Jump to content

*Protection Module Disabled on v1.65 update


Recommended Posts

Hi,

My protection module, (the Enable Filesystem protection and Enable Malicious Website blocking) do not seem to work. These two options are listed there but I cannot check them. Also, after the upgrade I had to re-check the "Start Protection Module with Windows". Which is checked and on now.

A couple of questions before troubleshooting:

1) Is my system protected now without those two items checked?? I have the others checked, (but not the "show tooltip balloon when malicious website is blocked")

2)a) I've noticed on other posts that people had to start their Terminal Services service to get the above working. Question, why does MBAM 1.65 need Terminal Services to work for this upgrade?? It didn't seem to need it in all previous versions. b) Could this be my problem too?? My terminal services is set to automatic, however it is "not" on (for security reasons It was turned off initially) and when I tried starting it, it did not start.

3) Could the protection Module problem be caused by my Microsoft Security Essentials?? I've had MSE installed for quite some time now and it has been working fine with MBAM prior to V1.65 upgrade.

4) My MBAM tray icon is Black not red. Is that because of the above problem?

My system: WinXP SP3

Any Help would be greatly appreciated!

Thanks so much for your help. Love your product!

Jeff

Link to post
Share on other sites

Hi, JeffR2: :)

Until an MBAM staffer arrives, yes, setting Terminal Services to Manual for XP has resolved the Protection Module issue for some, but not all, users.

If you can't enable the service, it could possibly be due to damage from an infection or other problem.

No, running MSE -- in and of itself -- shouldn't cause this problem. MBAM & MSE are fully compatible. It might help your system performance to set the mutual exclusions between them -- as explained >>HERE<< -- but I don't think it will impact the PM issue directly.

If turning on the PM modules from the UI (allowing up to 10 sec for the change to occur), enabling the Terminal services, and doing a couple of system reboots doesn't solve the PM issue for you, please post back with an mbam-check log and the 2 logs from DDS scanner.

They will only take a few minutes.

They will provide a bit of info for the MBAM staff to isolate the cause of your PM problem.

Instructions below.

Please post back with the mbam-check log, and both the DDS.txt and attach.txt (you can probably ignore the instructions to zip the attach.txt log).

If you can also include a couple of your latest protection logs, that would be great, too.

Thanks,

daledoc1

-----------------------------------

Step 1

Create an mbam-check log:

Download mbam-check.exe from HERE and save it to your desktop.

Double-click on mbam-check.exe to run it, it should then open a log file.

Please copy and paste the entire contents of the log into your next post, or, if you prefer, you may attach the CheckResults.txt file which should now be located on your desktop to your next post instead

Also,if you can, please also upload your 3 most recent Protection module logs:

In Windows XP, these logs are located in: C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs

Step 2

Download DDS from one of the locations below and save it to your Desktop:

dds.scr

dds.com

Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once it is downloaded, you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click dds.scr or dds.com to run the tool, on Vista or Win 7 right click and select Run as administrator

Click the Run button if prompted with an Open File - Security Warning dialog box.

A black DOS console should open and run for a moment.


  • When done, DDS will open two (2) logs:

    1. DDS.txt
    2. Attach.txt

  • Save both reports to your desktop
  • Please include the both of the following logs in your next reply: DDS.txt and Attach.txt
    You can ignore the note about zipping the Attach.txt file in most cases.

Link to post
Share on other sites

Thanks for the fast response!

I will double check the exclusions in my MSE. Should I add exclusions in MBAM for MSE? If so what files should I add?

I tried the 10 second wait. It did not work.

I will try the "Manual" setting for Terminal Services and see if I can jump "start" it that way and reboot a couple of times..

Thanks again!

Link to post
Share on other sites

(sorry don't know what happened to font size)

Thanks for the fast response!

I will double check the exclusions in my MSE. Should I add exclusions in MBAM for MSE? If so what files should I add?

I tried the 10 second wait. It did not work.

I will try the "Manual" setting for Terminal Services and see if I can jump "start" it that way and reboot a couple of times.

Thanks again!

Link to post
Share on other sites

Hi:

It can't hurt to add the exclusions -- instructions are in the FAQ link I provided; you'll want to add the new process, mbamscheduler.exe, too (the FAQ hasn't been updated yet to include that file).

Yes, do try to enable that service and reboot once or twice.

If none of that works, then please post back with the logs, as it's the fastest and most direct way to give the MBAM staff the data they need for a "surgical" fix for you.

Thanks for your patience,

daledoc1

Link to post
Share on other sites

Thanks much! Here's one of them. Others to follow

mbam-check result log version: 1.10.0.1000

Malwarebytes Version: REG_SZ 1.65.0.1400

Date Log Created: 09/13/12

Time Log Created: 00:01:56

32 bit Operating System

Product Name: REG_SZ Microsoft Windows XP

Current Build Number: 2600

Current Version Number: 5.1

Current CSDVersion: Service Pack 3

OS Product Info: Home Edition

Proxy Status: No proxy is Set

LAN Settings:

=============

No Settings are Set <--NOT DETECTING SETTING AUTOMATICALLY

SystemPartition:

================

HKEY_LOCAL_MACHINE\SYSTEM\Setup\

SystemPartition REG_SZ \Device\HarddiskVolume2

Balloon Tips Status:

====================

Enabled

Time Format Settings:

=====================

Should be:

h:mm:ss tt

AM

PM

:

Currently:

REG_SZ h:mm:ss tt

REG_SZ AM

REG_SZ PM

REG_SZ :

Language and Regional Settings:

===============================

ACP: Language is English (United States)

MACCP: Language is English (United States)

OEMCP: Language is English (United States)

Startup Folders for Error_Expanding_Variables Check:

====================================================

All Users Startup Folder Exists.

Current User's startup Folder Exists.

Terminal Services Status for (null) entries in PM logs and GetUserToken errors:

===============================================================================

TERMService:

==============

Type : 32

State : 1 (The service is not running.) (State is stopped)

WIN32_EXIT_CODE : 126

SERVICE_EXIT_CODE : 0

CHECKPOINT : 0

WAIT_HINT : 0

TermService Start is set to: 2 (Automatic Startup)

Compatibility Flag Settings (Any MBAM file listings should be removed):

=======================================================================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers

C:\WINDOWS\explorer.exe REG_SZ EnableNXShowUI

Malwarebytes Anti-Malware Shell Extension Block Check:

======================================================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked

MBAM Startup Entries:

=====================

Service and Driver Status:

==========================

MBAMProtector:

==============

Type : 2

State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)

WIN32_EXIT_CODE : 0

SERVICE_EXIT_CODE : 0

CHECKPOINT : 0

WAIT_HINT : 0

MBAMService:

==============

Type : 16

State : 4 (The service is running.)

WIN32_EXIT_CODE : 0

SERVICE_EXIT_CODE : 0

CHECKPOINT : 0

WAIT_HINT : 0

MBAMProtector Registry Values:

==============================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector

Type REG_DWORD 2

Start REG_DWORD 3

ErrorControl REG_DWORD 1

ImagePath REG_EXPAND_SZ \??\C:\WINDOWS\system32\drivers\mbam.sys

Group REG_SZ FSFilter Anti-Virus

DependOnService REG_MULTI_SZ FltMgr

DependOnGroup REG_DWORD 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances

DefaultInstance REG_SZ MBAMProtector Instance

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance

Altitude REG_SZ 328800

Flags REG_DWORD 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Security

Security REG_BINARY Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Enum

0 REG_SZ Root\LEGACY_MBAMPROTECTOR\0000

Count REG_DWORD 1

NextInstance REG_DWORD 1

MBAMService Registry Values:

============================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService

Type REG_DWORD 16

Start REG_DWORD 2

ErrorControl REG_DWORD 1

ImagePath REG_EXPAND_SZ "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe"

DependOnService REG_MULTI_SZ MBAMProtector

DependOnGroup REG_DWORD 0

ObjectName REG_SZ LocalSystem

Description REG_SZ Malwarebytes Anti-Malware service

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService\Security

Security REG_BINARY Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService\Enum

0 REG_SZ Root\LEGACY_MBAMSERVICE\0000

Count REG_DWORD 1

NextInstance REG_DWORD 1

MBAM DLL's and Runtime Files:

=============================

HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid

(Default): REG_SZ vbAccelerator Grid Control

HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid\Clsid

(Default): REG_SZ {C5DA1F2B-B2BF-4DFC-BC9A-439133543A67}

HKEY_CLASSES_ROOT\SSubTimer6.GSubclass

(Default): REG_SZ SSubTimer6.GSubclass

HKEY_CLASSES_ROOT\SSubTimer6.GSubclass\Clsid

(Default): REG_SZ {71A27032-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\SSubTimer6.CTimer

(Default): REG_SZ SSubTimer6.CTimer

HKEY_CLASSES_ROOT\SSubTimer6.CTimer\Clsid

(Default): REG_SZ {71A27034-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\SSubTimer6.ISubclass

(Default): REG_SZ SSubTimer6.ISubclass

HKEY_CLASSES_ROOT\SSubTimer6.ISubclass\Clsid

(Default): REG_SZ {71A2702F-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}

(Default): REG_SZ SSubTimer6.ISubclass

HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories

HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}

HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\ProgID

(Default): REG_SZ SSubTimer6.ISubclass

HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Programmable

HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\VERSION

(Default): REG_SZ 1.0

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}

(Default): REG_SZ SSubTimer6.GSubclass

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32

(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll

ThreadingModel REG_SZ Apartment

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\ProgID

(Default): REG_SZ SSubTimer6.GSubclass

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Programmable

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\VERSION

(Default): REG_SZ 1.0

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}

(Default): REG_SZ SSubTimer6.CTimer

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32

(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll

ThreadingModel REG_SZ Apartment

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\ProgID

(Default): REG_SZ SSubTimer6.CTimer

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Programmable

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\VERSION

(Default): REG_SZ 1.0

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1

(Default): REG_SZ vbAccelerator VB6 SGrid Control 2.0

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0\win32

(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\vbalsgrid6.ocx

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\FLAGS

(Default): REG_SZ 2

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\HELPDIR

(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0

(Default): REG_SZ vbAccelerator VB6 Subclassing and Timer Assistant (with configurable message response, multi-control support + timer bug fix)

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0\win32

(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\FLAGS

(Default): REG_SZ 0

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\HELPDIR

(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware

HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}

(Default): REG_SZ ISubclass

HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid

(Default): REG_SZ {00020424-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32

(Default): REG_SZ {00020424-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

Version REG_SZ 1.0

HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}

(Default): REG_SZ CTimer

HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid

(Default): REG_SZ {00020420-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32

(Default): REG_SZ {00020420-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

Version REG_SZ 1.0

HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}

(Default): REG_SZ vbalGrid

HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid

(Default): REG_SZ {00020420-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid32

(Default): REG_SZ {00020420-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\TypeLib

(Default): REG_SZ {DE8CE233-DD83-481D-844C-C07B96589D3A}

Version REG_SZ 1.1

MBAM Registry Settings and License Info:

========================================

HKEY_LOCAL_MACHINE\SOFTWARE\Malwarebytes' Anti-Malware

InstallPath REG_SZ C:\Program Files\Malwarebytes' Anti-Malware

Affiliate REG_SZ https://store.malwar...kout&cart=29945

dbversion REG_SZ v2012.09.13.01

programversion REG_SZ 1.65.0.1400

dbdate REG_SZ Thu, 13 Sep 2012 01:54:12 GMT

hidereg REG_DWORD 0

startipdisabled REG_DWORD 0

useproxy REG_DWORD 0

useauthentication REG_DWORD 0

advancedheuristics REG_DWORD 1

detectpup REG_DWORD 2

detectpum REG_DWORD 1

detectp2p REG_DWORD 2

updatewarn REG_DWORD 1

updatewarndays REG_DWORD 7

downloadprogram REG_DWORD 1

ID XXXXX This is hidden data.

Key XXXX-XXXX-XXXX-XXXX This is hidden data.

SchedulerQueue REG_MULTI_SZ 6148, 30144225, 2695164400, 1, 23 | 30249289, 1851307167

scanreboot REG_DWORD 0

notifyinstallprogram REG_DWORD 1

contextmenu REG_DWORD 1

reportthreats REG_DWORD 1

silentipmode REG_DWORD 1

trialpromptshown REG_DWORD 0

startwithwindows REG_DWORD 1

startfsdisabled REG_DWORD 0

HKEY_LOCAL_MACHINE\SOFTWARE\Malwarebytes' Anti-Malware\UUID

There is data here but it is hidden.

HKEY_CURRENT_USER\SOFTWARE\Malwarebytes' Anti-Malware

language REG_SZ english.lng

selectedrives REG_SZ C:\|D:\|F:\|G:\|H:\|I:\|J:\|

terminateie REG_DWORD 0

autosavelog REG_DWORD 1

openlog REG_DWORD 1

alwaysscanmemory REG_DWORD 1

alwaysscanregistry REG_DWORD 1

alwaysscanfiles REG_DWORD 1

alwaysscanheuristics REG_DWORD 1

alwaysscanstartups REG_DWORD 1

defaultscan REG_DWORD 0

HKEY_USERS\S-1-5-18\SOFTWARE\Malwarebytes' Anti-Malware

alwaysscanfiles REG_DWORD 1

alwaysscanheuristics REG_DWORD 1

alwaysscanmemory REG_DWORD 1

alwaysscanregistry REG_DWORD 1

alwaysscanstartups REG_DWORD 1

autosavelog REG_DWORD 1

openlog REG_DWORD 1

contextmenu REG_DWORD 1

defaultscan REG_DWORD 0

reportthreats REG_DWORD 1

terminateie REG_DWORD 0

startwithwindows REG_DWORD 1

startfsdisabled REG_DWORD 0

silentipmode REG_DWORD 0

trialpromptshown REG_DWORD 0

HKEY_USERS\.DEFAULT\SOFTWARE\Malwarebytes' Anti-Malware

alwaysscanfiles REG_DWORD 1

alwaysscanheuristics REG_DWORD 1

alwaysscanmemory REG_DWORD 1

alwaysscanregistry REG_DWORD 1

alwaysscanstartups REG_DWORD 1

autosavelog REG_DWORD 1

openlog REG_DWORD 1

contextmenu REG_DWORD 1

defaultscan REG_DWORD 0

reportthreats REG_DWORD 1

terminateie REG_DWORD 0

startwithwindows REG_DWORD 1

startfsdisabled REG_DWORD 0

silentipmode REG_DWORD 0

trialpromptshown REG_DWORD 0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1

Inno Setup: Setup Version REG_SZ 5.4.3 (a)

Inno Setup: App Path REG_SZ C:\Program Files\Malwarebytes' Anti-Malware

InstallLocation REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\

Inno Setup: Icon Group REG_SZ Malwarebytes' Anti-Malware

Inno Setup: User REG_SZ Jeffrey

Inno Setup: Selected Tasks REG_SZ desktopicon,quicklaunchicon

Inno Setup: Deselected Tasks REG_DWORD 0

Inno Setup: Language REG_SZ English

DisplayName REG_SZ Malwarebytes Anti-Malware version 1.65.0.1400

DisplayIcon REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

UninstallString REG_SZ "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

QuietUninstallString REG_SZ "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" /SILENT

DisplayVersion REG_SZ 1.65.0.1400

Publisher REG_SZ Malwarebytes Corporation

URLInfoAbout REG_SZ http://www.malwarebytes.org

NoModify REG_DWORD 1

NoRepair REG_DWORD 1

InstallDate REG_SZ 20120911

MajorVersion REG_DWORD 1

MinorVersion REG_DWORD 65

Scheduler Queue:

================

Scheduled Item: Update Schedule Options: | Daily | Random

Start Time: 2011-04-09 18:12 Repeating Every: 1 Recover if missed by: 23

Context Menu Entries:

=====================

HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\MBAMShlExt

(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\MBAMShlExt

(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt

(Default): REG_SZ MBAMShlExt Class

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CLSID

(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CurVer

(Default): REG_SZ MBAMExt.MBAMShlExt.1

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1

(Default): REG_SZ MBAMShlExt Class

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1\CLSID

(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}

(Default): REG_SZ IMBAMShlExt

HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid

(Default): REG_SZ {00020424-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid32

(Default): REG_SZ {00020424-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\TypeLib

(Default): REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}

Version REG_SZ 1.0

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}

(Default): REG_SZ MBAMShlExt Class

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32

(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll

ThreadingModel REG_SZ Apartment

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\ProgID

(Default): REG_SZ MBAMExt.MBAMShlExt.1

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\TypeLib

(Default): REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\VersionIndependentProgID

(Default): REG_SZ MBAMExt.MBAMShlExt

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0

(Default): REG_SZ MBAMExt 1.0 Type Library

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win32

(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS

(Default): REG_SZ 0

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR

(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\

MBAM Drivers:

=============

C:\WINDOWS\system32\drivers\mbam.sys File Size: 22856 BYTES FileVersion: 1.60.2.0

C:\WINDOWS\system32\drivers\mbamswissarmy.sys File Size: 40776 BYTES FileVersion: 1.60.0.0

Required Dependencies:

======================

fltmgr:

==============

Type : 2

State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)

WIN32_EXIT_CODE : 0

SERVICE_EXIT_CODE : 0

CHECKPOINT : 0

WAIT_HINT : 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr

Type REG_DWORD 2

Start REG_DWORD 0

ErrorControl REG_DWORD 1

Tag REG_DWORD 1

ImagePath REG_EXPAND_SZ system32\drivers\fltmgr.sys

DisplayName REG_SZ FltMgr

Group REG_SZ FSFilter Infrastructure

Description REG_SZ File System Filter Manager Driver

AttachWhenLoaded REG_DWORD 1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Security

Security REG_BINARY Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum

0 REG_SZ Root\LEGACY_FLTMGR\0000

Count REG_DWORD 1

NextInstance REG_DWORD 1

C:\WINDOWS\system32\drivers\fltmgr.sys File Size: 129792 BYTES FileVersion: 5.1.2600.5512

C:\WINDOWS\system32\comctl32.ocx File Size: 608448 BYTES FileVersion: 6.0.81.5

C:\WINDOWS\system32\mscomctl.ocx File Size: 1066176 BYTES FileVersion: 6.0.88.62

C:\WINDOWS\system32\olepro32.dll File Size: 84992 BYTES FileVersion: 5.1.2600.5512

List of MBAM Related Directories:

=================================

C:\Program Files\Malwarebytes' Anti-Malware

changes.rtf File Size: 785 BYTES

changes.txt File Size: 2780 BYTES

license.txt File Size: 11141 BYTES

mbam.chm File Size: 582708 BYTES

mbam.dll File Size: 499784 BYTES FileVersion: 1.65.0.0

mbam.exe File Size: 981656 BYTES FileVersion: 1.62.0.140

mbamcore.dll File Size: 1089608 BYTES FileVersion: 1.62.0.0

mbamext.dll File Size: 80968 BYTES FileVersion: 1.61.0.0

mbamgui.exe File Size: 766536 BYTES FileVersion: 1.65.0.0

mbamnet.dll File Size: 2168392 BYTES FileVersion: 1.62.0.0

mbampt.exe File Size: 40008 BYTES FileVersion: 1.61.0.0

mbamscheduler.exe File Size: 399432 BYTES FileVersion: 1.65.0.0

mbamservice.exe File Size: 676936 BYTES FileVersion: 1.65.0.0

ssubtmr6.dll File Size: 46416 BYTES FileVersion: 1.1.0.3

unins000.dat File Size: 91649 BYTES

unins000.exe File Size: 711240 BYTES FileVersion: 51.52.0.0

unins000.msg File Size: 10550 BYTES

vbalsgrid6.ocx File Size: 496976 BYTES FileVersion: 2.0.0.40

C:\Program Files\Malwarebytes' Anti-Malware\Chameleon

chameleon.chm File Size: 186068 BYTES

firefox.com File Size: 218696 BYTES

firefox.exe File Size: 218696 BYTES

firefox.pif File Size: 218696 BYTES

firefox.scr File Size: 218696 BYTES

iexplore.exe File Size: 218696 BYTES

mbam-chameleon.com File Size: 218696 BYTES

mbam-chameleon.exe File Size: 218696 BYTES

mbam-chameleon.pif File Size: 218696 BYTES

mbam-chameleon.scr File Size: 218696 BYTES

mbam-killer.exe File Size: 984648 BYTES FileVersion: 1.60.0.47

rundll32.exe File Size: 218696 BYTES

svchost.exe File Size: 218696 BYTES

winlogon.exe File Size: 218696 BYTES

C:\Program Files\Malwarebytes' Anti-Malware\Languages

arabic.lng File Size: 21110 BYTES

belarusian.lng File Size: 26026 BYTES

bosnian.lng File Size: 26236 BYTES

bulgarian.lng File Size: 26678 BYTES

catalan.lng File Size: 27226 BYTES

chineseSI.lng File Size: 10642 BYTES

chineseTR.lng File Size: 11588 BYTES

croatian.lng File Size: 25844 BYTES

czech.lng File Size: 23894 BYTES

danish.lng File Size: 25750 BYTES

dutch.lng File Size: 27282 BYTES

english.lng File Size: 23742 BYTES

estonian.lng File Size: 24112 BYTES

finnish.lng File Size: 24990 BYTES

french.lng File Size: 28790 BYTES

german.lng File Size: 28870 BYTES

greek.lng File Size: 28316 BYTES

hebrew.lng File Size: 18714 BYTES

hungarian.lng File Size: 27548 BYTES

italian.lng File Size: 27186 BYTES

japanese.lng File Size: 15814 BYTES

korean.lng File Size: 13710 BYTES

latvian.lng File Size: 26208 BYTES

lithuanian.lng File Size: 26920 BYTES

macedonian.lng File Size: 27830 BYTES

norwegian.lng File Size: 24216 BYTES

polish.lng File Size: 25726 BYTES

portugueseBR.lng File Size: 27720 BYTES

portuguesePT.lng File Size: 28056 BYTES

romanian.lng File Size: 27308 BYTES

russian.lng File Size: 26352 BYTES

serbian.lng File Size: 25970 BYTES

slovak.lng File Size: 24752 BYTES

slovenian.lng File Size: 23998 BYTES

spanish.lng File Size: 29010 BYTES

swedish.lng File Size: 25132 BYTES

thai.lng File Size: 25190 BYTES

turkish.lng File Size: 25046 BYTES

vietnamese.lng File Size: 28574 BYTES

C:\Documents and Settings\Jeffrey\Application Data\Malwarebytes\Malwarebytes' Anti-Malware

C:\Documents and Settings\Jeffrey\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs

mbam-log-2011-04-09 (06-09-26).txt File Size: 897 BYTES

mbam-log-2011-04-09 (06-10-39).txt File Size: 883 BYTES

mbam-log-2011-04-10 (03-24-45).txt File Size: 898 BYTES

mbam-log-2011-04-10 (21-45-07).txt File Size: 2250 BYTES

mbam-log-2011-04-12 (01-40-01).txt File Size: 898 BYTES

mbam-log-2011-04-13 (18-45-36).txt File Size: 906 BYTES

mbam-log-2011-04-13 (19-44-34).txt File Size: 1921 BYTES

mbam-log-2011-04-14 (04-38-29).txt File Size: 898 BYTES

mbam-log-2011-04-16 (20-43-11).txt File Size: 879 BYTES

mbam-log-2011-04-16 (23-49-04).txt File Size: 2597 BYTES

mbam-log-2011-04-18 (01-05-18).txt File Size: 880 BYTES

mbam-log-2011-04-18 (01-41-12).txt File Size: 880 BYTES

mbam-log-2011-04-18 (01-43-20).txt File Size: 880 BYTES

mbam-log-2011-04-18 (01-43-46).txt File Size: 880 BYTES

mbam-log-2011-04-18 (01-44-09).txt File Size: 879 BYTES

mbam-log-2011-04-18 (01-44-33).txt File Size: 879 BYTES

mbam-log-2011-04-18 (01-58-52).txt File Size: 881 BYTES

mbam-log-2011-04-18 (01-59-32).txt File Size: 880 BYTES

mbam-log-2011-04-18 (02-03-47).txt File Size: 897 BYTES

mbam-log-2011-04-18 (02-09-17).txt File Size: 898 BYTES

mbam-log-2011-04-18 (03-17-57).txt File Size: 892 BYTES

mbam-log-2011-04-24 (04-33-50).txt File Size: 898 BYTES

mbam-log-2011-05-01 (04-45-22).txt File Size: 897 BYTES

mbam-log-2011-05-11 (19-37-46).txt File Size: 2221 BYTES

mbam-log-2011-05-19 (03-46-58).txt File Size: 893 BYTES

mbam-log-2011-05-19 (06-19-21).txt File Size: 880 BYTES

mbam-log-2011-05-27 (05-59-21).txt File Size: 880 BYTES

mbam-log-2011-05-27 (05-59-53).txt File Size: 880 BYTES

mbam-log-2011-05-27 (06-02-16).txt File Size: 881 BYTES

mbam-log-2011-05-28 (05-28-41).txt File Size: 897 BYTES

mbam-log-2011-06-12 (01-00-40).txt File Size: 880 BYTES

mbam-log-2011-06-12 (01-02-36).txt File Size: 898 BYTES

mbam-log-2011-06-15 (12-04-09).txt File Size: 899 BYTES

mbam-log-2011-06-15 (12-04-54).txt File Size: 881 BYTES

mbam-log-2011-06-15 (12-12-29).txt File Size: 898 BYTES

mbam-log-2011-06-20 (04-58-16).txt File Size: 880 BYTES

mbam-log-2011-06-27 (02-40-45).txt File Size: 898 BYTES

mbam-log-2011-06-28 (22-05-14).txt File Size: 894 BYTES

mbam-log-2011-06-28 (22-05-38).txt File Size: 880 BYTES

mbam-log-2011-07-06 (04-17-47).txt File Size: 891 BYTES

mbam-log-2011-07-12 (03-39-19).txt File Size: 2782 BYTES

mbam-log-2011-07-19 (05-39-29).txt File Size: 880 BYTES

mbam-log-2011-07-25 (02-38-49).txt File Size: 880 BYTES

mbam-log-2011-07-25 (03-36-08).txt File Size: 892 BYTES

mbam-log-2011-07-25 (04-35-10).txt File Size: 892 BYTES

mbam-log-2011-08-05 (01-53-54).txt File Size: 2840 BYTES

mbam-log-2011-08-09 (00-40-56).txt File Size: 880 BYTES

mbam-log-2011-08-11 (03-04-08).txt File Size: 893 BYTES

mbam-log-2011-08-11 (03-58-26).txt File Size: 892 BYTES

mbam-log-2011-08-12 (23-57-48).txt File Size: 899 BYTES

mbam-log-2011-08-15 (17-08-19).txt File Size: 897 BYTES

mbam-log-2011-08-15 (20-05-09).txt File Size: 2676 BYTES

mbam-log-2011-08-18 (02-51-38).txt File Size: 892 BYTES

mbam-log-2011-09-02 (01-24-03).txt File Size: 2679 BYTES

mbam-log-2011-09-10 (05-32-29).txt File Size: 895 BYTES

mbam-log-2011-09-13 (00-46-09).txt File Size: 902 BYTES

mbam-log-2011-09-18 (03-31-50).txt File Size: 2680 BYTES

mbam-log-2011-10-07 (03-38-52).txt File Size: 896 BYTES

mbam-log-2011-10-07 (03-41-52).txt File Size: 883 BYTES

mbam-log-2011-10-07 (03-54-12).txt File Size: 896 BYTES

mbam-log-2011-10-07 (19-06-27).txt File Size: 898 BYTES

mbam-log-2011-10-15 (03-47-27).txt File Size: 896 BYTES

mbam-log-2011-10-15 (04-00-20).txt File Size: 897 BYTES

mbam-log-2011-10-15 (04-52-09).txt File Size: 897 BYTES

mbam-log-2011-10-15 (05-09-17).txt File Size: 898 BYTES

mbam-log-2011-10-23 (16-44-54).txt File Size: 897 BYTES

mbam-log-2011-10-23 (23-36-09).txt File Size: 898 BYTES

mbam-log-2011-10-24 (04-05-42).txt File Size: 884 BYTES

mbam-log-2011-11-01 (22-51-46).txt File Size: 897 BYTES

mbam-log-2011-11-02 (04-45-05).txt File Size: 895 BYTES

mbam-log-2011-11-02 (04-46-08).txt File Size: 884 BYTES

mbam-log-2011-11-02 (04-46-49).txt File Size: 882 BYTES

mbam-log-2011-11-10 (04-24-05).txt File Size: 896 BYTES

mbam-log-2011-11-10 (17-39-47).txt File Size: 897 BYTES

mbam-log-2011-11-11 (00-25-28).txt File Size: 898 BYTES

mbam-log-2011-11-11 (00-38-44).txt File Size: 885 BYTES

mbam-log-2011-11-11 (00-39-22).txt File Size: 884 BYTES

mbam-log-2011-11-11 (00-42-01).txt File Size: 884 BYTES

mbam-log-2011-11-11 (00-43-53).txt File Size: 890 BYTES

mbam-log-2011-11-11 (00-45-50).txt File Size: 885 BYTES

mbam-log-2011-11-19 (04-16-43).txt File Size: 2681 BYTES

mbam-log-2011-11-28 (00-34-36).txt File Size: 904 BYTES

mbam-log-2011-11-28 (01-08-57).txt File Size: 902 BYTES

mbam-log-2011-12-04 (05-04-52).txt File Size: 895 BYTES

mbam-log-2011-12-05 (03-04-06).txt File Size: 896 BYTES

mbam-log-2011-12-10 (23-35-02).txt File Size: 885 BYTES

mbam-log-2011-12-11 (03-48-31).txt File Size: 884 BYTES

mbam-log-2011-12-18 (04-43-39).txt File Size: 897 BYTES

mbam-log-2011-12-22 (00-22-25).txt File Size: 903 BYTES

mbam-log-2011-12-22 (01-06-47).txt File Size: 901 BYTES

mbam-log-2011-12-22 (01-52-16).txt File Size: 902 BYTES

mbam-log-2011-12-22 (02-19-10).txt File Size: 901 BYTES

mbam-log-2011-12-22 (03-00-52).txt File Size: 902 BYTES

mbam-log-2011-12-22 (03-13-25).txt File Size: 888 BYTES

mbam-log-2011-12-30 (03-01-48).txt File Size: 1936 BYTES

mbam-log-2012-01-06 (06-08-26).txt File Size: 1898 BYTES

mbam-log-2012-01-10 (02-19-39).txt File Size: 1902 BYTES

mbam-log-2012-01-10 (02-48-20).txt File Size: 1902 BYTES

mbam-log-2012-01-12 (02-06-02).txt File Size: 3378 BYTES

mbam-log-2012-01-31 (21-44-02).txt File Size: 1934 BYTES

mbam-log-2012-02-08 (23-24-55).txt File Size: 5750 BYTES

mbam-log-2012-02-12 (03-06-05).txt File Size: 1934 BYTES

mbam-log-2012-03-09 (00-31-54).txt File Size: 1940 BYTES

mbam-log-2012-03-09 (01-38-14).txt File Size: 1932 BYTES

mbam-log-2012-03-09 (01-50-22).txt File Size: 1930 BYTES

mbam-log-2012-03-20 (15-23-29).txt File Size: 6320 BYTES

mbam-log-2012-04-04 (23-22-35).txt File Size: 1930 BYTES

mbam-log-2012-04-05 (00-04-51).txt File Size: 1934 BYTES

mbam-log-2012-04-30 (23-11-38).txt File Size: 1944 BYTES

mbam-log-2012-05-02 (18-05-55).txt File Size: 4332 BYTES

mbam-log-2012-06-29 (16-27-05).txt File Size: 4598 BYTES

mbam-log-2012-07-29 (05-17-41).txt File Size: 1934 BYTES

mbam-log-2012-07-29 (20-31-54).txt File Size: 1984 BYTES

mbam-log-2012-07-29 (20-33-21).txt File Size: 4660 BYTES

mbam-log-2012-09-11 (22-03-16).txt File Size: 1946 BYTES

C:\Documents and Settings\Jeffrey\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine

===============================================================

END OF FILE

Link to post
Share on other sites

Thank you! Btw logs have been sent to you

Here:

SERVICE_NAME: TERMSERVICE

TYPE : 20 WIN32_SHARE_PROCESS

START_TYPE : 3 DEMAND_START

ERROR_CONTROL : 1 NORMAL

BINARY_PATH_NAME : C:\WINDOWS\System32\svchost -k DComLaunch

LOAD_ORDER_GROUP :

TAG : 0

DISPLAY_NAME : Terminal Services

DEPENDENCIES : RPCSS

SERVICE_START_NAME : LocalSystem

SERVICE_NAME: TERMSERVICE

TYPE : 20 WIN32_SHARE_PROCESS

STATE : 1 STOPPED

(NOT_STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)

WIN32_EXIT_CODE : 126 (0x7e)

SERVICE_EXIT_CODE : 0 (0x0)

CHECKPOINT : 0x0

WAIT_HINT : 0x0

PID : 0

FLAGS :

Link to post
Share on other sites

  • Root Admin

I do not see any logs. Might be best to open a Help Desk ticket and reference this topic and ask for me.

http://forums.malwarebytes.org/index.php?showtopic=115760

http://www.malwarebytes.org/contact_consumer/

You probably need to have some more in depth work performed that we don't do here on the General forum.

Thanks

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.