CharlesG

That doesn't sound like the target a malware writer would want to attack, while at the same time letting the other DLL/OCX register and the scan run. I scanned with MBAM, Avira, Dr.Web and PandaOnline and the scans were clean (except for Dr. Web and Panda reporting some false positives in uninstalled software). I had been having serious registry problems a few weeks ago with regsvr32 failing and jscript and vbscript not working. They were cured by running a script like yours, except it applied to the entire registry. See: Solving setup errors by using the SubInACL tool I think my original problem was caused by changing my Windows username (the real one, not the login one). I successfully changed all references to it in registry keys, but I had an old QuickTime installed whose ownership was the old name. As a result, a lot of keys for filetypes and scripting now had owners who didn't exist, so the keys couldn't be deleted or modified. The SubInACL script fixed all that, but perhaps the original problem -- or the extreme cure -- created some other issues. I finally succeeded in registering MBAMext by brute force. I examined the registry on another machine that had a successful installation of MBAM 1.27. I exported all the registry keys related to MBAMext and added them to my machine's registry. The MBAM scan context menu item now works. [small suggestion: the log would be improved if it included the pathname of the folder or file scanned.] I have attached the REG files to this post in a ZIP archive in case others will find them helpful. Thanks for you help and for the great product! MBAMextReg.zip MBAMextReg.zip

Will do. Can you tell me whether the mbamext.dll needs to be registered in order for scans to be valid? The program did perform the scans, and I could post the logs. Thanks

Sorry, my mistake. It was 1.30 and I downloaded it from this site.

The other two files registered; mbamext didn't. When I then attempted to register mbamext.dll using regsvr32, the error message return code was 0x80040154, which Winerror.h says is: //MessageId: REGDB_E_CLASSNOTREG // // MessageText: // // Class not registered Before installation of 1.75 the MBAMext keys didn't exist. Even after I installed 1.75 (by clicking ignore when I got the "failed to register" message), the mbamext keys didn't exist. However, the scanner seemed to run without problems and completed its log. (I did both a quick and a full scan.) I then created the two MBAMext keys and ran the two related subinacl commands. These just added the RESTRICTED group and changed the owner from my username (which is an administrator) to the administrators group. (I'm not sure the RESTRICTED group means anything, since I'm running XP SP2.) I again attempted to register mbamext.dll using regsvr32, but the error message return code was still 0x80040154. That seemed logical as the MBAMext keys that I created don't have clsid subkeys. I hope this will help you debug the problem. I don't know how the class ID system works, but if the numbers are the same for all installations, perhaps you could supply a reg file so the registration could be done manually. Also, can you confirm whether MBAMext.dll needs to be registered just for scanning? Thanks for your help.

Here's an uninfected copy of the file, plus the MB fp report, and the VirusTotal report (0/36). (The latter is for motivation. ) Good luck! FPtoReport_mbam_log_8_15_2008__15_55_17_.txt PDF417Encoder.zip FPtoReport_mbam_VirusTotal.pdf FPtoReport_mbam_log_8_15_2008__15_55_17_.txt PDF417Encoder.zip FPtoReport_mbam_VirusTotal.pdf

I have the very same problem on XP SP2 on one of my machines. On another, also XP SP2, v1.24 installs without a hitch. Here's what I've learned that may be helpful: 1. When the installation halted because it was unable to register mbamext.dll, I told it to ignore the error. It then continued to install flawlessly. It was able to complete a full scan. All that mbamext.dll appears to do -- when it is registered -- is provide a right-click context menu entry for scanning with Malwarebytes. 2. On a forum for a different product with the same problem, the cause for one person was lack of permission to modify the registry key(s) involved. Make sure you are logged in with admin privileges, but even that won't be enough if the registry key(s) permissions have been changed to restrict access. Perhaps someone from Malwarebytes would be kind enough to tell us which keys should be checked -- or better yet, post a reg file and instructions for manually registering mbamext.dll, if that's possible.