Does this sound like malware, or system file corruption?

[ron_1]

Yesterday when I booted my computer, I got the "Windows is updating, do not turn off your computer (or whatever)" screen. Immediately I was concerned because I did not do any updates the day before, and I have updates set to notify, but not download, the updates. Eventually the log-in screen came up so I logged in and did what I was intending to do. Since I tend to be a little paranoid, when I was done I decided to do a Malwarebytes Anti-malware scan. I started the scan and left the room. Returning 5-10 minutes later, my computer was on the bios screen! I couldn't figure out how to get out of there, so I did a hard shutdown. I then restarted the computer and it booted normally (I mean other than getting the screen "Windows did not shut down properly"). I decided to try the scan again, but this time I first cleaned the drive using Ccleaner. After cleaning I noticed it deleted a larger amount than usual, about 750 megs. Upon close inspection, I notice one file was 700 megs, the CBS_log file under Windows System Log files. I did some quick research online and it seems the cbs log file is a Windows log file that lists system errors. Anyway, I did the MBAM scan and this time it completed, and came back clean. While doing the research on what is a cbs file, I also came across instructions on the "System File Check (SFC) scan." So I did that scan (verify only) and that scan came back "Windows did not find any integrity violations."

Being somewhat paranoid as already stated, today I did a whole C drive scan using 1) Windows Malicious Software Removal Tool; 2) MBAM (again); 3) Malwarebytes Anti-Rootkit; and 4) Avast; and all 4 came back clean.

So, as the header asks, does what happened to my computer yesterday sound like malware, or just a system file(s) corruption? It appears to me to be the latter, but I'd like the opinion of some experts (which I am not). Thanks.

[superA]

Hi hellomustbegoing

..because I always like conspiracy theories..(and you rechecked that the setting in Windows Uptates is set to notify and havent changed),it seems to me that someone else played around with your pc,installed the updates and after shut it off..

[ron_1]

Nobody uses my computer but me. I just checked the setting in Windows updates; it's still on "check but let me choose when to download." I meant to do this yesterday but forgot. Thanks for reminding me.

[ron_1]

Should I take the lack of responses, save one, as an indication that I have nothing to worry about?

[Moonchild]

Should I take the lack of responses, save one, as an indication that I have nothing to worry about?

You should take it as a fact that people don't spend every waking moment on the forum

Unexpected behavior and unexpected reboots is never a good thing. I'd certainly make a thorough check for any sort of malware/trojans that may be present, double-check automatic updates settings, and in general do a full sweep of your system to see what's installed and running. Tools like process explorer may be your friend.

[Night Wing]

@helloimustbegoing

Thought I would throw my two cents in on this topic.

I help out at a computer shop which is a half mile from my home. I do a lot of re-installing a straight Windows 7 operating system for people who want to re-install Windows 7 for some reason and don't want to use the recovery partition which contains all the original bloatware which came pre-installed on the computer when the computer was originally bought.

I also do all the updates from Microsoft. When I do those updates, I always use "Check for updates but let me choose to download and install them" instead of the default "Install updates automatically" in Windows Update. The automatic update prompt installs MS updates when the computer is shut down.

On some particular models of computers, some of the Microsoft security updates change the "Check for updates" prompt, back to "Install automatically". After each MS update install, I always have to go back to the Windows Update and make sure none of the MS security updates I've just installed haven't changed the Windows Update back to "automatic".

I think this is what happened to your computer in question.

[satrow]

Hmm, sounds right, there was one update in the last batch that had another update that was needed after a reboot, iirc.

[gpatrick900]

There are couple of things that can cause this. One is if you used disk clean-up and cleaned out the windows update files. The other is Microsoft updating windows update. Whenever, Microsoft updates windows update it is a forced update no mater what your setting is. I experienced both.

[ron_1]

satrow wrote:
there was one update in the last batch that had another update that was needed after a reboot

The day this happened I checked the history. The last Windows update installed was 2 days before. And I have Updates set to notify only anyway.
@Night Wing: I checked Updates and it is still set to notify only.

gpatrick900 wrote:
One is if you used disk clean-up and cleaned out the windows update files.

That would explain the Update screen on boot-up, but what about getting the bios screen during a MBAM scan?

Moonchild wrote:
You should take it as a fact that people don't spend every waking moment on the forum

They don't??

[gpatrick900]

I don't know what cause the bios screen to pop up.