nVidia GeForce 9500 GT
Power supply: 500W (was upgraded to support the video card)
Onboard video card died about 8 months ago (hence, upgrade to 9500).
Since I was getting infrequent random shutdowns, I figured it might be a thermal problem. I cleaned out the computer, fans and applied new heatsink compound. Reduced the idling CPU temp from 43C to 39C (not bad). Even before all that, under load the CPU never rose above 50C.
Then tried running overnight memory tests. Everything came out fine.
(1) After being infected, I tried running Windows Defender to view processes in memory - the machine shuts down shortly after it starts listing the processes.
(2) I tried running sfc /scannow - runs a bit, then the machine shuts down.
(3) if I run sfc /scanonce, then it will run without shutting the machine down (it also prompts me to insert XP CDs - which I don't have because the Gateway didn't come with any - just a restore partition that doesn't work - it prompts me for a CD).
The kicker is that my machine is disconnected from the Internet since the infection. Yet, if I enter sfc / scanonce, the Windows shutdown dialog shows "Click turnoff to install important updates ...". It shows the same when I reboot the computer after sfc runs. Yet, it does not show this message if I don't enter sfc /scanone.
Disabled Automatic Update and this message disappeared.
(4) Thought I might have some success uninstalling XP SP3 (if something nasty was tied into it). Same problem - machine shuts down. Yet, I was able to uninstall many other software apps (including Visual Studio Express apps) without incident (in a bid to reduce the number of files AV need to scan - hence reducing scan time).
(5) Ran chkdsk - same problem. Ran chkdsk /R and the problem with chkdsk seems to have gone away.
(6) ran WD Lifeguard on the HD (Quick Test and Extended Test) no problems reported.
So my questions are the following:
(1) is this some sopisticated piece of malware trying to hide its presence by invoking ACPI critical shutdown (that's what it looks like, since there is no BSOD)when something might discover it?
(2) is the defective onboard video responsible?
(3) why is the problem so reproducible with sfc and Windows Defender?
(4) is it some sort of software conflict (ok, I am reaching)?
I am really getting frustrated. I am pretty certain the computer didn't come with an XP CD because of the recovery partition. And I am not about to shell out money for a new copy of Windows if my hardware is failing. I am at the point where I am seriously considering reformatting the drive and installing Linux just to see.
Ran SDfix and gamer this morning.
SDFix locates this hidden registry entry:
Searching through the registry only reveals the CLSID in HKEY_CURRENT_USER and HKEU_USERS.
Googling on it reveals nothing.
Is it safe to remove?
Edited by richardsplanet, 07 May 2010 - 01:51 AM.