Jump to content

Malwarebytes stuck on Checking for updates


Terrell

Recommended Posts

I was working in Excel and got tired so I took a nap, but when I woke up my became extremely slow.

Clicks and navigating through the system (such as opening folders) is quick and responsive, but applications are incredibly slow to launch.

So I shut down and rebooted the PC.

I launched Malwarebytes and it has been trying to update for over 1 hour. It's not scanning.

I'm running full scan with Windows Defender, but when the remaining time got to 5 minutes, the scan started progressing very slowly. I don't know if it's actually still scanning or faking because it's taking forever.

 

Link to post
Share on other sites

Hello Terrell and welcome to Malwarebytes,

Run the following:

Download Farbar Recovery Scan Tool and save it to your desktop.

Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...

Be aware FRST must be run from an account with Administrator status...
 
  • Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"

     
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach that log to your reply.

Thank you,

Kevin.

Link to post
Share on other sites

Farbar Recovery Scan is repeatedly being unresponsive and keeps starting and stopping.

Below is FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-09-2020
Ran by Terrell Yancy (administrator) on TERRELL-MOBILES (Wacom Co.,Ltd Wacom MobileStudio Pro 16) (09-09-2020 07:55:12)
Running from C:\Users\Terrell Yancy\Desktop
Loaded Profiles: Terrell Yancy
Platform: Windows 10 Pro Version 2004 19041.450 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\ido\GSSr\GSService.exe
() [File not signed] C:\Program Files (x86)\PGFNEXSrv\PGFNEXSrv.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Intel(R) Software Development Products -> Intel Corporation) C:\Program Files\Intel\RealSense\CameraCalibrator\CameraCalibratorTray.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bdd37d808cfdf045\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bdd37d808cfdf045\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bdd37d808cfdf045\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bdd37d808cfdf045\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Software Development Products -> Intel(R) Corporation) C:\Program Files (x86)\Common Files\Intel\RSDCM_R200\bin\win32\RealSenseDcmR200.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\conhost.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\ctfmon.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\dwm.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\rundll32.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\SearchIndexer.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\SecurityHealthSystray.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\sihost.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\spoolsv.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\VSSVC.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\wbem\WmiPrvSE.exe <2>
(Microsoft Corporation) [File not signed] C:\Windows\System32\winlogon.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\wlanext.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\WUDFHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.441_none_e753a4f1261e4901\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <5>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe

 

Link to post
Share on other sites

I booted into safe mode, but could not use networking even when pressing the option to use networking and retried several times.

But in safe mode it FRST scan worked, and also Malwarebytes scanned properly, but did not find any malware.

I believe it was a some kind of flaw happened within the system, after I restarted it in normal mode, everything was back to normal.

Malwarebytes now scans when booting normally, and Windows Defender that would never finish scanning also works properly and found no viruses.

Addition.txt

Link to post
Share on other sites

Hiya Terrell,

I do not see any evidence of Malware or Infection in the logs from FRST. Try the following from normal mode:

Please download Malwarebytes Anti-Rootkit from here
 
  • Right click on the tool (select "Run as Administrator) to start the extraction to a convenient location. (Desktop is preferable)
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt

Thank you,

Kevin

Link to post
Share on other sites

Hello Terrell,

Good to hear your system has been fixed, continue to clean up:

Right click on FRST here: C:\Users\Terrell Yancy\Desktop\FRST64.exe and rename uninstall.exe when complete right click on uninstall.exe and select "Run as Administrator"

If you do not see the .exe appended that is because file extensions are hidden, in that case just rename FRST64 to uninstall

That action will remove FRST and all created files and folders...

Next,

Read the following links to fully understand PC Security and Best Practices, you may find them useful....

Answers to Common Security Questions and best Practices

Do I need a Registry Cleaner?

Take care and surf safe

Kevin...
Link to post
Share on other sites

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.