Free version of malwarebytes KEEPS getting stuck

[helloitsme]

PLEASE help! Windows 10, latest version malwarebytes. I run a scan, it finishes but STAYS stuck after completing scan until i click cancel (waited 6 hrs at most). It finds 10 threats- shows up during memory scan, but they are registry keys and identified as trojans. After i click cancel (because it gets stuck) it asks if im sure, i say yes, it becomes unresponsive until i end the task. It finally closes, then a notification shows up saying scan complete 10 threats found. I click it, i click quarantine, it shows loading circle and locks up again and stays that way infinitely. Can i just delete the reg keys it identifies as trojans? I have only windows defender antivirus. WD finds no threats during quick scan. Ive tried unistalling mbytes manually (which by the way is a nightmare and felt like trying to unistall malware to begin with) I tried reinstalling using mb support- same problem. Tried repair- same problem. At my witts end here, and completely sick of installing and uninstalling mbytes. NOT AT ALL in favor of installing MORE programs to fix programs that are designed to fix programs that are designed to fix programs that are designed to fix programs that are designed to fix programs.... you get the point.

FRST.txt Addition.txt LATEST MBSCAN.txt

[Maurice Naggar]

Hi, 

My name is Maurice. I will be helping and guiding you, going forward on this case.   Let me know what name you prefer to go by.

Please do not do any more changes on your own......not without asking me first.

That goes especially for uninstalling Malwarebytes.

We are going to go slow, careful, and one thing at a time.

 

Please follow my directions as we go along.  Please do not do any changes on your own without first checking with me.

If you will be away for more than 3 consecutive days,  do try to let me know ahead of time, as much as possible.

 

Please only just attach   all report files, etc  that I ask for as we go along.

.

Thanks for the reports.  I do see that the items tagged were not removed  ....it seems somehow that you may not have Reviewed the items tagged & insured all of them had a tick-mark for removal.

This next custom procedure is intended to remove that items  ( firewall registry entries ) associated with what was tagged.

 

This custom script is for  helloitsme  only.

Close and save any open work files before starting this procedure. 

 

Please Close and save any open work files before you start this next step.  It will involve a Windows Restart at the end of it.

I am sending a   custom Fix script which is going to be used by the FRST64 tool. They will both work together as a pair.

Please RIGHT-click the (attached file named) FIXLIST and select SAVE  link AS and save it directly ( as is) to the  Desktop

The tool named FRST64.exe   tool    is already on the Desktop folder

Start the Windows Explorer and then, to the Desktop.


Double click FRST64

  to run the tool. If the tool warns you the version is outdated, please download and run the updated version.

IF Windows prompts you about running this, select YES to allow it to proceed.

 

IF you get a block message from Windows about this tool......

click line More info information on that screen

and click button Run anyway on next screen.

 

on the FRST window:
Click the Fix button just once, and wait.

 

 

PLEASE have lots and lots of patience when this starts. You will see a green progress bar start. Lots of patience. This run here should be fairly quick.
If you receive a message that a reboot is required, please make sure you allow it to restart normally.
The tool will complete its run after restart.
When finished, the tool will make a log ( Fixlog.txt) in the same location from where it was run.

Please attach the FIXLOG.txt with your next reply later, at your next opportunity  

 

Fixlist.txt

[helloitsme]

Thank you for your reply and for your help thus far! Sorry about the wait, i was away for a few days for the New Year. I will be following your instructions carefully and i will keep you updated on the results. I will be running the script tonight and will let you know the results by tomorrow.

[helloitsme]

Here is the fixlog. The process was EXTREMELY fast. About two seconds before restart, and about two seconds after reboot.

Fixlog.txt

[Maurice Naggar]

Hi.   Thank you for the log-report.

Next, I would like you to do one run with the Malwarebytes Adwcleaner to check / look for adwares.

 

I  would suggest to download, Save, and then run Malwarebytes ADWCLEANER.

Please close Chrome and all other open web browsers after you have saved the Adwcleaner and before you start Adwcleaner scan.

Adwcleaner  detects factory Preinstalled applications too!

 

Please download  Malwarebytes AdwCleaner  https://downloads.malwarebytes.com/file/adwcleaner
 

Be sure to Save the file first, to your system.  Saving to the Downloads folder should be the default on your system.

 

Go to the folder where you saved Adwcleaner. Double click Adwcleaner  to start it.

At the prompt for license agreement, review and then click on I agree.

 

You will then see a main screen for Adwcleaner. ( if you do not see it right away, minimized the other open windows, so you can see Adwcleaner).

Then click on Dashboard button.

Click the blue button "Scan Now".

 

allow it a few minutes to finish the Scan.   Let it remove what it finds.

NOTE:  When it comes to the section "

Pre-installed applications

 

You can skip that.

Please find and send the Adwcleaner "C" clean report.

In Adwcleaner, click the "Reports" button.  Look at the list of reports for the latest date & type "Clean".

Double Click that line & it will open in Notepad.   Save the file to your system and then Attach that with your reply.

 

That C clean report will be the one with the most recent Date and time at folder  C:\AdwCleaner\Logs

Thanks.  Keep me advised.

 

[helloitsme]

Here is the adwCleaner[c00].txt

AdwCleaner[C00].txt

[Maurice Naggar]

Thank you for that report.

I would like to follow-up with a different scan.

I would suggest a free scan with the ESET Online Scanner
Go to https://www.eset.com/us/home/online-scanner/

Look on the right side of the page.  Click Scan Now
It will start a download of "esetonlinescanner_enu.exe"
Save the file to your system, such as the Downloads folder, or else to the Desktop.

Go to the saved file, and double click it to get it started.
When presented with the initial ESET options, click on "Computer Scan".

Next, when prompted by Windows, allow it to start by clicking Yes

When prompted for scan type, Click on Full scan
Click on the radio selection "Enable ESET to detect and quarantine potentially unwanted applications"   and click on Start scan button.

Have patience.  The entire process may take an hour or more. There is an initial update download.
There is a progress window display.
You should ignore all prompts to get the ESET antivirus software program.   ( e.g.  their standard program).   You do not need to buy or get or install anything else.

When the scan is completed, if something was found, it will show a screen with the number of detected items.  If so, click the button marked “View detected results”.

Click The blue “Save scan log” to save the log.

If something was removed and you know it is a false finding, you may click on the blue ”Restore cleaned files”  ( in blue, at bottom).

Press Continue when all done.  You should click to off the offer for “periodic scanning”.

 

[helloitsme]

Ok and what do i do after that? do i attach any logs?

 

[Maurice Naggar]

Yes.   Attach the log  with your next reply.

[helloitsme]

Here are the eset scanner results. i checked the box on eset scanner to remove the program upon close

 

esetscanresults.txt

[Maurice Naggar]

OK.  Thanks.   Eset found 3  suspicious / dodgy game add-ons

4 others were in the Quarantine area of Adwcleaner  & were out of the way altogether.

.

My next suggestion:

Windows 10 has the Microsoft Windows Defender which can run the Windows Defender Offline scan.
Windows Defender Offline in Windows 10 can be run directly from within Windows, without having to create bootable media.

Click the Windows Start menu button on the Taskbar, select Settings icon. Then choose Update and Security.
 

In Windows Settings  >>> click on Windows Security from the left side list.

Next, In Windows Security section:  Click on the grey button Open Windows Security

next click on the blue Scan options

Look down the options list.  Tick on Windows Defender Offline scan.   Then click the grey "Scan now" button.

and let it scan the system.

Keep in mind that the design and what is scanned by Windows Defender is a whole different design from Malwarebytes. But do let me know how this scan goes and what the result is.

[helloitsme]

ok its done. i dont know where (if any) log was saved.

[helloitsme]

i ran another malwarebytes scan after the windows defender offline scan. here is the log

most recent mbscan.txt

[helloitsme]

ran one more scan after quarantine of the last scans detected threats and malwarebytes found no threats and was finally able to succesfully finish its scan and quarantine, which was the initial problem when i began this topic.

[Maurice Naggar]

Good morning.   I see you made 3 replies.

This is the way to look at the Windows Defender scan history.

 

Go to the Windows Start menu.  Click on the Settings icon.

Now click on Update & Security.   Then click on Open Windows Security.

·  Click the Virus & threat protection tile     and then the Protection  history label  ( in blue color)

The Protection history will have a list of recent events.

.

Thanks for the Malwarebytes scan report.   I see it detected and removed the registry remains related to Trojan.FakeMS

Those ere just registry line items .  They are now gone.

Do you need anything else?

[helloitsme]

 I dont believe so, the system had been running normally even when i first started this topic. the main problem was that malwarebytes itself was not functioning properly during scan and during quarantine of threats detected. Now it has successfully done both so i believe the problem is solved. Thank you very much for your help. Is it okay for me to now remove all additional scanning programs used during this topic?

 

[Maurice Naggar]

I am very glad things are better.

You may delete the Fixlist.txt  on the Desktop.   You can also delete the Fixlog.txt file.  You may delete the downloaded file   esetonlinescanner_enu.exe

 

Download "Delfix by Xplode" and save it to your desktop.

Or use the following if first link is down:

"Delfix link mirror"

If your security program alerts to Delfix either, accept the alert or turn your security off.

please right-click on Delfix  and choose run as administrator

Make Sure the following items are checked:

  Remove disinfection tools <----- this will remove tools we may have used.

Now click on "Run" and wait patiently until the tool has completed.

Any remaining  files/logs from tools we have used can be deleted.

The Adwcleaner program you may keep ,  and you may run on demand,  to look for adwares.

[Maurice Naggar]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Thanks