Browsers freeze and pc locks up

[Gator71]

Hi,

Whenever I try to run mb on startup and all the protection modules are active my browsers freeze up and eventually my whole pc locks up so I can't run the protection, any ideas why?

[orubio]

Hello Gator71 and welcome to the Malwarebytes support forum. Thank you for choosing Malwarebytes' Anti-Malware as your malware security solution, my name is Oscar Rubio and I'll be assisting you today.

Lets collect additional information off the system to see if we can spot any issues.

Step 1- Please download DDS from the link below and save it to your desktop:

http://download.bleepingcomputer.com/sUBs/dds.scr

Step 2- Disable any security software before running

Step 3- Double click dds.scr to run the tool.

As it starts, click the + sign next to "Options for dds.txt" then remove the check from the box which says "check MBR"

Step 4- Ensure there is also a check next to "attach.txt"

Step 5- Next, click Start. It should run and produce 2 logs for you, DDS.txt and Attach.txt

Step 6- Please attach the following file in your next reply:

DDS.txt

Attach.txt

[Gator71]

Ok here you go

http://www.mediafire.com/?1awlazhwnkwwjs9,ojkc1m6f5qu5k8o

[Gator71]

Anyone know what could fix this?

[AdvancedSetup]

Please just post your DDS logs directly - don't use a site like Mediafire.

What Anti-Virus are you using?

[Gator71]

Where is the attachment button? or should I paste the text in the body?

[Gator71]

I'm using comodo internet security

[AdvancedSetup]

You can post both files directly to the post.

[Gator71]

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-09-30.01)

.

.

==== Disk Partitions =========================

.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

µTorrent

7-Zip 9.20

Ad Muncher v4.91 Build 32562

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

AOL Uninstaller (Choose which Products to Remove)

Ashampoo Burning Studio 11 v.11.0.2

Auslogics Disk Defrag

BLM 2.7.7

CCleaner

Cdrom List Creator

CleanMem

ClipX

Comodo Dragon

COMODO Internet Security

Conexant HD Audio

Everything 1.2.1.371

Fences

FileHippo.com Update Checker

Foxit Reader 5.1

GetDiz 4.5

Google Chrome

Google Talk (remove only)

HDAUDIO Soft Data Fax Modem with SmartCP

HostsMan 3.2.73

ImgBurn

IrfanView (remove only)

Java Auto Updater

Java 7 Update 2

MagicDisc 2.7.106

Malwarebytes Anti-Malware version 1.60.1.1000

Microsoft .NET Framework 4 Client Profile

Microsoft VC9 runtime libraries

MiPony 1.5.3

MozBackup 1.5.1

Mozilla Firefox 9.0.1 (x86 en-US)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

My Lockbox 2.5

Nero 7 Premium

neroxml

NVIDIA Drivers

NVIDIA PhysX

OpenDNS Updater 2.2.1

Opera 11.61

Pando

PeerBlock 1.1 (r518)

Sandboxie 3.62 (32-bit)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

SlimDrivers

SpeedFan (remove only)

Spybot - Search & Destroy

SpywareBlaster 4.5

SRWare Iron 16.0.950.0

SUPERAntiSpyware

Synaptics Pointing Device Driver

Unlocker 1.9.1

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Viewpoint Media Player

Vista Shortcut Manager

VLC media player 1.1.11

WinPatrol

WinRAR archiver

WOT for Internet Explorer

Your Uninstaller! 7

.

==== End Of File ===========================

DDS (Ver_2011-09-30.01) - NTFS_x86

Internet Explorer: 9.0.8112.16421

Run by Maria at 12:23:56 on 2012-02-01

#Option MBR scan is disabled.

.

============== Running Processes ================

.

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.bing.com/

uProxyServer = 127.0.0.1:9050

BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll

BHO: WOT Helper: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - c:\program files\wot\WOT.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

TB: WOT: {71576546-354D-41C9-AAE8-31F2EC22BF0D} - c:\program files\wot\WOT.dll

TB: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - c:\program files\wot\WOT.dll

uRun: [HostsMan] "c:\program files\hostsman\hm.exe" -s

uRun: [HostsServer] "c:\program files\hostsman\hostssrv.exe" --start

uRun: [sandboxieControl] "c:\program files\sandboxie\SbieCtrl.exe"

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [OpenDNS Updater] "c:\program files\opendns updater\OpenDNSUpdater.exe" /autostart

mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot

mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h

mRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart

mRun: [ClipX] c:\program files\clipx\clipx.exe

mRun: [Ad Muncher] "c:\program files\ad muncher\AdMunch.exe" /bt

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: Block frame with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=M34N60Z1&id=menu_ie_frame

IE: Block image with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=M34N60Z1&id=menu_ie_image

IE: Block link with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=M34N60Z1&id=menu_ie_link

IE: Don't filter page with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=M34N60Z1&id=menu_ie_exclude

IE: Download with Mipony - c:\program files\mipony\browser\IEContext.htm

IE: Report page to the Ad Muncher developers - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=M34N60Z1&id=menu_ie_report

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab

DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab

TCP: NameServer = 65.32.5.111 65.32.5.112

TCP: Interfaces\{FA7E2FDE-22A0-48A2-A1A8-627614372F0B} : NameServer = 208.67.222.222,208.67.220.220

TCP: Interfaces\{FA7E2FDE-22A0-48A2-A1A8-627614372F0B} : DHCPNameServer = 65.32.5.111 65.32.5.112

Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - c:\program files\wot\WOT.dll

Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL

SSODL: WebCheck - <orphaned>

STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - c:\program files\stardock\fences\FencesMenu.dll

SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL

Hosts: 127.0.0.1 pixel.mathtag.com sitestat.mayoclinic.com mbe.ru mbn.com.ua 100.mbn.com.ua 120.mbn.com.ua 160.mbn.com.ua classic.mbn.com.ua ads.mcafee.com

Hosts: 127.0.0.1 www.kikclicks.com www.bitwisepublishing.com www.free-patriotic-screensavers.com www.scenicreflections.com www.addbags.com banners.adventory.com as.autoforums.com as2.autoforums.com ads.bleepingcomputer.com

Hosts: 127.0.0.1 sdc.subway.com sdc.t-mobile.com sdc.traderonline.com sdc.tulsaworld.com sdc.tvguide.com sdc.usps.com sdc.vml.com sdc.windowsmarketplace.com wdcs.trendmicro.com

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\maria\appdata\roaming\mozilla\firefox\profiles\d62hi5gr.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll

FF - plugin: c:\program files\java\jre7\bin\new_plugin\npjp2.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll

FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_183.dll

.

============= SERVICES / DRIVERS ===============

.

.

=============== File Associations ===============

.

FileExt: .txt: GetDiz.Document="c:\program files\getdiz\GetDiz.exe" "%1"

FileExt: .ini: GetDiz.Document="c:\program files\getdiz\GetDiz.exe" "%1"

.

=============== Created Last 30 ================

.

2012-02-01 05:14:46 -------- d-----w- c:\program files\Cdrom List Creator

2012-01-30 22:12:32 -------- d-----w- c:\program files\Alcohol Soft

2012-01-30 22:04:28 436792 ----a-w- c:\windows\system32\drivers\sptd.sys

2012-01-30 09:27:33 -------- d-----w- c:\windows\Windows Defender Offline

2012-01-29 23:53:00 -------- d-----w- c:\users\maria\appdata\roaming\Ashampoo

2012-01-29 23:45:23 -------- d-----w- c:\users\maria\appdata\local\ashampoo

2012-01-29 23:45:23 -------- d-----w- c:\programdata\ashampoo

2012-01-29 23:43:30 -------- d-----w- c:\program files\Ashampoo

2012-01-29 00:49:50 116736 ----a-w- c:\windows\system32\drivers\mcdbus.sys

2012-01-29 00:49:48 -------- d-----w- c:\program files\MagicDisc

2012-01-28 21:34:32 -------- d-----w- c:\users\maria\appdata\local\VS Revo Group

2012-01-28 20:34:46 662288 ----a-w- c:\windows\system32\MSCOMCT2.OCX

2012-01-28 20:34:46 212240 ----a-w- c:\windows\system32\Richtx32.ocx

2012-01-28 20:34:46 152848 ----a-w- c:\windows\system32\comdlg32.ocx

2012-01-28 20:34:46 150016 ----a-w- c:\windows\system32\Unzip32.dll

2012-01-28 20:34:46 132880 ----a-w- c:\windows\system32\msinet.ocx

2012-01-28 20:34:46 124688 ----a-w- c:\windows\system32\mswinsck.ocx

2012-01-28 20:34:46 -------- d-----w- c:\program files\Bluetack

2012-01-28 08:00:33 -------- d-----w- c:\program files\PeerBlock

2012-01-28 07:38:02 -------- d-----w- c:\program files\uTorrent

2012-01-28 07:37:43 -------- d-----w- c:\users\maria\appdata\roaming\uTorrent

2012-01-27 06:40:08 -------- d-----w- c:\program files\WOT

2012-01-27 06:12:26 -------- d-----w- c:\program files\CCleaner

2012-01-27 06:05:45 -------- d-----w- c:\users\maria\appdata\roaming\URSoft

2012-01-27 06:05:35 -------- d-----w- c:\program files\Your Uninstaller! 7

2012-01-27 06:02:00 -------- d-----w- c:\users\maria\appdata\roaming\Outertech

2012-01-27 01:47:06 -------- d-----w- c:\program files\Everything

2012-01-26 15:54:04 -------- d-----w- c:\program files\MSXML 4.0

2012-01-26 00:01:22 -------- d-----w- c:\users\maria\appdata\local\Ahead

2012-01-25 23:52:36 -------- d-----w- c:\programdata\Nero

2012-01-25 23:52:36 -------- d-----w- c:\program files\Nero

2012-01-25 22:01:43 -------- d-----w- c:\program files\GetDiz

2012-01-25 20:40:10 -------- d-----w- c:\users\maria\appdata\local\Pando

2012-01-25 20:39:35 -------- d-----w- c:\program files\Pando Networks

2012-01-24 00:55:35 -------- d-----w- c:\users\maria\appdata\roaming\Auslogics

2012-01-23 22:06:14 -------- d-----w- c:\users\maria\appdata\local\Frameworkx.com

2012-01-23 22:05:43 -------- d-----w- c:\program files\Frameworkx

2012-01-22 03:23:48 -------- d-----w- c:\programdata\Ad Muncher

2012-01-22 03:23:48 -------- d-----w- c:\program files\Ad Muncher

2012-01-22 03:08:21 58696 ----a-w- c:\windows\system32\AOLParconLink.exe

2012-01-22 03:06:57 -------- d-----w- c:\program files\AOL Desktop 9.7

2012-01-22 03:01:23 -------- d-----w- c:\users\maria\appdata\roaming\AOL

2012-01-22 03:01:11 -------- d-----w- c:\users\maria\appdata\local\AOL

2012-01-22 03:00:21 -------- d-----w- c:\programdata\Viewpoint

2012-01-22 03:00:19 -------- d-----w- c:\program files\Viewpoint

2012-01-22 03:00:18 -------- d-----w- c:\program files\common files\Nullsoft

2012-01-22 02:59:47 33588 ----a-w- c:\windows\system32\drivers\wanatw4.sys

2012-01-22 02:58:48 -------- d-----w- c:\program files\common files\aolshare

2012-01-22 02:58:48 -------- d-----w- c:\program files\common files\aol

2012-01-22 02:58:48 -------- d-----w- c:\program files\AOL 9.0

2012-01-22 00:46:07 -------- d-----w- c:\users\maria\appdata\roaming\OpenDNS Updater

2012-01-22 00:46:05 -------- d-----w- c:\program files\OpenDNS Updater

2012-01-21 21:37:52 -------- d-----w- c:\users\maria\appdata\local\Stardock

2012-01-21 21:33:43 -------- d-----w- c:\program files\FavBackup

2012-01-21 21:33:22 -------- d-----w- c:\program files\Comodo Cleaning Essentials

2012-01-21 21:33:22 -------- d-----w- c:\program files\Combined

2012-01-21 21:33:21 -------- d-----w- c:\program files\FSCapture

2012-01-21 21:29:39 -------- d-----w- C:\My Lockbox

2012-01-21 21:29:32 41912 ----a-w- c:\windows\system32\drivers\FSPFltd.sys

2012-01-21 21:29:32 -------- d-----w- c:\program files\My Lockbox

2012-01-21 21:20:01 -------- d-----w- c:\windows\CleanMem

2012-01-21 21:20:00 -------- d-----w- c:\program files\CleanMem

2012-01-21 17:52:59 -------- d-----w- c:\program files\ClipX

2012-01-21 15:42:39 -------- d-----w- c:\windows\system32\SPReview

2012-01-21 15:40:59 -------- d-----w- c:\windows\system32\EventProviders

2012-01-21 15:14:02 521216 ----a-w- c:\windows\system32\termsrv.dll

2012-01-21 15:12:59 902656 ----a-w- c:\windows\system32\WMADMOD.DLL

2012-01-21 15:11:59 530432 ----a-w- c:\windows\system32\comctl32.dll

2012-01-21 15:10:59 712576 ----a-w- c:\windows\system32\drivers\ndis.sys

2012-01-21 15:09:58 481792 ----a-w- c:\windows\system32\mscms.dll

2012-01-21 15:08:59 690680 ----a-w- c:\windows\system32\ci.dll

2012-01-21 14:58:40 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys

2012-01-21 14:32:14 -------- d--h--w- C:\VritualRoot

2012-01-21 05:36:31 -------- d-----w- c:\program files\MozBackup

2012-01-21 05:11:38 -------- d-----w- c:\users\maria\appdata\roaming\Mipony

2012-01-21 05:11:33 -------- d-----w- c:\program files\MiPony

2012-01-21 05:04:03 -------- d-----w- c:\users\maria\appdata\roaming\Malwarebytes

2012-01-21 05:03:59 -------- d-----w- c:\programdata\Malwarebytes

2012-01-21 05:03:58 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-01-21 05:03:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-01-21 05:01:48 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2012-01-21 05:01:48 -------- d-----w- c:\program files\Spybot - Search & Destroy

2012-01-21 04:59:17 -------- d-----w- c:\users\maria\appdata\local\Mozilla

2012-01-21 04:57:59 118784 ----a-w- c:\windows\system32\MSSTDFMT.DLL

2012-01-21 04:57:59 1071088 ----a-w- c:\windows\system32\MSCOMCTL.OCX

2012-01-21 04:57:59 -------- d-----w- c:\program files\SpywareBlaster

2012-01-21 04:57:47 -------- d-----w- c:\users\maria\appdata\roaming\SUPERAntiSpyware.com

2012-01-21 04:57:31 -------- d-----w- c:\program files\SUPERAntiSpyware

2012-01-21 04:57:30 -------- d-----w- c:\programdata\SUPERAntiSpyware.com

2012-01-21 04:55:47 -------- d-----w- c:\users\maria\appdata\roaming\IrfanView

2012-01-21 04:55:47 -------- d-----w- c:\program files\IrfanView

2012-01-21 04:54:14 -------- d-----w- c:\program files\Foxit Software

2012-01-21 04:53:50 -------- d-----w- c:\program files\FileHippo.com

2012-01-21 04:52:41 -------- d-----w- c:\program files\VideoLAN

2012-01-21 04:41:31 -------- d-----w- c:\users\maria\appdata\roaming\Stardock

2012-01-21 04:41:28 -------- dc-h--w- c:\programdata\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}

2012-01-21 04:41:25 -------- d-----w- c:\program files\Stardock

2012-01-21 04:40:44 -------- d-----w- c:\users\maria\appdata\local\PackageAware

2012-01-21 04:36:06 22528 ----a-w- c:\program files\windows sidebar\gadgets\systemcontrols.gadget\helper\SystemControlsHelper.exe

2012-01-21 03:45:00 -------- d-----w- c:\users\maria\appdata\local\Opera

2012-01-21 03:30:26 -------- d-----w- c:\windows\Panther

2012-01-21 03:10:45 -------- d---a-w- c:\users\maria\appdata\local\Chromium

2012-01-21 03:05:28 -------- d-----w- c:\users\maria\appdata\roaming\WinPatrol

2012-01-21 02:18:22 314880 ----a-w- c:\windows\system32\webio.dll

2012-01-21 02:18:22 1038848 ----a-w- c:\windows\system32\lsasrv.dll

2012-01-21 02:18:21 369352 ----a-w- c:\windows\system32\drivers\cng.sys

2012-01-21 02:18:21 224768 ----a-w- c:\windows\system32\schannel.dll

2012-01-21 02:18:21 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2012-01-21 02:18:21 100352 ----a-w- c:\windows\system32\sspicli.dll

2012-01-21 02:18:20 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-01-21 02:18:20 22528 ----a-w- c:\windows\system32\lsass.exe

2012-01-21 02:18:20 22016 ----a-w- c:\windows\system32\secur32.dll

2012-01-21 02:18:20 15872 ----a-w- c:\windows\system32\sspisrv.dll

2012-01-21 02:03:52 637848 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-01-21 02:03:51 567184 ----a-w- c:\windows\system32\deployJava1.dll

2012-01-21 02:03:42 417440 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-01-21 02:03:41 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-01-21 02:02:24 -------- d-----w- c:\program files\Auslogics

2012-01-21 01:50:19 -------- d-----w- c:\windows\nvtmpinst

2012-01-21 01:42:11 -------- d-----w- c:\program files\Synaptics

2012-01-21 01:31:14 -------- d-----w- c:\program files\Unlocker

2012-01-21 01:30:37 -------- d-----w- c:\program files\SpeedFan

2012-01-21 01:19:58 1474832 ----a-w- c:\windows\system32\drivers\sfi.dat

2012-01-21 01:18:24 -------- d-----w- c:\users\maria\appdata\local\Comodo

2012-01-21 01:18:13 -------- d-----w- c:\programdata\Comodo

2012-01-21 01:18:06 348160 ------w- c:\windows\system32\msvcr71.dll

2012-01-21 01:18:06 1700352 ----a-w- c:\windows\system32\gdiplus.dll

2012-01-21 01:18:06 1060864 ----a-w- c:\windows\system32\mfc71.dll

2012-01-21 01:16:40 1549312 ----a-w- c:\windows\system32\tquery.dll

2012-01-21 01:15:59 850944 ----a-w- c:\windows\system32\sbe.dll

2012-01-21 01:14:59 2048 ----a-w- c:\windows\system32\tzres.dll

2012-01-21 01:14:52 741376 ----a-w- c:\windows\system32\inetcomm.dll

2012-01-21 01:14:45 571904 ----a-w- c:\windows\system32\oleaut32.dll

2012-01-21 01:14:45 233472 ----a-w- c:\windows\system32\oleacc.dll

2012-01-21 01:14:36 802304 ----a-w- c:\windows\system32\WFS.exe

2012-01-21 01:14:36 191488 ----a-w- c:\windows\system32\FXSCOVER.exe

2012-01-21 01:14:31 69632 ----a-w- c:\windows\system32\drivers\bowser.sys

2012-01-21 01:14:20 293376 ----a-w- c:\windows\system32\umpnpmgr.dll

2012-01-21 01:14:20 145920 ----a-w- c:\windows\system32\cfgmgr32.dll

2012-01-21 01:14:15 31232 ----a-w- c:\windows\system32\prevhost.exe

2012-01-21 01:08:52 -------- d-----w- c:\users\maria\appdata\roaming\abelhadigital.com

2012-01-21 01:08:52 -------- d-----w- c:\programdata\abelhadigital.com

2012-01-21 01:08:50 -------- d-----w- c:\program files\HostsMan

2012-01-21 01:07:42 -------- d-----w- c:\program files\SRWare Iron

2012-01-21 01:03:52 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2012-01-21 01:03:52 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys

2012-01-21 01:03:52 107520 ----a-w- c:\windows\system32\cdd.dll

2012-01-21 00:54:18 -------- d-----w- c:\windows\system32\AGEIA

2012-01-21 00:54:12 -------- d-----w- c:\program files\common files\Wise Installation Wizard

2012-01-21 00:54:06 797216 ----a-w- c:\windows\system32\nvcplui.exe

2012-01-21 00:54:06 420384 ----a-w- c:\windows\system32\nvcpl.cpl

2012-01-21 00:54:06 1108512 ----a-w- c:\windows\system32\nvcpluir.dll

2012-01-21 00:53:07 453152 ----a-w- c:\windows\system32\NVUNINST.EXE

2012-01-21 00:52:55 -------- d-----w- C:\NVIDIA

2012-01-21 00:51:55 -------- d-----w- c:\program files\CONEXANT

2012-01-21 00:46:44 12984 ----a-w- c:\windows\system32\drivers\SWDUMon.sys

2012-01-21 00:46:42 -------- d-----w- c:\users\maria\appdata\local\SlimWare Utilities Inc

2012-01-21 00:46:39 -------- d-----w- c:\program files\SlimDrivers

2012-01-21 00:46:35 -------- d-sh--w- c:\windows\Installer

2012-01-21 00:45:42 -------- d-----w- c:\windows\system32\wbem\Performance

2012-01-21 00:39:27 -------- d-sh--w- C:\Recovery

.

==================== Find3M ====================

.

2012-01-21 16:22:07 152576 ----a-w- c:\windows\system32\msclmd.dll

2012-01-17 21:00:40 491816 ----a-w- c:\windows\system32\drivers\cmdGuard.sys

2011-12-19 23:59:14 39640 ----a-w- c:\windows\system32\drivers\cmdhlp.sys

2011-12-19 23:59:12 19600 ----a-w- c:\windows\system32\drivers\cmderd.sys

2011-12-19 23:58:58 33984 ----a-w- c:\windows\system32\cmdcsr.dll

2011-12-19 23:58:56 301224 ----a-w- c:\windows\system32\guard32.dll

2011-12-14 20:51:16 499712 ----a-w- c:\windows\system32\msvcp71.dll

2011-11-24 04:25:27 2342912 ----a-w- c:\windows\system32\win32k.sys

2011-11-19 14:01:00 67072 ----a-w- c:\windows\system32\packager.dll

2011-11-17 05:38:39 1288472 ----a-w- c:\windows\system32\ntdll.dll

2011-11-15 19:29:56 222080 ------w- c:\windows\system32\MpSigStub.exe

.

============= FINISH: 12:24:53.66 ===============

[AdvancedSetup]

Your computer shows signs of being infected. Please choose an option below to have someone assist you in cleaning your system.

Here are the steps needed to get your computer cleaned....

Please read the following so that you can begin the cleaning process:

Don't use any temporary file cleaners unless requested - this can cause data loss and make recovery difficult

You have 3 Options that you can choose from as listed below:

• Option 1 —— Free Expert advice in the Malware Removal Forum
  
• Option 2 —— Paying customer -- Contact Support via email
  
• Option 3 —— Premium, Fee-Based Support
  

OPTION 1

As we don't deal with malware removal in the

General Malwarebytes' Anti-Malware Forum

, you need to start a topic in the

Malware Removal forum

so a qualified helper can help you fix any malware related problems or infections you may have.

• Please read and follow the directions here, skipping any steps you are unable to complete.
  
• After posting your new post, make sure under options, you select Follow this topic and choose Instantly,
  so that you're alerted when someone has replied to your post.
  

NOTE: Please do not post back to (bump) your topic within the first 48 hours.

Replying to your own posts changes the post count and helpers are looking for topics with zero replies.

If you reply to your own post helpers may think that you're already being helped and thus overlook your post.

• 
  
  • If there is no reply from any experts after 48 hours, you can reply to the topic, asking for help again.
    Or
    
  • You may send a Private Message to a Moderator asking for assistance.
    

OPTION 2

Alternatively, as a paying customer, you can contact the help desk at

support@malwarebytes.org

or

here

.

OPTION 3

If you would like to use our

Malwarebytes Premium Consumer Services

partner, Comprehensive solutions to all your computer support needs—from installation and set-up to troubleshooting and tune-ups go to our

Malwarebytes Premium Services

support site.

Please be patient, someone will assist you as soon as possible.

[Gator71]

Your computer shows signs of being infected. Please choose an option below to have someone assist you in cleaning your system.

Are you kidding?

My pc is fine...it was just reformatted and I have plenty of protection on it.

malwarebytes has done this in the past, why would it lock my browsers up and then my pc? it has something to do with the pro modules when you have it running in realtime.

I need help with your software not my pc, thanks

[Gator71]

If you want I can run mb and give you the results

[Gator71]

I would love to know why you think it is infected?

[Gator71]

Malwarebytes Anti-Malware (PRO) 1.60.1.1000

www.malwarebytes.org

Database version: v2012.02.01.03

Windows 7 Service Pack 1 x86 NTFS

Internet Explorer 9.0.8112.16421

Maria :: MARIA-PC [administrator]

Protection: Disabled

2/2/2012 7:57:24 PM

mbam-log-2012-02-02 (19-57-24).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 161319

Time elapsed: 12 minute(s), 28 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

[AdvancedSetup]

Well in most situations it is highly unlikely for a user to have this setting for a proxy server. Not guaranteed to be an infection but often when you see this the computer is infected or was cleaned up from an infection and this was left behind.

uProxyServer = 127.0.0.1:9050

[Gator71]

Oh that is fine, I think it's my ad program or something but i'm not infected I promise lol...I love mb and would love to have it protecting my system full time, but unfortunately it can't currently due to it locking stuff up.

[AdvancedSetup]

Well there are basically 2 choices at the moment.

1. Need to run a FULL disk check on the drive to rule out any corruption

2. Need to have someone in HJT or on the Help Desk help you run some scans to verify no infection

At that point we can then review other options of what might be causing it but no one wants to fight a disk error or an infection as you can spend days going round and round only to find out disk check fixed it or the box was infected.

Thanks

[Gator71]

I'll say it again..I just wiped my drive and installed windows and i'm getting everything installed now how could it be a disc problem or virus issue when I just cleared the drive?

I'm not trying to sound mean or rude but my hdd is fine and i'm not infected.

Could it not like some hardware that's on my machine? I know some things work fine on certain machines and some not on certain machines due to basically what it has as far as hardware etc. or maybe a certain update?

[Gator71]

I'm not the only one

http://forums.malwarebytes.org/index.php?showtopic=47331

[AdvancedSetup]

No problem. Just saying if you can't or won't work with us then we can't help you. One has to be willing to allow someone to help them.

[Gator71]

Ok I narrowed it down...mb and my chromium browsers are conflicting, I unchecked everything on startup other than mb and IE and Opera works fine with mb running with protection modules enabled...now ff was hanging a little bit but still connected to the websites but everytime I tried chrome,iron or dragon it would soon lock up and I had to shut down manually.

[Gator71]

What could the issue be with chomium?

[Gator71]

Does the latest mb have any bugs possibly?

[Gator71]

Solved!...1.60 must have a bug cause I installed 1.51 and everything is fine

[Maurice Naggar]

I'm not the only one

http://forums.malwar...showtopic=47331

That is a very old, stale report. The current MBAM version is vers 1.60.1.1000

Reverting to an old version is at your risk.

After doing a new/clean install of Windows, did you use Windows Update to get current with updates?

De-install any trial anti-virus that may have been included with the original Win configuration by your OEM?

Then install your anti-virus / security suite? and follow-up by doing an Update run on that app ?

Follow the tips in the F.A.Q. in MBAM General? ref http://forums.malwar...showtopic=10138

As noted by Advabcedsetup

No problem. Just saying if you can't or won't work with us then we can't help you. One has to be willing to allow someone to help them.