The script ran fine, and everything looks good.
I hope the Defender offline scan log results were OK.
MSERT "Cleaning your computer"
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Anonymous
Yesterday I started full scan of my computer. It said that 1428 infected files were found and I chose to let the MSERT do the cleaning. And it's running like forever. Three hours ago it stucked and nothing happens. What am I supposed to do. I don't want to cancel it beacuse I don't want to lose logs. (Scan was running for 26 hours)
Windows for home | Windows 11 | Security and privacy
Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.
Answer accepted by question author
Answer accepted by question author
Ramesh
176.3K
Reputation points
Volunteer Moderator
There is no active malware (except one PUA driver). The following fixlist should remove it.
- Download fixlist.txt
- Save Fixlist.txt in the same folder where EnglishFRST64.exe is.
- Close all program windows.
- Launch the Farbar Scanner tool and click "Fix".
- Reboot Windows when prompted.
- Upload the output log file (FixLog.txt) to your OneDrive.
BTW, the Defender Offline log is stored at "C:\Windows\Microsoft Antimalware\Support\msssWrapper.log". And if it removed any threat, it would show up in the protection history in Windows Security. Ref: https://www.winhelponline.com/blog/start-windows-defender-offline-scan/
10 additional answers
Sort by: Most helpful
-
Ramesh 176.3K Reputation points Volunteer Moderator
2024-05-31T11:33:49+00:00 Addition.txt is inaccessible. I get the following error:
Maybe you can try some other host, like Google Drive or www.filetransfer.io.
-
Anonymous
2024-05-31T11:24:47+00:00 Hi Amra_q,
It certainly has hung up. Please cancel the scan and run Microsoft Defender Offline instead. MSERT uses the same antivirus definitions as Defender.
The MSERT log is located at C:\Windows\Debug\msert.log.
Download the offline installer for the latest security intelligence: https://go.microsoft.com/fwlink/?LinkID=121721&arch=x64
Double-click to install it. Or drop the .exe file in the C:\ root and start Microsoft Defender Offline.
Open Windows Security, click Virus and threat protection, and click “Scan options.”
Click Microsoft Defender Offline, and click Scan now.
By the way, it runs a quick scan.
If possible, please also run the Farbar scanner and share the logs. It's a wonderful tool for detecting active malware.
- Download Farbar Recovery Scan Tool (FRST64.exe)
- Rename FRST64.exe to EnglishFRST64.exe.
- Run the program. Don't check or uncheck any options. Click "Scan".
- Upload the two logs, FRST.txt and Addition.txt, to your OneDrive and share the link here.
(How-To: Share OneDrive files and folders - Microsoft Support)
Note: If Microsoft Edge or Chrome mislabels the Farbar Scanner executable as PUA/malware, choose to keep it by tapping … in the bottom bar, choosing Keep, and then choosing Keep anyway in the dialog that appears.
links:
-
Ramesh 176.3K Reputation points Volunteer Moderator
2024-05-31T10:54:03+00:00 Hi Amra_q,
It certainly has hung up. Please cancel the scan and run Microsoft Defender Offline instead. MSERT uses the same antivirus definitions as Defender.
The MSERT log is located at C:\Windows\Debug\msert.log.
Download the offline installer for the latest security intelligence: https://go.microsoft.com/fwlink/?LinkID=121721&arch=x64
Double-click to install it. Or drop the .exe file in the C:\ root and start Microsoft Defender Offline.
Open Windows Security, click Virus and threat protection, and click “Scan options.”
Click Microsoft Defender Offline, and click Scan now.
By the way, it runs a quick scan.
If possible, please also run the Farbar scanner and share the logs. It's a wonderful tool for detecting active malware.
- Download Farbar Recovery Scan Tool (FRST64.exe)
- Rename FRST64.exe to EnglishFRST64.exe.
- Run the program. Don't check or uncheck any options. Click "Scan".
- Upload the two logs, FRST.txt and Addition.txt, to your OneDrive and share the link here.
(How-To: Share OneDrive files and folders - Microsoft Support)
Note: If Microsoft Edge or Chrome mislabels the Farbar Scanner executable as PUA/malware, choose to keep it by tapping … in the bottom bar, choosing Keep, and then choosing Keep anyway in the dialog that appears.