Jump to content

Possible Infection - Unable to install Malwarebytes


Recommended Posts

I noticed an issue today when my computer couldn't play sound. The Windows Audio Service is turned off and refuses to turn on. When attempting to turn it on using Admin Command Prompt I received an "Error 5: access is denied" message. I recently installed Bitdefender (which can't detect any problems) so wondered whether there was a conflict, but want to scan for malware further before disabling it. 

However, after downloading Malwarebytes, it is unable to install and I receive an error message. I downloaded and used the Malwarebytes Support Tool to clean any past versions that I may have forgotten about but, after cleaning, the installation still fails. 

Please can you help with this?

Link to post
Share on other sites

Hi, 

My name is Maurice. I will be helping and guiding you, going forward on this case.

Please follow my directions as we go along.  Please do not do any changes on your own without first checking with me.

If you will be away for more than 3 consecutive days,  do try to let me know ahead of time, as much as possible.

 

Please only just attach   all report files, etc  that I ask for as we go along.

 


I would appreciate  getting some key details from this machine in order to help you forward.
 NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

 We have to have the data collected by the Malwarebytes Support tool in order to help on this installation issue.
    
    
    Open your Downloads folder/location of the downloaded file  mb-support
    Double-click mb-support-1.5.3.749.exe  to run the report
        You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent.
        
    Place a checkmark next to Accept License Agreement and click Next
    You will be presented with a page stating, "Get Started!"

    Do NOT use the button “Start repair” !
    Click the Advanced tab on the left column
    
    Click the Gather Logs button
    
    A progress bar will appear and the program will proceed with getting logs from your computer
   
    Upon completion, click a file named mbst-grab-results.zip will be saved to your Desktop. Click OK
    Please attach the ZIP file in your next reply.

 

Thank you.

 

Link to post
Share on other sites

Hello.   Thanks for the report.

 

Please try uninstalling and reinstalling Malwarebytes for Windows using the Malwarebytes Support tool. 

Uninstall and reinstall using the Malwarebytes Support Tool
https://support.malwarebytes.com/docs/DOC-2674

 

Please have lots of patience with the tool.  The first phase is a cleanup and does require a Windows Restart.
After the Restart, it may take 2 - 3 - 4 minutes till the Support tool screen shows up.   Please be patient and have faith.  Wait for it, whatever it takes.
The 2nd phase is where it offers to do a new Install.

Let me know if this run clears up the issue or not.

Link to post
Share on other sites

I am sorry to learn of that.   I need a new run with the support tool to get a fresh new report.

Open your Downloads folder/location of the downloaded file  mb-support
    Double-click mb-support-1.5.3.749.exe  to run the report
        You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent.
        
    Place a checkmark next to Accept License Agreement and click Next
    You will be presented with a page stating, "Get Started!"

    Do NOT use the button “Start repair” !
    Click the Advanced tab on the left column
    
    Click the Gather Logs button
    
    A progress bar will appear and the program will proceed with getting logs from your computer
   
    Upon completion, click a file named mbst-grab-results.zip will be saved to your Desktop. Click OK
    Please attach the ZIP file in your next reply.

 

Thank you.

Link to post
Share on other sites

Thank you.

Let's make time and do a scan with a antivirus tool from ESET to check this system.   And also run a special report after that.

[   1    ]

I would suggest a free scan with the ESET Online Scanner
Go to https://www.eset.com/us/home/online-scanner/

Look on the right side of the page.  Click Scan Now
It will start a download of "esetonlinescanner_enu.exe"
Save the file to your system, such as the Downloads folder, or else to the Desktop.

Go to the saved file, and double click it to get it started.
When presented with the initial ESET options, click on "Computer Scan".

Next, when prompted by Windows, allow it to start by clicking Yes

When prompted for scan type, Click on Full scan
Click on the radio selection "Enable ESET to detect and quarantine potentially unwanted applications"   and click on Start scan button.

Have patience.  The entire process may take an hour or more. There is an initial update download.
There is a progress window display.
You should ignore all prompts to get the ESET antivirus software program.   ( e.g.  their standard program).   You do not need to buy or get or install anything else.

When the scan is completed, if something was found, it will show a screen with the number of detected items.  If so, click the button marked “View detected results”.

Click The blue “Save scan log” to save the log.

If something was removed and you know it is a false finding, you may click on the blue ”Restore cleaned files”  ( in blue, at bottom).

Press Continue when all done.  You should click to off the offer for “periodic scanning”.

 

[   2   ]

Download   Farbar's Service Scanner utility
http://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/
and Save to your Desktop.

If using Windows 7/8 or Vista, Right-Click on fss.exe and select Run As Admisnitrator.
If using XP, double-click to start.

Answer Yes to ok when prompted.

If your firewall then puts out a prompt, again, allow it to run.

Once FSS is on-screen, be sure the following items are checkmarked:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update
Windows Defender
Other services

 
Click on "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Copy & Paste contents of FSS.txt into your reply.

 

Link to post
Share on other sites

Hi Jaurez.

Thanks for the ESET scan report.  The Eset found a few potentially unwamned-type  things.

The other report shows an issue regarding the Microsoft Windows Update service.   This next custom fix is to get things normalized for that service.

This custom script is for  Jaurez   only.

Close and save any open work files before starting this procedure.  I am sending a  custom fix script to do some cleanups.  

 

Please Close and save any open work files before you start this next step.  It may involve a Windows Restart at the end of it.

I am sending a   custom Fix script which is going to be used by the FRSTENGLISH tool. They will both work together as a pair.

Please RIGHT-click the (attached file named) FIXLIST and select SAVE AS and save it directly ( as is) to the Downloads  folder

The tool named FRSTENGLISH.exe   tool    is already on the Downloads folder.

Start the Windows Explorer and then, open the Downloads folder.


Double click FRSTENGLISH

  to run the tool. If the tool warns you the version is outdated, please download and run the updated version.

IF Windows prompts you about running this, select YES to allow it to proceed.

 

IF you get a block message from Windows about this tool......

click line More info information on that screen

and click button Run anyway on next screen.

 

on the FRST window:
Click the Fix button just once, and wait.

 

FRST_Fixl.png.c4c1c0dddcc49b11fa400590f070bd5e.png

 

PLEASE have lots and lots of patience when this starts. You will see a green progress bar start. Lots of patience. This run here should be fairly quick.
If you receive a message that a reboot is required, please make sure you allow it to restart normally.
The tool will complete its run after restart.
When finished, the tool will make a log ( Fixlog.txt) in the same location from where it was run.

Please attach the FIXLOG.txt with your next reply later, at your next opportunity

 

[    2     }     NEXT

The Microsoft Safety Scanner  is a free Microsoft stand-alone virus scanner that  can be used to scan for & remove malware or potentially unwanted software from a system.

The download links & the how-to-run-the tool are at this link at Microsoft

https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download

 

Let me know the result of this.

The log is named MSERT.log 

the log will be at  %SYSTEMROOT%\debug\msert.log   which in most cases is

C:\Windows\debug\msert.log

Please attach that log with your reply.

 

Fixlist.txt

Link to post
Share on other sites

Hi.

Thank you for the reports.   The fix run is good.   And I am happy to see that the MS Safety scanner reports NO infection.

 

Now then, lets see about doing two procedures.   The first will use the Malwarebytes Support tool which is already on the Downloads folder.

  • Open your Downloads folder.
  • Double-click  mb-support-1.5.3.749     to start the tool.
  • When prompted by Windows, reply YES to allow the tool to go forward.
  • You will be presented with a page stating, "Welcome to the Malwarebytes Support Tool!".
  • Click the Advanced Options link. This is important. Please ensure Advanced Options is clicked.
  • Click the Clean button followed by Yes to proceed.
  • Upon completion, click OK to reboot your computer.
  • After the reboot, please wait for the program to reopen.

You may be presented with the option to install Malwarebytes for Windows.

Click  NO

IF the tool shows no Malwarebytes present,  that is OK.    Just go forward with next step.

 

.

Download and SAVE the setup file for Malwarebytes for Windows.    Save the file to the Downloads folder first.

See the support article for the how-to    https://support.malwarebytes.com/docs/DOC-3531

Link to post
Share on other sites

Hi Maurice

Good news and bad news.

Thanks for your help so far. I have been able to install Malwarebytes. I ran a scan and it detected 28 PUPs which were quarantined and deleted.

However, after a  reboot, the issue with Windows Audio Service has not be resolved, even after using the audio service troubleshooter (I cannot play any sound). And some icons in my Start Menu still produce error messages if I attempt to use them.

Link to post
Share on other sites

I do not honestly view the audio issue to be related to a actual "infection".   I am happy to have the confirmation that the Malwarebytes for Windows installation succeeded.

 

The report-tool named FRSTENGLISH is on the Downloads folder.   Let's run a fresh report & have you attach them in next reply.

Use Windows Explorer  and go to the folder Downloads.

Run report with FRSTENGLISH

Right-click on FRSTENGLISH and select Run as Administrator to start the tool , and reply YES to allow it to proceed and run.
 

_Windows 8 or 10 users will be prompted about Windows *SmartScreen protection* - click line More info information on that screen and click button Run anyway on next screen._

Click YES when prompted by Windows U A C prompt to allow it to run.
Note: If you are prompted by Windows SmartScreen, click More info & followup & choose Run anyway.


Approve the Windows UAC prompt on Windows Vista and newer operating systems by clicking on Continue or Yes. 

Click Yes when the* disclaimer* appears in FRST.
The tool may want to update itself - in that case you'll be prompted when the update is completed and ready to use.

Make sure that Addition options is *checked* - the configuration should look exactly like on the screen below (do not mark additional things unless asked).
Press Scan button and wait.





The tool will produce 2  logfiles on your desktop: FRST.txt , Addition.txt 
Click OK button when it shows up. Close the Notepad windows when they show on screen. The tool saves the files.

Please attach these 2 files to your next reply.

Thank you.

Link to post
Share on other sites

Thank you for the reports.

It is not possible to know, but rather unknown as to what the audio issue is all about.

I would suggest you make real sure to look on your hardware Keyboard  and look close at the button for audio control.  Make sure it is not set to off.

Also look on the Windows Taskbar by the clock, and look at the audio icon.  Make sure that does NOT have the X showing   ( that would indicate audio set to Off ).

.

I urge you to get current with Microsoft Windows Update for the very latest Windows build.   This pc has Windows 10 Education Version 1803   which is from March 2018.  There have been 3 build releases since then.   I would like you to get the November 2019 build   ( which by the way, will have the latest Windows audio drivers,)

 

the Windows 10 build 1909 ( or November 2019 build).  You should be able to manually get it thru Windows Update.

It may take repeated tries with Windows Update till your pc is able to see that Update.  You should make a try each day, from here on out, till you see it offered.

The suggestion I have is to go to the Start menu, click the Windows Settings icon. Select Update & Security.  Click on Windows Update.

The Windows Update ( eventually) will have a display like this when it shows up.

Note that the display will show the new build in a new way, in the middle of the display.  You will need to click on the blue line marked "Download and install now"  when ready.

image.png.363869a865fceb8be0ec51d2cadcf80a.png

 

Getting that Windows build update will put this pc in a better position .

 

 

Link to post
Share on other sites

Hi Maurice

Thanks very much for the help.

There was an issue with my Updater but I managed to work around it, by downloading the updater directly, and upgraded to the latest build which has solved the issues with the audio service and start menu icons.

Link to post
Share on other sites

Hello.   Bravo on getting the latest Windows 10 build.   That is great new.   I am glad that the audio issue is now gone.

You should delete the Fixlist.txt

You may delete the file Fixlog.txt   and any of the files I had you download.

I am glad things are in a good state.

.

Backup is your best friend.  Be sure to do regular, periodic backups of your system to local offline media   ( like a large USB device ).

 

Best  practices & malware prevention:
Follow best practices when browsing the Internet, especially on opening links coming from untrusted sources.
First rule of internet safety: slow down & think before you "click".

Never click links without first hovering your mouse over the link and seeing if it is going to an odd address ( one that does not fit or is odd looking or has typos).


Free games & free programs are like "candy". We do not accept them from "strangers".


Never open attachments that come with unexpected ( out of the blue ) email no matter how enticing.
Never open attachments from the email itself. Do not double click in the email. Always Save first and then scan with antivirus program.

 

 

Pay close attention when installing 3rd-party programs. It is important that you pay attention to the license agreements and installation screens when installing anything off of the Internet. If an installation screen offers you Custom or Advanced installation options, it is a good idea to select these as they will typically disclose what other 3rd party software will also be installed.
Take great care in every stage of the process and every offer screen, and make sure you know what it is you're agreeing to before you click "Next".

Use a Standard user account rather than an administrator-rights account when "surfing" the web.
See more info on Corrine's SecurityGarden Blog http://securitygarden.blogspot.com/p/blog-page_7.html
Dont remove your current login. Just use the new Standard-user-level one for everyday use while on the internet.

 
Do a Windows Update.

Make certain that Automatic Updates is enabled.
https://support.microsoft.com/en-us/help/12373/windows-update-faq




Keep your system and programs up to date. Several programs release security updates on a regular basis to patch vulnerabilities. Keeping your software patched up prevents attackers from being able to exploit them to drop malware.

For other added tips, read "10 easy ways to prevent malware infection"

.

All best wishes to you.

Sincerely,

Maurice

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.