Jump to content

malwarebytes anti malware premium question


Recommended Posts

Sorry took so long to reply back work in a grave yard very busy

I'm no permitted to attach files I will work on turning screen shot into a pic so i can post it up .
Thanks
 
 
 
 
mbam-check result log version:     2.1.1.1001
========================================
 
User Account type:                 Administrator
OS:                                Windows 8.1  64 bit Operating System
Current Version and Build:         6.3.9200.0 
Malwarebytes Anti-Malware:         2.0.4.1028
Installed On:                      2015/03/20
Malware Database:                  2015.03.20.08
Rootkit Database:                  2015.02.25.01
Remediation Database:              2015.03.09.01
IP Database:                       0000.00.00.00
Domain Database:                   0000.00.00.00
License:                           Premium
Malware Protection:                4 (The service is running.)
Malicious Website Protection:      1 (The service is not running.)
Chameleon:                         4 (The service is running.)
Log Created:                       2015/03/20 18:36:50
Compatibility Flag Settings:
=================================
 
 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
SIGN.MEDIA=AEF8 essentls_ftm.exeREG_SZ $ ElevateCreateProcess
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exeREG_SZ ^ WIN7RTM
 
 
Malwarebytes Anti-Malware Shell Extension Block Check:
======================================================
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked:
 
MBAM Startup Entries: 
=====================
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
 
Malwarebytes Anti-Malware Service and Driver Status:
=======================================================
 
--------------Driver File Info:--------------
C:\WINDOWS\system32\drivers\mbam.sys
File Size: 25816     BYTES FileVersion: 0.1.15.0 MD5: [ca43f8904e24bbe49982e4c0b29e6579]
C:\WINDOWS\system32\drivers\mwac.sys
File Size: 64216     BYTES FileVersion: 1.0.6.0 MD5: [9d7bffdb5fa62b600df1fcb4919d9d79]
C:\WINDOWS\system32\drivers\mbamswissarmy.sys
File Size: 129752    BYTES FileVersion: 0.2.13.0 MD5: [26c43960c99ee861a5d0edc4dcf3b1c3]
C:\WINDOWS\system32\drivers\mbamchameleon.sys
File Size: 93400     BYTES FileVersion: 1.1.4.0 MD5: [478cc94c937d235cb0a96ab8f2359d81]
 
--------------MBAMProtector:--------------
Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
--------------MBAMService:--------------
Type:                   16
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
--------------MBAMScheduler:--------------
Type:                   16
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
--------------MBAMChameleon:--------------
Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
--------------MBAMWebAccessControl:--------------
Type:                   2
State:                  1 (The service is not running.) (State is stopped)
WIN32_EXIT_CODE:        1077
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
Required Dependencies:
======================
 
--------------BFE:--------------
Type:                   32
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE
DisplayName                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1001
ErrorControl                  REG_DWORD 1
Group                         REG_SZ NetworkProvider
ImagePath                     REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
Start                         REG_DWORD 2
Type                          REG_DWORD 32
Description                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1002
DependOnService               REG_MULTI_SZ RpcSs
WfpLwfs
 
ObjectName                    REG_SZ NT AUTHORITY\LocalService
ServiceSidType                REG_DWORD 3
RequiredPrivileges            REG_MULTI_SZ SeAuditPrivilege
 
FailureActions                REG_BINARY Binary Data
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters
ServiceDllUnloadOnStop        REG_DWORD 1
ServiceMain                   REG_SZ BfeServiceMain
ServiceDll                    REG_EXPAND_SZ %SystemRoot%\System32\bfe.dll
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime\Filter
{89a89b7c-b5ab-4ed6-bf05-d3059281a5c5}REG_BINARY Binary Data

 

Link to post
Share on other sites

Hi:
 
Thanks for that picture.
Alas it's not complete.
 

I'm no permitted to attach files


I'm not sure what you mean by that?

 

Here are instructions for attaching the 3 requested logs.

 

If we can see them, perhaps with a screen shot of the program GUI/dashboard showing that you are "not protected", that would help us to better help you.

 

Thanks,

-----------------

Please refer to these steps and the attached screen shots:

  • Click the "More Reply Options" button in the lower right of the message pane
  • Click the "Browse" button, on the lower left, near the paperclip
  • Navigate to the log file on your desktop
  • Double-click the file to load it
  • Click the "Attach This File" button
  • Repeat for the other logs

post-29793-0-31023500-1427035732_thumb.p

post-29793-0-48355700-1427035737_thumb.p

Link to post
Share on other sites

Hi:
 
Thanks for the logs and the screen shot.

As you described, the dashboard does indeed say "no protection" under Real Time Protection, despite the green checkmark.

The dashboard for 2.0.4.1028 Premium should look like the screen shot below.

 

It would have been nice to see the full CheckResults.txt log, as an attachment, too.
 But, from what you posted so far, a couple of things stand out.
 
First: I don't think this setting should be there:
 

Compatibility Flag Settings:
=================================
 
 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
SIGN.MEDIA=AEF8 essentls_ftm.exeREG_SZ $ ElevateCreateProcess
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exeREG_SZ ^ WIN7RTM

 

And malicious website protection is not enabled. 

 

Also, you don't have the current version (2.1.4.1018) of MBAM.
(There are some other items that might need attention (e.g. McAfee remnants, etc.).)
 
If you wish, while we wait for AdvancedSetup or another staff member to reply, I suggest that you might want to perform a clean upgrade.

 

Please carefully follow the steps in this pinned topic to uninstall your current version of MBAM and reinstall the latest build - MBAM Clean Removal Process 2x

NOTE:  If you do upgrade to 2.1.4.1018, do not be surprised by the new GUI/dashboard! ;)

 

Please post back and let us know if this resolves your issue.

 

Thanks,

post-29793-0-96569200-1427080736_thumb.p

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.