Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works

need help removing srcipt error/malware

quikdisplay.com&colo script

  • Please log in to reply




  • Topic Starter
  • Member
  • PipPip
  • 29 posts

yes it is uninstalled. i have an icon on my desktop that is mbam-setup=, the Application (.exe) for Malwarebytes Anti Malware. that is it

  • 0




    Trusted Helper

  • Malware Removal
  • 8,012 posts

Lets see if we can get Malwarebytes to run, I have a new set of instructions. Take your time. Almost done here. If your busy now you mat do this later....

Delete the set up file from the desktop for Malwarebytes and we will re-download it and try running it, following directions below:

Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup- and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
Launch Malwarebytes Anti-Malware
A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
How to get logs:
(Export log to save as txt)
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • post that saved log to your next reply.

  • 0




  • Topic Starter
  • Member
  • PipPip
  • 29 posts

I installed it to my desktop as instructed. Got the same exact message: Malwarebytes Anti-Ma;ware has stopped working.A problem caused the program to stop working correctly. Windows will close the program and notify you if a solution is available.

  • 0



    Trusted Helper

  • Malware Removal
  • 8,012 posts

As long as the computer is running ok, lets remove all the tools we used to fix it.

Download DelFix by Xplode and save it to your desktop.
  • Run the tool by right click on the 51a5ce45263de-delfix.png icon and Run as administrator option.
  • Make sure that these ones are checked:
    • Remove disinfection tools
    • Purge system restore
    • Reset system settings
  • Push Run.
  • The program will run for a few seconds and display a notepad report.
    Paste it for my review.
Joe :)
  • 0




  • Topic Starter
  • Member
  • PipPip
  • 29 posts

# DelFix v10.8 - Logfile created 23/09/2014 at 20:14:25
# Updated 29/07/2014 by Xplode
# Username : Misty - MISTY-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\_OTL
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Misty\Desktop\Addition.txt
Deleted : C:\Users\Misty\Desktop\adwcleaner_3.310.exe
Deleted : C:\Users\Misty\Desktop\Extras.Txt
Deleted : C:\Users\Misty\Desktop\Fixlog.txt
Deleted : C:\Users\Misty\Desktop\FRST.txt
Deleted : C:\Users\Misty\Desktop\FRST64.exe
Deleted : C:\Users\Misty\Desktop\JRT.exe
Deleted : C:\Users\Misty\Desktop\JRT.txt
Deleted : C:\Users\Misty\Desktop\OTL.Txt
Deleted : C:\Users\Misty\Desktop\OTL(1).exe
Deleted : C:\Users\Misty\Downloads\esetsmartinstaller_enu(1).exe
Deleted : C:\Users\Misty\Downloads\esetsmartinstaller_enu.exe
Deleted : C:\Users\Misty\Downloads\Extras.Txt
Deleted : C:\Users\Misty\Downloads\OTL.Txt
Deleted : C:\Users\Misty\Downloads\OTL.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner

~ Cleaning system restore ...

Deleted : RP #49 [Windows Update | 09/12/2014 12:24:09]
Deleted : RP #50 [Windows Update | 09/12/2014 13:29:32]
Deleted : RP #51 [Windows Update | 09/12/2014 19:12:16]
Deleted : RP #52 [OTL Restore Point - 9/15/2014 5:49:24 PM | 09/15/2014 21:49:25]
Deleted : RP #53 [Restore Operation | 09/16/2014 00:09:41]
Deleted : RP #54 [Windows Update | 09/16/2014 11:13:40]
Deleted : RP #55 [OTL Restore Point - 9/16/2014 7:20:57 AM | 09/16/2014 11:20:58]
Deleted : RP #56 [Windows Update | 09/20/2014 01:12:39]
Deleted : RP #57 [OTL Restore Point - 9/20/2014 5:56:59 PM | 09/20/2014 21:57:00]
Deleted : RP #58 [Windows Update | 09/23/2014 20:16:05]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########

  • 0




  • Topic Starter
  • Member
  • PipPip
  • 29 posts

the Malwarebytes is still installed on my desktop

  • 0



    Trusted Helper

  • Malware Removal
  • 8,012 posts

I'm glad I was able to help you out here and things are better.

I'll leave you with some "tips" and a suggestion concerning Malwarebytes

Here are a number of recommendations that will help you and which will contribute to making you a less likely victim:

Safe Computing Practices please read Here

For the Malwarebytes issue I'm going to suggest you post directly to the Malwarebytes forum and get help there when time permits. There help section is located Here

Some users are running or being asked to run that Malwarebytes cleantool "twice" then try reinstalling Malwarebytes. You can try that if you want, but it maybe best to go directly to the Malwarebytes forum I have linked you to, register and start a help topic there. You may want to provide a link to this thread so they can see what has been done already concerning malwarebytes.

Joe :)
  • 0




  • Topic Starter
  • Member
  • PipPip
  • 29 posts

I cannot thank you enough. I would have never been able to "save" my brand new laptop without you. thank you, thank you, thank you! I will follow through and read up on the tips link you provided and go to Malwarebytes for their help with the program stopping.

again thank you!!!

  • 0




  • Topic Starter
  • Member
  • PipPip
  • 29 posts

hiI was able to run the Malwarebytes Anit-Malware below is the CheckResults.txt from that run



User Account type:                 Administrator
OS:                                Windows 7 Service Pack 1 Service Pack 1 64 bit Operating System
Current Version and Build:         6.1.7601.0
Malwarebytes Anti-Malware:
Installed On:                      2014/09/23
Malware Database:                  2014.03.04.09
Rootkit Database:                  2014.02.20.01
Remediation Database:              2013.10.16.01
IP Database:                       0000.00.00.00
Domain Database:                   0000.00.00.00
License:                           Trial
Malware Protection:                4 (The service is running.)
Malicious Website Protection:      4 (The service is running.)
Chameleon:                         0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
Log Created:                       2014/10/04 12:10:24
Compatibility Flag Settings:

Malwarebytes Anti-Malware Shell Extension Block Check:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked:

MBAM Startup Entries:

Malwarebytes Anti-Malware Service and Driver Status:

--------------Driver File Info:--------------
File Size:     25816 BYTES    FileVersion:    MD5: [f92b0e478c0faa6d6661e6e977247e60]
File Size:     63704 BYTES    FileVersion:    MD5: [15e8abc06843672955ce26a009533bad]
File Size:    119000 BYTES    FileVersion:    MD5: [b429327b1ccd987efd87fa603870827d]
File Size:     91352 BYTES    FileVersion:    MD5: [9d9ed48f841ea37aa5310d54b9e5d3c7]

Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
CHECKPOINT:             0
WAIT_HINT:              0

Type:                   16
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
CHECKPOINT:             0
WAIT_HINT:              0

Type:                   16
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
CHECKPOINT:             0
WAIT_HINT:              0

Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
WIN32_EXIT_CODE:        N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A

Type:                   1
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
CHECKPOINT:             0
WAIT_HINT:              0

Required Dependencies:

Type:                   32
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
CHECKPOINT:             0
WAIT_HINT:              0

    DisplayName                   REG_SZ        @%SystemRoot%\system32\bfe.dll,-1001
    Group                         REG_SZ        NetworkProvider
    ImagePath                     REG_EXPAND_SZ    %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
    Description                   REG_SZ        @%SystemRoot%\system32\bfe.dll,-1002
    ObjectName                    REG_SZ        NT AUTHORITY\LocalService
    ErrorControl                  REG_DWORD        1
    Start                         REG_DWORD        2
    Type                          REG_DWORD        32
    DependOnService               REG_MULTI_SZ    RpcSs

    ServiceSidType                REG_DWORD        3
    RequiredPrivileges            REG_MULTI_SZ    SeAuditPrivilege

    FailureActions                REG_BINARY    Binary Data

    ServiceDll                    REG_EXPAND_SZ    %SystemRoot%\System32\bfe.dll
    ServiceDllUnloadOnStop        REG_DWORD        1
    ServiceMain                   REG_SZ        BfeServiceMain
    {dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY    Binary Data

    {0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY    Binary Data

    {12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY    Binary Data

    {c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY    Binary Data

    {0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY    Binary Data

    {074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY    Binary Data

    {c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY    Binary Data

    {a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY    Binary Data

    {0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY    Binary Data

    {2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY    Binary Data

    {2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY    Binary Data

    {c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY    Binary Data

    {935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY    Binary Data

    {941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY    Binary Data

    {22001ee0-8e87-4f75-ba58-248f5918a63a}REG_BINARY    Binary Data

    {79f2a265-b693-4cc9-b480-cbcd87bd4747}REG_BINARY    Binary Data

    {c4b50f21-503e-4d7a-abd4-ed0a823a2453}REG_BINARY    Binary Data

    {91e902db-2cef-4040-b8e2-02fe4fd49c25}REG_BINARY    Binary Data

    {dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY    Binary Data

    {f444c576-6e60-4ea2-9faa-80d57ed12cd2}REG_BINARY    Binary Data

    {0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY    Binary Data

    {12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY    Binary Data

    {c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY    Binary Data

    {0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY    Binary Data

    {4d9581d2-aef8-4993-84cd-b986ced80d42}REG_BINARY    Binary Data

    {be7cbdf4-b192-4aa5-94f8-1fb5c5ee07bc}REG_BINARY    Binary Data

    {716b48eb-0a35-4a76-92ab-1d987230d288}REG_BINARY    Binary Data

    {1165065e-4996-4338-abaf-4b8556b4d431}REG_BINARY    Binary Data

    {07a24961-a760-4e80-b263-6d275e1b09cb}REG_BINARY    Binary Data

    {5b0cb2e2-ab87-4974-9f1c-2f22a654eeb9}REG_BINARY    Binary Data

    {b6b2ca61-fb98-4422-adc2-e7cf56b3680c}REG_BINARY    Binary Data

    {0aa7fff8-919f-453c-928c-28a12122ba38}REG_BINARY    Binary Data

    {074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY    Binary Data

    {c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY    Binary Data

    {a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY    Binary Data

    {0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY    Binary Data

    {91ffecf0-0a9e-4572-95f1-a7111af86967}REG_BINARY    Binary Data

    {64e55933-15a5-495d-a928-ccca43d44875}REG_BINARY    Binary Data

    {13bfd422-6f75-4408-8924-9400ec0cb19c}REG_BINARY    Binary Data

    {cbfb56db-3c85-4543-9bc2-76ea28cdd74e}REG_BINARY    Binary Data

    {2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY    Binary Data

    {375fb39b-08c6-40f2-bdf2-08fa63f970a2}REG_BINARY    Binary Data

    {2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY    Binary Data

    {c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY    Binary Data

    {b6fdab6b-dcc6-43e3-99ce-7aeca65063a4}REG_BINARY    Binary Data

    {3697a558-3ed3-49be-a4c1-c1a4448653b4}REG_BINARY    Binary Data

    {935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY    Binary Data

    {941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY    Binary Data

    {b02a4013-b6b5-4859-9168-1e3299e43b24}REG_BINARY    Binary Data

    {d870c96c-75ee-46a6-8a02-8e4401a73423}REG_BINARY    Binary Data

    {8b50e2ec-7cf0-4b71-b42e-5b0536f6cab8}REG_BINARY    Binary Data

    {4137b143-2770-43d4-91a2-55bb0a069830}REG_BINARY    Binary Data

    {3180114b-8338-4740-9a16-444134ad62f4}REG_BINARY    Binary Data

    {17043d46-fac2-4561-bca1-0c7a05e95f5f}REG_BINARY    Binary Data

    {567d3836-3f5b-4067-b9c4-952f677010a2}REG_BINARY    Binary Data

    {4e718c57-c397-4221-9fbb-14fd51701d6a}REG_BINARY    Binary Data

    {3a90a266-1519-4d23-911b-e84cd0f02ab8}REG_BINARY    Binary Data

    {56b4fdc4-bb4e-4c42-a9d8-f627ee15ac21}REG_BINARY    Binary Data

    {1ba41ed8-151d-4577-9272-317856bc637c}REG_BINARY    Binary Data

    {9248d57e-f843-4159-807d-3813173e2096}REG_BINARY    Binary Data

    {4658cd86-525d-44ed-98a5-791a7b8655f1}REG_BINARY    Binary Data

    {decc16ca-3f33-4346-be1e-8fb4ae0f3d62}REG_BINARY    Binary Data

    {4b153735-1049-4480-aab4-d1b9bdc03710}REG_BINARY    Binary Data

    {1bebc969-61a5-4732-a177-847a0817862a}REG_BINARY    Binary Data

    {aa6a7d87-7f8f-4d2a-be53-fda555cd5fe3}REG_BINARY    Binary Data

    {d4bd4a0f-7591-4da2-ae67-3aa97c3c34c2}REG_BINARY    Binary Data

    {839cd73f-1907-49ea-9aa5-0e6be9048087}REG_BINARY    Binary Data

    {b3cdd441-af90-41ba-a745-7c6008ff2300}REG_BINARY    Binary Data

    {b3cdd441-af90-41ba-a745-7c6008ff2301}REG_BINARY    Binary Data

    {b3cdd441-af90-41ba-a745-7c6008ff2302}REG_BINARY    Binary Data

    {9ba30013-c84e-47e5-ac6e-1e1aed72fa69}REG_BINARY    Binary Data

    {8c36b346-4e0c-4049-8b55-5295ac35567c}REG_BINARY    Binary Data

Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
CHECKPOINT:             0
WAIT_HINT:              0

    AttachWhenLoaded              REG_DWORD        1
    DisplayName                   REG_SZ        @%SystemRoot%\system32\drivers\fltmgr.sys,-10001
    Group                         REG_SZ        FSFilter Infrastructure
    ImagePath                     REG_EXPAND_SZ    system32\drivers\fltmgr.sys
    Description                   REG_SZ        @%SystemRoot%\system32\drivers\fltmgr.sys,-10000
    ErrorControl                  REG_DWORD        3
    Start                         REG_DWORD        0
    Tag                           REG_DWORD        1
    Type                          REG_DWORD        2
    0                             REG_SZ        Root\LEGACY_FLTMGR\0000
    Count                         REG_DWORD        1
    NextInstance                  REG_DWORD        1

File Size: 289664    BYTES    FileVersion: 6.1.7601.17514    MD5: [da6b67270fd9db3697b20fce94950741]
File Size: 1070232   BYTES    FileVersion:    MD5: [766f501b61c22723536af696a74133d4]
File Size: 90112     BYTES    FileVersion: 6.1.7601.17514    MD5: [703ffd301ab900b047337c5d40fd6f96]

MBAM Registry Settings and License Info:
    AutomaticQuarantine:                                       true
    AutostartProtection:                                       true
    LimitedMode:                                               false
    StartSilentMode:                                           false
    StartupDelay:                                              0
    First-Run-After-Installation:                              false
    DaysUntilNotifyExpiration:                                 5
    Language:                                                  en
    RightClickAccess:                                          false
    SilentErrors:                                              false
    ExportLog:                                                 true
    DisplayMilliseconds:                                       7000
    Duration_Driver:                                           0
    Duration_Filesystem:                                       96000
    Duration_Heuristics:                                       8000
    Duration_Loading:                                          0
    Duration_MasterBootRecord:                                 0
    Duration_Memory:                                           40000
    Duration_PreScan:                                          44000
    Duration_Registry:                                         3000
    Duration_Sector:                                           0
    Duration_Startup:                                          7000
    ItemCount_Driver:                                          0
    ItemCount_Filesystem:                                      6890
    ItemCount_Heuristics:                                      108509
    ItemCount_Loading:                                         0
    ItemCount_MasterBootRecord:                                0
    ItemCount_Memory:                                          2797
    ItemCount_PreScan:                                         0
    ItemCount_Registry:                                        38948
    ItemCount_Sector:                                          0
    ItemCount_Startup:                                         447
    LastScanDateEpoch:                                         0
    LastScanType:                                              0 (No Previous Scans)
    NotifyInstallReady:                                        true
    NotifyOutdatedDatabase:                                    1
    ProxyPort:                                                 0
    UseProxy:                                                  false
    UseProxyAuthentication:                                    false
  Account Status:                                              Trial
  Expiration Time:                                             2014/10/07 10:59:27
  Activation Time:                                             2014/09/23 10:59:27
  Trial Used:                                                  true
--------------Access Policies:--------------

Scheduler Queue:

        NotifyWhenUpdateCompletes:                             true
        ProcessLaunchedFromScheduler:                          true
        TaskType:                                              3
          dateinterval:                                        0:0:0
          lastscheduled:                                       Sat, 04 Oct 2014 12:04:41.531200 -0400
          lasttriggered:                                       Sat, 04 Oct 2014 12:04:41.531200 -0400
          nextscheduled:                                       Sat, 04 Oct 2014 13:02:38.531200 -0400
          recovery:                                            00:00:00
          start:                                               Tue, 23 Sep 2014 07:07:48.593963 -0400
          timeinterval:                                        01:00:00
          type:                                                3
          uuid:                                                d4781968-101b-4672-b6b5-ebceab09445b
      type:                                                    update
      uuid:                                                    37507b5e-a0df-4054-bae7-27f291f87824
        CheckForUpdatesBeforeScanStart:                        true
        ProcessLaunchedFromScheduler:                          true
          ExitWhenNoMalwareDetected:                           false
          ExportLog:                                           true
          FileSystemOption:                                    true
          RebootSystemWhenMalwareDetected:                     false
          RemoveMalwareAutomaticallyWhenScanEnds:              false
          ScanArchives:                                        true
          ScanExtra:                                           true
          ScanHeuristic:                                       true
          ScanMemoryObjects:                                   true
          ScanPUM:                                             2
          ScanPUP:                                             2
          ScanRegistry:                                        true
          ScanRootkits:                                        false
          ScanStartup:                                         true
          ScanType:                                            1 (Threat Scan)
          Silent:                                              true
          TerminateExplorerWhenMalwareIsRemoved:               false
        StartTaskFromSystemAccount:                            false
        TaskType:                                              0
          dateinterval:                                        1:0:0
          lastscheduled:                                       Sat, 04 Oct 2014 08:23:59.702800 -0400
          lasttriggered:                                       Sat, 04 Oct 2014 08:23:59.702800 -0400
          nextscheduled:                                       Sun, 05 Oct 2014 08:38:15.702800 -0400
          recovery:                                            23:00:00
          start:                                               Wed, 24 Sep 2014 02:34:44 -0400
          timeinterval:                                        00:00:00
          type:                                                4
          uuid:                                                4b05c043-e617-407f-b39f-1943d8369b6f
      type:                                                    scan
      uuid:                                                    b8c003b6-4be9-4722-9fbd-ab834ce7ce58

Pending File Rename Operations:
If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.
Pending File Rename Operations:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\
    PendingFileRenameOperations    REG_MULTI_SZ    \??\C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice_tmp.exe

MBAMProtector Registry Values:

    Type                          REG_DWORD        2
    Start                         REG_DWORD        3
    ErrorControl                  REG_DWORD        1
    ImagePath                     REG_EXPAND_SZ    \??\C:\Windows\system32\drivers\mbam.sys
    Group                         REG_SZ        FSFilter Anti-Virus
    DependOnService               REG_MULTI_SZ    FltMgr

    WOW64                         REG_DWORD        1
    DefaultInstance               REG_SZ        MBAMProtector Instance
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance
    Altitude                      REG_SZ        328800
    Flags                         REG_DWORD        0
    PassThruFile                  REG_SZ        mbampt.exe
    ProductPath                   REG_SZ        C:\Program Files (x86)\Malwarebytes Anti-Malware
    0                             REG_SZ        Root\LEGACY_MBAMPROTECTOR\0000
    Count                         REG_DWORD        1
    NextInstance                  REG_DWORD        1

MBAMService Registry Values:

    Type                          REG_DWORD        16
    Start                         REG_DWORD        2
    ErrorControl                  REG_DWORD        1
    ImagePath                     REG_EXPAND_SZ    "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
    DependOnService               REG_MULTI_SZ    MBAMProtector

    WOW64                         REG_DWORD        1
    ObjectName                    REG_SZ        LocalSystem
    Description                   REG_SZ        Malwarebytes Anti-Malware service
    DelayedAutostart              REG_DWORD        0

MBAMScheduler Registry Values:

    Type                          REG_DWORD        16
    Start                         REG_DWORD        2
    ErrorControl                  REG_DWORD        1
    ImagePath                     REG_EXPAND_SZ    "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
    WOW64                         REG_DWORD        1
    ObjectName                    REG_SZ        LocalSystem
    Description                   REG_SZ        Malwarebytes Anti-Malware scheduler

Terminal Services Status for (null) entries in PM logs and GetUserToken errors:

Type:                   32
State:                  1 (The service is not running.) (State is stopped)
WIN32_EXIT_CODE:        1077
CHECKPOINT:             0
WAIT_HINT:              0

TermService Start is set to: 3 (Manual Startup)

Proxy Status: No proxy is Set

Proxy Override:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\
    ProxyOverride    REG_SZ        <-loopback>

LAN Settings:

only 'Automatically detect settings' is selected


    SystemPartition    REG_SZ        \Device\HarddiskVolume2

Balloon Tips Status:


Time Format Settings:

Should be:
        h:mm:ss tt

REG_SZ        h:mm:ss tt
REG_SZ        AM
REG_SZ        PM
REG_SZ        :

Language and Regional Settings:

ACP:     Language is English (United States)
MACCP:     Language is English (United States)
OEMCP:     Language is English (United States)

Startup Folders for Error_Expanding_Variables Check:

All Users Startup Folder Exists.
Current User's Startup Folder Exists.

Context Menu Entries:

List of MBAM Related Directories:

C:\Program Files (x86)\Malwarebytes Anti-Malware\
7z.dll                                      File Size: 920888    BYTES    FileVersion:       MD5: [9f522b2708cab181c0f137abbcd1de2e]
changes.txt                                 File Size: 2261      BYTES    FileVersion:  N/A            MD5: [af70267bdf9a37a96f1a79a5c3720ae6]
license.rtf                                 File Size: 39478     BYTES    FileVersion:  N/A            MD5: [8627b31943a534aad30d154c2b2c1aaf]
master.conf                                 File Size: 1258      BYTES    FileVersion:  N/A            MD5: [9702ca5e82d3756c6d8af34a2ababaea]
mbam.dll                                    File Size: 579896    BYTES    FileVersion:        MD5: [d32c2a98859cb22d57a665f15f351e7d]
mbam.exe                                    File Size: 6970168   BYTES    FileVersion:      MD5: [4fbc630768570e6ac35c3de8f6ec79f5]
mbamcore.dll                                File Size: 1680696   BYTES    FileVersion:       MD5: [f722fa26739eafcbd8d5f3829b632cd7]
mbamdor.exe                                 File Size: 54072     BYTES    FileVersion:        MD5: [4da2f2da54a92850f56c0db712058188]
mbamext.dll                                 File Size: 184632    BYTES    FileVersion:        MD5: [945bb364b09f3a8e998dbff02a0a5a58]
mbampt.exe                                  File Size: 39736     BYTES    FileVersion:        MD5: [9acd7583584c93ee542c273df8e91dc1]
mbamscheduler.exe                           File Size: 1809720   BYTES    FileVersion:        MD5: [d84aea3f3329d622dfc1297dddf6163b]
mbamservice.exe                             File Size: 860472    BYTES    FileVersion:        MD5: [4f45ed469906494f9bf754e476390dbd]
mbamsrv.dll                                 File Size: 4437816   BYTES    FileVersion:        MD5: [9b48e38c35f08fa831b387a0b27c40aa]
msvcp100.dll                                File Size: 421688    BYTES    FileVersion:  10.0.40219.325 MD5: [e4b829081e639e42985853bae754a53d]
msvcr100.dll                                File Size: 774456    BYTES    FileVersion:  10.0.40219.325 MD5: [80fcedbe920e9cbe30d9d3665bd6efed]
QtCore4.dll                                 File Size: 2732856   BYTES    FileVersion:        MD5: [30490eed6a1e20e8259c0b9c58f488fe]
QtGui4.dll                                  File Size: 8575288   BYTES    FileVersion:        MD5: [15e21aa7d0c0c994cd565eeb96d13c20]
QtNetwork4.dll                              File Size: 909112    BYTES    FileVersion:        MD5: [d7588d42e29080c32a003bee465160d8]
unins000.dat                                File Size: 23381     BYTES    FileVersion:  N/A            MD5: [19061f04665663e6731d202d0d622082]
unins000.exe                                File Size: 718037    BYTES    FileVersion:      MD5: [d2796ecf50731e696f0c065d24c0827a]

C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon

C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon\Windows
chameleon.chm                               File Size: 235882    BYTES    FileVersion:  N/A            MD5: [c4190b71f037714aa77aba294434ba5b]
firefox.com                                 File Size: 750392    BYTES    FileVersion:        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
firefox.exe                                 File Size: 750392    BYTES    FileVersion:        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
firefox.pif                                 File Size: 750392    BYTES    FileVersion:        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
firefox.scr                                 File Size: 750392    BYTES    FileVersion:        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
iexplore.exe                                File Size: 750392    BYTES    FileVersion:        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-chameleon.com                          File Size: 750392    BYTES    FileVersion:        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-chameleon.exe                          File Size: 750392    BYTES    FileVersion:        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-chameleon.pif                          File Size: 750392    BYTES    FileVersion:        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-chameleon.scr                          File Size: 750392    BYTES    FileVersion:        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-killer.exe                             File Size: 1181496   BYTES    FileVersion:  N/A            MD5: [c6927fd8f7e9105b64db5d5a08b53731]
rundll32.exe                                File Size: 750392    BYTES    FileVersion:        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
svchost.exe                                 File Size: 750392    BYTES    FileVersion:        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
windows.exe                                 File Size: 750392    BYTES    FileVersion:        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
winlogon.exe                                File Size: 750392    BYTES    FileVersion:        MD5: [09882e8edd1144e6ef1af6d1f98305ee]

C:\Program Files (x86)\Malwarebytes Anti-Malware\\imageformats
qgif4.dll                                   File Size: 32568     BYTES    FileVersion:        MD5: [e59f533c26c8375cd120b4791482217e]

C:\Program Files (x86)\Malwarebytes Anti-Malware\\Languages
lang_bg.qm                                  File Size: 144048    BYTES    FileVersion:  N/A            MD5: [9ccb79999432d56b9843a3e2b2c90325]
lang_bs.qm                                  File Size: 145523    BYTES    FileVersion:  N/A            MD5: [6ab7a6274d4f9f7553c944f5c66201ba]
lang_ca.qm                                  File Size: 132254    BYTES    FileVersion:  N/A            MD5: [68a83ec63b6e7bc5dbdd412bcc49c6ce]
lang_cs.qm                                  File Size: 141243    BYTES    FileVersion:  N/A            MD5: [6b8acee7f461fa69b83d2c45c3725427]
lang_da.qm                                  File Size: 130101    BYTES    FileVersion:  N/A            MD5: [8539796784746218b229419e99ab308d]
lang_de.qm                                  File Size: 149462    BYTES    FileVersion:  N/A            MD5: [fcd3bc376ad219396e8c7d3c87cd8864]
lang_el.qm                                  File Size: 149912    BYTES    FileVersion:  N/A            MD5: [74f13f95f63fe96c08e571598df052d6]
lang_en.qm                                  File Size: 115961    BYTES    FileVersion:  N/A            MD5: [8c9da1c0ce06b89f8d323bf948bfba4e]
lang_es.qm                                  File Size: 130487    BYTES    FileVersion:  N/A            MD5: [33e1c6d40b841cc2e783ec8d8102e66f]
lang_et.qm                                  File Size: 138126    BYTES    FileVersion:  N/A            MD5: [aa215b5f37a72a69854c9163ac543b51]
lang_fi.qm                                  File Size: 144256    BYTES    FileVersion:  N/A            MD5: [18912c339939c3a6629004ec900f4fe4]
lang_fr.qm                                  File Size: 149253    BYTES    FileVersion:  N/A            MD5: [ec2bf2f431c4273f151b8c8a7b84c387]
lang_he.qm                                  File Size: 116101    BYTES    FileVersion:  N/A            MD5: [9e692744e77051c6ce14df32f9b71920]
lang_hr.qm                                  File Size: 139841    BYTES    FileVersion:  N/A            MD5: [3e3737fe86eb595c5f6817eebf731aa7]
lang_hu.qm                                  File Size: 145621    BYTES    FileVersion:  N/A            MD5: [52d3d7fcf8c8db071ef0573a1357c2fd]
lang_id.qm                                  File Size: 143102    BYTES    FileVersion:  N/A            MD5: [80473d2c73d2f54f2b23c9316f2d0ceb]
lang_it.qm                                  File Size: 146851    BYTES    FileVersion:  N/A            MD5: [7e7aea7d0b433d7e912ed9f0887684a7]
lang_ja.qm                                  File Size: 121282    BYTES    FileVersion:  N/A            MD5: [19ac79b7a5e05d665e417c2dd75afc94]
lang_ko.qm                                  File Size: 118033    BYTES    FileVersion:  N/A            MD5: [de213178c14490bf452ea45278d3442d]
lang_nl.qm                                  File Size: 146325    BYTES    FileVersion:  N/A            MD5: [5aec6f6bdc5e6c28744e6ef374709eeb]
lang_no.qm                                  File Size: 142918    BYTES    FileVersion:  N/A            MD5: [4388c08217618af2e24173af6f5d3f97]
lang_pl.qm                                  File Size: 145434    BYTES    FileVersion:  N/A            MD5: [699700c889447d1f9b607c04f07fff67]
lang_pt_BR.qm                               File Size: 131739    BYTES    FileVersion:  N/A            MD5: [a3430222223d59da8ec6ea1edae5ee2f]
lang_pt_PT.qm                               File Size: 149128    BYTES    FileVersion:  N/A            MD5: [afdf1907af4c95f9af510d5fc1bb9067]
lang_ro.qm                                  File Size: 121166    BYTES    FileVersion:  N/A            MD5: [1672a2b3a9807a1497fe43824c0026c0]
lang_ru.qm                                  File Size: 122186    BYTES    FileVersion:  N/A            MD5: [d4dd1eea2b0f52aba2fca4d159c387f7]
lang_sk.qm                                  File Size: 119827    BYTES    FileVersion:  N/A            MD5: [8b200d162e8028843e41aa1a927cfd84]
lang_sl.qm                                  File Size: 143191    BYTES    FileVersion:  N/A            MD5: [1760a6aa6990b2f0c4c71ec04b25ac9c]
lang_sr.qm                                  File Size: 143261    BYTES    FileVersion:  N/A            MD5: [377d15c0da0249f4a7a58978b6307d81]
lang_sv.qm                                  File Size: 142525    BYTES    FileVersion:  N/A            MD5: [2587ead21967296fefdd0ee0684fe8b4]
lang_tr.qm                                  File Size: 142194    BYTES    FileVersion:  N/A            MD5: [880fcbe97ec6f13ec094f7371b5b295f]
lang_vi.qm                                  File Size: 126874    BYTES    FileVersion:  N/A            MD5: [c61281786b5bfec68afc742a19f6abd9]
lang_zh_tr.qm                               File Size: 110870    BYTES    FileVersion:  N/A            MD5: [f223d83580b1ee35edea13293cb2c80d]

C:\Program Files (x86)\Malwarebytes Anti-Malware\\Plugins
fixdamage.exe                               File Size: 821560    BYTES    FileVersion:     MD5: [3a4dcd021d9f3a5305a22e5e309da305]

C:\Users\Misty\AppData\Roaming\Malwarebytes\Malwarebytes Anti-Malware

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware
actions.ref                                 File Size: 314       BYTES    FileVersion:  N/A            MD5: [b26a36c0696e299fdfebe180c09c2737]
domains.ref                                 File Size: 38        BYTES    FileVersion:  N/A            MD5: [8c30b536b67543eb68e68b9640d4d498]
exclusions.dat                              File Size: 0         BYTES    FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
ips.ref                                     File Size: 33        BYTES    FileVersion:  N/A            MD5: [8a1c580788ea8de3f32862c2c1cf373c]
rules.ref                                   File Size: 7349775   BYTES    FileVersion:  N/A            MD5: [a4c6832946d2ce099c41d812792259c0]
swissarmy.ref                               File Size: 21081     BYTES    FileVersion:  N/A            MD5: [a6d56a73c602e64853aa689bf3400769]

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration
build.conf                                  File Size: 4493      BYTES    FileVersion:  N/A            MD5: [3463343a83fdfb6c20cec7a0bbed177d]
database.conf                               File Size: 4         BYTES    FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
gatekeeper.conf                             File Size: 4         BYTES    FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
license.conf                                File Size: 462       BYTES    FileVersion:  N/A            MD5: [9846368d9e35c0d4ba530653d4a898ed]
manifest.conf                               File Size: 1573      BYTES    FileVersion:  N/A            MD5: [5783f572b2f913ca675e1454d95b56ca]
marketing.conf                              File Size: 1434      BYTES    FileVersion:  N/A            MD5: [19533c40d9c9778b2ab423dbcf063d80]
net.conf                                    File Size: 6072      BYTES    FileVersion:  N/A            MD5: [d9e0a676967deed72a9128bcc3c040e7]
notifications.conf                          File Size: 4         BYTES    FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
scheduler.conf                              File Size: 2282      BYTES    FileVersion:  N/A            MD5: [727437f2e9bac1268f96f90aefaf27a2]
settings.conf                               File Size: 1866      BYTES    FileVersion:  N/A            MD5: [3e1d7d6c2c1d3c8a9803b42bf76fb99c]
statistics.conf                             File Size: 173       BYTES    FileVersion:  N/A            MD5: [b15e0a65acf3cce06341c8ba7185d661]

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs
protection-log-2014-09-23.xml               File Size: 2382      BYTES    FileVersion:  N/A            MD5: [ca13a0a42c75f4925c454139aefe9ba7]

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine

Malware Exclusions:
Web Exclusions:
Quarantined Items:

  • 0



    Trusted Helper

  • Malware Removal
  • 8,012 posts

That's a log I'm not use to seeing. Can you get the log following these instructions:
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.

  • 0


Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP