MBAM Pro causing Panda Global Protection 2012 to freeze when enabling AV Module

[blue_k]

Hello,

MBAM Pro is causing Panda Global Protection 2012 to cause the system to freeze when I re-enable the AV module after temporarily disabling it. I have to reboot the system, but sometimes the system locks up so much, I am forced to do a hard reset. I do not have this issue when I have MBAM Pro not start at boot. Turning off the protection after it has loaded at boot does not fix the problem, the only way to have the problem not occur is to have MBAM Pro not load at all. I have added MBAM to the excluded list in Panda's AV and Firewall modules. I have also tried adding Panda the the ignore list in MBAM, but the problem still occurs.

Any help would be greatly appreciated.

[AdvancedSetup]

Have you tried the FAQ posting for Panda?

[blue_k]

Yes, I have tried that, but the problem still persists.

[AdvancedSetup]

Please run the following scanner and post back the logs

Download

DDS

and save it to your desktop

http://download.bleepingcomputer.com/sUBs/dds.scr

Disable any script blocker if your Anti-Virus/Anti-Malware has it.

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click

dds.scr

to run the tool.

When done, the

DDS.txt

will open.

Click Yes at the next prompt for Optional Scan.

When done, DDS will open two (2) logs:

1. DDS.txt
   
   
2. Attach.txt

• Save both reports to your desktop
• Please include the following logs in your next reply:
  DDS.txt
  and
  Attach.txt

[blue_k]

Here is the DDS log

.
DDS (Ver_2011-08-26.01) - NTFSAMD64 
Internet Explorer: 9.0.8112.16421  BrowserJavaVersion: 1.6.0_26
Run by Andrew at 0:51:00 on 2011-10-05
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.8169.6480 [GMT -4:00]
.
AV: Panda Global Protection 2012 *Enabled/Updated* {86971480-9989-6750-B122-681A86518D59}
SP: Panda Global Protection 2012 *Enabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Personal Firewall 2012 *Enabled* {BEAC95A5-D3E6-6608-9A7D-C12F7882CA22}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\WUDFHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\PskSvc.exe
C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\TPSrvWow.exe
C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA GLOBAL PROTECTION 2012\WebProxy.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\PsCtrls.exe
C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\PavFnSvr.exe
C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe
C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\pavsrvx86.exe
C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\AVENGINE.EXE
C:\Windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\panda security\panda global protection 2012\firewall\PSHOST.EXE
C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\PsImSvc.exe
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
C:\Windows\SysWOW64\vmnat.exe
E:\vmware-authd.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Windows\SysWOW64\CtHelper.exe
E:\hqtray.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\ApVxdWin.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.01.067\Applets\x64\LCDClock.exe
C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.01.067\Applets\x64\LCDCountdown.exe
C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.01.067\Applets\x86\LCDMedia.exe
C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.01.067\Applets\x64\LCDPop3.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Intel\NCS2\WMIProv\NCS2Prov.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\SRVLOAD.EXE
C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\PavBckPT.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Panda Security\Panda Safe Browser\VBoxSVC.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA GLOBAL PROTECTION 2012\TPSRVAUX.EXE
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA GLOBAL PROTECTION 2012\TPSRVAUX.EXE
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: CIESpeechBHO Class: {8d10f6c4-0e01-4bd4-8601-11ac1fdf8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [NCsoft] 
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL
mRun: [CTHelper] CTHELPER.EXE
mRun: [VMware hqtray] "E:\hqtray.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\APVXDWIN.EXE" /s
mRun: [SCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\Inicio.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
LSP: E:\vsocklib.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{30DC7544-44C5-41C4-B84A-381A8CCA375D} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{30DC7544-44C5-41C4-B84A-381A8CCA375D} : DhcpNameServer = 192.168.1.1
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64:     AcroIEHelperStub - No File
BHO-X64: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO-X64:     IESpeakDoc - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun-x64: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL
mRun-x64: [CTHelper] CTHELPER.EXE
mRun-x64: [VMware hqtray] "E:\hqtray.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\APVXDWIN.EXE" /s
mRun-x64: [SCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\Inicio.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\gmhsg8wb.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 pavboot;Panda boot driver;C:\Windows\system32\Drivers\pavboot64.sys --> C:\Windows\system32\Drivers\pavboot64.sys [?]
R1 ShldFlt;Panda File Shield Driver;C:\Windows\system32\DRIVERS\ShldFlt.sys --> C:\Windows\system32\DRIVERS\ShldFlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 AmFSM;AmFSM;C:\Windows\system32\DRIVERS\amm6460.sys --> C:\Windows\system32\DRIVERS\amm6460.sys [?]
R2 APPFLT;App Filter Plugin;\??\C:\Windows\system32\Drivers\APPFLT64.SYS --> C:\Windows\system32\Drivers\APPFLT64.SYS [?]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2010-10-27 52896]
R2 ComFiltr;Panda Anti-Dialer;\??\C:\Windows\system32\DRIVERS\COMFiltr.sys --> C:\Windows\system32\DRIVERS\COMFiltr.sys [?]
R2 DSAFLT;DSA Filter Plugin;\??\C:\Windows\system32\Drivers\DSAFLT64.SYS --> C:\Windows\system32\Drivers\DSAFLT64.SYS [?]
R2 FNETMON;NetMon Filter Plugin;\??\C:\Windows\system32\Drivers\fnetm64.SYS --> C:\Windows\system32\Drivers\fnetm64.SYS [?]
R2 IDSFLT;Ids Filter Plugin;\??\C:\Windows\system32\Drivers\IDSFLT64.SYS --> C:\Windows\system32\Drivers\IDSFLT64.SYS [?]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\system32\IProsetMonitor.exe --> C:\Windows\system32\IProsetMonitor.exe [?]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-9-30 366152]
R2 NETFLTDI;Panda Net Driver [TDI Layer];\??\C:\Windows\system32\Drivers\NETTDI64.SYS --> C:\Windows\system32\Drivers\NETTDI64.SYS [?]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-2 2253120]
R2 Panda Software Controller;Panda Software Controller;C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\PsCtrlS.exe [2011-10-4 173312]
R2 PAVFNSVR;Panda Function Service;C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\PavFnSvr.exe [2011-10-4 202048]
R2 PavPrSrv;Panda Process Protection Service;C:\Program Files (x86)\Common Files\Panda Security\PavShld\PavPrSrv.exe [2011-10-4 62768]
R2 PAVSRV;Panda On-Access Anti-Malware Service;C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\pavsrvx86.exe [2011-10-4 314176]
R2 PskSvcRetail;Panda PSK service;C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\psksvc.exe [2011-10-4 28992]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-9-22 381248]
R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2011-3-25 539248]
R2 WNMFLT;Wifi Monitor Filter Plugin;\??\C:\Windows\system32\Drivers\WNMFLT64.SYS --> C:\Windows\system32\Drivers\WNMFLT64.SYS [?]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\system32\DRIVERS\btath_flt.sys --> C:\Windows\system32\DRIVERS\btath_flt.sys [?]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\system32\drivers\btath_a2dp.sys --> C:\Windows\system32\drivers\btath_a2dp.sys [?]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\system32\DRIVERS\btath_bus.sys --> C:\Windows\system32\DRIVERS\btath_bus.sys [?]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\system32\DRIVERS\btath_hcrp.sys --> C:\Windows\system32\DRIVERS\btath_hcrp.sys [?]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\system32\DRIVERS\btath_lwflt.sys --> C:\Windows\system32\DRIVERS\btath_lwflt.sys [?]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\system32\DRIVERS\btath_rcp.sys --> C:\Windows\system32\DRIVERS\btath_rcp.sys [?]
R3 BtFilter;BtFilter;C:\Windows\system32\DRIVERS\btfilter.sys --> C:\Windows\system32\DRIVERS\btfilter.sys [?]
R3 COMMONFX.SYS;COMMONFX.SYS;C:\Windows\system32\drivers\COMMONFX.SYS --> C:\Windows\system32\drivers\COMMONFX.SYS [?]
R3 CTAUDFX.SYS;CTAUDFX.SYS;C:\Windows\system32\drivers\CTAUDFX.SYS --> C:\Windows\system32\drivers\CTAUDFX.SYS [?]
R3 CTSBLFX.SYS;CTSBLFX.SYS;C:\Windows\system32\drivers\CTSBLFX.SYS --> C:\Windows\system32\drivers\CTSBLFX.SYS [?]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C;C:\Windows\system32\DRIVERS\e1c62x64.sys --> C:\Windows\system32\DRIVERS\e1c62x64.sys [?]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\system32\drivers\LGBusEnum.sys --> C:\Windows\system32\drivers\LGBusEnum.sys [?]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\system32\drivers\LGVirHid.sys --> C:\Windows\system32\drivers\LGVirHid.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 NETIMFLT01060044;PANDA NDIS IM Filter Miniport v1.6.0.44;C:\Windows\system32\DRIVERS\n64i1644.sys --> C:\Windows\system32\DRIVERS\n64i1644.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\system32\Drivers\AthDfu.sys --> C:\Windows\system32\Drivers\AthDfu.sys [?]
S3 COMMONFX;COMMONFX;C:\Windows\system32\drivers\COMMONFX.SYS --> C:\Windows\system32\drivers\COMMONFX.SYS [?]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-9-30 79360]
S3 CTAUDFX;CTAUDFX;C:\Windows\system32\drivers\CTAUDFX.SYS --> C:\Windows\system32\drivers\CTAUDFX.SYS [?]
S3 CTERFXFX.SYS;CTERFXFX.SYS;C:\Windows\system32\drivers\CTERFXFX.SYS --> C:\Windows\system32\drivers\CTERFXFX.SYS [?]
S3 CTERFXFX;CTERFXFX;C:\Windows\system32\drivers\CTERFXFX.SYS --> C:\Windows\system32\drivers\CTERFXFX.SYS [?]
S3 CTSBLFX;CTSBLFX;C:\Windows\system32\drivers\CTSBLFX.SYS --> C:\Windows\system32\drivers\CTSBLFX.SYS [?]
S3 Desura Install Service;Desura Install Service;C:\Program Files (x86)\Common Files\Desura\desura_service.exe [2011-10-3 131912]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-10-05 04:47:59	69000	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{29B2C099-5C77-4177-9C2E-2AED95BABA08}\offreg.dll
2011-10-05 00:56:14	193808	----a-w-	C:\Windows\System32\drivers\VBoxDrv.sys
2011-10-05 00:54:04	--------	d-----w-	C:\Users\Andrew\.VirtualBox
2011-10-05 00:53:50	53264	----a-w-	C:\Windows\System32\drivers\VBoxUSBMon.sys
2011-10-05 00:53:49	--------	d-----w-	C:\Program Files\Sun
2011-10-05 00:21:59	--------	d-----w-	C:\Program Files (x86)\Panda USB Vaccine
2011-10-04 23:41:05	--------	d-----w-	C:\Users\Andrew\AppData\Local\Panda Security
2011-10-04 23:39:54	48136	----a-w-	C:\Windows\System32\drivers\ShldFlt.sys
2011-10-04 23:39:54	--------	d-----w-	C:\Program Files (x86)\Common Files\Panda Security
2011-10-04 23:29:20	--------	d-----w-	C:\Users\Andrew\AppData\Local\Desura
2011-10-04 23:11:25	--------	d-----w-	C:\SMCLPAV
2011-10-04 20:27:23	--------	d-----w-	C:\Users\Andrew\AppData\Roaming\.minecraft
2011-10-04 18:18:47	9049936	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{29B2C099-5C77-4177-9C2E-2AED95BABA08}\mpengine.dll
2011-10-04 02:10:07	--------	d-----w-	C:\Users\Andrew\AppData\Local\ESN Sonar
2011-10-04 02:06:38	--------	d-----w-	C:\Panda
2011-10-04 01:19:55	446464	----a-w-	C:\Windows\SysWow64\HHActiveX.dll
2011-10-04 01:19:38	753664	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2011-10-04 01:19:38	69714	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2011-10-04 01:19:38	63488	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe
2011-10-04 01:19:38	5632	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2011-10-04 01:19:38	274432	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2011-10-04 01:19:38	184320	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2011-10-04 01:19:37	331908	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2011-10-04 01:19:37	200836	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2011-10-04 00:15:26	--------	d-----w-	C:\Users\Andrew\AppData\Roaming\Mount&Blade Warband
2011-10-04 00:04:06	--------	d-----w-	C:\Windows\System32\appmgmt
2011-10-03 23:47:12	--------	d-----w-	C:\Program Files (x86)\Common Files\Desura
2011-10-03 23:45:32	--------	d-----w-	C:\ProgramData\Desura
2011-10-03 06:18:31	--------	d-----w-	C:\Program Files (x86)\Microsoft XNA
2011-10-03 04:36:49	438272	----a-w-	C:\Windows\SysWow64\cmcs21.ocx
2011-10-03 04:36:49	209608	----a-w-	C:\Windows\SysWow64\TABCTL32.OCX
2011-10-03 04:36:49	203576	----a-w-	C:\Windows\SysWow64\RICHTX32.OCX
2011-10-03 04:36:49	132880	----a-w-	C:\Windows\SysWow64\MSINET.OCX
2011-10-03 04:36:47	162816	----a-w-	C:\Windows\SysWow64\fmod.dll
2011-10-03 04:36:46	619008	----a-w-	C:\Windows\SysWow64\dx7vb.dll
2011-10-03 04:36:45	109248	----a-w-	C:\Windows\SysWow64\MSWINSCK.OCX
2011-10-03 03:26:44	472808	----a-w-	C:\Windows\SysWow64\deployJava1.dll
2011-10-02 22:41:13	--------	d-----w-	C:\Program Files (x86)\NVIDIA Corporation
2011-10-02 22:40:59	837952	----a-w-	C:\Windows\System32\easyupdatusapiu64.dll
2011-10-02 22:40:59	5067584	----a-w-	C:\Windows\System32\nvsvc64.dll
2011-10-02 22:40:59	222528	----a-w-	C:\Windows\System32\nvmctray.dll
2011-10-02 22:40:59	1640768	----a-w-	C:\Windows\System32\nvvsvc.exe
2011-10-02 22:40:59	137536	----a-w-	C:\Windows\System32\nvshext.dll
2011-10-02 22:40:59	10406208	----a-w-	C:\Windows\System32\nvcpl.dll
2011-10-02 22:40:55	--------	d-----w-	C:\ProgramData\NVIDIA Corporation
2011-10-02 22:25:42	280904	----a-w-	C:\Windows\SysWow64\PnkBstrB.xtr
2011-10-02 22:25:39	--------	d-----w-	C:\Users\Andrew\AppData\Local\PunkBuster
2011-10-02 22:23:58	--------	d-----w-	C:\Program Files (x86)\Battlelog Web Plugins
2011-10-02 22:21:02	--------	d-----w-	C:\ProgramData\EA Core
2011-10-02 22:20:25	--------	d--h--w-	C:\Program Files (x86)\Common Files\EAInstaller
2011-10-02 22:18:59	2475352	----a-w-	C:\Windows\System32\D3DX9_42.dll
2011-10-02 22:17:58	5631312	----a-w-	C:\Windows\System32\D3DX9_40.dll
2011-10-02 20:31:40	--------	d-----w-	C:\Users\Andrew\AppData\Roaming\Origin
2011-10-02 20:31:37	--------	d-----w-	C:\Users\Andrew\AppData\Local\Origin
2011-10-02 20:31:05	--------	d-----w-	C:\ProgramData\Origin
2011-10-02 20:31:00	--------	d-----w-	C:\ProgramData\Electronic Arts
2011-10-02 20:31:00	--------	d-----w-	C:\Program Files (x86)\Origin Games
2011-10-01 07:44:22	--------	d-----w-	C:\Users\Andrew\AppData\Local\NCSoft
2011-10-01 07:35:41	--------	d-----w-	C:\Users\Andrew\AppData\Local\Spotify
2011-10-01 07:35:37	--------	d-----w-	C:\Users\Andrew\AppData\Roaming\Spotify
2011-10-01 07:27:58	--------	d-----w-	C:\Program Files (x86)\NCsoft
2011-10-01 07:26:39	--------	d-----w-	C:\Users\Andrew\AppData\Local\assembly
2011-10-01 07:25:40	--------	d-----w-	C:\Users\Andrew\AppData\Roaming\GetRightToGo
2011-10-01 03:05:03	--------	d-----w-	C:\Users\Andrew\AppData\Roaming\Malwarebytes
2011-10-01 03:05:01	--------	d-----w-	C:\ProgramData\Malwarebytes
2011-10-01 03:04:58	25416	----a-w-	C:\Windows\System32\drivers\mbam.sys
2011-10-01 03:04:58	--------	d-----w-	C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-10-01 00:54:18	9049936	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-09-30 22:34:11	--------	d-----w-	C:\Users\Andrew\AppData\Local\VMware
2011-09-30 22:31:50	81008	----a-w-	C:\Windows\System32\drivers\vmci.sys
2011-09-30 22:31:46	68720	----a-w-	C:\Windows\System32\drivers\vmx86.sys
2011-09-30 22:31:16	334448	----a-w-	C:\Windows\SysWow64\vmnetdhcp.exe
2011-09-30 22:31:10	404080	----a-w-	C:\Windows\SysWow64\vmnat.exe
2011-09-30 22:31:10	30320	----a-w-	C:\Windows\System32\drivers\vmnetuserif.sys
2011-09-30 22:30:22	968816	----a-w-	C:\Windows\System32\vnetlib64.dll
2011-09-30 22:30:11	31856	----a-w-	C:\Windows\System32\drivers\VMkbd.sys
2011-09-30 22:30:07	38512	----a-w-	C:\Windows\System32\drivers\hcmon.sys
2011-09-30 22:29:50	--------	d-----w-	C:\Program Files (x86)\Common Files\VMware
2011-09-30 22:05:27	--------	d-----w-	C:\Users\Andrew\AppData\Local\Diagnostics
2011-09-30 04:35:29	--------	d-----w-	C:\Users\Andrew\AppData\Local\Adobe
2011-09-30 04:14:44	--------	d-----w-	C:\Windows\Panther
2011-09-30 04:05:50	--------	d-----w-	C:\ProgramData\Panda Software
2011-09-30 04:05:35	--------	d-----w-	C:\Windows\SysWow64\Defaults
2011-09-30 04:05:07	7062	----a-w-	C:\Windows\SysWow64\audiopid.vxd
2011-09-30 04:04:49	--------	d-----w-	C:\Program Files (x86)\Common Files\Creative Labs Shared
2011-09-30 04:04:19	--------	d-----w-	C:\Program Files\Creative
2011-09-30 04:04:01	466520	----a-w-	C:\Windows\System32\wrap_oal.dll
2011-09-30 04:04:01	445016	----a-w-	C:\Windows\SysWow64\wrap_oal.dll
2011-09-30 04:04:01	123480	----a-w-	C:\Windows\System32\OpenAL32.dll
2011-09-30 04:04:01	109144	----a-w-	C:\Windows\SysWow64\OpenAL32.dll
2011-09-30 04:04:01	--------	d-----w-	C:\Program Files (x86)\OpenAL
2011-09-30 04:03:57	89088	----a-w-	C:\Windows\System32\CmdRtr64.DLL
2011-09-30 04:03:57	73728	----a-w-	C:\Windows\SysWow64\CmdRtr.DLL
2011-09-30 04:03:57	190976	----a-w-	C:\Windows\System32\APOMgr64.DLL
2011-09-30 04:03:57	148480	----a-w-	C:\Windows\SysWow64\APOMngr.DLL
2011-09-30 04:03:22	12288	----a-w-	C:\Windows\System32\INRES.DLL
2011-09-30 04:03:22	10240	----a-w-	C:\Windows\System32\CTDCRES.DLL
2011-09-30 04:03:22	--------	d-----w-	C:\Windows\SysWow64\Data
2011-09-30 04:03:22	--------	d-----w-	C:\Windows\System32\Data
2011-09-30 04:03:10	--------	d-----w-	C:\Program Files (x86)\Creative
2011-09-30 04:03:00	192512	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2011-09-30 04:02:59	729088	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2011-09-30 04:02:59	69715	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2011-09-30 04:02:59	5632	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2011-09-30 04:02:59	266240	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2011-09-30 04:02:55	188548	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2011-09-30 04:02:54	311428	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2011-09-30 03:53:40	404640	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-30 03:34:50	--------	d-----w-	C:\Windows\FltMgr
2011-09-30 03:33:04	--------	d-----w-	C:\ProgramData\Backup
2011-09-30 03:32:59	--------	d-----w-	C:\ProgramData\Panda Security
2011-09-30 03:32:59	--------	d-----w-	C:\Program Files (x86)\Panda Security
2011-09-30 03:32:53	32768	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2011-09-30 02:54:59	488448	----a-w-	C:\Windows\System32\secproc.dll
2011-09-30 02:50:08	96768	----a-w-	C:\Windows\System32\fsutil.exe
2011-09-30 02:49:51	80384	----a-w-	C:\Windows\System32\drivers\BTHUSB.SYS
2011-09-30 02:49:51	552960	----a-w-	C:\Windows\System32\drivers\bthport.sys
2011-09-30 02:49:51	229376	----a-w-	C:\Windows\System32\fsquirt.exe
2011-09-30 02:47:48	--------	d-----w-	C:\Windows\SysWow64\Wat
2011-09-30 02:47:48	--------	d-----w-	C:\Windows\System32\Wat
2011-09-30 02:34:08	270720	------w-	C:\Windows\System32\MpSigStub.exe
2011-09-30 02:18:03	2048	----a-w-	C:\Windows\SysWow64\tzres.dll
2011-09-30 02:18:03	2048	----a-w-	C:\Windows\System32\tzres.dll
2011-09-30 02:16:53	5561216	----a-w-	C:\Windows\System32\ntoskrnl.exe
2011-09-30 02:13:46	133800	----a-w-	C:\Windows\System32\IPROSetMonitor.exe
2011-09-30 02:13:40	314568	----a-w-	C:\Windows\System32\PROUnstl.exe
2011-09-30 02:11:58	--------	d-----w-	C:\Users\Andrew\AppData\Local\BMExplorer
2011-09-30 02:11:48	--------	d-----w-	C:\Users\Andrew\AppData\Roaming\NVIDIA
2011-09-30 02:09:51	--------	d-----w-	C:\Program Files\NVIDIA Corporation
2011-09-30 02:09:39	--------	d-----w-	C:\NVIDIA
2011-09-30 02:09:22	--------	d-----w-	C:\Users\Andrew\AppData\Local\Logitech
2011-09-30 02:09:11	374792	----a-w-	C:\Windows\System32\drivers\UMDF\lgSSQVGA.dll
2011-09-30 02:09:11	22408	----a-w-	C:\Windows\System32\drivers\LGBusEnum.sys
2011-09-30 02:09:11	16008	----a-w-	C:\Windows\System32\drivers\LGVirHid.sys
2011-09-30 02:09:11	157704	----a-w-	C:\Windows\System32\drivers\UMDF\lgSSBW.dll
2011-09-30 02:09:10	--------	d-----w-	C:\Program Files\Logitech Gaming Software
2011-09-30 02:08:40	--------	d-----w-	C:\Program Files (x86)\Renesas Electronics
2011-09-30 02:07:55	53248	----a-w-	C:\Windows\SysWow64\CSVer.dll
2011-09-30 02:07:50	--------	d-----w-	C:\Intel
2011-09-30 02:07:39	16896	----a-w-	C:\Windows\AsTaskSched.dll
2011-09-30 02:06:45	--------	d-----w-	C:\Program Files (x86)\Common Files\Atheros
2011-09-30 02:06:42	--------	d-----w-	C:\Program Files (x86)\Bluetooth Suite
2011-09-30 02:06:30	--------	d-sh--w-	C:\Windows\Installer
2011-09-22 16:29:58	321856	----a-w-	C:\Windows\SysWow64\nvStreaming.exe
.
==================== Find3M  ====================
.
2011-10-04 23:40:15	15928	----a-w-	C:\Windows\System32\drivers\COMFiltr.sys
2011-10-04 02:13:56	280904	----a-w-	C:\Windows\SysWow64\PnkBstrB.exe
2011-10-03 00:03:40	280904	----a-w-	C:\Windows\SysWow64\PnkBstrB.ex0
2011-10-02 22:19:47	75136	----a-w-	C:\Windows\SysWow64\PnkBstrA.exe
2011-09-30 02:59:44	175616	----a-w-	C:\Windows\System32\msclmd.dll
2011-09-30 02:59:44	152576	----a-w-	C:\Windows\SysWow64\msclmd.dll
2011-09-22 22:41:00	8930624	----a-w-	C:\Windows\System32\nvwgf2umx.dll
2011-07-16 05:41:50	362496	----a-w-	C:\Windows\System32\wow64win.dll
2011-07-16 05:41:49	243200	----a-w-	C:\Windows\System32\wow64.dll
2011-07-16 05:41:49	13312	----a-w-	C:\Windows\System32\wow64cpu.dll
2011-07-16 05:39:10	16384	----a-w-	C:\Windows\System32\ntvdm64.dll
2011-07-16 05:37:12	421888	----a-w-	C:\Windows\System32\KernelBase.dll
2011-07-16 04:29:19	14336	----a-w-	C:\Windows\SysWow64\ntvdm64.dll
2011-07-16 04:26:00	44032	----a-w-	C:\Windows\apppatch\acwow64.dll
2011-07-16 04:25:37	25600	----a-w-	C:\Windows\SysWow64\setup16.exe
2011-07-16 04:24:23	5120	----a-w-	C:\Windows\SysWow64\wow32.dll
2011-07-16 04:24:22	272384	----a-w-	C:\Windows\SysWow64\KernelBase.dll
2011-07-16 02:21:44	7680	----a-w-	C:\Windows\SysWow64\instnm.exe
2011-07-16 02:21:41	2048	----a-w-	C:\Windows\SysWow64\user.exe
2011-07-16 02:17:19	6144	---ha-w-	C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:17:19	4608	---ha-w-	C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:17:19	3584	---ha-w-	C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:17:19	3072	---ha-w-	C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-07-09 02:46:28	288768	----a-w-	C:\Windows\System32\drivers\mrxsmb10.sys
2011-07-07 23:21:32	29288	----a-w-	C:\Windows\System32\nvhdap64.dll
2011-07-07 23:21:28	174184	----a-w-	C:\Windows\System32\drivers\nvhda64v.sys
2011-07-07 23:21:26	1452648	----a-w-	C:\Windows\System32\nvhdagenco6420102.dll
.
============= FINISH:  1:01:21.03 ===============

I have attached the Attach.txt log. Also, for some reason, it took over 10 mins for the script to fully run and output the logs. It said it should take no longer then 3 mins. Is it normal for this script to take that long to complete?

Attach.txt

[AdvancedSetup]

If you look in the Event Logs you'll see that you're having a few issues including Panda itself. That could be why DDS was taking so long, or Panda could actually have been blocking it too - hard to say right off hand.

You may want to fully remove Panda AV and possibly temporarily try another AV such as Microsoft Security Essentials while we look at correcting any issues with your system. When we're done you can reinstall Panda.

I see you're running VMware is this a host on a VMware Server or ??

You may also want to try running a Full Disk Check on the system. If you need to know how please let me know.

[blue_k]

Hi,

I reinstalled Panda to try and fix the issue at around the time the errors were logged, so maybe the reinstall caused those issues. Also, instead of uninstalling Panda, and using another AV, could I just temporarily disable MBAM, and just enable it to try different fixes. Then, once the issue is resolved, I can just re-enable MBAM to run again at boot? Also, by running a full disk check do you mean run something like this My link?

[blue_k]

Also, I forgot to add, I re-ran DDS without MBAM running and have attached the logs of that to this post. Maybe these will help?

DDSnombam.txt

Attachnombam.txt

[AdvancedSetup]

10/4/2011 8:12:32 PM, Error: Service Control Manager [7023] - The Panda On-Access Anti-Malware Service service terminated with the following error: Incorrect function.

Up to you but you should probably take this to the PC Help forum and see if someone can help you. You either have some misconfiguration or possibly malware. In either case this forum is not really designed for in-depth analysis.

Please post here and link to this one.

http://forums.malwarebytes.org/index.php?showforum=6

Thanks

[blue_k]

ok, thank you. I have made a new thread in the other forum.