I have a client who was severly impacted by a false positive update from Malwarebytes AntiMalware (MBAM) on 4/15/13. I have spent the past three weeks fussing with this and am at wits end.
The MBAM False Positive update has been resolved on all the machines. Once the restore was completed I happened to notice that Symantec Endpoint Protection v11.0.7000.975 was broken as identified with the attached screen shot on three PCs. I have contacted Malwarebytes support and per their instructions, on all three PCs, I have done the following:
1. Run mbam-check.exe from MBAM's support site & post logs.
2. Run DDS from bleepingcomputer and post both logs.
3. Uninstall old Java software and the Java Auto Updater.
4. Uninstall MBAM using the clean removal tool from their site.
5. Uninstall SEP via Add/Remove Programs inside the Control Panel.
6. Use Norton Removal Tool to cleanup any residual SEP/Symantec installations using the removal tool from the Norton site.
7. Run TFC by OldTimer to clean up temporary files.
8. Reinstall SEP.
At that point I got the exact same result as before - See attached screenshot.
Furthermore, They asked me to remove the interactive option from Symantec Management Client service, then download and run MiniToolBox from bleepingcomputer to:
Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Devices
List Users, Partitions and Memory size
List Minidump Files.
-Upon removing the interactive setting from services and restarting all Symantec services, I was still at Square One.
I am at wits end. I need to have this resolved by 5:00pm EST today.
You may view the topic over on Malwarebytes forums by going here (will open in a new window): http://forums.malwarebytes.org/index.php?showtopic=125136&st=341
Help would be greatly appreciated. Thank you.