Jump to content

Malwarebytes stuck on system file scan

Kira

By Kira
in Resolved Malware Removal Logs

 Share

Recommended Posts

kevinf80

kevinf80

Posted
Posted

Hello Kira and welcome to Malwarebytes,

What you describe is not a normal action for Malwarebytes, run the following and post the two produced logs:

Download Farbar Recovery Scan Tool and save it to your desktop.

Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...

Be aware FRST must be run from an account with Administrator status...
 
  • Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach that log to your reply.

Thank you,

Kevin....

 

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Thanks for those logs Kira, continue as follows:

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file"
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Next,

Download RogueKiller and save it on your desktop, ensure to download correct version..

RogueKiller (X86)

RogueKiller (x64)
 
  • Exit all running applications.
  • Double-click on RogueKiller.exe to launch the tool. On its first execution, RogueKiller will disply the software license (EULA), click on "Accept" to continue.
  • If RogueKiller is unable to load, do not hesitate to try launching it several times or rename it winlogon.
  • Click "Start Scan" to begin the analysis. This may take some time.
  • Once the scan is complete, click the "Open TXT" button to display the scan report.
  • Copy/Paste it's content in your next reply.



Do not use the delete option until i`ve had a look at the log..

Let me see those logs in your reply...

Thanks,

Kevin

 

 

 

fixlist.txt

Link to post
Share on other sites
Kira

Kira

Posted
  • Author
Posted

RogueKiller V12.11.20.0 (x64) [Oct 16 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.15063) 64 bits version
Started in : Normal mode
User : Kira [Administrator]
Started from : C:\Users\Kira\Downloads\RogueKiller_portable64.exe
Mode : Scan -- Date : 10/20/2017 15:56:01 (Duration : 00:09:47)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 4 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-125630623-566365542-550094593-1002\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.scan.co.uk/  -> Found
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-125630623-566365542-550094593-1002\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.scan.co.uk/  -> Found
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-125630623-566365542-550094593-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.scan.co.uk  -> Found
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-125630623-566365542-550094593-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.scan.co.uk  -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Corsair Force LE SSD +++++
--- User ---
[MBR] a6b882c867cb2b71261f3e8fe4464854
[BSP] 678dcdcfca7549f565a1e71af46dcbdb : Empty MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 499 MB
1 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1024000 | Size: 128 MB
2 - Basic data partition | Offset (sectors): 1286144 | Size: 452660 MB
3 - [MAN-MOUNT] Basic data partition | Offset (sectors): 928333824 | Size: 4574 MB
User = LL1 ... OK
User = LL2 ... OK

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Did you run FRST fix, can I see that log...? Also run the following:

Please download Zemana AntiMalware and save it to your Desktop.
 
  • Install the program and once the installation is complete it will start automatically.
  • Without changing any options, press Scan to begin.
  • After the short scan is finished, if threats are detected press Next to remove them.
    Note: If restart is required to finish the cleaning process, you should click Reboot. If reboot isn't required, please re-boot your computer manually.
     
  • Open Zemana AntiMalware again.
  • Click on user posted image icon and double click the latest report.
  • Now click File > Save As and choose your Desktop before pressing Save.
  • Attach saved report in your next message.

Thanks,

Kevin

Link to post
Share on other sites
Kira

Kira

Posted
  • Author
Posted

it came up with www.scan.co.uk the company i had my computer built by. i have attached an img of what it is. i dont really want to delete those incase their important they've been on their since brought it, they've never caused problems before.

img.png

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

There is no reason for your games to be messed up.... Lets see if you can run Malwarebytes:

Please open Malwarebytes Anti-Malware.
 
  • On the Settings tab > Protection Scroll to and make sure the following are selected:
    Scan for Rootkits
    Scan within Archives
     
  • Scroll further to Potential Threat Protection make sure the following are set as follows:
    Potentially Unwanted Programs (PUP`s) set as :- Always detect PUP`s (recommended)
    Potentially Unwanted Modifications (PUM`s) set as :- Alwaysdetect PUM`s (recommended)
     
  • Click on the Scan make sure Threat Scan is selected,
  • A Threat Scan will begin.
  • With some infections, you may or may not see this message box.
    'Could not load DDA driver'
     
  • Click 'Yes' to this message, to allow the driver to load after a restart.
  • Allow the computer to restart. Continue with the rest of these instructions.
  • When the scan is complete if anything is found make sure that the first checkbox at the top is checked (that will automatically check all detected items), then click on the Quarantine Selected Tab
  • If asked to restart your computer to complete the removal, please do so
  • When complete click on Export Summary after deletion (bottom-left corner) and select Copy to Clipboard.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more to retrieve the log.


To get the log from Malwarebytes do the following:
 
  • Click on the Reports tab > from main interface.
  • Double click on the Scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have two options:
    Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
    Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply

     
  • Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…

 

Link to post
Share on other sites
Kira

Kira

Posted
  • Author
Posted (edited)

No I haven't yet, it's still doing the full scan, if it's just something wrong with malawarebytes I'm not to bothered but I'm worried there's something wrong my actual computer then I'm worried

Full scan done, still skipped heuristics 

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 10/20/17
Scan Time: 6:29 PM
Log File: 34fc873c-b5bc-11e7-a800-704d7b6fdeae.json
Administrator: Yes

-Software Information-
Version: 3.2.2.2029
Components Version: 1.0.212
Update Package Version: 1.0.3057
License: Free

-System Information-
OS: Windows 10 (Build 15063.674)
CPU: x64
File System: NTFS
User: WINDOWS-QQUCQJH\Kira

-Scan Summary-
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 442358
Threats Detected: 0
(No malicious items detected)
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 1 hr, 13 min, 26 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)


(end)

Edited by Kira
Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.