Germak

Internet Explorer did not finish installing For more information see internet explorer troubleshooter. Do you think the missing files reported in HJT might have some influence on this? I tried following all of the steps/links from the URL you sent me in the last post. Sorry I did not respond to you last night, I kept hitting refresh until I passed out. Today I discovered that you had responded at 3:07am my time and I passed out about 4:30am my time... Only this afternoon did I notice that MB/Forum had gone to a second page and refreshing the screen to get to the next post only works when it is on the same page DOH!! LoL My bad. I ran the uninstaller fixit at that link and it said I had the wrong OS/MSIE version for the fixit. I checked my date and it was correct, but when I tried to sync with NTP servers all I got was an error occurred when synchroniz... I did the manual uninstall command for MSIE9 and it said the folder did not exist. I did follow the steps in order and tried from appwiz.cpl in the "updates>windows" section and found Windows Internet Explorer listed there. Uninstalled it normally. Now MSIE 8 has the same issues that IE9 had. The last thing I did was a failed attempt at installing the MSIE9 from the download link you sent me. Prior to that I tried to get my updates for MSIE8 cumulative security update and the Win7x64 security update that Automagic Updates offered me. It will not install. Should I continue with all of the troubleshooting steps for failed installation from that link? Or, dou you have a better Idea?

Google forgot me after ccleaner was run MSIE is still slower than molasses coming from a tree in Antarctica. The computer, overall is performing much better. BSOD is a thing of the past and I am seeing signs of hope for this thing. You are making it happen! Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Database version: v2012.11.22.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 AJAH :: SCOTT-PC [administrator] 11/22/2012 2:37:25 AM mbam-log-2012-11-22 (02-37-25).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 236178 Time elapsed: 2 minute(s), 33 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) --- Please help us to improve HijackThis by reporting this error Click 'Yes' to submit Error Details: An unexpected error has occurred at proceedure: modRegistry_IniGetString(sFile=system.ini, sSection=boot, sValue=Shell) Error #5 - Invalid proceedure call or argument Windows Version: Windows NT 6.01.3505 MSIE version: 9.0.8112.16421 HijackThis version 2.0.4 Yes No Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 2:52:14 AM, on 11/22/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16455) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Users\AJAH\Desktop\HijackThis.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O3 - Toolbar: (no name) - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - (no file) O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.netflix.com O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1352871757167 O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com//activex/ractrl.cab?lmi=928 O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 6680 bytes

Would this be a bad time to uninstall Norton completely and run the Norton Product Remover?

Greetings! I followed the instructions and MSIE still not working as it should. Still hangs and opens webpaged very slowly. Google Chrome still works wonderfully and there is no sign of bsod anymore. Even after a failed attempt at browsing in msie9.

I just tried to load malwarebytes.org in msie and it is still taking several minutes to load... if it does. Powering don the modem seems to have helped with my internet connection, but only in non msie apps.

Okay, tracert to malwarebytes.org (love DNS Servers) has 4 different hops timing out and from me to my provider is 1054ms DOH! Ging to power-cycle my modem and all to see what that will do. Back in 5 minutes Also, the BSOD issue seems resolved! I have not booted into safe mode to see if I still get searchbrowsing.com or the coupon thingy....

Not that I can tell. Still takes a dozen forevers for msie to load a page. I tried tracert to msn and all seems well out there... Yet it still takes several minutes to load msn. While watching the "busy" donut going around and around I was able to find the " - click on sagety " thingy. But it is still not going well for MSIE.

Windows cannot find the file WUAUCLT. Make sure you typed the name correctly and then try again. I clicked ok and the CIR continued through reboot.

Gringo, I ran the fixit to reset the msie using that tool. I had previously done it from the advanced tab in the internet options. When I did it before, I ticked all the checkboxes, but I had to go through control panel>internet to access the internet options. The tools menu had "internet options" greyed-out. Upon loading MSIE, The browser loaded extremely slowly, About 7 minutes to finish loading msn.com and the setup msie page. I am unsure what you mean by "-click on safety", but I was able to access the internet options and follow all the other steps. I had also, prior to asking your assistance, tried using "netsh int ip reset c:\resetlog.txt" (without the quotes) to reset the tcp stack. I still have the log if you want to see it. Now, when I open the msie9 it takes over 7 minutes for the default homepage to load (msn.com). (But that is an improvement!) LoL

Gringo, This process went as smooth silk. Both utilities ran flawlessly. 21:03:46.0052 2800 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 21:03:46.0489 2800 ============================================================ 21:03:46.0489 2800 Current date / time: 2012/11/21 21:03:46.0489 21:03:46.0489 2800 SystemInfo: 21:03:46.0489 2800 21:03:46.0489 2800 OS Version: 6.1.7601 ServicePack: 1.0 21:03:46.0489 2800 Product type: Workstation 21:03:46.0489 2800 ComputerName: SCOTT-PC 21:03:46.0489 2800 UserName: AJAH 21:03:46.0489 2800 Windows directory: C:\Windows 21:03:46.0489 2800 System windows directory: C:\Windows 21:03:46.0489 2800 Running under WOW64 21:03:46.0489 2800 Processor architecture: Intel x64 21:03:46.0489 2800 Number of processors: 1 21:03:46.0489 2800 Page size: 0x1000 21:03:46.0489 2800 Boot type: Normal boot 21:03:46.0489 2800 ============================================================ 21:03:48.0424 2800 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 21:03:48.0439 2800 ============================================================ 21:03:48.0439 2800 \Device\Harddisk0\DR0: 21:03:48.0455 2800 MBR partitions: 21:03:48.0455 2800 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x32000 21:03:48.0455 2800 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1432800, BlocksNum 0x115E67F9 21:03:48.0455 2800 ============================================================ 21:03:48.0470 2800 C: <-> \Device\Harddisk0\DR0\Partition2 21:03:48.0470 2800 ============================================================ 21:03:48.0470 2800 Initialize success 21:03:48.0470 2800 ============================================================ 21:03:52.0464 3712 ============================================================ 21:03:52.0464 3712 Scan started 21:03:52.0464 3712 Mode: Manual; 21:03:52.0464 3712 ============================================================ 21:03:52.0994 3712 ================ Scan system memory ======================== 21:03:52.0994 3712 System memory - ok 21:03:53.0010 3712 ================ Scan services ============================= 21:03:53.0135 3712 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 21:03:53.0150 3712 1394ohci - ok 21:03:53.0182 3712 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 21:03:53.0182 3712 ACPI - ok 21:03:53.0213 3712 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 21:03:53.0213 3712 AcpiPmi - ok 21:03:53.0291 3712 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 21:03:53.0291 3712 AdobeARMservice - ok 21:03:53.0494 3712 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 21:03:53.0509 3712 adp94xx - ok 21:03:53.0603 3712 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys 21:03:53.0618 3712 adpahci - ok 21:03:53.0681 3712 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 21:03:53.0696 3712 adpu320 - ok 21:03:53.0728 3712 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 21:03:53.0728 3712 AeLookupSvc - ok 21:03:53.0852 3712 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 21:03:53.0868 3712 AFD - ok 21:03:53.0977 3712 [ B65F8DBA54F251906BBE8611B5A0E7AB ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe 21:03:53.0977 3712 AgereModemAudio - ok 21:03:54.0024 3712 [ A6AB6F0ACE87DA76B4C401813D18BE95 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys 21:03:54.0055 3712 AgereSoftModem - ok 21:03:54.0086 3712 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 21:03:54.0086 3712 agp440 - ok 21:03:54.0133 3712 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 21:03:54.0133 3712 ALG - ok 21:03:54.0164 3712 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 21:03:54.0164 3712 aliide - ok 21:03:54.0196 3712 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 21:03:54.0196 3712 amdide - ok 21:03:54.0242 3712 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 21:03:54.0242 3712 AmdK8 - ok 21:03:54.0258 3712 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 21:03:54.0258 3712 AmdPPM - ok 21:03:54.0305 3712 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 21:03:54.0320 3712 amdsata - ok 21:03:54.0352 3712 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 21:03:54.0352 3712 amdsbs - ok 21:03:54.0367 3712 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 21:03:54.0367 3712 amdxata - ok 21:03:54.0398 3712 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 21:03:54.0398 3712 AppID - ok 21:03:54.0430 3712 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 21:03:54.0430 3712 AppIDSvc - ok 21:03:54.0461 3712 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 21:03:54.0461 3712 Appinfo - ok 21:03:54.0492 3712 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll 21:03:54.0508 3712 AppMgmt - ok 21:03:54.0523 3712 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys 21:03:54.0539 3712 arc - ok 21:03:54.0570 3712 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys 21:03:54.0570 3712 arcsas - ok 21:03:54.0601 3712 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 21:03:54.0601 3712 AsyncMac - ok 21:03:54.0632 3712 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 21:03:54.0632 3712 atapi - ok 21:03:54.0695 3712 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 21:03:54.0710 3712 AudioEndpointBuilder - ok 21:03:54.0726 3712 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 21:03:54.0742 3712 AudioSrv - ok 21:03:54.0773 3712 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 21:03:54.0773 3712 AxInstSV - ok 21:03:54.0804 3712 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 21:03:54.0820 3712 b06bdrv - ok 21:03:54.0866 3712 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 21:03:54.0866 3712 b57nd60a - ok 21:03:54.0898 3712 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 21:03:54.0898 3712 BDESVC - ok 21:03:54.0913 3712 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 21:03:54.0913 3712 Beep - ok 21:03:54.0976 3712 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 21:03:54.0991 3712 BFE - ok 21:03:55.0178 3712 [ ED97ADAF00A61F57A2CCBBB1CE58C600 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20121106.001\BHDrvx64.sys 21:03:55.0178 3712 BHDrvx64 - ok 21:03:55.0225 3712 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll 21:03:55.0256 3712 BITS - ok 21:03:55.0288 3712 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 21:03:55.0288 3712 blbdrive - ok 21:03:55.0334 3712 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 21:03:55.0334 3712 bowser - ok 21:03:55.0366 3712 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 21:03:55.0366 3712 BrFiltLo - ok 21:03:55.0412 3712 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 21:03:55.0412 3712 BrFiltUp - ok 21:03:55.0459 3712 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys 21:03:55.0459 3712 BridgeMP - ok 21:03:55.0490 3712 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 21:03:55.0506 3712 Browser - ok 21:03:55.0522 3712 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 21:03:55.0522 3712 Brserid - ok 21:03:55.0537 3712 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 21:03:55.0553 3712 BrSerWdm - ok 21:03:55.0568 3712 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 21:03:55.0568 3712 BrUsbMdm - ok 21:03:55.0584 3712 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 21:03:55.0584 3712 BrUsbSer - ok 21:03:55.0600 3712 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 21:03:55.0615 3712 BTHMODEM - ok 21:03:55.0646 3712 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 21:03:55.0646 3712 bthserv - ok 21:03:55.0724 3712 [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\1402000.013\ccSetx64.sys 21:03:55.0724 3712 ccSet_N360 - ok 21:03:55.0787 3712 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 21:03:55.0802 3712 cdfs - ok 21:03:55.0943 3712 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 21:03:55.0958 3712 cdrom - ok 21:03:55.0990 3712 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 21:03:55.0990 3712 CertPropSvc - ok 21:03:56.0005 3712 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys 21:03:56.0021 3712 circlass - ok 21:03:56.0036 3712 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 21:03:56.0052 3712 CLFS - ok 21:03:56.0114 3712 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 21:03:56.0114 3712 clr_optimization_v2.0.50727_32 - ok 21:03:56.0177 3712 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 21:03:56.0177 3712 clr_optimization_v2.0.50727_64 - ok 21:03:56.0239 3712 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 21:03:56.0255 3712 clr_optimization_v4.0.30319_32 - ok 21:03:56.0286 3712 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 21:03:56.0286 3712 clr_optimization_v4.0.30319_64 - ok 21:03:56.0317 3712 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 21:03:56.0317 3712 CmBatt - ok 21:03:56.0333 3712 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 21:03:56.0333 3712 cmdide - ok 21:03:56.0364 3712 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys 21:03:56.0380 3712 CNG - ok 21:03:56.0395 3712 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 21:03:56.0395 3712 Compbatt - ok 21:03:56.0426 3712 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 21:03:56.0442 3712 CompositeBus - ok 21:03:56.0458 3712 COMSysApp - ok 21:03:56.0489 3712 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 21:03:56.0489 3712 crcdisk - ok 21:03:56.0536 3712 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll 21:03:56.0536 3712 CryptSvc - ok 21:03:56.0567 3712 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys 21:03:56.0582 3712 CSC - ok 21:03:56.0614 3712 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll 21:03:56.0629 3712 CscService - ok 21:03:56.0692 3712 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 21:03:56.0692 3712 DcomLaunch - ok 21:03:56.0723 3712 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 21:03:56.0723 3712 defragsvc - ok 21:03:56.0754 3712 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 21:03:56.0754 3712 DfsC - ok 21:03:56.0785 3712 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 21:03:56.0785 3712 Dhcp - ok 21:03:56.0816 3712 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 21:03:56.0816 3712 discache - ok 21:03:56.0848 3712 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys 21:03:56.0848 3712 Disk - ok 21:03:56.0879 3712 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys 21:03:56.0879 3712 dmvsc - ok 21:03:56.0910 3712 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 21:03:56.0910 3712 Dnscache - ok 21:03:56.0941 3712 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 21:03:56.0941 3712 dot3svc - ok 21:03:56.0972 3712 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 21:03:56.0972 3712 DPS - ok 21:03:57.0004 3712 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 21:03:57.0004 3712 drmkaud - ok 21:03:57.0035 3712 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 21:03:57.0050 3712 DXGKrnl - ok 21:03:57.0082 3712 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 21:03:57.0082 3712 EapHost - ok 21:03:57.0175 3712 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys 21:03:57.0238 3712 ebdrv - ok 21:03:57.0284 3712 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 21:03:57.0284 3712 eeCtrl - ok 21:03:57.0331 3712 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 21:03:57.0331 3712 EFS - ok 21:03:57.0378 3712 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys 21:03:57.0378 3712 elxstor - ok 21:03:57.0409 3712 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 21:03:57.0409 3712 EraserUtilRebootDrv - ok 21:03:57.0425 3712 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 21:03:57.0425 3712 ErrDev - ok 21:03:57.0472 3712 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 21:03:57.0472 3712 EventSystem - ok 21:03:57.0503 3712 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 21:03:57.0503 3712 exfat - ok 21:03:57.0534 3712 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 21:03:57.0534 3712 fastfat - ok 21:03:57.0550 3712 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys 21:03:57.0550 3712 fdc - ok 21:03:57.0581 3712 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 21:03:57.0581 3712 fdPHost - ok 21:03:57.0596 3712 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 21:03:57.0596 3712 FDResPub - ok 21:03:57.0612 3712 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 21:03:57.0628 3712 FileInfo - ok 21:03:57.0643 3712 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 21:03:57.0643 3712 Filetrace - ok 21:03:57.0659 3712 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 21:03:57.0659 3712 flpydisk - ok 21:03:57.0690 3712 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 21:03:57.0690 3712 FltMgr - ok 21:03:57.0752 3712 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll 21:03:57.0768 3712 FontCache - ok 21:03:57.0830 3712 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 21:03:57.0830 3712 FontCache3.0.0.0 - ok 21:03:57.0862 3712 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 21:03:57.0862 3712 FsDepends - ok 21:03:57.0893 3712 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 21:03:57.0893 3712 Fs_Rec - ok 21:03:57.0940 3712 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 21:03:57.0940 3712 fvevol - ok 21:03:57.0955 3712 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 21:03:57.0955 3712 gagp30kx - ok 21:03:58.0002 3712 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 21:03:58.0018 3712 gpsvc - ok 21:03:58.0080 3712 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 21:03:58.0080 3712 gupdate - ok 21:03:58.0096 3712 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 21:03:58.0096 3712 gupdatem - ok 21:03:58.0127 3712 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 21:03:58.0142 3712 hcw85cir - ok 21:03:58.0174 3712 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 21:03:58.0189 3712 HdAudAddService - ok 21:03:58.0205 3712 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 21:03:58.0205 3712 HDAudBus - ok 21:03:58.0236 3712 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 21:03:58.0236 3712 HidBatt - ok 21:03:58.0252 3712 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys 21:03:58.0252 3712 HidBth - ok 21:03:58.0267 3712 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys 21:03:58.0267 3712 HidIr - ok 21:03:58.0298 3712 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll 21:03:58.0298 3712 hidserv - ok 21:03:58.0330 3712 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 21:03:58.0330 3712 HidUsb - ok 21:03:58.0361 3712 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 21:03:58.0361 3712 hkmsvc - ok 21:03:58.0376 3712 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 21:03:58.0392 3712 HomeGroupListener - ok 21:03:58.0423 3712 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 21:03:58.0423 3712 HomeGroupProvider - ok 21:03:58.0439 3712 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 21:03:58.0439 3712 HpSAMD - ok 21:03:58.0470 3712 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 21:03:58.0486 3712 HTTP - ok 21:03:58.0501 3712 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 21:03:58.0501 3712 hwpolicy - ok 21:03:58.0517 3712 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 21:03:58.0532 3712 i8042prt - ok 21:03:58.0564 3712 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 21:03:58.0564 3712 iaStorV - ok 21:03:58.0626 3712 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 21:03:58.0642 3712 idsvc - ok 21:03:58.0720 3712 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20121120.001\IDSvia64.sys 21:03:58.0720 3712 IDSVia64 - ok 21:03:58.0751 3712 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys 21:03:58.0751 3712 iirsp - ok 21:03:58.0798 3712 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 21:03:58.0813 3712 IKEEXT - ok 21:03:58.0844 3712 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 21:03:58.0844 3712 intelide - ok 21:03:58.0876 3712 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys 21:03:58.0876 3712 intelppm - ok 21:03:58.0891 3712 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 21:03:58.0907 3712 IPBusEnum - ok 21:03:58.0922 3712 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 21:03:58.0922 3712 IpFilterDriver - ok 21:03:58.0954 3712 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 21:03:58.0969 3712 iphlpsvc - ok 21:03:59.0000 3712 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 21:03:59.0000 3712 IPMIDRV - ok 21:03:59.0032 3712 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 21:03:59.0047 3712 IPNAT - ok 21:03:59.0078 3712 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 21:03:59.0078 3712 IRENUM - ok 21:03:59.0094 3712 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 21:03:59.0094 3712 isapnp - ok 21:03:59.0125 3712 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 21:03:59.0125 3712 iScsiPrt - ok 21:03:59.0156 3712 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 21:03:59.0156 3712 kbdclass - ok 21:03:59.0188 3712 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 21:03:59.0188 3712 kbdhid - ok 21:03:59.0219 3712 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 21:03:59.0219 3712 KeyIso - ok 21:03:59.0234 3712 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 21:03:59.0234 3712 KSecDD - ok 21:03:59.0281 3712 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 21:03:59.0281 3712 KSecPkg - ok 21:03:59.0312 3712 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 21:03:59.0312 3712 ksthunk - ok 21:03:59.0359 3712 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 21:03:59.0359 3712 KtmRm - ok 21:03:59.0406 3712 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll 21:03:59.0422 3712 LanmanServer - ok 21:03:59.0453 3712 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 21:03:59.0453 3712 LanmanWorkstation - ok 21:03:59.0500 3712 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 21:03:59.0500 3712 lltdio - ok 21:03:59.0546 3712 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 21:03:59.0546 3712 lltdsvc - ok 21:03:59.0578 3712 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 21:03:59.0578 3712 lmhosts - ok 21:03:59.0671 3712 [ 7109163D8027076D2680CFC4E80E2A28 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe 21:03:59.0671 3712 LMIGuardianSvc - ok 21:03:59.0718 3712 [ 0317335B15FF3BDA8E10197E3434CFC0 ] LMIInfo C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys 21:03:59.0718 3712 LMIInfo - ok 21:03:59.0765 3712 [ 8054CE1FC8B417691960D00F931516A7 ] LMIMaint C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe 21:03:59.0765 3712 LMIMaint - ok 21:03:59.0812 3712 [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys 21:03:59.0812 3712 lmimirr - ok 21:03:59.0827 3712 LMIRfsClientNP - ok 21:03:59.0858 3712 [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys 21:03:59.0858 3712 LMIRfsDriver - ok 21:03:59.0890 3712 [ D3760BC17E1755091B7120CF32DBF56B ] LogMeIn C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe 21:03:59.0905 3712 LogMeIn - ok 21:03:59.0936 3712 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 21:03:59.0936 3712 LSI_FC - ok 21:03:59.0952 3712 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 21:03:59.0968 3712 LSI_SAS - ok 21:03:59.0983 3712 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 21:03:59.0983 3712 LSI_SAS2 - ok 21:03:59.0999 3712 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 21:04:00.0014 3712 LSI_SCSI - ok 21:04:00.0030 3712 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 21:04:00.0030 3712 luafv - ok 21:04:00.0077 3712 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys 21:04:00.0077 3712 mcdbus - ok 21:04:00.0108 3712 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys 21:04:00.0108 3712 megasas - ok 21:04:00.0124 3712 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 21:04:00.0139 3712 MegaSR - ok 21:04:00.0202 3712 Microsoft SharePoint Workspace Audit Service - ok 21:04:00.0217 3712 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 21:04:00.0217 3712 MMCSS - ok 21:04:00.0248 3712 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 21:04:00.0248 3712 Modem - ok 21:04:00.0280 3712 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 21:04:00.0280 3712 monitor - ok 21:04:00.0311 3712 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 21:04:00.0311 3712 mouclass - ok 21:04:00.0342 3712 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 21:04:00.0358 3712 mouhid - ok 21:04:00.0373 3712 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 21:04:00.0373 3712 mountmgr - ok 21:04:00.0389 3712 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 21:04:00.0404 3712 mpio - ok 21:04:00.0420 3712 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 21:04:00.0420 3712 mpsdrv - ok 21:04:00.0467 3712 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 21:04:00.0482 3712 MpsSvc - ok 21:04:00.0482 3712 MREMP50 - ok 21:04:00.0529 3712 MREMP50a64 - ok 21:04:00.0529 3712 MREMPR5 - ok 21:04:00.0545 3712 MRENDIS5 - ok 21:04:00.0545 3712 MRESP50 - ok 21:04:00.0576 3712 MRESP50a64 - ok 21:04:00.0592 3712 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 21:04:00.0592 3712 MRxDAV - ok 21:04:00.0623 3712 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 21:04:00.0623 3712 mrxsmb - ok 21:04:00.0654 3712 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 21:04:00.0654 3712 mrxsmb10 - ok 21:04:00.0685 3712 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 21:04:00.0685 3712 mrxsmb20 - ok 21:04:00.0701 3712 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 21:04:00.0701 3712 msahci - ok 21:04:00.0732 3712 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 21:04:00.0732 3712 msdsm - ok 21:04:00.0763 3712 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 21:04:00.0763 3712 MSDTC - ok 21:04:00.0794 3712 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 21:04:00.0794 3712 Msfs - ok 21:04:00.0810 3712 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 21:04:00.0810 3712 mshidkmdf - ok 21:04:00.0826 3712 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 21:04:00.0826 3712 msisadrv - ok 21:04:00.0857 3712 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 21:04:00.0857 3712 MSiSCSI - ok 21:04:00.0872 3712 msiserver - ok 21:04:00.0904 3712 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 21:04:00.0904 3712 MSKSSRV - ok 21:04:00.0935 3712 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 21:04:00.0935 3712 MSPCLOCK - ok 21:04:00.0982 3712 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 21:04:00.0982 3712 MSPQM - ok 21:04:00.0997 3712 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 21:04:00.0997 3712 MsRPC - ok 21:04:01.0028 3712 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 21:04:01.0028 3712 mssmbios - ok 21:04:01.0060 3712 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 21:04:01.0060 3712 MSTEE - ok 21:04:01.0075 3712 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 21:04:01.0075 3712 MTConfig - ok 21:04:01.0091 3712 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 21:04:01.0091 3712 Mup - ok 21:04:01.0153 3712 [ 4A9258B9597A31DB68EC9740F3A8A70B ] N360 C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ccSvcHst.exe 21:04:01.0153 3712 N360 - ok 21:04:01.0200 3712 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 21:04:01.0216 3712 napagent - ok 21:04:01.0262 3712 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 21:04:01.0262 3712 NativeWifiP - ok 21:04:01.0325 3712 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20121120.022\ENG64.SYS 21:04:01.0325 3712 NAVENG - ok 21:04:01.0403 3712 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20121120.022\EX64.SYS 21:04:01.0450 3712 NAVEX15 - ok 21:04:01.0512 3712 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 21:04:01.0543 3712 NDIS - ok 21:04:01.0574 3712 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 21:04:01.0574 3712 NdisCap - ok 21:04:01.0590 3712 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 21:04:01.0590 3712 NdisTapi - ok 21:04:01.0637 3712 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 21:04:01.0637 3712 Ndisuio - ok 21:04:01.0652 3712 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 21:04:01.0652 3712 NdisWan - ok 21:04:01.0668 3712 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 21:04:01.0684 3712 NDProxy - ok 21:04:01.0699 3712 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 21:04:01.0699 3712 NetBIOS - ok 21:04:01.0730 3712 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 21:04:01.0746 3712 NetBT - ok 21:04:01.0762 3712 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 21:04:01.0762 3712 Netlogon - ok 21:04:01.0808 3712 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 21:04:01.0808 3712 Netman - ok 21:04:01.0840 3712 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 21:04:01.0855 3712 netprofm - ok 21:04:01.0886 3712 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 21:04:01.0886 3712 NetTcpPortSharing - ok 21:04:01.0918 3712 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 21:04:01.0918 3712 nfrd960 - ok 21:04:01.0949 3712 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 21:04:01.0964 3712 NlaSvc - ok 21:04:01.0980 3712 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 21:04:01.0980 3712 Npfs - ok 21:04:02.0011 3712 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 21:04:02.0011 3712 nsi - ok 21:04:02.0027 3712 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 21:04:02.0027 3712 nsiproxy - ok 21:04:02.0105 3712 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 21:04:02.0136 3712 Ntfs - ok 21:04:02.0167 3712 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 21:04:02.0167 3712 Null - ok 21:04:02.0214 3712 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys 21:04:02.0214 3712 NVENETFD - ok 21:04:02.0479 3712 [ DD81FBC57AB9134CDDC5CE90880BFD80 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 21:04:02.0542 3712 nvlddmkm - ok 21:04:02.0588 3712 [ 0AD267A4674805B61A5D7B911D2A978A ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys 21:04:02.0588 3712 NVNET - ok 21:04:02.0604 3712 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 21:04:02.0604 3712 nvraid - ok 21:04:02.0635 3712 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 21:04:02.0635 3712 nvstor - ok 21:04:02.0666 3712 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 21:04:02.0666 3712 nv_agp - ok 21:04:02.0698 3712 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 21:04:02.0698 3712 ohci1394 - ok 21:04:02.0744 3712 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 21:04:02.0744 3712 ose - ok 21:04:02.0900 3712 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 21:04:02.0994 3712 osppsvc - ok 21:04:03.0041 3712 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 21:04:03.0041 3712 p2pimsvc - ok 21:04:03.0072 3712 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 21:04:03.0088 3712 p2psvc - ok 21:04:03.0119 3712 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys 21:04:03.0119 3712 Parport - ok 21:04:03.0166 3712 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 21:04:03.0166 3712 partmgr - ok 21:04:03.0181 3712 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 21:04:03.0181 3712 PcaSvc - ok 21:04:03.0212 3712 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 21:04:03.0212 3712 pci - ok 21:04:03.0228 3712 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 21:04:03.0228 3712 pciide - ok 21:04:03.0244 3712 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 21:04:03.0259 3712 pcmcia - ok 21:04:03.0275 3712 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 21:04:03.0275 3712 pcw - ok 21:04:03.0306 3712 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 21:04:03.0306 3712 PEAUTH - ok 21:04:03.0368 3712 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 21:04:03.0400 3712 PeerDistSvc - ok 21:04:03.0462 3712 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 21:04:03.0462 3712 PerfHost - ok 21:04:03.0524 3712 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 21:04:03.0556 3712 pla - ok 21:04:03.0602 3712 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 21:04:03.0602 3712 PlugPlay - ok 21:04:03.0634 3712 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 21:04:03.0634 3712 PNRPAutoReg - ok 21:04:03.0665 3712 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 21:04:03.0665 3712 PNRPsvc - ok 21:04:03.0696 3712 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 21:04:03.0712 3712 PolicyAgent - ok 21:04:03.0727 3712 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 21:04:03.0743 3712 Power - ok 21:04:03.0758 3712 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 21:04:03.0774 3712 PptpMiniport - ok 21:04:03.0790 3712 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys 21:04:03.0790 3712 Processor - ok 21:04:03.0821 3712 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 21:04:03.0821 3712 ProfSvc - ok 21:04:03.0836 3712 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 21:04:03.0836 3712 ProtectedStorage - ok 21:04:03.0868 3712 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 21:04:03.0868 3712 Psched - ok 21:04:03.0930 3712 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 21:04:03.0961 3712 ql2300 - ok 21:04:03.0977 3712 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 21:04:03.0992 3712 ql40xx - ok 21:04:04.0024 3712 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 21:04:04.0024 3712 QWAVE - ok 21:04:04.0039 3712 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 21:04:04.0039 3712 QWAVEdrv - ok 21:04:04.0070 3712 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 21:04:04.0070 3712 RasAcd - ok 21:04:04.0102 3712 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 21:04:04.0102 3712 RasAgileVpn - ok 21:04:04.0133 3712 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 21:04:04.0133 3712 RasAuto - ok 21:04:04.0164 3712 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 21:04:04.0164 3712 Rasl2tp - ok 21:04:04.0195 3712 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 21:04:04.0195 3712 RasMan - ok 21:04:04.0211 3712 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 21:04:04.0211 3712 RasPppoe - ok 21:04:04.0258 3712 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 21:04:04.0258 3712 RasSstp - ok 21:04:04.0273 3712 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 21:04:04.0273 3712 rdbss - ok 21:04:04.0304 3712 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 21:04:04.0304 3712 rdpbus - ok 21:04:04.0320 3712 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 21:04:04.0320 3712 RDPCDD - ok 21:04:04.0351 3712 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 21:04:04.0351 3712 RDPDR - ok 21:04:04.0382 3712 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 21:04:04.0382 3712 RDPENCDD - ok 21:04:04.0398 3712 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 21:04:04.0398 3712 RDPREFMP - ok 21:04:04.0445 3712 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 21:04:04.0445 3712 RdpVideoMiniport - ok 21:04:04.0492 3712 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 21:04:04.0492 3712 RDPWD - ok 21:04:04.0523 3712 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 21:04:04.0523 3712 rdyboost - ok 21:04:04.0570 3712 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 21:04:04.0570 3712 RemoteAccess - ok 21:04:04.0601 3712 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 21:04:04.0601 3712 RemoteRegistry - ok 21:04:04.0632 3712 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 21:04:04.0632 3712 RpcEptMapper - ok 21:04:04.0648 3712 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 21:04:04.0663 3712 RpcLocator - ok 21:04:04.0679 3712 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 21:04:04.0694 3712 RpcSs - ok 21:04:04.0726 3712 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 21:04:04.0726 3712 rspndr - ok 21:04:04.0757 3712 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys 21:04:04.0757 3712 s3cap - ok 21:04:04.0772 3712 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 21:04:04.0772 3712 SamSs - ok 21:04:04.0804 3712 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 21:04:04.0804 3712 sbp2port - ok 21:04:04.0835 3712 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 21:04:04.0835 3712 SCardSvr - ok 21:04:04.0850 3712 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 21:04:04.0866 3712 scfilter - ok 21:04:04.0897 3712 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 21:04:04.0928 3712 Schedule - ok 21:04:04.0960 3712 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 21:04:04.0960 3712 SCPolicySvc - ok 21:04:04.0975 3712 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 21:04:04.0975 3712 SDRSVC - ok 21:04:05.0022 3712 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 21:04:05.0022 3712 secdrv - ok 21:04:05.0038 3712 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 21:04:05.0038 3712 seclogon - ok 21:04:05.0069 3712 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll 21:04:05.0069 3712 SENS - ok 21:04:05.0084 3712 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 21:04:05.0084 3712 SensrSvc - ok 21:04:05.0100 3712 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys 21:04:05.0100 3712 Serenum - ok 21:04:05.0116 3712 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys 21:04:05.0116 3712 Serial - ok 21:04:05.0147 3712 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys 21:04:05.0147 3712 sermouse - ok 21:04:05.0178 3712 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 21:04:05.0194 3712 SessionEnv - ok 21:04:05.0209 3712 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 21:04:05.0209 3712 sffdisk - ok 21:04:05.0225 3712 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 21:04:05.0225 3712 sffp_mmc - ok 21:04:05.0240 3712 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 21:04:05.0240 3712 sffp_sd - ok 21:04:05.0272 3712 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 21:04:05.0272 3712 sfloppy - ok 21:04:05.0334 3712 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 21:04:05.0350 3712 SharedAccess - ok 21:04:05.0381 3712 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 21:04:05.0381 3712 ShellHWDetection - ok 21:04:05.0412 3712 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 21:04:05.0412 3712 SiSRaid2 - ok 21:04:05.0443 3712 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 21:04:05.0443 3712 SiSRaid4 - ok 21:04:05.0474 3712 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 21:04:05.0474 3712 Smb - ok 21:04:05.0506 3712 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 21:04:05.0506 3712 SNMPTRAP - ok 21:04:05.0521 3712 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 21:04:05.0521 3712 spldr - ok 21:04:05.0568 3712 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 21:04:05.0568 3712 Spooler - ok 21:04:05.0646 3712 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 21:04:05.0724 3712 sppsvc - ok 21:04:05.0740 3712 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 21:04:05.0740 3712 sppuinotify - ok 21:04:05.0818 3712 [ 3510E7021D2637A67FBCB5105EAE945D ] SRTSP C:\Windows\System32\Drivers\N360x64\1402000.013\SRTSP64.SYS 21:04:05.0833 3712 SRTSP - ok 21:04:05.0864 3712 [ 1B884D876E87EABF5A3356BBD7321412 ] SRTSPX C:\Windows\system32\drivers\N360x64\1402000.013\SRTSPX64.SYS 21:04:05.0864 3712 SRTSPX - ok 21:04:05.0896 3712 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 21:04:05.0896 3712 srv - ok 21:04:05.0927 3712 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 21:04:05.0927 3712 srv2 - ok 21:04:05.0958 3712 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 21:04:05.0958 3712 srvnet - ok 21:04:06.0005 3712 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 21:04:06.0005 3712 SSDPSRV - ok 21:04:06.0020 3712 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 21:04:06.0020 3712 SstpSvc - ok 21:04:06.0052 3712 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys 21:04:06.0052 3712 stexstor - ok 21:04:06.0098 3712 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 21:04:06.0114 3712 stisvc - ok 21:04:06.0145 3712 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys 21:04:06.0145 3712 storflt - ok 21:04:06.0161 3712 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll 21:04:06.0176 3712 StorSvc - ok 21:04:06.0192 3712 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys 21:04:06.0192 3712 storvsc - ok 21:04:06.0223 3712 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 21:04:06.0223 3712 swenum - ok 21:04:06.0254 3712 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 21:04:06.0270 3712 swprv - ok 21:04:06.0317 3712 [ 777217682DA76337E8E6EC8AC4412B9B ] SymDS C:\Windows\system32\drivers\N360x64\1402000.013\SYMDS64.SYS 21:04:06.0332 3712 SymDS - ok 21:04:06.0379 3712 [ 64D1AF3D04E70A681154FFF1893848F6 ] SymEFA C:\Windows\system32\drivers\N360x64\1402000.013\SYMEFA64.SYS 21:04:06.0410 3712 SymEFA - ok 21:04:06.0457 3712 [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 21:04:06.0457 3712 SymEvent - ok 21:04:06.0488 3712 [ BFD99DC6C7FEB2F8B20D488FDF3A9A55 ] SymIM C:\Windows\system32\DRIVERS\SymIMv.sys 21:04:06.0488 3712 SymIM - ok 21:04:06.0535 3712 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON C:\Windows\system32\drivers\N360x64\1402000.013\Ironx64.SYS 21:04:06.0535 3712 SymIRON - ok 21:04:06.0566 3712 [ 1605EBD8CB86AFC4430116065995279A ] SymNetS C:\Windows\System32\Drivers\N360x64\1402000.013\SYMNETS.SYS 21:04:06.0566 3712 SymNetS - ok 21:04:06.0629 3712 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 21:04:06.0676 3712 SysMain - ok 21:04:06.0691 3712 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 21:04:06.0707 3712 TabletInputService - ok 21:04:06.0722 3712 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 21:04:06.0722 3712 TapiSrv - ok 21:04:06.0754 3712 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 21:04:06.0754 3712 TBS - ok 21:04:06.0816 3712 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 21:04:06.0863 3712 Tcpip - ok 21:04:06.0925 3712 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 21:04:06.0941 3712 TCPIP6 - ok 21:04:06.0972 3712 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 21:04:06.0972 3712 tcpipreg - ok 21:04:07.0003 3712 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 21:04:07.0003 3712 TDPIPE - ok 21:04:07.0034 3712 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 21:04:07.0034 3712 TDTCP - ok 21:04:07.0050 3712 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 21:04:07.0066 3712 tdx - ok 21:04:07.0081 3712 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 21:04:07.0081 3712 TermDD - ok 21:04:07.0112 3712 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 21:04:07.0144 3712 TermService - ok 21:04:07.0159 3712 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 21:04:07.0159 3712 Themes - ok 21:04:07.0175 3712 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 21:04:07.0175 3712 THREADORDER - ok 21:04:07.0190 3712 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 21:04:07.0190 3712 TrkWks - ok 21:04:07.0237 3712 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 21:04:07.0237 3712 TrustedInstaller - ok 21:04:07.0284 3712 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 21:04:07.0284 3712 tssecsrv - ok 21:04:07.0331 3712 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 21:04:07.0331 3712 TsUsbFlt - ok 21:04:07.0362 3712 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 21:04:07.0362 3712 TsUsbGD - ok 21:04:07.0378 3712 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 21:04:07.0378 3712 tunnel - ok 21:04:07.0409 3712 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 21:04:07.0409 3712 uagp35 - ok 21:04:07.0424 3712 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 21:04:07.0440 3712 udfs - ok 21:04:07.0471 3712 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 21:04:07.0471 3712 UI0Detect - ok 21:04:07.0502 3712 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 21:04:07.0502 3712 uliagpkx - ok 21:04:07.0534 3712 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 21:04:07.0534 3712 umbus - ok 21:04:07.0549 3712 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys 21:04:07.0549 3712 UmPass - ok 21:04:07.0596 3712 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll 21:04:07.0596 3712 UmRdpService - ok 21:04:07.0627 3712 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 21:04:07.0627 3712 upnphost - ok 21:04:07.0674 3712 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 21:04:07.0674 3712 usbaudio - ok 21:04:07.0705 3712 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 21:04:07.0721 3712 usbccgp - ok 21:04:07.0736 3712 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 21:04:07.0752 3712 usbcir - ok 21:04:07.0768 3712 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 21:04:07.0768 3712 usbehci - ok 21:04:07.0814 3712 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 21:04:07.0814 3712 usbhub - ok 21:04:07.0846 3712 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 21:04:07.0846 3712 usbohci - ok 21:04:07.0861 3712 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 21:04:07.0877 3712 usbprint - ok 21:04:07.0908 3712 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 21:04:07.0908 3712 usbscan - ok 21:04:07.0939 3712 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 21:04:07.0939 3712 USBSTOR - ok 21:04:07.0955 3712 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 21:04:07.0955 3712 usbuhci - ok 21:04:07.0986 3712 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 21:04:07.0986 3712 UxSms - ok 21:04:08.0002 3712 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 21:04:08.0002 3712 VaultSvc - ok 21:04:08.0033 3712 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 21:04:08.0033 3712 vdrvroot - ok 21:04:08.0064 3712 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 21:04:08.0080 3712 vds - ok 21:04:08.0095 3712 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 21:04:08.0095 3712 vga - ok 21:04:08.0111 3712 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 21:04:08.0111 3712 VgaSave - ok 21:04:08.0142 3712 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 21:04:08.0142 3712 vhdmp - ok 21:04:08.0158 3712 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 21:04:08.0158 3712 viaide - ok 21:04:08.0189 3712 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys 21:04:08.0204 3712 vmbus - ok 21:04:08.0220 3712 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 21:04:08.0220 3712 VMBusHID - ok 21:04:08.0251 3712 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 21:04:08.0251 3712 volmgr - ok 21:04:08.0267 3712 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 21:04:08.0282 3712 volmgrx - ok 21:04:08.0314 3712 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 21:04:08.0314 3712 volsnap - ok 21:04:08.0329 3712 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 21:04:08.0329 3712 vsmraid - ok 21:04:08.0392 3712 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 21:04:08.0438 3712 VSS - ok 21:04:08.0454 3712 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 21:04:08.0454 3712 vwifibus - ok 21:04:08.0485 3712 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 21:04:08.0485 3712 W32Time - ok 21:04:08.0516 3712 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys 21:04:08.0516 3712 WacomPen - ok 21:04:08.0548 3712 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 21:04:08.0548 3712 WANARP - ok 21:04:08.0563 3712 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 21:04:08.0563 3712 Wanarpv6 - ok 21:04:08.0641 3712 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 21:04:08.0672 3712 WatAdminSvc - ok 21:04:08.0719 3712 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 21:04:08.0766 3712 wbengine - ok 21:04:08.0797 3712 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 21:04:08.0797 3712 WbioSrvc - ok 21:04:08.0828 3712 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 21:04:08.0828 3712 wcncsvc - ok 21:04:08.0844 3712 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 21:04:08.0860 3712 WcsPlugInService - ok 21:04:08.0891 3712 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys 21:04:08.0891 3712 Wd - ok 21:04:08.0938 3712 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 21:04:08.0938 3712 Wdf01000 - ok 21:04:08.0953 3712 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 21:04:08.0969 3712 WdiServiceHost - ok 21:04:08.0969 3712 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 21:04:08.0984 3712 WdiSystemHost - ok 21:04:09.0000 3712 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 21:04:09.0000 3712 WebClient - ok 21:04:09.0031 3712 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 21:04:09.0031 3712 Wecsvc - ok 21:04:09.0047 3712 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 21:04:09.0047 3712 wercplsupport - ok 21:04:09.0078 3712 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 21:04:09.0078 3712 WerSvc - ok 21:04:09.0125 3712 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 21:04:09.0125 3712 WfpLwf - ok 21:04:09.0140 3712 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 21:04:09.0140 3712 WIMMount - ok 21:04:09.0156 3712 WinDefend - ok 21:04:09.0172 3712 WinHttpAutoProxySvc - ok 21:04:09.0234 3712 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 21:04:09.0234 3712 Winmgmt - ok 21:04:09.0296 3712 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 21:04:09.0359 3712 WinRM - ok 21:04:09.0421 3712 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 21:04:09.0421 3712 WinUsb - ok 21:04:09.0468 3712 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 21:04:09.0484 3712 Wlansvc - ok 21:04:09.0515 3712 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 21:04:09.0515 3712 WmiAcpi - ok 21:04:09.0562 3712 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 21:04:09.0562 3712 wmiApSrv - ok 21:04:09.0593 3712 WMPNetworkSvc - ok 21:04:09.0608 3712 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 21:04:09.0608 3712 WPCSvc - ok 21:04:09.0624 3712 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 21:04:09.0640 3712 WPDBusEnum - ok 21:04:09.0655 3712 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 21:04:09.0655 3712 ws2ifsl - ok 21:04:09.0686 3712 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll 21:04:09.0702 3712 wscsvc - ok 21:04:09.0718 3712 WSearch - ok 21:04:09.0796 3712 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 21:04:09.0842 3712 wuauserv - ok 21:04:09.0874 3712 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 21:04:09.0874 3712 WudfPf - ok 21:04:09.0889 3712 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 21:04:09.0905 3712 WUDFRd - ok 21:04:09.0920 3712 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 21:04:09.0920 3712 wudfsvc - ok 21:04:09.0952 3712 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 21:04:09.0967 3712 WwanSvc - ok 21:04:09.0983 3712 ================ Scan global =============================== 21:04:09.0998 3712 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 21:04:10.0045 3712 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll 21:04:10.0061 3712 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll 21:04:10.0092 3712 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 21:04:10.0123 3712 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 21:04:10.0123 3712 [Global] - ok 21:04:10.0123 3712 ================ Scan MBR ================================== 21:04:10.0139 3712 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 21:04:10.0466 3712 \Device\Harddisk0\DR0 - ok 21:04:10.0482 3712 ================ Scan VBR ================================== 21:04:10.0482 3712 [ C97AC94BEE985A5F1B4BC3B204324108 ] \Device\Harddisk0\DR0\Partition1 21:04:10.0482 3712 \Device\Harddisk0\DR0\Partition1 - ok 21:04:10.0498 3712 [ ABE71F4837AB9DA8AF0A23F901AD5808 ] \Device\Harddisk0\DR0\Partition2 21:04:10.0498 3712 \Device\Harddisk0\DR0\Partition2 - ok 21:04:10.0498 3712 ============================================================ 21:04:10.0498 3712 Scan finished 21:04:10.0498 3712 ============================================================ 21:04:10.0513 3644 Detected object count: 0 21:04:10.0513 3644 Actual detected object count: 0 aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software Run date: 2012-11-21 21:05:52 ----------------------------- 21:05:52.885 OS Version: Windows x64 6.1.7601 Service Pack 1 21:05:52.885 Number of processors: 1 586 0x7F02 21:05:52.885 ComputerName: SCOTT-PC UserName: AJAH 21:05:54.632 Initialize success 21:07:06.726 AVAST engine defs: 12112101 21:07:37.306 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000066 21:07:37.322 Disk 0 Vendor: ST316081 4.AA Size: 152627MB BusType: 3 21:07:37.338 Disk 0 MBR read successfully 21:07:37.353 Disk 0 MBR scan 21:07:37.353 Disk 0 Windows 7 default MBR code 21:07:37.369 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 10240 MB offset 2048 21:07:37.384 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 20973568 21:07:37.400 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 142284 MB offset 21178368 21:07:37.416 Disk 0 scanning C:\Windows\system32\drivers 21:07:47.056 Service scanning 21:08:13.015 Modules scanning 21:08:13.015 Disk 0 trace - called modules: 21:08:13.046 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor.sys 21:08:13.561 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8002833060] 21:08:13.561 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa80022f4670] 21:08:13.561 5 ACPI.sys[fffff88000f0f7a1] -> nt!IofCallDriver -> \Device\00000066[0xfffffa80022f49c0] 21:08:13.982 AVAST engine scan C:\Windows 21:08:15.792 AVAST engine scan C:\Windows\system32 21:11:09.465 AVAST engine scan C:\Windows\system32\drivers 21:11:25.065 AVAST engine scan C:\Users\AJAH 21:15:07.345 AVAST engine scan C:\ProgramData 21:16:03.396 Scan finished successfully 21:16:28.683 Disk 0 MBR has been saved successfully to "C:\Users\AJAH\Desktop\MBR.dat" 21:16:28.683 The log file has been saved successfully to "C:\Users\AJAH\Desktop\aswMBR.txt"

After 8 failed attempts at running combofix to completion, I was finally able to get it to go all the way through without error. Short Run down: Stage 1 BAD_POOL_HEADER Stage 2 BSOD SYSTEM_SERVICE_EXCEPTION Stage 3 PFN_LIST_CORRUPT Stage 4 IRQL_NOT_LESS_OR_EQUAL Stage 36 MEMORY_MANAGEMENT Each subsequent attempt it would get a little farther into the combofix processes before BSOD. Finally, I got a bsod BAD_POOL_HEADER @ Stage 1. I tried 1 more time and succeded with the scan. Although I had disabled Norton Auto-Protect, Norton Firewall, Norton Anti-Spyware and Norton Task Scheduling, I still got an error from combofix that norton was detected. I was about to uninstall it but the instructions were to not install/uninstall anything so I booted into "safe mode" and then back into normal mode and Norton went away. Until Stage 32 (or so) when Norton informed me that a service was unable to start due to a dependency issue. AAARRRGGGHHH! I think I will be replacing it with MSE! I can still not access websites with MSIE, It hangs with a clean page of white and errors out. I am using Google Chrome to post this and when I am in Event Viewer and opt to submit the info to MS for a possible solution, I am told there is no internet connection. So, here is the most difficult log-file to get produced I have ever seen ComboFix 12-11-21.01 - AJAH 11/21/2012 18:32:34.1.1 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.1918.946 [GMT -5:00] Running from: c:\users\AJAH\Desktop\ComboFix.exe AV: Norton Security Suite *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton Security Suite *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton Security Suite *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((( Files Created from 2012-10-21 to 2012-11-21 ))))))))))))))))))))))))))))))) . . 2012-11-20 15:02 . 2012-09-30 00:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-11-20 12:57 . 2012-11-20 12:58 184133384 ----a-w- C:\306.97-desktop-win8-win7-winvista-64bit-english-whql.exe 2012-11-20 12:52 . 2012-11-20 12:52 -------- d-----w- c:\program files (x86)\Common Files\Java 2012-11-20 12:52 . 2012-11-20 12:52 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2012-11-20 12:38 . 2012-11-20 12:38 -------- d-----w- c:\program files (x86)\Java 2012-11-18 16:34 . 2012-11-18 16:34 -------- d-----w- c:\program files\Microsoft Silverlight 2012-11-18 16:34 . 2012-11-18 16:34 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2012-11-14 14:27 . 2012-08-09 01:50 43680 ----a-r- c:\windows\system32\drivers\SymIMV.sys 2012-11-14 08:31 . 2012-11-14 08:31 -------- d-----w- c:\program files (x86)\Common Files\Adobe 2012-11-14 08:29 . 2012-11-14 08:29 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared 2012-11-14 07:53 . 2012-11-14 07:53 177312 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS 2012-11-14 07:53 . 2012-11-14 07:53 -------- d-----w- c:\program files\Symantec 2012-11-14 07:53 . 2012-11-14 07:53 -------- d-----w- c:\program files\Common Files\Symantec Shared 2012-11-14 07:53 . 2012-11-14 08:13 -------- d-----w- c:\windows\system32\drivers\N360x64 2012-11-14 07:52 . 2012-11-14 07:53 -------- d-----w- c:\program files (x86)\Norton Security Suite 2012-11-14 07:52 . 2012-11-14 07:52 -------- d-----w- c:\program files (x86)\NortonInstaller 2012-11-14 07:46 . 2012-11-14 07:46 -------- d-sh--w- c:\windows\system32\%APPDATA% 2012-11-14 07:41 . 2012-11-14 07:41 -------- d-----w- c:\users\UpdatusUser 2012-11-14 07:40 . 2012-10-02 22:21 60776 ----a-w- c:\windows\system32\OpenCL.dll 2012-11-14 07:40 . 2012-10-02 22:21 52584 ----a-w- c:\windows\SysWow64\OpenCL.dll 2012-11-14 07:33 . 2012-11-14 07:33 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-11-14 07:33 . 2012-11-14 07:33 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-11-14 05:52 . 2012-11-14 05:57 -------- d--h--w- c:\windows\msdownld.tmp 2012-11-14 03:02 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2012-11-14 03:02 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys 2012-11-14 03:02 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui 2012-11-14 03:02 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll 2012-11-14 02:54 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe 2012-11-14 02:53 . 2012-10-18 18:25 3149824 ----a-w- c:\windows\system32\win32k.sys 2012-11-13 13:32 . 2012-11-14 00:32 -------- d-----w- c:\program files\Google 2012-10-30 01:26 . 2012-08-23 15:09 3072 ----a-w- c:\windows\system32\drivers\en-US\tsusbflt.sys.mui 2012-10-30 01:26 . 2012-08-23 13:41 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2012-10-30 01:26 . 2012-08-23 13:40 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2012-10-30 01:26 . 2012-08-23 13:24 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll 2012-10-30 01:26 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys 2012-10-30 01:26 . 2012-08-23 14:08 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys 2012-10-30 01:26 . 2012-08-23 14:07 57856 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys 2012-10-26 11:32 . 2012-10-26 11:32 -------- d-----w- c:\program files (x86)\FLV_Runner . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-11-20 12:52 . 2012-05-09 09:39 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2012-11-20 12:38 . 2012-01-31 06:21 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-11-14 02:55 . 2012-01-30 07:21 66395536 ----a-w- c:\windows\system32\MRT.exe 2012-11-05 14:27 . 2012-02-01 04:10 88008 ----a-w- c:\windows\system32\LMIRfsClientNP.dll 2012-11-05 14:27 . 2012-02-01 04:10 35240 ----a-w- c:\windows\system32\LMIport.dll 2012-11-05 14:27 . 2012-02-01 04:10 83880 ----a-w- c:\windows\system32\LMIinit.dll 2012-09-14 19:19 . 2012-10-10 05:55 2048 ----a-w- c:\windows\system32\tzres.dll 2012-09-14 18:28 . 2012-10-10 05:55 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2012-08-31 18:19 . 2012-10-10 05:55 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys 2012-08-30 18:03 . 2012-10-10 05:55 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-08-30 17:12 . 2012-10-10 05:55 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-08-30 17:12 . 2012-10-10 05:55 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-08-24 18:05 . 2012-10-10 05:55 220160 ----a-w- c:\windows\system32\wintrust.dll 2012-08-24 16:57 . 2012-10-10 05:55 172544 ----a-w- c:\windows\SysWow64\wintrust.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-24 926896] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux2"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer] @="Service" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-01-30 1255736] S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1402000.013\SYMDS64.SYS [2012-10-04 493216] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1402000.013\SYMEFA64.SYS [2012-10-04 1133216] S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20121106.001\BHDrvx64.sys [2012-10-23 1384608] S1 ccSet_N360;Norton Security Suite Settings Manager;c:\windows\system32\drivers\N360x64\1402000.013\ccSetx64.sys [2012-10-04 168096] S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20121120.001\IDSvia64.sys [2012-11-13 513184] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1402000.013\Ironx64.SYS [2012-07-28 224416] S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1402000.013\SYMNETS.SYS [2012-07-23 432800] S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-11-05 375728] S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2011-09-16 15928] S2 N360;Norton Security Suite;c:\program files (x86)\Norton Security Suite\Engine\20.2.0.19\ccSvcHst.exe [2012-10-11 143928] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-11-14 138912] . . Contents of the 'Scheduled Tasks' folder . 2012-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-25 22:50] . 2012-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-25 22:50] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2011-09-16 57928] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mStart Page = hxxp://search.coupons.com/ mLocal Page = c:\windows\SysWOW64\blank.htm uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s Trusted Zone: netflix.com TCP: DhcpNameServer = 192.168.1.254 . - - - - ORPHANS REMOVED - - - - . BHO-{ACC01A56-70E3-472E-9C4F-83B1DA817DD8} - (no file) Toolbar-{8660E5B3-6C41-44DE-8503-98D99BBECD41} - (no file) Wow6432Node-HKLM-Run-DivXUpdate - c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start AddRemove-DivX Setup - c:\programdata\DivX\Setup\DivXSetup.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360] "ImagePath"="\"c:\program files (x86)\Norton Security Suite\Engine\20.2.0.19\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton Security Suite\Engine\20.2.0.19\diMaster.dll\" /prefetch:1" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe . ************************************************************************** . Completion time: 2012-11-21 18:44:49 - machine was rebooted ComboFix-quarantined-files.txt 2012-11-21 23:44 . Pre-Run: 110,616,735,744 bytes free Post-Run: 110,486,568,960 bytes free . - - End Of File - - 3B0E2D92896662B95ED8A181571AB608 Keyboard Error: No keyboard detected. Press any key to continue.

I received another bsod attempting to d/load screen317's Security Check. "BAD_POOL_HEADER". I am using Google Chrome because MSIE will not access the internet. It will hang for infinity and beyond and after a minute or so locks the computer where clock stops and windows is totally unresponsive. Power button only option at that point. Upon reboot it tells me that windows shut down abnormally and when I opt to check for solutions it goes bsod with the "PFN_FILE_CORRUPT". I rebooted and was able to get you the results from security check. Also, when d/loading Rogue Killer, my Norton said it was evil and destroyed it. So, I disabled Norton Results of screen317's Security Check version 0.99.54 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Norton Security Suite WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.65.1.1000 Java 7 Update 9 Google Chrome 23.0.1271.64 ````````Process Check: objlist.exe by Laurent```````` Norton ccSvcHst.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 4% ````````````````````End of Log`````````````````````` # AdwCleaner v2.008 - Logfile created 11/20/2012 at 07:14:09 # Updated 17/11/2012 by Xplode # Operating system : Windows 7 Professional Service Pack 1 (64 bits) # User : AJAH - SCOTT-PC # Boot Mode : Normal # Running from : C:\Users\AJAH\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\crawlersrch.xml Folder Deleted : C:\Program Files (x86)\Smartdl Folder Deleted : C:\Users\AJAH\AppData\LocalLow\Toolbar4 ***** [Registry] ***** Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403} Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}] ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Registry is clean. -\\ Google Chrome v [unable to get version] File : C:\Users\AJAH\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [6321 octets] - [20/11/2012 07:12:24] AdwCleaner[s1].txt - [6406 octets] - [20/11/2012 07:14:09] ########## EOF - C:\AdwCleaner[s1].txt - [6466 octets] ########## --- RogueKiller V8.3.1 [Nov 20 2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website: http://tigzy.geekstogo.com/roguekiller.php Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : AJAH [Admin rights] Mode : Remove -- Date : 11/20/2012 07:26:24 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 5 ¤¤¤ [RUN][sUSP PATH] HKCU\[...]\Run : EPSON NX300 Series (C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEJA.EXE /FU "C:\Windows\TEMP\E_S8012.tmp" /EF "HKCU") -> DELETED [TASK][sUSP PATH] IHSelfDeleteTASK : CMD /C DEL C:\Users\Scott\AppData\Local\Temp\IHUD807.tmp.exe -> DELETED [TASK][sUSP PATH] IHUninstallTrackingTASK : CMD /C DEL C:\Users\Scott\AppData\Local\Temp\IHUD6BE.tmp.exe -> DELETED [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0) [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST316081 5AS SCSI Disk Device +++++ --- User --- [MBR] 276795c5554dc4bea6bb85bd901f0237 [bSP] 70afcb2feddebe906e598e01c7120b2d : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10240 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 20973568 | Size: 100 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 21178368 | Size: 142284 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[2]_D_11202012_02d0726.txt >> RKreport[1]_S_11202012_02d0724.txt ; RKreport[2]_D_11202012_02d0726.txt

Greetings! I want to start by thanking you for being there for me. I wish I had your knowledge! Please find the attached logs you've requested. Basically, I have a problem with searchbrowsing.com and some coupon thingy URL coming up in my msie in safe mode (with networking). In normal mode I cannot access websites. I have tried resetting TCP and Advanced Browser rest with no joy. I have tried mbam and eset online but they cant seem to find the issue and resolve it. After attempting to access the web using msie 9 It hangs, then locks up and manually powering down is the only corse left. Then I get PFN_FILE_CORRUPT BSOD. Then after reboot I get Windows has recovered from an error, but when I click on check for solutions I get another BSOD andreboot again. Also, It just recently started making a sound I never heard before, so I looked in sounds control panel and found it to be device failed to connect alert sound. When I follow the path to the memory dump files I am told the file does not exist. I am at wits end and hope you can get this infarktion resolved Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Database version: v2012.11.19.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 AJAH :: SCOTT-PC [administrator] 11/20/2012 10:04:36 AM mbam-log-2012-11-20 (10-04-36).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 235646 Time elapsed: 2 minute(s), 35 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.9.2 Run by AJAH at 10:23:34 on 2012-11-20 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.2942.1750 [GMT -5:00] . AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\LSI SoftModem\agr64svc.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ccSvcHst.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ccSvcHst.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\WUDFHost.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Reader_sl.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uSearch Bar = Preserve mStart Page = hxxp://search.coupons.com/ uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s mWinlogon: Userinit = userinit.exe, BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\coieplg.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ips\ipsbho.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: {ACC01A56-70E3-472E-9C4F-83B1DA817DD8} - <orphaned> BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\coieplg.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\coieplg.dll uRun: [EPSON NX300 Series] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATIEJA.EXE /FU "C:\Windows\TEMP\E_S8012.tmp" /EF "HKCU" mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1352871757167 DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com//activex/ractrl.cab?lmi=928 TCP: NameServer = 192.168.1.254 TCP: Interfaces\{EC810410-1BE5-4E91-92C0-4634162C5C5F} : DHCPNameServer = 192.168.1.254 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe" x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll . INFO: x64-HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ============= SERVICES / DRIVERS =============== . R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1402000.013\symds64.sys [2012-11-14 493216] R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1402000.013\symefa64.sys [2012-11-14 1133216] R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20121106.001\BHDrvx64.sys [2012-10-23 1384608] R1 ccSet_N360;Norton Security Suite Settings Manager;C:\Windows\System32\drivers\N360x64\1402000.013\ccsetx64.sys [2012-11-14 168096] R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20121119.001\IDSviA64.sys [2012-11-20 513184] R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1402000.013\ironx64.sys [2012-11-14 224416] R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1402000.013\symnets.sys [2012-11-14 432800] R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-12-7 375728] R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2011-9-16 15928] R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2012-1-31 72216] R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ccsvchst.exe [2012-11-14 143928] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-11-18 138912] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-29 19456] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-29 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-10-29 30208] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-1-30 1255736] . =============== Created Last 30 ================ . 2012-11-20 15:02:48 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-11-20 12:57:58 184133384 ----a-w- C:\306.97-desktop-win8-win7-winvista-64bit-english-whql.exe 2012-11-20 12:52:12 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2012-11-18 13:36:26 -------- d-----w- C:\Users\AJAH\AppData\Local\{C89C34F6-659C-488B-B3F9-31E70EE7A4F5} 2012-11-18 13:33:30 -------- d-----w- C:\Users\AJAH\AppData\Local\{36DD98A7-A498-4D97-AD4C-DD1C989B7C11} 2012-11-17 15:20:27 -------- d-----w- C:\Users\AJAH\AppData\Local\{322C0762-2C7F-4A5E-8CEE-DBFAC94CE3ED} 2012-11-17 15:11:03 -------- d-----w- C:\Users\AJAH\AppData\Local\{4A68AD69-49F2-4654-8788-F37322426565} 2012-11-16 18:20:48 -------- d-----w- C:\Users\AJAH\AppData\Local\{9FB765A7-51E7-4DFB-832D-B08B2FECC0CE} 2012-11-16 18:18:03 -------- d-----w- C:\Users\AJAH\AppData\Local\{DA7FC998-5E06-414C-80B1-50E469A5CE77} 2012-11-14 14:50:30 -------- d-----w- C:\Users\AJAH\AppData\Local\{7D76D554-9FB3-4B2C-B110-4013C0C53AAE} 2012-11-14 14:27:24 43680 ----a-r- C:\Windows\System32\drivers\SymIMV.sys 2012-11-14 08:29:47 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared 2012-11-14 08:11:04 776864 ----a-w- C:\Windows\System32\drivers\N360x64\1402000.013\srtsp64.sys 2012-11-14 08:11:04 493216 ----a-w- C:\Windows\System32\drivers\N360x64\1402000.013\symds64.sys 2012-11-14 08:11:04 432800 ----a-r- C:\Windows\System32\drivers\N360x64\1402000.013\symnets.sys 2012-11-14 08:11:04 37496 ----a-r- C:\Windows\System32\drivers\N360x64\1402000.013\srtspx64.sys 2012-11-14 08:11:04 23448 ----a-r- C:\Windows\System32\drivers\N360x64\1402000.013\symelam.sys 2012-11-14 08:11:04 224416 ----a-r- C:\Windows\System32\drivers\N360x64\1402000.013\ironx64.sys 2012-11-14 08:11:04 168096 ----a-w- C:\Windows\System32\drivers\N360x64\1402000.013\ccsetx64.sys 2012-11-14 08:11:04 1133216 ----a-w- C:\Windows\System32\drivers\N360x64\1402000.013\symefa64.sys 2012-11-14 08:10:49 -------- d-----w- C:\Windows\System32\drivers\N360x64\1402000.013 2012-11-14 07:53:39 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS 2012-11-14 07:53:39 -------- d-----w- C:\Program Files\Symantec 2012-11-14 07:53:39 -------- d-----w- C:\Program Files\Common Files\Symantec Shared 2012-11-14 07:53:01 -------- d-----w- C:\Windows\System32\drivers\N360x64 2012-11-14 07:52:59 -------- d-----w- C:\Program Files (x86)\Norton Security Suite 2012-11-14 07:52:53 -------- d-----w- C:\Program Files (x86)\NortonInstaller 2012-11-14 07:46:43 -------- d-sh--w- C:\Windows\System32\%APPDATA% 2012-11-14 07:40:38 60776 ----a-w- C:\Windows\System32\OpenCL.dll 2012-11-14 07:40:38 52584 ----a-w- C:\Windows\SysWow64\OpenCL.dll 2012-11-14 07:33:11 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-11-14 07:33:11 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-11-14 05:52:53 -------- d--h--w- C:\Windows\msdownld.tmp 2012-11-14 05:52:43 -------- d-----w- C:\Windows\SysWow64\directx 2012-11-14 03:02:29 9728 ----a-w- C:\Windows\System32\Wdfres.dll 2012-11-14 03:02:29 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2012-11-14 03:02:29 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys 2012-11-14 03:02:29 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui 2012-11-14 02:54:47 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys 2012-11-14 02:53:56 3149824 ----a-w- C:\Windows\System32\win32k.sys 2012-11-14 02:49:54 -------- d-----w- C:\Users\AJAH\AppData\Local\{E127B189-C08E-41EA-A8CA-CE08042B3905} 2012-11-13 14:49:16 -------- d-----w- C:\Users\AJAH\AppData\Local\{70F1A6B8-7E3C-471F-9916-84DE04BDEC1F} 2012-11-12 14:48:39 -------- d-----w- C:\Users\AJAH\AppData\Local\{2F52CDB5-63C6-4E4A-AC04-0E321926E6B5} 2012-11-12 01:56:04 -------- d-----w- C:\Users\AJAH\AppData\Local\{9806D812-17A5-4C0E-A3A5-A9B771CE8F0E} 2012-11-11 13:55:29 -------- d-----w- C:\Users\AJAH\AppData\Local\{031D2E20-1A4E-4DD8-8BE5-0678D9DF0CA7} 2012-11-09 01:53:18 -------- d-----w- C:\Users\AJAH\AppData\Local\{7DB4CE9E-2A03-4A58-9883-792F7CDD399B} 2012-11-06 01:50:46 -------- d-----w- C:\Users\AJAH\AppData\Local\{DFA32249-4EEB-4936-8B80-2EDCE2BAD586} 2012-11-04 13:49:25 -------- d-----w- C:\Users\AJAH\AppData\Local\{6F713B32-2078-45B3-8988-D805E7B3CFCF} 2012-11-04 01:48:49 -------- d-----w- C:\Users\AJAH\AppData\Local\{EB2F70BF-421F-47AF-BF4B-BC03C001D25A} 2012-11-03 01:48:00 -------- d-----w- C:\Users\AJAH\AppData\Local\{D3E88E95-7A8B-4B25-9D42-17A9FD52460F} 2012-11-03 01:45:23 -------- d-----w- C:\Users\AJAH\AppData\Local\{4847A2A8-15ED-4ACA-9672-777F2A50DF92} 2012-11-03 01:42:26 -------- d-----w- C:\Users\AJAH\AppData\Local\{DB50D146-4596-4D80-8E03-ED25DBD9F2D0} 2012-10-30 15:03:27 -------- d-----w- C:\Users\AJAH\AppData\Local\{EBB9CDB1-E260-4C39-AA22-88793545EB0B} 2012-10-30 03:02:44 -------- d-----w- C:\Users\AJAH\AppData\Local\{D047E71B-E716-4DB5-AF81-37B3777E5EFF} 2012-10-30 01:26:07 3072 ----a-w- C:\Windows\System32\drivers\en-US\tsusbflt.sys.mui 2012-10-30 01:26:05 15360 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll 2012-10-30 01:26:05 13312 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll 2012-10-30 01:26:05 13312 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe 2012-10-30 01:26:01 57856 ----a-w- C:\Windows\System32\drivers\TsUsbFlt.sys 2012-10-30 01:26:01 30208 ----a-w- C:\Windows\System32\drivers\TsUsbGD.sys 2012-10-30 01:26:01 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys 2012-10-29 15:02:05 -------- d-----w- C:\Users\AJAH\AppData\Local\{41D0406D-C00A-4AD9-87D9-1A8745142A3D} 2012-10-29 14:43:33 -------- d-----w- C:\Users\AJAH\New folder 2012-10-26 11:32:04 -------- d-----w- C:\Program Files (x86)\FLV_Runner 2012-10-26 02:59:08 -------- d-----w- C:\Users\AJAH\AppData\Local\{0AECA65F-2A9C-4D66-94A7-9B72BE5BF662} 2012-10-22 02:55:51 -------- d-----w- C:\Users\AJAH\AppData\Local\{EC24CA1F-18FF-48A3-9A42-F1ECFC7EF6F9} . ==================== Find3M ==================== . 2012-11-20 12:52:08 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2012-11-20 12:38:20 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-11-05 14:27:22 88008 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll 2012-11-05 14:27:21 83880 ----a-w- C:\Windows\System32\LMIinit.dll 2012-11-05 14:27:21 35240 ----a-w- C:\Windows\System32\LMIport.dll 2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll 2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll 2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll 2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll 2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll 2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll 2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll 2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll 2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll 2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll 2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll 2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll 2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll 2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll 2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys 2012-09-25 22:47:43 78336 ----a-w- C:\Windows\SysWow64\synceng.dll 2012-09-25 22:46:17 95744 ----a-w- C:\Windows\System32\synceng.dll 2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll 2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2012-08-31 18:19:35 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2012-08-30 18:03:45 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-08-30 17:12:02 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-08-30 17:12:02 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-08-24 18:13:17 154480 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-08-24 18:09:34 458712 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-08-24 18:05:07 220160 ----a-w- C:\Windows\System32\wintrust.dll 2012-08-24 18:05:03 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-08-24 18:04:18 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-08-24 18:03:09 1448448 ----a-w- C:\Windows\System32\lsasrv.dll 2012-08-24 16:57:48 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-08-24 16:57:40 247808 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-08-24 16:57:40 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-08-24 16:57:37 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-08-24 16:53:35 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-08-23 14:13:11 243200 ----a-w- C:\Windows\System32\rdpudd.dll 2012-08-23 13:47:20 46592 ----a-w- C:\Windows\SysWow64\MsRdpWebAccess.dll 2012-08-23 13:46:20 16896 ----a-w- C:\Windows\SysWow64\wksprtPS.dll 2012-08-23 13:20:40 54272 ----a-w- C:\Windows\System32\MsRdpWebAccess.dll 2012-08-23 13:18:14 37376 ----a-w- C:\Windows\SysWow64\tsgqec.dll 2012-08-23 13:17:54 18432 ----a-w- C:\Windows\System32\wksprtPS.dll 2012-08-23 13:06:58 43520 ----a-w- C:\Windows\System32\TsUsbGDCoInstaller.dll 2012-08-23 12:52:53 44032 ----a-w- C:\Windows\System32\tsgqec.dll 2012-08-23 11:20:06 62976 ----a-w- C:\Windows\System32\TSWbPrxy.exe 2012-08-23 11:15:57 269312 ----a-w- C:\Windows\SysWow64\aaclient.dll 2012-08-23 11:14:09 384000 ----a-w- C:\Windows\System32\wksprt.exe 2012-08-23 11:12:17 192000 ----a-w- C:\Windows\SysWow64\rdpendp_winip.dll 2012-08-23 10:54:24 322560 ----a-w- C:\Windows\System32\aaclient.dll 2012-08-23 10:51:14 228864 ----a-w- C:\Windows\System32\rdpendp_winip.dll 2012-08-23 10:39:24 1048064 ----a-w- C:\Windows\SysWow64\mstsc.exe 2012-08-23 10:22:22 1123840 ----a-w- C:\Windows\System32\mstsc.exe 2012-08-23 09:51:57 3174912 ----a-w- C:\Windows\System32\rdpcorets.dll 2012-08-23 08:19:01 4916224 ----a-w- C:\Windows\SysWow64\mstscax.dll 2012-08-23 08:13:07 5773824 ----a-w- C:\Windows\System32\mstscax.dll 2012-08-22 18:12:40 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys 2012-08-22 18:12:40 376688 ----a-w- C:\Windows\System32\drivers\netio.sys 2012-08-22 18:12:33 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS . ============= FINISH: 10:24:27.21 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume2 Install Date: 1/30/2012 1:57:50 AM System Uptime: 11/20/2012 10:22:36 AM (0 hours ago) . Motherboard: eMachines | | MCP61PM-GM Processor: AMD Athlon Processor LE-1640 | Socket AM2 | 2700/201mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 139 GiB total, 98.162 GiB free. D: is CDROM () E: is Removable F: is Removable G: is Removable H: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . Adobe Flash Player 11 ActiveX Adobe Reader XI Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition DivX Setup EPSON NX300 Series Printer Uninstall EPSON Scan Google Chrome Google Earth Google Update Helper GoToMeeting 5.1.0.880 Java 7 Update 9 Java Auto Updater LogMeIn LSI PCI-SV92PP Soft Modem Malwarebytes Anti-Malware version 1.65.1.1000 Microsoft .NET Framework 4 Client Profile Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Norton Security Suite NVIDIA Drivers Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2553488) 32-Bit Edition swMSM Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition VC80CRTRedist - 8.0.50727.6195 Watchtower Library 2011 - English . ==== Event Viewer Messages From Past Week ======== . 11/20/2012 9:57:26 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x0000000000031065, 0x0000000000000002, 0x0000000000000001). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 112012-31325-01. 11/20/2012 9:47:10 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 11/20/2012 9:47:09 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 11/20/2012 9:47:05 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 11/20/2012 9:46:59 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 11/20/2012 9:46:54 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 ccSet_N360 discache eeCtrl IDSVia64 spldr SRTSPX SymIRON SymNetS Wanarpv6 11/20/2012 9:46:43 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x00000000000a5278, 0x0000000000000000, 0x0000000000000001). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 112012-19000-02. 11/20/2012 9:44:11 AM, Error: Service Control Manager [7024] - The Background Intelligent Transfer Service service terminated with service-specific error %%-2147023544. 11/20/2012 9:44:11 AM, Error: Microsoft-Windows-Bits-Client [16392] - The BITS service failed to start. Error 0x80070548. 11/20/2012 9:40:07 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 11/20/2012 9:40:06 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 11/20/2012 9:40:06 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 11/20/2012 9:39:52 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx64 ccSet_N360 CSC DfsC discache eeCtrl IDSVia64 NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSPX SymIM SymIRON SymNetS tdx Wanarpv6 WfpLwf 11/20/2012 9:39:51 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 11/20/2012 9:39:51 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 11/20/2012 9:39:51 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 11/20/2012 9:39:51 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 11/20/2012 9:39:51 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 11/20/2012 9:39:51 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 11/20/2012 9:39:51 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 11/20/2012 9:39:51 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 11/20/2012 9:39:51 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 11/20/2012 9:39:51 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 11/20/2012 8:39:58 AM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 11/20/2012 8:39:58 AM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 11/20/2012 8:39:58 AM, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 11/20/2012 8:31:56 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running. 11/20/2012 8:31:56 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the IKE and AuthIP IPsec Keying Modules service, but this action failed with the following error: An instance of the service is already running. 11/20/2012 8:31:02 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Update service, but this action failed with the following error: An instance of the service is already running. 11/20/2012 8:29:56 AM, Error: Service Control Manager [7031] - The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 11/20/2012 8:29:56 AM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 11/20/2012 8:29:56 AM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 11/20/2012 8:29:56 AM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 11/20/2012 8:29:56 AM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 11/20/2012 8:29:56 AM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 11/20/2012 8:29:56 AM, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 11/20/2012 8:29:56 AM, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 11/20/2012 8:29:56 AM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 11/20/2012 7:35:04 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000003b (0x00000000c0000005, 0xfffff80001eb04f0, 0xfffff88003978890, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 112012-19000-01. 11/20/2012 7:20:45 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000003b (0x00000000c0000005, 0xfffff80002b64ec5, 0xfffff88002e61c80, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 112012-18033-01. 11/20/2012 7:18:51 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x000000000009cf08, 0x0000000000000002, 0x00000000000b1807). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 112012-23088-01. 11/20/2012 7:12:18 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000003b (0x00000000c0000005, 0xfffff96000124b02, 0xfffff880032b70c0, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 112012-23836-01. 11/20/2012 6:46:08 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 112012-23368-01. 11/18/2012 9:18:52 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002a85129, 0x0000000000000000, 0xffffffffffffffff). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-20826-01. 11/18/2012 9:16:07 PM, Error: Service Control Manager [7031] - The Norton Security Suite service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 11/18/2012 8:36:43 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect. 11/18/2012 8:36:43 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 11/18/2012 8:36:43 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 11/18/2012 8:35:46 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x0000000000000001, 0x0000000000000002, 0xffffffffffffffff). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-31917-01. 11/18/2012 8:17:31 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002bb39bc, 0x0000000000000000, 0xffffffffffffffff). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-19921-01. 11/18/2012 8:14:32 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007e (0xffffffffc0000094, 0xfffff80002d7385a, 0xfffff8800313fa18, 0xfffff8800313f270). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-17690-01. 11/18/2012 8:07:36 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x0000000000098b0a, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-25240-01. 11/18/2012 8:05:18 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x000000000008f0b3, 0x0000000000000005, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-22308-01. 11/18/2012 8:02:09 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001a (0x0000000000005003, 0xfffff781c0000000, 0x0000000000008c78, 0x00008c7a000118e0). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-20810-01. 11/18/2012 7:26:29 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service NVSvc with arguments "" in order to run the server: {DCAB0989-1301-4319-BE5F-ADE89F88581C} 11/18/2012 7:19:02 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x0000000000000010, 0x0000000000000002, 0x0000000000000001, 0xfffff80002ab64f0). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-21730-01. 11/18/2012 7:16:41 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002aba4f0, 0x0000000000000000, 0xffffffffffffffff). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-17503-01. 11/18/2012 6:44:15 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-18922-01. 11/18/2012 3:10:21 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-36566-01. 11/18/2012 3:08:13 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x00000000000004c0, 0x0000000000000000, 0x00000000000004c8). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-36067-01. 11/18/2012 3:02:06 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001a (0x0000000000041284, 0xfffff8a00443e001, 0x0000000000008f61, 0xfffff781c0000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-28704-01. 11/18/2012 3:00:23 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x000000000009bbf8, 0x0000000000000000, 0x0000000000000001). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-33072-01. 11/18/2012 2:56:48 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x000000000009e896, 0x0000000000000000, 0x0000000000000001). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-32931-01. 11/18/2012 2:54:31 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x00000000000255df, 0x0000000000000002, 0x0000000000024f6b). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-30513-01. 11/18/2012 2:39:07 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x000000000000328c, 0x0000000000000000, 0x0000000000000001). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-27471-01. 11/18/2012 2:37:03 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x00000000000a7018, 0x0000000000000000, 0x0000000000000001). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-27097-01. 11/18/2012 2:25:43 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002ac3129, 0x0000000000000000, 0xffffffffffffffff). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-22058-01. 11/18/2012 2:23:25 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000fc (0xfffff8a000024010, 0x82400000620ea963, 0xfffff880030d7570, 0x0000000000000002). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-21512-01. 11/18/2012 2:12:26 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001a (0x0000000000041284, 0xfffff8a00d362001, 0x000000000000bf18, 0xfffff781c0000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-22573-01. 11/18/2012 12:06:51 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x000000000008e63c, 0x0000000000000000, 0x0000000000000001). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-25802-01. 11/18/2012 1:28:36 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x000000000000009a, 0x00000000000ab01c, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-30420-01. 11/18/2012 1:26:16 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x00000000000a3dff, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-20748-01. 11/18/2012 1:24:25 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x0000000000020000, 0x0000000000000000, 0x0000000000020008). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-21106-01. 11/18/2012 1:07:40 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 11/18/2012 1:07:40 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535. 11/18/2012 1:07:21 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x0000000000026e11, 0x0000000000000002, 0x0000000000024988). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-19858-01. 11/18/2012 1:05:03 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x000000000001ad1b, 0x0000000000000002, 0x0000000000015bd2). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-20919-01. 11/18/2012 1:02:45 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001a (0x0000000000041284, 0xfffff8a0058ee001, 0x0000000000008551, 0xfffff781c0000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-19812-01. 11/18/2012 1:00:38 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000019 (0x0000000000000003, 0xfffff8a00d37daa0, 0xfffff8a00d345280, 0xfffff8a00d37daa0). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-21621-01. 11/17/2012 8:51:03 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x0000000000093d54, 0x0000000000000000, 0x0000000000000001). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111712-22729-01. 11/17/2012 8:02:28 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x000000000001d400, 0x0000000000000000, 0x000000000001d3f8). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111712-30420-01. 11/17/2012 7:58:09 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x0000000000022847, 0x0000000000000000, 0x00000000000228c7). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111712-19905-01. 11/17/2012 7:55:49 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001a (0x0000000000041201, 0xfffff6800000b268, 0xff494747ff594747, 0xfffffa8006021850). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111712-28158-01. 11/17/2012 7:49:26 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001a (0x0000000000041284, 0xfffff8a009b7d001, 0x000000000000a2b7, 0xfffff781c0000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111712-27861-01. 11/17/2012 7:45:03 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x00000000000aaeb2, 0x0000000000000000, 0x000000000000009e). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111712-18860-01. 11/17/2012 7:43:02 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x000000000002bc85, 0x0000000000000000, 0x000000000002bc8d). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111712-29140-01. 11/17/2012 7:40:28 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001a (0x0000000000041284, 0x0000000017632001, 0x0000000000011b50, 0xfffff70001080000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111712-34335-01. 11/17/2012 10:19:31 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x0000000000093bbd, 0x0000000000000002, 0x0000000000000001). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111712-27346-01. 11/17/2012 10:10:03 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x0000000000039d09, 0x0000000000000002, 0x0000000000039d07). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111712-26644-01. 11/16/2012 1:19:32 PM, Error: volmgr [46] - Crash dump initialization failed! 11/16/2012 1:13:37 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x000000000009d6ac, 0x0000000000000000, 0x0000000000000001). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111612-17128-01. 11/16/2012 1:11:06 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002a8d129, 0x0000000000000000, 0xffffffffffffffff). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111612-26832-01. 11/16/2012 1:08:41 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x000000000009bff6, 0x0000000000000002, 0x0000000000000001). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111612-27814-01. 11/16/2012 1:06:03 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x0000000000000010, 0x0000000000000002, 0x0000000000000001, 0xfffff80002ab44f0). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111612-28860-01. 11/16/2012 1:03:35 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000c2 (0x0000000000000007, 0x000000000000109b, 0x0000000000150006, 0xfffffa80053e0210). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111612-30794-01. 11/14/2012 12:27:10 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} 11/14/2012 12:27:05 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache spldr Wanarpv6 11/14/2012 12:27:05 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service LMIGuardianSvc with arguments "" in order to run the server: {D4258A22-CF85-489D-83AE-49FCD0DFAD29} 11/13/2012 8:28:04 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x000000000009810e, 0x0000000000000002, 0x0000000000000001). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111312-21964-01. 11/13/2012 8:25:38 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000fc (0xfffff8a000024010, 0x8240000061f06963, 0xfffff88003653570, 0x0000000000000002). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111312-23306-01. 11/13/2012 8:23:20 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004e (0x0000000000000099, 0x000000000001a4f0, 0x0000000000000000, 0x000000000001a4f8). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111312-22448-01. 11/13/2012 8:18:15 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002c139bc, 0x0000000000000000, 0xffffffffffffffff). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111312-18392-01. 11/13/2012 8:18:12 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx64 ccSet_N360 CSC DfsC discache eeCtrl IDSVia64 NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSPX SymIRON SymNetS tdx Wanarpv6 WfpLwf 11/13/2012 8:16:19 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001a (0x0000000000041284, 0xfffff8a003e0b001, 0x0000000000008955, 0xfffff781c0000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111312-28797-01. 11/13/2012 7:35:03 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111312-26395-01. . ==== End Of File ===========================