KeithS
-
Posts
2 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by KeithS
-
-
Same problem here. Pro version. Win7/SP1. I restarted in Safe Mode and then I unticked the "Start protection with Windows (or words to that effect)" even though there was a warning that protection was disabled and I can now boot OK. This is the log before I restarted with the box unticked.
mbam-check result log version: 2.0.0.1000
Malwarebytes Version: REG_SZ 1.65.1.1000
Date Log Created: 11/03/12
Time Log Created: 10:26:26
User Account type: Administrator
64 bit Operating System
Product Name: REG_SZ Windows 7 Home Premium
Current Build Number: 7601
Current Version Number: 6.1
Current CSDVersion: Service Pack 1
Proxy Status: No proxy is Set
LAN Settings:
=============
only 'Automatically detect settings' is selected
SystemPartition:
================
HKEY_LOCAL_MACHINE\SYSTEM\Setup\
SystemPartition REG_SZ \Device\HarddiskVolume1
Balloon Tips Status:
====================
Enabled
Time Format Settings:
=====================
Should be:
h:mm:ss tt
AM
PM
:
Currently:
REG_SZ HH:mm:ss
REG_SZ AM
REG_SZ PM
REG_SZ :
Language and Regional Settings:
===============================
ACP: Language is English (United States)
MACCP: Language is English (United States)
OEMCP: 850 Please refer to this link for details: Here
Startup Folders for Error_Expanding_Variables Check:
====================================================
All Users Startup Folder Exists.
Current User's Startup Folder Exists.
Terminal Services Status for (null) entries in PM logs and GetUserToken errors:
===============================================================================
TERMService:
==============
Type : 32
State : 1 (The service is not running.) (State is stopped)
WIN32_EXIT_CODE : 1077
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0
TermService Start is set to: 3 (Manual Startup)
Compatibility Flag Settings (Any MBAM file listings should be removed):
=======================================================================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exeREG_SZ VISTARTM
Malwarebytes Anti-Malware Shell Extension Block Check:
======================================================
MBAM Startup Entries:
=====================
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
Service and Driver Status:
==========================
MBAMProtector:
==============
Type : 2
State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0
MBAMService:
==============
Type : 16
State : 4 (The service is running.)
WIN32_EXIT_CODE : 0
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0
MBAMScheduler:
==============
Type : 16
State : 4 (The service is running.)
WIN32_EXIT_CODE : 0
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0
<--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
MBAMProtector Registry Values:
==============================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector
Type REG_DWORD 2
Start REG_DWORD 3
ErrorControl REG_DWORD 1
ImagePath REG_EXPAND_SZ \??\C:\Windows\system32\drivers\mbam.sys
Group REG_SZ FSFilter Anti-Virus
DependOnService REG_MULTI_SZ FltMgr
WOW64 REG_DWORD 1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances
DefaultInstance REG_SZ MBAMProtector Instance
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance
Altitude REG_SZ 328800
Flags REG_DWORD 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Enum
0 REG_SZ Root\LEGACY_MBAMPROTECTOR\0000
Count REG_DWORD 1
NextInstance REG_DWORD 1
MBAMService Registry Values:
============================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService
Type REG_DWORD 16
Start REG_DWORD 2
ErrorControl REG_DWORD 1
ImagePath REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
DependOnService REG_MULTI_SZ MBAMProtector
WOW64 REG_DWORD 1
ObjectName REG_SZ LocalSystem
Description REG_SZ Malwarebytes Anti-Malware service
DelayedAutostart REG_DWORD 0
MBAMScheduler Registry Values:
==============================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler
Type REG_DWORD 16
Start REG_DWORD 2
ErrorControl REG_DWORD 1
ImagePath REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
WOW64 REG_DWORD 1
ObjectName REG_SZ LocalSystem
Description REG_SZ Malwarebytes Anti-Malware scheduler
MBAM DLL's and Runtime Files:
=============================
HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid
(Default): REG_SZ vbAccelerator Grid Control
HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid\Clsid
(Default): REG_SZ {C5DA1F2B-B2BF-4DFC-BC9A-439133543A67}
HKEY_CLASSES_ROOT\SSubTimer6.GSubclass
(Default): REG_SZ SSubTimer6.GSubclass
HKEY_CLASSES_ROOT\SSubTimer6.GSubclass\Clsid
(Default): REG_SZ {71A27032-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\SSubTimer6.CTimer
(Default): REG_SZ SSubTimer6.CTimer
HKEY_CLASSES_ROOT\SSubTimer6.CTimer\Clsid
(Default): REG_SZ {71A27034-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\SSubTimer6.ISubclass
(Default): REG_SZ SSubTimer6.ISubclass
HKEY_CLASSES_ROOT\SSubTimer6.ISubclass\Clsid
(Default): REG_SZ {71A2702F-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}
(Default): REG_SZ SSubTimer6.ISubclass
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\ProgID
(Default): REG_SZ SSubTimer6.ISubclass
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Programmable
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\VERSION
(Default): REG_SZ 1.0
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}
(Default): REG_SZ SSubTimer6.GSubclass
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32
(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll
ThreadingModel REG_SZ Apartment
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\ProgID
(Default): REG_SZ SSubTimer6.GSubclass
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Programmable
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\VERSION
(Default): REG_SZ 1.0
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}
(Default): REG_SZ SSubTimer6.CTimer
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32
(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll
ThreadingModel REG_SZ Apartment
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\ProgID
(Default): REG_SZ SSubTimer6.CTimer
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Programmable
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\VERSION
(Default): REG_SZ 1.0
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1
(Default): REG_SZ vbAccelerator VB6 SGrid Control 2.0
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0\win32
(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocx
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\FLAGS
(Default): REG_SZ 2
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\HELPDIR
(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1
(Default): REG_SZ vbAccelerator VB6 SGrid Control 2.0
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0\win32
(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocx
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\FLAGS
(Default): REG_SZ 2
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\HELPDIR
(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0
(Default): REG_SZ vbAccelerator VB6 Subclassing and Timer Assistant (with configurable message response, multi-control support + timer bug fix)
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0\win32
(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\FLAGS
(Default): REG_SZ 0
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\HELPDIR
(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0
(Default): REG_SZ vbAccelerator VB6 Subclassing and Timer Assistant (with configurable message response, multi-control support + timer bug fix)
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0\win32
(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\FLAGS
(Default): REG_SZ 0
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\HELPDIR
(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}
(Default): REG_SZ _ISubclass
HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32
(Default): REG_SZ {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
Version REG_SZ 1.0
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}
(Default): REG_SZ ISubclass
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid
(Default): REG_SZ {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32
(Default): REG_SZ {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
Version REG_SZ 1.0
HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}
(Default): REG_SZ __CTimer
HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32
(Default): REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
Version REG_SZ 1.0
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}
(Default): REG_SZ CTimer
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid
(Default): REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32
(Default): REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
Version REG_SZ 1.0
HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}
(Default): REG_SZ __vbalGrid
HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid32
(Default): REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\TypeLib
(Default): REG_SZ {DE8CE233-DD83-481D-844C-C07B96589D3A}
Version REG_SZ 1.1
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}
(Default): REG_SZ vbalGrid
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid
(Default): REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid32
(Default): REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\TypeLib
(Default): REG_SZ {DE8CE233-DD83-481D-844C-C07B96589D3A}
Version REG_SZ 1.1
MBAM Registry Settings and License Info:
========================================
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware
advancedheuristics REG_DWORD 1
downloadprogram REG_DWORD 1
hidereg REG_DWORD 0
detectp2p REG_DWORD 0
detectpum REG_DWORD 1
detectpup REG_DWORD 2
updatewarn REG_DWORD 1
updatewarndays REG_DWORD 7
useproxy REG_DWORD 0
useauthentication REG_DWORD 0
startipdisabled REG_DWORD 0
notifyinstallprogram REG_DWORD 1
InstallPath REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
dbdate REG_SZ Sat, 03 Nov 2012 05:40:46 GMT
dbversion REG_SZ v2012.11.03.03
programversion REG_SZ 1.65.1.1000
ID XXXXX-XXXXX This is hidden data.
Key XXXX-XXXX-XXXX-XXXX This is hidden data.
SchedulerQueue REG_MULTI_SZ 6148, 30226071, 4192365984, 1, 23 | 30259627, 1928375558
contextmenu REG_DWORD 1
reportthreats REG_DWORD 1
silentipmode REG_DWORD 0
trialpromptshown REG_DWORD 1
startwithwindows REG_DWORD 1
startfsdisabled REG_DWORD 0
HKEY_CURRENT_USER\SOFTWARE\Malwarebytes' Anti-Malware
alwaysscanfiles REG_DWORD 1
alwaysscanheuristics REG_DWORD 1
alwaysscanmemory REG_DWORD 1
alwaysscanregistry REG_DWORD 1
alwaysscanstartups REG_DWORD 1
autosavelog REG_DWORD 1
openlog REG_DWORD 1
defaultscan REG_DWORD 0
terminateie REG_DWORD 0
Language REG_SZ English.lng
selectedrives REG_SZ C:\|D:\|E:\|
HKEY_USERS\S-1-5-18\SOFTWARE\Malwarebytes' Anti-Malware
alwaysscanfiles REG_DWORD 1
alwaysscanheuristics REG_DWORD 1
alwaysscanmemory REG_DWORD 1
alwaysscanregistry REG_DWORD 1
alwaysscanstartups REG_DWORD 1
autosavelog REG_DWORD 1
openlog REG_DWORD 1
contextmenu REG_DWORD 1
defaultscan REG_DWORD 0
reportthreats REG_DWORD 1
terminateie REG_DWORD 0
startwithwindows REG_DWORD 1
startfsdisabled REG_DWORD 0
silentipmode REG_DWORD 0
trialpromptshown REG_DWORD 0
HKEY_USERS\.DEFAULT\SOFTWARE\Malwarebytes' Anti-Malware
alwaysscanfiles REG_DWORD 1
alwaysscanheuristics REG_DWORD 1
alwaysscanmemory REG_DWORD 1
alwaysscanregistry REG_DWORD 1
alwaysscanstartups REG_DWORD 1
autosavelog REG_DWORD 1
openlog REG_DWORD 1
contextmenu REG_DWORD 1
defaultscan REG_DWORD 0
reportthreats REG_DWORD 1
terminateie REG_DWORD 0
startwithwindows REG_DWORD 1
startfsdisabled REG_DWORD 0
silentipmode REG_DWORD 0
trialpromptshown REG_DWORD 0
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1
Inno Setup: Setup Version REG_SZ 5.4.3 (a)
Inno Setup: App Path REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
InstallLocation REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\
Inno Setup: Icon Group REG_SZ Malwarebytes' Anti-Malware
Inno Setup: User REG_SZ Keith
Inno Setup: Selected Tasks REG_SZ desktopicon
Inno Setup: Deselected Tasks REG_SZ quicklaunchicon
Inno Setup: Language REG_SZ English
DisplayName REG_SZ Malwarebytes Anti-Malware version 1.65.1.1000
DisplayIcon REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
UninstallString REG_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
QuietUninstallString REG_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" /SILENT
DisplayVersion REG_SZ 1.65.1.1000
Publisher REG_SZ Malwarebytes Corporation
URLInfoAbout REG_SZ http://www.malwarebytes.org
NoModify REG_DWORD 1
NoRepair REG_DWORD 1
InstallDate REG_SZ 20121103
MajorVersion REG_DWORD 1
MinorVersion REG_DWORD 65
EstimatedSize REG_DWORD 19910
Pending File Rename Operations:
================================
If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\
PendingFileRenameOperations REG_MULTI_SZ \??\C:\Windows\isRS-000.tmp
Scheduler Queue:
================
Scheduled Item: Update Schedule Options: | Daily | Random
Start Time: 2012-05-20 14:51 Repeating Every: 1 Recover if missed by: 23
Context Menu Entries:
=====================
HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\MBAMShlExt
(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\MBAMShlExt
(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt
(Default): REG_SZ MBAMShlExt Class
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CLSID
(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CurVer
(Default): REG_SZ MBAMExt.MBAMShlExt.1
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1
(Default): REG_SZ MBAMShlExt Class
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1\CLSID
(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}
(Default): REG_SZ IMBAMShlExt
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid32
(Default): REG_SZ {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\TypeLib
(Default): REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}
Version REG_SZ 1.0
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}
(Default): REG_SZ MBAMShlExt Class
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32
(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
ThreadingModel REG_SZ Apartment
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\ProgID
(Default): REG_SZ MBAMExt.MBAMShlExt.1
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\TypeLib
(Default): REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\VersionIndependentProgID
(Default): REG_SZ MBAMExt.MBAMShlExt
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0
(Default): REG_SZ MBAMExt 1.0 Type Library
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win64
(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS
(Default): REG_SZ 0
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR
(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0
(Default): REG_SZ MBAMExt 1.0 Type Library
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win64
(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS
(Default): REG_SZ 0
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR
(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
MBAM Drivers:
=============
C:\Windows\system32\drivers\mbam.sys File Size: 25928 BYTES FileVersion: 1.60.2.0
Required Dependencies:
======================
BFE:
==============
Type : 32
State : 4 (The service is running.)
WIN32_EXIT_CODE : 0
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE
DisplayName REG_SZ @%SystemRoot%\system32\bfe.dll,-1001
Group REG_SZ NetworkProvider
ImagePath REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
Description REG_SZ @%SystemRoot%\system32\bfe.dll,-1002
ObjectName REG_SZ NT AUTHORITY\LocalService
ErrorControl REG_DWORD 1
Start REG_DWORD 2
Type REG_DWORD 32
DependOnService REG_MULTI_SZ RpcSs
ServiceSidType REG_DWORD 3
RequiredPrivileges REG_MULTI_SZ SeAuditPrivilege
FailureActions REG_BINARY Binary Data
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters
ServiceDll REG_EXPAND_SZ %SystemRoot%\System32\bfe.dll
ServiceDllUnloadOnStop REG_DWORD 1
ServiceMain REG_SZ BfeServiceMain
fltmgr:
==============
Type : 2
State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr
AttachWhenLoaded REG_DWORD 1
DisplayName REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10001
Group REG_SZ FSFilter Infrastructure
ImagePath REG_EXPAND_SZ system32\drivers\fltmgr.sys
Description REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10000
ErrorControl REG_DWORD 3
Start REG_DWORD 0
Tag REG_DWORD 1
Type REG_DWORD 2
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum
0 REG_SZ Root\LEGACY_FLTMGR\0000
Count REG_DWORD 1
NextInstance REG_DWORD 1
C:\Windows\system32\drivers\fltmgr.sys File Size: 289664 BYTES FileVersion: 6.1.7601.17514
C:\Windows\SysWOW64\mscomctl.ocx File Size: 1071088 BYTES FileVersion: 6.1.97.86
C:\Windows\SysWOW64\olepro32.dll File Size: 90112 BYTES FileVersion: 6.1.7601.17514
List of MBAM Related Directories:
=================================
C:\Program Files (x86)\Malwarebytes' Anti-Malware
changes.rtf File Size: 785 BYTES
changes.txt File Size: 576 BYTES
license.txt File Size: 11141 BYTES
mbam.chm File Size: 582708 BYTES
mbam.dll File Size: 499784 BYTES FileVersion: 1.65.0.0
mbam.exe File Size: 981656 BYTES FileVersion: 1.62.0.140
mbamcore.dll File Size: 1089608 BYTES FileVersion: 1.62.0.0
mbamext.dll File Size: 95304 BYTES FileVersion: 1.61.0.0
mbamgui.exe File Size: 766536 BYTES FileVersion: 1.65.0.0
mbamnet.dll File Size: 2168904 BYTES FileVersion: 1.62.0.0
mbampt.exe File Size: 40008 BYTES FileVersion: 1.61.0.0
mbamscheduler.exe File Size: 399432 BYTES FileVersion: 1.65.0.0
mbamservice.exe File Size: 676936 BYTES FileVersion: 1.65.0.0
ssubtmr6.dll File Size: 46416 BYTES FileVersion: 1.1.0.3
unins000.dat File Size: 25417 BYTES
unins000.exe File Size: 711240 BYTES FileVersion: 51.52.0.0
unins000.msg File Size: 10550 BYTES
vbalsgrid6.ocx File Size: 496976 BYTES FileVersion: 2.0.0.40
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon
chameleon.chm File Size: 186068 BYTES
firefox.com File Size: 218184 BYTES
firefox.exe File Size: 218184 BYTES
firefox.pif File Size: 218184 BYTES
firefox.scr File Size: 218184 BYTES
iexplore.exe File Size: 218184 BYTES
mbam-chameleon.com File Size: 218184 BYTES
mbam-chameleon.exe File Size: 218184 BYTES
mbam-chameleon.pif File Size: 218184 BYTES
mbam-chameleon.scr File Size: 218184 BYTES
mbam-killer.exe File Size: 984648 BYTES FileVersion: 1.60.0.47
rundll32.exe File Size: 218184 BYTES
svchost.exe File Size: 218184 BYTES
winlogon.exe File Size: 218184 BYTES
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Languages
arabic.lng File Size: 21110 BYTES
belarusian.lng File Size: 26026 BYTES
bosnian.lng File Size: 26236 BYTES
bulgarian.lng File Size: 26678 BYTES
catalan.lng File Size: 27226 BYTES
chineseSI.lng File Size: 10642 BYTES
chineseTR.lng File Size: 11588 BYTES
croatian.lng File Size: 25844 BYTES
czech.lng File Size: 23894 BYTES
danish.lng File Size: 25750 BYTES
dutch.lng File Size: 27282 BYTES
english.lng File Size: 23742 BYTES
estonian.lng File Size: 24112 BYTES
finnish.lng File Size: 24990 BYTES
french.lng File Size: 28790 BYTES
german.lng File Size: 28870 BYTES
greek.lng File Size: 28316 BYTES
hebrew.lng File Size: 18714 BYTES
hungarian.lng File Size: 27548 BYTES
italian.lng File Size: 27186 BYTES
japanese.lng File Size: 15814 BYTES
korean.lng File Size: 13710 BYTES
latvian.lng File Size: 26208 BYTES
lithuanian.lng File Size: 26920 BYTES
macedonian.lng File Size: 27830 BYTES
norwegian.lng File Size: 24216 BYTES
polish.lng File Size: 25726 BYTES
portugueseBR.lng File Size: 27720 BYTES
portuguesePT.lng File Size: 28056 BYTES
romanian.lng File Size: 27308 BYTES
russian.lng File Size: 26352 BYTES
serbian.lng File Size: 25970 BYTES
slovak.lng File Size: 24752 BYTES
slovenian.lng File Size: 23998 BYTES
spanish.lng File Size: 29010 BYTES
swedish.lng File Size: 25132 BYTES
thai.lng File Size: 25190 BYTES
turkish.lng File Size: 25046 BYTES
vietnamese.lng File Size: 28574 BYTES
C:\Users\Keith\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware
C:\Users\Keith\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs
C:\Users\Keith\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware
mbam-setup.exe File Size: 10669952 BYTES FileVersion: 1.65.1.1000
rules.ref File Size: 6281208 BYTES
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Configuration
build.conf File Size: 140 BYTES
config.conf File Size: 3305 BYTES
custom.conf File Size: 20 BYTES
database.conf File Size: 432 BYTES
local.conf File Size: 728 BYTES
manifest.conf File Size: 545 BYTES
messaging.conf File Size: 1430 BYTES
news.conf File Size: 405 BYTES
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs
protection-log-2012-05-20.txt File Size: 3276 BYTES
protection-log-2012-05-21.txt File Size: 2656 BYTES
protection-log-2012-05-22.txt File Size: 3896 BYTES
protection-log-2012-05-24.txt File Size: 4072 BYTES
protection-log-2012-05-25.txt File Size: 1312 BYTES
protection-log-2012-06-02.txt File Size: 1868 BYTES
protection-log-2012-06-09.txt File Size: 1566 BYTES
protection-log-2012-06-13.txt File Size: 2656 BYTES
protection-log-2012-06-14.txt File Size: 2036 BYTES
protection-log-2012-06-15.txt File Size: 5646 BYTES
protection-log-2012-06-16.txt File Size: 910 BYTES
protection-log-2012-06-29.txt File Size: 2656 BYTES
protection-log-2012-07-02.txt File Size: 2036 BYTES
protection-log-2012-07-03.txt File Size: 2036 BYTES
protection-log-2012-07-04.txt File Size: 2036 BYTES
protection-log-2012-07-05.txt File Size: 2036 BYTES
protection-log-2012-07-06.txt File Size: 2162 BYTES
protection-log-2012-07-11.txt File Size: 1628 BYTES
protection-log-2012-07-12.txt File Size: 4198 BYTES
protection-log-2012-07-13.txt File Size: 2036 BYTES
protection-log-2012-07-16.txt File Size: 4692 BYTES
protection-log-2012-07-17.txt File Size: 620 BYTES
protection-log-2012-07-21.txt File Size: 2036 BYTES
protection-log-2012-07-28.txt File Size: 4784 BYTES
protection-log-2012-08-03.txt File Size: 918 BYTES
protection-log-2012-08-11.txt File Size: 1868 BYTES
protection-log-2012-08-15.txt File Size: 1240 BYTES
protection-log-2012-08-25.txt File Size: 1542 BYTES
protection-log-2012-08-27.txt File Size: 4806 BYTES
protection-log-2012-09-02.txt File Size: 2656 BYTES
protection-log-2012-09-07.txt File Size: 2036 BYTES
protection-log-2012-09-13.txt File Size: 3210 BYTES
protection-log-2012-09-22.txt File Size: 2976 BYTES
protection-log-2012-09-28.txt File Size: 3402 BYTES
protection-log-2012-10-06.txt File Size: 946 BYTES
protection-log-2012-10-10.txt File Size: 2188 BYTES
protection-log-2012-10-19.txt File Size: 2982 BYTES
protection-log-2012-10-27.txt File Size: 1868 BYTES
protection-log-2012-11-02.txt File Size: 6134 BYTES
protection-log-2012-11-03.txt File Size: 1090 BYTES
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine
===============================================================
END OF FILE
mbam-check result log version: 2.0.0.1000
Malwarebytes Version: REG_SZ 1.65.1.1000
Date Log Created: 11/03/12
Time Log Created: 10:26:26
User Account type: Administrator
64 bit Operating System
Product Name: REG_SZ Windows 7 Home Premium
Current Build Number: 7601
Current Version Number: 6.1
Current CSDVersion: Service Pack 1
Proxy Status: No proxy is Set
LAN Settings:
=============
only 'Automatically detect settings' is selected
SystemPartition:
================
HKEY_LOCAL_MACHINE\SYSTEM\Setup\
SystemPartition REG_SZ \Device\HarddiskVolume1
Balloon Tips Status:
====================
Enabled
Time Format Settings:
=====================
Should be:
h:mm:ss tt
AM
PM
:
Currently:
REG_SZ HH:mm:ss
REG_SZ AM
REG_SZ PM
REG_SZ :
Language and Regional Settings:
===============================
ACP: Language is English (United States)
MACCP: Language is English (United States)
OEMCP: 850 Please refer to this link for details: Here
Startup Folders for Error_Expanding_Variables Check:
====================================================
All Users Startup Folder Exists.
Current User's Startup Folder Exists.
Terminal Services Status for (null) entries in PM logs and GetUserToken errors:
===============================================================================
TERMService:
==============
Type : 32
State : 1 (The service is not running.) (State is stopped)
WIN32_EXIT_CODE : 1077
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0
TermService Start is set to: 3 (Manual Startup)
Compatibility Flag Settings (Any MBAM file listings should be removed):
=======================================================================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exeREG_SZ VISTARTM
Malwarebytes Anti-Malware Shell Extension Block Check:
======================================================
MBAM Startup Entries:
=====================
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
Service and Driver Status:
==========================
MBAMProtector:
==============
Type : 2
State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0
MBAMService:
==============
Type : 16
State : 4 (The service is running.)
WIN32_EXIT_CODE : 0
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0
MBAMScheduler:
==============
Type : 16
State : 4 (The service is running.)
WIN32_EXIT_CODE : 0
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0
<--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
MBAMProtector Registry Values:
==============================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector
Type REG_DWORD 2
Start REG_DWORD 3
ErrorControl REG_DWORD 1
ImagePath REG_EXPAND_SZ \??\C:\Windows\system32\drivers\mbam.sys
Group REG_SZ FSFilter Anti-Virus
DependOnService REG_MULTI_SZ FltMgr
WOW64 REG_DWORD 1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances
DefaultInstance REG_SZ MBAMProtector Instance
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance
Altitude REG_SZ 328800
Flags REG_DWORD 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Enum
0 REG_SZ Root\LEGACY_MBAMPROTECTOR\0000
Count REG_DWORD 1
NextInstance REG_DWORD 1
MBAMService Registry Values:
============================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService
Type REG_DWORD 16
Start REG_DWORD 2
ErrorControl REG_DWORD 1
ImagePath REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
DependOnService REG_MULTI_SZ MBAMProtector
WOW64 REG_DWORD 1
ObjectName REG_SZ LocalSystem
Description REG_SZ Malwarebytes Anti-Malware service
DelayedAutostart REG_DWORD 0
MBAMScheduler Registry Values:
==============================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler
Type REG_DWORD 16
Start REG_DWORD 2
ErrorControl REG_DWORD 1
ImagePath REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
WOW64 REG_DWORD 1
ObjectName REG_SZ LocalSystem
Description REG_SZ Malwarebytes Anti-Malware scheduler
MBAM DLL's and Runtime Files:
=============================
HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid
(Default): REG_SZ vbAccelerator Grid Control
HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid\Clsid
(Default): REG_SZ {C5DA1F2B-B2BF-4DFC-BC9A-439133543A67}
HKEY_CLASSES_ROOT\SSubTimer6.GSubclass
(Default): REG_SZ SSubTimer6.GSubclass
HKEY_CLASSES_ROOT\SSubTimer6.GSubclass\Clsid
(Default): REG_SZ {71A27032-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\SSubTimer6.CTimer
(Default): REG_SZ SSubTimer6.CTimer
HKEY_CLASSES_ROOT\SSubTimer6.CTimer\Clsid
(Default): REG_SZ {71A27034-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\SSubTimer6.ISubclass
(Default): REG_SZ SSubTimer6.ISubclass
HKEY_CLASSES_ROOT\SSubTimer6.ISubclass\Clsid
(Default): REG_SZ {71A2702F-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}
(Default): REG_SZ SSubTimer6.ISubclass
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\ProgID
(Default): REG_SZ SSubTimer6.ISubclass
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Programmable
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\VERSION
(Default): REG_SZ 1.0
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}
(Default): REG_SZ SSubTimer6.GSubclass
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32
(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll
ThreadingModel REG_SZ Apartment
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\ProgID
(Default): REG_SZ SSubTimer6.GSubclass
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Programmable
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\VERSION
(Default): REG_SZ 1.0
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}
(Default): REG_SZ SSubTimer6.CTimer
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32
(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll
ThreadingModel REG_SZ Apartment
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\ProgID
(Default): REG_SZ SSubTimer6.CTimer
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Programmable
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\VERSION
(Default): REG_SZ 1.0
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1
(Default): REG_SZ vbAccelerator VB6 SGrid Control 2.0
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0\win32
(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocx
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\FLAGS
(Default): REG_SZ 2
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\HELPDIR
(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1
(Default): REG_SZ vbAccelerator VB6 SGrid Control 2.0
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0\win32
(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocx
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\FLAGS
(Default): REG_SZ 2
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\HELPDIR
(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0
(Default): REG_SZ vbAccelerator VB6 Subclassing and Timer Assistant (with configurable message response, multi-control support + timer bug fix)
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0\win32
(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\FLAGS
(Default): REG_SZ 0
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\HELPDIR
(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0
(Default): REG_SZ vbAccelerator VB6 Subclassing and Timer Assistant (with configurable message response, multi-control support + timer bug fix)
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0\win32
(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\FLAGS
(Default): REG_SZ 0
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\HELPDIR
(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}
(Default): REG_SZ _ISubclass
HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32
(Default): REG_SZ {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
Version REG_SZ 1.0
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}
(Default): REG_SZ ISubclass
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid
(Default): REG_SZ {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32
(Default): REG_SZ {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
Version REG_SZ 1.0
HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}
(Default): REG_SZ __CTimer
HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32
(Default): REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
Version REG_SZ 1.0
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}
(Default): REG_SZ CTimer
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid
(Default): REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32
(Default): REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
Version REG_SZ 1.0
HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}
(Default): REG_SZ __vbalGrid
HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid32
(Default): REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\TypeLib
(Default): REG_SZ {DE8CE233-DD83-481D-844C-C07B96589D3A}
Version REG_SZ 1.1
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}
(Default): REG_SZ vbalGrid
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid
(Default): REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid32
(Default): REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\TypeLib
(Default): REG_SZ {DE8CE233-DD83-481D-844C-C07B96589D3A}
Version REG_SZ 1.1
MBAM Registry Settings and License Info:
========================================
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware
advancedheuristics REG_DWORD 1
downloadprogram REG_DWORD 1
hidereg REG_DWORD 0
detectp2p REG_DWORD 0
detectpum REG_DWORD 1
detectpup REG_DWORD 2
updatewarn REG_DWORD 1
updatewarndays REG_DWORD 7
useproxy REG_DWORD 0
useauthentication REG_DWORD 0
startipdisabled REG_DWORD 0
notifyinstallprogram REG_DWORD 1
InstallPath REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
dbdate REG_SZ Sat, 03 Nov 2012 05:40:46 GMT
dbversion REG_SZ v2012.11.03.03
programversion REG_SZ 1.65.1.1000
ID XXXXX-XXXXX This is hidden data.
Key XXXX-XXXX-XXXX-XXXX This is hidden data.
SchedulerQueue REG_MULTI_SZ 6148, 30226071, 4192365984, 1, 23 | 30259627, 1928375558
contextmenu REG_DWORD 1
reportthreats REG_DWORD 1
silentipmode REG_DWORD 0
trialpromptshown REG_DWORD 1
startwithwindows REG_DWORD 1
startfsdisabled REG_DWORD 0
HKEY_CURRENT_USER\SOFTWARE\Malwarebytes' Anti-Malware
alwaysscanfiles REG_DWORD 1
alwaysscanheuristics REG_DWORD 1
alwaysscanmemory REG_DWORD 1
alwaysscanregistry REG_DWORD 1
alwaysscanstartups REG_DWORD 1
autosavelog REG_DWORD 1
openlog REG_DWORD 1
defaultscan REG_DWORD 0
terminateie REG_DWORD 0
Language REG_SZ English.lng
selectedrives REG_SZ C:\|D:\|E:\|
HKEY_USERS\S-1-5-18\SOFTWARE\Malwarebytes' Anti-Malware
alwaysscanfiles REG_DWORD 1
alwaysscanheuristics REG_DWORD 1
alwaysscanmemory REG_DWORD 1
alwaysscanregistry REG_DWORD 1
alwaysscanstartups REG_DWORD 1
autosavelog REG_DWORD 1
openlog REG_DWORD 1
contextmenu REG_DWORD 1
defaultscan REG_DWORD 0
reportthreats REG_DWORD 1
terminateie REG_DWORD 0
startwithwindows REG_DWORD 1
startfsdisabled REG_DWORD 0
silentipmode REG_DWORD 0
trialpromptshown REG_DWORD 0
HKEY_USERS\.DEFAULT\SOFTWARE\Malwarebytes' Anti-Malware
alwaysscanfiles REG_DWORD 1
alwaysscanheuristics REG_DWORD 1
alwaysscanmemory REG_DWORD 1
alwaysscanregistry REG_DWORD 1
alwaysscanstartups REG_DWORD 1
autosavelog REG_DWORD 1
openlog REG_DWORD 1
contextmenu REG_DWORD 1
defaultscan REG_DWORD 0
reportthreats REG_DWORD 1
terminateie REG_DWORD 0
startwithwindows REG_DWORD 1
startfsdisabled REG_DWORD 0
silentipmode REG_DWORD 0
trialpromptshown REG_DWORD 0
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1
Inno Setup: Setup Version REG_SZ 5.4.3 (a)
Inno Setup: App Path REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
InstallLocation REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\
Inno Setup: Icon Group REG_SZ Malwarebytes' Anti-Malware
Inno Setup: User REG_SZ Keith
Inno Setup: Selected Tasks REG_SZ desktopicon
Inno Setup: Deselected Tasks REG_SZ quicklaunchicon
Inno Setup: Language REG_SZ English
DisplayName REG_SZ Malwarebytes Anti-Malware version 1.65.1.1000
DisplayIcon REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
UninstallString REG_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
QuietUninstallString REG_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" /SILENT
DisplayVersion REG_SZ 1.65.1.1000
Publisher REG_SZ Malwarebytes Corporation
URLInfoAbout REG_SZ http://www.malwarebytes.org
NoModify REG_DWORD 1
NoRepair REG_DWORD 1
InstallDate REG_SZ 20121103
MajorVersion REG_DWORD 1
MinorVersion REG_DWORD 65
EstimatedSize REG_DWORD 19910
Pending File Rename Operations:
================================
If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\
PendingFileRenameOperations REG_MULTI_SZ \??\C:\Windows\isRS-000.tmp
Scheduler Queue:
================
Scheduled Item: Update Schedule Options: | Daily | Random
Start Time: 2012-05-20 14:51 Repeating Every: 1 Recover if missed by: 23
Context Menu Entries:
=====================
HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\MBAMShlExt
(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\MBAMShlExt
(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt
(Default): REG_SZ MBAMShlExt Class
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CLSID
(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CurVer
(Default): REG_SZ MBAMExt.MBAMShlExt.1
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1
(Default): REG_SZ MBAMShlExt Class
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1\CLSID
(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}
(Default): REG_SZ IMBAMShlExt
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid32
(Default): REG_SZ {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\TypeLib
(Default): REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}
Version REG_SZ 1.0
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}
(Default): REG_SZ MBAMShlExt Class
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32
(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
ThreadingModel REG_SZ Apartment
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\ProgID
(Default): REG_SZ MBAMExt.MBAMShlExt.1
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\TypeLib
(Default): REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\VersionIndependentProgID
(Default): REG_SZ MBAMExt.MBAMShlExt
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0
(Default): REG_SZ MBAMExt 1.0 Type Library
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win64
(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS
(Default): REG_SZ 0
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR
(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0
(Default): REG_SZ MBAMExt 1.0 Type Library
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win64
(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS
(Default): REG_SZ 0
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR
(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
MBAM Drivers:
=============
C:\Windows\system32\drivers\mbam.sys File Size: 25928 BYTES FileVersion: 1.60.2.0
Required Dependencies:
======================
BFE:
==============
Type : 32
State : 4 (The service is running.)
WIN32_EXIT_CODE : 0
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE
DisplayName REG_SZ @%SystemRoot%\system32\bfe.dll,-1001
Group REG_SZ NetworkProvider
ImagePath REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
Description REG_SZ @%SystemRoot%\system32\bfe.dll,-1002
ObjectName REG_SZ NT AUTHORITY\LocalService
ErrorControl REG_DWORD 1
Start REG_DWORD 2
Type REG_DWORD 32
DependOnService REG_MULTI_SZ RpcSs
ServiceSidType REG_DWORD 3
RequiredPrivileges REG_MULTI_SZ SeAuditPrivilege
FailureActions REG_BINARY Binary Data
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters
ServiceDll REG_EXPAND_SZ %SystemRoot%\System32\bfe.dll
ServiceDllUnloadOnStop REG_DWORD 1
ServiceMain REG_SZ BfeServiceMain
fltmgr:
==============
Type : 2
State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr
AttachWhenLoaded REG_DWORD 1
DisplayName REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10001
Group REG_SZ FSFilter Infrastructure
ImagePath REG_EXPAND_SZ system32\drivers\fltmgr.sys
Description REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10000
ErrorControl REG_DWORD 3
Start REG_DWORD 0
Tag REG_DWORD 1
Type REG_DWORD 2
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum
0 REG_SZ Root\LEGACY_FLTMGR\0000
Count REG_DWORD 1
NextInstance REG_DWORD 1
C:\Windows\system32\drivers\fltmgr.sys File Size: 289664 BYTES FileVersion: 6.1.7601.17514
C:\Windows\SysWOW64\mscomctl.ocx File Size: 1071088 BYTES FileVersion: 6.1.97.86
C:\Windows\SysWOW64\olepro32.dll File Size: 90112 BYTES FileVersion: 6.1.7601.17514
List of MBAM Related Directories:
=================================
C:\Program Files (x86)\Malwarebytes' Anti-Malware
changes.rtf File Size: 785 BYTES
changes.txt File Size: 576 BYTES
license.txt File Size: 11141 BYTES
mbam.chm File Size: 582708 BYTES
mbam.dll File Size: 499784 BYTES FileVersion: 1.65.0.0
mbam.exe File Size: 981656 BYTES FileVersion: 1.62.0.140
mbamcore.dll File Size: 1089608 BYTES FileVersion: 1.62.0.0
mbamext.dll File Size: 95304 BYTES FileVersion: 1.61.0.0
mbamgui.exe File Size: 766536 BYTES FileVersion: 1.65.0.0
mbamnet.dll File Size: 2168904 BYTES FileVersion: 1.62.0.0
mbampt.exe File Size: 40008 BYTES FileVersion: 1.61.0.0
mbamscheduler.exe File Size: 399432 BYTES FileVersion: 1.65.0.0
mbamservice.exe File Size: 676936 BYTES FileVersion: 1.65.0.0
ssubtmr6.dll File Size: 46416 BYTES FileVersion: 1.1.0.3
unins000.dat File Size: 25417 BYTES
unins000.exe File Size: 711240 BYTES FileVersion: 51.52.0.0
unins000.msg File Size: 10550 BYTES
vbalsgrid6.ocx File Size: 496976 BYTES FileVersion: 2.0.0.40
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon
chameleon.chm File Size: 186068 BYTES
firefox.com File Size: 218184 BYTES
firefox.exe File Size: 218184 BYTES
firefox.pif File Size: 218184 BYTES
firefox.scr File Size: 218184 BYTES
iexplore.exe File Size: 218184 BYTES
mbam-chameleon.com File Size: 218184 BYTES
mbam-chameleon.exe File Size: 218184 BYTES
mbam-chameleon.pif File Size: 218184 BYTES
mbam-chameleon.scr File Size: 218184 BYTES
mbam-killer.exe File Size: 984648 BYTES FileVersion: 1.60.0.47
rundll32.exe File Size: 218184 BYTES
svchost.exe File Size: 218184 BYTES
winlogon.exe File Size: 218184 BYTES
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Languages
arabic.lng File Size: 21110 BYTES
belarusian.lng File Size: 26026 BYTES
bosnian.lng File Size: 26236 BYTES
bulgarian.lng File Size: 26678 BYTES
catalan.lng File Size: 27226 BYTES
chineseSI.lng File Size: 10642 BYTES
chineseTR.lng File Size: 11588 BYTES
croatian.lng File Size: 25844 BYTES
czech.lng File Size: 23894 BYTES
danish.lng File Size: 25750 BYTES
dutch.lng File Size: 27282 BYTES
english.lng File Size: 23742 BYTES
estonian.lng File Size: 24112 BYTES
finnish.lng File Size: 24990 BYTES
french.lng File Size: 28790 BYTES
german.lng File Size: 28870 BYTES
greek.lng File Size: 28316 BYTES
hebrew.lng File Size: 18714 BYTES
hungarian.lng File Size: 27548 BYTES
italian.lng File Size: 27186 BYTES
japanese.lng File Size: 15814 BYTES
korean.lng File Size: 13710 BYTES
latvian.lng File Size: 26208 BYTES
lithuanian.lng File Size: 26920 BYTES
macedonian.lng File Size: 27830 BYTES
norwegian.lng File Size: 24216 BYTES
polish.lng File Size: 25726 BYTES
portugueseBR.lng File Size: 27720 BYTES
portuguesePT.lng File Size: 28056 BYTES
romanian.lng File Size: 27308 BYTES
russian.lng File Size: 26352 BYTES
serbian.lng File Size: 25970 BYTES
slovak.lng File Size: 24752 BYTES
slovenian.lng File Size: 23998 BYTES
spanish.lng File Size: 29010 BYTES
swedish.lng File Size: 25132 BYTES
thai.lng File Size: 25190 BYTES
turkish.lng File Size: 25046 BYTES
vietnamese.lng File Size: 28574 BYTES
C:\Users\Keith\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware
C:\Users\Keith\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs
C:\Users\Keith\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware
mbam-setup.exe File Size: 10669952 BYTES FileVersion: 1.65.1.1000
rules.ref File Size: 6281208 BYTES
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Configuration
build.conf File Size: 140 BYTES
config.conf File Size: 3305 BYTES
custom.conf File Size: 20 BYTES
database.conf File Size: 432 BYTES
local.conf File Size: 728 BYTES
manifest.conf File Size: 545 BYTES
messaging.conf File Size: 1430 BYTES
news.conf File Size: 405 BYTES
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs
protection-log-2012-05-20.txt File Size: 3276 BYTES
protection-log-2012-05-21.txt File Size: 2656 BYTES
protection-log-2012-05-22.txt File Size: 3896 BYTES
protection-log-2012-05-24.txt File Size: 4072 BYTES
protection-log-2012-05-25.txt File Size: 1312 BYTES
protection-log-2012-06-02.txt File Size: 1868 BYTES
protection-log-2012-06-09.txt File Size: 1566 BYTES
protection-log-2012-06-13.txt File Size: 2656 BYTES
protection-log-2012-06-14.txt File Size: 2036 BYTES
protection-log-2012-06-15.txt File Size: 5646 BYTES
protection-log-2012-06-16.txt File Size: 910 BYTES
protection-log-2012-06-29.txt File Size: 2656 BYTES
protection-log-2012-07-02.txt File Size: 2036 BYTES
protection-log-2012-07-03.txt File Size: 2036 BYTES
protection-log-2012-07-04.txt File Size: 2036 BYTES
protection-log-2012-07-05.txt File Size: 2036 BYTES
protection-log-2012-07-06.txt File Size: 2162 BYTES
protection-log-2012-07-11.txt File Size: 1628 BYTES
protection-log-2012-07-12.txt File Size: 4198 BYTES
protection-log-2012-07-13.txt File Size: 2036 BYTES
protection-log-2012-07-16.txt File Size: 4692 BYTES
protection-log-2012-07-17.txt File Size: 620 BYTES
protection-log-2012-07-21.txt File Size: 2036 BYTES
protection-log-2012-07-28.txt File Size: 4784 BYTES
protection-log-2012-08-03.txt File Size: 918 BYTES
protection-log-2012-08-11.txt File Size: 1868 BYTES
protection-log-2012-08-15.txt File Size: 1240 BYTES
protection-log-2012-08-25.txt File Size: 1542 BYTES
protection-log-2012-08-27.txt File Size: 4806 BYTES
protection-log-2012-09-02.txt File Size: 2656 BYTES
protection-log-2012-09-07.txt File Size: 2036 BYTES
protection-log-2012-09-13.txt File Size: 3210 BYTES
protection-log-2012-09-22.txt File Size: 2976 BYTES
protection-log-2012-09-28.txt File Size: 3402 BYTES
protection-log-2012-10-06.txt File Size: 946 BYTES
protection-log-2012-10-10.txt File Size: 2188 BYTES
protection-log-2012-10-19.txt File Size: 2982 BYTES
protection-log-2012-10-27.txt File Size: 1868 BYTES
protection-log-2012-11-02.txt File Size: 6134 BYTES
protection-log-2012-11-03.txt File Size: 1090 BYTES
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine
===============================================================
END OF FILE
Windows not booting
in Malwarebytes for Windows Support Forum
Posted
Hello Oscar and thanks for the reply. I don't think that my computer is infected. I think that the last update to 1.65.1 1000 is faulty. I will contact the help desk.