert Comment

ID: 11883672
ok so when u hit the POWER button in ScreenSaver section, is the ALWAYS ON scheme selected ??
and in Advanced setion, the Ask me for Password when resumes from Standby shudn't be chekced !!!!!

Im sure its the settings of something like this,,,,coz his system is not restarting but just logging him off when its idle for some time,,, and as he gets log off, he needs to login back and thus the all programs starts again from scratch :)
LVL 65

Accepted Solution

SheharyaarSaahil earned 500 total points
ID: 11883758
orrrr..... is it some kind of Group Policy running on his system,,,,, something like discussed here >>

Author Comment

ID: 11883874
OK, i went to the power scheme and ALWAYS ON was not selected, but, everything was set to never.. I changed it to ALWAYS ON and kept everything at never (monitor NEVER shuts off, hard disk NEVER shuts off, Etc....)  

"""Advanced setion, the Ask me for Password when resumes from Standby shudn't be chekced !!!!!"""  

THAT WAS CHECKED, I unchecked it there as well... I am gonna go get lunch and when i come back, hopefully his computer is still on and you get the points!!! Thanks again... you rule!!!  
LVL 65

Expert Comment

ID: 11884729
ok fingers crossed :)

Author Comment

ID: 11884736
darn, his programs still closed after i changed all those settings... I will make sure the settings were applied..(Pretty Positive that they were) He is pretty busy today, so I told him tomorrow I would look at it....  I will look over the group policy link as well... Any other ideas?
LVL 65

Expert Comment

ID: 11884882
hmmmmmmm i was afraid of that,,,,, but never mind u can still check the group policy settings, and if by chance its also not applicable, then we will trace out some background applications and will trace out the one which is initiating this behaviour :-?

Author Comment

ID: 11903060
OK, it was not the group policy settings either... I will run HiJack This and post the log?? IS that what you are thinking my next step should be?? I will run that on his comouter in about 2 hrs when he goes to lunch... If you want me to run anything else or check anything else, please let me know... Thanks...
LVL 65

Expert Comment

ID: 11903890
yes just post the LOG file,,,, may be there is a bakcground application that is causing this behaviour :-?

Author Comment

ID: 11904745
Here comes the Log, Work your Magic!!! I hope this works...

Logfile of HijackThis v1.98.0
Scan saved at 12:19:47 PM, on 8/26/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\Program Files\Dell\OpenManage\Client\ActionAgent.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Dell\OpenManage\Client\EventAgt.exe
C:\Program Files\Dell\OpenManage\Client\DLT.exe
C:\Program Files\Dell\OpenManage\Client\Iap.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Symantec\WinFax\WFXMOD32.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Webroot\Washer\wwDisp.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Symantec\ACT\ACTLDR.EXE
C:\Program Files\IBM\Client Access\Emulator\pcsws.exe
C:\Program Files\IBM\Client Access\Emulator\pcsws.exe
C:\Program Files\Symantec\ACT\ACT.EXE
C:\Program Files\AIM95\aim.exe
C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\jayf\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =*
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =*
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =*
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SxgTkBar] SxgTkBar.exe
O4 - HKLM\..\Run: [Client Access Service] "C:\Program Files\IBM\Client Access\CwbSvStr.Exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - Startup: ACT! Speed Loader.lnk = C:\Program Files\Symantec\ACT\ACTLDR.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) -
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
O16 - DPF: {F7DC2A2E-FC34-11D3-B1D9-00A0C99B41BB} (Zoom Class) -
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain =
O17 - HKLM\System\CCS\Services\Tcpip\..\{8D95CABA-868E-4497-8699-1CD4218D7E2F}: NameServer =,
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain =
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain =
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll


Author Comment

ID: 11904785
Ok, I had someone come check out the group policies, apparently they missed the Auologoff was enabled.. I disabled that, But now that i posted his hijack this log, maybe you see some stuff in there that i should get rid of too...
LVL 65

Expert Comment

ID: 11904815
hmmmmm nothing bad, but what is this entry >> C:\WINNT\system32\ssstars.scr
i mean it shud be a screen saver.... but suaually screen savers dont run in backgrounds..... so why it is, i mean have u  installed it or..... ??

Author Comment

ID: 11904822
I probably should havemade sure his computer does not log off after inactivity... I accepted your answer banking on that being the issue.. It was enabled, so It just got to be the issue.. I will let you know how it goes regardless... LEt me know of any suspicious stuff in his hijackthis log....

Author Comment

ID: 11904848
I have no idea what that program is.... Should i virus check that file??? I will google it too see if it comes up as anything.... He is out to lunch now   so i have no idea what he has installed...

Author Comment

ID: 11904894
NAME "Starfield"      VALUE "C:\WINNT\System32\ssstars.scr"

I guess its the starfield screensaver???

Author Comment

ID: 11904912
That is the screensaver he is using... So everything looks ok??? I will let you know in an hr or so how everything worked out.... Thanks again.. You Rock...
LVL 65

Expert Comment

ID: 11904938
ok then that's ok :)
u can check for the problem and post back the results..... fingers crossed again ;-)

Author Comment

ID: 11905723
No good.... Still brought him to login screen, entered in usr/pwd  and loaded up all his programs that run during startup.. When I left for lunch everything was still there... Maybe I need to watch this happen as it happens.. I almost don't want to believe him, haha..  Ack, that should have worked damn it!!! Now i don't even know what to do next... :/
LVL 65

Expert Comment

ID: 11906911
that's bad indeed =(

its shud be related to group policy.... as it was enabled.... did u ask him if his Administrator put this settings and which cannot be disabled by normal users :-?

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Windows 2000 Kerberos problem 5 355
Windows 8 in a W2K Domain 7 596
how do i restart in safe mode windows Server 2000? 5 635
Problems executing VBS script in Windows 2000 16 193
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit If you want to manage em…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question