Jump to content
SlimChance

MB 3.3 Anti-Rootkit DDA Driver

Recommended Posts

I am getting the same error message on my desktop computer but never on my laptops. If I say yes to the reboot everything comes back fine; it only happens on the initial boot ups. I have no other anti-virus program on the computer which displays this message. I am on Windows 7 and all updates are current as are the Malwarebytes updates for Version 3.3.1.2183.

If I make the workaround change in the Windows Action Center above, I no protections are enabled after rebooting from the error message.

Share this post


Link to post
Share on other sites

@SlimChance

I split that topic as it was not related to the Avira issue the other customer was having.

Could you get us logs and we'll definitely take a look. Instructions on getting logs are in my signature. Make sure to get MB-Check and FRST logs for me

 

Thank you

Share this post


Link to post
Share on other sites

Thank you for responding to my post, Vlad. Sorry I did not see where you had split the topic. I ran the Farbar scan and the mbcheck program. The results of the mbcheck are attached. 

As I mentioned, version 3.3.1.2183 is not running in the same manner as it does on my laptops. After the boot, several or all protections are not active. When I try to open MB I get this message:  

image.png.62f8cbffca9b3f8581f4b9c1f85fedc9.png

After the last reboot here is a screenshot of the dashboard: 

image.png.caa218538e5d98b21b76d09b1bcac198.png

For some unknown reason the scan is already running. I have no scheduled scans and only want to run it manually which i do at boot and other times as I think it is needed. Here is a screen shot of the scan schedule:

image.png.cb2756d4ca67c0797a7d230b8f88ff95.png

I appreciate your help very much and will be glad to provide any further information you need.


Thanks!

mb-check-results.zip

Share this post


Link to post
Share on other sites

@SlimChance

Could you try to install MB3 on top of your existing installation. I am seeing some errors in logs as well as application crashing. 

Download Here

 

If a fresh installation on top of your existing installation doesn't work, re-run the MB-Check and reupload the logs for me so we have a new set to look over.

Thank you

Share this post


Link to post
Share on other sites

Ok. I reinstalled MB from the link you provided and it ran fine after the restart on install. However, this morning when I booted the PC and then opened MB I got the same root-kit driver failure notice:

image.png.89674fcbbb1bd17d8f783c5214a72052.png

I have run MBCheck again and have attached the output file.

 

Thanks,

Richard

mb-check-results.zip

Share this post


Link to post
Share on other sites

Hello, Vlad. 

I rebooted and ran a scan in Safe Mode with networking and the Anti-Rootkit  scan on.The scan showed no threats. When I rebooted after that scan in safe mode with networking and the Anti-Rootkit and here are the results:

 

image.png.6a3a7c11e0b66f6fe23282a069185e04.png

The same error message about the AntiRootkit Driver failure appeared and the protections in MB were disabled. 

I download the MBAR program and ran it in safe mode with networking and also got a no threats found message.

I tried to make a copy of the screen print but Word could not be verified in SafeMode so it was lost.

 

 

Share this post


Link to post
Share on other sites

@SlimChance

Could you try the following for me, looks like "early start" is enabled on your unit based on the logs I got earlier.

  1. Under Settings > Protection, turn off the option for Enable self-protection module.
  2. Reboot the unit

Share this post


Link to post
Share on other sites

After turning off the ENABLE SELF-PROTECTION MODE and restarting the PC, the Anti-Rootkit DDA Driver failure did not appear ( but that is typically the case after a restart). However, all protections were disabled except for Exploit Protection and Malwarebytes had started the threat scan before the program opened. 

I will let you know how it performs after a cold boot this afternoon and first thing tomorrow.

Thanks, Richard

Share this post


Link to post
Share on other sites

Thanks, Vlad. I will go ahead and reinstall a fresh MB-Clean now and see what happens. I'll report back in few days.

Thanks!

Richard

Share this post


Link to post
Share on other sites

Hello, Vlad:

I followed your instructions on Monday, December 4 and still had the Unable to load Anti-Rootkit DDA Driver DDA Driver on cold boot error message the next morning along with the scan running on its own before the icon even appeared in the notification tray. On cold boot Wednesday I got the same error message and auto-run of the scan. I re-ran the MBAR then ran the MB Cleaner again. I have attached the log file from that run. Unfortunately, when I ran MBAR yesterday, the log file created after that run apparently erased the one created on Monday. It had the same results as the one from yesterday, though.

At cold boot today I am still getting the same error message and a running scan before the program opens.

Thanks,

Richard

mb-clean-results.txt

Share this post


Link to post
Share on other sites

new member here - don't mean to hijack your thread but just wanted to say that I get the same "unable to load anti-rootkit driver" message every morning.  Instead of a reboot I simply "quit malwarebytes" and then launch it again and it always starts fine the second time (no reboot required).    

Share this post


Link to post
Share on other sites

Same here, Andy, and no need to apologize; I appreciate any feedback on this issue I can get. :D

 

Yes, restarting is something I do too now each day at initial boot-up. It's time-consuming and aggravating, though, especially since the program runs just fine on our laptops and used to run just fine on this desktop PC, all on the same Windoze operating system. If a fix is found for this, I will let you know. 

Share this post


Link to post
Share on other sites

Can you please go to Settings -> Protection and turn on the option titled "Delay Real-Time Protection when Malwarebytes starts". Also increase the timer to at least 30 seconds. Then reboot and see if that helps your situation.

 delay.PNG.67f96b4419ee58b185a8b1c877bd95df.PNG

Share this post


Link to post
Share on other sites

Hello, Devin:

 

I tried that a few weeks ago, delayed as much as 180 seconds after startup, to no avail. Thanks, though.

 

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.