Jump to content

Error Code 1068 - No Posted Remedies Work


Recommended Posts

Hi,

I just upgraded to the most recent version of MBAM 1.51.2.1300 and am getting Error Code 1068 when attempting to start the trial (or activate protection from the app console).

I have attempted a complete wipe of my installation using RevoUninstaller on maximum settings/reboot/MBAM Clean Up/Reboot/Disable ESET NOD32 AV/Reinstall MBAM and I am still getting this error code.

The code is being generated because "MBAMProtector" is not starting, but I find no MBAMProtector anywhere in the Services list.

I recently cleaned a rootkit/boot sector virus from this machine via Combofix. Don't know what kind it was but I have the quarantined files if they are needed.

As per a request in another MBAM forum, I am includingattach.zip the 2 DDS logs for your review.

Thanks,

James

Contents of DDS.TXT:

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by Carol Premone at 1:08:56 on 2011-11-14

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.495 [GMT -8:00]

.

AV: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

svchost.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

C:\WINDOWS\system32\svchost.exe -k HPService

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\System32\svchost.exe -k imgsvc

C:\WINDOWS\system32\hkcmd.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Airlink101\AWLL3028\RtWLan.exe

C:\WINDOWS\wanmpsvc.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\WINDOWS\system32\taskmgr.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = <local>;*.local

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.5.0_10\bin\ssv.dll

TB: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No File

TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice

mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\airlin~1.lnk - c:\program files\airlink101\awll3028\RtWLan.exe

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab

DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab

DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab

DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} - hxxp://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab

DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12

TCP: Interfaces\{1CD7A291-F68B-4D14-AC7F-4CB7057526E8} : DhcpNameServer = 192.168.2.1

TCP: Interfaces\{71F7ECD7-6777-460A-AF47-86A6EE79D841} : DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12

TCP: Interfaces\{D35F8FA0-F704-427F-91F4-63AEE7E7D059} : DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12

Notify: igfxcui - igfxsrvc.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12

.

============= SERVICES / DRIVERS ===============

.

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010-4-28 114984]

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2010-7-1 95896]

R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [2011-11-12 38144]

R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2010-7-1 810144]

R3 hpnuhst;HP NUSB Host;c:\windows\system32\drivers\hpnuhst.sys [2007-12-26 10752]

R3 HPNUHUB;HP NUSB Hub;c:\windows\system32\drivers\hpnuhub.sys [2007-12-26 37120]

R3 RTL8187B;Airlink101 802.11g USB 2.0 Adapter;c:\windows\system32\drivers\rtl8187B.sys [2011-11-12 238208]

R4 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]

S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-11-14 366152]

S3 HPNUCMP;HP NUSB Composite;c:\windows\system32\drivers\hpnucmp.sys [2007-12-26 11648]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-11-14 22216]

S3 RTLWUSB;Wireless Adapter;c:\windows\system32\drivers\hpl8187.sys --> c:\windows\system32\drivers\hpl8187.sys [?]

.

=============== Created Last 30 ================

.

2011-11-14 08:32:07 -------- d-----w- c:\documents and settings\carol premone\application data\Malwarebytes

2011-11-14 08:31:59 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2011-11-14 08:31:52 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-11-14 08:31:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-11-14 03:17:45 -------- d-sha-r- C:\cmdcons

2011-11-14 03:14:51 98816 ----a-w- c:\windows\sed.exe

2011-11-14 03:14:51 518144 ----a-w- c:\windows\SWREG.exe

2011-11-14 03:14:51 256000 ----a-w- c:\windows\PEV.exe

2011-11-14 03:14:51 208896 ----a-w- c:\windows\MBR.exe

2011-11-14 03:04:41 -------- d-----w- C:\VundoFix Backups

2011-11-13 18:52:55 -------- d-----w- c:\program files\SpywareBlaster

2011-11-13 18:46:37 -------- d-----w- c:\program files\Trend Micro

2011-11-13 04:39:18 21035 ----a-w- c:\windows\system32\drivers\AegisP.sys

2011-11-13 04:39:06 238208 ------r- c:\windows\system32\drivers\rtl8187B.sys

2011-11-13 04:38:28 38144 ----a-w- c:\windows\system32\drivers\EAPPkt.sys

2011-11-13 04:38:27 -------- d-----w- c:\windows\system32\RTL8187

2011-11-13 04:38:10 -------- d-----w- c:\program files\Airlink101

2011-11-13 04:35:31 -------- d-----w- c:\program files\Spybot - Search & Destroy

2011-11-13 04:16:38 -------- d-----w- c:\program files\ESET

2011-11-13 03:00:25 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy

2011-11-13 02:53:05 -------- d-----w- c:\program files\VS Revo Group

.

==================== Find3M ====================

.

2010-01-03 07:00:50 85498808 -c--a-w- c:\program files\regbackup.reg

.

============= FINISH: 1:13:38.78 ===============

ATTENTION: The attachment "attach.zip" is in there, it's just somehow stuck in the text of my post, way up above the DDS log text.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.