Jump to content

Malwarebytes detected malware and now windows defender is off


Go to solution Solved by Maurice Naggar,

Recommended Posts

I just got on my PC and on my notifications tab on Windows 10, it said something like "Windows Defender and Malwarebytes are turned off", or something like that.
And I thought "well that might be just because my PC has just booted up so it might take a second for them to turn on", and well, I have turned on Malwarebytes (launches on start up), however, it seems that my Windows Defender doesn't want to turn on.

I don't really know why, but I have a small suspicion...

This morning, Malwarebytes detected what it thought was malware on my pc, specifically on my C: drive.
Here is the report on what it detected:

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 26/05/2021
Scan Time: 07:42
Log File: 8eaa65a0-bded-11eb-9d9d-1c1b0d102d0a.json

-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1292
Update Package Version: 1.0.40910
Licence: Trial

-System Information-
OS: Windows 10 (Build 18363.1256)
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 369372
Threats Detected: 1
Threats Quarantined: 1
Time Elapsed: 10 min, 13 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 1
Malware.AI.1508476355, C:\USERS\JKGIL\APPDATA\LOCAL\PROGRAMS\{23EA15B6-0742-790E-6ADA-5CE64EB2A07E}\UNINST.EXE, Quarantined, 1000000, 0, 1.0.40910, 287EDE51C51E58F559E985C3, dds, 01261283, 4ED777A5428F68EFA0A9D84FEB06D056, 59EE7AA430827FED2DCE7D0765AA95560094D864A811AB3611E30EA1B2CB4293

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)


I am assuming that some malware got on my PC (I might know how, will explain in the next sentence), and uninstalled Windows Defender because I can't turn it back on, as in there is no "turn on" button.
So, to explain how I think I got the malware (if there even is malware, idk, I am not the best with malware related issues), I reinstalled DayZ on Steam yesterday after not playing for 2 years.
I thought "this seems fun, lets play!", tried to connect to some community servers, didn't end up playing on them, and then I called it a night.

Then I wake up the next day and Malwarebytes detects malware, I am assuming that if there even was malware on my PC, it came from DayZ's community servers, as sometimes you have to download external plugins and addons to play on the server.
 

In conclusion, I think my PC might have gotten infected, if it did, that might be the reason I can't turn on Windows Defender anymore, however, I did scan my PC as seen in the report above, and I quarantined the malicious file or programme or whatever it was. But, even if the malware is gone, I don't know how to turn on my Windows Defender again, there is no button to press to turn it on, it's gone.
 

If someone could help clear this up, or at least help me get Windows Defender back up and running, that would be great!
Thanks for reading and have a great day :D

windef.png

Link to post
Share on other sites

Hi :welcome:

Let's first get a readout report that is so so important for review.

Please download the Farbar Recovery Scan Tool 64-bit and save it to your desktop.

 

Right-click on FRST64.exe and select Run as Administrator to start the tool , and reply YES to allow it to proceed and run.

 

_Windows 10 users will be prompted about Windows *SmartScreen protection* - click line More info information on that screen and click button Run anyway on next screen._

Click YES when prompted by Windows U A C prompt to allow it to run.

Note: If you are prompted by Windows SmartScreen, click More info & followup & choose Run anyway.

 

Approve the Windows UAC prompt on Windows Vista and newer operating systems by clicking on Continue or Yes. 

 

Click Yes when the *disclaimer* appears in FRST.

The tool may want to update itself - in that case you'll be prompted when the update is completed and ready to use.

 

Make sure that Addition options is *checked* - the configuration should look exactly like on the screen below (do not mark additional things unless asked).

Press Scan button and wait.

 

The tool will produce 2 logfiles on your desktop: FRST.txt , Addition.txt 

Click OK button when it shows up. Close the Notepad windows when they show on screen. The tool saves the files.

 

Please attach these 2 files to your next reply.

Thank you.

Link to post
Share on other sites

My name is Maurice. Let me know what name you wish to be called by.

I will guide you.

It's important to be patient & collected & not to go off doing things on your own from here on out.

Did you in fact, uninstall Defender ?

You mentioned ' and uninstalled Windows Defender because I can't turn it back on ...."

 

PS. If you had installed Malwarebytes within the past 13 days or less, as a Trial install....know that it is protecting your PC.

And that I will be guiding you to get Microsoft Defender back to active.

Have much patience.

Meantime, no game playing.

No web surfing.

Link to post
Share on other sites

Hi. Thanks For the reports. There is not actual malicious malware here.

This custom script is intended to help in re-enabling the Microsoft Defender & to help with Microsoft Updates.

The script Fixlist.txt  needs to be saved to the same folder that contains FRST64.exe   /

 

The custom script on this post is ONLY for this machine and NO other.   

Please be sure to Close any open work files, documents,  any apps you started yourself  before starting this.

 

If there are any CD / DVD / or USB-flash-thumb or USB-storage drives attached,  please disconnect any of those.

 

The system will be rebooted after the script has run.

 

Please save the (attached file named) FIXLIST.txt   to the  D:\Downloads folder

Fixlist.txt

 

Start the Windows Explorer and then, to the D:\Downloads  folder.

  • RIGHT click on  FRST64.exe   and select RUN as Administrator and allow it to proceed.  Reply YES when prompted to allow to run

 the tool. If the tool warns you the version is outdated, please download and run the updated version.

  • IF Windows prompts you about running this, select YES to allow it to proceed.

 

  • IF you get a block message from Windows about this tool......

click line More info information on that screen

and click button Run anyway on next screen.

 

on the FRST window:

  • Click the Fix button just once, and wait.

 

  • PLEASE have lots and lots of patience when this starts. You will see a green progress bar start. Lots of patience. 

If you receive a message that a reboot is required, please make sure you allow it to restart normally.

The tool will complete its run after restart.

When finished, the tool will make a log ( Fixlog.txt) in the same location from where it was run.

 

Please attach the FIXLOG.txt with your next reply later, at your next opportunity   

 

Do let me know how things are overall,  after all this. We will do more.

Link to post
Share on other sites

  • Solution

No, no command prompt involved.

You run the procedure in the normal Windows GUI.

You first save the Fixlist to the D:\Downloads folder

 

Then you start FRST64 

Then you click on FIX 

Please go back & read ALL of my preceding immediate Reply of mine.

Link to post
Share on other sites

Thank you so much, my Windows Defender seems to be working now!
However, I was wondering if there is another issue you might be able to help with?

For about 2 weeks now (something like that), there has been a windows update that I haven't been able to install.
The update is: 2021-05 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB5003169)
 

It keeps getting to 20% when installing it, then it just gets stuck and doesn't move at all.
I have no idea why, but do you think that FRST64 might be able to fix this issue that has been annoying me for weeks?

Link to post
Share on other sites

Thanks for the Fixlog.

This last custom fix attempted to help with Windows Update.

So if there was a update failure after this run, then I would suggest that you go to, join, and request Windows Update help at the super duper expert forum at Sysnative.

See the pinned post 

https://www.sysnative.com/forums/threads/windows-update-forum-posting-instructions.4736/

.

Is there any other help you need here ?

Link to post
Share on other sites

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.