Computer crashes, I lose everything

Hi, newbie here. First let me tell you my computer symptoms then tell you what steps I have taken so far without success.
Without warning my computer just goes off as if in a power cut.Makes no difference if it has been on for 5 mins or 5 days. No specific program causes it (that I know about) I do not play online games. The system tries to reboot but just at the end of POST there is a small click and then it reboots again, and this continues in a vicious circle. I have made a backup disc using Acronis so it only takes about 20 mins to get back again, but I am also worried that whatever is infecting my machine (if it is an infection) could pass onto my wifes or kids pc's.
Now I read the other posts on pc crashes and I couldn't find one that resembled my problem. I also followed the Basic Computer Housekeeping, also the Windows XP Cleaning and followed the steps exactly except for the last part MGTOOLS.EXE (whenever I tried to download that one all I get is the login page even though I am already logged in) My AVG anti virus is always up to date.
Originally I was thinking a hardware problem, but I have run a couple of hardware test programs and they come back fine.

Could anyone out there help me please

 

Hi vinney,
I don't know if this is a malware or hardware problem. Please see if you can run Combofix:

Run this utility:

abri

 

I think I have attached the repoprt you asked for. Thanks for looking into it.

 

Hi vinney!
Thanks for your patience. Can you run any of the steps in the READ & RUN ME FIRST? In particular, I need to see the logs produced by installing the MGTools.exe. When you install this in C:\ it produces a set of logs called MGlogs.zip. Please try and get that. When you go to the above link, scroll down to the bottom of the page and click on the instructions for your operating system. You'll find the MGTools.exe on the next page. If this doesn't work, please tell me.

abri

 

Hi, I ran nearly all the steps first before posting initially, but as for the MGTools.exe I cant download it. All I get is the MG web page saying I'm not logged in. What am I doing wrong?

 

Hi vinney!

When you log in, do you check the "Remember Me" button? Also, there have been some problems with the site this week. Please keep trying. If you get this again, despite checking the Remember Me button when you log in, please go back to the page with the MGtools link and click on the red and white triangle in the upper right hand corner and report this.
Thanks.

abri

 

Hi, Yes I do check the "remember me" box. I just tried again but the same thing happened so I sent an error report as you suggested. I'll keep trying and when I have any joy I'll post a message. Thanks.

Vinney

 

Hi Abri,
Finally managed to get the MGTools.exe and ran it as per instructions. I have attached the log it produced. THanks again for your patience with me in this.
PS I used Firefox browser to get the tools.

Vinney

 

Hi Vinney!

There are two entries in HijackThis which you can change if you don't know why they are that way
and you have an odd hosts file:

1) Run C:\MGtools\analyse.exe by double clicking on it. This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

After you click fix, just close hijackthis.


2) Download and install Erunt. Use it to create a backup of your registry.

3) Please copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

4) Do you know what the following file is? Some companies, including Spybot create and install host files that are safe, but I don't find any information on this one at all. If you don't know where it came from, please run the tool below to reset them:

C:\WINDOWS\system32\drivers\etc\HOSTSpre.wmw


[FONT=Verdana, sans-serif]Download [/FONT][FONT=Verdana, sans-serif]HostsXpert[/FONT][FONT=Verdana, sans-serif]and then follow the below steps. [/FONT]

• [FONT=Verdana, sans-serif]Unzip[/FONT][FONT=Verdana, sans-serif] HostsXpert.zip[/FONT]
• [FONT=Verdana, sans-serif]It will create a folder named HostsXpert in whatever folder you extract it to.[/FONT]
• [FONT=Verdana, sans-serif]Run HostsXpert.exe, click Restore Microsoft's Hosts File and then click OK.[/FONT]
• [FONT=Verdana, sans-serif]Click the X to exit the program[/FONT]

5) Please run C:\MGtools\GetLogs.bat and attach the fresh MGlogs.zip it generates. Also, let me know if you get a success message for the registry patch.


Let me know how things are running now?

abri

 

Hi Abri. Well I copied down everything you wrote and followed your instructions. You asked if I knew what C:\windows\system32\drivers\etc\hostspre.wmw Well it means nothing to me so I ran Hostexperts to reset. I have attached the fresh MGlogs.zip you asked.
As for the pc itself, well it seems to be running ok. Internet Explorer has frozen on me a couple of times but apart from that it seems (touch wood) to be ok. Is that famous last words?
Cheers, Vinney

 

Vinney,

If your computer has been rebooting in this cycle you described and you are getting it back by reinstalling each time from an image disk, then chances are, that anything we fix will be undone if you run into this problem again and use the same solution.

Your problem still sounds like a hardware problem, either in your RAM or CPU. It would help if you get another crash to go into the BIOS and check the PC health status to see what temperature the CPU has and then ask for what the shutdown temperature was.

Combofix did remove a couple of items. My hesitancy to give them any credit for your shutdowns is because other computers that have these things don't exhibit this kind of symptom.

If the restrictions we changed were not set by you, then it might be worth it to run some rootkit scans. Please go to Alternate Scans and scroll about halfway down the page until you come to a list of rootkit scans. Please run Sophos, Rootkit Revealer and the AVG Antirootkit scans and attach the results.

Thanks.
abri

 

Hi Abri,
Right I ran the 3 rootkit scans as you suggested. Sophos found nothing wich is why I presume it produced no log. Neither did the AVG Anti rootkit even on the in depth scan. The Rootkit Revealer did produce 15 discrepencies which I saved and have attached for you to see.
I am also now coming to the conclusion that I have a hardware problem.
Let me know if I need to do anything as a result of the Rootkit Revealer scan.
Thankyou verymuch for all your time and effort in helping me with this problem. You obviously know your stuff. I was recommended this site by a friend and I shall do the same as you guys deserve all the credit.

 

Hi vinney,
There's one restorepoint that should be gotten rid of when you toggle the restore points. This is something which may be on your Acronis backup. Go ahead and do the final clean-up instructions including re-setting your restore points which is towards the bottom of the list. I hightly recommend posting in the Hardware Forum as there you will get many heads with a lot of experience to help you work on this problem. When IE freezes, do you have multiple browser windows open? Do you also get freezes with Fireforx?

 

Hi abri,
Thanks for those latest instructions which I followed to the letter. Very interesting read on preventing malware, so I shall head that advice. Internet Explorer only froze a couple of times (only 1 tab open) not happened since. I only recently installed Firefox but so far no probs with that. My system today again seems to be ok, but I am still a bit wary, so I might just head on over to the hardware forums as you suggest. You have me doubting my Acronis backup disc so I might just chuck it in the bin. If the crash happens again ( or should I say when? ) I might just reformat and completely reinstall everything and then make fresh backup. I'm going back to the UK in 3 weeks to help out a friend so I might try and pick up a few new bits and build a new system. Maybe give this machine to my kids as mine stays on 24/7. I'll see. Many thanks again, I shall be recommending this site to him while I'm over there and many more as well.

 

Thanks so much!

If it turns out there is a hardware issue, you may not have to ditch the disk. I wish you luck and also much enjoyment with your computer.

abri