05/28 10:56:17 [1964:3468] Enterprise version, Build 49!!! 05/28 10:56:17 [1964:3468] 2 -stop 05/28 10:56:17 [1964:3468] User tried to stop smc service. 05/28 10:56:17 [1964:3468] Smc is stopping service 05/28 10:56:17 [1572:1576] Service : Start Stopping Service 05/28 10:56:17 [1572:1576] Waiting for the service to stop 05/28 10:56:17 [1572:1600] Service is shutting down 05/28 10:56:17 [1572:1600] AVMan: Entering ReceiveMessage with msg id 458754 05/28 10:56:17 [1572:1600] AVMan: Disabled event forwarding. 05/28 10:56:17 [1572:1600] AVMan: Leaving ReceiveMessage 05/28 10:56:17 [1572:1600] LUMan: Entering ReceiveMessage with message id 458754 05/28 10:56:17 [1572:1600] LUMan: CMC notified LuMan that it is stopping 05/28 10:56:17 [1572:568] SMCGui - 3908: SMC Closing all popups 05/28 10:56:17 [1572:568] SMCGui - 3908: Log viewerCloseAllPopupWindows 05/28 10:56:17 [1572:568] SMCGui - 3908: Kill Timer: 1024 05/28 10:56:17 [1572:568] !!!! ERROR !!!! The invalid parameter handler was called! 05/28 10:56:17 [1572:568] File : (unavailable) 05/28 10:56:17 [1572:568] Function : (unavailable) 05/28 10:56:17 [1572:568] Expression : (unavailable) 05/28 10:56:17 [1572:568] Line : 0 05/28 10:56:17 [1572:568] !!!! ERROR !!!! (end) 05/28 10:56:18 [1572:1600] Saving SMC State 05/28 10:56:18 [1572:1600] chmod on file c:\Program Files\Symantec\Symantec Endpoint Protection\SerState.dat to read/write. 05/28 10:56:18 [1572:1600] AVMan: Entering Enable -- enable=false 05/28 10:56:18 [1572:1600] AVMan: Disabled event forwarding. 05/28 10:56:18 [1572:1600] GUProxy: Enable called. 05/28 10:56:18 [1572:1600] GUProxy: Enable 05/28 10:56:18 [1572:608] Ending Auto location ThreadID = 608 05/28 10:56:18 [1572:1600] LUMan: Terminating plugin 05/28 10:56:18 [1572:1600] LUMan: StopWorkerThread waiting for worker thread to complete 05/28 10:56:18 [1572:1600] GUProxy: Terminate called. 05/28 10:56:18 [1572:1600] GUProxy: Terminate 05/28 10:56:18 [1572:1600] AVMan: Entering Terminate 05/28 10:56:18 [1572:1600] AVMan: Leaving Terminate 05/28 10:56:18 [1572:1600] Stopping SyLink... 05/28 10:56:18 [1572:1600] Stop begin.----> 05/28 10:56:18 [1572:1600] Stopping LU download Thread. 05/28 10:56:18 [1572:2920] stopping 05/28 10:56:18 [1572:1600] LU download Thread stopped. 05/28 10:56:18 [1572:1600] Stop Main Thread. 05/28 10:56:18 [1572:2876] ***** Main Thread Exit **** 05/28 10:56:18 [1572:1600] Main Thread stopped. 05/28 10:56:18 [1572:1600] Stopping heartbeat Thread. 05/28 10:56:18 [1572:1600] Heartbeat thread stopped, Heartbeat=3600 05/28 10:56:18 [1572:1600] Heartbeat Thread stopped. 05/28 10:56:18 [1572:1600] Start Stopping Downloading Thread 05/28 10:56:18 [1572:1600] Downaloding Thread stopped. 05/28 10:56:18 [1572:1600] Save sylink settings. 05/28 10:56:18 [1572:1600] <-----Stop completed! 05/28 10:56:18 [1572:1600] Destructor called! 05/28 10:56:18 [1572:1600] Deleting SyLink... 05/28 10:56:18 [1572:1600] Stop begin.----> 05/28 10:56:18 [1572:1600] <-----Already stoppped.Stop End. 05/28 10:56:18 [1572:1600] Stop TridentEngine... 2268421 05/28 10:56:18 [1572:1600] TridentEngine Stopped. 05/28 10:56:18 [1572:1600] stop trident engine... successful 05/28 10:56:18 [1572:1600] delete trident engine... 05/28 10:56:18 [1572:1600] Destroying Tse=02EE27D0 TseConfig=02E69B98 TseLoader=02E64DD8 05/28 10:56:18 [1572:1600] delete Wps... 05/28 10:56:18 [1572:1600] TSE stopped. 05/28 10:56:18 [1572:1600] Finished Destroy Tse=00000000 TseConfig=00000000 TseLoader=00000000 05/28 10:56:18 [1572:1600] delete SMC State... 05/28 10:56:18 [1572:1600] chmod on file c:\Program Files\Symantec\Symantec Endpoint Protection\SerState.dat to read/write. 05/28 10:56:18 [1572:1600] delete netport... 05/28 10:56:18 [1572:1600] delete IDSSignatureLib... 05/28 10:56:18 [1572:1600] Disable damper... 05/28 10:56:18 [1572:1600] Acknowledge exit trigger 05/28 10:56:18 [1572:1576] Network Threat Protection is stopped 05/28 10:56:18 [1964:3468] Stopping Network Threat Protection 05/28 10:56:19 [1572:1576] System configuration has been saved. 05/28 10:56:19 [1964:3468] Network Threat Protection stopped. 05/28 10:56:19 [1964:3468] Command line has been handled 05/28 10:56:48 [3196:2668] Enterprise version, Build 49!!! 05/28 10:56:48 [3196:2668] 2 -stop 05/28 10:56:48 [3196:2668] SMC_CMD_STOP_EVENT open failed. Error code=2 05/28 10:56:48 [3196:2668] Smc is stopping service 05/28 10:56:48 [3196:2668] Command line has been handled 05/28 10:57:33 [2780:2316] Enterprise version, Build 49!!! 05/28 10:57:33 [2780:1532] SetUserProfileDir: User Profile Location: C:\Documents and Settings\LocalService 05/28 10:57:33 [2780:1532] IsAlone() = 004DFDB0 05/28 10:57:33 [2780:1532] DamperControlSleepMS = 100 05/28 10:57:33 [2780:1532] Service ThreadID 7C8097D0 05/28 10:57:33 [2780:1532] Loading c:\Program Files\Symantec\Symantec Endpoint Protection\Cltdef.dat 05/28 10:57:33 [2780:1532] Loading c:\Program Files\Symantec\Symantec Endpoint Protection\Serdef.dat 05/28 10:57:33 [2780:1532] AVMan: Init called. 05/28 10:57:33 [2780:1532] AVMan: Entering Initialize 05/28 10:57:33 [2780:1532] AVMan: Disabled event forwarding. 05/28 10:57:33 [2780:1532] AVMan: About to start LogForwarding. 05/28 10:57:33 [2780:1532] AVMan: in StartEventForwarderImplExShared 05/28 10:57:33 [2780:1532] AVMan: Leaving Initialize 1 05/28 10:57:33 [2780:2068] AVMan: aggregation interval: 3600 05/28 10:57:33 [2780:1532] LUMan: Init called. 05/28 10:57:33 [2780:1532] LUMan: Entering UpdateContentRegistration() 05/28 10:57:33 [2780:1532] LUMan: UpdateContentRegistration() - Content {1CD85198-26C6-4bac-8C72-5D34B025DE35} is _not_ supported on this platform 05/28 10:57:33 [2780:1532] LUMan: UpdateContentRegistration() - Content {42B17E5E-4E9D-4157-88CB-966FB4985928} is _not_ supported on this platform 05/28 10:57:33 [2780:1532] LUMan: UpdateContentRegistration() - Content {4F889C4A-784D-40de-8539-6A29BAA43139} is supported on this platform 05/28 10:57:33 [2780:1532] LUMan: UpdateContentRegistration() - Registering callbacks for content {4F889C4A-784D-40de-8539-6A29BAA43139} 05/28 10:57:33 [2780:1532] Re-Registred moniker {4F889C4A-784D-40de-8539-6A29BAA43139} 05/28 10:57:33 [2780:1532] LUMan: UpdateContentRegistration() - Content {812CD25E-1049-4086-9DDD-A4FAE649FBDF} is supported on this platform 05/28 10:57:33 [2780:1532] LUMan: UpdateContentRegistration() - Registering callbacks for content {812CD25E-1049-4086-9DDD-A4FAE649FBDF} 05/28 10:57:33 [2780:1532] LUMan: UpdateContentRegistration() - Content {B36CDA3C-B15B-421c-A2A4-7EC70E3B852B} is supported on this platform 05/28 10:57:33 [2780:1532] LUMan: UpdateContentRegistration() - Registering callbacks for content {B36CDA3C-B15B-421c-A2A4-7EC70E3B852B} 05/28 10:57:33 [2780:1532] Re-Registred moniker {B36CDA3C-B15B-421c-A2A4-7EC70E3B852B} 05/28 10:57:33 [2780:1532] LUMan: UpdateContentRegistration() - Content {C13726A9-8DF7-4583-9B39-105B7EBD55E2} is supported on this platform 05/28 10:57:33 [2780:1532] LUMan: UpdateContentRegistration() - Registering callbacks for content {C13726A9-8DF7-4583-9B39-105B7EBD55E2} 05/28 10:57:33 [2780:1532] LUMan: UpdateContentRegistration() - Content {C25CEA47-63E5-447b-8D95-C79CAE13FF79} is supported on this platform 05/28 10:57:33 [2780:1532] LUMan: UpdateContentRegistration() - Registering callbacks for content {C25CEA47-63E5-447b-8D95-C79CAE13FF79} 05/28 10:57:33 [2780:1532] LUMan: UpdateContentRegistration() - Content {C60DC234-65F9-4674-94AE-62158EFCA433} is supported on this platform 05/28 10:57:33 [2780:1532] LUMan: UpdateContentRegistration() - Registering callbacks for content {C60DC234-65F9-4674-94AE-62158EFCA433} 05/28 10:57:33 [2780:1532] LUMan: UpdateContentRegistration() - Content {D3769926-05B7-4ad1-9DCF-23051EEE78E3} is supported on this platform 05/28 10:57:33 [2780:1532] LUMan: UpdateContentRegistration() - Registering callbacks for content {D3769926-05B7-4ad1-9DCF-23051EEE78E3} 05/28 10:57:33 [2780:1532] LUMan: UpdateContentRegistration() - Content {DFB8BBDD-52DE-427e-9EB3-FB7665893221} is _not_ supported on this platform 05/28 10:57:33 [2780:1532] LUMan: UpdateContentRegistration() - Content {E5A3EBEE-D580-421e-86DF-54C0B3739522} is supported on this platform 05/28 10:57:33 [2780:1532] LUMan: UpdateContentRegistration() - Registering callbacks for content {E5A3EBEE-D580-421e-86DF-54C0B3739522} 05/28 10:57:33 [2780:1532] LUMan: UpdateContentRegistration() - Content {EA960B33-2196-4d53-8AC4-D5043A5B6F9B} is supported on this platform 05/28 10:57:33 [2780:1532] LUMan: UpdateContentRegistration() - Registering callbacks for content {EA960B33-2196-4d53-8AC4-D5043A5B6F9B} 05/28 10:57:33 [2780:1532] LUMan: UpdateContentRegistration() - Content {ECCC5006-EF61-4c99-829A-417B6C6AD963} is supported on this platform 05/28 10:57:33 [2780:1532] LUMan: UpdateContentRegistration() - Registering callbacks for content {ECCC5006-EF61-4c99-829A-417B6C6AD963} 05/28 10:57:33 [2780:1532] LUMan: Entering with default, timeToNextLU=300, interval=216000 05/28 10:57:33 [2780:2188] LUMan: ScheduledLuThread() initial sleep: 10 mins 05/28 10:57:33 [2780:1532] Fail to load config because sysplant is not loaded 05/28 10:57:34 [2780:1532] DevMan: ========== Device Manage Received the New Rule. ========== 05/28 10:57:34 [2780:1532] DevMan: ========== Device Manage Is Plugged In. ========== 05/28 10:57:34 [2780:1532] Init called. 05/28 10:57:34 [2780:1532] Nac init 05/28 10:57:34 [2780:1532] Remove files from c:\Program Files\Symantec\Symantec Endpoint Protection\SmcLU\Setup 05/28 10:57:34 [2780:1532] Loaded language string from the registry: English 05/28 10:57:34 [2780:1532] current package language type: English 05/28 10:57:34 [2780:1532] firewall feature status:0 05/28 10:57:34 [2780:1532] Changing control mode 0 05/28 10:57:34 [2780:1532] Init TPM device... 05/28 10:58:00 [2780:1532] TPMIO: TmpVendorID = 0 05/28 10:58:00 [2780:1532] Creating SyLink... 05/28 10:58:00 [2780:1532] AVMan: Entering ReceiveMessage with msg id 262147 05/28 10:58:00 [2780:1532] AVMan: Leaving ReceiveMessage 05/28 10:58:00 [2780:1532] LUMan: Entering ReceiveMessage with message id 262147 05/28 10:58:00 [2780:1532] Sylink is created 05/28 10:58:00 [2780:1532] InitACS , HI result passed to Location sensor is 4 05/28 10:58:00 [2780:1532] DnsHelper: update DNS ServerList 05/28 10:58:00 [2780:1532] The size of DNS2IP table is 1 05/28 10:58:00 [2780:1532] AutoLocationRunningEvent existed. 05/28 10:58:00 [2780:1532] AutoLocationFrequencyUpdateEvent existed. 05/28 10:58:00 [2780:1532] initial HI checking delay is :60000 05/28 10:58:00 [2780:1532] HI: ResetHIResult set HI result to HI_CHECK_DISBALED since HI is disabled. 05/28 10:58:00 [2780:2452] Auto location ThreadID = 2452 05/28 10:58:00 [2780:1532] HI: Use new HI config under current location, reset to default. HI Trigger Type: 1, HI Timer 120 05/28 10:58:00 [2780:1532] HI: init set HI result to HI_CHECK_DISBALED since HI is disabled. 05/28 10:58:00 [2780:1532] HI: set HI result to HI_CHECK_DISBALED. 05/28 10:58:00 [2780:1532] HI: Init HI Engine done. 05/28 10:58:00 [2780:1532] HI status is changed to=3; reason=105; rule=Host Integrity check is disabled. Host Integrity policy has been disabled by the administrator. 05/28 10:58:00 [2780:1532] StartEngine: reason=Initialize. 05/28 10:58:00 [2780:1532] TeeferOpen Mem=768 NIC={2D4BB419-37A3-4171-B622-54AC4B37121E}...05/28 10:58:00 [2780:1532] TFMAN: g_IsOptTeefer=1 05/28 10:58:00 [2780:1532] Success 05/28 10:58:00 [2780:1532] TSE is located at: c:\Program Files\Symantec\Symantec Endpoint Protection\ 05/28 10:58:00 [2780:1532] TSE extended debugging is turned off. Flag = 0 05/28 10:58:00 [2780:1532] TSE started. 05/28 10:58:00 [2780:1532] StartTridentEngine : Apply new config into profile in location Default. 05/28 10:58:00 [2780:1532] strLocation after switch to appointedDefault 05/28 10:58:00 [2780:1532] The best location need to be switch is: Default 05/28 10:58:00 [2780:1532] Use new Config... 2370484 05/28 10:58:00 [2780:1532] Apply Config to location: Default 05/28 10:58:00 [2780:1532] TSE: Driver level protection enabled. 05/28 10:58:00 [2780:1532] TSE: App authentication: 0, Mod authentication: 0, Action: 3 05/28 10:58:00 [2780:1532] ULD: uld file initialized, total: 0 05/28 10:58:00 [2780:1532] Ids Engine is Enabled 05/28 10:58:01 [2780:1532] PreStartingSetDefaultRule : Disabled 05/28 10:58:01 [2780:1532] updating 802.1x authentication information.(E:0, T:0, S:0) 05/28 10:58:01 [2780:1532] SetCurLocationID=Default 05/28 10:58:01 [2780:1532] DevMan: ========== Device Manage Received the New Rule. ========== 05/28 10:58:01 [2780:1532] NotifyNewProfileApplied: calling plugin for new policy 05/28 10:58:01 [2780:1532] AVMan: Entering PolicyUpdateCallback 05/28 10:58:01 [2780:1148] SNAC is NOT licensed 05/28 10:58:01 [2780:1148] NAP is not enabled! 05/28 10:58:01 [2780:1148] AltCommMethodWithEnforcer is not enabled! 05/28 10:58:01 [2780:1148] LANClientConfig 05/28 10:58:01 [2780:1148] pPeer2Peer is NULL in GetP2PProfileChangeMsgData. Set all P2P parameters to 0. 05/28 10:58:01 [2780:1148] runtime->fConnected is FALSE. Skip to write P2P_PROFILE_CHANGE_MSG into pipe. 05/28 10:58:01 [2780:1532] AVMan: policy retrieved 05/28 10:58:01 [2780:1532] AVMan: in ParsePolicyXmlImpl 05/28 10:58:01 [2780:1532] AVMan: in ParsePolicyXmlViaTempFile 05/28 10:58:01 [2780:1532] AVMan: in ParsePolicyXmlToFile 05/28 10:58:01 [2780:1532] AVMan: Leaving PolicyUpdateCallback 05/28 10:58:01 [2780:1532] GUProxy: PolicyUpdateCallback called 05/28 10:58:01 [2780:1532] GUProxy - UseMasterClient [0] 05/28 10:58:01 [2780:1532] GUProxy - Is this computer a GUP Server? [0] 05/28 10:58:01 [2780:1532] LUMan: PolicyUpdateCallback() called 05/28 10:58:01 [2780:3616] TSE: user session found. 05/28 10:58:01 [2780:3616] TSE: user session is on track. 05/28 10:58:01 [2780:1532] LUMan: Started a refresh settings thread with ID #1116 05/28 10:58:01 [2780:1532] NotifyNewProfileApplied: calling plugin for new policy done. 05/28 10:58:01 [2780:1532] New location is Default 05/28 10:58:01 [2780:1532] Third party is Disabled 05/28 10:58:01 [2780:1532] SEPM Content Source is Enabled 05/28 10:58:01 [2780:1532] HI: Use new HI config under current location, reset to default. HI Trigger Type: 1, HI Timer 120 05/28 10:58:01 [2780:1532] changing heartbeat for location Default 05/28 10:58:01 [2780:1532] changed heartbeat status to 1 05/28 10:58:01 [2780:2452] Auto location: Trident Started = 1 05/28 10:58:01 [2780:2452] Ready to do Autolocation. First Time =1 05/28 10:58:01 [2780:2420] CGuiControl::Initialize, the current location name is empty 05/28 10:58:01 [2780:2420] changing heartbeat for location Default 05/28 10:58:01 [2780:2420] changed heartbeat status to 1 05/28 10:58:01 [2780:2420] HI: Use new HI config under current location, reset to default. HI Trigger Type: 1, HI Timer 120 05/28 10:58:01 [2780:2420] Update ProfileNow Request has been sent 05/28 10:58:01 [2780:1532] No rule is found in the IDS 05/28 10:58:01 [2780:2452] DnsHelper: update DNS ServerList 05/28 10:58:01 [2780:2420] Start TridentEngine... 2370921 05/28 10:58:01 [2780:1532] Start TridentEngine... 2370921 05/28 10:58:01 [2780:3272] *SPNET DNS* sending request: 10.30.105.48 05/28 10:58:01 [2780:2452] Snac HiTest:0, 0 05/28 10:58:01 [2780:2452] First Time AutoLocation. Must notify GUI 05/28 10:58:01 [2780:2420] AutoLocationRunningEvent existed. 05/28 10:58:01 [2780:2420] AutoLocationFrequencyUpdateEvent existed. 05/28 10:58:01 [2780:1532] AutoLocationRunningEvent existed. 05/28 10:58:01 [2780:1532] AutoLocationFrequencyUpdateEvent existed. 05/28 10:58:01 [2780:2452] Location changed in Autolocation: Notify GUI and apply new config into profile in location Default. 05/28 10:58:01 [2780:2452] Sending Location Change to GUI 05/28 10:58:01 [2780:2452] changing heartbeat for location Default 05/28 10:58:01 [2780:2452] changed heartbeat status to 1 05/28 10:58:01 [2780:2452] HI: Use new HI config under current location, reset to default. HI Trigger Type: 1, HI Timer 120 05/28 10:58:01 [2780:2452] Update ProfileNow Request has been sent 05/28 10:58:01 [2780:1532] Start SyLink... 05/28 10:58:01 [2780:1532] Import Config File !! 05/28 10:58:01 [2780:2420] AVMan: Entering Enable -- enable=true 05/28 10:58:01 [2780:2420] AVMan: Entering ExportUseNewConfig 05/28 10:58:01 [2780:2420] AVMan: Entering UseNewConfig() 05/28 10:58:01 [2780:2420] AVMan: Leaving UseNewConfig() 05/28 10:58:01 [2780:2420] AVMan: Leaving ExportUseNewConfig 05/28 10:58:01 [2780:2420] AVMan: Disabled event forwarding. 05/28 10:58:01 [2780:2420] GUProxy: Enable called. 05/28 10:58:01 [2780:2452] SMC: firewall enabled flag is 1 05/28 10:58:01 [2780:2420] GUProxy: Enable 05/28 10:58:01 [2780:1148] pipe listening 997 05/28 10:58:01 [2780:2452] SMC: SEP firewall driver is installed (Security Engine)... 05/28 10:58:01 [2780:2452] SMC: Location Default - SEP firewall state from policy file is is 1 05/28 10:58:01 [2780:2452] Silent mode has been disabled. 05/28 10:58:01 [2780:2452] pNotificationParam->dwNotificationTimeSec = 5 05/28 10:58:01 [2780:1532] +++++++++++++++win2000 hostName=UKSSYSD32179,DomainName=UK.EU.lafargeone.net 05/28 10:58:01 [2780:1532] Computer Network Identity (Domain/Host)=UK.EU.lafargeone.net/UKSSYSD32179 05/28 10:58:01 [2780:784] To create Heartbeat. 05/28 10:58:01 [2780:1532] Started, contact SMS every 3600 seconds 05/28 10:58:01 [2780:1532] Can't get current package checksum! 05/28 10:58:01 [2780:1532] Sylink LU thread is started. 05/28 10:58:01 [2780:1532] start sylink successful 05/28 10:58:01 [2780:1532] Lock held for 156ms 05/28 10:58:01 [2780:2420] Lock acquire took 141ms 05/28 10:58:01 [2780:2420] Sending Profile serial Number to Server :C5C0-05/16/2012 15:26:19 303 05/28 10:58:01 [2780:2452] Lock acquire took 141ms 05/28 10:58:01 [2780:2420] changing heartbeat for location Default 05/28 10:58:01 [2780:2420] changed heartbeat status to 1 05/28 10:58:01 [2780:2420] HI: Use new HI config under current location, reset to default. HI Trigger Type: 1, HI Timer 120 05/28 10:58:01 [2780:2452] CGuiControl::ChangeLocation Location:Default g_dwNotificationTimeSec:5 05/28 10:58:01 [2780:2452] Snac HiTest:0, 0 05/28 10:58:01 [2780:2420] pNotificationParam->dwNotificationTimeSec = 5 05/28 10:58:01 [2780:2420] CGuiControl::SynchronousUseNewConfig Location:Default g_dwNotificationTimeSec:5 05/28 10:58:01 [2780:2420] SMC: firewall enabled flag is 1 05/28 10:58:01 [2780:2420] SMC: SEP firewall driver is installed (Security Engine)... 05/28 10:58:01 [2780:2420] SMC: Location Default - SEP firewall state from policy file is is 1 05/28 10:58:01 [2780:2420] SNAC is NOT licensed, changing the SNAC service's startup type 05/28 10:58:01 [2780:1532] Calling Command Processor again. 05/28 10:58:01 [2780:1532] c:\Program Files\Symantec\Symantec Endpoint Protection\StdDef.dat: Not found. 05/28 10:58:01 [2780:1532] c:\Program Files\Symantec\Symantec Endpoint Protection\trojan.dat: Not found. 05/28 10:58:01 [2780:1532] c:\Program Files\Symantec\Symantec Endpoint Protection\odSendPacket.dll: Not found. 05/28 10:58:01 [2780:1532] c:\Program Files\Symantec\Symantec Endpoint Protection\SygateScv.dll: Not found. 05/28 10:58:01 [2780:1532] c:\Program Files\Symantec\Symantec Endpoint Protection\WpsDrvNT.sys: Not found. 05/28 10:58:01 [2780:1532] c:\Program Files\Symantec\Symantec Endpoint Protection\Sgman.plg: Not found. 05/28 10:58:01 [2780:1532] c:\Program Files\Symantec\Symantec Endpoint Protection\Help\HHActiveX.dll: Not found. 05/28 10:58:01 [2780:1532] c:\Program Files\Symantec\Symantec Endpoint Protection\Install\IphlpApi.dll: Not found. 05/28 10:58:01 [2780:1532] c:\Program Files\Symantec\Symantec Endpoint Protection\Install\PsApi.dll: Not found. 05/28 10:58:01 [2780:1532] c:\Program Files\Symantec\Symantec Endpoint Protection\Install\SSSensor.dll: Not found. 05/28 10:58:01 [2780:1532] C:\WINDOWS\system32\drivers\wgx.sys: Not found. 05/28 10:58:01 [2780:1532] using server-configured log file size of 524288 05/28 10:58:01 [2780:1532] set log file size to 524288 05/28 10:58:01 [2780:1532] starting 05/28 10:58:01 [2780:1532] completed. Array enties: 152 05/28 10:58:01 [2780:1532] creating tech extension AVMan 05/28 10:58:01 [2780:1532] using server-configured log file size of 524288 05/28 10:58:01 [2780:1532] set log file size to 524288 05/28 10:58:01 [2780:1532] starting 05/28 10:58:01 [2780:1532] completed. Array enties: 0 05/28 10:58:01 [2780:1532] creating tech extension GUP 05/28 10:58:01 [2780:1532] using server-configured log file size of 524288 05/28 10:58:01 [2780:1532] set log file size to 524288 05/28 10:58:01 [2780:1532] starting 05/28 10:58:01 [2780:1532] completed. Array enties: 0 05/28 10:58:01 [2780:1532] creating tech extension LUMan 05/28 10:58:01 [2780:1532] using server-configured log file size of 524288 05/28 10:58:01 [2780:1532] set log file size to 524288 05/28 10:58:01 [2780:1532] starting 05/28 10:58:01 [2780:1532] completed. Array enties: 0 05/28 10:58:01 [2780:1532] creating tech extension NacMan 05/28 10:58:01 [2780:1532] Windows Version info: Operating System: Windows XP (5.1.2600 Service Pack 3) 05/28 10:58:01 [2780:1532] Network info: No.0 "Local Area Connection" 9c-8e-99-d2-d7-df "Intel(R) 82579LM Gigabit Network Connection" 10.30.211.173 05/28 10:58:01 [2780:1532] Application List: 0) Adobe Flash Player 11 ActiveX 1) BusinessObjects 5.1.8 2) CutePDF Writer 2.8 3) Microsoft Internationalized Domain Names Mitigation APIs 4) Windows Internet Explorer 7 5) Security Update for Windows XP (KB2079403) 6) Security Update for Windows XP (KB2115168) 7) Security Update for Windows XP (KB2229593) 8) Security Update for Windows XP (KB2296011) 9) Update for Windows XP (KB2345886) 10) Security Update for Windows XP (KB2347290) 11) Security Update for Windows Internet Explorer 7 (KB2360131) 12) Security Update for Windows XP (KB2360937) 13) Security Update for Windows Media Player (KB2378111) 14) Security Update for Windows XP (KB2387149) 15) Security Update for Windows XP (KB2393802) 16) Security Update for Windows XP (KB2412687) 17) Security Update for Windows XP (KB2419632) 18) Security Update for Windows XP (KB2423089) 19) Security Update for Windows XP (KB2440591) 20) Security Update for Windows XP (KB2443105) 21) Hotfix for Windows XP (KB2443685) 22) Security Update for Windows XP (KB2476490) 23) Security Update for Windows XP (KB2478960) 24) Security Update for Windows XP (KB2478971) 25) Security Update for Windows XP (KB2479943) 26) Security Update for Windows XP (KB2481109) 27) Security Update for Windows XP (KB2483185) 28) Security Update for Windows XP (KB2485663) 29) Security Update for Windows XP (KB2503665) 30) Security Update for Windows XP (KB2506212) 31) Security Update for Windows XP (KB2507618) 32) Security Update for Windows XP (KB2507938) 33) Security Update for Windows XP (KB2508272) 34) Security Update for Windows XP (KB2508429) 35) Security Update for Windows XP (KB2509553) 36) Security Update for Windows XP (KB2510581) 37) Security Update for Windows XP (KB2524375) 38) Security Update for Windows XP (KB2535512) 39) Security Update for Windows XP (KB2536276) 40) Security Update for Windows XP (KB2536276-v2) 41) Update for Windows XP (KB2541763) 42) Security Update for Windows XP (KB2544893) 43) Security Update for Windows XP (KB2544893-v2) 44) Security Update for Windows XP (KB2555917) 45) Security Update for Microsoft Windows (KB2564958) 46) Security Update for Windows XP (KB2566454) 47) Security Update for Windows XP (KB2570222) 48) Security Update for Windows XP (KB2570947) 49) Security Update for Windows XP (KB2584146) 50) Security Update for Windows XP (KB2585542) 51) Security Update for Windows XP (KB2592799) 52) Security Update for Windows XP (KB2598479) 53) Security Update for Windows XP (KB2603381) 54) Security Update for Windows XP (KB2618451) 55) Security Update for Windows XP (KB2619339) 56) Security Update for Windows XP (KB2620712) 57) Security Update for Windows XP (KB2621440) 58) Security Update for Windows XP (KB2624667) 59) Security Update for Windows XP (KB2631813) 60) Security Update for Windows XP (KB2633171) 61) Hotfix for Windows XP (KB2633952) 62) Security Update for Windows XP (KB2639417) 63) Security Update for Windows XP (KB2641653) 64) Update for Windows XP (KB2641690) 65) Security Update for Windows XP (KB2646524) 66) Security Update for Windows Internet Explorer 7 (KB2647516) 67) Security Update for Windows XP (KB2653956) 68) Security Update for Windows XP (KB2659262) 69) Security Update for Windows XP (KB2660465) 70) Security Update for Windows XP (KB2661637) 71) Security Update for Windows Internet Explorer 7 (KB2675157) 72) Security Update for Windows XP (KB2676562) 73) Security Update for Windows XP (KB2686509) 74) Windows Genuine Advantage Validation Tool (KB892130) 75) Update for Windows XP (KB898461) 76) Security Update for Windows XP (KB923561) 77) Hotfix for Windows Media Format 11 SDK (KB929399) 78) Security Update for Windows Internet Explorer 7 (KB938127-v2) 79) Security Update for Windows XP (KB938464) 80) Hotfix for Windows Media Player 11 (KB939683) 81) Security Update for Windows XP (KB941569) 82) Update for Windows XP (KB943729) 83) Security Update for Windows XP (KB946648) 84) Security Update for Windows XP (KB950762) 85) Security Update for Windows XP (KB950974) 86) Security Update for Windows XP (KB951376-v2) 87) Update for Windows XP (KB951978) 88) Security Update for Windows XP (KB952004) 89) Security Update for Windows Media Player (KB952069) 90) Hotfix for Windows XP (KB952287) 91) Security Update for Windows XP (KB952954) 92) Security Update for Windows Media Player 11 (KB954154) 93) Security Update for Windows Media Player (KB954155) 94) Security Update for Windows XP (KB954459) 95) Hotfix for Windows XP (KB954550-v5) 96) Update for Windows XP (KB955759) 97) Security Update for Windows XP (KB956391) 98) Security Update for Windows XP (KB956572) 99) Security Update for Windows XP (KB956744) 100) Security Update for Windows XP (KB956802) 101) Security Update for Windows XP (KB956844) 102) Security Update for Windows XP (KB958644) 103) Security Update for Windows XP (KB959426) 104) Security Update for Windows XP (KB960803) 105) Security Update for Windows XP (KB960859) 106) Hotfix for Windows XP (KB961118) 107) Security Update for Windows XP (KB961501) 108) Update for Windows XP (KB968389) 109) Security Update for Windows XP (KB969059) 110) Security Update for Windows XP (KB970430) 111) Update for Windows XP (KB971029) 112) Security Update for Windows XP (KB971657) 113) Update for Windows XP (KB971737) 114) Security Update for Windows XP (KB972270) 115) Security Update for Windows XP (KB973507) 116) Security Update for Windows Media Player (KB973540) 117) Update for Windows XP (KB973687) 118) Update for Windows XP (KB973815) 119) Security Update for Windows XP (KB973869) 120) Security Update for Windows XP (KB973904) 121) Security Update for Windows XP (KB974112) 122) Security Update for Windows XP (KB974318) 123) Security Update for Windows XP (KB974392) 124) Security Update for Windows XP (KB974571) 125) Security Update for Windows XP (KB975025) 126) Security Update for Windows XP (KB975467) 127) Security Update for Windows Media Player (KB975558) 128) Security Update for Windows XP (KB975560) 129) Security Update for Windows XP (KB975562) 130) Security Update for Windows XP (KB975713) 131) Hotfix for Windows XP (KB976002-v5) 132) Security Update for Windows XP (KB977816) 133) Security Update for Windows XP (KB977914) 134) Security Update for Windows XP (KB978338) 135) Security Update for Windows XP (KB978542) 136) Security Update for Windows XP (KB978601) 137) Security Update for Windows Media Player (KB978695) 138) Security Update for Windows XP (KB978706) 139) Security Update for Windows XP (KB979309) 140) Security Update for Windows XP (KB979482) 141) Security Update for Windows XP (KB979687) 142) Security Update for Windows XP (KB980436) 143) Security Update for Windows XP (KB981322) 144) Security Update for Windows XP (KB981997) 145) Security Update for Windows XP (KB982132) 146) Security Update for Windows XP (KB982665) 147) LiveUpdate 3.3 (Symantec Corporation) 148) Microsoft .NET Framework 3.5 SP1 149) Microsoft .NET Framework 4 Client Profile 150) Microsoft .NET Framework 4 Extended 151) Microsoft Compression Client Pack 1.0 for Windows XP 152) Microsoft National Language Support Downlevel APIs 153) Intel(R) Network Connections Drivers 154) Microsoft Office Standard 2007 155) Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 156) Windows Genuine Advantage Validation Tool (KB892130) 157) Windows Genuine Advantage Notifications (KB905474) 158) Windows Media Format 11 runtime 159) Windows Media Player 11 160) Microsoft WinUsb 1.0 161) Windows Media Format 11 runtime 162) Windows Media Player 11 163) Microsoft User-Mode Driver Framework Feature Pack 1.0 164) XML Paper Specification Shared Components Pack 1.0 165) Microsoft .NET Framework 4 Extended 166) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) 167) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) 168) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 169) LANDesk Advance Agent 170) Citrix Presentation Server Client 171) Java(TM) 6 Update 30 172) Lafarge Background Support Information 173) WebFldrs XP 174) Microsoft .NET Framework 4 Client Profile 175) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) 176) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) 177) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) 178) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) 179) LANDesk(R) Common Base Agent 8 180) Adobe Flash Player 10 ActiveX 181) Java Auto Updater 182) Symantec Endpoint Protection 183) Lafarge Screensaver - It's Your Call 184) Lafarge Safety Screen Saver 185) LANDesk Advance Agent 186) DameWare Mini Remote Control Client Agent Service 187) Microsoft Software Update for Web Folders (English) 12 188) Microsoft Office Standard 2007 189) Security Update for Microsoft Office Word 2007 (KB956358) 190) Security Update for Microsoft Office PowerPoint 2007 (KB951338) 191) Security Update for Microsoft Office system 2007 (KB954326) 192) Security Update for Microsoft Office Excel 2007 (KB958437) 193) Security Update for 2007 Microsoft Office System (KB958439) 194) Security Update for Outlook 2007 (KB946983) 195) Security Update for 2007 Microsoft Office System (KB951944) 196) Security Update for Microsoft Office system 2007 (KB951808) 197) Update for Microsoft Office 2007 suites (KB2597998) 32-Bit Edition 198) Update for Office 2007 (KB946691) 199) Security Update for 2007 Microsoft Office System (KB951550) 200) Update for Office 2007 (KB934391) 201) 202) Update for Office 2007 (KB932080) 203) Microsoft Office Excel MUI (English) 2007 204) Microsoft Office PowerPoint MUI (English) 2007 205) Microsoft Office Outlook MUI (English) 2007 206) Microsoft Office Word MUI (English) 2007 207) Microsoft Office Proof (English) 2007 208) Microsoft Office Proof (French) 2007 209) Microsoft Office Proof (Spanish) 2007 210) Microsoft Office Proofing (English) 2007 211) Microsoft Office Shared MUI (English) 2007 212) Microsoft Office Shared Setup Metadata MUI (English) 2007 213) Microsoft .NET Framework 3.0 Service Pack 2 214) Adobe Reader X (10.1.2) 215) Microsoft .NET Framework 2.0 Service Pack 2 216) Microsoft .NET Framework 3.5 SP1 217) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) 218) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) 219) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) 220) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) 221) Lotus Notes 7.0.4 222) Realtek High Definition Audio Driver 05/28 10:58:01 [2780:1532] Network Connection Properties: ---Network Client--- 0) Client for Microsoft Networks 1) WebClient ---Network Service--- 0) Dial-Up Server 1) Symantec Endpoint Protection Firewall 2) Application Layer Gateway 3) Steelhead 4) File and Printer Sharing for Microsoft Networks 5) Remote Access Connection Manager 6) Dial-Up Client 7) QoS RSVP 8) Generic Packet Classifier 9) QoS Packet Scheduler 10) NetBIOS Interface 11) Wireless Zero Configuration ---Network Protocol--- 0) NDIS Usermode I/O Protocol 1) Point to Point Tunneling Protocol 2) WINS Client(TCP/IP) Protocol 3) Layer 2 Tunneling Protocol 4) Point to Point Protocol Over Ethernet 5) Remote Access NDIS WAN Driver 6) Internet Protocol (TCP/IP) 7) Message-oriented TCP/IP Protocol (SMB session) 05/28 10:58:01 [2780:1532] initial service success 05/28 10:58:01 [2780:1532] AVMan: Entering ReceiveMessage with msg id 458753 05/28 10:58:01 [2780:1532] AVMan: Disabled event forwarding. 05/28 10:58:01 [2780:1532] AVMan: Leaving ReceiveMessage 05/28 10:58:01 [2780:1532] LUMan: Entering ReceiveMessage with message id 458753 05/28 10:58:01 [2780:1532] Smc: HandlePostInstallActivities() - called 05/28 10:58:01 [2780:1532] Recieve IPS content change event... 05/28 10:58:01 [2780:536] TerminalService installed = 1 05/28 10:58:01 [2780:536] Found explorer.exe pids=2332 05/28 10:58:01 [2780:536] SmcGui mode 1 05/28 10:58:01 [2780:684] Snac HiTest:0, 0 05/28 10:58:01 [2780:1532] Starting SMC GUI 05/28 10:58:01 [2780:1532] GetUserAndDomain in smc: Trying to get the User/Domain 05/28 10:58:01 [2780:1532] Enterprise version, Build 49!!! 05/28 10:58:01 [2780:1532] user_id = LAFUK/Joshi.Chirag 05/28 10:58:02 [2780:684] SMCGui - 488: CSmcDlg::Profile() - ImportFromDm() returned... 05/28 10:58:02 [2780:1116] LUMan: Entering UpdateContentRegistration() 05/28 10:58:02 [2780:1116] LUMan: UpdateContentRegistration() - Content {1CD85198-26C6-4bac-8C72-5D34B025DE35} is _not_ supported on this platform 05/28 10:58:02 [2780:1116] LUMan: UpdateContentRegistration() - Content {42B17E5E-4E9D-4157-88CB-966FB4985928} is _not_ supported on this platform 05/28 10:58:02 [2780:1116] LUMan: UpdateContentRegistration() - Content {4F889C4A-784D-40de-8539-6A29BAA43139} is supported on this platform 05/28 10:58:02 [2780:1116] LUMan: UpdateContentRegistration() - Registering callbacks for content {4F889C4A-784D-40de-8539-6A29BAA43139} 05/28 10:58:02 [2780:1116] LUMan: UpdateContentRegistration() - Content {812CD25E-1049-4086-9DDD-A4FAE649FBDF} is supported on this platform 05/28 10:58:02 [2780:1116] LUMan: UpdateContentRegistration() - Registering callbacks for content {812CD25E-1049-4086-9DDD-A4FAE649FBDF} 05/28 10:58:02 [2780:1116] LUMan: UpdateContentRegistration() - Content {B36CDA3C-B15B-421c-A2A4-7EC70E3B852B} is supported on this platform 05/28 10:58:02 [2780:1116] LUMan: UpdateContentRegistration() - Registering callbacks for content {B36CDA3C-B15B-421c-A2A4-7EC70E3B852B} 05/28 10:58:02 [2780:1116] LUMan: UpdateContentRegistration() - Content {C13726A9-8DF7-4583-9B39-105B7EBD55E2} is supported on this platform 05/28 10:58:02 [2780:1116] LUMan: UpdateContentRegistration() - Registering callbacks for content {C13726A9-8DF7-4583-9B39-105B7EBD55E2} 05/28 10:58:02 [2780:1116] LUMan: UpdateContentRegistration() - Content {C25CEA47-63E5-447b-8D95-C79CAE13FF79} is supported on this platform 05/28 10:58:02 [2780:1116] LUMan: UpdateContentRegistration() - Registering callbacks for content {C25CEA47-63E5-447b-8D95-C79CAE13FF79} 05/28 10:58:02 [2780:1116] LUMan: UpdateContentRegistration() - Content {C60DC234-65F9-4674-94AE-62158EFCA433} is supported on this platform 05/28 10:58:02 [2780:1116] LUMan: UpdateContentRegistration() - Registering callbacks for content {C60DC234-65F9-4674-94AE-62158EFCA433} 05/28 10:58:02 [2780:1116] LUMan: UpdateContentRegistration() - Content {D3769926-05B7-4ad1-9DCF-23051EEE78E3} is supported on this platform 05/28 10:58:02 [2780:1116] LUMan: UpdateContentRegistration() - Registering callbacks for content {D3769926-05B7-4ad1-9DCF-23051EEE78E3} 05/28 10:58:02 [2780:1116] LUMan: UpdateContentRegistration() - Content {DFB8BBDD-52DE-427e-9EB3-FB7665893221} is _not_ supported on this platform 05/28 10:58:02 [2780:1116] LUMan: UpdateContentRegistration() - Content {E5A3EBEE-D580-421e-86DF-54C0B3739522} is supported on this platform 05/28 10:58:02 [2780:1116] LUMan: UpdateContentRegistration() - Registering callbacks for content {E5A3EBEE-D580-421e-86DF-54C0B3739522} 05/28 10:58:02 [2780:1116] LUMan: UpdateContentRegistration() - Content {EA960B33-2196-4d53-8AC4-D5043A5B6F9B} is supported on this platform 05/28 10:58:02 [2780:1116] LUMan: UpdateContentRegistration() - Registering callbacks for content {EA960B33-2196-4d53-8AC4-D5043A5B6F9B} 05/28 10:58:02 [2780:1116] LUMan: UpdateContentRegistration() - Content {ECCC5006-EF61-4c99-829A-417B6C6AD963} is supported on this platform 05/28 10:58:02 [2780:1116] LUMan: UpdateContentRegistration() - Registering callbacks for content {ECCC5006-EF61-4c99-829A-417B6C6AD963} 05/28 10:58:02 [2780:684] SMCGui - 488: CSmcDlg::UpdateProfileInfoC5C0-05/16/2012 15:26:19 303:My Company\Lafarge UK IT Shared Services\Workstations - AAC, LPL & SSZ 05/28 10:58:02 [2780:776] Get Hardware ID 05/28 10:58:02 [2780:776] System Config ID: 0x568efec File Config ID: 0x568f07c 05/28 10:58:02 [2780:776] WMIWin32Query::WMIWin32Query() COM security was already initialized (CoInitializeSecurity returned RPC_E_TOO_LATE) 05/28 10:58:02 [2780:776] WMIWin32Query::WMIWin32Query() WMI queries initialized successfully 05/28 10:58:02 [2780:776] Using default change detector 05/28 10:58:02 [2780:776] Successfully read hardware key from registry: E717E844131F1AF6DF6FF01071DCFF74 size=33 05/28 10:58:02 [2780:776] WMIWin32Query::WMIWin32Query() COM was already initialized on this thread (CoInitializeEx returned S_FALSE) 05/28 10:58:02 [2780:776] WMIWin32Query::WMIWin32Query() COM security was already initialized (CoInitializeSecurity returned RPC_E_TOO_LATE) 05/28 10:58:02 [2780:776] WMIWin32Query::WMIWin32Query() WMI queries initialized successfully 05/28 10:58:03 [2780:776] Loaded ID from system: W0Q381DY 05/28 10:58:03 [2780:776] Adapter Info: 'Intel(R) 82579LM Gigabit Network Connection #2 - Teefer2 Miniport' {2D4BB419-37A3-4171-B622-54AC4B37121E} 05/28 10:58:03 [2780:776] Loaded ID from system: 9C:8E:99:D2:D7:DF 05/28 10:58:03 [2780:776] Loaded ID from system: fqdn:UKSSYSD32179.UK.EU.lafargeone.net 05/28 10:58:03 [2780:776] Loaded ID from system: osversion:5.1.2600 05/28 10:58:03 [2780:776] Loaded ID from system: hdvol:1861875980 05/28 10:58:03 [2780:776] Loaded ID from system: 9C:8E:99:D2:D7:DF PNPID: PCI\VEN_8086&DEV_1502&SUBSYS_1496103C&REV_04\3&11583659&0&C8 05/28 10:58:03 [2780:776] Loaded ID from system: CZC20919HF 05/28 10:58:03 [2780:776] Loaded ID from system: CZC20919HF 05/28 10:58:03 [2780:776] ID already exists: 9C:8E:99:D2:D7:DF 05/28 10:58:03 [2780:776] ID already exists: CZC20919HF 05/28 10:58:03 [2780:776] Finished importing system IDs 05/28 10:58:03 [2780:776] Loaded hardware ID from file: E717E844131F1AF6DF6FF01071DCFF74 05/28 10:58:03 [2780:776] Loaded ID from file: 9C:8E:99:D2:D7:DF 05/28 10:58:03 [2780:776] Loaded ID from file: CZC20919HF 05/28 10:58:03 [2780:776] Loaded ID from file: W0Q381DY 05/28 10:58:03 [2780:776] Loaded ID from file: fqdn:UKSSYSD32179.UK.EU.lafargeone.net 05/28 10:58:03 [2780:776] Loaded ID from file: hdvol:1861875980 05/28 10:58:03 [2780:776] Loaded ID from file: osversion:5.1.2600 05/28 10:58:03 [2780:776] Successfully imported system IDs from the file 05/28 10:58:03 [2780:776] Merging IDs... 05/28 10:58:03 [2780:776] ID 9C:8E:99:D2:D7:DF exists, updated last used time, type: 2 05/28 10:58:03 [2780:776] ID CZC20919HF exists, updated last used time, type: 4 05/28 10:58:03 [2780:776] ID W0Q381DY exists, updated last used time, type: 1 05/28 10:58:03 [2780:776] ID fqdn:UKSSYSD32179.UK.EU.lafargeone.net exists, updated last used time, type: 5 05/28 10:58:03 [2780:776] ID hdvol:1861875980 exists, updated last used time, type: 7 05/28 10:58:03 [2780:776] ID osversion:5.1.2600 exists, updated last used time, type: 6 05/28 10:58:03 [2780:776] Finished merging IDs 05/28 10:58:03 [2780:776] Getting the hardware key... 05/28 10:58:03 [2780:776] Hardware config contained 6 IDs 05/28 10:58:03 [2780:776] configid=0x568f07c key=E717E844131F1AF6DF6FF01071DCFF74 len=32 valid=1 05/28 10:58:03 [2780:776] File Count: 3 System Count: 3 Number to Match: 1 Match Count: 3 05/28 10:58:03 [2780:776] configid=0x568efec key=E717E844131F1AF6DF6FF01071DCFF74 len=32 valid=1 05/28 10:58:03 [2780:776] Exporting hardware config to the file 05/28 10:58:03 [2780:776] configid=0x568f10c key=E717E844131F1AF6DF6FF01071DCFF74 len=32 valid=1 05/28 10:58:03 [2780:776] Successfully exported hardware key data to file 05/28 10:58:03 [2780:776] Hardware ID assigned: E717E844131F1AF6DF6FF01071DCFF74 05/28 10:58:03 [2780:684] Saving SMC State 05/28 10:58:03 [2780:684] chmod on file c:\Program Files\Symantec\Symantec Endpoint Protection\SerState.dat to read/write. 05/28 10:58:03 [2780:684] c:\Program Files\Symantec\Symantec Endpoint Protection\StdDef.dat: Not found. 05/28 10:58:03 [2780:684] c:\Program Files\Symantec\Symantec Endpoint Protection\trojan.dat: Not found. 05/28 10:58:03 [2780:2420] The Server IP: 192.1.199.94 Server Name 05/28 10:58:04 [2780:776] [MakeRegisterData] registration Hardware Key=E717E844131F1AF6DF6FF01071DCFF74 05/28 10:58:04 [2780:776] AH: Setting the Browser Session end option & Resetting the URL session .. 05/28 10:58:04 [2780:776] 200=>200 OK 05/28 10:58:04 [2780:776] Lock proxy setting 1 05/28 10:58:04 [2780:776] [SendRegsitrationRequest] Request Result= 0 05/28 10:58:04 [2780:776] [mfn_RegSaveResult] Registration succeed!HostID=81BEB9750A1E692600FA81F393D17D4D 05/28 10:58:04 [2780:776] [mfn_RegSaveResult] ComputerID=7E91977F0A1E692600FA81F3FC5576EE 05/28 10:58:04 [2780:776] [mfn_RegSaveResult] Hash Key=A3EA3F7BC00B23EAD5E06D02E5BFD0CC 05/28 10:58:04 [2780:776] AVMan: Entering ReceiveMessage with msg id 262145 05/28 10:58:04 [2780:776] AVMan: Enabled event forwarding. 05/28 10:58:04 [2780:776] AVMan: Leaving ReceiveMessage 05/28 10:58:04 [2780:776] LUMan: Entering ReceiveMessage with message id 262145 05/28 10:58:05 [2780:776] HeartbeatProcSucceed to connect to server with proxy setting 1 05/28 10:58:10 [2780:776] AH: Setting the Browser Session end option & Resetting the URL session .. 05/28 10:58:10 [2780:776] 200=>200 OK 05/28 10:58:10 [2780:776] LuMan: Entering QueryContentSeqData() 05/28 10:58:10 [2780:776] LUMan: SEP is installed without AVdef. Make extra StartRefreshSettingsThread() call to register the new monikers. 05/28 10:58:10 [2780:776] LUMan: Started a refresh settings thread with ID #4000 05/28 10:58:10 [2780:4000] LUMan: Entering UpdateContentRegistration() 05/28 10:58:10 [2780:4000] LUMan: UpdateContentRegistration() - Content {1CD85198-26C6-4bac-8C72-5D34B025DE35} is _not_ supported on this platform 05/28 10:58:10 [2780:4000] LUMan: UpdateContentRegistration() - Content {42B17E5E-4E9D-4157-88CB-966FB4985928} is _not_ supported on this platform 05/28 10:58:10 [2780:4000] LUMan: UpdateContentRegistration() - Content {4F889C4A-784D-40de-8539-6A29BAA43139} is supported on this platform 05/28 10:58:10 [2780:4000] LUMan: UpdateContentRegistration() - Registering callbacks for content {4F889C4A-784D-40de-8539-6A29BAA43139} 05/28 10:58:10 [2780:4000] LUMan: UpdateContentRegistration() - Content {812CD25E-1049-4086-9DDD-A4FAE649FBDF} is supported on this platform 05/28 10:58:10 [2780:4000] LUMan: UpdateContentRegistration() - Registering callbacks for content {812CD25E-1049-4086-9DDD-A4FAE649FBDF} 05/28 10:58:10 [2780:4000] LUMan: UpdateContentRegistration() - Content {B36CDA3C-B15B-421c-A2A4-7EC70E3B852B} is supported on this platform 05/28 10:58:10 [2780:4000] LUMan: UpdateContentRegistration() - Registering callbacks for content {B36CDA3C-B15B-421c-A2A4-7EC70E3B852B} 05/28 10:58:10 [2780:4000] LUMan: UpdateContentRegistration() - Content {C13726A9-8DF7-4583-9B39-105B7EBD55E2} is supported on this platform 05/28 10:58:10 [2780:4000] LUMan: UpdateContentRegistration() - Registering callbacks for content {C13726A9-8DF7-4583-9B39-105B7EBD55E2} 05/28 10:58:10 [2780:4000] LUMan: UpdateContentRegistration() - Content {C25CEA47-63E5-447b-8D95-C79CAE13FF79} is supported on this platform 05/28 10:58:10 [2780:4000] LUMan: UpdateContentRegistration() - Registering callbacks for content {C25CEA47-63E5-447b-8D95-C79CAE13FF79} 05/28 10:58:10 [2780:4000] LUMan: UpdateContentRegistration() - Content {C60DC234-65F9-4674-94AE-62158EFCA433} is supported on this platform 05/28 10:58:10 [2780:4000] LUMan: UpdateContentRegistration() - Registering callbacks for content {C60DC234-65F9-4674-94AE-62158EFCA433} 05/28 10:58:10 [2780:4000] LUMan: UpdateContentRegistration() - Content {D3769926-05B7-4ad1-9DCF-23051EEE78E3} is supported on this platform 05/28 10:58:10 [2780:4000] LUMan: UpdateContentRegistration() - Registering callbacks for content {D3769926-05B7-4ad1-9DCF-23051EEE78E3} 05/28 10:58:10 [2780:4000] LUMan: UpdateContentRegistration() - Content {DFB8BBDD-52DE-427e-9EB3-FB7665893221} is _not_ supported on this platform 05/28 10:58:10 [2780:4000] LUMan: UpdateContentRegistration() - Content {E5A3EBEE-D580-421e-86DF-54C0B3739522} is supported on this platform 05/28 10:58:10 [2780:4000] LUMan: UpdateContentRegistration() - Registering callbacks for content {E5A3EBEE-D580-421e-86DF-54C0B3739522} 05/28 10:58:10 [2780:4000] LUMan: UpdateContentRegistration() - Content {EA960B33-2196-4d53-8AC4-D5043A5B6F9B} is supported on this platform 05/28 10:58:10 [2780:4000] LUMan: UpdateContentRegistration() - Registering callbacks for content {EA960B33-2196-4d53-8AC4-D5043A5B6F9B} 05/28 10:58:10 [2780:4000] LUMan: UpdateContentRegistration() - Content {ECCC5006-EF61-4c99-829A-417B6C6AD963} is supported on this platform 05/28 10:58:10 [2780:4000] LUMan: UpdateContentRegistration() - Registering callbacks for content {ECCC5006-EF61-4c99-829A-417B6C6AD963} 05/28 10:58:10 [2780:776] LuMan: Entering QueryContentSeqData() 05/28 10:58:10 [2780:776] LuMan: Entering QueryContentSeqData() 05/28 10:58:10 [2780:776] LuMan: Entering QueryContentSeqData() 05/28 10:58:10 [2780:776] LuMan: Entering QueryContentSeqData() 05/28 10:58:10 [2780:776] LuMan: Entering QueryContentSeqData() 05/28 10:58:10 [2780:776] LuMan: Entering QueryContentSeqData() 05/28 10:58:10 [2780:776] LuMan: Entering QueryContentSeqData() 05/28 10:58:10 [2780:776] LuMan: Entering QueryContentSeqData() 05/28 10:58:10 [2780:776] AVMan: invoking GetOpStateString. 05/28 10:58:10 [2780:776] AVMan: Entering GetOpStateString 05/28 10:58:25 [2780:776] AVMan: Leaving GetOpStateString 05/28 10:58:25 [2780:776] AVMan: invoking FreeOpStateStringPtr. 05/28 10:58:25 [2780:776] AVMan: Entering FreeOpStateStringPtr 05/28 10:58:25 [2780:776] LUMan: invoking GetOpStateString. 05/28 10:58:26 [2780:776] LUMan: invoking FreeOpStateStringPtr. 05/28 10:58:26 [2780:776] StatusUpdateCallback: 05/28 10:58:26 [2780:776] AH: Setting the Browser Session end option & Resetting the URL session .. 05/28 10:58:26 [2780:776] tech extension map ptr is NULL. Getting it from Sylog 05/28 10:58:26 [2780:776] initialized technology extension processing ok 05/28 10:58:26 [2780:776] found 4 extensions 05/28 10:58:26 [2780:776] starting 05/28 10:58:26 [2780:776] check techID AVMan 05/28 10:58:26 [2780:776] Rec Count: 2 Byte Count: 0 05/28 10:58:26 [2780:776] GetSummary() returned 2 05/28 10:58:26 [2780:776] check techID GUP 05/28 10:58:26 [2780:776] Rec Count: 0 Byte Count: 0 05/28 10:58:26 [2780:776] GetSummary() returned 0 05/28 10:58:26 [2780:776] check techID LUMan 05/28 10:58:26 [2780:776] Rec Count: 0 Byte Count: 0 05/28 10:58:26 [2780:776] GetSummary() returned 0 05/28 10:58:26 [2780:776] check techID NacMan 05/28 10:58:26 [2780:776] Rec Count: 0 Byte Count: 0 05/28 10:58:26 [2780:776] GetSummary() returned 0 05/28 10:58:26 [2780:776] completed. Found 2 records 05/28 10:58:26 [2780:776] found 2 tech extension records 05/28 10:58:26 [2780:776] nSecurityRecordsTotal=0 05/28 10:58:26 [2780:776] nSecurityRecordsToSend=0 05/28 10:58:26 [2780:776] nSystemRecordsTotal=12 05/28 10:58:26 [2780:776] nSystemRecordsToSend=50 05/28 10:58:26 [2780:776] nTrafficRecordsTotal=10 05/28 10:58:26 [2780:776] nTrafficRecordsToSend=41 05/28 10:58:26 [2780:776] nRawRecordsTotal=0 05/28 10:58:26 [2780:776] nRawRecordsToSend=0 05/28 10:58:26 [2780:776] nProcessRecordsTotal=0 05/28 10:58:26 [2780:776] nProcessRecordsToSend=0 05/28 10:58:26 [2780:776] nLANSensorRecordsTotal=0 05/28 10:58:26 [2780:776] nLANSensorRecordsToSend=0 05/28 10:58:26 [2780:776] nTechExtensionRecordsTotal=2 05/28 10:58:26 [2780:776] nTechExtensionRecordsToSend=8 05/28 10:58:26 [2780:776] sys_event_idfirst=6 05/28 10:58:26 [2780:776] sys_event_idlast=17 05/28 10:58:26 [2780:776] sec_event_idfirst=1 05/28 10:58:26 [2780:776] sec_event_idlast=0 05/28 10:58:26 [2780:776] tra_event_idfirst=8756 05/28 10:58:26 [2780:776] tra_event_idlast=8765 05/28 10:58:26 [2780:776] raw_event_idfirst=1 05/28 10:58:26 [2780:776] raw_event_idlast=0 05/28 10:58:26 [2780:776] process_event_idfirst=1 05/28 10:58:26 [2780:776] process_event_idlast=0 05/28 10:58:26 [2780:776] lansensor_event_idfirst=1 05/28 10:58:26 [2780:776] lansensor_event_idlast=0 05/28 10:58:26 [2780:776] Extension count: 4 05/28 10:58:26 [2780:776] 0001 0039 0004 AVMan;GUP;LUMan;NacMan 05/28 10:58:26 [2780:776] Attached total 1619 bytes to Tech Extension event log section. 05/28 10:58:26 [2780:776] updating Tech Extension values in event log header 05/28 10:58:26 [2780:776] AH: Setting the Browser Session end option & Resetting the URL session .. 05/28 10:59:23 [2780:3616] Remove file check prompt session by sn change at: C:\Program Files\Internet Explorer\iexplore.exe 05/28 10:59:24 [2780:3616] Remove file check prompt session by sn change at: C:\Program Files\Internet Explorer\iexplore.exe 05/28 10:59:51 [2780:3616] Remove file check prompt session by sn change at: C:\Program Files\Internet Explorer\iexplore.exe 05/28 10:59:51 [2780:3616] Remove file check prompt session by sn change at: C:\Program Files\Internet Explorer\iexplore.exe 05/28 11:01:01 [2780:3616] Remove file check prompt session by sn change at: C:\Program Files\Internet Explorer\iexplore.exe 05/28 11:02:17 [2780:536] Saving SMC State 05/28 11:02:17 [2780:536] chmod on file c:\Program Files\Symantec\Symantec Endpoint Protection\SerState.dat to read/write. 05/28 11:02:17 [2780:536] c:\Program Files\Symantec\Symantec Endpoint Protection\StdDef.dat: Not found. 05/28 11:02:17 [2780:536] c:\Program Files\Symantec\Symantec Endpoint Protection\trojan.dat: Not found. 05/28 11:06:21 [2780:3616] Remove file check prompt session by sn change at: C:\WINDOWS\system32\DWRCS.EXE 05/28 11:06:30 [2780:684] SMCGui - 488: SymCorpUI is not trusted 05/28 11:06:33 [2780:536] Saving SMC State 05/28 11:06:33 [2780:536] chmod on file c:\Program Files\Symantec\Symantec Endpoint Protection\SerState.dat to read/write. 05/28 11:06:33 [2780:536] c:\Program Files\Symantec\Symantec Endpoint Protection\StdDef.dat: Not found. 05/28 11:06:33 [2780:536] c:\Program Files\Symantec\Symantec Endpoint Protection\trojan.dat: Not found. 05/28 11:07:34 [2780:2188] LUMan: Scheduled LU sleep timeout, checking schedule... 05/28 11:07:34 [2780:2188] LUMan: ScheduledLuThread() current time 11:7:34 05/28 11:07:34 [2780:2188] LUMan: ScheduleUpdateWatcherProc() delay: 0 mins; interval: 240 mins 05/28 11:07:34 [2780:2188] LUMan: policy change event received, reading new LU schedule 05/28 11:07:34 [2780:2188] LUMan: policy change: current time 11:7:34 05/28 11:07:34 [2780:2188] LUMan: policy change: new delay: 0 mins; new interval: 240 mins 05/28 11:07:35 [2780:2188] LUMan: ScheduledLuThread() Scheduled LU Disabled, skipping at 11:7:35; minutes to next check: 240 05/28 11:07:35 [2780:2188] LUMan: Previous LU is the first run, resetting LU schedule 05/28 11:07:35 [2780:2188] LUMan: ScheduledLuThread() resetting LU schedule after the first LU run: current time 11:7:35 05/28 11:07:35 [2780:2188] LUMan: ScheduledLuThread() resetting LU schedule after the first LU run: new delay: 0 mins; new interval: 240 mins 05/28 11:07:36 [2780:2188] LUMan: ScheduledLuThread() Scheduled LU Disabled, skipping at 11:7:36; minutes to next check: 240 05/28 11:10:49 [2780:536] Saving SMC State 05/28 11:10:49 [2780:536] chmod on file c:\Program Files\Symantec\Symantec Endpoint Protection\SerState.dat to read/write. 05/28 11:10:49 [2780:536] c:\Program Files\Symantec\Symantec Endpoint Protection\StdDef.dat: Not found. 05/28 11:10:49 [2780:536] c:\Program Files\Symantec\Symantec Endpoint Protection\trojan.dat: Not found. 05/28 11:15:05 [2780:536] Saving SMC State 05/28 11:15:05 [2780:536] chmod on file c:\Program Files\Symantec\Symantec Endpoint Protection\SerState.dat to read/write. 05/28 11:15:05 [2780:536] c:\Program Files\Symantec\Symantec Endpoint Protection\StdDef.dat: Not found. 05/28 11:15:05 [2780:536] c:\Program Files\Symantec\Symantec Endpoint Protection\trojan.dat: Not found. 05/28 11:19:21 [2780:536] Saving SMC State 05/28 11:19:21 [2780:536] chmod on file c:\Program Files\Symantec\Symantec Endpoint Protection\SerState.dat to read/write. 05/28 11:19:21 [2780:536] c:\Program Files\Symantec\Symantec Endpoint Protection\StdDef.dat: Not found. 05/28 11:19:21 [2780:536] c:\Program Files\Symantec\Symantec Endpoint Protection\trojan.dat: Not found.