Mbam 2 Threat Scan Over 3 Hours, Can't Scan Single Files

bleu · April 23, 2014

Hello,

I tried my first threat scan with MBAM 2, and it was only about 1/4 complete after 3+ hours. Also, I'm unable to right-click a file and "Scan with MBAM." It opens MBAM, but nothing happens. Diagnostic logs follow.

Thank you!

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-04-2014
Ran by Owner (administrator) on OWNER-FFBAD0F5B on 23-04-2014 17:12:12
Running from C:\Documents and Settings\Owner\Desktop
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgcsrvx.exe
(Motive Communications, Inc.) C:\Program Files\Verizon Online\SmartBridge\MotiveSB.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgtray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Prolific Technology Inc.) C:\WINDOWS\system32\IoctlSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgemcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [soundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe
HKLM\...\Run: [Motive SmartBridge] => C:\Program Files\Verizon Online\SmartBridge\MotiveSB.exe [327680 2002-05-18] (Motive Communications, Inc.)
HKLM\...\Run: [NeroCheck] => C:\WINDOWS\system32\\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2005-09-20] (Intel Corporation)
HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [114688 2005-09-20] (Intel Corporation)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [570664 2008-07-09] (Nero AG)
HKLM\...\Run: [NBKeyScan] => C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2221352 2008-06-10] (Nero AG)
HKLM\...\Run: [ulead Video@Home Scheduling Wizard] => C:\Program Files\Ulead Systems\Ulead Video@Home 2.0\monitor.exe [57344 2003-08-26] (Ulead Systems, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [421160 2011-01-25] (Apple Inc.)
HKLM\...\Run: [AVG_TRAY] => C:\Program Files\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [emMON] => C:\WINDOWS\emMON.exe [61440 2006-05-30] (eMPIA Technology, Inc.)
HKU\.DEFAULT\...\Policies\Explorer: [CDRAutoRun] 0
HKU\S-1-5-21-1844237615-861567501-1606980848-1003\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-1844237615-861567501-1606980848-1003\...\Run: [ROC_ROC_APR2013_AV] => C:\Documents and Settings\Owner\Application Data\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid 49a508916d155923864bd0f53d057964-7efff39138f9341ecf568a6789471d6c84ca0f9b --CMPID ROC_APR2013_AV --CMPIDEXTRA 2012
HKU\S-1-5-21-1844237615-861567501-1606980848-1003\...\Run: [AVG-Secure-Search-Update_0913a] => C:\Documents and Settings\Owner\Application Data\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid 49a508916d155923864bd0f53d057964-7efff39138f9341ecf568a6789471d6c84ca0f9b --CMPID 0913a
HKU\S-1-5-21-1844237615-861567501-1606980848-1003\...\RunOnce: [FlashPlayerUpdate] - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_12_0_0_77_Plugin.exe [841096 2014-03-12] (Adobe Systems Incorporated)
AppInit_DLLs: bevimahu.dll => bevimahu.dll File Not Found
AppInit_DLLs: c:\windows\system32\jahujihi.dll => c:\windows\system32\jahujihi.dll File Not Found
AppInit_DLLs: c:\windows\system32\basukavu.dll => c:\windows\system32\basukavu.dll File Not Found
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Verizon Online Support Center.lnk
ShortcutTarget: Verizon Online Support Center.lnk -> C:\Program Files\Verizon Online\bin\matcli.exe (Motive Communications, Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
ShortcutTarget: Windows Search.lnk -> C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
SSODL: pihuzomul - {aa9aaa69-2176-45d1-9655-0fa3e2d3e6b1} - c:\windows\system32\jahujihi.dll No File
SSODL: saboleloy - {15a4d199-9581-469d-a4fa-22f3593c5c02} - c:\windows\system32\basukavu.dll No File

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://cgi.verizon.net/bookmarks/bmredir.asp?region=all&bw=dsl&cd=6.1&bm=ho_search
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
BHO: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\PROGRA~1\COMMON~1\VERIZO~1\SFP\vzbb.dll No File
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\PROGRA~1\COMMON~1\VERIZO~1\SFP\vzbb.dll No File
Toolbar: HKCU - Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\PROGRA~1\COMMON~1\VERIZO~1\SFP\vzbb.dll No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{028C6D06-4BEB-4C4A-A9D9-F587A1BF5BA0}: [NameServer]8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\97xu6jao.default
FF user.js: detected! => C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\97xu6jao.default\user.js
FF Homepage: about:blank
FF NetworkProxy: "no_proxies_on", "127.0.0.1"
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Extension: DownloadHelper - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\97xu6jao.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: MEGA EXTENSION - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\97xu6jao.default\Extensions\firefox@mega.co.nz.xpi [2014-04-22]
FF Extension: NicoFox - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\97xu6jao.default\Extensions\nicofox@littlebtc.xpi [2014-04-22]
FF Extension: JS Switch - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\97xu6jao.default\Extensions\{88c7b321-2eb8-11da-8cd6-0800200c9a66}.xpi [2013-11-08]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG2012\Firefox4\
FF Extension: AVG Safe Search - C:\Program Files\AVG\AVG2012\Firefox4\ []
FF HKLM\...\Firefox\Extensions: [{F53C93F1-07D5-430c-86D4-C9531B27DFAF}] - C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\
FF Extension: AVG Do Not Track - C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ []

========================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [5175856 2013-10-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation)

==================== Drivers (Whitelisted) ====================

U3 .avgtdix; \* [0 2012-06-14] ()
R3 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [142176 2012-12-10] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\WINDOWS\System32\DRIVERS\avgidsfilterx.sys [24144 2011-12-23] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [24896 2012-04-19] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [17232 2011-12-23] (AVG Technologies CZ, s.r.o. )
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [250080 2012-11-08] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [41040 2011-12-23] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [31952 2012-01-31] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [302368 2013-04-11] (AVG Technologies CZ, s.r.o.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
S3 USB28xxBGA; C:\WINDOWS\System32\DRIVERS\emBDA.sys [292864 2006-09-12] (eMPIA Technology, Inc.)
S3 USB28xxOEM; C:\WINDOWS\System32\DRIVERS\emOEM.sys [7168 2006-08-21] (eMPIA Technology, Inc.)
S3 USB_RNDIS_XP; C:\WINDOWS\System32\DRIVERS\usb8023.sys [12928 2013-02-11] (Microsoft Corporation)
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-04-23 17:12 - 2014-04-23 17:12 - 00014447 _____ () C:\Documents and Settings\Owner\Desktop\FRST.txt
2014-04-23 17:11 - 2014-04-23 17:12 - 00000000 ____D () C:\FRST
2014-04-23 17:07 - 2014-04-23 17:07 - 01048576 _____ (Farbar) C:\Documents and Settings\Owner\Desktop\FRST.exe
2014-04-22 17:25 - 2014-04-22 17:25 - 00000565 _____ () C:\Documents and Settings\Owner\Application Data\mbam.context.scan
2014-04-22 16:44 - 2014-04-23 16:46 - 00000000 ____D () C:\Documents and Settings\Owner\My Documents\NicoFox
2014-04-17 20:32 - 2014-04-17 20:33 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-12 03:17 - 2014-04-23 16:39 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-04-12 03:17 - 2014-04-12 03:17 - 00000777 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-12 03:17 - 2014-04-12 03:17 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-12 03:16 - 2014-04-12 03:16 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-12 03:16 - 2014-04-03 09:51 - 00050648 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-04-07 00:47 - 2014-04-08 16:42 - 00000216 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-04-07 00:47 - 2014-04-07 00:47 - 00000222 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-04-07 00:45 - 2014-04-07 00:45 - 00373800 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2014-04-06 22:12 - 2014-04-06 22:17 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-04-06 22:09 - 2014-04-06 22:11 - 00019921 _____ () C:\WINDOWS\KB2925418-IE8.log
2014-04-06 22:09 - 2014-04-06 22:09 - 00011109 _____ () C:\WINDOWS\KB2934207.log
2014-04-06 22:09 - 2014-04-06 22:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-04-06 22:09 - 2014-04-06 22:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-04-06 22:09 - 2014-04-06 22:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-04-06 21:49 - 2014-04-06 21:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-04-06 21:39 - 2014-04-06 21:39 - 00010129 _____ () C:\WINDOWS\KB2909210-IE8.log
2014-04-06 21:26 - 2014-04-06 21:26 - 00010001 _____ () C:\WINDOWS\KB2914368.log
2014-04-06 21:26 - 2014-04-06 21:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-04-06 21:25 - 2014-04-06 21:26 - 00009970 _____ () C:\WINDOWS\KB2904266.log
2014-04-06 21:25 - 2014-04-06 21:25 - 00008661 _____ () C:\WINDOWS\KB2900986.log
2014-04-06 21:25 - 2014-04-06 21:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
2014-04-06 21:25 - 2014-04-06 21:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2014-04-06 21:25 - 2014-04-06 21:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2014-04-06 21:25 - 2014-04-06 21:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2014-04-06 21:25 - 2014-04-06 21:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2014-04-06 21:24 - 2014-04-06 21:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2014-04-06 21:24 - 2014-04-06 21:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2014-04-06 21:24 - 2014-04-06 21:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$
2014-04-06 21:24 - 2014-04-06 21:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2014-04-06 21:23 - 2014-04-06 21:24 - 00007938 _____ () C:\WINDOWS\KB2868038.log
2014-04-06 21:23 - 2014-04-06 21:23 - 00007795 _____ () C:\WINDOWS\KB2862335.log
2014-04-06 21:23 - 2014-04-06 21:23 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862335$
2014-04-06 21:23 - 2014-04-06 21:23 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$
2014-04-06 21:22 - 2014-04-06 21:22 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2847311$
2014-04-06 20:58 - 2014-04-06 20:58 - 00005995 _____ () C:\WINDOWS\KB2834904-v2.log
2014-04-06 20:58 - 2014-04-06 20:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876217$
2014-04-06 20:58 - 2014-04-06 20:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2864063$
2014-04-06 20:58 - 2014-04-06 20:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2850869$
2014-04-06 20:58 - 2014-04-06 20:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2014-04-06 20:40 - 2014-04-06 20:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2859537$
2014-04-06 20:39 - 2014-04-06 20:39 - 00004715 _____ () C:\WINDOWS\KB2834886.log
2014-04-06 20:39 - 2014-04-06 20:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834886$
2014-04-06 20:34 - 2014-04-06 22:11 - 00050622 _____ () C:\WINDOWS\setupapi.log
2014-04-06 20:34 - 2014-04-06 20:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2820917$
2014-04-06 20:34 - 2014-04-06 20:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2813345$
2014-04-06 20:33 - 2014-04-06 20:34 - 00007101 _____ () C:\WINDOWS\KB2807986.log
2014-04-06 20:33 - 2014-04-06 20:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2807986$
2014-04-06 20:31 - 2014-04-06 22:09 - 00015495 _____ () C:\WINDOWS\KB2929961.log
2014-04-06 20:30 - 2014-04-06 22:09 - 00016501 _____ () C:\WINDOWS\KB2930275.log
2014-04-06 20:30 - 2014-02-25 21:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-04-06 20:30 - 2014-02-25 21:59 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2014-04-06 20:29 - 2014-04-06 21:49 - 00015129 _____ () C:\WINDOWS\KB2916036.log
2014-04-06 20:27 - 2014-04-06 21:25 - 00015060 _____ () C:\WINDOWS\KB2898715.log
2014-04-06 20:27 - 2014-04-06 21:25 - 00013459 _____ () C:\WINDOWS\KB2892075.log
2014-04-06 20:26 - 2014-04-06 21:25 - 00013667 _____ () C:\WINDOWS\KB2893294.log
2014-04-06 20:26 - 2014-04-06 21:24 - 00013454 _____ () C:\WINDOWS\KB2876331.log
2014-04-06 20:26 - 2014-04-06 21:24 - 00012850 _____ () C:\WINDOWS\KB2868626.log
2014-04-06 20:26 - 2014-04-06 21:24 - 00011868 _____ () C:\WINDOWS\KB2862152.log
2014-04-06 20:26 - 2013-07-16 20:58 - 00123008 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbvideo.sys
2014-04-06 20:26 - 2013-07-02 22:12 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys
2014-04-06 20:25 - 2014-04-06 21:22 - 00011371 _____ () C:\WINDOWS\KB2847311.log
2014-04-06 20:25 - 2013-08-08 20:55 - 00144128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys
2014-04-06 20:25 - 2013-08-08 20:55 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2014-04-06 20:25 - 2009-03-18 07:02 - 00030336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys
2014-04-06 20:24 - 2014-04-06 20:59 - 00010853 _____ () C:\WINDOWS\KB2864063.log
2014-04-06 20:24 - 2014-04-06 20:58 - 00010327 _____ () C:\WINDOWS\KB2876217.log
2014-04-06 20:23 - 2014-04-06 20:58 - 00009865 _____ () C:\WINDOWS\KB2850869.log
2014-04-06 20:22 - 2014-04-06 20:40 - 00010702 _____ () C:\WINDOWS\KB2859537.log
2014-04-06 20:20 - 2014-04-06 20:34 - 00012365 _____ () C:\WINDOWS\KB2813345.log
2014-04-06 20:19 - 2014-04-06 20:34 - 00011261 _____ () C:\WINDOWS\KB2820917.log
2014-04-06 20:19 - 2013-02-11 20:32 - 00012928 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usb8023x.sys

==================== One Month Modified Files and Folders =======

2014-04-23 17:12 - 2014-04-23 17:12 - 00014447 _____ () C:\Documents and Settings\Owner\Desktop\FRST.txt
2014-04-23 17:12 - 2014-04-23 17:11 - 00000000 ____D () C:\FRST
2014-04-23 17:07 - 2014-04-23 17:07 - 01048576 _____ (Farbar) C:\Documents and Settings\Owner\Desktop\FRST.exe
2014-04-23 16:55 - 2009-08-21 17:03 - 01406596 _____ () C:\WINDOWS\WindowsUpdate.log
2014-04-23 16:46 - 2014-04-22 16:44 - 00000000 ____D () C:\Documents and Settings\Owner\My Documents\NicoFox
2014-04-23 16:39 - 2014-04-12 03:17 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-04-23 16:25 - 2013-11-08 05:07 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-04-23 10:49 - 2011-09-13 23:47 - 00000000 ____D () C:\WINDOWS\system32\Drivers\AVG
2014-04-23 06:24 - 2010-12-20 22:10 - 00000069 _____ () C:\WINDOWS\NeroDigital.ini
2014-04-23 01:24 - 2009-08-24 14:31 - 00000422 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{6E06549C-9903-4F1E-B0CD-52D3A50D1F37}.job
2014-04-22 17:25 - 2014-04-22 17:25 - 00000565 _____ () C:\Documents and Settings\Owner\Application Data\mbam.context.scan
2014-04-22 02:25 - 2009-08-21 17:10 - 00032440 _____ () C:\WINDOWS\SchedLgU.Txt
2014-04-19 18:46 - 2012-05-30 20:26 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-04-19 08:01 - 2009-08-25 18:35 - 00202240 _____ () C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-19 04:10 - 2009-08-21 17:10 - 00000000 ____D () C:\Documents and Settings\Owner
2014-04-19 03:40 - 2009-08-24 10:29 - 00000000 ____D () C:\Documents and Settings\Owner\My Documents\Sony ACID Music Studio 6.0 Projects
2014-04-19 03:19 - 2011-01-21 21:29 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\FileZilla
2014-04-17 20:33 - 2014-04-17 20:32 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-12 03:17 - 2014-04-12 03:17 - 00000777 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-12 03:17 - 2014-04-12 03:17 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-12 03:17 - 2013-02-05 18:03 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\Malwarebytes
2014-04-12 03:16 - 2014-04-12 03:16 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-12 03:16 - 2013-02-05 18:03 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-04-12 03:16 - 2013-02-05 18:03 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-04-09 02:48 - 2008-04-14 08:00 - 00012598 _____ () C:\WINDOWS\system32\wpa.dbl
2014-04-09 00:44 - 2009-08-21 12:21 - 00015800 _____ () C:\WINDOWS\wiadebug.log
2014-04-09 00:40 - 2009-08-24 11:03 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Desktop Extras
2014-04-08 16:42 - 2014-04-07 00:47 - 00000216 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-04-07 00:48 - 2009-08-21 12:21 - 00000048 _____ () C:\WINDOWS\wiaservc.log
2014-04-07 00:47 - 2014-04-07 00:47 - 00000222 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-04-07 00:47 - 2009-08-21 17:10 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-04-07 00:47 - 2009-08-21 12:16 - 00139648 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-04-07 00:45 - 2014-04-07 00:45 - 00373800 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2014-04-07 00:45 - 2009-08-21 17:10 - 00000178 ___SH () C:\Documents and Settings\Owner\ntuser.ini
2014-04-06 22:36 - 2009-08-24 13:22 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-04-06 22:17 - 2014-04-06 22:12 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-04-06 22:11 - 2014-04-06 22:09 - 00019921 _____ () C:\WINDOWS\KB2925418-IE8.log
2014-04-06 22:11 - 2014-04-06 20:34 - 00050622 _____ () C:\WINDOWS\setupapi.log
2014-04-06 22:11 - 2009-08-24 13:25 - 00089331 _____ () C:\WINDOWS\updspapi.log
2014-04-06 22:11 - 2009-08-21 12:19 - 01455820 _____ () C:\WINDOWS\FaxSetup.log
2014-04-06 22:11 - 2009-08-21 12:19 - 00718213 _____ () C:\WINDOWS\ocgen.log
2014-04-06 22:11 - 2009-08-21 12:19 - 00568016 _____ () C:\WINDOWS\tsoc.log
2014-04-06 22:11 - 2009-08-21 12:19 - 00493932 _____ () C:\WINDOWS\comsetup.log
2014-04-06 22:11 - 2009-08-21 12:19 - 00299454 _____ () C:\WINDOWS\ntdtcsetup.log
2014-04-06 22:11 - 2009-08-21 12:19 - 00228388 _____ () C:\WINDOWS\iis6.log
2014-04-06 22:11 - 2009-08-21 12:19 - 00081333 _____ () C:\WINDOWS\ocmsn.log
2014-04-06 22:11 - 2009-08-21 12:19 - 00073721 _____ () C:\WINDOWS\msgsocm.log
2014-04-06 22:11 - 2009-08-21 12:19 - 00001355 _____ () C:\WINDOWS\imsins.log
2014-04-06 22:10 - 2009-08-24 13:40 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-04-06 22:09 - 2014-04-06 22:09 - 00011109 _____ () C:\WINDOWS\KB2934207.log
2014-04-06 22:09 - 2014-04-06 22:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-04-06 22:09 - 2014-04-06 22:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-04-06 22:09 - 2014-04-06 22:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-04-06 22:09 - 2014-04-06 20:31 - 00015495 _____ () C:\WINDOWS\KB2929961.log
2014-04-06 22:09 - 2014-04-06 20:30 - 00016501 _____ () C:\WINDOWS\KB2930275.log
2014-04-06 22:09 - 2009-08-21 12:19 - 00001355 _____ () C:\WINDOWS\imsins.BAK
2014-04-06 22:08 - 2009-08-21 12:19 - 00610260 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-06 21:49 - 2014-04-06 21:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-04-06 21:49 - 2014-04-06 20:29 - 00015129 _____ () C:\WINDOWS\KB2916036.log
2014-04-06 21:39 - 2014-04-06 21:39 - 00010129 _____ () C:\WINDOWS\KB2909210-IE8.log
2014-04-06 21:26 - 2014-04-06 21:26 - 00010001 _____ () C:\WINDOWS\KB2914368.log
2014-04-06 21:26 - 2014-04-06 21:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-04-06 21:26 - 2014-04-06 21:25 - 00009970 _____ () C:\WINDOWS\KB2904266.log
2014-04-06 21:26 - 2009-08-24 13:27 - 00236580 _____ () C:\WINDOWS\system32\TZLog.log
2014-04-06 21:25 - 2014-04-06 21:25 - 00008661 _____ () C:\WINDOWS\KB2900986.log
2014-04-06 21:25 - 2014-04-06 21:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
2014-04-06 21:25 - 2014-04-06 21:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2014-04-06 21:25 - 2014-04-06 21:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2014-04-06 21:25 - 2014-04-06 21:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2014-04-06 21:25 - 2014-04-06 21:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2014-04-06 21:25 - 2014-04-06 20:27 - 00015060 _____ () C:\WINDOWS\KB2898715.log
2014-04-06 21:25 - 2014-04-06 20:27 - 00013459 _____ () C:\WINDOWS\KB2892075.log
2014-04-06 21:25 - 2014-04-06 20:26 - 00013667 _____ () C:\WINDOWS\KB2893294.log
2014-04-06 21:24 - 2014-04-06 21:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2014-04-06 21:24 - 2014-04-06 21:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2014-04-06 21:24 - 2014-04-06 21:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$
2014-04-06 21:24 - 2014-04-06 21:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2014-04-06 21:24 - 2014-04-06 21:23 - 00007938 _____ () C:\WINDOWS\KB2868038.log
2014-04-06 21:24 - 2014-04-06 20:26 - 00013454 _____ () C:\WINDOWS\KB2876331.log
2014-04-06 21:24 - 2014-04-06 20:26 - 00012850 _____ () C:\WINDOWS\KB2868626.log
2014-04-06 21:24 - 2014-04-06 20:26 - 00011868 _____ () C:\WINDOWS\KB2862152.log
2014-04-06 21:23 - 2014-04-06 21:23 - 00007795 _____ () C:\WINDOWS\KB2862335.log
2014-04-06 21:23 - 2014-04-06 21:23 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862335$
2014-04-06 21:23 - 2014-04-06 21:23 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$
2014-04-06 21:22 - 2014-04-06 21:22 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2847311$
2014-04-06 21:22 - 2014-04-06 20:25 - 00011371 _____ () C:\WINDOWS\KB2847311.log
2014-04-06 20:59 - 2014-04-06 20:24 - 00010853 _____ () C:\WINDOWS\KB2864063.log
2014-04-06 20:58 - 2014-04-06 20:58 - 00005995 _____ () C:\WINDOWS\KB2834904-v2.log
2014-04-06 20:58 - 2014-04-06 20:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876217$
2014-04-06 20:58 - 2014-04-06 20:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2864063$
2014-04-06 20:58 - 2014-04-06 20:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2850869$
2014-04-06 20:58 - 2014-04-06 20:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2014-04-06 20:58 - 2014-04-06 20:24 - 00010327 _____ () C:\WINDOWS\KB2876217.log
2014-04-06 20:58 - 2014-04-06 20:23 - 00009865 _____ () C:\WINDOWS\KB2850869.log
2014-04-06 20:40 - 2014-04-06 20:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2859537$
2014-04-06 20:40 - 2014-04-06 20:22 - 00010702 _____ () C:\WINDOWS\KB2859537.log
2014-04-06 20:39 - 2014-04-06 20:39 - 00004715 _____ () C:\WINDOWS\KB2834886.log
2014-04-06 20:39 - 2014-04-06 20:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834886$
2014-04-06 20:38 - 2009-08-24 13:45 - 00000000 ____D () C:\WINDOWS\system32\XPSViewer
2014-04-06 20:34 - 2014-04-06 20:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2820917$
2014-04-06 20:34 - 2014-04-06 20:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2813345$
2014-04-06 20:34 - 2014-04-06 20:33 - 00007101 _____ () C:\WINDOWS\KB2807986.log
2014-04-06 20:34 - 2014-04-06 20:20 - 00012365 _____ () C:\WINDOWS\KB2813345.log
2014-04-06 20:34 - 2014-04-06 20:19 - 00011261 _____ () C:\WINDOWS\KB2820917.log
2014-04-06 20:33 - 2014-04-06 20:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2807986$
2014-04-06 20:33 - 2009-08-24 13:11 - 00000000 ____D () C:\WINDOWS\$hf_mig$
2014-04-05 22:54 - 2011-06-07 00:59 - 00002479 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Word.lnk
2014-04-03 09:51 - 2014-04-12 03:16 - 00050648 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-04-03 09:50 - 2013-02-05 18:03 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-27 00:26 - 2013-11-08 05:17 - 00002315 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2014-03-26 16:32 - 2012-11-02 19:53 - 00000000 ____D () C:\Documents and Settings\Owner\My Documents\My Digital Editions

Some content of TEMP:
====================
C:\Documents and Settings\Owner\Local Settings\Temp\jre-7u45-windows-i586-iftw.exe
C:\Documents and Settings\Owner\Local Settings\Temp\jre-7u51-windows-i586-iftw.exe

==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-04-2014
Ran by Owner at 2014-04-23 17:14:00
Running from C:\Documents and Settings\Owner\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: AVG Anti-Virus Free Edition 2012 (Disabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

==================== Installed Programs ======================

Acrobat.com (HKLM\...\{6D8D64BE-F500-55B6-705D-DFD08AFE0624}) (Version: 1.7.186 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.1.8210 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.1.8210 - Adobe Systems Inc.) Hidden
Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}) (Version: 3.3.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{C41300B9-185D-475E-BFEC-39EF732F19B1}) (Version: 2.1.2.120 - Apple Inc.)
ArcSoft PhotoStudio 5.5 (HKLM\...\{D2261C4B-4D9B-4149-8472-31B7A2FEAB91}) (Version: - ArcSoft)
AVG 2012 (HKLM\...\AVG) (Version: 2012.1.2247 - AVG Technologies)
AVG 2012 (Version: 12.0.3722 - AVG Technologies) Hidden
AVG 2012 (Version: 12.1.2247 - AVG Technologies) Hidden
Bonjour (HKLM\...\{2A981294-F14C-4F0F-9627-D793270922F8}) (Version: 2.0.4.0 - Apple Inc.)
ComicRack v0.9.134 (HKLM\...\ComicRack) (Version: v0.9.134 - cYo Soft)
Conexant D850 56K V.9x DFVc Modem (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1) (Version: - )
Express Scribe (HKLM\...\Scribe) (Version: - NCH Software)
FileZilla Client 3.3.5.1 (HKLM\...\FileZilla Client) (Version: 3.3.5.1 - )
GIF Movie Gear 4.1.1 (HKLM\...\GIF Movie Gear_is1) (Version: - gamani productions)
GIMP 2.6.11 (HKLM\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Intel® Extreme Graphics 2 Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4396 - )
Intel® PRO Network Adapters and Drivers (HKLM\...\PROSet) (Version: - )
iTunes (HKLM\...\{AAD47011-8518-4608-9656-951DA35B587B}) (Version: 10.1.2.17 - Apple Inc.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java 6 Update 29 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.290 - Sun Microsystems, Inc.)
JavaFX 2.1.0 (HKLM\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
K-Lite Codec Pack 5.0.5 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 5.0.5 - )
Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version: - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Word 2000 (HKLM\...\{00170409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 en-US) (HKLM\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero - Burning Rom (HKLM\...\{A4D7B764-4140-11D4-88EB-0050DA3579C0}) (Version: 5.5.9 - ahead software gmbh)
Nero 8 Essentials (HKLM\...\{7FD7FB8C-2C75-4A8E-A236-EB23C5CD1033}) (Version: 8.3.582 - Nero AG)
neroxml (Version: 1.0.0 - Nero AG) Hidden
NJStar Communicator (HKLM\...\NJStar Communicator) (Version: 2.75 - NJStar Software Corp.)
QuickTime (HKLM\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
RAD Video Tools (HKLM\...\RADVideo) (Version: - )
SolveigMM AVI Trimmer (HKLM\...\SolveigMM AVI Trimmer) (Version: 1.6.910.1 - Solveig Multimedia)
Sony ACID Music Studio 6.0 (HKLM\...\{805B2966-0CFB-4DD2-9307-B397C1EA4D14}) (Version: 6.0.46 - Sony)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Ulead Video@Home 2.0 (HKLM\...\{B2CFC580-7EE9-4D47-B691-8C314E1FF442}) (Version: 2.0 - Ulead Systems)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2473228) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB972636) (HKLM\...\KB972636-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Verizon Online (HKLM\...\{25EF00BE-F17B-11D6-88EA-000476CD2443}) (Version: - )
Verizon Online Support Center (HKLM\...\{25EF00A1-F17B-11D6-88EA-000476CD2443}) (Version: - )
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Winamp (HKLM\...\Winamp) (Version: 5.56 - Nullsoft, Inc)
Windows Defender (HKLM\...\{A06275F4-324B-4E85-95E6-87B2CD729401}) (Version: 1.1.1593.21 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version: - )
Windows Media Encoder 9 Series (Version: 9.00.2980 - Microsoft Corporation) Hidden
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows Media Player 11 (Version: - Microsoft Corporation) Hidden
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )

==================== Restore Points =========================

28-03-2014 04:52:38 System Checkpoint
29-03-2014 05:17:44 System Checkpoint
30-03-2014 07:49:04 System Checkpoint
31-03-2014 07:51:00 System Checkpoint
01-04-2014 08:04:15 System Checkpoint
02-04-2014 08:24:15 System Checkpoint
03-04-2014 09:33:47 System Checkpoint
04-04-2014 09:49:07 System Checkpoint
05-04-2014 10:01:58 System Checkpoint
06-04-2014 11:01:58 System Checkpoint
07-04-2014 00:33:22 Software Distribution Service 3.0
08-04-2014 00:51:50 System Checkpoint
09-04-2014 00:54:05 System Checkpoint
10-04-2014 00:54:58 System Checkpoint
11-04-2014 01:40:09 System Checkpoint
12-04-2014 02:12:48 System Checkpoint
13-04-2014 03:29:26 System Checkpoint
14-04-2014 05:16:11 System Checkpoint
15-04-2014 06:36:36 System Checkpoint
16-04-2014 06:39:02 System Checkpoint
17-04-2014 07:45:53 System Checkpoint
18-04-2014 07:58:10 System Checkpoint
19-04-2014 09:13:17 System Checkpoint
20-04-2014 09:50:02 System Checkpoint
21-04-2014 10:43:12 System Checkpoint
22-04-2014 10:53:39 System Checkpoint
23-04-2014 12:21:28 System Checkpoint

==================== Hosts content: ==========================

2011-02-26 18:18 - 2013-06-13 02:45 - 00448813 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1   www.007guard.com
127.0.0.1   007guard.com
127.0.0.1   008i.com
127.0.0.1   www.008k.com
127.0.0.1   008k.com
127.0.0.1   www.00hq.com
127.0.0.1   00hq.com
127.0.0.1   010402.com
127.0.0.1   www.032439.com
127.0.0.1   032439.com
127.0.0.1   www.0scan.com
127.0.0.1   0scan.com
127.0.0.1   1000gratisproben.com
127.0.0.1   www.1000gratisproben.com
127.0.0.1   1001namen.com
127.0.0.1   www.1001namen.com
127.0.0.1   100888290cs.com
127.0.0.1   www.100888290cs.com
127.0.0.1   www.100sexlinks.com
127.0.0.1   100sexlinks.com
127.0.0.1   10sek.com
127.0.0.1   www.10sek.com
127.0.0.1   www.1-2005-search.com
127.0.0.1   1-2005-search.com
127.0.0.1   123fporn.info
127.0.0.1   www.123fporn.info
127.0.0.1   123haustiereundmehr.com
127.0.0.1   www.123haustiereundmehr.com
127.0.0.1   123moviedownload.com

There are 1000 more lines.

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{6E06549C-9903-4F1E-B0CD-52D3A50D1F37}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2010-11-21 10:54 - 2010-11-21 10:54 - 00094208 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2009-08-31 07:14 - 2009-08-16 17:06 - 00141312 _____ () C:\Program Files\WinRAR\rarext.dll
2008-04-14 08:00 - 2008-04-14 08:00 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2009-11-03 16:51 - 2009-11-03 16:51 - 00067872 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-17 20:32 - 2014-04-17 20:33 - 03642480 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-03-12 14:25 - 2014-03-12 14:25 - 16276872 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\Temp:5C321E34

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\klmdb.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\klmdb.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (04/23/2014 06:29:23 AM) (Source: Application Hang) (User: )
Description: Hanging application NeroVision.exe, version 5.3.3.2, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (04/23/2014 06:29:23 AM) (Source: Application Hang) (User: )
Description: Hanging application NeroVision.exe, version 5.3.3.2, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (04/23/2014 06:23:34 AM) (Source: Application Hang) (User: )
Description: Hanging application NeroVision.exe, version 5.3.3.2, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

System errors:
=============
Error: (04/22/2014 08:44:22 AM) (Source: 0) (User: )
Description: \Device\CdRom1

Error: (04/22/2014 08:44:17 AM) (Source: 0) (User: )
Description: \Device\CdRom1

Error: (04/22/2014 08:44:11 AM) (Source: 0) (User: )
Description: \Device\CdRom1

Error: (04/22/2014 08:44:07 AM) (Source: 0) (User: )
Description: \Device\CdRom1

Error: (04/22/2014 08:44:03 AM) (Source: 0) (User: )
Description: \Device\CdRom1

Error: (04/22/2014 08:43:58 AM) (Source: 0) (User: )
Description: \Device\CdRom1

Error: (04/22/2014 08:43:16 AM) (Source: 0) (User: )
Description: \Device\CdRom1

Error: (04/22/2014 08:43:10 AM) (Source: 0) (User: )
Description: \Device\CdRom1

Error: (04/22/2014 08:43:05 AM) (Source: 0) (User: )
Description: \Device\CdRom1

Error: (04/22/2014 08:42:36 AM) (Source: 0) (User: )
Description: \Device\CdRom1

Microsoft Office Sessions:
=========================
Error: (04/23/2014 06:29:23 AM) (Source: Application Hang)(User: )
Description: NeroVision.exe5.3.3.2hungapp0.0.0.000000000

Error: (04/23/2014 06:29:23 AM) (Source: Application Hang)(User: )
Description: NeroVision.exe5.3.3.2hungapp0.0.0.000000000

Error: (04/23/2014 06:23:34 AM) (Source: Application Hang)(User: )
Description: NeroVision.exe5.3.3.2hungapp0.0.0.000000000

==================== Memory info ===========================

Percentage of memory in use: 48%
Total physical RAM: 1533.98 MB
Available physical RAM: 788.35 MB
Total Pagefile: 2155.65 MB
Available Pagefile: 1313.13 MB
Total Virtual: 2047.88 MB
Available Virtual: 1923.57 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:37.24 GB) (Free:13.01 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 37 GB) (Disk ID: D0F4738C)
Partition 1: (Active) - (Size=37 GB) - (Type=07 NTFS)

==================== End Of Log ============================

CheckResults.txt

Firefox · April 24, 2014

Hello and :welcome:

Lets try this first....

Please try the following and let us know if this corrects your issue or not. - MBAM Clean Removal Process 2x
If that does not correct the issue then please read the following and post back the requested logs. - Diagnostic Logs
NOTE: There is an FAQ section with valuable information located here: - Common Questions, Issues, and their Solutions
NOTE: You may also want to try installing the new beta which has corrected some previously reported issues: - Malwarebytes Anti-Malware 2.0.2 Public Beta

Thank You

bleu · April 24, 2014

Thank you for your quick reply!

I'm currently doing a Threat Scan with the fresh install. Will follow your instructions should it still take too long.

But the option to right-click a file to scan with MBAM is gone completely now. Is that no longer available?

Firefox · April 24, 2014

The option to right-click is still available, but its disabled by default. To turn it back on, just open Malwarebytes, click on Settings and Under General Settings simple but a check on Explorer context menu entry and that will turn it on.

Sign In

Mbam 2 Threat Scan Over 3 Hours, Can't Scan Single Files

Recommended Posts

bleu

Link to post

Share on other sites

Firefox

Link to post

Share on other sites

bleu

Link to post

Share on other sites

Firefox

Link to post

Share on other sites

Create an account or sign in to comment

Create an account

Sign in

Recently Browsing 0 members

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information