Protection Module Disabled and four other functions - V 1.17

[GMM]

I just purchased and installed Anti-Malware and several things are not working.

The Protection Module is disabled. When

[RubbeR DuckY]

Are you running on the administrator account? I got your e-mail, we can take care of the problem here.

[GMM]

Are you running on the administrator account? I got your e-mail, we can take care of the problem here.

Sorry, but I don't understand your question about running on administrator account.

[AdvancedSetup]

Hello GMM,

Do you know what Operating System you have and what Service Pack level it's on?

You can click on START - RUN and type in WINVER and click OK and it should tell you what version you have. Then we can start checking on some things.

We may need to uninstall, and reinstall Malwarebytes depending on what we find. You can download the latest version from here mbam-setup.exe if needed.

[GMM]

Hello GMM,

Do you know what Operating System you have and what Service Pack level it's on?

You can click on START - RUN and type in WINVER and click OK and it should tell you what version you have. Then we can start checking on some things.

We may need to uninstall, and reinstall Malwarebytes depending on what we find. You can download the latest version from here mbam-setup.exe if needed.

XP Pro 5.1 with service pack 2

[AdvancedSetup]

Please uninstall the current version of Malwarebytes and reboot your computer.

Then download a new copy from here mbam-setup.exe

After the download double-click it and install this version and let me know if you're still having problems with it.

[AdvancedSetup]

Is your system showing signs of infection by Malware or are you having any other issues with installing or running other applications?

[GMM]

Is your system showing signs of infection by Malware or are you having any other issues with installing or running other applications?

I just uninstalled, and then installed the new copy you suggested and I have the same problems.

No, there are no signs of infections and all my other applications are running smoothly. thanks.

[AdvancedSetup]

Try right click on Internet Explorer and go to Properties. Then click on the Security tab and move one of the sliders, then click on the button that says Reset all zones to default level then restart Malwarebytes and let me know if the issue persists.

If this does not work then please restart the computer in SAFE MODE and see if the program runs better.

Also, what Antivirus product are you running? It's possible that it is stopping MB from running properly.

[GMM]

Try right click on Internet Explorer and go to Properties. Then click on the Security tab and move one of the sliders, then click on the button that says Reset all zones to default level then restart Malwarebytes and let me know if the issue persists.

If this does not work then please restart the computer in SAFE MODE and see if the program runs better.

Also, what Antivirus product are you running? It's possible that it is stopping MB from running properly.

I reset zones to default and the issues persist.

I'm using AVG 7.5. Also using Comodo Firewall Pro 3.0.25

I don't know how to restart computer in Safe Mode, but I'm willing to try if you tell me how. Thanks.

[AdvancedSetup]

Well portions of it could be blocked by AVG or Comodo.

Let's try try going into the Comodo firewall and temporarily disabling it. Let me know if that makes any difference. Then when done testing re-enable your firewall. You may want to unplug your network connecting while testing with the firewall off.

If that makes no difference try disconnecting from the Internet connection and disabling AVG temporarily and see if MB runs properly now aside from connecting to the network.

[GMM]

Well portions of it could be blocked by AVG or Comodo.

Let's try try going into the Comodo firewall and temporarily disabling it. Let me know if that makes any difference. Then when done testing re-enable your firewall. You may want to unplug your network connecting while testing with the firewall off.

If that makes no difference try disconnecting from the Internet connection and disabling AVG temporarily and see if MB runs properly now aside from connecting to the network.

I've been trying different settings on Comodo and it turns out the feature "Proactive Defense" won't let MB run it's Protection Module and the other issues I've been having.

Thanks for your help.

Guess I'll have to decide whether to get rid of Comodo or MB. Too bad, I like both programs.

[AdvancedSetup]

Thank you for the information GMM, I'll let the Author of MB know and he can work with Comodo on see if they can work it out so that they both get along together. A fix may not happen soon, but I'll try to let you know if / when we get a fix. If you've not heard back within a week please post again as a reminder for us.

[GT500]

I've created a topic in the the Comodo bug report forum with a link back to this topic. I can supply their owner and developers with any info they need to contact Marcin.

[joe53]

By "Proactive Defense" you refer to the Defense+ (HIPS) module.

I have that version of Comodo FW, and cannot replicate those problems, even when D+ is set to the highest level ("Paranoid"). Try setting mbam.exe as a Trusted application in Defense+ rules:

Open Comodo, click on the Defense+ icon at the top.

Click on the Advanced icon on the left, then on Computer Security Policy

Scroll down to the All Applications section, and click on the entry containing the application path of mbam.exe to highlight it.

Click the Edit button to open the Application System Activity Control pane.

Select "Use a predefined policy"

In the dropdown box to the right select "Trusted Application"

Click the Apply button, then Apply again in the Computer Security Policy pane.

(Or better yet, wait for Comodo to reply to that bug report!)

[GT500]

(Or better yet, wait for Comodo to reply to that bug report!)

They cannot replicate the problem either.

It's probably best to set MBAM as a trusted application. He will probably want to set the following as trusted applications as well:

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamtrayctrl.exe

[Matty_R]

Hi GMM,

Try doing this in Comodo V3.

Defence+/Advanced/Computer Security Policy.

Now find the Comodo Firewall Pro entry and highlight it/Click "Edit"

In the new window click "Protection Settings"/Now click "Modify" next to "Interprocess Memory Access"

Now click "Add" and then "Browse".Find the MBAM entry in program files/Highlight it/Click on the arrow to move it to the right section(should end up with C:Program Files\Malwarebytes`Anti-Malware*) [see screen shot]

APPLY to close all windows.

Reboot

This sould make Defence+ ignore MBAM activities,let us know

Matty

[GMM]

They cannot replicate the problem either.

It's probably best to set MBAM as a trusted application. He will probably want to set the following as trusted applications as well:

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamtrayctrl.exe

thanks for your help joe53 and GT500.

I did what you suggested...

(Computer Security Policy, Scroll down to the All Applications section, and click on the entry containing the application path of mbam.exe to highlight it. Click the Edit button to open the Application System Activity Control pane. Select "Use a predefined policy" In the dropdown box to the right select "Trusted Application")

Then I did the same procedure with mbamservice.exe and mbantrayctrl.exe.

Now the Protection Module is enabled, as well as the other functions I originally mentioned. The only thing i can't get working on MB is "Help"--nothing at all happens when I click on that button (in the About tab)

And there's one thing MB can't seem to delete...

Registry Keys Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{129fa2a1-408c-4824-83a4-5001581fd01e} (Trojan.Vundo) -> Delete on reboot.

Thanks again to everyone for their help.

[GT500]

Now the Protection Module is enabled, as well as the other functions I originally mentioned. The only thing i can't get working on MB is "Help"--nothing at all happens when I click on that button (in the About tab)

Thanks for the info. Marcin is fixing that right now.

And there's one thing MB can't seem to delete...

Registry Keys Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{129fa2a1-408c-4824-83a4-5001581fd01e} (Trojan.Vundo) -> Delete on reboot.

I'll talk to Marcin about that.

[GT500]

And there's one thing MB can't seem to delete...

Registry Keys Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{129fa2a1-408c-4824-83a4-5001581fd01e} (Trojan.Vundo) -> Delete on reboot.

I'll talk to Marcin about that.

For now, please follow these instructions for posting in the Malware Removal - HijackThis Logs forum, and one of our malware removal experts will give you a hand.

[Hardhead]

thanks for your help joe53 and GT500.

Now the Protection Module is enabled, as well as the other functions I originally mentioned. The only thing i can't get working on MB is "Help"--nothing at all happens when I click on that button (in the About tab)

Thats a bug that needs fixing.

For the time being you can still go to "Help" from Start/AllPrograms/Malwarebytes'Anti-MalwareHelp.