Jump to content

Malware Bytes runs for only 1 second


Recommended Posts

mbam-check result log version: 2.0.0.1000

 

Malwarebytes Version: REG_SZ 1.75.0.1300

 

Date Log Created: 07/27/13

Time Log Created: 20:09:53

 

User Account type: Administrator

 

32 bit Operating System

 

Product Name: REG_SZ Windows Vista Home Premium

 

Current Build Number: 6002

 

Current Version Number: 6.0

 

Current CSDVersion: Service Pack 2

 

Proxy Status: No proxy is Set

 

Proxy Override: 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\

ProxyOverride REG_SZ *.local

 

LAN Settings:

=============

 

No Settings are Set <--NOT DETECTING SETTING AUTOMATICALLY

 

SystemPartition:

================

 

HKEY_LOCAL_MACHINE\SYSTEM\Setup\

SystemPartition REG_SZ \Device\HarddiskVolume3

 

Balloon Tips Status:

====================

 

Enabled

 

Time Format Settings:

=====================

 

Should be:

h:mm:ss tt

AM 

PM 

:

 

Currently:

REG_SZ h:mm:ss tt

REG_SZ AM

REG_SZ PM

REG_SZ :

 

Language and Regional Settings:

===============================

 

ACP: Language is English (United States)

MACCP: Language is English (United States)

OEMCP: Language is English (United States)

 

Startup Folders for Error_Expanding_Variables Check:

====================================================

 

All Users Startup Folder Exists.

Current User's Startup Folder Exists.

 

 

Terminal Services Status for (null) entries in PM logs and GetUserToken errors:

===============================================================================

 

TERMService:

==============

Type : 32

State : 1 (The service is not running.) (State is stopped)

WIN32_EXIT_CODE : 1077

SERVICE_EXIT_CODE : 0

CHECKPOINT : 0

WAIT_HINT : 0

 

 

TermService Start is set to: 4 (Disabled) <-- TERMSERVICE SHOULD NOT BE DISABLED

 

Compatibility Flag Settings (Any MBAM file listings should be removed):

=======================================================================

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers

C:\Program Files\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exeREG_SZ ELEVATECREATEPROCESS

SIGN=1D66A78 Welcome.exe      REG_SZ WINXPSP2

C:\Program Files\DVDFab 8\DVDFab.exeREG_SZ DisableNXShowUI

C:\Program Files\DVDFab 8\Options\DVDFabDVD2DVD.exeREG_SZ DisableNXShowUI

C:\Program Files\DVDFab 8\Options\DVDFabDVD2Mobile.exeREG_SZ DisableNXShowUI

C:\Program Files\DVDFab 8\Options\DVDFabBluRay2BluRay.exeREG_SZ DisableNXShowUI

C:\Program Files\DVDFab 8\Options\DVDFabFile2Mobile.exeREG_SZ DisableNXShowUI

C:\Program Files\DVDFab 8\Options\DVDFabFileMover.exeREG_SZ DisableNXShowUI

SIGN=3E30DFC5 EASetup.exe     REG_SZ WINXPSP2

C:\Users\Mike\AppData\Local\temp\7zO8893.tmp\WRT54GS Setup Wizard.exeREG_SZ WINXPSP2

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers

SIGN=87A6AE AutoRun.exe       REG_SZ ELEVATECREATEPROCESS

 

 

 

Malwarebytes Anti-Malware Shell Extension Block Check:

======================================================

 

 

 

MBAM Startup Entries: 

=====================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

 

Service and Driver Status:

==========================

 

MBAMProtector:

==============

Type : 2

State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)

WIN32_EXIT_CODE : 0

SERVICE_EXIT_CODE : 0

CHECKPOINT : 0

WAIT_HINT : 0

 

 

MBAMService:

==============

Type : 16

State : 4 (The service is running.)

WIN32_EXIT_CODE : 0

SERVICE_EXIT_CODE : 0

CHECKPOINT : 0

WAIT_HINT : 0

 

 

MBAMScheduler:

==============

Type : 16

State : 4 (The service is running.)

WIN32_EXIT_CODE : 0

SERVICE_EXIT_CODE : 0

CHECKPOINT : 0

WAIT_HINT : 0

 

 

<--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon

 

 

MBAMProtector Registry Values:

==============================

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector

Type                          REG_DWORD 2

Start                         REG_DWORD 3

ErrorControl                  REG_DWORD 1

ImagePath                     REG_EXPAND_SZ \??\C:\Windows\system32\drivers\mbam.sys

Group                         REG_SZ FSFilter Anti-Virus

DependOnService               REG_MULTI_SZ FltMgr

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances

DefaultInstance               REG_SZ MBAMProtector Instance

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance

Altitude                      REG_SZ 328800

Flags                         REG_DWORD 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Enum

0                             REG_SZ Root\LEGACY_MBAMPROTECTOR\0000

Count                         REG_DWORD 1

NextInstance                  REG_DWORD 1

MBAMService Registry Values:

============================

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService

Type                          REG_DWORD 16

Start                         REG_DWORD 2

ErrorControl                  REG_DWORD 1

ImagePath                     REG_EXPAND_SZ "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe"

DependOnService               REG_MULTI_SZ MBAMProtector

 

ObjectName                    REG_SZ LocalSystem

Description                   REG_SZ Malwarebytes Anti-Malware service

DelayedAutostart              REG_DWORD 0

MBAMScheduler Registry Values:

==============================

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler

Type                          REG_DWORD 16

Start                         REG_DWORD 2

ErrorControl                  REG_DWORD 1

ImagePath                     REG_EXPAND_SZ "C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe"

ObjectName                    REG_SZ LocalSystem

Description                   REG_SZ Malwarebytes Anti-Malware scheduler

 

MBAM DLL's and Runtime Files:

=============================

 

HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid

(Default):                    REG_SZ vbAccelerator Grid Control

HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid\Clsid

(Default):                    REG_SZ {C5DA1F2B-B2BF-4DFC-BC9A-439133543A67}

 

HKEY_CLASSES_ROOT\SSubTimer6.GSubclass

(Default):                    REG_SZ SSubTimer6.GSubclass

HKEY_CLASSES_ROOT\SSubTimer6.GSubclass\Clsid

(Default):                    REG_SZ {71A27032-C7D8-11D2-BEF8-525400DFB47A}

 

HKEY_CLASSES_ROOT\SSubTimer6.CTimer

(Default):                    REG_SZ SSubTimer6.CTimer

HKEY_CLASSES_ROOT\SSubTimer6.CTimer\Clsid

(Default):                    REG_SZ {71A27034-C7D8-11D2-BEF8-525400DFB47A}

 

HKEY_CLASSES_ROOT\SSubTimer6.ISubclass

(Default):                    REG_SZ SSubTimer6.ISubclass

HKEY_CLASSES_ROOT\SSubTimer6.ISubclass\Clsid

(Default):                    REG_SZ {71A2702F-C7D8-11D2-BEF8-525400DFB47A}

 

 

 

HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}

(Default):                    REG_SZ SSubTimer6.ISubclass

HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories

HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}

HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\ProgID

(Default):                    REG_SZ SSubTimer6.ISubclass

HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Programmable

HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default):                    REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\VERSION

(Default):                    REG_SZ 1.0

 

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}

(Default):                    REG_SZ SSubTimer6.GSubclass

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32

(Default):                    REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll

ThreadingModel                REG_SZ Apartment

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\ProgID

(Default):                    REG_SZ SSubTimer6.GSubclass

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Programmable

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default):                    REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\VERSION

(Default):                    REG_SZ 1.0

 

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}

(Default):                    REG_SZ SSubTimer6.CTimer

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32

(Default):                    REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll

ThreadingModel                REG_SZ Apartment

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\ProgID

(Default):                    REG_SZ SSubTimer6.CTimer

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Programmable

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default):                    REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\VERSION

(Default):                    REG_SZ 1.0

 

 

 

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1

(Default):                    REG_SZ vbAccelerator VB6 SGrid Control 2.0

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0\win32

(Default):                    REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\vbalsgrid6.ocx

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\FLAGS

(Default):                    REG_SZ 2

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\HELPDIR

(Default):                    REG_SZ C:\Program Files\Malwarebytes' Anti-Malware

 

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0

(Default):                    REG_SZ vbAccelerator VB6 Subclassing and Timer Assistant (with configurable message response, multi-control support + timer bug fix)

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0\win32

(Default):                    REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\FLAGS

(Default):                    REG_SZ 0

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\HELPDIR

(Default):                    REG_SZ C:\Program Files\Malwarebytes' Anti-Malware

 

HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}

(Default):                    REG_SZ ISubclass

HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid

(Default):                    REG_SZ {00020424-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32

(Default):                    REG_SZ {00020424-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default):                    REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

Version                       REG_SZ 1.0

 

HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}

(Default):                    REG_SZ CTimer

HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid

(Default):                    REG_SZ {00020420-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32

(Default):                    REG_SZ {00020420-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default):                    REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

Version                       REG_SZ 1.0

 

HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}

(Default):                    REG_SZ vbalGrid

HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid

(Default):                    REG_SZ {00020420-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid32

(Default):                    REG_SZ {00020420-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\TypeLib

(Default):                    REG_SZ {DE8CE233-DD83-481D-844C-C07B96589D3A}

Version                       REG_SZ 1.1

 

MBAM Registry Settings and License Info:

========================================

 

HKEY_LOCAL_MACHINE\SOFTWARE\Malwarebytes' Anti-Malware

advancedheuristics            REG_DWORD 1

downloadprogram               REG_DWORD 1

hidereg                       REG_DWORD 0

detectp2p                     REG_DWORD 0

detectpum                     REG_DWORD 1

detectpup                     REG_DWORD 2

updatewarn                    REG_DWORD 1

updatewarndays                REG_DWORD 7

useproxy                      REG_DWORD 0

useauthentication             REG_DWORD 0

contextmenu                   REG_DWORD 1

reportthreats                 REG_DWORD 1

startwithwindows              REG_DWORD 1

startfsdisabled               REG_DWORD 0

startipdisabled               REG_DWORD 0

silentipmode                  REG_DWORD 0

autoquarantine                REG_DWORD 1

notifyinstallprogram          REG_DWORD 1

trialpromptshown              REG_DWORD 1

autoquarantinenotify          REG_DWORD 1

alwaysscanarchives            REG_DWORD 1

InstallPath                   REG_SZ C:\Program Files\Malwarebytes' Anti-Malware

dbdate                        REG_SZ Sat, 27 Jul 2013 22:47:31 GMT

dbversion                     REG_SZ v2013.07.27.07

programversion                REG_SZ 1.75.0.1300

programbuild                  REG_SZ consumer

trialended                    REG_DWORD 0

SchedulerQueue                REG_MULTI_SZ 6148, 30312984, 4241568736, 1, 23 | 30313255, 312964929

 

 

HKEY_LOCAL_MACHINE\SOFTWARE\Malwarebytes' Anti-Malware (Trial)

TrialId                       There is data here but it is hidden.

StartDate                     REG_SZ Sat, 27 Jul 2013 01:15:14 UTC

EndDate                       REG_SZ Sat, 10 Aug 2013 01:15:14 UTC

 

HKEY_CURRENT_USER\SOFTWARE\Malwarebytes' Anti-Malware

alwaysscanfiles               REG_DWORD 1

alwaysscanheuristics          REG_DWORD 1

alwaysscanmemory              REG_DWORD 1

alwaysscanregistry            REG_DWORD 1

alwaysscanstartups            REG_DWORD 1

autosavelog                   REG_DWORD 1

openlog                       REG_DWORD 1

defaultscan                   REG_DWORD 0

terminateie                   REG_DWORD 0

Language                      REG_SZ English.lng

selectedrives                 REG_SZ C:\|

HKEY_USERS\S-1-5-18\SOFTWARE\Malwarebytes' Anti-Malware

alwaysscanfiles               REG_DWORD 1

alwaysscanheuristics          REG_DWORD 1

alwaysscanmemory              REG_DWORD 1

alwaysscanregistry            REG_DWORD 1

alwaysscanstartups            REG_DWORD 1

autosavelog                   REG_DWORD 1

openlog                       REG_DWORD 1

defaultscan                   REG_DWORD 0

terminateie                   REG_DWORD 0

HKEY_USERS\.DEFAULT\SOFTWARE\Malwarebytes' Anti-Malware

alwaysscanfiles               REG_DWORD 1

alwaysscanheuristics          REG_DWORD 1

alwaysscanmemory              REG_DWORD 1

alwaysscanregistry            REG_DWORD 1

alwaysscanstartups            REG_DWORD 1

autosavelog                   REG_DWORD 1

openlog                       REG_DWORD 1

defaultscan                   REG_DWORD 0

terminateie                   REG_DWORD 0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1

Inno Setup: Setup Version     REG_SZ 5.5.3-dev (a)

Inno Setup: App Path          REG_SZ C:\Program Files\Malwarebytes' Anti-Malware

InstallLocation               REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\

Inno Setup: Icon Group        REG_SZ Malwarebytes' Anti-Malware

Inno Setup: User              REG_SZ Mike

Inno Setup: Selected Tasks    REG_SZ desktopicon

Inno Setup: Deselected Tasks  REG_SZ quicklaunchicon

Inno Setup: Language          REG_SZ English

DisplayName                   REG_SZ Malwarebytes Anti-Malware version 1.75.0.1300

DisplayIcon                   REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

UninstallString               REG_SZ "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

QuietUninstallString          REG_SZ "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" /SILENT

DisplayVersion                REG_SZ 1.75.0.1300

Publisher                     REG_SZ Malwarebytes Corporation

URLInfoAbout                  REG_SZ http://www.malwarebytes.org

NoModify                      REG_DWORD 1

NoRepair                      REG_DWORD 1

InstallDate                   REG_SZ 20130727

MajorVersion                  REG_DWORD 1

MinorVersion                  REG_DWORD 75

 

Pending File Rename Operations: 

================================

If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.

 

Scheduler Queue:

================

 

Scheduled Item: Update Schedule Options: | Daily | Random

Start Time: 2013-07-26 15:58 Repeating Every: 1 Recover if missed by: 23

 

 

 

Context Menu Entries:

=====================

 

HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\MBAMShlExt

(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

 

HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\MBAMShlExt

(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

 

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt

(Default):                    REG_SZ MBAMShlExt Class

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CLSID

(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CurVer

(Default):                    REG_SZ MBAMExt.MBAMShlExt.1

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1

(Default):                    REG_SZ MBAMShlExt Class

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1\CLSID

(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

 

 

HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}

(Default):                    REG_SZ IMBAMShlExt

HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid

(Default):                    REG_SZ {00020424-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid32

(Default):                    REG_SZ {00020424-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\TypeLib

(Default):                    REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}

Version                       REG_SZ 1.0

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}

(Default):                    REG_SZ MBAMShlExt Class

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32

(Default):                    REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll

ThreadingModel                REG_SZ Apartment

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\ProgID

(Default):                    REG_SZ MBAMExt.MBAMShlExt.1

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\TypeLib

(Default):                    REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\VersionIndependentProgID

(Default):                    REG_SZ MBAMExt.MBAMShlExt

 

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0

(Default):                    REG_SZ MBAMExt 1.0 Type Library

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win32

(Default):                    REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS

(Default):                    REG_SZ 0

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR

(Default):                    REG_SZ C:\Program Files\Malwarebytes' Anti-Malware

 

 

 

MBAM Drivers:

=============

 

C:\Windows\system32\drivers\mbam.sys File Size: 22856     BYTES FileVersion: 1.60.2.0

C:\Windows\system32\drivers\mbamswissarmy.sys File Size: 40776     BYTES FileVersion: 1.60.0.0

 

 

Required Dependencies:

======================

 

BFE:

==============

Type : 32

State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)

WIN32_EXIT_CODE : 0

SERVICE_EXIT_CODE : 0

CHECKPOINT : 0

WAIT_HINT : 0

 

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE

DisplayName                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1001

Group                         REG_SZ NetworkProvider

ImagePath                     REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork

Description                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1002

ObjectName                    REG_SZ NT AUTHORITY\LocalService

ErrorControl                  REG_DWORD 1

Start                         REG_DWORD 2

Type                          REG_DWORD 32

DependOnService               REG_MULTI_SZ RpcSs

 

ServiceSidType                REG_DWORD 3

RequiredPrivileges            REG_MULTI_SZ SeAuditPrivilege

SeImpersonatePrivilege

 

FailureActions                REG_BINARY Binary Data

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters

ServiceDll                    REG_EXPAND_SZ %SystemRoot%\System32\bfe.dll

ServiceDllUnloadOnStop        REG_DWORD 1

ServiceMain                   REG_SZ BfeServiceMain

 

fltmgr:

==============

Type : 2

State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)

WIN32_EXIT_CODE : 0

SERVICE_EXIT_CODE : 0

CHECKPOINT : 0

WAIT_HINT : 0

 

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr

AttachWhenLoaded              REG_DWORD 1

DisplayName                   REG_SZ FltMgr

Group                         REG_SZ FSFilter Infrastructure

ImagePath                     REG_EXPAND_SZ system32\drivers\fltmgr.sys

Description                   REG_SZ File System Filter Manager Driver

ErrorControl                  REG_DWORD 3

Start                         REG_DWORD 0

Tag                           REG_DWORD 1

Type                          REG_DWORD 2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum

0                             REG_SZ Root\LEGACY_FLTMGR\0000

Count                         REG_DWORD 1

NextInstance                  REG_DWORD 1

C:\Windows\system32\drivers\fltmgr.sys File Size: 190424    BYTES FileVersion: 6.0.6002.18005

C:\Windows\system32\comctl32.ocx File Size: 608448    BYTES FileVersion: 6.0.81.5

C:\Windows\system32\mscomctl.ocx File Size: 1070352   BYTES FileVersion: 6.1.98.33

C:\Windows\system32\olepro32.dll File Size: 88576     BYTES FileVersion: 6.0.6002.18005

 

 

List of MBAM Related Directories:

=================================

 

C:\Program Files\Malwarebytes' Anti-Malware

7z.dll                         File Size:    914432 BYTES FileVersion: 9.20.0.0

changes.txt                   File Size:       200 BYTES

license.rtf                   File Size:     17916 BYTES

mbam.chm                       File Size:    474148 BYTES

mbam.dll                       File Size:    527944 BYTES FileVersion: 1.70.0.0

mbam.exe                       File Size:    887432 BYTES FileVersion: 1.75.0.1

mbamcore.dll                   File Size:   1127496 BYTES FileVersion: 1.70.0.0

mbamext.dll                   File Size:     80968 BYTES FileVersion: 1.70.0.0

mbamgui.exe                   File Size:    532040 BYTES FileVersion: 1.70.0.0

mbamnet.dll                   File Size:   2191944 BYTES FileVersion: 1.70.0.0

mbampt.exe                     File Size:     40008 BYTES FileVersion: 1.70.0.0

mbamscheduler.exe             File Size:    418376 BYTES FileVersion: 1.70.0.0

mbamservice.exe               File Size:    701512 BYTES FileVersion: 1.70.0.0

ssubtmr6.dll                   File Size:     46416 BYTES FileVersion: 1.1.0.3

unins000.dat                   File Size:     14894 BYTES

unins000.exe                   File Size:    712264 BYTES FileVersion: 51.52.0.0

unins000.msg                   File Size:     11277 BYTES

vbalsgrid6.ocx                 File Size:    496976 BYTES FileVersion: 2.0.0.40

 

C:\Program Files\Malwarebytes' Anti-Malware\Chameleon

chameleon.chm                 File Size:    186068 BYTES

firefox.com                   File Size:    218184 BYTES

firefox.exe                   File Size:    218184 BYTES

firefox.pif                   File Size:    218184 BYTES

firefox.scr                   File Size:    218184 BYTES

iexplore.exe                   File Size:    218184 BYTES

mbam-chameleon.com             File Size:    218184 BYTES

mbam-chameleon.exe             File Size:    218184 BYTES

mbam-chameleon.pif             File Size:    218184 BYTES

mbam-chameleon.scr             File Size:    218184 BYTES

mbam-killer.exe               File Size:    896072 BYTES

rundll32.exe                   File Size:    218184 BYTES

svchost.exe                   File Size:    218184 BYTES

winlogon.exe                   File Size:    218184 BYTES

 

C:\Program Files\Malwarebytes' Anti-Malware\Languages

arabic.lng                     File Size:     21894 BYTES

belarusian.lng                 File Size:     26884 BYTES

bosnian.lng                   File Size:     27108 BYTES

bulgarian.lng                 File Size:     27574 BYTES

catalan.lng                   File Size:     28252 BYTES

chineseSI.lng                 File Size:     11024 BYTES

chineseTR.lng                 File Size:     11952 BYTES

croatian.lng                   File Size:     26670 BYTES

czech.lng                     File Size:     24874 BYTES

danish.lng                     File Size:     26582 BYTES

dutch.lng                     File Size:     28342 BYTES

english.lng                   File Size:     24542 BYTES

estonian.lng                   File Size:     25146 BYTES

finnish.lng                   File Size:     25950 BYTES

french.lng                     File Size:     29830 BYTES

german.lng                     File Size:     29894 BYTES

greek.lng                     File Size:     29300 BYTES

hebrew.lng                     File Size:     19362 BYTES

hungarian.lng                 File Size:     28666 BYTES

indonesian.lng                 File Size:     26854 BYTES

italian.lng                   File Size:     28194 BYTES

japanese.lng                   File Size:     16266 BYTES

korean.lng                     File Size:     14188 BYTES

latvian.lng                   File Size:     27100 BYTES

lithuanian.lng                 File Size:     27838 BYTES

norwegian.lng                 File Size:     25116 BYTES

polish.lng                     File Size:     26644 BYTES

portugueseBR.lng               File Size:     28654 BYTES

portuguesePT.lng               File Size:     29062 BYTES

romanian.lng                   File Size:     28290 BYTES

russian.lng                   File Size:     27302 BYTES

serbian.lng                   File Size:     26804 BYTES

slovak.lng                     File Size:     25644 BYTES

slovenian.lng                 File Size:     24852 BYTES

spanish.lng                   File Size:     30060 BYTES

swedish.lng                   File Size:     25992 BYTES

thai.lng                       File Size:     26092 BYTES

turkish.lng                   File Size:     25876 BYTES

vietnamese.lng                 File Size:     29528 BYTES

 

C:\Users\Mike\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware

 

C:\Users\Mike\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs

 

C:\Users\Mike\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine

 

C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware

rules.ref                     File Size:   6860893 BYTES

 

C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Configuration

build.conf                     File Size:       140 BYTES

config.conf                   File Size:      4076 BYTES

custom.conf                   File Size:        20 BYTES

database.conf                 File Size:       432 BYTES

html.conf                     File Size:      2904 BYTES

local.conf                     File Size:       674 BYTES

manifest.conf                 File Size:      1752 BYTES

messaging.conf                 File Size:      1430 BYTES

news.conf                     File Size:       272 BYTES

 

C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs

protection-log-2013-07-26.txt File Size:      2418 BYTES

protection-log-2013-07-27.txt File Size:      7470 BYTES

 

C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine

 

===============================================================

END OF FILE
Link to post
Share on other sites

mbam-check result log version: 2.0.0.1000

 

Malwarebytes Version: REG_SZ 1.75.0.1300

 

Date Log Created: 07/28/13

Time Log Created: 06:43:13

 

User Account type: Administrator

 

32 bit Operating System

 

Product Name: REG_SZ Windows Vista Home Premium

 

Current Build Number: 6002

 

Current Version Number: 6.0

 

Current CSDVersion: Service Pack 2

 

Proxy Status: No proxy is Set

 

Proxy Override: 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\

ProxyOverride REG_SZ *.local

 

LAN Settings:

=============

 

No Settings are Set <--NOT DETECTING SETTING AUTOMATICALLY

 

SystemPartition:

================

 

HKEY_LOCAL_MACHINE\SYSTEM\Setup\

SystemPartition REG_SZ \Device\HarddiskVolume3

 

Balloon Tips Status:

====================

 

Enabled

 

Time Format Settings:

=====================

 

Should be:

h:mm:ss tt

AM 

PM 

:

 

Currently:

REG_SZ h:mm:ss tt

REG_SZ AM

REG_SZ PM

REG_SZ :

 

Language and Regional Settings:

===============================

 

ACP: Language is English (United States)

MACCP: Language is English (United States)

OEMCP: Language is English (United States)

 

Startup Folders for Error_Expanding_Variables Check:

====================================================

 

All Users Startup Folder Exists.

Current User's Startup Folder Exists.

 

 

Terminal Services Status for (null) entries in PM logs and GetUserToken errors:

===============================================================================

 

TERMService:

==============

Type : 32

State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)

WIN32_EXIT_CODE : 0

SERVICE_EXIT_CODE : 0

CHECKPOINT : 0

WAIT_HINT : 0

 

 

TermService Start is set to: 2 (Automatic Startup)

 

Compatibility Flag Settings (Any MBAM file listings should be removed):

=======================================================================

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers

C:\Program Files\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exeREG_SZ ELEVATECREATEPROCESS

SIGN=1D66A78 Welcome.exe      REG_SZ WINXPSP2

C:\Program Files\DVDFab 8\DVDFab.exeREG_SZ DisableNXShowUI

C:\Program Files\DVDFab 8\Options\DVDFabDVD2DVD.exeREG_SZ DisableNXShowUI

C:\Program Files\DVDFab 8\Options\DVDFabDVD2Mobile.exeREG_SZ DisableNXShowUI

C:\Program Files\DVDFab 8\Options\DVDFabBluRay2BluRay.exeREG_SZ DisableNXShowUI

C:\Program Files\DVDFab 8\Options\DVDFabFile2Mobile.exeREG_SZ DisableNXShowUI

C:\Program Files\DVDFab 8\Options\DVDFabFileMover.exeREG_SZ DisableNXShowUI

SIGN=3E30DFC5 EASetup.exe     REG_SZ WINXPSP2

C:\Users\Mike\AppData\Local\temp\7zO8893.tmp\WRT54GS Setup Wizard.exeREG_SZ WINXPSP2

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers

SIGN=87A6AE AutoRun.exe       REG_SZ ELEVATECREATEPROCESS

 

 

 

Malwarebytes Anti-Malware Shell Extension Block Check:

======================================================

 

 

 

MBAM Startup Entries: 

=====================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

 

Service and Driver Status:

==========================

 

MBAMProtector:

==============

Type : 2

State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)

WIN32_EXIT_CODE : 0

SERVICE_EXIT_CODE : 0

CHECKPOINT : 0

WAIT_HINT : 0

 

 

MBAMService:

==============

Type : 16

State : 4 (The service is running.)

WIN32_EXIT_CODE : 0

SERVICE_EXIT_CODE : 0

CHECKPOINT : 0

WAIT_HINT : 0

 

 

MBAMScheduler:

==============

Type : 16

State : 4 (The service is running.)

WIN32_EXIT_CODE : 0

SERVICE_EXIT_CODE : 0

CHECKPOINT : 0

WAIT_HINT : 0

 

 

<--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon

 

 

MBAMProtector Registry Values:

==============================

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector

Type                          REG_DWORD 2

Start                         REG_DWORD 3

ErrorControl                  REG_DWORD 1

ImagePath                     REG_EXPAND_SZ \??\C:\Windows\system32\drivers\mbam.sys

Group                         REG_SZ FSFilter Anti-Virus

DependOnService               REG_MULTI_SZ FltMgr

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances

DefaultInstance               REG_SZ MBAMProtector Instance

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance

Altitude                      REG_SZ 328800

Flags                         REG_DWORD 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Enum

0                             REG_SZ Root\LEGACY_MBAMPROTECTOR\0000

Count                         REG_DWORD 1

NextInstance                  REG_DWORD 1

MBAMService Registry Values:

============================

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService

Type                          REG_DWORD 16

Start                         REG_DWORD 2

ErrorControl                  REG_DWORD 1

ImagePath                     REG_EXPAND_SZ "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe"

DependOnService               REG_MULTI_SZ MBAMProtector

 

ObjectName                    REG_SZ LocalSystem

Description                   REG_SZ Malwarebytes Anti-Malware service

DelayedAutostart              REG_DWORD 0

MBAMScheduler Registry Values:

==============================

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler

Type                          REG_DWORD 16

Start                         REG_DWORD 2

ErrorControl                  REG_DWORD 1

ImagePath                     REG_EXPAND_SZ "C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe"

ObjectName                    REG_SZ LocalSystem

Description                   REG_SZ Malwarebytes Anti-Malware scheduler

 

MBAM DLL's and Runtime Files:

=============================

 

HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid

(Default):                    REG_SZ vbAccelerator Grid Control

HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid\Clsid

(Default):                    REG_SZ {C5DA1F2B-B2BF-4DFC-BC9A-439133543A67}

 

HKEY_CLASSES_ROOT\SSubTimer6.GSubclass

(Default):                    REG_SZ SSubTimer6.GSubclass

HKEY_CLASSES_ROOT\SSubTimer6.GSubclass\Clsid

(Default):                    REG_SZ {71A27032-C7D8-11D2-BEF8-525400DFB47A}

 

HKEY_CLASSES_ROOT\SSubTimer6.CTimer

(Default):                    REG_SZ SSubTimer6.CTimer

HKEY_CLASSES_ROOT\SSubTimer6.CTimer\Clsid

(Default):                    REG_SZ {71A27034-C7D8-11D2-BEF8-525400DFB47A}

 

HKEY_CLASSES_ROOT\SSubTimer6.ISubclass

(Default):                    REG_SZ SSubTimer6.ISubclass

HKEY_CLASSES_ROOT\SSubTimer6.ISubclass\Clsid

(Default):                    REG_SZ {71A2702F-C7D8-11D2-BEF8-525400DFB47A}

 

 

 

HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}

(Default):                    REG_SZ SSubTimer6.ISubclass

HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories

HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}

HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\ProgID

(Default):                    REG_SZ SSubTimer6.ISubclass

HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Programmable

HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default):                    REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\VERSION

(Default):                    REG_SZ 1.0

 

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}

(Default):                    REG_SZ SSubTimer6.GSubclass

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32

(Default):                    REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll

ThreadingModel                REG_SZ Apartment

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\ProgID

(Default):                    REG_SZ SSubTimer6.GSubclass

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Programmable

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default):                    REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\VERSION

(Default):                    REG_SZ 1.0

 

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}

(Default):                    REG_SZ SSubTimer6.CTimer

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32

(Default):                    REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll

ThreadingModel                REG_SZ Apartment

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\ProgID

(Default):                    REG_SZ SSubTimer6.CTimer

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Programmable

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default):                    REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\VERSION

(Default):                    REG_SZ 1.0

 

 

 

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1

(Default):                    REG_SZ vbAccelerator VB6 SGrid Control 2.0

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0\win32

(Default):                    REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\vbalsgrid6.ocx

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\FLAGS

(Default):                    REG_SZ 2

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\HELPDIR

(Default):                    REG_SZ C:\Program Files\Malwarebytes' Anti-Malware

 

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0

(Default):                    REG_SZ vbAccelerator VB6 Subclassing and Timer Assistant (with configurable message response, multi-control support + timer bug fix)

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0\win32

(Default):                    REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\FLAGS

(Default):                    REG_SZ 0

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\HELPDIR

(Default):                    REG_SZ C:\Program Files\Malwarebytes' Anti-Malware

 

HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}

(Default):                    REG_SZ ISubclass

HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid

(Default):                    REG_SZ {00020424-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32

(Default):                    REG_SZ {00020424-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default):                    REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

Version                       REG_SZ 1.0

 

HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}

(Default):                    REG_SZ CTimer

HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid

(Default):                    REG_SZ {00020420-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32

(Default):                    REG_SZ {00020420-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default):                    REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

Version                       REG_SZ 1.0

 

HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}

(Default):                    REG_SZ vbalGrid

HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid

(Default):                    REG_SZ {00020420-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid32

(Default):                    REG_SZ {00020420-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\TypeLib

(Default):                    REG_SZ {DE8CE233-DD83-481D-844C-C07B96589D3A}

Version                       REG_SZ 1.1

 

MBAM Registry Settings and License Info:

========================================

 

HKEY_LOCAL_MACHINE\SOFTWARE\Malwarebytes' Anti-Malware

advancedheuristics            REG_DWORD 1

downloadprogram               REG_DWORD 1

hidereg                       REG_DWORD 0

detectp2p                     REG_DWORD 0

detectpum                     REG_DWORD 1

detectpup                     REG_DWORD 2

updatewarn                    REG_DWORD 1

updatewarndays                REG_DWORD 7

useproxy                      REG_DWORD 0

useauthentication             REG_DWORD 0

contextmenu                   REG_DWORD 1

reportthreats                 REG_DWORD 1

startwithwindows              REG_DWORD 1

startfsdisabled               REG_DWORD 0

startipdisabled               REG_DWORD 0

silentipmode                  REG_DWORD 0

autoquarantine                REG_DWORD 1

notifyinstallprogram          REG_DWORD 1

trialpromptshown              REG_DWORD 1

autoquarantinenotify          REG_DWORD 1

alwaysscanarchives            REG_DWORD 1

InstallPath                   REG_SZ C:\Program Files\Malwarebytes' Anti-Malware

dbdate                        REG_SZ Sun, 28 Jul 2013 11:22:36 GMT

dbversion                     REG_SZ v2013.07.28.03

programversion                REG_SZ 1.75.0.1300

programbuild                  REG_SZ consumer

trialended                    REG_DWORD 0

SchedulerQueue                REG_MULTI_SZ 6148, 30312984, 4241568736, 1, 23 | 30313255, 312964929

 

 

HKEY_LOCAL_MACHINE\SOFTWARE\Malwarebytes' Anti-Malware (Trial)

TrialId                       There is data here but it is hidden.

StartDate                     REG_SZ Sat, 27 Jul 2013 01:15:14 UTC

EndDate                       REG_SZ Sat, 10 Aug 2013 01:15:14 UTC

 

HKEY_CURRENT_USER\SOFTWARE\Malwarebytes' Anti-Malware

alwaysscanfiles               REG_DWORD 1

alwaysscanheuristics          REG_DWORD 1

alwaysscanmemory              REG_DWORD 1

alwaysscanregistry            REG_DWORD 1

alwaysscanstartups            REG_DWORD 1

autosavelog                   REG_DWORD 1

openlog                       REG_DWORD 1

defaultscan                   REG_DWORD 0

terminateie                   REG_DWORD 0

Language                      REG_SZ English.lng

selectedrives                 REG_SZ C:\|

HKEY_USERS\S-1-5-18\SOFTWARE\Malwarebytes' Anti-Malware

alwaysscanfiles               REG_DWORD 1

alwaysscanheuristics          REG_DWORD 1

alwaysscanmemory              REG_DWORD 1

alwaysscanregistry            REG_DWORD 1

alwaysscanstartups            REG_DWORD 1

autosavelog                   REG_DWORD 1

openlog                       REG_DWORD 1

defaultscan                   REG_DWORD 0

terminateie                   REG_DWORD 0

HKEY_USERS\.DEFAULT\SOFTWARE\Malwarebytes' Anti-Malware

alwaysscanfiles               REG_DWORD 1

alwaysscanheuristics          REG_DWORD 1

alwaysscanmemory              REG_DWORD 1

alwaysscanregistry            REG_DWORD 1

alwaysscanstartups            REG_DWORD 1

autosavelog                   REG_DWORD 1

openlog                       REG_DWORD 1

defaultscan                   REG_DWORD 0

terminateie                   REG_DWORD 0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1

Inno Setup: Setup Version     REG_SZ 5.5.3-dev (a)

Inno Setup: App Path          REG_SZ C:\Program Files\Malwarebytes' Anti-Malware

InstallLocation               REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\

Inno Setup: Icon Group        REG_SZ Malwarebytes' Anti-Malware

Inno Setup: User              REG_SZ Mike

Inno Setup: Selected Tasks    REG_SZ desktopicon

Inno Setup: Deselected Tasks  REG_SZ quicklaunchicon

Inno Setup: Language          REG_SZ English

DisplayName                   REG_SZ Malwarebytes Anti-Malware version 1.75.0.1300

DisplayIcon                   REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

UninstallString               REG_SZ "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

QuietUninstallString          REG_SZ "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" /SILENT

DisplayVersion                REG_SZ 1.75.0.1300

Publisher                     REG_SZ Malwarebytes Corporation

URLInfoAbout                  REG_SZ http://www.malwarebytes.org

NoModify                      REG_DWORD 1

NoRepair                      REG_DWORD 1

InstallDate                   REG_SZ 20130727

MajorVersion                  REG_DWORD 1

MinorVersion                  REG_DWORD 75

 

Pending File Rename Operations: 

================================

If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.

 

Scheduler Queue:

================

 

Scheduled Item: Update Schedule Options: | Daily | Random

Start Time: 2013-07-26 15:58 Repeating Every: 1 Recover if missed by: 23

 

 

 

Context Menu Entries:

=====================

 

HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\MBAMShlExt

(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

 

HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\MBAMShlExt

(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

 

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt

(Default):                    REG_SZ MBAMShlExt Class

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CLSID

(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CurVer

(Default):                    REG_SZ MBAMExt.MBAMShlExt.1

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1

(Default):                    REG_SZ MBAMShlExt Class

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1\CLSID

(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

 

 

HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}

(Default):                    REG_SZ IMBAMShlExt

HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid

(Default):                    REG_SZ {00020424-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid32

(Default):                    REG_SZ {00020424-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\TypeLib

(Default):                    REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}

Version                       REG_SZ 1.0

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}

(Default):                    REG_SZ MBAMShlExt Class

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32

(Default):                    REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll

ThreadingModel                REG_SZ Apartment

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\ProgID

(Default):                    REG_SZ MBAMExt.MBAMShlExt.1

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\TypeLib

(Default):                    REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\VersionIndependentProgID

(Default):                    REG_SZ MBAMExt.MBAMShlExt

 

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0

(Default):                    REG_SZ MBAMExt 1.0 Type Library

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win32

(Default):                    REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS

(Default):                    REG_SZ 0

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR

(Default):                    REG_SZ C:\Program Files\Malwarebytes' Anti-Malware

 

 

 

MBAM Drivers:

=============

 

C:\Windows\system32\drivers\mbam.sys File Size: 22856     BYTES FileVersion: 1.60.2.0

C:\Windows\system32\drivers\mbamswissarmy.sys File Size: 40776     BYTES FileVersion: 1.60.0.0

 

 

Required Dependencies:

======================

 

BFE:

==============

Type : 32

State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)

WIN32_EXIT_CODE : 0

SERVICE_EXIT_CODE : 0

CHECKPOINT : 0

WAIT_HINT : 0

 

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE

DisplayName                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1001

Group                         REG_SZ NetworkProvider

ImagePath                     REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork

Description                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1002

ObjectName                    REG_SZ NT AUTHORITY\LocalService

ErrorControl                  REG_DWORD 1

Start                         REG_DWORD 2

Type                          REG_DWORD 32

DependOnService               REG_MULTI_SZ RpcSs

 

ServiceSidType                REG_DWORD 3

RequiredPrivileges            REG_MULTI_SZ SeAuditPrivilege

SeImpersonatePrivilege

 

FailureActions                REG_BINARY Binary Data

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters

ServiceDll                    REG_EXPAND_SZ %SystemRoot%\System32\bfe.dll

ServiceDllUnloadOnStop        REG_DWORD 1

ServiceMain                   REG_SZ BfeServiceMain

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime\Filter

{dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY Binary Data

 

{0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY Binary Data

 

{12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY Binary Data

 

{c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY Binary Data

 

{0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY Binary Data

 

{074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY Binary Data

 

{c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY Binary Data

 

{a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY Binary Data

 

{0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY Binary Data

 

{2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY Binary Data

 

{2729ee66-d21e-4f00-b440-b11f9e8b1bc4}REG_BINARY Binary Data

 

{a5f7f5de-ff63-4626-bb95-a6b1c6ec65d0}REG_BINARY Binary Data

 

{7e07c361-3d1a-4c91-ba62-8553922c464b}REG_BINARY Binary Data

 

{a78018b0-7397-45e7-886d-2fc6e7a878cf}REG_BINARY Binary Data

 

{0aa8b2a7-d8e6-4574-8b79-5389071e8fa2}REG_BINARY Binary Data

 

{790018f5-8e05-4a78-88ac-ebc35a2e5ee5}REG_BINARY Binary Data

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Callout

{22001ee0-8e87-4f75-ba58-248f5918a63a}REG_BINARY Binary Data

 

{79f2a265-b693-4cc9-b480-cbcd87bd4747}REG_BINARY Binary Data

 

{c4b50f21-503e-4d7a-abd4-ed0a823a2453}REG_BINARY Binary Data

 

{91e902db-2cef-4040-b8e2-02fe4fd49c25}REG_BINARY Binary Data

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Filter

{dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY Binary Data

 

{f444c576-6e60-4ea2-9faa-80d57ed12cd2}REG_BINARY Binary Data

 

{0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY Binary Data

 

{12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY Binary Data

 

{c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY Binary Data

 

{0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY Binary Data

 

{4d9581d2-aef8-4993-84cd-b986ced80d42}REG_BINARY Binary Data

 

{be7cbdf4-b192-4aa5-94f8-1fb5c5ee07bc}REG_BINARY Binary Data

 

{716b48eb-0a35-4a76-92ab-1d987230d288}REG_BINARY Binary Data

 

{1165065e-4996-4338-abaf-4b8556b4d431}REG_BINARY Binary Data

 

{07a24961-a760-4e80-b263-6d275e1b09cb}REG_BINARY Binary Data

 

{5b0cb2e2-ab87-4974-9f1c-2f22a654eeb9}REG_BINARY Binary Data

 

{b6b2ca61-fb98-4422-adc2-e7cf56b3680c}REG_BINARY Binary Data

 

{0aa7fff8-919f-453c-928c-28a12122ba38}REG_BINARY Binary Data

 

{074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY Binary Data

 

{c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY Binary Data

 

{a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY Binary Data

 

{0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY Binary Data

 

{91ffecf0-0a9e-4572-95f1-a7111af86967}REG_BINARY Binary Data

 

{64e55933-15a5-495d-a928-ccca43d44875}REG_BINARY Binary Data

 

{13bfd422-6f75-4408-8924-9400ec0cb19c}REG_BINARY Binary Data

 

{cbfb56db-3c85-4543-9bc2-76ea28cdd74e}REG_BINARY Binary Data

 

{2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY Binary Data

 

{375fb39b-08c6-40f2-bdf2-08fa63f970a2}REG_BINARY Binary Data

 

{3cd72f71-3c6e-49fd-b77c-4e58456a8d7a}REG_BINARY Binary Data

 

{55208d43-d432-42a7-a38a-c3d2a6461f78}REG_BINARY Binary Data

 

{25434595-0231-4312-81d8-e3e7e2cb81e3}REG_BINARY Binary Data

 

{76e819cb-d317-4f73-af11-ee05d19211c5}REG_BINARY Binary Data

 

{877a423b-9710-4a3e-beb6-0a8cfebdc642}REG_BINARY Binary Data

 

{b232d62d-7510-4cff-94a1-7fa9f3353a3f}REG_BINARY Binary Data

 

{2729ee66-d21e-4f00-b440-b11f9e8b1bc4}REG_BINARY Binary Data

 

{a5f7f5de-ff63-4626-bb95-a6b1c6ec65d0}REG_BINARY Binary Data

 

{7e07c361-3d1a-4c91-ba62-8553922c464b}REG_BINARY Binary Data

 

{a78018b0-7397-45e7-886d-2fc6e7a878cf}REG_BINARY Binary Data

 

{0aa8b2a7-d8e6-4574-8b79-5389071e8fa2}REG_BINARY Binary Data

 

{790018f5-8e05-4a78-88ac-ebc35a2e5ee5}REG_BINARY Binary Data

 

{56b4fdc4-bb4e-4c42-a9d8-f627ee15ac21}REG_BINARY Binary Data

 

{1ba41ed8-151d-4577-9272-317856bc637c}REG_BINARY Binary Data

 

{9248d57e-f843-4159-807d-3813173e2096}REG_BINARY Binary Data

 

{4658cd86-525d-44ed-98a5-791a7b8655f1}REG_BINARY Binary Data

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Provider

{decc16ca-3f33-4346-be1e-8fb4ae0f3d62}REG_BINARY Binary Data

 

{4b153735-1049-4480-aab4-d1b9bdc03710}REG_BINARY Binary Data

 

{1bebc969-61a5-4732-a177-847a0817862a}REG_BINARY Binary Data

 

{aa6a7d87-7f8f-4d2a-be53-fda555cd5fe3}REG_BINARY Binary Data

 

{839cd73f-1907-49ea-9aa5-0e6be9048087}REG_BINARY Binary Data

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\SubLayer

{b3cdd441-af90-41ba-a745-7c6008ff2300}REG_BINARY Binary Data

 

{b3cdd441-af90-41ba-a745-7c6008ff2301}REG_BINARY Binary Data

 

{8c36b346-4e0c-4049-8b55-5295ac35567c}REG_BINARY Binary Data

 

fltmgr:

==============

Type : 2

State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)

WIN32_EXIT_CODE : 0

SERVICE_EXIT_CODE : 0

CHECKPOINT : 0

WAIT_HINT : 0

 

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr

AttachWhenLoaded              REG_DWORD 1

DisplayName                   REG_SZ FltMgr

Group                         REG_SZ FSFilter Infrastructure

ImagePath                     REG_EXPAND_SZ system32\drivers\fltmgr.sys

Description                   REG_SZ File System Filter Manager Driver

ErrorControl                  REG_DWORD 3

Start                         REG_DWORD 0

Tag                           REG_DWORD 1

Type                          REG_DWORD 2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum

0                             REG_SZ Root\LEGACY_FLTMGR\0000

Count                         REG_DWORD 1

NextInstance                  REG_DWORD 1

C:\Windows\system32\drivers\fltmgr.sys File Size: 190424    BYTES FileVersion: 6.0.6002.18005

C:\Windows\system32\comctl32.ocx File Size: 608448    BYTES FileVersion: 6.0.81.5

C:\Windows\system32\mscomctl.ocx File Size: 1070352   BYTES FileVersion: 6.1.98.33

C:\Windows\system32\olepro32.dll File Size: 88576     BYTES FileVersion: 6.0.6002.18005

 

 

List of MBAM Related Directories:

=================================

 

C:\Program Files\Malwarebytes' Anti-Malware

7z.dll                         File Size:    914432 BYTES FileVersion: 9.20.0.0

changes.txt                   File Size:       200 BYTES

license.rtf                   File Size:     17916 BYTES

mbam.chm                       File Size:    474148 BYTES

mbam.dll                       File Size:    527944 BYTES FileVersion: 1.70.0.0

mbam.exe                       File Size:    887432 BYTES FileVersion: 1.75.0.1

mbamcore.dll                   File Size:   1127496 BYTES FileVersion: 1.70.0.0

mbamext.dll                   File Size:     80968 BYTES FileVersion: 1.70.0.0

mbamgui.exe                   File Size:    532040 BYTES FileVersion: 1.70.0.0

mbamnet.dll                   File Size:   2191944 BYTES FileVersion: 1.70.0.0

mbampt.exe                     File Size:     40008 BYTES FileVersion: 1.70.0.0

mbamscheduler.exe             File Size:    418376 BYTES FileVersion: 1.70.0.0

mbamservice.exe               File Size:    701512 BYTES FileVersion: 1.70.0.0

ssubtmr6.dll                   File Size:     46416 BYTES FileVersion: 1.1.0.3

unins000.dat                   File Size:     14894 BYTES

unins000.exe                   File Size:    712264 BYTES FileVersion: 51.52.0.0

unins000.msg                   File Size:     11277 BYTES

vbalsgrid6.ocx                 File Size:    496976 BYTES FileVersion: 2.0.0.40

 

C:\Program Files\Malwarebytes' Anti-Malware\Chameleon

chameleon.chm                 File Size:    186068 BYTES

firefox.com                   File Size:    218184 BYTES

firefox.exe                   File Size:    218184 BYTES

firefox.pif                   File Size:    218184 BYTES

firefox.scr                   File Size:    218184 BYTES

iexplore.exe                   File Size:    218184 BYTES

mbam-chameleon.com             File Size:    218184 BYTES

mbam-chameleon.exe             File Size:    218184 BYTES

mbam-chameleon.pif             File Size:    218184 BYTES

mbam-chameleon.scr             File Size:    218184 BYTES

mbam-killer.exe               File Size:    896072 BYTES

rundll32.exe                   File Size:    218184 BYTES

svchost.exe                   File Size:    218184 BYTES

winlogon.exe                   File Size:    218184 BYTES

 

C:\Program Files\Malwarebytes' Anti-Malware\Languages

arabic.lng                     File Size:     21894 BYTES

belarusian.lng                 File Size:     26884 BYTES

bosnian.lng                   File Size:     27108 BYTES

bulgarian.lng                 File Size:     27574 BYTES

catalan.lng                   File Size:     28252 BYTES

chineseSI.lng                 File Size:     11024 BYTES

chineseTR.lng                 File Size:     11952 BYTES

croatian.lng                   File Size:     26670 BYTES

czech.lng                     File Size:     24874 BYTES

danish.lng                     File Size:     26582 BYTES

dutch.lng                     File Size:     28342 BYTES

english.lng                   File Size:     24542 BYTES

estonian.lng                   File Size:     25146 BYTES

finnish.lng                   File Size:     25950 BYTES

french.lng                     File Size:     29830 BYTES

german.lng                     File Size:     29894 BYTES

greek.lng                     File Size:     29300 BYTES

hebrew.lng                     File Size:     19362 BYTES

hungarian.lng                 File Size:     28666 BYTES

indonesian.lng                 File Size:     26854 BYTES

italian.lng                   File Size:     28194 BYTES

japanese.lng                   File Size:     16266 BYTES

korean.lng                     File Size:     14188 BYTES

latvian.lng                   File Size:     27100 BYTES

lithuanian.lng                 File Size:     27838 BYTES

norwegian.lng                 File Size:     25116 BYTES

polish.lng                     File Size:     26644 BYTES

portugueseBR.lng               File Size:     28654 BYTES

portuguesePT.lng               File Size:     29062 BYTES

romanian.lng                   File Size:     28290 BYTES

russian.lng                   File Size:     27302 BYTES

serbian.lng                   File Size:     26804 BYTES

slovak.lng                     File Size:     25644 BYTES

slovenian.lng                 File Size:     24852 BYTES

spanish.lng                   File Size:     30060 BYTES

swedish.lng                   File Size:     25992 BYTES

thai.lng                       File Size:     26092 BYTES

turkish.lng                   File Size:     25876 BYTES

vietnamese.lng                 File Size:     29528 BYTES

 

C:\Users\Mike\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware

 

C:\Users\Mike\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs

 

C:\Users\Mike\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine

 

C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware

rules.ref                     File Size:   6866750 BYTES

 

C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Configuration

build.conf                     File Size:       140 BYTES

config.conf                   File Size:      4076 BYTES

custom.conf                   File Size:        20 BYTES

database.conf                 File Size:       432 BYTES

html.conf                     File Size:      2904 BYTES

local.conf                     File Size:       674 BYTES

manifest.conf                 File Size:      1752 BYTES

messaging.conf                 File Size:      1430 BYTES

news.conf                     File Size:       272 BYTES

 

C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs

protection-log-2013-07-26.txt File Size:      2418 BYTES

protection-log-2013-07-27.txt File Size:      7470 BYTES

protection-log-2013-07-28.txt File Size:      1524 BYTES

 

C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine

 

===============================================================

END OF FILE
Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.