Jump to content

Windows update error 80246008 - no bits service


yemd

Recommended Posts

my harddrive crashed a few months back and i had a friend of mine who is a computer technician install a new harddrive. for a while, i was having problems with versions of .net framework not being installed, working properly or allowing me to install new versions. it seemed to have something to do with windows update not working or running in any capacity. i finally found a way to get the running again and that was by manually downloading an .iso of windows 7 service update 1 and running it. once i did that, windows update started working again, or so i thought, and i was finally able to get .net framework working again. i tried to use windows update to download over 100 important updates. when i tried to do so it stopped and gave me the error above. i've looked at a few threads and noticed some people having similar issues that were resolved with the help of some users and admin here. i'm hoping you guys will have some steps or information for me. thanks

Link to post
Share on other sites

  • Root Admin

Please run the following mbam-check tool so that we can get a better look at what's going on.

Create an mbam-check log:

Download mbam-check.exe from here and save it to your desktop

http://downloads.malwarebytes.org/file/mbam_check

Double-click on mbam-check.exe to run it. When done it should then open a log file

Please attach the log to your next reply, it should be on your desktop as "CheckResults.txt"

Next, please download DDS from one of the locations below and save it to your desktop.

here: http://download.bleepingcomputer.com/sUBs/dds.scr

or

here: http://download.bleepingcomputer.com/sUBs/dds.com

Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click dds.scr or dds.com to run the tool, on Vista or Win 7 right click and select Run as administrator

Click the Run button if prompted with an Open File - Security Warning dialog box.

A black DOS console should open and run for a moment.

When done, DDS will open two (2) logs:

DDS.txt

Attach.txt

Save both reports to your desktop

Please attach the following logs in your next reply: DDS.txt and Attach.txt

You can ignore the note about zipping the Attach.txt file and just attach it to your reply.

Thank you

Link to post
Share on other sites

mbam-check result log version: 2.0.0.1000

Malwarebytes Version: REG_SZ 1.65.1.1000

Date Log Created: 11/25/12

Time Log Created: 09:16:11

User Account type: Administrator

64 bit Operating System

Product Name: REG_SZ Windows 7 Home Premium

Current Build Number: 7601

Current Version Number: 6.1

Current CSDVersion: Service Pack 1

Proxy Status: No proxy is Set

Proxy Override:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\

ProxyOverride REG_SZ *.local;<local>

LAN Settings:

=============

only 'Automatically detect settings' is selected

SystemPartition:

================

HKEY_LOCAL_MACHINE\SYSTEM\Setup\

SystemPartition REG_SZ \Device\HarddiskVolume2

Balloon Tips Status:

====================

Enabled

Time Format Settings:

=====================

Should be:

h:mm:ss tt

AM

PM

:

Currently:

REG_SZ h:mm:ss tt

REG_SZ AM

REG_SZ PM

REG_SZ :

Language and Regional Settings:

===============================

ACP: Language is English (United States)

MACCP: Language is English (United States)

OEMCP: Language is English (United States)

Startup Folders for Error_Expanding_Variables Check:

====================================================

All Users Startup Folder Exists.

Current User's Startup Folder Exists.

Terminal Services Status for (null) entries in PM logs and GetUserToken errors:

===============================================================================

TERMService:

==============

Type : 32

State : 4 (The service is running.)

WIN32_EXIT_CODE : 0

SERVICE_EXIT_CODE : 0

CHECKPOINT : 0

WAIT_HINT : 0

TermService Start is set to: 2 (Automatic Startup)

Compatibility Flag Settings (Any MBAM file listings should be removed):

=======================================================================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers

C:\Users\Dell\AppData\Local\Temp\InstallFlashPlayer.exeREG_SZ WINXPSP2

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers

C:\Program Files (x86)\Wolfenstein - Enemy Territory\ET.exeREG_SZ WINXPSP3 RUNASADMIN

Malwarebytes Anti-Malware Shell Extension Block Check:

======================================================

MBAM Startup Entries:

=====================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce

Launcher REG_EXPAND_SZ C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe

Malwarebytes Anti-Malware REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

Malwarebytes Anti-Malware (cleanup)REG_SZ rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

DSUpdateLauncher REG_SZ "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"

Service and Driver Status:

==========================

<--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMProtector

<--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMService

<--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMScheduler

<--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon

MBAMProtector Registry Values:

==============================

MBAMService Registry Values:

============================

MBAMScheduler Registry Values:

==============================

MBAM DLL's and Runtime Files:

=============================

HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid

(Default): REG_SZ vbAccelerator Grid Control

HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid\Clsid

(Default): REG_SZ {C5DA1F2B-B2BF-4DFC-BC9A-439133543A67}

HKEY_CLASSES_ROOT\SSubTimer6.GSubclass

(Default): REG_SZ SSubTimer6.GSubclass

HKEY_CLASSES_ROOT\SSubTimer6.GSubclass\Clsid

(Default): REG_SZ {71A27032-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\SSubTimer6.CTimer

(Default): REG_SZ SSubTimer6.CTimer

HKEY_CLASSES_ROOT\SSubTimer6.CTimer\Clsid

(Default): REG_SZ {71A27034-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\SSubTimer6.ISubclass

(Default): REG_SZ SSubTimer6.ISubclass

HKEY_CLASSES_ROOT\SSubTimer6.ISubclass\Clsid

(Default): REG_SZ {71A2702F-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}

(Default): REG_SZ SSubTimer6.ISubclass

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\ProgID

(Default): REG_SZ SSubTimer6.ISubclass

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Programmable

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\VERSION

(Default): REG_SZ 1.0

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}

(Default): REG_SZ SSubTimer6.GSubclass

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32

(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll

ThreadingModel REG_SZ Apartment

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\ProgID

(Default): REG_SZ SSubTimer6.GSubclass

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Programmable

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\VERSION

(Default): REG_SZ 1.0

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}

(Default): REG_SZ SSubTimer6.CTimer

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32

(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll

ThreadingModel REG_SZ Apartment

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\ProgID

(Default): REG_SZ SSubTimer6.CTimer

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Programmable

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\VERSION

(Default): REG_SZ 1.0

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1

(Default): REG_SZ vbAccelerator VB6 SGrid Control 2.0

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0\win32

(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocx

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\FLAGS

(Default): REG_SZ 2

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\HELPDIR

(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1

(Default): REG_SZ vbAccelerator VB6 SGrid Control 2.0

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0\win32

(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocx

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\FLAGS

(Default): REG_SZ 2

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\HELPDIR

(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0

(Default): REG_SZ vbAccelerator VB6 Subclassing and Timer Assistant (with configurable message response, multi-control support + timer bug fix)

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0\win32

(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\FLAGS

(Default): REG_SZ 0

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\HELPDIR

(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0

(Default): REG_SZ vbAccelerator VB6 Subclassing and Timer Assistant (with configurable message response, multi-control support + timer bug fix)

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0\win32

(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\FLAGS

(Default): REG_SZ 0

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\HELPDIR

(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware

HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}

(Default): REG_SZ _ISubclass

HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32

(Default): REG_SZ {00020424-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

Version REG_SZ 1.0

HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}

(Default): REG_SZ ISubclass

HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid

(Default): REG_SZ {00020424-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32

(Default): REG_SZ {00020424-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

Version REG_SZ 1.0

HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}

(Default): REG_SZ __CTimer

HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32

(Default): REG_SZ {00020420-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

Version REG_SZ 1.0

HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}

(Default): REG_SZ CTimer

HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid

(Default): REG_SZ {00020420-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32

(Default): REG_SZ {00020420-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

Version REG_SZ 1.0

HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}

(Default): REG_SZ __vbalGrid

HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid32

(Default): REG_SZ {00020420-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\TypeLib

(Default): REG_SZ {DE8CE233-DD83-481D-844C-C07B96589D3A}

Version REG_SZ 1.1

HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}

(Default): REG_SZ vbalGrid

HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid

(Default): REG_SZ {00020420-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid32

(Default): REG_SZ {00020420-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\TypeLib

(Default): REG_SZ {DE8CE233-DD83-481D-844C-C07B96589D3A}

Version REG_SZ 1.1

MBAM Registry Settings and License Info:

========================================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware

advancedheuristics REG_DWORD 1

downloadprogram REG_DWORD 1

hidereg REG_DWORD 0

detectp2p REG_DWORD 0

detectpum REG_DWORD 1

detectpup REG_DWORD 2

updatewarn REG_DWORD 1

updatewarndays REG_DWORD 7

useproxy REG_DWORD 0

useauthentication REG_DWORD 0

startipdisabled REG_DWORD 0

notifyinstallprogram REG_DWORD 1

InstallPath REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware

dbdate REG_SZ Sun, 25 Nov 2012 05:28:33 GMT

dbversion REG_SZ v2012.11.25.01

programversion REG_SZ 1.65.1.1000

contextmenu REG_DWORD 1

reportthreats REG_DWORD 1

silentipmode REG_DWORD 0

trialpromptshown REG_DWORD 0

startwithwindows REG_DWORD 1

startfsdisabled REG_DWORD 0

ScanReboot REG_DWORD 1

HKEY_CURRENT_USER\SOFTWARE\Malwarebytes' Anti-Malware

alwaysscanfiles REG_DWORD 1

alwaysscanheuristics REG_DWORD 1

alwaysscanmemory REG_DWORD 1

alwaysscanregistry REG_DWORD 1

alwaysscanstartups REG_DWORD 1

autosavelog REG_DWORD 1

openlog REG_DWORD 1

defaultscan REG_DWORD 0

terminateie REG_DWORD 0

Language REG_SZ English.lng

selectedrives REG_SZ C:\|J:\|L:\|M:\|

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1

Inno Setup: Setup Version REG_SZ 5.4.3 (a)

Inno Setup: App Path REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware

InstallLocation REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\

Inno Setup: Icon Group REG_SZ Malwarebytes' Anti-Malware

Inno Setup: User REG_SZ Dell

Inno Setup: Selected Tasks REG_DWORD 0

Inno Setup: Deselected Tasks REG_SZ desktopicon,quicklaunchicon

Inno Setup: Language REG_SZ English

DisplayName REG_SZ Malwarebytes Anti-Malware version 1.65.1.1000

DisplayIcon REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

UninstallString REG_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"

QuietUninstallString REG_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" /SILENT

DisplayVersion REG_SZ 1.65.1.1000

Publisher REG_SZ Malwarebytes Corporation

URLInfoAbout REG_SZ http://www.malwarebytes.org

NoModify REG_DWORD 1

NoRepair REG_DWORD 1

InstallDate REG_SZ 20121125

MajorVersion REG_DWORD 1

MinorVersion REG_DWORD 65

EstimatedSize REG_DWORD 19910

Pending File Rename Operations:

================================

If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\

PendingFileRenameOperations REG_MULTI_SZ \??\C:\Users\Dell\Local Settings\Application Data\Xenocode\Sandbox\Horizon\2.4.0.0\2012.09.26T01.28\Native\STUBEXE\8.0.1112\@WINDIR@\Microsoft.NET\Framework\v2.0.50727\csc.exe

Scheduler Queue:

================

Context Menu Entries:

=====================

HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\MBAMShlExt

(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\MBAMShlExt

(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt

(Default): REG_SZ MBAMShlExt Class

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CLSID

(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CurVer

(Default): REG_SZ MBAMExt.MBAMShlExt.1

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1

(Default): REG_SZ MBAMShlExt Class

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1\CLSID

(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}

(Default): REG_SZ IMBAMShlExt

HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid32

(Default): REG_SZ {00020424-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\TypeLib

(Default): REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}

Version REG_SZ 1.0

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}

(Default): REG_SZ MBAMShlExt Class

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32

(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll

ThreadingModel REG_SZ Apartment

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\ProgID

(Default): REG_SZ MBAMExt.MBAMShlExt.1

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\TypeLib

(Default): REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\VersionIndependentProgID

(Default): REG_SZ MBAMExt.MBAMShlExt

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0

(Default): REG_SZ MBAMExt 1.0 Type Library

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win64

(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS

(Default): REG_SZ 0

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR

(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0

(Default): REG_SZ MBAMExt 1.0 Type Library

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win64

(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS

(Default): REG_SZ 0

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR

(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware

MBAM Drivers:

=============

C:\Windows\system32\drivers\mbam.sys File Size: 25928 BYTES FileVersion: 1.60.2.0

Required Dependencies:

======================

<--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: BFE

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime\Filter

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Filter

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Provider

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\SubLayer

fltmgr:

==============

Type : 2

State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)

WIN32_EXIT_CODE : 0

SERVICE_EXIT_CODE : 0

CHECKPOINT : 0

WAIT_HINT : 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr

AttachWhenLoaded REG_DWORD 1

DisplayName REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10001

Group REG_SZ FSFilter Infrastructure

ImagePath REG_EXPAND_SZ system32\drivers\fltmgr.sys

Description REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10000

ErrorControl REG_DWORD 3

Start REG_DWORD 0

Tag REG_DWORD 1

Type REG_DWORD 2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum

0 REG_SZ Root\LEGACY_FLTMGR\0000

Count REG_DWORD 1

NextInstance REG_DWORD 1

C:\Windows\system32\drivers\fltmgr.sys File Size: 289664 BYTES FileVersion: 6.1.7601.17514

C:\Windows\SysWOW64\olepro32.dll File Size: 90112 BYTES FileVersion: 6.1.7601.17514

List of MBAM Related Directories:

=================================

C:\Program Files (x86)\Malwarebytes' Anti-Malware

changes.txt File Size: 576 BYTES

license.txt File Size: 11141 BYTES

mbam.chm File Size: 582708 BYTES

mbam.dll File Size: 499784 BYTES FileVersion: 1.65.0.0

mbam.exe File Size: 981656 BYTES FileVersion: 1.62.0.140

mbamcore.dll File Size: 1089608 BYTES FileVersion: 1.62.0.0

mbamext.dll File Size: 95304 BYTES FileVersion: 1.61.0.0

mbamgui.exe File Size: 766536 BYTES FileVersion: 1.65.0.0

mbamnet.dll File Size: 2168904 BYTES FileVersion: 1.62.0.0

mbampt.exe File Size: 40008 BYTES FileVersion: 1.61.0.0

mbamscheduler.exe File Size: 399432 BYTES FileVersion: 1.65.0.0

mbamservice.exe File Size: 676936 BYTES FileVersion: 1.65.0.0

ssubtmr6.dll File Size: 46416 BYTES FileVersion: 1.1.0.3

unins000.dat File Size: 28979 BYTES

unins000.exe File Size: 711240 BYTES FileVersion: 51.52.0.0

unins000.msg File Size: 10550 BYTES

vbalsgrid6.ocx File Size: 496976 BYTES FileVersion: 2.0.0.40

C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon

chameleon.chm File Size: 186068 BYTES

firefox.com File Size: 218184 BYTES

firefox.exe File Size: 218184 BYTES

firefox.pif File Size: 218184 BYTES

firefox.scr File Size: 218184 BYTES

iexplore.exe File Size: 218184 BYTES

mbam-chameleon.com File Size: 218184 BYTES

mbam-chameleon.exe File Size: 218184 BYTES

mbam-chameleon.pif File Size: 218184 BYTES

mbam-chameleon.scr File Size: 218184 BYTES

mbam-killer.exe File Size: 896072 BYTES

rundll32.exe File Size: 218184 BYTES

svchost.exe File Size: 218184 BYTES

winlogon.exe File Size: 218184 BYTES

C:\Program Files (x86)\Malwarebytes' Anti-Malware\Languages

arabic.lng File Size: 21110 BYTES

belarusian.lng File Size: 26026 BYTES

bosnian.lng File Size: 26236 BYTES

bulgarian.lng File Size: 26678 BYTES

catalan.lng File Size: 27226 BYTES

chineseSI.lng File Size: 10642 BYTES

chineseTR.lng File Size: 11588 BYTES

croatian.lng File Size: 25844 BYTES

czech.lng File Size: 23894 BYTES

danish.lng File Size: 25750 BYTES

dutch.lng File Size: 27282 BYTES

english.lng File Size: 23742 BYTES

estonian.lng File Size: 24112 BYTES

finnish.lng File Size: 24990 BYTES

french.lng File Size: 28790 BYTES

german.lng File Size: 28870 BYTES

greek.lng File Size: 28316 BYTES

hebrew.lng File Size: 18714 BYTES

hungarian.lng File Size: 27548 BYTES

italian.lng File Size: 27186 BYTES

japanese.lng File Size: 15814 BYTES

korean.lng File Size: 13710 BYTES

latvian.lng File Size: 26208 BYTES

lithuanian.lng File Size: 26920 BYTES

macedonian.lng File Size: 27830 BYTES

norwegian.lng File Size: 24216 BYTES

polish.lng File Size: 25726 BYTES

portugueseBR.lng File Size: 27720 BYTES

portuguesePT.lng File Size: 28056 BYTES

romanian.lng File Size: 27308 BYTES

russian.lng File Size: 26352 BYTES

serbian.lng File Size: 25970 BYTES

slovak.lng File Size: 24752 BYTES

slovenian.lng File Size: 23998 BYTES

spanish.lng File Size: 29010 BYTES

swedish.lng File Size: 25132 BYTES

thai.lng File Size: 25190 BYTES

turkish.lng File Size: 25046 BYTES

vietnamese.lng File Size: 28574 BYTES

C:\Users\Dell\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware

C:\Users\Dell\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs

mbam-log-2012-08-25 (00-31-30).txt File Size: 2264 BYTES

mbam-log-2012-08-25 (00-38-27).txt File Size: 1824 BYTES

mbam-log-2012-08-28 (08-01-53).txt File Size: 1822 BYTES

mbam-log-2012-08-31 (21-09-30).txt File Size: 1822 BYTES

mbam-log-2012-11-25 (01-28-26).txt File Size: 3012 BYTES

C:\Users\Dell\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine

1513481184.data File Size: 717 BYTES

1513481184.quar File Size: 154624 BYTES

2955327329.data File Size: 840 BYTES

2955327329.quar File Size: 17408 BYTES

3700106966.data File Size: 825 BYTES

4934265473.data File Size: 718 BYTES

4934265473.quar File Size: 127488 BYTES

5361046846.data File Size: 843 BYTES

5361046846.quar File Size: 17408 BYTES

C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware

cleanup.dat File Size: 1083 BYTES

cleanup.dll File Size: 1089608 BYTES FileVersion: 1.62.0.0

rules.ref File Size: 6427350 BYTES

C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Configuration

build.conf File Size: 140 BYTES

config.conf File Size: 3305 BYTES

custom.conf File Size: 20 BYTES

database.conf File Size: 432 BYTES

local.conf File Size: 538 BYTES

manifest.conf File Size: 545 BYTES

messaging.conf File Size: 1430 BYTES

news.conf File Size: 405 BYTES

===============================================================

END OF FILE

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.9.2

Run by Dell at 9:18:12 on 2012-11-25

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8055.4133 [GMT -5:00]

.

AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\Dell\DellDock\DockLogin.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe

C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\SysWOW64\java.exe

C:\Program Files (x86)\Subsonic\subsonic-service.exe

C:\Program Files (x86)\Subsonic\subsonic-service.exe

C:\Windows\system32\vssvc.exe

C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe

C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files (x86)\uTorrent\uTorrent.exe

C:\Users\Dell\AppData\Local\Akamai\netsession_win.exe

C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\Program Files (x86)\Subsonic\subsonic-agent.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe

C:\Program Files (x86)\Dell\DellComms\bin\sprtcmd.exe

C:\Users\Dell\AppData\Local\Akamai\netsession_win.exe

C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\System32\vds.exe

C:\Windows\system32\svchost.exe -k HPService

C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe

C:\Program Files (x86)\Java\jre7\bin\javaw.exe

C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe

C:\Program Files (x86)\Diablo III\Diablo III.exe

C:\Users\Dell\Desktop\LootAlert 1.0.5a\LootAlert.exe

C:\Windows\system32\SearchProtocolHost.exe

c:\Program Files\Microsoft Security Client\MpCmdRun.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll

mURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll

mWinlogon: Userinit = userinit.exe,

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>

BHO: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll

BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

TB: uTorrentControl2 Toolbar: {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll

TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

TB: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll

uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"

uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

uRun: [Driver Tool] C:\Program Files (x86)\Driver Tool\Driver Tool\DriverTool.exe /applicationMode:systemTray /showWelcome:false

uRun: [Akamai NetSession Interface] "C:\Users\Dell\AppData\Local\Akamai\netsession_win.exe"

uRun: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount

mRun: [Driver Genius] <no file>

mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe

mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\Subsonic.lnk - C:\Program Files (x86)\Subsonic\subsonic-agent.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB

DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

TCP: NameServer = 192.168.1.1 75.75.75.75 75.75.76.76

TCP: Interfaces\{AED9FAD7-25EB-44F3-A00D-C6DDA9EA23C0} : DHCPNameServer = 192.168.1.1 75.75.75.75 75.75.76.76

Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

SSODL: WebCheck - <orphaned>

x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

x64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

x64-RunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"

x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

x64-DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned>

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\xt5ee880.default\

FF - prefs.js: browser.startup.homepage - google.com

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-3-20 203888]

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-3-18 55280]

R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]

R2 PS3 Media Server;PS3 Media Server;C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe [2011-5-17 366872]

R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-3-18 656624]

R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-2 3064000]

R2 sprtsvc_DellComms;SupportSoft Sprocket Service (DellComms);C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe [2009-5-5 206064]

R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-11-16 369256]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-3-18 56344]

R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-3-18 321064]

S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-1-5 75624]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]

S3 libusb0;libusb-win32 - Kernel Driver 08/08/2012 0.0.0.0;C:\Windows\System32\drivers\libusb0.sys [2012-8-6 52320]

S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 98688]

S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]

S3 pmxdrv;pmxdrv;C:\Windows\System32\drivers\pmxdrv.sys [2012-11-4 38536]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-24 59392]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]

.

=============== Created Last 30 ================

.

2012-11-25 06:29:09 76232 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C164E4EE-985B-4EE0-9B76-0C237E4DD05C}\offreg.dll

2012-11-24 17:39:58 2622464 ----a-w- C:\Windows\System32\wucltux.dll

2012-11-24 17:39:21 99840 ----a-w- C:\Windows\System32\wudriver.dll

2012-11-24 17:39:01 36864 ----a-w- C:\Windows\System32\wuapp.exe

2012-11-24 17:39:01 186752 ----a-w- C:\Windows\System32\wuwebv.dll

2012-11-24 17:24:21 -------- d-----w- C:\Windows\System32\SPReview

2012-11-24 17:02:15 2560 ----a-w- C:\Windows\System32\drivers\en-US\rdpwd.sys.mui

2012-11-24 17:02:00 3072 ----a-w- C:\Windows\System32\drivers\en-US\tsusbflt.sys.mui

2012-11-24 17:00:17 6144 ----a-w- C:\Windows\System32\drivers\en-US\IPMIDrv.sys.mui

2012-11-24 17:00:06 4608 ----a-w- C:\Windows\System32\drivers\en-US\kbdclass.sys.mui

2012-11-24 16:20:59 867840 ----a-w- C:\Windows\System32\SearchFolder.dll

2012-11-24 16:19:59 98304 ----a-w- C:\Program Files\Common Files\System\msadc\msadcs.dll

2012-11-24 16:17:12 -------- d-----w- C:\Windows\System32\EventProviders

2012-11-24 16:12:44 -------- d-----w- C:\Program Files (x86)\Alcohol Soft

2012-11-24 14:30:07 560184 ----a-w- C:\Windows\System32\drivers\sptd.sys

2012-11-24 05:32:35 -------- d-----w- C:\inetpub

2012-11-24 05:01:17 -------- d-----w- C:\Users\Dell\AppData\Local\Diagnostics

2012-11-22 06:00:00 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C164E4EE-985B-4EE0-9B76-0C237E4DD05C}\mpengine.dll

2012-11-16 05:34:50 -------- d-sh--w- C:\Windows\Installer

2012-11-15 04:02:11 9291768 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-11-11 17:48:50 -------- d-----w- C:\Users\Dell\AppData\Roaming\foobar2000

2012-11-11 17:48:46 -------- d-----w- C:\Program Files (x86)\foobar2000

2012-11-06 21:59:08 -------- d-----w- C:\ProgramData\UAB

2012-11-06 21:59:04 -------- d-----w- C:\Users\Dell\AppData\Local\PC_Drivers_Headquarters

2012-11-06 21:48:31 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab

2012-11-05 20:49:34 -------- d-----w- C:\860e3683069cdb500293662bd3f529

2012-11-04 20:44:43 -------- d-----w- C:\ceaa744c065aad5f4f38216c556031

2012-11-04 20:42:03 -------- d-----w- C:\Program Files\Broadcom

2012-11-04 20:41:23 -------- d-----w- C:\Windows\Dell

2012-11-04 20:40:52 -------- d-----w- C:\Users\Dell\AppData\Local\Downloaded Installations

2012-11-04 20:31:36 38536 ----a-w- C:\Windows\System32\drivers\pmxdrv.sys

2012-11-04 20:05:49 -------- d-----w- C:\Users\Dell\AppData\Local\Akamai

2012-11-04 20:01:21 -------- d-----w- C:\Intel

2012-11-04 20:01:13 -------- d-----w- C:\swsetup

2012-11-04 01:05:32 -------- d-----w- C:\ProgramData\vsosdk

2012-10-27 06:42:24 96224 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe

.

==================== Find3M ====================

.

2012-11-24 17:18:16 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll

2012-11-24 17:18:15 175616 ----a-w- C:\Windows\System32\msclmd.dll

2012-11-10 19:20:22 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-11-10 19:20:21 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-11-03 21:52:54 99384 ----a-w- C:\Users\Dell\AppData\Roaming\inst.exe

2012-11-03 21:52:54 82816 ----a-w- C:\Windows\System32\drivers\pcouffin.sys

2012-11-03 21:52:54 82816 ----a-w- C:\Users\Dell\AppData\Roaming\pcouffin.sys

2012-10-18 05:06:56 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2012-10-18 05:06:53 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-09-30 00:54:26 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

.

============= FINISH: 9:18:51.35 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 7/31/2012 3:52:18 PM

System Uptime: 11/25/2012 1:10:48 AM (8 hours ago)

.

Motherboard: Dell Inc. | | 033FF6

Processor: Intel® Core i5 CPU 650 @ 3.20GHz | CPU 1 | 1184/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 1834 GiB total, 1570.811 GiB free.

D: is CDROM ()

E: is Removable

F: is Removable

G: is Removable

H: is Removable

I: is CDROM ()

J: is FIXED (NTFS) - 1863 GiB total, 632.83 GiB free.

K: is CDROM (UDF)

L: is FIXED (NTFS) - 466 GiB total, 24.056 GiB free.

M: is FIXED (NTFS) - 1862 GiB total, 313.421 GiB free.

N: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}

Description: Officejet 4500 G510n-z

Device ID: ROOT\MULTIFUNCTION\0000

Manufacturer: HP

Name: Officejet 4500 G510n-z

PNP Device ID: ROOT\MULTIFUNCTION\0000

Service:

.

Class GUID:

Description: WD SES Device USB Device

Device ID: USBSTOR\OTHER&VEN_WD&PROD_SES_DEVICE&REV_2003\574D415A4130313432363133&2

Manufacturer:

Name: WD SES Device USB Device

PNP Device ID: USBSTOR\OTHER&VEN_WD&PROD_SES_DEVICE&REV_2003\574D415A4130313432363133&2

Service:

.

==== System Restore Points ===================

.

RP37: 11/24/2012 11:17:32 AM - Windows 7 Service Pack 1

RP38: 11/24/2012 12:38:41 PM - Windows Update

RP39: 11/24/2012 1:30:19 PM - Windows Update

.

==== Installed Programs ======================

.

µTorrent

4500_G510nz_Help_Web

4500_K710_Help_web

4500G510nz_Software_Min

4500G510nz_web

4500K710_Software_Min

4500K710_Web

4Media iPod to PC Transfer

64 Bit HP CIO Components Installer

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader 9.1.2

Akamai NetSession Interface

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Banctec Service Agreement

Bonjour

Broadcom NetXtreme-I Netlink Driver and Management Installer

BufferChm

Combined Community Codec Pack 2011-11-11

Compatibility Pack for the 2007 Office system

ConvertXtoDVD 4.1.11.350

Cozi

Dell Communications (Support Software)

Dell DataSafe Local Backup

Dell DataSafe Local Backup - Support Software

Dell DataSafe Online

Dell Dock

Dell Edoc Viewer

Dell Getting Started Guide

Dell Support Center (Support Software)

Diablo III

Driver Genius Professional Edition

Driver Inspector

FINAL FANTASY VII

foobar2000 v1.1.16

GoToAssist 8.0.0.514

HP Officejet 4500 G510n-z

HP Officejet 4500 K710

iMacsoft iPod to PC Transfer

iTunes

Java 7 Update 9

Java Auto Updater

Java 6 Update 17 (64-bit)

Java 6 Update 33

Junk Mail filter update

Malwarebytes Anti-Malware version 1.65.1.1000

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Search Enhancement Pack

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Sync Framework Runtime Native v1.0 (x86)

Microsoft Sync Framework Services Native v1.0 (x86)

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Microsoft Works

Microsoft Xbox 360 Accessories 1.2

Mozilla Firefox 16.0.2 (x86 en-US)

Mozilla Maintenance Service

Mozilla Thunderbird 14.0 (x86 en-GB)

MSVCRT

Network64

NVIDIA 3D Vision Driver 263.11

NVIDIA Control Panel 263.11

NVIDIA Graphics Driver 263.11

NVIDIA HD Audio Driver 1.1.12.1

NVIDIA Install Application

NVIDIA PhysX

NVIDIA PhysX System Software 9.10.0514

NVIDIA Stereoscopic 3D Driver

Package: Google Nexus 7 ToolKit

PowerDVD DX

PS3 Media Server

PunkBuster Services

Razer Synapse 2.0

Realtek High Definition Audio Driver

Roxio Burn

Scan

Security Update for CAPICOM (KB931906)

SixaxisPairTool 0.1

SixaxisPairTool 0.2.3

Skype Click to Call

Skype™ 5.10

StarCraft II

Steam

Subsonic

System Requirements Lab for Intel

Toolbox

uTorrentControl2 Toolbar

WebReg

WildTangent Games

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Mail

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Gallery

Windows Live Sign-in Assistant

Windows Live Sync

Windows Live Toolbar

Windows Live Upload Tool

Windows Live Writer

WinRAR 4.20 (64-bit)

Wolfenstein - Enemy Territory

Yahoo! Messenger

Yahoo! Software Update

.

==== End Of File ===========================

Link to post
Share on other sites

<kibbitz>

Your logs showed some peer-to-peer filesharing apps: µTorrent &

uTorrentControl2 Toolbar

Please disable or uninstall both those, before going further. Then restart the system fresh.

Risks of File-Sharing Technology.

P2P file sharing: Know the risks

Forum policy on peer-to-peer-programs:

If you're using Peer 2 Peer software such as uTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

http://forums.malwarebytes.org/index.php?showtopic=97700

Your system has the Windows firewall service off and you had mentioned an issue with BITS service too.

Windows services

This will be a batch-fix .

  • Press the Windows-key on keyboard.
  • In the 10-16-2011%204-33-46%20PM.png box, type notepad and press Enter.
  • Highlight the contents of the following codebox, and copy and paste that text into NOTEPAD.
    @Echo off
    sc stop wuauserv
    sc stop bits
    sc config dcomlaunch start= auto
    sc config nsi start= auto
    sc config dhcp start= auto
    sc config rpcss start= auto
    sc config winmgmt start= auto
    sc config wscsvc start= delayed-auto
    sc config bits start= delayed-auto
    sc config wuauserv start= delayed-auto
    sc config sdrsvc start= manual
    sc config vss start= auto
    sc config eventlog start= auto
    sc config bfe start= auto
    sc config eventsystem start= auto
    sc start sdrsvc
    sc start vss
    sc start rpcss
    sc start eventsystem
    sc start bfe
    sc start bits
    sc start wuauserv
    shutdown -r -t 1
    del %0


  • Select File -> Save AS.
  • Press the Desktop button on the left side of the save dialog.
  • In the 10-16-2011%204-37-58%20PM.png box, type in Fix.bat.
  • Press 10-16-2011%204-36-39%20PM.png.
  • Close Notepad.
  • Right click Fix.bat on your desktop, and choose 10-16-2011%204-40-48%20PM.png.
  • Press Yes if prompted by User Account Control.

This procedure will do its tasks and then it will Restart Windows.

Step 2

Check for missing or disabled Windows services, by doing the following, and post detailed results when done !!

From Start button, (or Win-key +R) and in the searcht-box type in MSCONFIG and press OK or Enter.

On Vista or Windows 7, press Windows-key on keybooard, and type in MSCONFIG

You should see the General tab. Click the General tab. It should have Normal startup selected (in the radio-box=selection)

IF it does not, then you click on Normal startup.

Click on Services tab. To get it's display of services.

Keep a written list of any changes from my list of services below. That way you and I have a reference document.

Look at the bottom line Hide all Microsoft services

IF and only IF its is checkmarked, then un-check it.

the list of servies may be shown in non-alphabetical order, so ....

Look at the heading titled "Service". Click on it as needed so the list is sorted and top of list starts with the "A" services.

You can toggle as needed to get the desired order.

IF any of below services are NOT shown, don't panic & do not stop, just write down the info for me and proceed with the others !

Then using the scroll-bar scroll down the list

Look for Background Intelligent Transfer Service. Is it shown? Is it checked? If not, click on that checkbox to checkmark.

Look for Base Filtering Engine. Is it shown? Is it checked? If not, click on that checkbox to checkmark.

Look for COM+ Event System. Is it shown? Is it checked? If not, click on that checkbox to checkmark.

Look for COM+ System Application. Is it shown? Is it checked? If not, click on that checkbox to checkmark.

Look for Cryptographic Services. Is it shown? Is it checked? If not, click on that checkbox to checkmark.

Look for Ipsec Policy Agent. Is it shown? Is it checked? If not, click on that checkbox to checkmark.

Look for Remote Procedure Call (RPC) Locator. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.

Look for RPC Endpoint Mapper. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.

Look for Windows Firewall. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.

Look for Windows Installer. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.

Look for Windows Management Instrumentation. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.

Look for Windows Update. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.

When done, press the Apply button, and the OK button.

You're likely to be prompted to Restart Windows, do so.

If not prompted, you do a Logoff and Restart of Windows.

Then report back here with details.

If any of the services are not shown, just let me know which.

Step 3

Download >> Farbar's Service Scanner utility << and Save to your Desktop.

If using Windows 7 or Vista, Right-Click on fss.exe and select Run As Admisnitrator.

If using XP, double-click to start.

Answer Yes to ok when prompted.

If your firewall then puts out a prompt, again, allow it to run.

Once FSS is on-screen, be sure the following items are checkmarked:

  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center/Action Center
  • Windows Update
  • Windows Defender

Click on "Scan".

It will create a log (FSS.txt) in the same directory the tool is run.

Copy & Paste contents of FSS.txt into your reply.

Finally, start MS Security Essentials and re-enable real-time monitoring. (e.g., turn it back ON)

Link to post
Share on other sites

Base Filtering Engine not showing up in list

BITS not showing up in list

COM+ Event System in list and shown as running

COM+ System Application in list and show as stopped

Cryptographic Services in list and shown as running

Ipsec Policy Agent in list and shown as stopped

RPC Locator in list and shown as stopped

Windows Firewall not showing up in list

Windows Installer in list and shown as stopped

Windows Management Instrumentation in list and shown as running

Windows Update in list and shown as stopped

Farbar Service Scanner Version: 09-11-2012

Ran by Dell (administrator) on 25-11-2012 at 12:44:39

Running from "C:\Users\Dell\Desktop"

Windows 7 Home Premium Service Pack 1 (X64)

Boot Mode: Normal

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Yahoo IP is accessible.

Yahoo.com is accessible.

Windows Firewall:

=============

mpsdrv Service is not running. Checking service configuration:

The start type of mpsdrv service is OK.

The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:

Checking Start type: ATTENTION!=====> Unable to retrieve start type of MpsSvc. The value does not exist.

Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of MpsSvc. The value does not exist.

Unable to retrieve ServiceDll of MpsSvc. The value does not exist.

bfe Service is not running. Checking service configuration:

Checking Start type: ATTENTION!=====> Unable to retrieve start type of bfe. The value does not exist.

Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of bfe. The value does not exist.

Unable to retrieve ServiceDll of bfe. The value does not exist.

Firewall Disabled Policy:

==================

System Restore:

============

System Restore Disabled Policy:

========================

Action Center:

============

wscsvc Service is not running. Checking service configuration:

Checking Start type: ATTENTION!=====> Unable to retrieve start type of wscsvc. The value does not exist.

Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of wscsvc. The value does not exist.

Unable to retrieve ServiceDll of wscsvc. The value does not exist.

Windows Update:

============

BITS Service is not running. Checking service configuration:

Checking Start type: ATTENTION!=====> Unable to retrieve start type of BITS. The value does not exist.

Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of BITS. The value does not exist.

The ServiceDll of BITS: "%windir%\System32\qmgr.dll".

Windows Autoupdate Disabled Policy:

============================

Windows Defender:

==============

WinDefend Service is not running. Checking service configuration:

Checking Start type: ATTENTION!=====> Unable to retrieve start type of WinDefend. The value does not exist.

Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of WinDefend. The value does not exist.

Unable to retrieve ServiceDll of WinDefend. The value does not exist.

Other Services:

==============

Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.

Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.

Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.

File Check:

========

C:\Windows\System32\nsisvc.dll => MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit

C:\Windows\System32\dhcpcore.dll => MD5 is legit

C:\Windows\System32\drivers\afd.sys

[2012-11-24 11:20] - [2010-11-20 01:23] - 0499712 ____A (Microsoft Corporation) D31DC7A16DEA4A9BAF179F3D6FBDB38C

C:\Windows\System32\drivers\tdx.sys => MD5 is legit

C:\Windows\System32\Drivers\tcpip.sys

[2012-11-24 11:20] - [2010-11-20 05:33] - 1924480 ____A (Microsoft Corporation) 509383E505C973ED7534A06B3D19688D

C:\Windows\System32\dnsrslvr.dll

[2012-11-24 11:20] - [2010-11-20 05:26] - 0183296 ____A (Microsoft Corporation) CD55F5355D8F55D44C9F4ED875705BD6

C:\Windows\System32\mpssvc.dll => MD5 is legit

C:\Windows\System32\bfe.dll => MD5 is legit

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit

C:\Windows\System32\SDRSVC.dll => MD5 is legit

C:\Windows\System32\vssvc.exe => MD5 is legit

C:\Windows\System32\wscsvc.dll => MD5 is legit

C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\System32\wuaueng.dll => MD5 is legit

C:\Windows\System32\qmgr.dll => MD5 is legit

C:\Windows\System32\es.dll => MD5 is legit

C:\Windows\System32\cryptsvc.dll => MD5 is legit

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

Link to post
Share on other sites

I am going to ask you to Download 5 registry fixes and to SAVE them to your Desktop (for ease of access).

Download and save to your Desktop each of these:

http://download.bleepingcomputer.com/win-services/7/BFE.reg

http://download.bleepingcomputer.com/win-services/7/BITS.reg

http://download.bleepingcomputer.com/win-services/7/MpsSvc.reg

http://download.bleepingcomputer.com/win-services/7/SharedAccess.reg

http://download.bleepingcomputer.com/win-services/7/wscsvc.reg

Next, for each one of these, one at a time

Do a RIGHT-click on each Reg file and select Merge

When all 5 are done,

Windows services

This will be a batch-fix .

  • Press the Windows-key on keyboard.
  • In the 10-16-2011%204-33-46%20PM.png box, type notepad and press Enter.
  • Highlight the contents of the following codebox, and copy and paste that text into NOTEPAD.
    @Echo off
    sc stop wuauserv
    sc stop bits
    sc config dcomlaunch start= auto
    sc config nsi start= auto
    sc config dhcp start= auto
    sc config rpcss start= auto
    sc config winmgmt start= auto
    sc config wscsvc start= delayed-auto
    sc config bits start= delayed-auto
    sc config wuauserv start= delayed-auto
    sc config sdrsvc start= manual
    sc config vss start= auto
    sc config eventlog start= auto
    sc config bfe start= auto
    sc config eventsystem start= auto
    sc start sdrsvc
    sc start vss
    sc start rpcss
    sc start eventsystem
    sc start bfe
    sc start bits
    sc start wuauserv
    shutdown -r -t 1
    del %0


  • Select File -> Save AS.
  • Press the Desktop button on the left side of the save dialog.
  • In the 10-16-2011%204-37-58%20PM.png box, type in Fix.bat.
  • Press 10-16-2011%204-36-39%20PM.png.
  • Close Notepad.
  • Right click Fix.bat on your desktop, and choose 10-16-2011%204-40-48%20PM.png.
  • Press Yes if prompted by User Account Control.

This procedure will do its tasks and then it will Restart Windows.

Step 2

Right-Click on fss.exe and select Run As Admisnitrator.

Answer Yes to ok when prompted.

If your firewall then puts out a prompt, again, allow it to run.

Once FSS is on-screen, be sure the following items are checkmarked:

  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center/Action Center
  • Windows Update
  • Windows Defender

Click on "Scan".

It will create a log (FSS.txt) in the same directory the tool is run.

Copy & Paste contents of FSS.txt into your reply.

Step 3

Do a new run of DDS

RIGHT-click dds.scr and select Run as Administrator to start the tool.

DDS will run in a command prompt window and will take 3 to 4 minutes or so.

  • When done, DDS will open two (2) logs:
  • DDS.txt
  • Attach.txt
  • Save both reports to your desktop.

Please Copy & Paste contents of the following logs in your next reply:

DDS.txt

Attach.txt

Link to post
Share on other sites

Farbar Service Scanner Version: 09-11-2012

Ran by Dell (administrator) on 25-11-2012 at 13:53:29

Running from "C:\Users\Dell\Desktop"

Windows 7 Home Premium Service Pack 1 (X64)

Boot Mode: Normal

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Yahoo IP is accessible.

Yahoo.com is accessible.

Windows Firewall:

=============

MpsSvc Service is not running. Checking service configuration:

The start type of MpsSvc service is OK.

The ImagePath of MpsSvc service is OK.

The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:

The start type of bfe service is OK.

The ImagePath of bfe service is OK.

The ServiceDll of bfe service is OK.

Firewall Disabled Policy:

==================

System Restore:

============

System Restore Disabled Policy:

========================

Action Center:

============

Windows Update:

============

Windows Autoupdate Disabled Policy:

============================

Windows Defender:

==============

WinDefend Service is not running. Checking service configuration:

Checking Start type: ATTENTION!=====> Unable to retrieve start type of WinDefend. The value does not exist.

Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of WinDefend. The value does not exist.

Unable to retrieve ServiceDll of WinDefend. The value does not exist.

Other Services:

==============

File Check:

========

C:\Windows\System32\nsisvc.dll => MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit

C:\Windows\System32\dhcpcore.dll => MD5 is legit

C:\Windows\System32\drivers\afd.sys

[2012-11-24 11:20] - [2010-11-20 01:23] - 0499712 ____A (Microsoft Corporation) D31DC7A16DEA4A9BAF179F3D6FBDB38C

C:\Windows\System32\drivers\tdx.sys => MD5 is legit

C:\Windows\System32\Drivers\tcpip.sys

[2012-11-24 11:20] - [2010-11-20 05:33] - 1924480 ____A (Microsoft Corporation) 509383E505C973ED7534A06B3D19688D

C:\Windows\System32\dnsrslvr.dll

[2012-11-24 11:20] - [2010-11-20 05:26] - 0183296 ____A (Microsoft Corporation) CD55F5355D8F55D44C9F4ED875705BD6

C:\Windows\System32\mpssvc.dll => MD5 is legit

C:\Windows\System32\bfe.dll => MD5 is legit

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit

C:\Windows\System32\SDRSVC.dll => MD5 is legit

C:\Windows\System32\vssvc.exe => MD5 is legit

C:\Windows\System32\wscsvc.dll => MD5 is legit

C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\System32\wuaueng.dll => MD5 is legit

C:\Windows\System32\qmgr.dll => MD5 is legit

C:\Windows\System32\es.dll => MD5 is legit

C:\Windows\System32\cryptsvc.dll => MD5 is legit

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.9.2

Run by Dell at 13:54:12 on 2012-11-25

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8055.6287 [GMT -5:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files\Dell\DellDock\DockLogin.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe

C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Subsonic\subsonic-service.exe

C:\Windows\SysWOW64\java.exe

C:\Program Files (x86)\Subsonic\subsonic-service.exe

C:\Windows\system32\vssvc.exe

C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\UI0Detect.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Users\Dell\AppData\Local\Akamai\netsession_win.exe

C:\Users\Dell\AppData\Local\Akamai\netsession_win.exe

C:\Program Files (x86)\Subsonic\subsonic-agent.exe

C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe

C:\Program Files (x86)\Dell\DellComms\bin\sprtcmd.exe

C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe

C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe

C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Windows\System32\vds.exe

C:\Windows\system32\svchost.exe -k HPService

C:\Windows\system32\sppsvc.exe

C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

mWinlogon: Userinit = userinit.exe,

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>

BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

uRun: [Driver Tool] C:\Program Files (x86)\Driver Tool\Driver Tool\DriverTool.exe /applicationMode:systemTray /showWelcome:false

uRun: [Akamai NetSession Interface] "C:\Users\Dell\AppData\Local\Akamai\netsession_win.exe"

uRun: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet

mRun: [Driver Genius] <no file>

mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\Subsonic.lnk - C:\Program Files (x86)\Subsonic\subsonic-agent.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB

DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

TCP: NameServer = 192.168.1.1 75.75.75.75 75.75.76.76

TCP: Interfaces\{AED9FAD7-25EB-44F3-A00D-C6DDA9EA23C0} : DHCPNameServer = 192.168.1.1 75.75.75.75 75.75.76.76

Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

SSODL: WebCheck - <orphaned>

x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

x64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

x64-RunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"

x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

x64-DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned>

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\xt5ee880.default\

FF - prefs.js: browser.startup.homepage - google.com

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-3-20 203888]

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-3-18 55280]

R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]

R2 PS3 Media Server;PS3 Media Server;C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe [2011-5-17 366872]

R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-3-18 656624]

R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-2 3064000]

R2 sprtsvc_DellComms;SupportSoft Sprocket Service (DellComms);C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe [2009-5-5 206064]

R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-11-16 369256]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-3-18 56344]

R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-3-18 321064]

S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-1-5 75624]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]

S3 libusb0;libusb-win32 - Kernel Driver 08/08/2012 0.0.0.0;C:\Windows\System32\drivers\libusb0.sys [2012-8-6 52320]

S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 98688]

S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]

S3 pmxdrv;pmxdrv;C:\Windows\System32\drivers\pmxdrv.sys [2012-11-4 38536]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-24 59392]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]

.

=============== Created Last 30 ================

.

2012-11-24 17:39:58 2622464 ----a-w- C:\Windows\System32\wucltux.dll

2012-11-24 17:39:21 99840 ----a-w- C:\Windows\System32\wudriver.dll

2012-11-24 17:39:01 36864 ----a-w- C:\Windows\System32\wuapp.exe

2012-11-24 17:39:01 186752 ----a-w- C:\Windows\System32\wuwebv.dll

2012-11-24 17:24:21 -------- d-----w- C:\Windows\System32\SPReview

2012-11-24 17:02:15 2560 ----a-w- C:\Windows\System32\drivers\en-US\rdpwd.sys.mui

2012-11-24 17:02:00 3072 ----a-w- C:\Windows\System32\drivers\en-US\tsusbflt.sys.mui

2012-11-24 17:00:17 6144 ----a-w- C:\Windows\System32\drivers\en-US\IPMIDrv.sys.mui

2012-11-24 17:00:06 4608 ----a-w- C:\Windows\System32\drivers\en-US\kbdclass.sys.mui

2012-11-24 16:20:59 867840 ----a-w- C:\Windows\System32\SearchFolder.dll

2012-11-24 16:19:59 98304 ----a-w- C:\Program Files\Common Files\System\msadc\msadcs.dll

2012-11-24 16:17:12 -------- d-----w- C:\Windows\System32\EventProviders

2012-11-24 16:12:44 -------- d-----w- C:\Program Files (x86)\Alcohol Soft

2012-11-24 14:30:07 560184 ----a-w- C:\Windows\System32\drivers\sptd.sys

2012-11-24 05:32:35 -------- d-----w- C:\inetpub

2012-11-24 05:01:17 -------- d-----w- C:\Users\Dell\AppData\Local\Diagnostics

2012-11-22 06:00:00 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C164E4EE-985B-4EE0-9B76-0C237E4DD05C}\mpengine.dll

2012-11-16 05:34:50 -------- d-sh--w- C:\Windows\Installer

2012-11-15 04:02:11 9291768 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-11-11 17:48:50 -------- d-----w- C:\Users\Dell\AppData\Roaming\foobar2000

2012-11-11 17:48:46 -------- d-----w- C:\Program Files (x86)\foobar2000

2012-11-06 21:59:08 -------- d-----w- C:\ProgramData\UAB

2012-11-06 21:59:04 -------- d-----w- C:\Users\Dell\AppData\Local\PC_Drivers_Headquarters

2012-11-06 21:48:31 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab

2012-11-05 20:49:34 -------- d-----w- C:\860e3683069cdb500293662bd3f529

2012-11-04 20:44:43 -------- d-----w- C:\ceaa744c065aad5f4f38216c556031

2012-11-04 20:42:03 -------- d-----w- C:\Program Files\Broadcom

2012-11-04 20:41:23 -------- d-----w- C:\Windows\Dell

2012-11-04 20:40:52 -------- d-----w- C:\Users\Dell\AppData\Local\Downloaded Installations

2012-11-04 20:31:36 38536 ----a-w- C:\Windows\System32\drivers\pmxdrv.sys

2012-11-04 20:05:49 -------- d-----w- C:\Users\Dell\AppData\Local\Akamai

2012-11-04 20:01:21 -------- d-----w- C:\Intel

2012-11-04 20:01:13 -------- d-----w- C:\swsetup

2012-11-04 01:05:32 -------- d-----w- C:\ProgramData\vsosdk

2012-10-27 06:42:24 96224 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe

.

==================== Find3M ====================

.

2012-11-24 17:18:16 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll

2012-11-24 17:18:15 175616 ----a-w- C:\Windows\System32\msclmd.dll

2012-11-10 19:20:22 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-11-10 19:20:21 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-11-03 21:52:54 99384 ----a-w- C:\Users\Dell\AppData\Roaming\inst.exe

2012-11-03 21:52:54 82816 ----a-w- C:\Windows\System32\drivers\pcouffin.sys

2012-11-03 21:52:54 82816 ----a-w- C:\Users\Dell\AppData\Roaming\pcouffin.sys

2012-10-18 05:06:56 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2012-10-18 05:06:53 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-09-30 00:54:26 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

.

============= FINISH: 13:55:08.12 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 7/31/2012 3:52:18 PM

System Uptime: 11/25/2012 1:49:42 PM (0 hours ago)

.

Motherboard: Dell Inc. | | 033FF6

Processor: Intel® Core i5 CPU 650 @ 3.20GHz | CPU 1 | 2912/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 1834 GiB total, 1570.763 GiB free.

D: is CDROM ()

E: is Removable

F: is Removable

G: is Removable

H: is Removable

I: is CDROM ()

J: is FIXED (NTFS) - 1863 GiB total, 632.83 GiB free.

K: is CDROM (UDF)

L: is FIXED (NTFS) - 466 GiB total, 24.056 GiB free.

M: is FIXED (NTFS) - 1862 GiB total, 313.421 GiB free.

N: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}

Description: Officejet 4500 G510n-z

Device ID: ROOT\MULTIFUNCTION\0000

Manufacturer: HP

Name: Officejet 4500 G510n-z

PNP Device ID: ROOT\MULTIFUNCTION\0000

Service:

.

Class GUID:

Description: WD SES Device USB Device

Device ID: USBSTOR\OTHER&VEN_WD&PROD_SES_DEVICE&REV_2003\574D415A4130313432363133&2

Manufacturer:

Name: WD SES Device USB Device

PNP Device ID: USBSTOR\OTHER&VEN_WD&PROD_SES_DEVICE&REV_2003\574D415A4130313432363133&2

Service:

.

==== System Restore Points ===================

.

RP37: 11/24/2012 11:17:32 AM - Windows 7 Service Pack 1

RP38: 11/24/2012 12:38:41 PM - Windows Update

RP39: 11/24/2012 1:30:19 PM - Windows Update

.

==== Installed Programs ======================

.

µTorrent

4500_G510nz_Help_Web

4500_K710_Help_web

4500G510nz_Software_Min

4500G510nz_web

4500K710_Software_Min

4500K710_Web

4Media iPod to PC Transfer

64 Bit HP CIO Components Installer

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader 9.1.2

Akamai NetSession Interface

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Banctec Service Agreement

Bonjour

Broadcom NetXtreme-I Netlink Driver and Management Installer

BufferChm

Combined Community Codec Pack 2011-11-11

Compatibility Pack for the 2007 Office system

ConvertXtoDVD 4.1.11.350

Cozi

Dell Communications (Support Software)

Dell DataSafe Local Backup

Dell DataSafe Local Backup - Support Software

Dell DataSafe Online

Dell Dock

Dell Edoc Viewer

Dell Getting Started Guide

Dell Support Center (Support Software)

Diablo III

Driver Genius Professional Edition

Driver Inspector

FINAL FANTASY VII

foobar2000 v1.1.16

GoToAssist 8.0.0.514

HP Officejet 4500 G510n-z

HP Officejet 4500 K710

iMacsoft iPod to PC Transfer

iTunes

Java 7 Update 9

Java Auto Updater

Java 6 Update 17 (64-bit)

Java 6 Update 33

Junk Mail filter update

Malwarebytes Anti-Malware version 1.65.1.1000

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Search Enhancement Pack

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Sync Framework Runtime Native v1.0 (x86)

Microsoft Sync Framework Services Native v1.0 (x86)

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Microsoft Works

Microsoft Xbox 360 Accessories 1.2

Mozilla Firefox 16.0.2 (x86 en-US)

Mozilla Maintenance Service

Mozilla Thunderbird 14.0 (x86 en-GB)

MSVCRT

Network64

NVIDIA 3D Vision Driver 263.11

NVIDIA Control Panel 263.11

NVIDIA Graphics Driver 263.11

NVIDIA HD Audio Driver 1.1.12.1

NVIDIA Install Application

NVIDIA PhysX

NVIDIA PhysX System Software 9.10.0514

NVIDIA Stereoscopic 3D Driver

Package: Google Nexus 7 ToolKit

PowerDVD DX

PS3 Media Server

PunkBuster Services

Razer Synapse 2.0

Realtek High Definition Audio Driver

Roxio Burn

Scan

Security Update for CAPICOM (KB931906)

SixaxisPairTool 0.1

SixaxisPairTool 0.2.3

Skype Click to Call

Skype™ 5.10

StarCraft II

Steam

Subsonic

System Requirements Lab for Intel

Toolbox

WebReg

WildTangent Games

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Mail

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Gallery

Windows Live Sign-in Assistant

Windows Live Sync

Windows Live Toolbar

Windows Live Upload Tool

Windows Live Writer

WinRAR 4.20 (64-bit)

Wolfenstein - Enemy Territory

Yahoo! Messenger

Yahoo! Software Update

.

==== End Of File ===========================

Link to post
Share on other sites

Use Control Panel >> Programs and Features and remove these 2 older Java runtimes

Java 6 Update 17 (64-bit)

Java 6 Update 33

Flush for Windows Automatic Updates old downloads:

You may delete all files / sub-folders in this folder C:\WINDOWS\SoftwareDistribution\Download

First, start a Command prompt and stop the Windows Update service (Note you will lose all updates downloaded in the queu. They will re-download eventually after the cleanups. )

From Start menu, select RUN

type in CMD

a Command prompt window will open. Type in

net stop wuauserv

switch to Windows Explorer

locate folder C:\WINDOWS\SoftwareDistribution\Download

select ALL it's contents

press SHIFT-key+DEL key

Answer Yes to permanently delete the files in that folder

After you have finished, switch back to Command window. Type in

net start wuauserv

Exit (close) command-prompt

Now try a new visit to Windows Update and tell us what the result is.

Link to post
Share on other sites

You indicate 1 item did not update. do a new Windows Update run. But don't get anything.

On the left side, click on View Update History (upper left-pane)

Any recent ones you see marked Failed

then double click to get a popup window. Get the error details code

Link to post
Share on other sites

Use NOTEPAD or a pad of paper to document the changes you make so that you can revert them back when you are done.

Put the computer in clean boot state before proceeding with a new Windows Update run.

Note: After installation of updates, follow Step 7 in the provided link to return your computer to Normal startup mode.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.