Firefox slowdowns on selected number of websites

[kilokore]

Since installing Malwarebytes about 2 months ago, I have been completely malware free, until today.

I initially noticed the slowdown after I had adobe flash open for about 8 hours on my laptop. I only say that to provide a temporal reference to my discovery, not because i suspect flash doing something fishy with my computer.

Anyways, the reason i know something's gone wrong is when i see my firefox opening new tabs on its own that are directed to no purposeful website in particular. Naturally I ran malwarebytes, and found one trojan.vundo which i took care of shortly after. The following is the log from that scan:

Malwarebytes' Anti-Malware 1.33

Database version: 1654

Windows 5.1.2600 Service Pack 2

2009-02-24 12:17:24 AM

mbam-log-2009-02-24 (00-17-24).txt

Scan type: Quick Scan

Objects scanned: 14984

Time elapsed: 2 minute(s), 25 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\WINDOWS\system32\wvUlkIby.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

Afterward I ran the scan couple more time to make sure nothing else was happening. I was thanking malwarebytes and god at this point for saving my laptop again.

Then earlier today, I open firefox to check my gmail. But something is weird because access gmail takes never this long, and after 2 good minutes of trying, gmail gave up and redirected me to "sorry" splash page claiming it was receiving requests from what seemed like a virus or a spyware. I tried to access some of the other popular websites like yahoo or google and found out this spyware was interfering with my access to certain websites.

Of course, this has happened before and last time it happened it was the result of the vundo virus. I ran vundofix.exe, which solved my problem last time, but it told me i was clean. I just ran malwarebytes again and spybot s&d only to find i have no infection.

Gmail is still painstakingly slow. My memory usage for a blank page in firefox shoots up to 70-80 (normally it's 40ish), although it uses less than 15% of CPU.

Any hints? If nothing seems obvious, i will post the hijack log.

[AdvancedSetup]

Please UPDATE MBAM and scan again.

YOUR VERSION

Malwarebytes' Anti-Malware 1.33

Database version: 1654

CURRENT VERSION

Malwarebytes' Anti-Malware 1.34

Database version: 1799

Update and Scan with Malwarebytes' Anti-Malware

• Start MalwareBytes AntiMalware (Vista users must Right click and choose RunAs Admin)
  
• Please DO NOT run MBAM in Safe Mode unless requested to, you MUST run it in normal Windows mode.
  
  • Update Malwarebytes' Anti-Malware
  • Select the Update tab
    
  • Click Update
    

  [*]When the update is complete, select the Scanner tab

  [*]Select Perform quick scan, then click Scan.

  [*]When the scan is complete, click OK, then Show Results to view the results.

  [*]Be sure that everything is checked, and click Remove Selected.

  [*]When completed, a log will open in Notepad. please copy and paste the log into your next reply

  • If you accidently close it, the log file is saved here and will be named like this:
    
  • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
    

Then RESTART the computer

AFTER the reboot run HJT Do a system scan and save a logfile

The post back NEW MBAM and HJT logs in that order please.

Hello and Welcome to Malwarebytes.org

If you're having Malware related issues with your computer that you're unable to resolve.

1. Please read and follow the instructions provided here: I'm infected - What do I do now?
2. If needed please post your logs in a NEW topic here: Malware Removal - HijackThis Logs
   
3. When posting logs please do not use any Quote, Code, or other tags. Please copy/paste directly into your post and do not attach files unless requested.
   

• Please do not post any logs in the General forum. We do not work on any logs posted in the General forum.
  
• Please do not install any software or use any removal/scanning tool except for those you're requested to run by the Helper that will assist you.
  
• Using these other tools often makes the cleanup task more difficult and time consuming.
  
• If you have already submitted for assistance at one of the other support sites on the Internet then you should not post a new log here, you should stay working with the Helper from that site until the issue is resolved.
  
• Do not assume you're clean because you don't see something in the logs. Please wait until the person assisting you provides feedback.
  
• There are often many others that require asistance as well, so please be patient. If no one has responded within 48 hours then please go ahead and post a request for review
  

• NOTE: If for some reason you're unable to run some or any of the tools in the first link, then skip that step and move on to the next one. If you can't even run HijackThis, then just proceed and post a NEW topic as shown in the second link describing your issues and someone will assist you as soon as they can.
  

[kilokore]

thank you for your response.

I have since updated my mbam to 1.34. However, now I start receiving Error Code 731 (0, 6) upon detection of 1 malware. I don't know how, or why. I have been searching this error all over the net and I have not yet come up with a solution that will get rid of it.

So as of now, I know there's at least one malware that mbam has successfully detected but crashed upon detection. Spyboy s&d told me I was clean, so did vundofix.

I installed HJT last night as well and ran it and got the log. I did a skim through comparison between mine and some of the infected logs here but i don't seem to be able to find any abnormalities.

I suppose posting HJT is the way. Can you suggest anything about mbam crashing?