MBAM Pro delayed start with Windows

[blue_k]

Hello,

Everytime I start my computer MBAM Pro takes a long time to start up. The rest of the system starts just fine and I am able to use my computer just fine, but MBAM Pro is not protecting until it has started. It can take sometimes up to about 10 minutes before MBAM will start. What is causing this? Also, this is on a new installation of Windows 7 Professional 64 bit. I use Panda Global Protection 2012 for my AV, but I followed the guide and excluded MBAM as a threat. I also have used Panda USB Vaccine and vaccinated my computer, but this just prevents autorun from external media like CDROM and USB, and not autorun from the hard drive, and MBAM starts eventually, so I don't think this is causing the problem.

[AdvancedSetup]

MBAM is set to delay load on purpose. You can modify the start service but unless it's really causing an issue leaving it as it is should be fine.

[blue_k]

Is it supposed to take up to 10 mins though? By the time it takes to load, I am already on the internet browsing the web, I am unprotected by MBAM during this time.

[AdvancedSetup]

Well 10 minutes is a bit long yes.

Please run the following scanner and post back the logs.

Download

DDS

and save it to your desktop

http://download.bleepingcomputer.com/sUBs/dds.scr

Disable any script blocker if your Anti-Virus/Anti-Malware has it.

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click

dds.scr

to run the tool.

When done, the

DDS.txt

will open.

Click Yes at the next prompt for Optional Scan.

When done, DDS will open two (2) logs:

1. DDS.txt
   
   
2. Attach.txt

• Save both reports to your desktop
• Please include the following logs in your next reply:
  DDS.txt
  and
  Attach.txt

[blue_k]

Here is the DDS log.

.
DDS (Ver_2011-08-26.01) - NTFSAMD64 
Internet Explorer: 9.0.8112.16421
Run by Andrew at 14:02:36 on 2011-09-30
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.8169.6555 [GMT -4:00]
.
AV: Panda Global Protection 2012 *Disabled/Updated* {86971480-9989-6750-B122-681A86518D59}
SP: Panda Global Protection 2012 *Disabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Personal Firewall 2012 *Enabled* {BEAC95A5-D3E6-6608-9A7D-C12F7882CA22}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\PskSvc.exe
C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\TPSrvWow.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA GLOBAL PROTECTION 2012\WebProxy.exe
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\PsCtrls.exe
C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\PavFnSvr.exe
C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe
C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\pavsrvx86.exe
C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\AVENGINE.EXE
c:\program files (x86)\panda security\panda global protection 2012\firewall\PSHOST.EXE
C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\PsImSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\ApVxdWin.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\SysWOW64\CtHelper.exe
C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.01.067\Applets\x64\LCDClock.exe
C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.01.067\Applets\x64\LCDCountdown.exe
C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.01.067\Applets\x86\LCDMedia.exe
C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.01.067\Applets\x64\LCDPop3.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\SRVLOAD.EXE
C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\PavBckPT.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: CIESpeechBHO Class: {8d10f6c4-0e01-4bd4-8601-11ac1fdf8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\APVXDWIN.EXE" /s
mRun: [SCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\Inicio.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL
mRun: [CTHelper] CTHELPER.EXE
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{30DC7544-44C5-41C4-B84A-381A8CCA375D} : DhcpNameServer = 192.168.1.1
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64:     AcroIEHelperStub - No File
BHO-X64: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO-X64:     IESpeakDoc - No File
mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun-x64: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\APVXDWIN.EXE" /s
mRun-x64: [SCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\Inicio.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL
mRun-x64: [CTHelper] CTHELPER.EXE
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\gmhsg8wb.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 pavboot;Panda boot driver;C:\Windows\system32\Drivers\pavboot64.sys --> C:\Windows\system32\Drivers\pavboot64.sys [?]
R1 ShldFlt;Panda File Shield Driver;C:\Windows\system32\DRIVERS\ShldFlt.sys --> C:\Windows\system32\DRIVERS\ShldFlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 AmFSM;AmFSM;C:\Windows\system32\DRIVERS\amm6460.sys --> C:\Windows\system32\DRIVERS\amm6460.sys [?]
R2 APPFLT;App Filter Plugin;\??\C:\Windows\system32\Drivers\APPFLT64.SYS --> C:\Windows\system32\Drivers\APPFLT64.SYS [?]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2010-10-27 52896]
R2 ComFiltr;Panda Anti-Dialer;\??\C:\Windows\system32\DRIVERS\COMFiltr.sys --> C:\Windows\system32\DRIVERS\COMFiltr.sys [?]
R2 DSAFLT;DSA Filter Plugin;\??\C:\Windows\system32\Drivers\DSAFLT64.SYS --> C:\Windows\system32\Drivers\DSAFLT64.SYS [?]
R2 FNETMON;NetMon Filter Plugin;\??\C:\Windows\system32\Drivers\fnetm64.SYS --> C:\Windows\system32\Drivers\fnetm64.SYS [?]
R2 IDSFLT;Ids Filter Plugin;\??\C:\Windows\system32\Drivers\IDSFLT64.SYS --> C:\Windows\system32\Drivers\IDSFLT64.SYS [?]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\system32\IProsetMonitor.exe --> C:\Windows\system32\IProsetMonitor.exe [?]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-9-29 366152]
R2 NETFLTDI;Panda Net Driver [TDI Layer];\??\C:\Windows\system32\Drivers\NETTDI64.SYS --> C:\Windows\system32\Drivers\NETTDI64.SYS [?]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-9-29 2255464]
R2 Panda Software Controller;Panda Software Controller;C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\PsCtrlS.exe [2011-9-29 173312]
R2 PAVFNSVR;Panda Function Service;C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\PavFnSvr.exe [2011-9-29 202048]
R2 PavPrSrv;Panda Process Protection Service;C:\Program Files (x86)\Common Files\Panda Security\PavShld\PavPrSrv.exe [2011-9-29 62768]
R2 PAVSRV;Panda On-Access Anti-Malware Service;C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\pavsrvx86.exe [2011-9-29 314176]
R2 PskSvcRetail;Panda PSK service;C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\psksvc.exe [2011-9-29 28992]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-8-3 379496]
R2 WNMFLT;Wifi Monitor Filter Plugin;\??\C:\Windows\system32\Drivers\WNMFLT64.SYS --> C:\Windows\system32\Drivers\WNMFLT64.SYS [?]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\system32\DRIVERS\btath_flt.sys --> C:\Windows\system32\DRIVERS\btath_flt.sys [?]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\system32\drivers\btath_a2dp.sys --> C:\Windows\system32\drivers\btath_a2dp.sys [?]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\system32\DRIVERS\btath_bus.sys --> C:\Windows\system32\DRIVERS\btath_bus.sys [?]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\system32\DRIVERS\btath_hcrp.sys --> C:\Windows\system32\DRIVERS\btath_hcrp.sys [?]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\system32\DRIVERS\btath_lwflt.sys --> C:\Windows\system32\DRIVERS\btath_lwflt.sys [?]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\system32\DRIVERS\btath_rcp.sys --> C:\Windows\system32\DRIVERS\btath_rcp.sys [?]
R3 BtFilter;BtFilter;C:\Windows\system32\DRIVERS\btfilter.sys --> C:\Windows\system32\DRIVERS\btfilter.sys [?]
R3 COMMONFX.SYS;COMMONFX.SYS;C:\Windows\system32\drivers\COMMONFX.SYS --> C:\Windows\system32\drivers\COMMONFX.SYS [?]
R3 CTAUDFX.SYS;CTAUDFX.SYS;C:\Windows\system32\drivers\CTAUDFX.SYS --> C:\Windows\system32\drivers\CTAUDFX.SYS [?]
R3 CTSBLFX.SYS;CTSBLFX.SYS;C:\Windows\system32\drivers\CTSBLFX.SYS --> C:\Windows\system32\drivers\CTSBLFX.SYS [?]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C;C:\Windows\system32\DRIVERS\e1c62x64.sys --> C:\Windows\system32\DRIVERS\e1c62x64.sys [?]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\system32\drivers\LGBusEnum.sys --> C:\Windows\system32\drivers\LGBusEnum.sys [?]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\system32\drivers\LGVirHid.sys --> C:\Windows\system32\drivers\LGVirHid.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 NETIMFLT01060044;PANDA NDIS IM Filter Miniport v1.6.0.44;C:\Windows\system32\DRIVERS\n64i1644.sys --> C:\Windows\system32\DRIVERS\n64i1644.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\system32\Drivers\AthDfu.sys --> C:\Windows\system32\Drivers\AthDfu.sys [?]
S3 COMMONFX;COMMONFX;C:\Windows\system32\drivers\COMMONFX.SYS --> C:\Windows\system32\drivers\COMMONFX.SYS [?]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-9-30 79360]
S3 CTAUDFX;CTAUDFX;C:\Windows\system32\drivers\CTAUDFX.SYS --> C:\Windows\system32\drivers\CTAUDFX.SYS [?]
S3 CTERFXFX.SYS;CTERFXFX.SYS;C:\Windows\system32\drivers\CTERFXFX.SYS --> C:\Windows\system32\drivers\CTERFXFX.SYS [?]
S3 CTERFXFX;CTERFXFX;C:\Windows\system32\drivers\CTERFXFX.SYS --> C:\Windows\system32\drivers\CTERFXFX.SYS [?]
S3 CTSBLFX;CTSBLFX;C:\Windows\system32\drivers\CTSBLFX.SYS --> C:\Windows\system32\drivers\CTSBLFX.SYS [?]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-09-30 05:00:08	69000	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D1A7DC91-E66E-462F-BCDE-82DC1A696E84}\offreg.dll
2011-09-30 04:35:29	--------	d-----w-	C:\Users\Andrew\AppData\Local\Adobe
2011-09-30 04:18:31	193808	----a-w-	C:\Windows\System32\drivers\VBoxDrv.sys
2011-09-30 04:17:47	--------	d-----w-	C:\Users\Andrew\.VirtualBox
2011-09-30 04:17:32	53264	----a-w-	C:\Windows\System32\drivers\VBoxUSBMon.sys
2011-09-30 04:17:31	--------	d-----w-	C:\Program Files\Sun
2011-09-30 04:16:02	--------	d-----w-	C:\Program Files (x86)\Panda USB Vaccine
2011-09-30 04:14:44	--------	d-----w-	C:\Windows\Panther
2011-09-30 04:05:50	--------	d-----w-	C:\ProgramData\Panda Software
2011-09-30 04:05:35	--------	d-----w-	C:\Windows\SysWow64\Defaults
2011-09-30 04:05:07	7062	----a-w-	C:\Windows\SysWow64\audiopid.vxd
2011-09-30 04:04:49	--------	d-----w-	C:\Program Files (x86)\Common Files\Creative Labs Shared
2011-09-30 04:04:19	--------	d-----w-	C:\Program Files\Creative
2011-09-30 04:04:01	466520	----a-w-	C:\Windows\System32\wrap_oal.dll
2011-09-30 04:04:01	445016	----a-w-	C:\Windows\SysWow64\wrap_oal.dll
2011-09-30 04:04:01	123480	----a-w-	C:\Windows\System32\OpenAL32.dll
2011-09-30 04:04:01	109144	----a-w-	C:\Windows\SysWow64\OpenAL32.dll
2011-09-30 04:04:01	--------	d-----w-	C:\Program Files (x86)\OpenAL
2011-09-30 04:03:57	89088	----a-w-	C:\Windows\System32\CmdRtr64.DLL
2011-09-30 04:03:57	73728	----a-w-	C:\Windows\SysWow64\CmdRtr.DLL
2011-09-30 04:03:57	190976	----a-w-	C:\Windows\System32\APOMgr64.DLL
2011-09-30 04:03:57	148480	----a-w-	C:\Windows\SysWow64\APOMngr.DLL
2011-09-30 04:03:22	12288	----a-w-	C:\Windows\System32\INRES.DLL
2011-09-30 04:03:22	10240	----a-w-	C:\Windows\System32\CTDCRES.DLL
2011-09-30 04:03:22	--------	d-----w-	C:\Windows\SysWow64\Data
2011-09-30 04:03:22	--------	d-----w-	C:\Windows\System32\Data
2011-09-30 04:03:10	--------	d-----w-	C:\Program Files (x86)\Creative
2011-09-30 04:03:00	192512	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2011-09-30 04:02:59	729088	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2011-09-30 04:02:59	69715	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2011-09-30 04:02:59	5632	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2011-09-30 04:02:59	266240	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2011-09-30 04:02:55	188548	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2011-09-30 04:02:54	311428	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2011-09-30 03:53:40	404640	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-30 03:40:14	--------	d-----w-	C:\Users\Andrew\AppData\Roaming\Malwarebytes
2011-09-30 03:40:08	--------	d-----w-	C:\ProgramData\Malwarebytes
2011-09-30 03:40:02	25416	----a-w-	C:\Windows\System32\drivers\mbam.sys
2011-09-30 03:40:02	--------	d-----w-	C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-09-30 03:34:50	--------	d-----w-	C:\Windows\FltMgr
2011-09-30 03:34:17	--------	d-----w-	C:\Users\Andrew\AppData\Local\Panda Security
2011-09-30 03:32:59	--------	d-----w-	C:\Users\Andrew\AppData\Roaming\Panda Security
2011-09-30 02:54:59	488448	----a-w-	C:\Windows\System32\secproc.dll
2011-09-30 02:50:08	96768	----a-w-	C:\Windows\System32\fsutil.exe
2011-09-30 02:49:51	80384	----a-w-	C:\Windows\System32\drivers\BTHUSB.SYS
2011-09-30 02:49:51	552960	----a-w-	C:\Windows\System32\drivers\bthport.sys
2011-09-30 02:49:51	229376	----a-w-	C:\Windows\System32\fsquirt.exe
2011-09-30 02:47:48	--------	d-----w-	C:\Windows\SysWow64\Wat
2011-09-30 02:47:48	--------	d-----w-	C:\Windows\System32\Wat
2011-09-30 02:34:08	270720	------w-	C:\Windows\System32\MpSigStub.exe
2011-09-30 02:29:31	9049936	------w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D1A7DC91-E66E-462F-BCDE-82DC1A696E84}\mpengine.dll
2011-09-30 02:18:03	2048	----a-w-	C:\Windows\SysWow64\tzres.dll
2011-09-30 02:18:03	2048	----a-w-	C:\Windows\System32\tzres.dll
2011-09-30 02:16:53	5561216	----a-w-	C:\Windows\System32\ntoskrnl.exe
2011-09-30 02:13:46	133800	----a-w-	C:\Windows\System32\IPROSetMonitor.exe
2011-09-30 02:13:40	314568	----a-w-	C:\Windows\System32\PROUnstl.exe
2011-09-30 02:11:58	--------	d-----w-	C:\Users\Andrew\AppData\Local\BMExplorer
2011-09-30 02:11:48	--------	d-----w-	C:\Users\Andrew\AppData\Roaming\NVIDIA
2011-09-30 02:09:51	--------	d-----w-	C:\Program Files\NVIDIA Corporation
2011-09-30 02:09:39	--------	d-----w-	C:\NVIDIA
2011-09-30 02:09:22	--------	d-----w-	C:\Users\Andrew\AppData\Local\Logitech
2011-09-30 02:09:11	374792	----a-w-	C:\Windows\System32\drivers\UMDF\lgSSQVGA.dll
2011-09-30 02:09:11	22408	----a-w-	C:\Windows\System32\drivers\LGBusEnum.sys
2011-09-30 02:09:11	16008	----a-w-	C:\Windows\System32\drivers\LGVirHid.sys
2011-09-30 02:09:11	157704	----a-w-	C:\Windows\System32\drivers\UMDF\lgSSBW.dll
2011-09-30 02:09:10	--------	d-----w-	C:\Program Files\Logitech Gaming Software
2011-09-30 02:08:40	--------	d-----w-	C:\Program Files (x86)\Renesas Electronics
2011-09-30 02:07:55	53248	----a-w-	C:\Windows\SysWow64\CSVer.dll
2011-09-30 02:07:50	--------	d-----w-	C:\Intel
2011-09-30 02:07:39	16896	----a-w-	C:\Windows\AsTaskSched.dll
2011-09-30 02:06:45	--------	d-----w-	C:\Program Files (x86)\Common Files\Atheros
2011-09-30 02:06:42	--------	d-----w-	C:\Program Files (x86)\Bluetooth Suite
2011-09-30 02:06:30	--------	d-sh--w-	C:\Windows\Installer
.
==================== Find3M  ====================
.
2011-09-30 03:33:11	15928	----a-w-	C:\Windows\System32\drivers\COMFiltr.sys
2011-09-30 02:59:44	175616	----a-w-	C:\Windows\System32\msclmd.dll
2011-09-30 02:59:44	152576	----a-w-	C:\Windows\SysWow64\msclmd.dll
2011-08-03 11:50:00	980072	----a-w-	C:\Windows\System32\nvvsvc.exe
2011-08-03 07:31:54	311912	----a-w-	C:\Windows\SysWow64\nvStreaming.exe
2011-07-16 05:41:50	362496	----a-w-	C:\Windows\System32\wow64win.dll
2011-07-16 05:41:49	243200	----a-w-	C:\Windows\System32\wow64.dll
2011-07-16 05:41:49	13312	----a-w-	C:\Windows\System32\wow64cpu.dll
2011-07-16 05:39:10	16384	----a-w-	C:\Windows\System32\ntvdm64.dll
2011-07-16 05:37:12	421888	----a-w-	C:\Windows\System32\KernelBase.dll
2011-07-16 04:29:19	14336	----a-w-	C:\Windows\SysWow64\ntvdm64.dll
2011-07-16 04:26:00	44032	----a-w-	C:\Windows\apppatch\acwow64.dll
2011-07-16 04:25:37	25600	----a-w-	C:\Windows\SysWow64\setup16.exe
2011-07-16 04:24:23	5120	----a-w-	C:\Windows\SysWow64\wow32.dll
2011-07-16 04:24:22	272384	----a-w-	C:\Windows\SysWow64\KernelBase.dll
2011-07-16 02:21:44	7680	----a-w-	C:\Windows\SysWow64\instnm.exe
2011-07-16 02:21:41	2048	----a-w-	C:\Windows\SysWow64\user.exe
2011-07-16 02:17:19	6144	---ha-w-	C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:17:19	4608	---ha-w-	C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:17:19	3584	---ha-w-	C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:17:19	3072	---ha-w-	C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-07-09 02:46:28	288768	----a-w-	C:\Windows\System32\drivers\mrxsmb10.sys
.
============= FINISH: 14:02:52.59 ===============

I have attached the Attach log.

Attach.txt

[AdvancedSetup]

Well my guess is that even though you may think you have the exclusions setup correctly for Panda AV something appears to be wrong as the program fails on load.

9/29/2011 11:33:32 PM, Error: Service Control Manager [7023] - The Panda On-Access Anti-Malware Service service terminated with the following error: Incorrect function.

9/29/2011 11:33:12 PM, Error: Service Control Manager [7030] - The Panda Software Controller service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

You may want to see if you can correct those errors and ensure that Panda is working correctly and not conflicting with MBAM which seems possible from these events.

You could temporarily try fully removing Panda and see if MBAM loads quickly or not. If it does then you know for sure there is some conflict that needs to be tracked down.

[blue_k]

Hi,

After a few more reboots, it appears that MBAM is now loading quicker. It now loads in about 2 - 3 mins. Is this normal?

[AdvancedSetup]

Please try a clean removal as outlined below but for now leave out the Panda AV. Then also run a new DDS scan and post back those logs as well so we can check on it.

Please do the following:

• Download and run mbam-clean.exe from here
  
• It will ask to restart your computer, please allow it to do so very important
  
• After the computer restarts, temporarily disable your Anti-Virus and install the latest version of Malwarebytes' Anti-Malware from here
  
  • Note: You will need to reactivate the program using the license you were sent via email if using the Pro version
    
  • Launch the program and set the Protection and Registration. Then go to the UPDATE tab if not done during installation and check for updates.
    Restart the computer again and verify that MBAM is in the task tray if using the Pro version. Now setup any file exclusions as may be required in your Anti-Virus/Internet-Security/Firewall applications and restart your Anti-Virus/Internet-Security applications. You may use the guides posted in the FAQ's here or ask and we'll explain how to do it.
    

Download

DDS

and save it to your desktop

http://download.bleepingcomputer.com/sUBs/dds.scr

Disable any script blocker if your Anti-Virus/Anti-Malware has it.

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click

dds.scr

to run the tool.

When done, the

DDS.txt

will open.

Click Yes at the next prompt for Optional Scan.

When done, DDS will open two (2) logs:

1. DDS.txt
   
   
2. Attach.txt

• Save both reports to your desktop
• Please include the following logs in your next reply:
  DDS.txt
  and
  Attach.txt

[blue_k]

I have found something very odd. After running mbam-clean and reinstalling, the first reboot protection starts immediately, but after the first reboot the problem comes back. I have disabled Panda and that seems to make no difference.

[exile360]

Please refer to item #17 of our FAQ located here entitled described as ISSUE: The Malwarebytes' Anti-Malware tray icon takes a long time to load on Windows Vista or Windows 7

You can change the behavior by altering the startup type of MBAMService (as described in the above FAQ entry), but it is not generally recommended as it may increase the probability of conflicts during bootup between your resident antivirus protection and Malwarebytes' Anti-Malware's protection module, that being said, you can try it for a few days and if something does go wrong, reboot into Safe Mode and change the startup type for MBAMService back to Automatic (Delayed Start) if needed (i.e., if the system crashes or freezes, otherwise Safe Mode is unnecessary).

[blue_k]

Thank you both for helping. I changed MBAMService in services.msc to automatic, and that seems to have fixed the problem. Thank you both again.

[exile360]

You're welcome, please don't hesitate to post again if you have any further issues or questions.

Thanks