Jump to content

Help every time I try to remove items from quarantine it says access denied


Recommended Posts

Help malwarebytes quarantined a nvidia file and I can’t restore it it just says access denied the file was marked by the AI. The file is called NVSTEREOUTILITYOGL.exe I’ve added a picture

2D5A37B9-D86A-407C-9F33-D1802CB6DE83.jpeg

Link to post
Share on other sites

Greetings,

Please try restarting the system, then see if you are able to restore the item.  Sometimes an item cannot be restored because it has also been marked for DoR (Delete on Reboot) by Malwarebytes after being quarantined, so Malwarebytes will prevent the item from being restored until the DoR process has run, otherwise you'd end up restoring the file and having it permanently deleted with no backup copy in quarantine due to the DoR process removing it on restart.

If that doesn't fix the error, please ensure that you are running in an administrator account and that Malwarebytes is running with administrative privileges as it's possible that permissions are preventing the file from being written to its original location on disk.

Please let us know how it goes and if you still encounter the issue.

Thanks

  • Like 1
Link to post
Share on other sites

Please do the following and we can take a look at what's going on with your installation and determine if you're logged in as an admin:

  1. Download and run the Malwarebytes Support Tool
  2. Accept the EULA and click Advanced tab on the left (not Start Repair)
  3. Click the Gather Logs button, and once it completes, attach the zip file it creates on your desktop to your next reply

Thanks

  • Like 1
Link to post
Share on other sites

Thanks, you are indeed logged in as admin, however I noticed you also have Norton installed and it's possible that Norton is interfering with Malwarebytes trying to restore the file.  Please see if creating exclusions in Norton's real-time protection for Malwarebytes' files listed in this support article resolves the issue.  If it does not, please see if disabling or removing Norton temporarily allows the file to be restored.

Please let us know how it goes.

Thanks

Link to post
Share on other sites

OK, here's what the log from Malwarebytes shows for the file when trying to restore it from quarantine:

10/04/20    " 15:51:45.503"    2148203    10ac    1c14    INFO    CleanControllerImpl    RestoreEngine::RestoreFile    "restoreengine.cpp"    579    "Attempting to restore file 'C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj\NVSTEREOUTILITYOGL.EXE'"
10/04/20    " 15:51:45.512"    2148218    10ac    1c14    WARNING    Permissions    mb::common::system::Permissions::SetOwner    "permissions.cpp"    165    "Error taking ownership of given object C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj\NVSTEREOUTILITYOGL.EXE, Error = The system cannot find the file specified.  (0x2)."
10/04/20    " 15:51:45.512"    2148218    10ac    1c14    WARNING    Permissions    mb::common::system::Permissions::ResetFilePermissions    "permissions.cpp"    195    "Error resetting permissions on given file C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj\NVSTEREOUTILITYOGL.EXE, Error = The system cannot find the file specified.  (0x2)."
10/04/20    " 15:51:45.512"    2148218    10ac    1c14    ERROR    CleanControllerImpl    RestoreEngine::RestoreFileImpl    "restoreengine.cpp"    739    "Failed restoring file C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj\NVSTEREOUTILITYOGL.EXE, could not decrypt/copy contents, windows errCode=5"

It looks like the quarantined copy may be damaged or missing for some reason.  It's definitely an odd issue, but to get the file back you'll likely need to reinstall the app from here.

I'll report the issue to the Developers so that they may investigate in case it is the result of a compatibility issue or bug, however reinstalling the NVIDIA Control Panel should at least get the file back in place so that you can use the app again to control your graphics driver.

Link to post
Share on other sites

I doubt it's an infection, but you don't need the MS Store app to access the NVIDIA Control Panel; it's just an alternate UI/interface for it, so if you normally access the control panel through the desktop right-click menu, the Windows Control Panel, or through the NVIDIA tray icon, then you don't really need the MS Store app version anyway.

Link to post
Share on other sites

I went ahead and reported the NVIDIA app as a potential FP to the Research team so that they may verify it and get it corrected, assuming I'm right in thinking that it is a false positive:

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.