My computer sometimes will switch off on start up and it takes 2 or 3 trys before it starts. I have done Superspyware, malware and avast. Avast boot scan brought up win 32:malware gen but it cannot repair, delete or send to chest. Could this be the shutting down problem? Also how do I get rid of the malware.
follow this guide from Essexboy and post the log`s here as attachments in your next reply
http://forum.avast.com/index.php?topic=53253.0
down left corner: additional options > attach > ( MBAM scan log / OTL.Txt / Extras.Txt )
Malwarebytes’ Anti-Malware 1.46
www.malwarebytes.org
Database version: 4271
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928
03/07/2010 17:53:11
mbam-log-2010-07-03 (17-53-11).txt
Scan type: Quick scan
Objects scanned: 22746
Time elapsed: 5 minute(s), 6 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
I cannot find an otl extra
I ran the otl again and now attach the extra log I had to change a setting in otl to get the extra log
Hm Vista is notorious for slow starts from my experience - what is the location of the file that Avast finds ?
Run OTL
[*]Under the Custom Scans/Fixes box at the bottom, paste in the following
:OTL
[2009/03/01 17:08:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jeanie\AppData\Roaming\Mozilla\Extensions\{ae2cff10-0d52-4066-8be9-4abcf119fa79}
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[Reboot]
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
THEN
To try and ease the startup try this
Download Startup Control Panel here
Instal and you will find a startup icon in the control panel - run this
[*] In the HKLM tab, you may disable (be careful → “disable”) all the entries except your security software
[*] In the HKCU tab, you may disable all entries.
[*] In the StartUp tab, you may disable all entries.
Note : if you notice that some programs no longer run, you can enable them again by running Startup Control Panel, selecting the entry and choosing Run Now.
If you are in doubt with something, don’t hesitate to ask
FINALLY
Download and run Puran Disc Defragmenter
Loacation is *RAW:c\users\jeanie\documents\wind53-eng-v110[1]\wind53 set up ms1.
When I do the otl scan all the setting say safe list.
I have had the computer for two years now and it is only the past couple of months that it shuts down before windows installs.
I only use the computer for basic things and i am not very technical. Can I do any harm by installing the start up control panel you suggest
Startup control panel will do no harm - I use it on my windows 7 64 bit ;D
I see you have run combofix - could I see the log please, it will be at C:\combofix.txt
Sorry i have deleted combo fix. Should I run this again. Also how ofter should i run the puran defrag and should i do a boot run
For the first run on Puran I would do a boot defrag and thereafter do a normal one every week or so
Aye lets have another CF run to see what drivers are hiding
Download ComboFix from one of these locations:
* IMPORTANT !!! Save ComboFix.exe to your Desktop
[*]Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
[*]Double click on ComboFix.exe & follow the prompts.
[*]As part of it’s process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it’s strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
[*]Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it’s malware removal procedures.
http://img.photobucket.com/albums/v706/ried7/RcAuto1.gif
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
http://img.photobucket.com/albums/v706/ried7/whatnext.png
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Log attached. I have also noticed that in the performance event viewer I hhave had critical warning about start up and boot performance. I have attached this. Thanks for all your effor+ System
- Provider
[ Name] Microsoft-Windows-Diagnostics-Performance
[ Guid] {cfc18ec0-96b1-4eba-961b-622caee05b0a}
EventID 100
Version 1
Level 1
Task 4002
Opcode 34
Keywords 0x8000000000010000
- TimeCreated
[ SystemTime] 2010-07-04T10:02:24.189Z
EventRecordID 6763
- Correlation
[ ActivityID] {00000000-F6C8-0000-9F77-56A65F1BCB01}
- Execution
[ ProcessID] 1936
[ ThreadID] 2464
Channel Microsoft-Windows-Diagnostics-Performance/Operational
Computer Jeanie-PC
- Security
[ UserID] S-1-5-19
-
EventData
BootTsVersion 2
BootStartTime 2010-07-04T09:59:53.671Z
BootEndTime 2010-07-04T10:02:20.439Z
SystemBootInstance 928
UserBootInstance 919
BootTime 121827
MainPathBootTime 53727
BootKernelInitTime 20
BootDriverInitTime 1532
BootDevicesInitTime 11772
BootPrefetchInitTime 53853
BootPrefetchBytes 708120576
BootAutoChkTime 0
BootSmssInitTime 21206
BootCriticalServicesInitTime 1251
BootUserProfileProcessingTime 599
BootMachineProfileProcessingTime 387
BootExplorerInitTime 13098
BootNumStartupApps 20
BootPostBootTime 68100
BootIsRebootAfterInstall false
BootRootCauseStepImprovementBits 0
BootRootCauseGradualImprovementBits 0
BootRootCauseStepDegradationBits 0
BootRootCauseGradualDegradationBits 0
BootIsDegradation false
BootIsStepDegradation false
BootIsGradualDegradation false
BootImprovementDelta 0
BootDegradationDelta 0
BootIsRootCauseIdentified false
Hmm a 3 minute boot time is long
MainPathBootTime 53727 BootPrefetchInitTime 53853these are the two longest elements at 53 seconds each
These elements can safely be removed from start up
NvCplDaemon NvMediaCenter PCSuiteTrayApplication QuickTime Task iTunesHelper TkBellExe SunJavaUpdateSched Adobe Reader Speed Launcher Adobe ARM
I will remove my tools now and give some recommendations, but I would like you to run for 24 hours or so and come back if you have any problems
Now the best part of the day ----- Your log now appears clean
A good workman always cleans up after himself so…The following will implement some cleanup procedures as well as reset System Restore points:
Run OTL
[*]Under the Custom Scans/Fixes box at the bottom, paste in the following
:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[Reboot]
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
Click Start > Run and copy/paste the following bolded text into the Run box and click OK:
ComboFix /Uninstall
Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself. MBAM can be uninstalled via control panel add/remove along with ERUNT. But they may be useful tools to keep
We will now confirm that your hidden files are set to that, as some of the tools I use will change that
[*]Click Start.
[*]Open My Computer.
[*]Select the Tools menu and click Folder Options.
[*]Select the View Tab.
[*]Under the Hidden files and folders heading select Do not show hidden files and folders.
[]Click Yes to confirm.
[]Click OK.
Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
[*]SpywareBlaster to help prevent spyware from installing in the first place.
http://img233.imageshack.us/img233/7729/mbamicontw5.gif
Malwarebytes. Run weekly to keep your system clean
It is critical to have both a firewall and anti virus to protect your system and to keep them updated.
To keep your operating system up to date visit
[*]Microsoft Windows Update
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?
Keep safe
Computer shutting down frequently on start up before windows. Have to start it 2 to 3 times. Have you any idea where I can get help on this as there now does not appear to be any malware, spyware or virus .
What may help is a fresh install - my experience with Vista is that as time progresses it gets slower and slower, much worse than XP.
But I do know where a lot of technicians help out ;D
If you start a topic here I will ask Ron or Broni to have a look at it for you http://www.geekstogo.com/forum/index.php?showforum=79
Just pm me the link ( I have the same user name there)
I have put new topic on link where you said under hardware. You must think im stupid but how do i pm you?.
now done the link as requested.My 13 yr old son fixed it. Oh to be young again.
I have asked Broni to take a look - you will be in good hands ;D
Thanks. No doubt will speak to you with my next problem