Jump to content

Computer crashes when Junkware Removal Tool is run - MBAM Not Responding


Recommended Posts

i've been following the tamcase that is titled "Malwarebytes Not Responding" and i've been able to go through STEP 0 to STEP 4 but when i try to run as an administrator JRT it creates a registry backup ... it checks startup .. all the way to checking registry & after about 10 minutes my computer just shuts off totally.

 When running the STEPS 0 through 4 no malware was removed that allowed Malwarebytes to run smoothly even in the quick scan. The full scan of Malwarebytes has taken 10 hours, 9 & 1/2 hours & 8 & 1/2 hours to completely run with no malware found.

 

 Thank You for your time.

RKreport0_D_03192014_231109.txt

mbar-log-2014-03-19 (18-09-01).txt

system-log.txt

Link to post
Share on other sites

Hello John14ale and welcome to Malwarebytes forums.

 

While I am helping you, please follow my guide  ( disregarding any other threads). I'd also ask that you do no more self-medication  ( like antirootkit or anything else).

Youve already used  the roguekiller tool.  Antirootkit found nothing.

 

I am a little confused about the very currenst status as to MBAM program.  Did the Full scan complete and finish?

 

I'll need more information to locate the source of the issue.
Please only ATTACH the log files I ask for.

 

Step 1

Show all files in Windows 7:
Press and hold Windows-key+E key on keyboard to start Windows Explorer.
From the Windows Explorer menu options, Select Tools, then Folder Options.
Next click the View tab.
Locate and uncheck "Hide protected operating system files (Recommended).
Locate and click "Show hidden files and folders and drives. "
Click Apply > OK.

 

Step 2

Download Random's System Information Tool (RSIT)
from http://images.malwareremoval.com/random/RSITx64.exe
and save it to your desktop.

 

At this point, please make sure all your internet browsers are Closed.  Likewise, close all of your open windows.

Start on RSITx64.exe   Do a RIGHT-Click on RSITx64 and select Run as Administrator and allow to run.
Accept the disclaimer:
Click "Continue" at the disclaimer screen.
Once it has finished, two logs will open. Please attach the logs in your next reply:
 both "log.txt" (<<will be maximized) and "info.txt" (<<will be minimized)
 

Step 3

 

Put Windows into SAFE mode

 

•    Advanced startup options (including safe mode)
The Advanced Boot Options screen lets you start Windows in advanced troubleshooting modes. You can access the menu by turning on your computer and pressing the F8 key ...
http://windows.microsoft.com/en-US/windows7/Advanced-startup-options-including-safe-mode

 

Turn off your pc. Wait about a minute.
Restart your pc.  And right away, tap & retap the F8 Function-key on your keyboard.
You should see Windows Advanced Options menu.
Select Safe Mode with Networking or
Safe mode or
VGA mode

with Safe Mode  being the ideal first choice.

 

Do a Quick scan in Safe mode.

Start your MalwareBytes' Anti-Malware.
Click the Settings Tab and then the General Settings sub-tab. Make sure all option lines have a checkmark.

Then click the Scanner settings sub-tab in second row of tabs. Make sure all option lines have a checkmark.

look down the screen to Action for potentially unwanted programs PUP < = = VERY Important

& look down the screen to Action for potentially unwanted modifications PUM &

For each one,  click  the down arrow ( on each one, one at a time ) ***
select "Show in results list and check for removal" from the drop down (arrow) selections. < = = =

When done, click the Scanner tab.
Do a Quick Scan.   i_arrow-l.gif

When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
 

Step 4

 

Put Windows into regular (normal)  mode.

 

Do not start any other programs during this next scan.   Allow the program to run by itself un-interrupted.

 

Start your  MalwareBytes' Anti-Malware.

 

Next, Click the Update tab. Press the "Check for Updates" button.

If prompted for a Restart, do that.


When done, click the Scanner tab.
Do a Quick Scan.   i_arrow-l.gif

When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

 

Step 5

 

Locate and get for me the last 2 Scan logs.

C:\Users\<USERNAME>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs

or

at C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs

I need the most current one that starts with the name **mbam-log-2014**    ( with the latest time & Date stamp)

 

NOTE:

Stalls or "non reponding" can occur for different reasons.  They can also happen in other Windows programs.

The concept here when you suspect there is a serious possible infection is

(a) reduce the number of running applications to only the barebones

(b) try Safe mode and do a scan

© return back to regular mode, and do a new Scan.


 

Link to post
Share on other sites

Hello,

 

So a Quick scan in Safe mode Windows found nothing, and took 50 minutes.  The Quick scan in regular mode took 2 hr/ 6 mins and found nothing.

 

There is no detected malware in either one.

 

I do not see a antivirus application here. You should have one installed and active otherwise the system is exposed to virus infections ( file infectors). Our program is not a substitute for antivirus.   It is not a replacement for antivirus protection.

 

Adobe Reader 9.3.4 is way out of date & insecure

Older versions of Adobe Reader pose a potential security risk.
De-install your Adobe Reader: Use Control Panel's  Programs and Features , Un-install Adobe "Reader".
Get latest Adobe Reader version
http://get.adobe.com/reader/]http://get.adobe.com/reader/
Be sure to un-check the box for "Free McAfee Security Scan"  or any "toolbar" (if offered )

 

Java 6 Update 17 is severely out of date & is risky

Java vulnerabilities are a never ending occurence. Bottom line is, if your system does not have an installed 3rd-party application that needs it, then unistall it.
If you do have that dependency, then turn off Java in your browsers.
If somehow, you have a often-used website that needs Java to display all information, then just use a specific browser and only allow Java in that one.
 

  • A:  If you decide to keep Java:
    The Java runtime components are typically located at
    C:\Program Files (x86)\Java\jre7\bin
    Locate javacpl.exe  the Java control panel.
    Right click and select Open
    Click on the Update tab
    Put a checkmark at "Check for updates automatically"

    On the General tab, under Temporary Internet Files, click the Settings button.
    Next, click on the Delete Files button
    Checkmark (select) all boxes you can & Click OK on Delete Temporary Files Window.

    Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
    Click OK to leave the Temporary Files Window

    Click on the Advanced tab
    Expand Miscellaneous:
    Un-check "place Java icon in system tray"
    Un-check "Java quick starter"

    Exit/close

    You need to remove older versions of Java runtime. Do this:
    Download & Save to your Desktop or a new folder Javara.zip

    Extract the contents of the zip file. Then double click Javara.exe to run it.
    JavaRa is a simple tool that does a simple job: it removes old and redundant versions of the Java Runtime Environment (JRE).
     
  • B:  If you want to disable Java in your browser:
    How to disable Java in various browsers : http://blog.eset.com/2012/08/29/disabling-java-a-safer-way-to-browse
    Also see No, Seriously, Just Disable Java in Your Browser Right Now

As noted by Brian Krebs,

Most consumers can get by without Java installed, or least not plugged into the browser. Because of the prevalence of threats targeting Java installations, I’d urge these users to remove Java or unplug it from the browser. If this is too much trouble, consider adopting a dual-browser approach, keeping Java unplugged from your main browser, and plugged in to a secondary browser that you only use to visit sites that require the plugin.


Also see How to protect your computer against dangerous Java Applets
 

 

As to the length of time it takes for a scan, a lot of it depends on whether or not a lot of competing active processes are running at the time of scan.

Beyond that a lot of other factors can also play a role.

Condition of the file system.   Condition of the hard drive.

The number of files scanned.

The amount of disc storage file fragmentation.

The age of the hardware.

 

Link to post
Share on other sites

i uninstalled the Adobe Reader & also uninstalled the JAVA. i have Spybot search & destroy as an antivirus program but upon running Spybot on my computer, it also started to completely shut off just like when i ran JRT. My laptop does not seem to get real hot before it completely shuts off. We have another computer that at least gets real hot just before it completely shuts down. Maybe i'll see which are the "barebones" active processes needed so maybe i can actually run Spybot all the way through. Maybe instead, i should download Avast antivirus & see if i can run Avast to completion. i don't know

Link to post
Share on other sites

Hello,

 

If this computer is "hot" or has any symptoms of getiing hot anywhere ---- please hold the train --- and lets stop any further hunt.

Overheating hardware -does- lead to the shutdowns.

Overheating must be pin-pointed and cured.   Until that is cured it is futile to be hunting for malware or any other thing.

 

Is this a laptop/notebook or the so-called desktop type with case-housing?

 

If this is a laptop, does a particular spot by the keyboard area become overhot?

 

For laptops/notebooks--- this is not a cure of any kind --- but as a temporary work-around, you can buy a "cooler" or chill mat.  Targus is one popular brand.

 

I urge you to check with the computer-manufacturer web support site about the overheating.

I would strongly advise you check all exhaust vents on hardware to be sure no gunk / dust is present or blocking the exhaust vents ( or if desktop, the power-supply fan needs to be cleaned).

 

Overheating is one definite possibility as root cause of shutdown.

Another is bad or failing hardware RAM.

Link to post
Share on other sites

the computer does not get "hot" at all before shutting down. i tried to stop all but basic processes that were not necessary for windows to start & upon running Spybot after a few hours the computer just shut off. i then downloaded Avast & running a full scan. Avast has found no infected files, has been stuck on 89% scan completed for 3 hours & is stuck Processing file:  C:\Windows\Installer\1631a.msi

 i am tempted to just stop the computer, try to erase C:\Windows\Installer\1631a.msi manually & run a full scan with Avast. Any ideas would be appreciated. Either way, Thank you for your time.

Link to post
Share on other sites

Hello,

 

A hardware shutdown can be caused by bad or failing RAM memory.

Run a good memory test diagnostic.

 

See

Diagnosing memory problems on your computer
http://windows.microsoft.com/en-US/windows7/Diagnosing-memory-problems-on-your-computer

 

There being no malware here, I will close this thread.  I would refer you to the General PC sub-forum for anything related to the shutdown, etc.

See  https://forums.malwarebytes.org/index.php?showforum=6

 

I wish you well.

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.