Jump to content

Malwarebytes crashes during scan


Recommended Posts

Hello 

My malwarebytes Anti-Malware Home (free) - which was freshly installed today - crashes pretty soon into any scan. In fact it won't even let me update the databases without crashing. 

I am using BitDefender Total Security 2016 and Windows 10.  I have another PC (a laptop this time) that has the same stuff installed and it runs fine. I don't know how to suspend BitDefender on a temporary basis.

 

Any suggestions?

With thanks

J

 

 

 

 

 

Link to post
Share on other sites
  • Staff

adwcleaner_new.png Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your Desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Accept the Terms of use.
  • Wait until the database is updated.
  • Click Scan.
  • When finished, please click Clean.
  • Your PC should reboot now.
  • After reboot, logfile will be opened. Copy its content into your next reply.

Note: Reports will be saved in your system partition, usually at C:\Adwcleaner

Link to post
Share on other sites

# AdwCleaner v6.030 - Logfile created 18/11/2016 at 10:57:59
# Updated on 19/10/2016 by Malwarebytes
# Database : 2016-11-18.1 [Server]
# Operating System : Windows 10 Pro  (X64)
# Username : alec_2 - ALEC09
# Running from : C:\Users\alec_2\Desktop\AdwCleaner.exe
# Mode: Clean
# Support : hxxps://www.malwarebytes.com/support

***** [ Services ] *****

[-] Service deleted: Update service


***** [ Folders ] *****

[-] Folder deleted: C:\extensions


***** [ Files ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

[-] Key deleted: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[-] Key deleted: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] Key deleted: HKCU\Software\Google\Chrome\Extensions\bmkckgpgekmanipelfidlhmkfcjicion
[#] Key deleted on reboot: [x64] HKCU\Software\Google\Chrome\Extensions\bmkckgpgekmanipelfidlhmkfcjicion


***** [ Web browsers ] *****

[-] [C:\Users\alec_2\AppData\Local\Chromium\User Data\Default\Web data] [Search Provider] Deleted: search provided by yahoo
[-] [C:\Users\alec_2\AppData\Local\Chromium\User Data\Default] [extension] Deleted: bmkckgpgekmanipelfidlhmkfcjicion
[-] [C:\Users\alec_2\AppData\Local\Chromium\User Data\Default] [homepage] Deleted: hxxp://uk.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_frg01_15_19&param1=1&param2=f%3D1%26b%3DIS Browser%26cc%3Dgb%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0C0CtD0FzyzzyE0B0B0EtD0FtCtN0D0Tzu0StCtBtBtAtN1L2XzutAtFtCtDtFyCtFtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StAtCzz0DyCyCzy0DtGtD0BtAzztGzz0EyCtAtG0DyCtB0FtGyB0AtByEtCyEtD0B0F0A0DyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0C0E0DtA0CtA0C0DtGyBtDtByBtGyEtBtBzztGzzyB0AzztGyBtBtCzy0DyEtAzytCzz0C0E2QtN0A0LzuyEtN1B2Z1V1T1S1NzuyByEzz%26cr%3D1021354084%26a%3Dwncy_frg01_15_19%26os%3DWindows 8.1&a=wncy_frg01_15_19&cd=2XzuyEtN2Y1L1QzutDtDtC0C0CtD0FzyzzyE0B0B0EtD0FtCtN0D0Tzu0StCtBtBtAtN1L2XzutAtFtCtDtFyCtFtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StAtCzz0DyCyCzy0DtGtD0BtAzztGzz0EyCtAtG0DyCtB0FtGyB0AtByEtCyEtD0B0F0A0DyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0C0E0DtA0CtA0C0DtGyBtDtByBtGyEtBtBzztGzzyB0AzztGyBtBtCzy0DyEtAzytCzz0C0E2QtN0A0LzuyEtN1B2Z1V1T1S1NzuyByEzz&cr=1021354084&ir=&uref=chmm
[-] [C:\Users\alec_2\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: bmkckgpgekmanipelfidlhmkfcjicion


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [3072 Bytes] - [18/11/2016 10:57:59]
C:\AdwCleaner\AdwCleaner[R0].txt - [14676 Bytes] - [08/05/2015 17:58:30]
C:\AdwCleaner\AdwCleaner[R1].txt - [1199 Bytes] - [09/05/2015 16:37:41]
C:\AdwCleaner\AdwCleaner[S0].txt - [1165 Bytes] - [08/05/2015 18:01:16]
C:\AdwCleaner\AdwCleaner[S1].txt - [2690 Bytes] - [18/11/2016 10:56:00]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [3438 Bytes] ##########
 

Link to post
Share on other sites
  • Staff

FRST.gif Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Make sure that Addition.txt option is checked. option is checked.

    2873ryc.png

  • Press Scan button and wait.

  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.


Please attach report into your next reply.

Link to post
Share on other sites
  • Staff

FRST.gif Fix with Farbar Recovery Scan Tool

icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif


icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finishes FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.

fixlist.txt

Link to post
Share on other sites

This was initially confusing.

1. When I right-clicked on each of the icons in your post neither would run anything.

2. Left clicking on "Fix with Farbar Recovery Scan Tool" did nothing either.

But I found FRST64.exe in my desktop and downloaded fixlist.txt, put it onto my desktop and ran FRST64.exe there. Fixlog.txt attached.

J

Fixlog.txt

Link to post
Share on other sites

This was initially confusing.

1. When I right-clicked on each of the icons in your post neither would run anything.

2. Left clicking on "Fix with Farbar Recovery Scan Tool" did nothing either.

But I found FRST64.exe in my desktop and downloaded fixlist.txt, put it onto my desktop and ran FRST64.exe there. Fixlog.txt attached.

J

 

PS MalwareBytes Anti-Malware is still not running...

Link to post
Share on other sites

For the record, after running your utility, Microsoft Outlook (365) totally failed to connect to the Internet.
I spent 2.5 hours with in Microsoft's technicians doing remote desktop into my computer and STILL they couldn't fix it. 

Finally I deleted my profiles and manually totally uninstalled the entire Office suite and re-installed it. Only then did it start to connect again.

J

 

Link to post
Share on other sites
1 hour ago, TwinHeadedEagle said:

Is everything okay now?

Hard to say.

Everything seems rather slow. Outlook (v365) seems to crash a bit. And first thing in the morning the monitor seems to take about 30-60 seconds to come to life whereas it used to be near instant. Malwarebytes is now scanning without finding anything but are there any other free scans I might usefully run given the above?

J

 

 

Link to post
Share on other sites
  • Staff

Hmm, let's check your hard drive.

 

Check Disk

  • Press the WindowsKey.png on your keyboard. Type cmd and right click >> Run as Administrator.
  • Copy/Enter the command below and press Enter:
  • chkdsk C: /r
  • You should get a message to schedule Check Disk at next system restart. Please type Y and press Enter.
  • All you should do now is to restart your PC and let the Check Disk process finish uninterrupted.


Check Disk report:

  • Press the WindowsKey.png + R on your keyboard at the same time. Type eventvwr and click OK.
  • In the left panel, expand Windows Logs and then click on Application.
  • Now, on the right side, click on Filter Current Log.
  • Under Event Sources, check only Wininit and click OK.
  • Now you'll be presented with one or multiple Wininit logs.
  • Click on an entry corresponding to the date and time of the disk check.
  • On the top main menu, click Action > Copy > Copy Details as Text.
  • Paste the contents into your next reply.

Link to post
Share on other sites

Done


>>>
Checking file system on C:
The type of the file system is NTFS.
Volume label is ALEC09_C_drive.

A disk check has been scheduled.
Windows will now check the disk.                         

Stage 1: Examining basic file system structure ...
Cleaning up instance tags for file 0x296bf.
Cleaning up instance tags for file 0x67f6c.
  650496 file records processed.                                                         File verification completed.
  11005 large file records processed.                                      0 bad file records processed.                                      
Stage 2: Examining file name linkage ...
  776534 index entries processed.                                                        Index verification completed.
  0 unindexed files scanned.                                           0 unindexed files recovered to lost and found.                     
Stage 3: Examining security descriptors ...
Cleaning up 7790 unused index entries from index $SII of file 0x9.
Cleaning up 7790 unused index entries from index $SDH of file 0x9.
Cleaning up 7790 unused security descriptors.
CHKDSK is compacting the security descriptor stream
Security descriptor verification completed.
  63020 data files processed.                                            CHKDSK is verifying Usn Journal...
Usn Journal verification completed.

Stage 4: Looking for bad clusters in user file data ...
  650480 files processed.                                                                File data verification completed.

Stage 5: Looking for bad, free clusters ...
  36434534 free clusters processed.                                                        Free space verification is complete.
Correcting errors in the master file table's (MFT) BITMAP attribute.
Correcting errors in the Volume Bitmap.

Windows has made corrections to the file system.
No further action is required.

 292470783 KB total disk space.
 145803108 KB in 363166 files.
    201040 KB in 63023 indexes.
         0 KB in bad sectors.
    728495 KB in use by the system.
     65536 KB occupied by the log file.
 145738140 KB available on disk.

      4096 bytes in each allocation unit.
  73117695 total allocation units on disk.
  36434535 allocation units available on disk.

Internal Info:
00 ed 09 00 31 7f 06 00 e3 78 0b 00 00 00 00 00  ....1....x......
0e 06 00 00 29 00 00 00 00 00 00 00 00 00 00 00  ....)...........

Windows has finished checking your disk.
Please wait while your computer restarts.
>>>

J

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.