Jump to content

Threat scan gets stuck on file for X minutes

Bren0101
 Share

Recommended Posts

Bren0101

Bren0101

Posted
  • Author
Posted

Sorry the 3 messages, before reaching out to have the  issue of threat scan getting stuck on file for some time before scanning again I used hitmanpro and that found nothing on system as well if thats any help with eset currently not working

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

This canned message is a bit out of date but you should be able to complete it I'm sure. @Bren0101

 

 

Sophos Scan & Clean

Download Sophos Free Virus Removal Tool and save it to your desktop.

  • If your security alerts to this scan either accept the alert or turn off your security to allow Sophos to run and complete.....
  • Please close all other open applications and Do Not use your PC whilst the scan is in progress... This scan is very thorough so it may take several hours to complete, please be patient...

Double click the icon and select Run

Click Next

Select I accept the terms in this license agreement, then click Next twice

Click Install

Click Finish to launch the program

  • Once the virus database has been updated click Start Scanning

If any threats are found click Details, then View log file... (bottom left hand corner)

 

Attach the results in your next reply

  • Close the Notepad document, close the Threat Details screen, then click Start cleanup

Click Exit to close the program

 

If no threats were found please confirm that result...

  • The Virus Removal Tool scans the following areas of your computer:
  • Memory, including system memory on 32-bit (x86) versions of Windows
  • The Windows registry
  • All local hard drives, fixed and removable
  • Mapped network drives are not scanned.

Note: If threats are found in the computer memory, the scan stops. This is because further scanning could enable the threat to spread. You will be asked to click Start Cleanup to remove the threats before continuing the scan.

 

Saved logs are found under this sub-folder: C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs 

Please attach that log on your next reply

Thank you

 

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Tips to help protect from infection

Thanks

 

Link to post
Share on other sites
  • 5 weeks later...
Bren0101

Bren0101

Posted
  • Author
Posted

Hello again. I have seemingly found the issue with my malwarebytes scanner getting "stuck" when rootkit option is enabled via the settings. previously the scanner would get stuck on scanning a file and sit scanning that singular file for 10-15minutes at a time and then eventually carry on as normal and complete. During my time of thinking of what the problem was I remember a previous thread I read on this forum that allow you to see what malwarebyte is doing a scan and here is the link to this thread. 

 

Following the steps exile360 posted regarding using process monitor log. I followed these steps and I found that once the scanner gets to part of where it is "stuck" scanning one file, it was in fact scanning 28,000 empty folders called tw-xxxx-xxxx-xxxxx.tmp inside C:\Windows\System32\config\systemprofile\AppData\Local which was the folder it was scanning, so it wasn't stuck but just spending a very long time scanning 28,000 empty folders inside of that location. After seeing this in the opened log in process monitor that exile360 said to set up (i noticed this because it kept repeating the same set of information but with the slight change in the name of tmp folders as it was scanning 5 tmp folders and then 5 more and it was repeating a lot for 28,000 folders), I let the scan finish up after 14minutes or so and then manually deleted all 28,000  tw-xxxx-xxxx-xxxxx.tmp empty folder files in C:\Windows\System32\config\systemprofile\AppData\Local. After that I ran the same scan and it completed within 2-3minutes.

The issue from my googling around and other people having and posting about the same issue of having this many files in that locate, the cause of this was windows windows task provisioning tool as many of the other forum posts stated was the cause. Now I had this creating empty folders for 4 years which I can only assume slowed the scanner down to the point of where it was questionable on why it was getting stuck. I can post links to other forums if needed of other people saying the same issue with windows task provisioning tool making these files.

I was also asked to post frst logs and screenshots, however I did not have the logs or take screenshots of the files, but as I said you can find otherpeople on line with the thousands of these empty folders like I had. So i made this post on this threat at the request of JSntgRvr for me to reply to this thread since I messaged him I found the issue and he asked for me to post message with information and details regarding this. I hope this helps and explains how I fixed the issue. Please let me know if I can be of aid any more.

Link to post
Share on other sites
Bren0101

Bren0101

Posted
  • Author
Posted

Regarding the original post being pushed to malware removal, I have run scans with the following;

- Malwarebytes premium (Threat scan, Custom scan of entire drive as well)
- windows defender (full scan, quick scan, and offline scan)
-kaspersky kvrt (Kaspersky virus removal tool) All options ticked for a full scan 
-Hitmanpro full scan

All of which returned with zero threats detected, and I have ran serveral of each type between the first post and now and still no threats found. So I believe the issue was these empty folders as showed above it solved the issue scanner being "stuck".

Link to post
Share on other sites
JSntgRvr

JSntgRvr

Posted
Posted

Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.
You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Please rename FRST.EXE or FRST64.EXE to FRSTEnglish.exe
  • After renaming the file right-click over FRSTEnglish.exe and select "Run as administrator"
  • When the tool opens click Yes to the disclaimer if this is the first time using the tool
  • Make sure there is a check mark in the Addition.txt check box
  • Press the Scan button.
  • It will make a log FRST.txt and Addition.txt in the same directory the tool is run from. Please attach both logs to your next reply.

 

Take a look at this article:

What are tw tmp folders in System32 folder and Can I delete them? (thewindowsclub.com)

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Tips to help protect from infection

Thanks

 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.