Jump to content

Infected system - Can't install MBAM.

Anglox

By Anglox
in Resolved Malware Removal Logs

 Share

Recommended Posts

Anglox

Anglox

Posted
Posted

Hello, I've decided today to install Malwarebytes Anti-Malware (I think this is my first time I download it on this pc) to scan my system but suddenly it became into a problem that I've tried to deal with for about 5 hours. Read many similar topics on this forum but seemed like none of them helped about my case. So I decided to ask for help.

I'm using only Windows Defender since my last Windows reinstall and no uTorrent etc. are running background.

First: Latest MBSetup.exe opens but whenever I try to install it, it says "Invalid path name" (I'm not specifying any path). Going to C:/Program Files and trying to manually create a Malwarebytes folder shows a Windows message about merging already existing invisible folder Malwarebytes with New Folder (the one I'm trying to manually create and rename) and does not work.
Second: I downloaded latest mbar, extracting it and trying to run it shows a windows message that the app is blocked by the system administrator "Contact your system administrator for more info.". I am the only user/administrator of my PC so there it got suspicious. 
Third and last: I switched to Safe Mode where I did most of the work and will attach the log files below in order. I run mbar in safe mode which seemed found 8 threats the first scan and the second was 0. Even it said "No threats found" normal boot mode showed the same messages when I tried to run the 1st and 2nd again so I continued my journey in safe mode. Third scan with mbar didn't found any threats either. I tried installing Malwarebytes Chameleon which didn't work either [it couldn't create the same path for  C:/Program Files/Malwarebytes/Malwarebytes Anti-Malware ("Error 5: Access Denied"). I've tried Rkill (which I also can't open in normal boot) but it seemed like it didn't stop any processes. Then I continued with gathering logs with farbar, RogueKiller and AdwCleaner (8.0.2 latest which for some reason didn't save any logs so I will attach a screenshot of it's result below). All of the last 3 ran in normal boot so the logs are during normal boot. RogueKiller detected 43 items (which I think deleted by mistake) and AdwCleaner - 6.

A thing that I found during my solve journey is that bleepingcomputer.com from where I downloaded farbar and rkill isn't loading on my PC (HTTP ERROR 404) so I had to download them trough my phone and upload in a cloud storage in order to download their exe's.

I didn't found any suspicious activities before trying to install MBAM, I just decided to refresh and scan my PC when I met this problem. All of the software is downloaded from the official websites and links provided in other topics by trusted users. Thanks in advance for helping me installing MBAM.

Here are all the logs I mentioned in order below: the 3 mbar logs, farbar logs, roguekiller zipped scn and del json files and adw screenshot of results.

adw.PNG

mbar-log-2020-02-21 (03-09-11).txt mbar-log-2020-02-21 (04-52-52).txt mbar-log-2020-02-21 (05-45-43).txt FRST.txt Addition.txt roguekiller.zip

Link to post
Share on other sites
Maurice Naggar

Maurice Naggar

Posted
Posted

Hi, 

My name is Maurice. I will be helping and guiding you, going forward on this case.

Let me know what first name you prefer to go by.

 

Please follow my directions as we go along.  Please do not do any changes on your own without first checking with me.

If you will be away for more than 3 consecutive days,  do try to let me know ahead of time, as much as possible.

 

Please only just attach   all report files, etc  that I ask for as we go along.

Please do not run any other tools on your own.   I need to see the Malwarebytes Setup logs from the last install attempts.   This next tool will help toward that goal.

 


I would appreciate  getting some key details from this machine in order to help you forward.
 NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

 

Do have patience while the report tool runs.  It may take several minutes.  Just let it run & take its time.  You may want to close your other open windows so that there is a clear field of view.

Download Malwarebytes Support Tool
    
    
    Once the file is downloaded, open your Downloads folder/location of the downloaded file
    Double-click mb-support-1.5.4.760.exe  to run the report
        You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent.
        
    Place a checkmark next to Accept License Agreement and click Next
    You will be presented with a page stating, "Get Started!"

    Do NOT use the button “Start repair” !
    Click the Advanced tab on the left column
    
    Click the Gather Logs button
    
    A progress bar will appear and the program will proceed with getting logs from your computer
   
    Upon completion, click a file named mbst-grab-results.zip will be saved to your Desktop. Click OK
    Please attach the ZIP file in your next reply.

 

Please know I help here as a volunteer.  and that I am not on 24 x 7.

Help on this forum is one to one.   Again, please be sure to ONLY attach report files  with your reply (s)  as we go along.  Do not do a copy / paste into main body.

Thank you,

Sincerely.

 

Link to post
Share on other sites
Maurice Naggar

Maurice Naggar

Posted
Posted

Hi Anglox.   Thanks for the report file.

There was an access failure during the past setup attempts .   We want to  be sure that you are logged in with the Rafly  logon account, AND that we do steps with precaution.

The Malwarebytes support tool is mb-support-1.5.4.760.exe   & is on the Downloads folder.  We will use it to do a new / clean setup of Malwarebytes 4 for Windows.

 

First, be sure to Save and Close any open work files, documents.

And Close other program windows that you may have opened yourself.  The aim is t have a clear view all around.

 

Go to the Downloads folder.   Look for mb-support-1.5.4.760.exe

Now, with your right-mouse-pointer, do a RIGHT click on  mb-support-1.5.4.760.exe    and select Run as Administrator and reply YES when prompted to allow it to proceed forward.

 

  • If prompted by User Account Control to allow changes be made to your computer, click Yes.
  • Click the Accept License Agreement box. Click the Next button.

   

  •  
  • Click Advanced under the Menu Pane.
    DOC-2674-3.png
  • Click the Clean button.
    DOC-2674-4.png
  • Click the Yes button to proceed. This process may take a few minutes.
    DOC-2674-5.png
  • The Support Tool displays a message box asking to reboot the computer. Save all your work and click OK when you are ready to reboot.
    DOC-2674-6.png
  • After the reboot, Malwarebytes Support Tool reopens and displays a message asking if you would like to re-install the latest version of Malwarebytes for Windows. Select Yes to install Malwarebytes.
    DOC-2674-7.png
  • Malwarebytes Support Tool downloads and runs the installer for the latest version of Malwarebytes for Windows.
    DOC-2674-8.png
  • The Malwarebytes dashboard opens once the installation completes successfully.
    DOC-2674-9.png

 

Link to post
Share on other sites
Anglox

Anglox

Posted
  • Author
Posted

Thanks, Maurice

I found that i got other users created as Administrator so i cleaned that and now I'm the only admin user. 

Following strictly the steps shown lead me to the last prompt to click Yes and allow to install the latest Malwarebytes. It shows that it is "Downloading Malwarebytes for Windows" it finishes and nothing else happens (cant get to the dashboard). Tried that twice with no result.

Looking for further help.

 

P.S. I've tried creating another admin user and it seems the other user is working correctly. I can open bleepingcomputer.com, mbar and download and install mbam properly. Did a scan there that cleared some PUPs but same story as my main user account. Shall i try sharing mbam software with other users? 

Link to post
Share on other sites
Maurice Naggar

Maurice Naggar

Posted
Posted

Please do not go willy nilly creating new accounts !

 

If you do not see any movements  or screen display refreshes during the next 10 minutes, then use the Windows menu and do a Shutdown > Restart.

 

What "scan" are you referring to here ->  ""Did a scan there that cleared some PUPs   ""

Link to post
Share on other sites
Maurice Naggar

Maurice Naggar

Posted
Posted

Hello @Anglox     How are you doing ?   I have not heard back from you & I would like to know what the status is.

I was looking to get a copy of the last Scan report from Malwarebytes 4

https://support.malwarebytes.com/hc/en-us/articles/360038479194

 

Cheers.

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.