Jump to content

markinson

Members
  • Posts

    17
  • Joined

  • Last visited

Reputation

0 Neutral

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Here I am, back again! I will upload as soon as possible the dump file, but first another clarification on my part. Performing the various tries, compared to the initial situation that led me to open this discussion, I am now in two different situations where Malwarebytes does not respond as I expect. First situation (the original one, for which I opened the thread; Scan - Custom Scan - Configure Scan - select the all hard disk to scan in the right pane - Scan Now): complete hangs The hard disk custom scan, with all enabled options (including rootkit scanning), is not completed because the system is completely blocked-hanged: black screen, I cannot do anything, only mouse arrow moves. Second situation (discovered during tests and, most of all, verified in two different computers): Malwarebytes (partially) doesn't respond The custom scanning of a single specific folder (or folders) on the hard disk (so not all the hard disk, but only one or more folders of this), with the rootkit option enabled, starts, but it does not end or show any progress (refer to attached screenshots named 001-001_Custom Scan_Scan Now_GIMP2 selected.jpg, 001-002_Custom Scan_Scan Now_GIMP2 selected.jpg, 001-003_Custom Scan_Scan Now_GIMP2 selected.jpg, 003-001_Custom Scan_Scan Now_7zip selected.jpg , 003-002_Custom Scan_Scan Now_7zip selected.jpg). In this case, however, the system is still working and even I can continue to move within the various sections of Malwarebytes (as shown with the screenshot 001-003_Custom Scan_Scan Now_GIMP2 selected.jpg); although custom scanning, with the rootkit option enabled, does not make any progress or is ultimately completed (refer to screenshots 001-002_Custom Scan_Scan Now_GIMP2 selected.jpg and 003-002_Custom Scan_Scan Now_7zip selected.jpg). I intend to specify all this to say that I can only dump the file in this second circumstance ... ... so sorry for my terrible English!
  2. Here are the monitoring results with Process Monitor (attached). Some clarifications: 1) MB-Check version 3.1.1.1003 2) Process Monitor version 3.33 3) the Process Monitor log is in three different formats (I did not know which could be the most easy to read ...) I followed exactly the steps you indicated, that is (briefly): - launch Procmon and accept the EULA - open mb-check and let it complete - once mb-check completes, click the magnifying glass in Procmon so that it stops capturing - click the Save button to save the Procmon log I hope I've done the job properly ... mb-check-results.zip ProcessMonitor_Log_CSV-PML-XML.zip
  3. With scan method n. 1 (Scan - Custom Scan - Configure Scan - select the folder to scan in the right pane - Scan Now) and the "Scan for rootkits" option disabled, the operation is successfully completed, even for the GIMP 2 folder! Summarizing the custom scanning settings for method n. 1: "Lower the priority of manual scans to improve multitasking" >>> option enabled "Scan Memory Objects" >>> option enabled "Scan Startup and Registry Settings" >>> option enabled "Scan within archives" >>> option enabled "Scan for rootkits" >>> option disabled As well as PUP - Treat detections as malware PUM - Treat detections as malware As soon as possible I'll give you updates about Procmon! Thank you so much for the assistance and the time spent for me!
  4. I did some tries. To overcome my difficulties with the language, before some clarifications. The environment where work is always Win10 Pro 32 bit. I can scan a single folder in two ways: 1) Scan - Custom Scan - Configure Scan - select the folder in the right pane or 2) right click on the folder by Windows Explorer and then scan with Malwarebytes. (1) In the first manner, always and in any case, regardless of the folder (either GIMP 2 or another), the scanning is not finished (it seems to start, but is not over). Screenshots attached named 001-001_Custom Scan_Scan Now_GIMP2 selected.jpg, 001-002_Custom Scan_Scan Now_GIMP2 selected.jpg, 001-003_Custom Scan_Scan Now_GIMP2 selected.jpg, 003-001_Custom Scan_Scan Now_7zip selected.jpg, 003-002_Custom Scan_Scan Now_7zip selected.jpg). (2) In the second case, the scan is concluded, even for the GIMP 2 folder. Screenshots attached named 002-001_Custom Scan_Right Click_Context Menù_GIMP2.jpg, 002-002_Custom Scan_Right Click_Context Menù_GIMP2.jpg,002-003_Custom Scan_Right Click_Context Menù_GIMP2.jpg.
  5. Small update on the fly ... Scanning the GIMP 2 folder is performed regularly (only) if launched from the context menù of Windows Explorer. While if I try to scan only the GIMP 2 folder from "Scan - Custom Scan - Configure Scan - select only GIMP 2 folder - Scan Now" does not give any progress and does not finish.
  6. Of course! I'll try during the day, as soon as possible and I'll let you know. "Download the latest mb-check from here: https://downloads.malwarebytes.com/file/mb3" did you mean "Download the latest mb-check from here: https://downloads.malwarebytes.com/file/mb3_check"? I am currently using MB-check version 3.1.0.1002. Is that the last and correct version I have to use? Meanwhile, I asked Malwarebytes 3 to scan the "C:\ProgramFiles\GIMP 2" folder and, in effect, the program seems to be unresponsive. I mean: 1) the computer is not locked 2) Malwarebytes 3 has started scanning, but no progress has been made. Better: Currently Scanning: (no indication - white space) Scanned Items: (no indication - white space) Time Elapsed 00:00:00 (several minutes) Threats Identified: 0 The "Pause" and "Cancel" buttons are disabled. Anyway, Malwarebytes 3 does not seem blocked: I can still close it with the "x" in the upper right. Summarizing, the custom scanning settings for the GIMP 2 folder are: "Lower the priority of manual scans to improve multitasking" >>> option enabled "Scan Memory Objects" >>> option enabled "Scan Startup and Registry Settings" >>> option enabled "Scan within archives" >>> option enabled "Scan for rootkits" >>> option enabled As well as PUP - Treat detections as malware PUM - Treat detections as malware I've tried customized scanning for a particular folder on another computer (Win10 Pro 64-bit, where Malwarebytes 3 runs regularly and even custom disk scanning - with the rootkit option enabled - is successfully completed). Even in this case, Malwarebytes 3 starts (at least looks like) scanning, but no progress has been made. That is: Currently Scanning: (no indication - white space) Scanned Items: (no indication - white space) Time Elapsed 00:00:00 (several minutes) Threats Identified: 0 The "Pause" and "Cancel" buttons are disabled. The scanning folder in this last case is not GIMP 2 (a program that is not even installed on this second machine with Win10 Pro 64 bits). Perhaps I need to scan a specific folder from the Windows Explorer menu? Anyway, I still have to run Process Monitor ... (I'll have to do it later, during the day).
  7. Absolutely no problem! Rather, thanks again for the invaluable support, yours and the whole group! Attached the compressed file of the log folder. logs.zip
  8. Once I come back into the system, I ran the MB-check. Here is the result. mb-check-results.zip
  9. Nothing to do unfortunately ... Again the black screen and just the pointer (the small arrow) of the mouse in sight ... the hard disk is working (its small light is flashing), but every action is precluded. Under these conditions I can not launch MB-Check. The only thing I can do now is stop somehow the machine and launch MB-Check once back to a working (I hope) environment. At this point, I can suppose that the rootkit scan (what seems to create this hangs) works in a different way between Malwarebytes 3 (when my system crashes) and Malwarebytes Anti-Malware 2.2.1 (taking several hours, but scanning is carried complete).
  10. I am thanking you for your courtesy and patience! Then, summarising to confirm the steps (I'm sorry for my English!). Settings - Application - Event Log Data - "Collect enhanced event log data for support (not recommended)" >>> option enabled Settings - Application - Impact of Scans on System - "Lower the priority of manual scans to improve multitasking" >>> option enabled Scan - Custom Scan - Configure Scan - "Scan for rootkits" >>> option enabled Are also active options: "Scan Memory Objects" "Scan Startup and Registry Settings" "Scan within archives" as well as PUP - Treat detections as malware PUM - Treat detections as malware Scanning is currently underway: I'll let you know! However, about points 6 and 7 of your last post, some details: "6) Once the scan hangs, do not reboot" Until now, when the scan hangs, the whole system hangs (except the mouse). Maybe, with the settings above described, if and when the scan will hang will not even cause the computer hangs ... (so I can run the MB-Check run). "7) Run mb-check from https://downloads.malwarebytes.com/file/mb3" The file being downloaded is a (updated) version of Malwarebytes 3 and not MB-Check ... I'm wrong? In my post with ID 3 (posted yesterday at 7:45 AM), I've already loaded the result of a scan with MB-Check. Anyway, let's see the developments of current scanning ... Thanks again!
  11. So, this time the scan was completed regularly (and even in a short time)! As you pointed out, this time I did not select the "Scan for Rootkits" option. What conclusions should I deduce? Consider that with Malwarebytes Anti-Malware 2.2.1 I can select the "Scan for Rootkits" option and the process is carried out regularly (though after several hours).
  12. Right: something (and yet) moves! I will try without rootkit scanning enabled. Thank you very much for helping!
  13. Absolutely nothing. Scanning always and for about an hour and then everything stops (except the mouse cursor). It arrives and does not exceed (I think!) the "Scan File System".
  14. A small addition ... I sent it running, another time and just now, Farbar Recovery Scan Tool (I mean: after the system hanged this night). I attach the txt files obtained. Thank you so much! Addition.txt FRST.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.