BSOD during MBAM full scan

[Ms_E]

DDS (Ver_2012-10-14.05) - NTFS_AMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2

Run by RAC at 13:16:17 on 2012-10-14

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1787.916 [GMT -5:00]

.

AV: Norton Internet Security *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}

FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

.

============== Running Processes ===============

.

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\windows\system32\atiesrxx.exe

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\atieclxx.exe

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\windows\system32\taskhost.exe

C:\windows\SysWOW64\svchost.exe -k Akamai

C:\Program Files\DebugDiag\DbgSvc.exe

C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\TODDSrv.exe

C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

C:\windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe

C:\windows\system32\dllhost.exe

c:\Program Files\Microsoft Security Client\NisSrv.exe

C:\windows\System32\msdtc.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe

C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Users\RAC\AppData\Local\Akamai\netsession_win.exe

C:\Users\RAC\AppData\Local\Akamai\netsession_win.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

C:\windows\system32\svchost.exe -k SDRSVC

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exe

C:\windows\system32\SearchProtocolHost.exe

C:\windows\system32\SearchFilterHost.exe

C:\windows\system32\conhost.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

uProxyOverride = 127.0.0.1:9421;<local>

mWinlogon: Userinit = userinit.exe,

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>

BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [ctfmon.exe] C:\windows\System32\ctfmon.exe

uRun: [Akamai NetSession Interface] "C:\Users\RAC\AppData\Local\Akamai\netsession_win.exe"

uRun: [speech Recognition] "C:\windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60

mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED

mRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

mRun: [b2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe

mRun: [AT&T Communication Manager] "C:\Program Files (x86)\AT&T\Communication Manager\ATTCM.exe" -a

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

StartupFolder: C:\Users\RAC\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

uPolicies-Explorer: HideSCAHealth = dword:1

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

TCP: NameServer = 192.168.2.1

TCP: Interfaces\{04F984FB-0A00-407E-9DDC-0DC4C93E85A6} : DHCPNameServer = 192.168.2.1

TCP: Interfaces\{04F984FB-0A00-407E-9DDC-0DC4C93E85A6}\D43727964716D27657563747 : DHCPNameServer = 97.64.183.164 97.64.209.37

SSODL: WebCheck - <orphaned>

x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE

x64-Run: [smoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe

x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe

x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe

x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe

x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe

x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe

x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\disynu2c.default\

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll

FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll

FF - plugin: C:\windows\SysWOW64\npdeployJava1.dll

FF - plugin: C:\windows\SysWOW64\npmproxy.dll

.

---- FIREFOX POLICIES ----

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2012-8-30 228768]

R1 acedrv09;acedrv09;C:\windows\System32\drivers\acedrv09.sys [2012-9-25 134880]

R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\System32\drivers\vwififlt.sys [2009-7-13 59904]

R2 Akamai;Akamai NetSession Interface;C:\windows\System32\svchost.exe -k Akamai [2009-7-13 27136]

R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2011-4-13 202752]

R2 DbgSvc;Debug Diagnostic Service;C:\Program Files\DebugDiag\DbgSvc.exe [2011-7-12 451848]

R2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2010-10-24 128456]

R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe [2012-10-12 131512]

R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe [2011-4-13 126392]

R3 amdkmdag;amdkmdag;C:\windows\System32\drivers\atipmdag.sys [2011-4-13 6403072]

R3 amdkmdap;amdkmdap;C:\windows\System32\drivers\atikmpag.sys [2011-4-13 188928]

R3 FwLnk;FwLnk Driver;C:\windows\System32\drivers\FwLnk.sys [2011-4-13 9216]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2010-3-4 75816]

R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]

R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-4-13 51512]

R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-14 135664]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-25 250808]

S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-14 135664]

S3 mbamchameleon;mbamchameleon;C:\windows\System32\drivers\mbamchameleon.sys [2012-10-12 36680]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-13 113120]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2011-4-13 232992]

S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2011-7-7 59392]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-4-20 1255736]

.

=============== Created Last 30 ================

.

2012-10-13 17:42:56 -------- d-----w- C:\symcache

2012-10-13 17:33:05 -------- d-----w- C:\Program Files\DebugDiag

2012-10-13 15:58:07 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B3D67B86-327A-4158-A01D-30E180D4B6B8}\offreg.dll

2012-10-13 15:30:48 9308616 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B3D67B86-327A-4158-A01D-30E180D4B6B8}\mpengine.dll

2012-10-13 04:54:27 -------- d-----w- C:\Users\RAC\AppData\Local\Chromium

2012-10-13 03:16:23 -------- d-----w- C:\Program Files (x86)\PC Checkup

2012-10-12 18:38:03 -------- d-----w- C:\Users\RAC\AppData\Roaming\Malwarebytes

2012-10-12 18:37:48 -------- d-----w- C:\ProgramData\Malwarebytes

2012-10-12 18:37:45 25928 ----a-w- C:\windows\System32\drivers\mbam.sys

2012-10-12 18:37:44 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-10-12 18:37:29 36680 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys

2012-10-12 13:15:55 9308616 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-10-08 20:56:11 10220472 ----a-w- C:\windows\SysWow64\FlashPlayerInstaller.exe

2012-10-05 16:20:38 972192 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{85E46D21-9B6E-46B2-A3B7-E91058F1F2DD}\gapaengine.dll

2012-09-25 23:48:49 134880 ----a-w- C:\windows\System32\drivers\acedrv09.sys

2012-09-25 23:48:48 89312 ----a-w- C:\windows\SysWow64\acedrv09.dll

2012-09-25 23:11:59 -------- d-----w- C:\Users\RAC\AppData\Roaming\McGraw-HillLicensing

2012-09-24 13:59:07 95208 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll

.

==================== Find3M ====================

.

2012-10-08 20:56:34 73656 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-10-08 20:56:34 696760 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe

2012-09-24 13:58:53 821736 ----a-w- C:\windows\SysWow64\npdeployJava1.dll

2012-09-24 13:58:52 746984 ----a-w- C:\windows\SysWow64\deployJava1.dll

2012-09-14 19:19:29 2048 ----a-w- C:\windows\System32\tzres.dll

2012-09-14 18:28:53 2048 ----a-w- C:\windows\SysWow64\tzres.dll

2012-08-31 03:03:48 228768 ----a-w- C:\windows\System32\drivers\MpFilter.sys

2012-08-31 03:03:48 128456 ----a-w- C:\windows\System32\drivers\NisDrvWFP.sys

2012-08-30 18:03:45 5559664 ----a-w- C:\windows\System32\ntoskrnl.exe

2012-08-30 17:12:02 3968880 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe

2012-08-30 17:12:02 3914096 ----a-w- C:\windows\SysWow64\ntoskrnl.exe

2012-08-24 18:05:07 220160 ----a-w- C:\windows\System32\wintrust.dll

2012-08-24 16:57:48 172544 ----a-w- C:\windows\SysWow64\wintrust.dll

2012-08-24 10:31:32 2312704 ----a-w- C:\windows\System32\jscript9.dll

2012-08-24 10:21:18 1392128 ----a-w- C:\windows\System32\wininet.dll

2012-08-24 10:20:11 1494528 ----a-w- C:\windows\System32\inetcpl.cpl

2012-08-24 10:14:45 173056 ----a-w- C:\windows\System32\ieUnatt.exe

2012-08-24 10:13:29 599040 ----a-w- C:\windows\System32\vbscript.dll

2012-08-24 10:09:42 2382848 ----a-w- C:\windows\System32\mshtml.tlb

2012-08-24 06:59:17 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll

2012-08-24 06:51:27 1129472 ----a-w- C:\windows\SysWow64\wininet.dll

2012-08-24 06:51:02 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl

2012-08-24 06:47:26 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe

2012-08-24 06:47:12 420864 ----a-w- C:\windows\SysWow64\vbscript.dll

2012-08-24 06:43:58 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb

2012-08-22 18:12:50 1913200 ----a-w- C:\windows\System32\drivers\tcpip.sys

2012-08-22 18:12:40 376688 ----a-w- C:\windows\System32\drivers\netio.sys

2012-08-22 18:12:33 288624 ----a-w- C:\windows\System32\drivers\FWPKCLNT.SYS

2012-08-11 00:56:03 715776 ----a-w- C:\windows\System32\kerberos.dll

2012-08-10 23:56:14 542208 ----a-w- C:\windows\SysWow64\kerberos.dll

2012-07-18 18:15:06 3148800 ----a-w- C:\windows\System32\win32k.sys

.

============= FINISH: 13:16:57.55 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-10-14.05)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 4/13/2011 5:04:25 PM

System Uptime: 10/14/2012 3:35:28 AM (10 hours ago)

.

Motherboard: TOSHIBA | | Portable PC

Processor: AMD V120 Processor | Socket S1G4 | 2200/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 288 GiB total, 233.777 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP247: 10/5/2012 11:14:46 AM - Windows Update

RP248: 10/8/2012 3:50:57 PM - Windows Update

RP249: 10/10/2012 12:27:32 PM - Windows Update

RP250: 10/13/2012 10:17:36 AM - Windows Update

RP251: 10/13/2012 12:30:32 PM - Installed Debug Diagnostics 1.2

RP252: 10/14/2012 3:00:15 AM - Windows Update

.

==== Installed Programs ======================

.

µTorrent

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader 9.5.1

Akamai NetSession Interface

Akamai NetSession Interface Service

Amazon Links

Amazon MP3 Downloader 1.0.12

AT&T Communication Manager

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

Atheros Driver Installation Program

ATI Catalyst Install Manager

Audacity 1.2.6

Audacity 1.3.14 (Unicode)

Avi to Dvd Free Converter v5.7.0.191

Bejeweled 2 Deluxe

BlackBerry Desktop Software 6.1

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Common

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Chuzzle Deluxe

Cognitive Tutor

Compatibility Pack for the 2007 Office system

Conexant HD Audio

Coupon Printer for Windows

Debug Diagnostics 1.2

Dell Driver Download Manager

Escape Rosecliff Island

FATE - The Traitor Soul

FreeStar Free AMR MP3 Converter 1.0.7

Google Toolbar for Internet Explorer

Google Update Helper

InstallIQ Updater

Java 7 Update 7

Java Auto Updater

Jewel Quest 3

Junk Mail filter update

K-Lite Mega Codec Pack 7.1.0

Label@Once 1.0

Malwarebytes Anti-Malware version 1.65.0.1400

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Suite Activation Assistant

Microsoft Office Word MUI (English) 2007

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Works

Mozilla Firefox 14.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

NirSoft BlueScreenView

Norton PC Checkup

OpenOffice.org 3.3

Penguins!

PhotoScape

PlayReady PC Runtime amd64

Polar Bowler

Quickbooks Financial Center

Realtek USB 2.0 Card Reader

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition

Skype Launcher

Synaptics Pointing Device Driver

TOSHIBA Application Installer

TOSHIBA Assist

TOSHIBA Bulletin Board

TOSHIBA Disc Creator

TOSHIBA Hardware Setup

TOSHIBA HDD/SSD Alert

Toshiba Laptop Checkup

TOSHIBA Media Controller

TOSHIBA Media Controller Plug-in

Toshiba Online Backup

TOSHIBA Quality Application

TOSHIBA Recovery Media Creator

TOSHIBA ReelTime

TOSHIBA Service Station

TOSHIBA Supervisor Password

TOSHIBA Value Added Package

ToshibaRegistration

Update for 2007 Microsoft Office System (KB967642)

Update Installer for WildTangent Games App

Virtual Families

Virtual Villagers - The Secret City

WildTangent Games

WildTangent Games App (Toshiba Games)

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Mail

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Gallery

Windows Live Sign-in Assistant

Windows Live Sync

Windows Live Upload Tool

Windows Live Writer

Xvid MPEG-4 Video Codec

Zuma's Revenge

.

==== Event Viewer Messages From Past Week ========

.

10/14/2012 3:36:00 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a00a1c5000, 0x0000000000000000, 0xfffff880019b2c02, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 101412-25396-01.

10/14/2012 2:04:37 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a0102b7000, 0x0000000000000000, 0xfffff88001844c02, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 101412-16255-01.

10/14/2012 1:13:20 PM, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535

10/14/2012 1:13:20 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535

10/14/2012 1:13:20 PM, Error: Microsoft-Windows-PNRPSvc [102] - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

10/13/2012 12:52:39 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a00d728000, 0x0000000000000000, 0xfffff88003a42c02, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 101312-27892-01.

10/13/2012 12:16:12 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a009d4c000, 0x0000000000000000, 0xfffff88001982c02, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 101312-24788-01.

10/12/2012 8:58:34 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a00c84f000, 0x0000000000000000, 0xfffff880011d0c02, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 101212-15475-01.

10/12/2012 8:16:22 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a0018f8000, 0x0000000000000000, 0xfffff880011c8c02, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 101212-15849-01.

10/12/2012 7:48:10 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a0103af000, 0x0000000000000000, 0xfffff88001076c02, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 101212-18267-01.

10/12/2012 7:44:36 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

10/12/2012 7:31:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

10/12/2012 7:31:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

10/12/2012 7:31:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

10/12/2012 7:31:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

10/12/2012 7:31:17 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

10/12/2012 7:31:09 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

10/12/2012 7:30:55 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a00eece000, 0x0000000000000000, 0xfffff88001861c02, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 101212-21528-01.

10/12/2012 7:30:53 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: acedrv09 AFD DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf

10/12/2012 7:30:52 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

10/12/2012 7:30:52 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

10/12/2012 7:30:52 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

10/12/2012 7:30:52 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

10/12/2012 7:30:52 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

10/12/2012 7:30:52 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

10/12/2012 7:30:52 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

10/12/2012 7:30:52 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

10/12/2012 7:30:52 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

10/12/2012 7:30:52 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

10/12/2012 6:54:23 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a00d94f000, 0x0000000000000000, 0xfffff8800189fc02, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 101212-19406-01.

10/12/2012 6:27:53 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a00d591000, 0x0000000000000000, 0xfffff88001811c02, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 101212-30342-01.

10/12/2012 4:48:49 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a00eb5c000, 0x0000000000000000, 0xfffff880010c0c02, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 101212-15724-01.

10/12/2012 4:05:34 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a00b526000, 0x0000000000000000, 0xfffff880019b8c02, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 101212-16395-01.

10/11/2012 6:24:29 AM, Error: Service Control Manager [7043] - The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.

10/11/2012 6:05:30 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCCUJobMgr service.

10/11/2012 2:19:47 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: After starting, the service hung in a start-pending state.

10/11/2012 2:19:44 PM, Error: Service Control Manager [7022] - The Peer Name Resolution Protocol service hung on starting.

.

==== End Of File ===========================

[screen317]

Hi and welcome to Malwarebytes.

Does the BSoD occur during the scanning of a particular file? How about during a Quick Scan? What about a Full Scan in Safe Mode?

[Ms_E]

Hello MBAM Sentinel,

I'm unsure of the particular file that sets it off--as it happens so quickly and re-boots. The Quick Scan works without giving the BSOD, and I've also been able to do a Full Scan in Safe Mode.

[screen317]

Great, thank you. That'll help narrow down where the problem is.

Let's see what the blue screen said exactly:

'Download BlueScreenView and save it to your Desktop.

• Double click on BlueScreenView.exe file to run the program.
• When it finishes scanning, click Edit --> Select All.
• Click File --> Save Selected Items
• Save the report as BSOD.txt to your Desktop.
• Post the contents of BSOD.txtin your next reply.

Generally, if a Full Scan works in Safe Mode but not Normal Mode, then a program running at startup is generally to blame. Often, this is security software. Have you ever set exclusions between Norton and MBAM before?

[screen317]

Are you still with us? This topic will be closed in a few days if we do not hear back from you.

[screen317]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!