Malwarebytes Anti-Malware Crashing

[nandemoh]

Hello,

 

This is my first post in your forum. I had initially created a post in Bleeping Computer and was quickly

found by your member 1PW and encouraged to post here!

 

Please find below my original post at BC:

 

 

Windows 7, SP1, Browser Mozilla Firefox, MSE, CCleaner

I appreciate your assistance:

Malwarebytes was not working correctly.  I uninstalled the program via control panel and uninstall.

After doing a Google search about the event crash, I followed steps from Malwarebytes to no avail.

I installed Malwarebytes clean, rebooted, re-installed a clean/new Malwarebytes Anti-Malware, no success.

Before the update process completes, the program crashes.  This is what the error report says:

Problem Event Name:    APPCRASH
  Application Name:    mbam.exe
  Application Version:    1.0.0.532
  Application Timestamp:    53518532
  Fault Module Name:    MSVCR100.dll
  Fault Module Version:    10.0.40219.325
  Fault Module Timestamp:    4df2be1e
  Exception Code:    40000015
  Exception Offset:    0008d6fd
  OS Version:    6.1.7601.2.1.0.256.1
  Locale ID:    1033
  Additional Information 1:    8374
  Additional Information 2:    83748d7ce6919cf452bf5c3838e036f3
  Additional Information 3:    2e01
  Additional Information 4:    2e01b10c887fd7f971b05773252074ee

Further instructions is greatly appreciated.
nandemoh
 

[Maurice Naggar]

Hello,

 

First, ( but only if the program is running) let's shutdown the realtime Malwarebytes Anti-Malware. Go to the desktop Taskbar. See the blue-color MBAM icon in the notification area.
Do a Right-click on it with your mouse, and select EXIT.
{ if you are only running the Free mode program, you will not see that, so in that case you can ignore that step.}.

Download & Save to your system a zip file named REF_Replace.zip from this link https://malwarebytes.box.com/s/l0q4533c7kcqxnpp8ldc

Once saved, unzip **REF_Replace.zip**  to extract all contents.   which will be 4 files.
Next, double-click on **Ref-Replace.bat** file.
It should run fairly quickly in a command-prompt window.

I would suggest then a Logoff >> Shutdown >> Restart so that your pc is then in a new Windows session.

Once that is done, restart the Anti-Malware and let me know if it works normally.

[1PW]

@nandemoh:

Please follow Maurice's post instead of mine.

Thank you.

[nandemoh]

@Maurice Naggar

 

Thank you (and as well 1PW) for the quick response to my issue!  I have completed the instructions from Maurice, and will now shut down, restart and attempt to update and run MBAM! I'll be back!

 

[nandemoh]

Return result: program did not crash, however new problem:

 

Database Version: unable to access update server

 

 

[Maurice Naggar]

Did you restart Windows ?

 

This tool will collect some information on the installation of Malwarebytes and create a report I need to review:
Download mbam-check.exe and save it to your desktop    from  http://downloads.malwarebytes.org/file/mbam_check
On Vista/Windows 7, 8, Right-click on mbam-check.exe & select Run as Administrator & allow to Run.
On XP,Double-click on mbam-check.exe to run it.
It should then open a log file CheckResults.txt
You should attach the CheckResults.txt file located on your desktop so that I can review.

 

 

[2]

Malwarebytes Anti-Malware works well and should run alongside antivirus software without conflicts. In some rare instances, exclusions may need to be set for your specific antivirus product to achieve the best possible system performance.
I suggest putting in trust settings in your antivirus, as follows:
Please "put as Trusted" (i.e., put Trust settings) for the following MBAM exe files within your Antivirus Software whitelist :

Note: If using a software firewall besides the built in "Windows Firewall" you'll need to exclude them from it as well

For 32-bit Windows Vista or Windows 7 or Windows XP:

C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamdor.exe
C:\Program Files\Malwarebytes Anti-Malware\mbampt.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe

For 64 bit versions of Windows Vista or Windows 7 or Windows 8:

C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamdor.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

Note: If using a software firewall besides the built in Windows Firewall you'll need to exclude MBAM.EXE and MBAMSERVICE.EXE from it as well

Note: Once that's done, please make sure that if either of those programs has any sort of web filter, that you add the following as a trusted site:
data-cdn.mbamupdates.com

Check your Anti-Virus/Internet-Security application to see if you can add exclusions for specific applications/files to ignore.
You may need to contact their technical support or check their support website for instructions.
You will need to set your Anti-Virus/Internet-Security to ignore/exclude the files I listed above.
 

[nandemoh]

Did you restart Windows ? Yes, see #4

 

This tool will collect some information on the installation of Malwarebytes and create a report I need to review: Done

Download mbam-check.exe and save it to your desktop    from  http://downloads.malwarebytes.org/file/mbam_check 

Please "put as Trusted" (i.e., put Trust settings) for the following MBAM exe files within your Antivirus Software whitelist : Done

Note: Once that's done, please make sure that if either of those programs has any sort of web filter, that you add the following as a trusted site: Done (Firefox)

data-cdn.mbamupdates.com

 

[nandemoh]

mbam-check result log version:     2.1.0.0002
========================================

User Account type:                 Administrator
OS:                                Windows 7 Service Pack 1 Service Pack 1 32 bit Operating System
Current Build Number:              7601
Current Version Number:            6.1
Current CSDVersion:                Service Pack 1
Malwarebytes Anti-Malware:         2.0.2.1012
Installed On:                      2014/06/23
Malware Database:                  0000.00.00.00
Rootkit Database:                  0000.00.00.00
Remediation Database:              0000.00.00.00
IP Database:                       0000.00.00.00
Domain Database:                   0000.00.00.00
License:                           Premium
Malware Protection:                4 (The service is running.)
Malicious Website Protection:      1 (The service is not running.)
Chameleon:                         0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
Log Created:                       2014/06/24 11:54:25
Compatibility Flag Settings:
=================================





Malwarebytes Anti-Malware Shell Extension Block Check:
======================================================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked:

MBAM Startup Entries:
=====================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Malwarebytes Anti-Malware Service and Driver Status:
=======================================================

--------------Driver File Info:--------------
C:\Windows\system32\drivers\mbam.sys
File Size:     23256 BYTES    FileVersion: 0.1.13.0    MD5: [8683c1b450f4b3872839308d836e0f92]
C:\Windows\system32\drivers\mwac.sys
File Size:     51928 BYTES    FileVersion: 1.0.1.0    MD5: [bd27d97297934fd4217a37fd28a7abc7]
C:\Windows\system32\drivers\mbamswissarmy.sys
File Size:    110296 BYTES    FileVersion: 0.1.7.0    MD5: [12e71da845d76665b56753ad149e32b3]
C:\Windows\system32\drivers\mbamchameleon.sys
File Size:     74456 BYTES    FileVersion: 1.0.4.0    MD5: [1aa835e8a0b8edf3d676b4ed4bf5ef07]

--------------MBAMProtector:--------------
Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0


--------------MBAMService:--------------
Type:                   16
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0


--------------MBAMScheduler:--------------
Type:                   16
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0


--------------MBAMChameleon:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A


--------------MBAMWebAccessControl:--------------
Type:                   1
State:                  1 (The service is not running.) (State is stopped)
WIN32_EXIT_CODE:        1077
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0


Required Dependencies:
======================

--------------BFE:--------------
Type:                   32
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0


HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE
    DisplayName                   REG_SZ        @%SystemRoot%\system32\bfe.dll,-1001
    Group                         REG_SZ        NetworkProvider
    ImagePath                     REG_EXPAND_SZ    %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
    Description                   REG_SZ        @%SystemRoot%\system32\bfe.dll,-1002
    ObjectName                    REG_SZ        NT AUTHORITY\LocalService
    ErrorControl                  REG_DWORD        1
    Start                         REG_DWORD        2
    Type                          REG_DWORD        32
    DependOnService               REG_MULTI_SZ    RpcSs

    ServiceSidType                REG_DWORD        3
    RequiredPrivileges            REG_MULTI_SZ    SeAuditPrivilege

    FailureActions                REG_BINARY    Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters
    ServiceDll                    REG_EXPAND_SZ    %SystemRoot%\System32\bfe.dll
    ServiceDllUnloadOnStop        REG_DWORD        1
    ServiceMain                   REG_SZ        BfeServiceMain
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime\Filter
    {dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY    Binary Data

    {2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY    Binary Data

    {2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY    Binary Data

    {c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY    Binary Data

    {0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY    Binary Data

    {12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY    Binary Data

    {c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY    Binary Data

    {0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY    Binary Data

    {074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY    Binary Data

    {c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY    Binary Data

    {a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY    Binary Data

    {0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY    Binary Data

    {935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY    Binary Data

    {941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY    Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Callout
    {22001ee0-8e87-4f75-ba58-248f5918a63a}REG_BINARY    Binary Data

    {79f2a265-b693-4cc9-b480-cbcd87bd4747}REG_BINARY    Binary Data

    {c4b50f21-503e-4d7a-abd4-ed0a823a2453}REG_BINARY    Binary Data

    {91e902db-2cef-4040-b8e2-02fe4fd49c25}REG_BINARY    Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Filter
    {dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY    Binary Data

    {f444c576-6e60-4ea2-9faa-80d57ed12cd2}REG_BINARY    Binary Data

    {0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY    Binary Data

    {12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY    Binary Data

    {c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY    Binary Data

    {0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY    Binary Data

    {4d9581d2-aef8-4993-84cd-b986ced80d42}REG_BINARY    Binary Data

    {be7cbdf4-b192-4aa5-94f8-1fb5c5ee07bc}REG_BINARY    Binary Data

    {716b48eb-0a35-4a76-92ab-1d987230d288}REG_BINARY    Binary Data

    {1165065e-4996-4338-abaf-4b8556b4d431}REG_BINARY    Binary Data

    {07a24961-a760-4e80-b263-6d275e1b09cb}REG_BINARY    Binary Data

    {5b0cb2e2-ab87-4974-9f1c-2f22a654eeb9}REG_BINARY    Binary Data

    {b6b2ca61-fb98-4422-adc2-e7cf56b3680c}REG_BINARY    Binary Data

    {0aa7fff8-919f-453c-928c-28a12122ba38}REG_BINARY    Binary Data

    {074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY    Binary Data

    {c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY    Binary Data

    {a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY    Binary Data

    {0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY    Binary Data

    {91ffecf0-0a9e-4572-95f1-a7111af86967}REG_BINARY    Binary Data

    {64e55933-15a5-495d-a928-ccca43d44875}REG_BINARY    Binary Data

    {13bfd422-6f75-4408-8924-9400ec0cb19c}REG_BINARY    Binary Data

    {cbfb56db-3c85-4543-9bc2-76ea28cdd74e}REG_BINARY    Binary Data

    {2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY    Binary Data

    {375fb39b-08c6-40f2-bdf2-08fa63f970a2}REG_BINARY    Binary Data

    {2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY    Binary Data

    {c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY    Binary Data

    {b6fdab6b-dcc6-43e3-99ce-7aeca65063a4}REG_BINARY    Binary Data

    {3697a558-3ed3-49be-a4c1-c1a4448653b4}REG_BINARY    Binary Data

    {935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY    Binary Data

    {941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY    Binary Data

    {b02a4013-b6b5-4859-9168-1e3299e43b24}REG_BINARY    Binary Data

    {d870c96c-75ee-46a6-8a02-8e4401a73423}REG_BINARY    Binary Data

    {8b50e2ec-7cf0-4b71-b42e-5b0536f6cab8}REG_BINARY    Binary Data

    {4137b143-2770-43d4-91a2-55bb0a069830}REG_BINARY    Binary Data

    {3180114b-8338-4740-9a16-444134ad62f4}REG_BINARY    Binary Data

    {17043d46-fac2-4561-bca1-0c7a05e95f5f}REG_BINARY    Binary Data

    {567d3836-3f5b-4067-b9c4-952f677010a2}REG_BINARY    Binary Data

    {4e718c57-c397-4221-9fbb-14fd51701d6a}REG_BINARY    Binary Data

    {3a90a266-1519-4d23-911b-e84cd0f02ab8}REG_BINARY    Binary Data

    {56b4fdc4-bb4e-4c42-a9d8-f627ee15ac21}REG_BINARY    Binary Data

    {1ba41ed8-151d-4577-9272-317856bc637c}REG_BINARY    Binary Data

    {9248d57e-f843-4159-807d-3813173e2096}REG_BINARY    Binary Data

    {4658cd86-525d-44ed-98a5-791a7b8655f1}REG_BINARY    Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Provider
    {decc16ca-3f33-4346-be1e-8fb4ae0f3d62}REG_BINARY    Binary Data

    {4b153735-1049-4480-aab4-d1b9bdc03710}REG_BINARY    Binary Data

    {1bebc969-61a5-4732-a177-847a0817862a}REG_BINARY    Binary Data

    {aa6a7d87-7f8f-4d2a-be53-fda555cd5fe3}REG_BINARY    Binary Data

    {839cd73f-1907-49ea-9aa5-0e6be9048087}REG_BINARY    Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\SubLayer
    {b3cdd441-af90-41ba-a745-7c6008ff2300}REG_BINARY    Binary Data

    {b3cdd441-af90-41ba-a745-7c6008ff2301}REG_BINARY    Binary Data

    {b3cdd441-af90-41ba-a745-7c6008ff2302}REG_BINARY    Binary Data

    {9ba30013-c84e-47e5-ac6e-1e1aed72fa69}REG_BINARY    Binary Data

    {8c36b346-4e0c-4049-8b55-5295ac35567c}REG_BINARY    Binary Data

--------------fltmgr:--------------
Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0


HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr
    AttachWhenLoaded              REG_DWORD        1
    DisplayName                   REG_SZ        @%SystemRoot%\system32\drivers\fltmgr.sys,-10001
    Group                         REG_SZ        FSFilter Infrastructure
    ImagePath                     REG_EXPAND_SZ    system32\drivers\fltmgr.sys
    Description                   REG_SZ        @%SystemRoot%\system32\drivers\fltmgr.sys,-10000
    ErrorControl                  REG_DWORD        3
    Start                         REG_DWORD        0
    Tag                           REG_DWORD        1
    Type                          REG_DWORD        2
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum
    0                             REG_SZ        Root\LEGACY_FLTMGR\0000
    Count                         REG_DWORD        1
    NextInstance                  REG_DWORD        1


C:\Windows\system32\drivers\fltmgr.sys
File Size: 198208    BYTES    FileVersion: 6.1.7600.16385    MD5: [7520ec808e0c35e0ee6f841294316653]
C:\Windows\system32\comctl32.ocx
File Size: 610496    BYTES    FileVersion: 6.0.80.22    MD5: [e8f3b5e87fb6244c31db0673d12da91f]
C:\Windows\system32\mscomctl.ocx
File Size: 1070232   BYTES    FileVersion: 6.1.98.39    MD5: [766f501b61c22723536af696a74133d4]
C:\Windows\system32\olepro32.dll
File Size: 90112     BYTES    FileVersion: 6.1.7601.17514    MD5: [703ffd301ab900b047337c5d40fd6f96]


MBAM Registry Settings and License Info:
========================================
--------------Settings:--------------
Advanced:
    AutomaticQuarantine:                                       true
    AutostartProtection:                                       true
    LimitedMode:                                               false
    StartSilentMode:                                           false
    StartupDelay:                                              0
ApplicationState:
    First-Run-After-Installation:                              false
General:
    DaysUntilNotifyExpiration:                                 5
    Language:                                                  en
    RightClickAccess:                                          false
    SilentErrors:                                              false
Logging:
    ExportLog:                                                 true
Notification:
ProtectionTray:
    DisplayMilliseconds:                                       7000
ScanHistory:
    Duration_Complete:                                         1000
    Duration_Driver:                                           0
    Duration_Filesystem:                                       0
    Duration_Heuristics:                                       0
    Duration_Loading:                                          0
    Duration_MasterBootRecord:                                 0
    Duration_Memory:                                           40000
    Duration_PreScan:                                          10000
    Duration_Registry:                                         15000
    Duration_Sector:                                           0
    Duration_Startup:                                          5000
    ItemCount_Complete:                                        0
    ItemCount_Driver:                                          0
    ItemCount_Filesystem:                                      0
    ItemCount_Heuristics:                                      0
    ItemCount_Loading:                                         0
    ItemCount_MasterBootRecord:                                0
    ItemCount_Memory:                                          2797
    ItemCount_PreScan:                                         0
    ItemCount_Registry:                                        549
    ItemCount_Sector:                                          0
    ItemCount_Startup:                                         2318
    LastScanDateEpoch:                                         1403629981310
    LastScanType:                                              1 (Threat Scan)
Update:
    NotifyInstallReady:                                        true
    NotifyOutdatedDatabase:                                    1
    ProxyPassword:                                              
    ProxyPort:                                                 0
    ProxyServer:                                                
    ProxyUsername:                                              
    UseProxy:                                                  false
    UseProxyAuthentication:                                    false
--------------Account:--------------
  Account Status:                                              Premium
  Expiration Time:                                             2034/06/23 22:31:53
  Activation Time:                                             2014/06/23 22:31:53
  Trial Used:                                                  false
--------------Access Policies:--------------

Scheduler Queue:
================

tasks:
    02ca16c7-cbaa-4d86-9798-c1485ca2178b:                       
      parameters:                                               
        CheckForUpdatesBeforeScanStart:                        true
        ProcessLaunchedFromScheduler:                          true
        ScanConfig:                                             
          ExitWhenNoMalwareDetected:                           false
          ExportLog:                                           true
          FileSystemOption:                                    true
          RebootSystemWhenMalwareDetected:                     false
          RemoveMalwareAutomaticallyWhenScanEnds:              false
          ScanArchives:                                        true
          ScanExtra:                                           true
          ScanHeuristic:                                       true
          ScanMemoryObjects:                                   true
          ScanPUM:                                             2
          ScanPUP:                                             2
          ScanRegistry:                                        true
          ScanRootkits:                                        false
          ScanStartup:                                         true
          ScanTargets:                                          
          ScanType:                                            1 (Threat Scan)
          Silent:                                              true
          TerminateExplorerWhenMalwareIsRemoved:               false
        StartTaskFromSystemAccount:                            false
        TaskType:                                              0
      triggers:                                                 
        7b87e6d2-8173-4804-9d2e-f3164e81589e:                   
          dateinterval:                                        1:0:0
          lastscheduled:                                       Tue, 24 Jun 2014 08:31:23.907500 -0700
          lasttriggered:                                       Tue, 24 Jun 2014 08:31:23.907500 -0700
          nextscheduled:                                       Wed, 25 Jun 2014 08:23:50.907500 -0700
          recovery:                                            23:00:00
          start:                                               Tue, 24 Jun 2014 03:06:15 -0700
          timeinterval:                                        00:00:00
          type:                                                4
          uuid:                                                7b87e6d2-8173-4804-9d2e-f3164e81589e
      type:                                                    scan
      uuid:                                                    02ca16c7-cbaa-4d86-9798-c1485ca2178b
    554793c8-ba87-473a-b57a-7208d7a3cb86:                       
      parameters:                                               
        NotifyWhenUpdateCompletes:                             true
        ProcessLaunchedFromScheduler:                          true
        TaskType:                                              3
      triggers:                                                 
        f2141f00-88a5-42cd-960f-1635afb42d39:                   
          dateinterval:                                        0:0:0
          lastscheduled:                                       Tue, 24 Jun 2014 11:30:36.807158 -0700
          lasttriggered:                                       Tue, 24 Jun 2014 11:30:36.807158 -0700
          nextscheduled:                                       Tue, 24 Jun 2014 12:21:45.807158 -0700
          recovery:                                            00:00:00
          start:                                               Mon, 23 Jun 2014 23:24:19.647887 -0700
          timeinterval:                                        01:00:00
          type:                                                3
          uuid:                                                f2141f00-88a5-42cd-960f-1635afb42d39
      type:                                                    update
      uuid:                                                    554793c8-ba87-473a-b57a-7208d7a3cb86

Pending File Rename Operations:
================================
If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.

MBAMProtector Registry Values:
==============================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector
    Type                          REG_DWORD        2
    Start                         REG_DWORD        3
    ErrorControl                  REG_DWORD        1
    ImagePath                     REG_EXPAND_SZ    \??\C:\Windows\system32\drivers\mbam.sys
    Group                         REG_SZ        FSFilter Anti-Virus
    DependOnService               REG_MULTI_SZ    FltMgr

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances
    DefaultInstance               REG_SZ        MBAMProtector Instance
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance
    Altitude                      REG_SZ        328800
    Flags                         REG_DWORD        0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Parameters
    PassThruFile                  REG_SZ        mbampt.exe
    ProductPath                   REG_SZ        C:\Program Files\Malwarebytes Anti-Malware
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Enum
    0                             REG_SZ        Root\LEGACY_MBAMPROTECTOR\0000
    Count                         REG_DWORD        1
    NextInstance                  REG_DWORD        1

MBAMService Registry Values:
============================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService
    Type                          REG_DWORD        16
    Start                         REG_DWORD        2
    ErrorControl                  REG_DWORD        1
    ImagePath                     REG_EXPAND_SZ    "C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe"
    DependOnService               REG_MULTI_SZ    MBAMProtector

    ObjectName                    REG_SZ        LocalSystem
    Description                   REG_SZ        Malwarebytes Anti-Malware service
    DelayedAutostart              REG_DWORD        0

MBAMScheduler Registry Values:
==============================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler
    Type                          REG_DWORD        16
    Start                         REG_DWORD        2
    ErrorControl                  REG_DWORD        1
    ImagePath                     REG_EXPAND_SZ    "C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe"
    ObjectName                    REG_SZ        LocalSystem
    Description                   REG_SZ        Malwarebytes Anti-Malware scheduler

Terminal Services Status for (null) entries in PM logs and GetUserToken errors:
===============================================================================

--------------TERMService:--------------
Type:                   32
State:                  1 (The service is not running.) (State is stopped)
WIN32_EXIT_CODE:        1077
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0


TermService Start is set to: 3 (Manual Startup)

Proxy Status: No proxy is Set

Proxy Override:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\
    ProxyOverride    REG_SZ        *.local

LAN Settings:
=============

No Settings are Set        <--NOT DETECTING SETTING AUTOMATICALLY

SystemPartition:
================

HKEY_LOCAL_MACHINE\SYSTEM\Setup\
    SystemPartition    REG_SZ        \Device\HarddiskVolume4

Balloon Tips Status:
====================

Enabled

Time Format Settings:
=====================

Should be:
        h:mm:ss tt
        AM
        PM
        :

Currently:
REG_SZ        h:mm:ss tt
REG_SZ        AM
REG_SZ        PM
REG_SZ        :

Language and Regional Settings:
===============================

ACP:     Language is English (United States)
MACCP:     Language is English (United States)
OEMCP:     Language is English (United States)

Startup Folders for Error_Expanding_Variables Check:
====================================================

All Users Startup Folder Exists.
Current User's Startup Folder Exists.


Context Menu Entries:
=====================
















List of MBAM Related Directories:
=================================

C:\Program Files\Malwarebytes Anti-Malware\
7z.dll                                      File Size: 920888    BYTES    FileVersion:  9.20.0.0       MD5: [9f522b2708cab181c0f137abbcd1de2e]
changes.txt                                 File Size: 2261      BYTES    FileVersion:  N/A            MD5: [af70267bdf9a37a96f1a79a5c3720ae6]
license.rtf                                 File Size: 39478     BYTES    FileVersion:  N/A            MD5: [8627b31943a534aad30d154c2b2c1aaf]
master.conf                                 File Size: 1258      BYTES    FileVersion:  N/A            MD5: [9702ca5e82d3756c6d8af34a2ababaea]
mbam.dll                                    File Size: 579896    BYTES    FileVersion:  1.0.7.0        MD5: [d32c2a98859cb22d57a665f15f351e7d]
mbam.exe                                    File Size: 6970168   BYTES    FileVersion:  1.0.0.532      MD5: [4fbc630768570e6ac35c3de8f6ec79f5]
mbamcore.dll                                File Size: 1680696   BYTES    FileVersion:  1.0.11.0       MD5: [f722fa26739eafcbd8d5f3829b632cd7]
mbamdor.exe                                 File Size: 54072     BYTES    FileVersion:  1.0.1.0        MD5: [4da2f2da54a92850f56c0db712058188]
mbamext.dll                                 File Size: 157496    BYTES    FileVersion:  3.0.4.0        MD5: [1be09650974c36d9b2a890eea0c338c3]
mbampt.exe                                  File Size: 39736     BYTES    FileVersion:  1.0.0.0        MD5: [9acd7583584c93ee542c273df8e91dc1]
mbamscheduler.exe                           File Size: 1809720   BYTES    FileVersion:  3.0.2.0        MD5: [d84aea3f3329d622dfc1297dddf6163b]
mbamservice.exe                             File Size: 860472    BYTES    FileVersion:  3.0.2.0        MD5: [4f45ed469906494f9bf754e476390dbd]
mbamsrv.dll                                 File Size: 4437816   BYTES    FileVersion:  1.1.0.0        MD5: [9b48e38c35f08fa831b387a0b27c40aa]
msvcp100.dll                                File Size: 421688    BYTES    FileVersion:  10.0.40219.325 MD5: [e4b829081e639e42985853bae754a53d]
msvcr100.dll                                File Size: 774456    BYTES    FileVersion:  10.0.40219.325 MD5: [80fcedbe920e9cbe30d9d3665bd6efed]
QtCore4.dll                                 File Size: 2732856   BYTES    FileVersion:  4.8.4.0        MD5: [30490eed6a1e20e8259c0b9c58f488fe]
QtGui4.dll                                  File Size: 8575288   BYTES    FileVersion:  4.8.4.0        MD5: [15e21aa7d0c0c994cd565eeb96d13c20]
QtNetwork4.dll                              File Size: 909112    BYTES    FileVersion:  4.8.4.0        MD5: [d7588d42e29080c32a003bee465160d8]
unins000.dat                                File Size: 22920     BYTES    FileVersion:  N/A            MD5: [71b055b212e7b6787b29a3f46bc08266]
unins000.exe                                File Size: 718037    BYTES    FileVersion:  51.52.0.0      MD5: [d2796ecf50731e696f0c065d24c0827a]

C:\Program Files\Malwarebytes Anti-Malware\\Chameleon

C:\Program Files\Malwarebytes Anti-Malware\\Chameleon\Windows
chameleon.chm                               File Size: 235882    BYTES    FileVersion:  N/A            MD5: [c4190b71f037714aa77aba294434ba5b]
firefox.com                                 File Size: 750392    BYTES    FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
firefox.exe                                 File Size: 750392    BYTES    FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
firefox.pif                                 File Size: 750392    BYTES    FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
firefox.scr                                 File Size: 750392    BYTES    FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
iexplore.exe                                File Size: 750392    BYTES    FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-chameleon.com                          File Size: 750392    BYTES    FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-chameleon.exe                          File Size: 750392    BYTES    FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-chameleon.pif                          File Size: 750392    BYTES    FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-chameleon.scr                          File Size: 750392    BYTES    FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-killer.exe                             File Size: 1181496   BYTES    FileVersion:  N/A            MD5: [c6927fd8f7e9105b64db5d5a08b53731]
rundll32.exe                                File Size: 750392    BYTES    FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
svchost.exe                                 File Size: 750392    BYTES    FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
windows.exe                                 File Size: 750392    BYTES    FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
winlogon.exe                                File Size: 750392    BYTES    FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]

C:\Program Files\Malwarebytes Anti-Malware\\imageformats
qgif4.dll                                   File Size: 32568     BYTES    FileVersion:  4.8.4.0        MD5: [e59f533c26c8375cd120b4791482217e]

C:\Program Files\Malwarebytes Anti-Malware\\Languages
lang_bg.qm                                  File Size: 144048    BYTES    FileVersion:  N/A            MD5: [9ccb79999432d56b9843a3e2b2c90325]
lang_bs.qm                                  File Size: 145523    BYTES    FileVersion:  N/A            MD5: [6ab7a6274d4f9f7553c944f5c66201ba]
lang_ca.qm                                  File Size: 132254    BYTES    FileVersion:  N/A            MD5: [68a83ec63b6e7bc5dbdd412bcc49c6ce]
lang_cs.qm                                  File Size: 141243    BYTES    FileVersion:  N/A            MD5: [6b8acee7f461fa69b83d2c45c3725427]
lang_da.qm                                  File Size: 130101    BYTES    FileVersion:  N/A            MD5: [8539796784746218b229419e99ab308d]
lang_de.qm                                  File Size: 149462    BYTES    FileVersion:  N/A            MD5: [fcd3bc376ad219396e8c7d3c87cd8864]
lang_el.qm                                  File Size: 149912    BYTES    FileVersion:  N/A            MD5: [74f13f95f63fe96c08e571598df052d6]
lang_en.qm                                  File Size: 115961    BYTES    FileVersion:  N/A            MD5: [8c9da1c0ce06b89f8d323bf948bfba4e]
lang_es.qm                                  File Size: 130487    BYTES    FileVersion:  N/A            MD5: [33e1c6d40b841cc2e783ec8d8102e66f]
lang_et.qm                                  File Size: 138126    BYTES    FileVersion:  N/A            MD5: [aa215b5f37a72a69854c9163ac543b51]
lang_fi.qm                                  File Size: 144256    BYTES    FileVersion:  N/A            MD5: [18912c339939c3a6629004ec900f4fe4]
lang_fr.qm                                  File Size: 149253    BYTES    FileVersion:  N/A            MD5: [ec2bf2f431c4273f151b8c8a7b84c387]
lang_he.qm                                  File Size: 116101    BYTES    FileVersion:  N/A            MD5: [9e692744e77051c6ce14df32f9b71920]
lang_hr.qm                                  File Size: 139841    BYTES    FileVersion:  N/A            MD5: [3e3737fe86eb595c5f6817eebf731aa7]
lang_hu.qm                                  File Size: 145621    BYTES    FileVersion:  N/A            MD5: [52d3d7fcf8c8db071ef0573a1357c2fd]
lang_id.qm                                  File Size: 143102    BYTES    FileVersion:  N/A            MD5: [80473d2c73d2f54f2b23c9316f2d0ceb]
lang_it.qm                                  File Size: 146851    BYTES    FileVersion:  N/A            MD5: [7e7aea7d0b433d7e912ed9f0887684a7]
lang_ja.qm                                  File Size: 121282    BYTES    FileVersion:  N/A            MD5: [19ac79b7a5e05d665e417c2dd75afc94]
lang_ko.qm                                  File Size: 118033    BYTES    FileVersion:  N/A            MD5: [de213178c14490bf452ea45278d3442d]
lang_nl.qm                                  File Size: 146325    BYTES    FileVersion:  N/A            MD5: [5aec6f6bdc5e6c28744e6ef374709eeb]
lang_no.qm                                  File Size: 142918    BYTES    FileVersion:  N/A            MD5: [4388c08217618af2e24173af6f5d3f97]
lang_pl.qm                                  File Size: 145434    BYTES    FileVersion:  N/A            MD5: [699700c889447d1f9b607c04f07fff67]
lang_pt_BR.qm                               File Size: 131739    BYTES    FileVersion:  N/A            MD5: [a3430222223d59da8ec6ea1edae5ee2f]
lang_pt_PT.qm                               File Size: 149128    BYTES    FileVersion:  N/A            MD5: [afdf1907af4c95f9af510d5fc1bb9067]
lang_ro.qm                                  File Size: 121166    BYTES    FileVersion:  N/A            MD5: [1672a2b3a9807a1497fe43824c0026c0]
lang_ru.qm                                  File Size: 122186    BYTES    FileVersion:  N/A            MD5: [d4dd1eea2b0f52aba2fca4d159c387f7]
lang_sk.qm                                  File Size: 119827    BYTES    FileVersion:  N/A            MD5: [8b200d162e8028843e41aa1a927cfd84]
lang_sl.qm                                  File Size: 143191    BYTES    FileVersion:  N/A            MD5: [1760a6aa6990b2f0c4c71ec04b25ac9c]
lang_sr.qm                                  File Size: 143261    BYTES    FileVersion:  N/A            MD5: [377d15c0da0249f4a7a58978b6307d81]
lang_sv.qm                                  File Size: 142525    BYTES    FileVersion:  N/A            MD5: [2587ead21967296fefdd0ee0684fe8b4]
lang_tr.qm                                  File Size: 142194    BYTES    FileVersion:  N/A            MD5: [880fcbe97ec6f13ec094f7371b5b295f]
lang_vi.qm                                  File Size: 126874    BYTES    FileVersion:  N/A            MD5: [c61281786b5bfec68afc742a19f6abd9]
lang_zh_tr.qm                               File Size: 110870    BYTES    FileVersion:  N/A            MD5: [f223d83580b1ee35edea13293cb2c80d]

C:\Program Files\Malwarebytes Anti-Malware\\Plugins
fixdamage.exe                               File Size: 821560    BYTES    FileVersion:  1.1.0.1010     MD5: [3a4dcd021d9f3a5305a22e5e309da305]

C:\Users\Haro\AppData\Roaming\Malwarebytes\Malwarebytes Anti-Malware

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware
actions.ref                                 File Size: 314       BYTES    FileVersion:  N/A            MD5: [b26a36c0696e299fdfebe180c09c2737]
domains.ref                                 File Size: 38        BYTES    FileVersion:  N/A            MD5: [8c30b536b67543eb68e68b9640d4d498]
exclusions.dat                              File Size: 0         BYTES    FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
ips.ref                                     File Size: 33        BYTES    FileVersion:  N/A            MD5: [8a1c580788ea8de3f32862c2c1cf373c]
rules.ref.xox                               File Size: 7349775   BYTES    FileVersion:  N/A            MD5: [a4c6832946d2ce099c41d812792259c0]
swissarmy.ref                               File Size: 21081     BYTES    FileVersion:  N/A            MD5: [a6d56a73c602e64853aa689bf3400769]

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration
build.conf                                  File Size: 4486      BYTES    FileVersion:  N/A            MD5: [a7c0f5d1b2b64df6866aedc8901a62d4]
database.conf                               File Size: 4         BYTES    FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
gatekeeper.conf                             File Size: 4         BYTES    FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
license.conf                                File Size: 549       BYTES    FileVersion:  N/A            MD5: [0faaa3ab374fb8c61fea2b8f4ae3584c]
manifest.conf.xox                           File Size: 1573      BYTES    FileVersion:  N/A            MD5: [5783f572b2f913ca675e1454d95b56ca]
marketing.conf                              File Size: 1434      BYTES    FileVersion:  N/A            MD5: [19533c40d9c9778b2ab423dbcf063d80]
net.conf                                    File Size: 388       BYTES    FileVersion:  N/A            MD5: [d919c6506876b13913684d90bbd274eb]
net.conf.xox                                File Size: 6065      BYTES    FileVersion:  N/A            MD5: [ed380f9da92f2b7d2f3d4eac80da522b]
notifications.conf                          File Size: 4         BYTES    FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
scheduler.conf                              File Size: 2282      BYTES    FileVersion:  N/A            MD5: [521cb179f9fad3930ce163053a43a450]
settings.conf                               File Size: 1937      BYTES    FileVersion:  N/A            MD5: [0badbf67cb07dd3e3c62c277e5334769]
statistics.conf                             File Size: 597       BYTES    FileVersion:  N/A            MD5: [2d3efa81cea029683a8aa5c8751a0a52]

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs
mbam-log-2014-06-24 (10-13-00).xml          File Size: 2494      BYTES    FileVersion:  N/A            MD5: [7f7960ff1e2e420ae372a120307b79b0]
protection-log-2014-06-23.xml               File Size: 1204      BYTES    FileVersion:  N/A            MD5: [72d70987619aaac313b036f9e22de523]
protection-log-2014-06-24.xml               File Size: 1767      BYTES    FileVersion:  N/A            MD5: [c174b294b4ae0468e113fb7e9cd8c614]

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine

Malware Exclusions:
===================
Web Exclusions:
================
Quarantined Items:
===================
===============================================================
END OF FILE
 

[nandemoh]

Apologies in that I did not "attach" my text results, I am used to pasting results from other forums.

There is not an edit feature, sorry you have to muddle through the text.

 

nandemoh

[nandemoh]

Update: although I am still not able to do a Database Version update, I was able to get into settings to attempt to get some

typical features I use ticked.  After I then ran another mbam check.  The log is attached.

 

Once again, thank you for your assistance.

 

CheckResults.txt

[Maurice Naggar]

Hello,

 

I have moved your topic here, to this sub-forum,

 

Save the attached W7SERV.zip file to the Desktop.

Now, close your open windows apps. Navigate ( position to ) the desktop so you can see the saved file.
Next then, un-zip ( extract all ) of W7SERV.zip to the desktop.

Right-click on W7SERV.bat and select Run as Administrator and allow to run.

This should run very quickly in a command-prompt-window then it should restart Windows.
This script is just to get some Windows services set to normal standard default settings.

W7SERV.zip

[nandemoh]

Greetings and thank you Maurice!

 

I followed your instructions; W7SERV.bat file was extremely fast!

Computer shut down and has re-started.

I opened mbam: no success in updating Database Version.

 

Standing by!

 

 

[Maurice Naggar]

You said you covered the Trusted application settings in your antivirus and in the 3rd-party Firewall ?

 

from my early reply https://forums.malwarebytes.org/index.php?/topic/151357-malwarebytes-anti-malware-crashing/?p=845687

[Maurice Naggar]

Hello,   

 

The topic and the computer stuff can wait.  Your health is the top priority.  I wish you a speedy recovery.

[nandemoh]

  May I share just how wonderful and welcomed I feel here!  Thank you and 1PW so very much for your assistance and health wishes!

In the scheme of life, the mbam issue is not "life" or "computer" threatening!

 

If I may provide you pictures of what I hope I did correectly with the allowance directive you game me. There are moments of newbie-ism that sets in!

 

Microsoft Security Essentials action:

 

 

Firefox:

 

I use Windows Firewall and did not see how to "allow" mbam

 

This is the end of the trusted process.  I hope I did it correctly, if not, tutoring please!

Thank you again for your professional assistance and kindness.

nandemoh

[Maurice Naggar]

Hello,

 

NOTE: Firefox is not involved in any phase of the MBAM updating.  You did not need any "tweak" in Firefox.

The "data-cdn" bit is not needed for any browser.

That tweak is not needed in the Windows firewall.

It is sometimes needed with 3rd-party firewalls, like those from Zone Alarm, or sometimes those from Symantec, or McAfee, for example.

I would like for you to start the program. Please look at the Dashboard screen. Does it have the green-color bar with the check-mark "Your system is fully protected" ?

Does the top bar on the window show version **2.0.2.1012** ? { you can also check Settings >> About button }

now, click on the **My Account** icon at the very top bar. Does that show license state as "Licensed" ?
let me know about all those

Click the **Settings** icon >> then **Detection and Protection**
are the 2 protections on for Malware protection + Malicious website protection ?

Please let me know if you have any questions or need further assistance.

[Maurice Naggar]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!