JamesKotak

It appears the issue has resolved itself after several more restarts. No idea why but it suddenly decided to start working. James

Hi, I just upgraded to the most recent version of MBAM 1.51.2.1300 and am getting Error Code 1068 when attempting to start the trial (or activate protection from the app console). I have attempted a complete wipe of my installation using RevoUninstaller on maximum settings/reboot/MBAM Clean Up/Reboot/Disable ESET NOD32 AV/Reinstall MBAM and I am still getting this error code. The code is being generated because "MBAMProtector" is not starting, but I find no MBAMProtector anywhere in the Services list. I recently cleaned a rootkit/boot sector virus from this machine via Combofix. Don't know what kind it was but I have the quarantined files if they are needed. As per a request in another MBAM forum, I am includingattach.zip the 2 DDS logs for your review. Thanks, James Contents of DDS.TXT: . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 Run by Carol Premone at 1:08:56 on 2011-11-14 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.495 [GMT -8:00] . AV: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} . ============== Running Processes =============== . C:\WINDOWS\system32\svchost.exe -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE svchost.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\WINDOWS\system32\svchost.exe -k HPService C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\WINDOWS\System32\svchost.exe -k imgsvc C:\WINDOWS\system32\hkcmd.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Airlink101\AWLL3028\RtWLan.exe C:\WINDOWS\wanmpsvc.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = <local>;*.local BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.5.0_10\bin\ssv.dll TB: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No File TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\airlin~1.lnk - c:\program files\airlink101\awll3028\RtWLan.exe IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000 IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} - hxxp://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12 TCP: Interfaces\{1CD7A291-F68B-4D14-AC7F-4CB7057526E8} : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{71F7ECD7-6777-460A-AF47-86A6EE79D841} : DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12 TCP: Interfaces\{D35F8FA0-F704-427F-91F4-63AEE7E7D059} : DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12 Notify: igfxcui - igfxsrvc.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12 . ============= SERVICES / DRIVERS =============== . R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010-4-28 114984] R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2010-7-1 95896] R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [2011-11-12 38144] R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2010-7-1 810144] R3 hpnuhst;HP NUSB Host;c:\windows\system32\drivers\hpnuhst.sys [2007-12-26 10752] R3 HPNUHUB;HP NUSB Hub;c:\windows\system32\drivers\hpnuhub.sys [2007-12-26 37120] R3 RTL8187B;Airlink101 802.11g USB 2.0 Adapter;c:\windows\system32\drivers\rtl8187B.sys [2011-11-12 238208] R4 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?] S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-11-14 366152] S3 HPNUCMP;HP NUSB Composite;c:\windows\system32\drivers\hpnucmp.sys [2007-12-26 11648] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-11-14 22216] S3 RTLWUSB;Wireless Adapter;c:\windows\system32\drivers\hpl8187.sys --> c:\windows\system32\drivers\hpl8187.sys [?] . =============== Created Last 30 ================ . 2011-11-14 08:32:07 -------- d-----w- c:\documents and settings\carol premone\application data\Malwarebytes 2011-11-14 08:31:59 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2011-11-14 08:31:52 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-11-14 08:31:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-11-14 03:17:45 -------- d-sha-r- C:\cmdcons 2011-11-14 03:14:51 98816 ----a-w- c:\windows\sed.exe 2011-11-14 03:14:51 518144 ----a-w- c:\windows\SWREG.exe 2011-11-14 03:14:51 256000 ----a-w- c:\windows\PEV.exe 2011-11-14 03:14:51 208896 ----a-w- c:\windows\MBR.exe 2011-11-14 03:04:41 -------- d-----w- C:\VundoFix Backups 2011-11-13 18:52:55 -------- d-----w- c:\program files\SpywareBlaster 2011-11-13 18:46:37 -------- d-----w- c:\program files\Trend Micro 2011-11-13 04:39:18 21035 ----a-w- c:\windows\system32\drivers\AegisP.sys 2011-11-13 04:39:06 238208 ------r- c:\windows\system32\drivers\rtl8187B.sys 2011-11-13 04:38:28 38144 ----a-w- c:\windows\system32\drivers\EAPPkt.sys 2011-11-13 04:38:27 -------- d-----w- c:\windows\system32\RTL8187 2011-11-13 04:38:10 -------- d-----w- c:\program files\Airlink101 2011-11-13 04:35:31 -------- d-----w- c:\program files\Spybot - Search & Destroy 2011-11-13 04:16:38 -------- d-----w- c:\program files\ESET 2011-11-13 03:00:25 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy 2011-11-13 02:53:05 -------- d-----w- c:\program files\VS Revo Group . ==================== Find3M ==================== . 2010-01-03 07:00:50 85498808 -c--a-w- c:\program files\regbackup.reg . ============= FINISH: 1:13:38.78 =============== ATTENTION: The attachment "attach.zip" is in there, it's just somehow stuck in the text of my post, way up above the DDS log text.

Please stand by... I just found another thread with similar issue and will post back here when I get done following those instructions. Thanks. James

Hi, I just upgraded to the most recent version of MBAM 1.51.2.1300 and am getting Error Code 1068 when attempting to start the trial (or activate protection from the app console). I have attempted a complete wipe of my installation using RevoUninstaller on maximum settings/reboot/MBAM Clean Up/Reboot/Disable ESET NOD32 AV/Reinstall MBAM and I am still getting this error code. The code is being generated because "MBAMProtector" is not starting, but I find no MBAMProtector anywhere in the Services list. I recently cleaned a rootkit/boot sector virus from this machine. Don't know what kind but I have the quarantined files if they are needed. This is a client's computer, so I need a resolution to this ASAP or I will have to ditch MBAM altogether. OS: Windows XP SP3 Please help. Thanks. James