DaRajunCajun

IP protection failed

16 posts in this topic

Hi. I just installed MBAM 1.75.1300 (latest 7 greatest) on my Dell Precision T3500 workstation. The computer was infected by viruses and I think I got most of them. I wanted to use MalwareBytes to scan for a prevent future infections. I installed the trial version of the pro. When I look at the icon in the system tray it is grayed out. When I open the program and go to protection (to schedule scans & updates) it shows partial protection enabled. Enable Malicious Website Blocking is not enabled and cannot be enabled. I uninstalled it using add remove programs, rebooted ran MBAM Clean utility, rebooted and reinstalled the program a few times and still cannot enable website blocking. I stopped and restarted the MBAM service and still not able to enable all protection. The computer is running Windows 7 Pro 64b Service Pack 1, 12GB of RAM.

Share this post


Link to post
Share on other sites

Are you sure you're logged in with an Admin account and not a limited user account?

Share this post


Link to post
Share on other sites

Probably also best to get some logs to see what else might be going on.

Please create an mbam-check log:

  • Download mbam-check.exe from here and save it to your desktop
  • Double-click on mbam-check.exe to run it, it should then open a log file
  • Please do not copy and paste the entire contents of the log into your next post, instead please attach the log CheckResults.txt file which should now be located on your desktop to your next post

Next, Please run the following scanner and send back the logs.

Download DDS from one of the locations below and save to your Desktop

dds.scr

dds.com

Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click dds.scr or dds.com to run the tool.

Click the Run button if prompted with an Open File - Security Warning dialog box.

A black DOS console should open and run for a moment.


    When done, DDS will open two (2) logs:
  1. DDS.txt
  2. Attach.txt

  • Save both reports to your desktop
  • Please include the following logs in your next reply: DDS.txt and Attach.txt
    You can ignore the note about zipping the Attach.txt file in most cases.

Thanks

Share this post


Link to post
Share on other sites

EDIT:

Sorry Ron beat me to it.....

Share this post


Link to post
Share on other sites

Thanks. I will try those suggestions as soon as I get done scannig this beast for viruses.

Share this post


Link to post
Share on other sites

Great, we will wait on the logs so we can see what's going on..

Share this post


Link to post
Share on other sites

So I uninstalled Malware Bytes with Revo unistaller, reboot, run the mbamclean tool, reboot, reinstall and still IP protection fails. I have installed this on another machine and it had no problems.. It's got me scratching my head for sure. I hope we can fix this quickly. I am attaching all the logs to this post.

Attach.txt, dds.txt and CheckResults.txt are attached.

attach.txt

CheckResults.txt

dds.txt

Share this post


Link to post
Share on other sites

Thanks for posting those logs so we could take a look at them. I have reviewed your logs, and there is quite a bit of issues going on with this computer. It could be that its due to an infection, previous infections, or some hardware/software conflicts. Its going to require some work that we can not do in this section of the forum, please see below for instructions on how to get this all fixed up.

Being that you are probably infected, feel free to follow the instructions below to receive free, one-on-one expert assistance in checking your system and clearing out any infections and correcting any damage done by the malware.

Please see the following pinned topic which has information on how to get help with this: Available Assistance for Possibly Infected Computers

Thank you

Share this post


Link to post
Share on other sites

Just a note that the logs show signs of possibly being infected with the ZeroAccess rootkit. Your help will attempt to clean the computer but it is possible that they may not be able to undo all of the damage done by this infection but work with them and they'll do their best to assist you.

Share this post


Link to post
Share on other sites

Zero Access.. That makes sense because windows update isn't running. Background Intelligent Transfer Service isn't running. I've had trouble getting to some Microsoft Sites. Would you recommend MBAR? or some other rootkit remover?

Share this post


Link to post
Share on other sites

I would highly recommend allowing one of the trained helpers help you with this. This is an advanced rootkit that has some new vectors that if you're not careful can cause even more damage trying to remove it (some new booby traps to thwart its removal). There is no cost to have someone help you aside from the back and forth time involved but in the end if you're trying to avoid a complete rebuild of the computer it's probably the best route to take.

Share this post


Link to post
Share on other sites

I really need to get this machine cleaned so I can get back to work with it. I've got it on an isolated network and I'm using a backup computer with XP.. I went from Porche to Yugo.. LOL

Share this post


Link to post
Share on other sites

Do I need to post in the help I'm infected forum to get help with this Zero Access Rootkit or are they working behind the scenes on a solution?

Share this post


Link to post
Share on other sites

Thanks for your help. On a side note Malwarebytes is now working will full protection.. LOL I exited out the protection in the system tray then open Malwarebytes from a desktop shortcut.. Voila it decided to work.. Working on getting the viruses off the work machine on the other forum. Nice to see folks that stand behind their great product.

Share this post


Link to post
Share on other sites

Sounds good. Hope all goes well with the clean up.

I'll go ahead then and close your post here and they'll go ahead and take care of you.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.