Computer reboot fails following MBAM scan

[RogerKynard]

My desktop (DT) now has difficulty booting up every morning, or whenever it is shut down. As I mentioned in an earlier forum discussion here, this happened the first time just after I loaded MBAM (it wasn't on this machine before, only my laptop had it) and did the first full scan. Upon reboot it hung, and I had to hard-reboot it, and then it was fine (so I thought). Well, that seems to happen now regularly (ie, first reboot fails, second succeeds), and I have no idea what's happening. We never did find any malware on the DT (only those PUMs you said were something else - could removing them have caused the problem?), so it must be something that we did. BTW, I did allow the IE8 update to go through, and I changed the BIOS back to C: before CD-Rom, but neither correspond to when the boot-fail issue began.

Any thoughts?

Thanks again! RK

[AdvancedSetup]

Please update MBAM and do a Quick Scan and send me back that log. Then run a DDS scan as well and send back it's logs.

Download

DDS

and save it to your desktop

http://download.bleepingcomputer.com/sUBs/dds.scr

Disable any script blocker if your Anti-Virus/Anti-Malware has it.

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click

dds.scr

to run the tool.

When done, the

DDS.txt

will open.

Click Yes at the next prompt for Optional Scan.

When done, DDS will open two (2) logs:

1. DDS.txt
   
   
2. Attach.txt

• Save both reports to your desktop
• Please include the following logs in your next reply:
  DDS.txt
  and
  Attach.txt

[RogerKynard]

OK, MBAM updated and run...clean as log shows. Other logs attached...RK

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 7991

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

10/21/2011 12:03:40 AM

mbam-log-2011-10-21 (00-03-40).txt

Scan type: Quick scan

Objects scanned: 168608

Time elapsed: 7 minute(s), 9 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

dds.txt

attach.txt

[AdvancedSetup]

No obvious infection but plenty of services that I would remove if it were my computer.

You also had the following error.

10/19/2011 11:34:56 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x8024002d: Office XP Service Pack 3.

Try to manually download the update and install it instead of allowing Windows Update site to do it.

Have you done a full disk check and defrag?

Would you like to try to speed it up by removing some services that don't really need to be running (in my opinion)

[RogerKynard]

Well, a few days back, I did the ChkDsk and Defrag on the desktop, and for awhile it seemed that it was booting OK, but then today it hung up again when turned on, so then we had to force it to shut down again. It boots up fine the 'second' time, but I don't like having to do this. It can't be good for the machine, long term, right?

Again, this happened (for the first time ever) immediately after running MBAM the first time when it found those 3 PUM files. I can't imagine there being any other cause, but then I've been wrong before.

The Office XP update failed because it asked for a CDRom to be inserted and I didn't think I had it. I looked around and indeed I found another homemade copy of that software, so I was able to get that update to work the 2nd time.

I ran ChkDsk without any 'switches' turned on, and it went through its checks, and didn't give me any warnings or a log...it's been a long time (DOS/Windows 3.1 era) since I've used utilities like this, so I don't remember much about them anymore. It didn't go through the whole disk/bad sector screening...did you mean that I should do that too? What's the proper switch, if so?

The defrag didn't seem like such a necessary thing, since 2/3 of the hard drive is empty, even though by modern standards it is a small one. We don't store much of anything on it...it's mainly software. OK, so maybe there's some extra stuff we don't need (we just bought a new printer, and I see that the printer driver CDRom loaded up a bunch of extra HP crap we don't need, but I'd rather get the computer booting properly first before worrying about routine cleanup...

Thanks for any more ideas...RK

[AdvancedSetup]

Running a CHKDSK with no switches will only detect a very limited set of issues a hard drive can have.

I would recommend running a Full disk check just to be on the safe side.

You may have corrupted files on your disk. Please try running the following.

First close ALL Applications as this routine will automatically restart your computer.

Click on START - RUN and copy / paste the following entry into the box and click OK

CMD /C ECHO Y|CHKDSK C: /R | SHUTDOWN /R /T 30

I'll also post the following for you which is a long list of things one can look at to help improve computer performance.

Computer and browser slowness are not always malware related

Poor performance and other problems can be the result of disk fragmentation, disk errors, corrupt system files, too many startup programs, unnecessary services running, not enough RAM, dirty hardware, etc. As your system gets older it becomes filled with more files/programs and has a natural tendency to slow down so cleaning and regular maintenance is essential.

Listed below are a few things you can do to improve speed and system performance. Many of the these suggestions will apply if you're using Windows Vista but may be done a bit differently. Near the bottom of this thread there is a section specifically devoted to Vista Users.

For browser problems, see:

• Its not always malware: How to fix the top 10 Internet Explorer issues
  
• How and Why to Clear Your Cache
  

If your having connectivity issues or errors such as Page cannot be displayed see

• Repair/Reset Winsock settings
  
• Troubleshooting Internet Connection Problems
  

If you're using Vista or Internet Explorer 7, see

• Why is my Internet connection so slow?
  
• Windows Vista - My Internet connection is slow
  
• The Phishing Filter may slow down the PC
  
• Tuning IE7 for Better Performance
  
• How to optimize or reset Internet Explorer 7
  

If you have a lot of toolbars and add-ons attached to Internet Explorer, you could try improving performance by disabling those which are unecessary. See:

• Control Internet Explorer Add-ons with Add-on Manager
  
• Troubleshooting and Internet Explorer’s (No Add-ons) Mode
  

Vista users see:

• Internet Explorer Add-ons FAQs
  

Clean up your hard drive by removing unused programs and transferring old data, pictures, music files to a CD or an external hard drive.

When you have moved/saved the files you want to keep, run Disk Cleanup and let it scan your system for files to remove. Don’t clean out the Prefetch folder - This is a common myth that will not improve performance.

You may be instructed to remove prefetch files if you had experienced some virus/malware issues otherwise removing prefetch files is not really necessary. Although the prefetch folder can become quite bloated in time, removing old prefetch data as a matter of routine is not recommended. Your boot time immediately after clearing the prefetch folder is much slower...but it will speed up after the first reboot when windows begins to put back some of the files that you removed.

As an alternative to Disk Cleanup you can download and scan with CCleaner.

(Scroll to the last one and click the "CCleaner Slim"...it has no toolbar that comes packaged with it)

• After installation, see see the CCleaner Tour: Using and Understanding CCleaner
  
• Make sure you go to Options-->Advanced and uncheck the box to Only delete files in Windows Temp folders older than 48 hours before running a scan
  
• An added benefit of using CCleaner is the Issues scan which allows you to clean the registry
  
• Always back up your registry before making any changes

Check for any unnecessary running services

If you have a typical installation, many services are configured as "automatic"; that is, they start automatically when the system starts or when the service is called for the first time. Use Black Viper's "Services Configuration" to help fine tune this area.

Check for disk errors by running CHKDSK in "SAFE MODE" or from the Recovery Console

In the Check Disk dialog box, select the "Scan for and attempt recovery of bad sectors" check box, click "Start" and have it repair anything it finds. As you use your hard drive, it can develop bad sectors which slow down hard disk performance and make data writing difficult. Check Disk scans the hard drive and verifies the logical integrity of a file system by checking for system errors, lost clusters, lost chains, and bad sectors. When encountering logical inconsistencies in file system data, it will perform the necessary actions to repair the file system data.

Check for damaged, altered or missing critical system files by running the System File Checker

If SFC discovers that a protected file has been damaged, altered or missing, it restores the correct version of the file from the cache folder.

You must be logged on as an administrator or as a member of the Administrators group to run sfc and it may ask you to insert your XP Installation CD so have it available.

Defrag your system

Disk fragmentation slows the overall performance of your system. When files are fragmented, the computer must search the hard disk when a file is opened. Disk Defragmenter consolidates fragmented files and folders on the hard disk so that each occupies a single space on the disk. This speeds up reading and writing to the disk. Read "The Importance of Disk Defragmentation" for instructions.

Note: It is recommended to shut down all applications (including your Anti-virus) before running Defrag to ensure that no programs attempt to write to the drive while it is being defragmented. Not doing so may cause you to have to restart the entire process. If you have disabled all running programs and still find that the defrag routine is constantly interrupted, you can defrag from "SAFE MODE".

Check for any unnecessary applications loading at startup when Windows boots by using MSConfig

Some startup programs are necessary so be careful what you disable. If you are unsure what any of the startup entries are or if they are safe to disable, then search one of the following Startup Databases:

• StartupList Index
  
• Startup Programs Database
  

Note: MSConfig.exe is a troubleshooting utility used to diagnose system configuration issues. Although it works as a basic startup manager, msconfig should not be used routinely to disable auto-start programs. It is a temporary solution and not a good practice for several reasons. When uninstalling programs while disabled with msconfig, they may not be uninstalled properly and orphaned entries often will be left behind. When used to switch back to normal startup mode, these orphan entries can result in boot up errors. Further, msconfig does not list all applications loaded in all possible startup locations (some entry points are hidden and unknown to the user) and does not allow the complete removal of disabled entries from its list.

You should not use msconfig to disable startup applications related to a running service. Doing so alters the registry and there are services that are essential for hardware and booting. When you uncheck a service in msconfig, you completely disable it. If you uncheck the wrong one, you may not be able to restart your computer. You should only disable services using Control Panel-->Administrative Tools-->Services.

A better alternative is to use a startup manager. If you have Spybot S&D installed, launch it, go to Mode and select Advanced. Then go to Tools, select System Startups. You will be provided with a list of programs that load when Windows starts. If you untick an entry it will no longer run at startup. This will allow you to experiment and see how your system performs with any of them disabled. Other startup managers you can download and use for free are:

• Startup Control Panel,
  
• Autoruns,
  
• Starter by CodeStuff, and
  
• StartUpLite by RubberDucky.
  

Remove any third party "Memory Manager" or "Optimizer"

Windows XP memory management was designed to make the best use of Ram and these memory management utilities defeat that purpose. They push applications out of RAM into the pagefile, creating holes in the RAM and slowing down your computer's performance by doing so.

Disable some visual effects

While visual embellishments may be attractive, they don’t do anything else for you. Disabling some of them frees up system resources and makes the operating system perform better.

• Right click My Computer, choose Properties-->Advanced then click on Settings
  
• In the Visual Effects tab, select Adjust for best performance or uncheck all the visual effects, except for the last three
  
• Click "Apply", then "Ok", then "Ok" again
  
• Then right click your Desktop and choose Propertie-->Appearance-->Effects
  
• Uncheck the first two boxes and hit "OK"
  

Add more RAM

This is a quick solution that can have a dramatic affect on your system's speed and responsiveness. You can check how much RAM you have by going to Start-->Program Files-->Accessories-->System Tools-->System Information and look at your System Summary. For more info see "Understanding, Identifying and Upgrading the RAM in your PC".

For more suggestions and performance tips read:

"Restore Your Computer's Performance with Windows XP"

"XP Performance Tweaks"

"Performance Boost for XP"

For Vista Users:

Vista Features Explained: Performance

Vista Features Explained: SuperFetch

SuperFetch & ReadyBoost

Tips to boost Vista performance

Windows Vista Performance Tuning

Top 12 Tweaks To Improve Vista Looks and Performance

When you are all done be sure to Create a new Restore Point to enable your computer to "roll-back" to a clean working state keeping all the changes you just made. Then use Disk Cleanup to "remove all but the latest Restore Point".

Vista Users can refer to these links:

• Create a New Restore Point
  
• Disk Cleanup
  

[RogerKynard]

OK, did the ChkDsk that you recommended, and it's been a couple of days, and it seems to be booting OK now. So I think we're finally good to go here. Again, I thank you immensely for your help, and apologize for my sheer naivete despite having used computers to some degree ever since the dawn of time. (ie., punch cards) I only bother to learn anything once it becomes important to do so, and I just haven't really had these sorts of issues to this degree before.

Ciao...RK

[AdvancedSetup]

Great, glad you're all set now. I'll go ahead and close your ticket now then.

Take care and have a great week.

[AdvancedSetup]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!