Jump to content

Real-time protection will not start (Paid user) Virus?


Recommended Posts

Hello

My issue is that real-time protection (and now even scanning) will not work any longer. 

One of my servers (I have a home network, IT specialist) that is a virtual machine is running Windows Server 2003 SBS. It provides my AD/DNS/WINS, not really used for anything else. I like having the real-time protection running because it is providing my DNS for my local network. I don't use the web browser on the server.  The server itself and the performance seems to be running fine at least I don't notice any issues at all. 

 

I am wondering if this could be an infection? One day I noticed the  Malwarebytes real-time and web protection would not start. I don't recall making any changes other than adding additional CPUs to the VM because I upgraded my ESXi host. When I was able to run a malware scan it never found anything on the system. I just ignored the issue until I had some more time.

 

Today I decided to get back to it today and after no success of uninstalling and manually installing the latest mb3-setup-consumer-3.3.1.2183-1.0.262-1.0.3374 I am still having the same problem. I am not sure why the web protection will not start. Now I am having a problem when I try to scan also. It seems to just freeze and never start scanning. All I did today was install the newest version and then reboot. I figured I would get some help from the experts.

 

Attached are the files I think you will need from me to get started. Please let me know what to do and thank you in advance for the help. :D

 

 

Addition.txt

FRST.txt

real-time off.png

Link to post
Share on other sites

  • Root Admin

Hello @laithan

First off I must ask - why not just do a Snapshot Restore since you're on  VMware ?
Are you using VSphere 5.5 or 6 ?

https://www.altaro.com/vmware/working-vmware-snapshot/

That said... if you're not using them I'd highly recommend you research using them via command-line if you're not using VSphere for the GUI

Malwarebytes 3 is a Consumer product and is not meant for any Server (including your SBS 2003, which by the way may be the issue too as it does not have all of the DLL support of newer operating systems that we require for some features)

I will try to assist you in cleaning it, but again. Doing a System Restore either via Snapshot (very fast and normally easy method) or restore via a Windows Backup.would be the best choice here.

I see you have "Symantec Backup Exec for Windows Servers" do you have a good backup to restore too?

Please give me an update on the above and we can go from there to see how best to fix this.

Thanks

Ron

 

Link to post
Share on other sites

Thank you for the prompt reply Ron. I do not have any snapshots right now as I recently migrated to a new ESXi host. I have plenty of data backups but just the one for the O/S. I do have a backup of the vmdk but it also has the same issue so I am really just stuck trying to fix this manually. I don't use Symantec anymore that was for an old tape drive.

You've made me wonder.. I think the problem could have happened when I updated Malwarebytes to a newer version. I am honestly not 100% sure but I just remembered and I think it could be related. Malwarebytes was actually working great for quite a while and I'm really thinking it might have been when I updated to a newer version. Do you have a link to an older version that I could try before we chase the rabbit down the hole too far?  ;)  I'd be happy with an older version if real-time was working again. Just an idea as I'm really not suspicious of having malware but I can't say for sure so whatever you think is best.

Thank you sir!

 

Link to post
Share on other sites

  • Root Admin

Yes, the 2.x version would probably be better. Though it too could have issues with the Web blocking feature.

Do you still have the 2.x installer?

https://downloads.malwarebytes.com/file/mbam_2x

 

You can uninstall 3.x then reboot. Then install 2.x and uncheck the setting to check for program updates. Keep the database rules check enabled but not programs.

Let me know.

Then once you have all working well I'd highly recommend checking out SnapShots - can be automated even if you don't have VSphere

Ron

 

Edited by AdvancedSetup
Link to post
Share on other sites

You're right, V2 is much better. That's what it was, updating to V3 is where compatibility with 2k3 ended. Reverting back to V2 has resolved the issue. I don't know why I didn't think of this I guess I just assumed because V3 successfully installed that real-time should be working and the O/S wasn't the issue.  :rolleyes:

Thanks very much for your help and have a great day

 

workingnow.png

Link to post
Share on other sites

  • Root Admin

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.