it wont let me do a system restore, "system restore has been disabled my the administrator"
Here's my DDS Logs;
DDS (Ver_11-03-05.01) - NTFSx86
Run by Michael at 23:45:01.36 on 09/04/2011
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_22
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.44.1033.18.703.156 [GMT 1:00]
.
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\TEMP\nfcs\setup.exe
C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
C:\Windows\system32\IoctlSvc.exe
C:\ProgramData\ScanQuery\scanquery117.exe
C:\Program Files\PC Tools Security\pctsAuxs.exe
C:\Program Files\PC Tools Security\pctsSvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\PC Tools Security\pctsGui.exe
C:\ProgramData\TVersity\Media Server\MediaServer.exe
C:\Windows\system32\rundll32.exe
C:\Windows\Knuxoa.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ScanQuery\scanquery.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\PC Tools Security\BDT\FGuard.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\rundll32.exe
C:\Users\Michael\AppData\Local\Temp\winamp.exe
C:\Users\Michael\AppData\Local\Temp\taskmgr.exe
C:\Users\Michael\AppData\Local\Temp\win16.exe
c:\Program Files\Microsoft Silverlight\4.0.60129.0\agcp.exe
C:\Users\Michael\AppData\Local\Temp\Kl6.exe
C:\Windows\system32\rundll32.exe
C:\Users\Michael\AppData\Local\Temp\Kl3.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Michael\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
mSearchAssistant = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
uURLSearchHooks: FCToolbarURLSearchHook Class: {b843a48a-b70f-45cd-a15a-6c2b30c2c11e} - c:\program files\gamers unite! snag bar\Helper.dll
uURLSearchHooks: H - No File
uURLSearchHooks: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll
mURLSearchHooks: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll
BHO: c:\windows\system32\g67sir.dll: {b1b220c1-a500-99bd-f110-04b53a2c8952} - c:\windows\system32\g67sir.dll
TB: N/A: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Gamers Unite! Snag Bar: {25515a79-c1c7-4b97-97f8-31a711694487} - c:\program files\gamers unite! snag bar\Toolbar.dll
TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Google Update] "c:\users\michael\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [W5E7SH31DG] c:\users\michael\appdata\local\temp\Kl3.exe
uRun: [Lbesahigafekut] rundll32.exe "c:\users\michael\appdata\local\insExi.dll",Startup
uRun: [{88B10A1A-875E-3835-B96D-F54B7DF74FDB}] c:\users\michael\appdata\roaming\etpyn\uvra.exe
uRun: [{6333E559-97EF-45E9-C1CC-9B448CE4D33A}] c:\users\michael\appdata\roaming\xuyki\emnua.exe
uRun: [Lvdmfeefnwg] c:\users\michael\appdata\local\temp\spoolsv.exe
uRun: [Lvdmfeefnb] c:\users\michael\appdata\local\temp\mdm.exe
uRun: [Lvdmfeefnwpc] c:\users\michael\appdata\local\temp\services.exe
uRun: [MqrMc] c:\windows\gdi32.exe
uRun: [Mqstc] c:\windows\msmgm.exe
uRun: [Lvdmfeefnvc] c:\users\michael\appdata\local\temp\user.exe
uRun: [LvdmfeefnfQ] c:\users\michael\appdata\local\temp\win16.exe
uRun: [Lvdmfeefnoc] c:\users\michael\appdata\local\temp\debug.exe
uRun: [Mqtw+] c:\windows\nvsvc32.exe
uRun: [Mquwe] c:\windows\sysmgm.exe
uRun: [Mque] c:\windows\user.exe
uRun: [Lvdmfeefntg] c:\users\michael\appdata\local\temp\wininst.exe
uRun: [Mqvpe] c:\windows\winamp.exe
uRun: [Mqrtc] c:\windows\hexdump.exe
uRun: [Lvdmfeefnd] c:\users\michael\appdata\local\temp\avp.exe
uRun: [Lvdmfeefnte] c:\users\michael\appdata\local\temp\msmgm.exe
uRun: [GAGEZ8R8ZB] c:\windows\Knuxoa.exe
uRun: [Mqqsc] c:\windows\drweb.exe
uRun: [Lvdmfeefnwe] c:\users\michael\appdata\local\temp\setup.exe
uRun: [LvdmfeefnzZ] c:\users\michael\appdata\local\temp\sysmgm.exe
uRun: [Lvdmfeefnz9] c:\users\michael\appdata\local\temp\nvsvc32.exe
uRun: [Mqqoc] c:\windows\debug.exe
uRun: [Lvdmfeefnrc] c:\users\michael\appdata\local\temp\winamp.exe
uRun: [Lvdmfeefnxb] c:\users\michael\appdata\local\temp\sysedit.exe
uRun: [{2DFB306D-3052-88DB-F333-0A60E4676CCC}] c:\users\michael\appdata\roaming\maysfo\deyni.exe
uRun: [Mqvre] c:\windows\wininst.exe
uRun: [Lvdmfeefnqg] c:\users\michael\appdata\local\temp\hexdump.exe
uRun: [Lvdmfeefntpf] c:\users\michael\appdata\local\temp\iexplarer.exe
uRun: [LvdmfeefneP] c:\users\michael\appdata\local\temp\avp32.exe
uRun: [Lvdmfeefnsb] c:\users\michael\appdata\local\temp\drweb.exe
uRun: [Lvdmfeefnth] c:\users\michael\appdata\local\temp\svchost.exe
uRun: [LvdmfeefnZP] c:\users\michael\appdata\local\temp\gdi32.exe
uRun: [Lvdmfeefnqe] c:\users\michael\appdata\local\temp\login.exe
uRun: [Mqurb] c:\windows\taskmgr.exe
uRun: [Lvdmfeefnsd] c:\users\michael\appdata\local\temp\taskmgr.exe
uRun: [MqpSc] c:\windows\avp32.exe
uRun: [Mqutc] c:\windows\sysedit.exe
uRun: [Mqutc] c:\windows\sysedit.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [SoundMAXPnP] c:\program files\analog devices\soundmax\SMax4PNP.exe
mRun: [SoundMAX] "c:\program files\analog devices\soundmax\SMax4.exe" /tray
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [Lvdmfeefnwg] c:\users\michael\appdata\local\temp\spoolsv.exe
mRun: [Lvdmfeefnb] c:\users\michael\appdata\local\temp\mdm.exe
mRun: [Lvdmfeefnwpc] c:\users\michael\appdata\local\temp\services.exe
mRun: [MqrMc] c:\windows\gdi32.exe
mRun: [Mqstc] c:\windows\msmgm.exe
mRun: [Lvdmfeefnvc] c:\users\michael\appdata\local\temp\user.exe
mRun: [LvdmfeefnfQ] c:\users\michael\appdata\local\temp\win16.exe
mRun: [Lvdmfeefnoc] c:\users\michael\appdata\local\temp\debug.exe
mRun: [Mqtw+] c:\windows\nvsvc32.exe
mRun: [Mquwe] c:\windows\sysmgm.exe
mRun: [Mque] c:\windows\user.exe
mRun: [Abatohufajel] rundll32.exe "c:\users\michael\appdata\local\okobejukoze.dll",Startup
mRun: [Lvdmfeefntg] c:\users\michael\appdata\local\temp\wininst.exe
mRun: [Mqvpe] c:\windows\winamp.exe
mRun: [Mqrtc] c:\windows\hexdump.exe
mRun: [Lvdmfeefnd] c:\users\michael\appdata\local\temp\avp.exe
mRun: [Lvdmfeefnte] c:\users\michael\appdata\local\temp\msmgm.exe
mRun: [Mqqsc] c:\windows\drweb.exe
mRun: [Lvdmfeefnwe] c:\users\michael\appdata\local\temp\setup.exe
mRun: [LvdmfeefnzZ] c:\users\michael\appdata\local\temp\sysmgm.exe
mRun: [Lvdmfeefnz9] c:\users\michael\appdata\local\temp\nvsvc32.exe
mRun: [Mqqoc] c:\windows\debug.exe
mRun: [Lvdmfeefnrc] c:\users\michael\appdata\local\temp\winamp.exe
mRun: [Lvdmfeefnxb] c:\users\michael\appdata\local\temp\sysedit.exe
mRun: [Mqvre] c:\windows\wininst.exe
mRun: [Lvdmfeefnqg] c:\users\michael\appdata\local\temp\hexdump.exe
mRun: [ISTray] "c:\program files\pc tools security\pctsGui.exe" /hideGUI
mRun: [PCTools FGuard] c:\program files\pc tools security\bdt\FGuard.exe
mRun: [Lvdmfeefntpf] c:\users\michael\appdata\local\temp\iexplarer.exe
mRun: [LvdmfeefneP] c:\users\michael\appdata\local\temp\avp32.exe
mRun: [Lvdmfeefnsb] c:\users\michael\appdata\local\temp\drweb.exe
mRun: [Lvdmfeefnth] c:\users\michael\appdata\local\temp\svchost.exe
mRun: [LvdmfeefnZP] c:\users\michael\appdata\local\temp\gdi32.exe
mRun: [Lvdmfeefnqe] c:\users\michael\appdata\local\temp\login.exe
mRun: [Mqurb] c:\windows\taskmgr.exe
mRun: [Lvdmfeefnsd] c:\users\michael\appdata\local\temp\taskmgr.exe
mRun: [MqpSc] c:\windows\avp32.exe
mRun: [Mqutc] c:\windows\sysedit.exe
dRun: [W5E7SH31DG] c:\windows\temp\Kl1.exe
uPolicies-explorer: HideSCAHealth = 1 (0x1)
uPolicies-explorer: NoFolderOptions = 1 (0x1)
uPolicies-system: DisableRegistryTools = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: {59EB024F-4AA1-424C-95DE-4054B35D5306} = 192.168.0.1
.
============= SERVICES / DRIVERS ===============
.
R?2 AMService;AMService;c:\windows\temp\nfcs\setup.exe run --> c:\windows\temp\nfcs\setup.exe run [?]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2011-4-9 239168]
R0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [2011-4-9 338880]
R0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [2011-4-9 656320]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\pc tools security\bdt\BDTUpdateService.exe [2011-4-9 247760]
R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr28u.sys [2009-6-10 657408]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 62464]
S3 PsSdk41;PsSdk41;c:\windows\system32\drivers\pssdk41.sys [2011-2-1 36928]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-21 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 25600]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 112640]
.
=============== Created Last 30 ================
.
2011-04-09 21:16:34 15968 ---h--w- c:\windows\avp32.exe
2011-04-09 21:16:31 16220 ---h--w- c:\windows\sysedit.exe
2011-04-09 18:32:20 15968 ---h--w- c:\windows\winlogon.exe
2011-04-09 18:32:08 15968 ---h--w- c:\windows\taskmgr.exe
2011-04-09 17:37:49 -------- d-----w- c:\program files\ScanQuery
2011-04-09 17:37:49 -------- d-----w- c:\progra~2\ScanQuery
2011-04-09 17:35:38 -------- d-----w- c:\users\michael\appdata\local\_
2011-04-09 16:55:15 -------- d-----w- c:\program files\CCleaner
2011-04-09 15:47:47 767952 ----a-w- c:\windows\BDTSupport.dll
2011-04-09 15:47:47 149456 ----a-w- c:\windows\SGDetectionTool.dll
2011-04-09 15:47:46 1996752 ----a-w- c:\windows\PCTBDCore.dll
2011-04-09 15:47:46 1533904 ----a-w- c:\windows\PCTBDRes.dll
2011-04-09 14:18:59 656320 ----a-w- c:\windows\system32\drivers\pctEFA.sys
2011-04-09 14:18:59 338880 ----a-w- c:\windows\system32\drivers\pctDS.sys
2011-04-09 14:18:50 249616 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2011-04-09 14:18:50 102184 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys
2011-04-09 14:17:13 239168 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2011-04-09 14:17:13 160448 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2011-04-09 14:16:20 70536 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2011-04-09 14:15:22 -------- d-----w- c:\program files\common files\PC Tools
2011-04-09 14:15:19 -------- d-----w- c:\users\michael\appdata\roaming\PC Tools
2011-04-09 14:15:19 -------- d-----w- c:\progra~2\PC Tools
2011-04-09 14:15:18 -------- d-----w- c:\program files\PC Tools Security
2011-04-09 13:40:32 16220 ---h--w- c:\windows\wininst.exe
2011-04-09 13:29:58 -------- d-----w- c:\users\michael\appdata\roaming\Tyviho
2011-04-09 13:29:58 -------- d-----w- c:\users\michael\appdata\roaming\Maysfo
2011-04-09 13:23:00 15968 ---h--w- c:\windows\debug.exe
2011-04-09 12:04:50 15968 ---h--w- c:\windows\drweb.exe
2011-04-09 11:54:10 15968 ---h--w- c:\windows\hexdump.exe
2011-04-09 11:54:09 15968 ---h--w- c:\windows\winamp.exe
2011-04-09 11:49:31 135168 --sha-r- c:\windows\system32\wshextf.dll
2011-04-09 11:49:00 0 ----a-w- c:\users\michael\appdata\local\Wzexadomipusovom.bin
2011-04-09 11:48:56 -------- d-----w- c:\users\michael\appdata\local\{9F925008-3199-4DEF-8FF6-C71839F7CEC7}
2011-04-09 11:48:06 15968 ---h--w- c:\windows\gdi32.exe
2011-04-09 11:48:05 15968 ---h--w- c:\windows\user.exe
2011-04-09 11:48:03 16220 ---h--w- c:\windows\nvsvc32.exe
2011-04-09 11:47:59 15968 ---h--w- c:\windows\msmgm.exe
2011-04-09 11:47:42 50000 ----a-w- c:\windows\system32\ryvrilo.dll
2011-04-09 11:47:42 50000 ----a-w- c:\windows\system32\g67sir.dll
2011-04-09 11:47:31 -------- d-----w- c:\users\michael\appdata\roaming\Xuyki
2011-04-09 11:47:31 -------- d-----w- c:\users\michael\appdata\roaming\Xiimyq
2011-04-09 11:47:29 -------- d-----w- c:\users\michael\appdata\roaming\Ycoz
2011-04-09 11:47:28 -------- d-----w- c:\users\michael\appdata\roaming\Etpyn
2011-04-09 11:47:15 161792 ----a-w- c:\windows\Knuxoa.exe
2011-04-09 02:59:48 344064 --sha-w- c:\users\michael\appdata\local\jcn.exe
2011-04-09 02:59:47 344064 --sha-w- c:\users\michael\appdata\local\ftr.exe
2011-04-05 16:37:11 -------- d-----w- c:\users\michael\appdata\roaming\Malwarebytes
2011-04-05 16:37:04 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-05 16:37:03 -------- d-----w- c:\progra~2\Malwarebytes
2011-04-05 16:37:00 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-05 16:37:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-04 22:54:06 -------- d-----w- c:\program files\Facebook FriendAdder
2011-03-31 00:43:04 -------- d-----w- c:\users\michael\appdata\local\jagexlauncher
2011-03-30 23:41:24 -------- d-----w- c:\windows\.jagex_cache_32
2011-03-28 21:18:54 -------- d-----w- c:\program files\Gamers Unite! Snag Bar
2011-03-26 20:57:32 -------- d-----w- c:\users\michael\appdata\roaming\SynthMaker
2011-03-26 20:54:54 -------- d-----w- c:\users\michael\appdata\roaming\Acoustica
2011-03-26 20:54:53 57344 ----a-w- c:\windows\system32\Wnaspint.dll
2011-03-26 20:53:33 -------- d-----w- c:\program files\Acoustica Shared Effects
2011-03-26 20:50:34 -------- d-----w- c:\program files\Acoustica Mixcraft 5
2011-03-26 20:50:34 -------- d-----w- c:\progra~2\Acoustica
2011-03-25 23:03:01 -------- d-----w- c:\users\michael\appdata\local\Ahead
2011-03-25 20:32:24 -------- d-----w- c:\program files\Nero
2011-03-18 19:11:07 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2011-03-18 19:09:48 -------- d-----w- c:\program files\Microsoft Expression
2011-03-18 19:09:41 -------- d-----w- c:\program files\WPF Toolkit
2011-03-18 18:55:33 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2011-03-18 18:55:33 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2011-03-18 18:55:30 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
2011-03-18 18:55:30 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2011-03-18 18:55:30 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2011-03-18 18:55:28 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
2011-03-18 18:53:47 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-03-18 18:53:45 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2011-03-18 18:53:43 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2011-03-18 18:52:05 -------- d-----w- c:\windows\system32\xlive
2011-03-18 18:52:02 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2011-03-18 18:50:39 -------- d-----w- c:\program files\Microsoft XNA
2011-03-18 18:47:37 100512 ----a-w- c:\progra~2\microsoft\vpdexpress\10.0\1033\ResourceCache.dll
2011-03-18 18:43:20 -------- d-----w- c:\program files\Microsoft Help Viewer
2011-03-18 18:40:57 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0
2011-03-18 18:38:23 -------- d-----w- c:\program files\Microsoft XDE
2011-03-18 18:38:09 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2011-03-18 18:25:43 -------- d-----w- c:\windows\PCHEALTH
2011-03-15 00:03:29 -------- d-----w- c:\windows\system32\appmgmt
2011-03-13 15:48:26 -------- d-----w- c:\users\michael\appdata\local\Thunderbird
2011-03-11 13:49:18 -------- d-----w- c:\program files\Datel
2011-03-11 12:25:39 -------- d-----w- c:\progra~2\vsosdk
2011-03-11 11:02:30 87608 ----a-w- c:\users\michael\appdata\roaming\inst.exe
2011-03-11 11:02:30 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2011-03-11 11:02:30 47360 ----a-w- c:\users\michael\appdata\roaming\pcouffin.sys
2011-03-11 10:49:52 65602 ----a-w- c:\windows\system32\cook3260.dll
2011-03-11 10:49:52 217127 ----a-w- c:\windows\system32\drv43260.dll
2011-03-11 10:49:52 208935 ----a-w- c:\windows\system32\drv33260.dll
2011-03-11 10:49:52 176165 ----a-w- c:\windows\system32\drv23260.dll
2011-03-11 10:49:52 102439 ----a-w- c:\windows\system32\sipr3260.dll
2011-03-11 01:15:08 -------- d-----w- c:\progra~2\Nero
2011-03-11 01:14:20 235100 ----a-w- c:\windows\system32\drivers\MidiSyn.sys
2011-03-11 01:12:30 696320 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iKernel.dll
2011-03-11 01:12:30 57344 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\ctor.dll
2011-03-11 01:12:30 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\DotNetInstaller.exe
2011-03-11 01:12:30 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2011-03-11 01:12:30 237568 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iscript.dll
2011-03-11 01:12:30 155648 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iuser.dll
2011-03-11 01:12:29 282756 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\setup.dll
2011-03-11 01:12:29 163972 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iGdi.dll
2011-03-11 00:45:33 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2011-03-11 00:45:32 -------- d-----w- c:\program files\ffdshow
2011-03-11 00:41:51 -------- d-----w- c:\program files\TVersity Codec Pack
2011-03-11 00:41:40 -------- d-----w- c:\progra~2\TVersity
.
==================== Find3M ====================
.
2011-01-29 16:03:48 472808 ----a-w- c:\windows\system32\deployJava1.dll
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7601 Disk: Maxtor_6K040L0 rev.NAR61HA0 -> Harddisk0\DR0 -> \Device\Ide\IdePort0 P0T0L0-0
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys PCTCore.sys ACPI.sys halmacpi.dll >>UNKNOWN [0x85841439]<<
c:\windows\system32\drivers\PCTCore.sys PC Tools Kernel Driver Suite
_asm { PUSH EBP; MOV EBP, ESP; PUSH ECX; MOV EAX, [EBP+0x8]; CMP EAX, [0x858477d0]; MOV EAX, [0x8584784c]; PUSH EBX; PUSH ESI; MOV ESI, [EBP+0xc]; MOV EBX, [ESI+0x60]; PUSH EDI; JNZ 0x20; MOV [EBP+0x8], EAX; }
1 ntkrnlpa!IofCallDriver[0x8288652F] -> \Device\Harddisk0\DR0[0x854D7610]
3 CLASSPNP[0x871A859E] -> ntkrnlpa!IofCallDriver[0x8288652F] -> [0x854D7E40]
5 PCTCore[0x8324C099] -> ntkrnlpa!IofCallDriver[0x8288652F] -> [0x8520B918]
7 ACPI[0x82FAC3D4] -> ntkrnlpa!IofCallDriver[0x8288652F] -> \IdeDeviceP0T0L0-0[0x84589610]
\Driver\atapi[0x854D7210] -> IRP_MJ_CREATE -> 0x85841439
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX; MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ; REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; PUSHA ; MOV CX, 0x147; MOV BP, 0x62a; ROR BYTE [BP+0x0], CL; INC BP; }
detected disk devices:
\Device\Ide\IdeDeviceP0T0L0-0 -> \??\IDE#DiskMaxtor_6K040L0__________________________NAR61HA0#5&19606f25&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
user != kernel MBR !!!
sectors 80293246 (+255): user != kernel
Warning: possible TDL4 rootkit infection !
TDL4 rootkit infection detected ! Use: "mbr.exe -f" to fix.
.
============= FINISH: 23:47:50.52 ===============
And heres my Attach;
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 27/01/2011 23:22:12
System Uptime: 09/04/2011 22:53:18 (1 hours ago)
.
Motherboard: ASUSTeK Computer Inc. | | K8V-MX
Processor: AMD Sempron(tm) Processor 2800+ | Socket 754 | 1600/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 38 GiB total, 13.895 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: MAC Bridge Miniport
Device ID: ROOT\MS_BRIDGEMP\0000
Manufacturer: Microsoft
Name: MAC Bridge Miniport
PNP Device ID: ROOT\MS_BRIDGEMP\0000
Service: BridgeMP
.
Class GUID:
Description:
Device ID: ACPI\ATK0110\1010110
Manufacturer:
Name:
PNP Device ID: ACPI\ATK0110\1010110
Service:
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Acoustica Effects Pack
Acoustica Mixcraft 5
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Ask Toolbar
Browser Defender 3.0
CCleaner
Download Updater (AOL LLC)
ffdshow [rev 3154] [2009-12-09]
Foxit Reader
Gamers Unite! Snag Bar
GIMP 2.6.11
Google Chrome
Java Auto Updater
Java(TM) 6 Update 22
JDownloader
Malwarebytes' Anti-Malware
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Application Error Reporting
Microsoft Expression Blend 3 SDK
Microsoft Expression Blend 4
Microsoft Expression Blend 4 Add-in for Adobe FXG Import
Microsoft Expression Blend SDK for .NET 4
Microsoft Expression Blend SDK for Silverlight 4
Microsoft Expression Blend SDK for Windows Phone 7
Microsoft Games for Windows - LIVE Redistributable
Microsoft Help Viewer 1.0
Microsoft Silverlight
Microsoft Silverlight 3 SDK
Microsoft Silverlight 4 SDK
Microsoft Silverlight Tools for Visual Studio 2010
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual Studio 2010 Express for Windows Phone - ENU
Microsoft Windows Phone 7 Developer Resources
Microsoft Windows Phone Developer Tools - ENU
Microsoft XNA Framework Redistributable 4.0
Microsoft XNA Game Studio 4.0
Microsoft XNA Game Studio 4.0 (ARP entry)
Microsoft XNA Game Studio 4.0 (Redists)
Microsoft XNA Game Studio 4.0 (Shared Components)
Microsoft XNA Game Studio 4.0 (Visual Studio)
Microsoft XNA Game Studio 4.0 (XnaLiveProxy)
Microsoft XNA Game Studio 4.0 Documentation
Microsoft XNA Game Studio 4.0 Windows Phone Extensions
Microsoft XNA Game Studio Platform Tools
Mozilla Thunderbird (3.1.9)
MSVCRT Redists
Nero 7 Premium
neroxml
ScanQuery 1.0 build 117 powered by FIRST SEARCHBAR
SoundMAX
Spyware Doctor 8.0
TVersity Codec Pack 1.4
TVersity Media Server 1.9.3
Vegas Pro 10.0
Windows Phone 7 Add-in for Visual Studio 2010 - ENU
Windows Phone Emulator - ENU
WinPcap 4.1.1
WinZip 15.0
WPF Toolkit February 2010 (Version 3.5.50211.1)
XPort 360
.
==== Event Viewer Messages From Past Week ========
.
09/04/2011 23:24:14, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file.
09/04/2011 22:53:28, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware.
09/04/2011 22:47:34, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
09/04/2011 22:47:23, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
09/04/2011 22:47:23, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
09/04/2011 21:53:29, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
09/04/2011 21:53:29, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
09/04/2011 21:52:45, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
09/04/2011 21:52:45, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
09/04/2011 21:52:39, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
09/04/2011 21:52:31, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
09/04/2011 21:52:24, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000008e (0xc0000005, 0x82a41f3e, 0x8490b864, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 040911-24921-01.
09/04/2011 21:52:21, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache spldr vmm Wanarpv6
09/04/2011 21:46:44, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x00000074, 0x00000002, 0x00000001, 0x8289f92b). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 040911-35500-01.
09/04/2011 19:46:18, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD CSC DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vmm vwififlt Wanarpv6 WfpLwf
09/04/2011 19:46:18, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
09/04/2011 19:46:18, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
09/04/2011 19:46:18, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
09/04/2011 19:46:18, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
09/04/2011 19:46:18, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
09/04/2011 19:46:17, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
09/04/2011 19:46:17, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
09/04/2011 19:46:17, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
09/04/2011 19:46:17, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
09/04/2011 19:46:17, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
09/04/2011 19:20:21, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
09/04/2011 19:18:17, Error: Service Control Manager [7031] - The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
09/04/2011 19:18:17, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
09/04/2011 19:18:17, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
09/04/2011 19:18:17, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
09/04/2011 19:18:17, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
09/04/2011 19:18:17, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
09/04/2011 19:18:17, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
09/04/2011 19:18:17, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
09/04/2011 19:18:17, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
09/04/2011 19:18:17, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
09/04/2011 19:18:17, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
09/04/2011 19:18:17, Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
09/04/2011 19:18:17, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
09/04/2011 18:50:28, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the following error: An instance of the service is already running.
09/04/2011 18:48:23, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
09/04/2011 18:24:45, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070420'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
09/04/2011 17:56:13, Error: Service Control Manager [7034] - The AMService service terminated unexpectedly. It has done this 1 time(s).
09/04/2011 17:12:34, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Computer Browser service, but this action failed with the following error: An instance of the service is already running.
09/04/2011 17:11:35, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error: An instance of the service is already running.
09/04/2011 17:10:34, Error: Service Control Manager [7031] - The Computer Browser service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
09/04/2011 16:38:07, Error: Service Control Manager [7030] - The AMService service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
09/04/2011 16:22:11, Error: Service Control Manager [7034] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 3 time(s).
09/04/2011 16:22:11, Error: Service Control Manager [7034] - The User Profile Service service terminated unexpectedly. It has done this 3 time(s).
09/04/2011 16:22:11, Error: Service Control Manager [7034] - The Themes service terminated unexpectedly. It has done this 3 time(s).
09/04/2011 16:22:11, Error: Service Control Manager [7034] - The Task Scheduler service terminated unexpectedly. It has done this 3 time(s).
09/04/2011 16:22:11, Error: Service Control Manager [7034] - The System Event Notification Service service terminated unexpectedly. It has done this 3 time(s).
09/04/2011 16:22:10, Error: Service Control Manager [7034] - The Server service terminated unexpectedly. It has done this 3 time(s).
09/04/2011 16:22:10, Error: Service Control Manager [7034] - The IP Helper service terminated unexpectedly. It has done this 3 time(s).
09/04/2011 16:22:10, Error: Service Control Manager [7034] - The Group Policy Client service terminated unexpectedly. It has done this 3 time(s).
09/04/2011 16:22:10, Error: Service Control Manager [7034] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 3 time(s).
09/04/2011 16:22:10, Error: Service Control Manager [7034] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 3 time(s).
09/04/2011 16:22:10, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
09/04/2011 16:02:43, Error: Service Control Manager [7034] - The Windows Update service terminated unexpectedly. It has done this 2 time(s).
09/04/2011 16:02:43, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
09/04/2011 16:02:43, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
09/04/2011 16:02:43, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
09/04/2011 16:02:43, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
09/04/2011 16:02:43, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
09/04/2011 16:02:43, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
09/04/2011 16:02:43, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
09/04/2011 16:02:43, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
09/04/2011 16:02:43, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
09/04/2011 16:02:43, Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
09/04/2011 15:43:08, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
09/04/2011 15:42:27, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service NMIndexingService with arguments "" in order to run the server: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
09/04/2011 15:42:26, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the NMIndexingService service to connect.
09/04/2011 15:42:26, Error: Service Control Manager [7000] - The NMIndexingService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
09/04/2011 15:39:01, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.
09/04/2011 15:31:00, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the PC Tools Security Service service to connect.
09/04/2011 15:31:00, Error: Service Control Manager [7000] - The PC Tools Security Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
09/04/2011 15:29:56, Error: Service Control Manager [7034] - The PC Tools Security Service service terminated unexpectedly. It has done this 1 time(s).
09/04/2011 15:18:41, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
09/04/2011 15:16:25, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
09/04/2011 12:34:12, Error: Service Control Manager [7034] - The SoundMAX Agent Service service terminated unexpectedly. It has done this 1 time(s).
09/04/2011 04:12:17, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
05/04/2011 17:36:38, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
05/04/2011 17:24:40, Error: Service Control Manager [7034] - The TVersity Media Server service terminated unexpectedly. It has done this 1 time(s).
05/04/2011 17:24:36, Error: Service Control Manager [7034] - The PLFlash DeviceIoControl Service service terminated unexpectedly. It has done this 1 time(s).
05/04/2011 17:24:33, Error: Service Control Manager [7034] - The NMIndexingService service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================
Thanks.
Michael.