Internet Conncection Disabled

Question

aschmidt 0 Newbie Poster

13 Years Ago

I work at a small business and my computer is telling me it has trojans on it. I cannot access the internet, a blank page comes up and says "unable to connect". I disabled the firewall and as soon as I open internet explorer back up the firewall turns back on by itself. Another thing that came up when I scanned it with AVG was conhost.exe and csrss.exe I believe I found the csrss.exe and deleted it, but AVG keeps detecting trojans.

GMER 1.0.15.15572 - http://www.gmer.net
Rootkit scan 2011-05-03 09:21:34
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\iaStor0 WDC_WD80 rev.10.0
Running: w8yz64yk.exe; Driver: C:\DOCUME~1\MWCOUN~1\LOCALS~1\Temp\pxlcyaog.sys

---- System - GMER 1.0.15 ----

SSDT 89A6C7E8 ZwAlertResumeThread
SSDT 89A67390 ZwAlertThread
SSDT 8919F840 ZwAllocateVirtualMemory
SSDT 8917F1F0 ZwConnectPort
SSDT 8916C828 ZwCreateMutant
SSDT 8917A2F0 ZwCreateThread
SSDT 8919F6A0 ZwFreeVirtualMemory
SSDT 89ADC910 ZwImpersonateAnonymousToken
SSDT 89A79238 ZwImpersonateThread
SSDT 8916CFB0 ZwMapViewOfSection
SSDT 89A2D518 ZwOpenEvent
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xBA3A1738]
SSDT 89A68B18 ZwOpenProcessToken
SSDT 8916CDC8 ZwOpenThreadToken
SSDT 89A299C0 ZwResumeThread
SSDT 89A7C528 ZwSetContextThread
SSDT 8916CE98 ZwSetInformationProcess
SSDT 8916CC70 ZwSetInformationThread
SSDT 89A12BC0 ZwSuspendProcess
SSDT 89A1BC20 ZwSuspendThread
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xBA3A17DC]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xBA3A1878]
SSDT 89A6DE50 ZwUnmapViewOfSection
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xBA3A1914]

---- Devices - GMER 1.0.15 ----

Device Ntfs.sys (NT File System Driver/Microsoft Corporation)
Device Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)

AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)

AttachedDevice fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Disk sectors - GMER 1.0.15 ----

Disk \Device\Harddisk0\DR0 TDL4@MBR code has been found <-- ROOTKIT !!!
Disk \Device\Harddisk0\DR0 sector 00: rootkit-like behavior

---- EOF - GMER 1.0.15 ----

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by mwcountertwo at 10:44:17.54 on Tue 05/03/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13
.
============== Running Processes ===============
.
\??\C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\DOCUME~1\MWCOUN~1\Desktop\ciscovpn\INSTAL~1.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\UPS\WSTD\UPSNA1Msgr.exe
C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
\??\C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\SpyNoMore\SNM.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Linksys\Network Storage\Network Drive Mapping Utility.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
\??\C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MICROSOFT SQL SERVER\80\TOOLS\BINN\sqlmangr.exe
C:\UPS\WSTD\WSTDMessaging.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
E:\dds.scr
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.live.com
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = http=127.0.0.1:54202
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
uRun: [Network Drive Mapping Utility] "c:\program files\linksys\network storage\Network Drive Mapping Utility.exe"
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [Network Drive Mapping Utility] "c:\program files\linksys\network storage\Network Drive Mapping Utility.exe" Z
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [PaperPort PTD] "c:\program files\scansoft\paperport\pptd40nt.exe"
mRun: [IndexSearch] "c:\program files\scansoft\paperport\IndexSearch.exe"
mRun: [PPort11reminder] "c:\program files\scansoft\paperport\ereg\ereg.exe" -r "c:\documents and settings\all users\application data\scansoft\paperport\11\config\ereg\Ereg.ini"
mRun: [BrMfcWnd] c:\program files\brother\brmfcmon\BrMfcWnd.exe /AUTORUN
mRun: [ControlCenter3] c:\program files\brother\controlcenter3\brctrcen.exe /autorun
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [NA1Messenger] c:\ups\wstd\UPSNA1Msgr.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [SNM] c:\program files\spynomore\SNM.exe /startup
dRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Notify: igfxcui - igfxdev.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
mASetup: {55789A0E-F687-4104-9C23-131BB6859C71} - "c:\program files\maas360\maas360 control service\ISUSPM_ini.exe"
uASetup: {55789A0E-F687-4104-9C23-131BB6859C71} - "c:\program files\maas360\maas360 control service\ISUSPM_ini.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\mwcoun~1\applic~1\mozilla\firefox\profiles\3hlnduce.default\
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 54202
FF - prefs.js: network.proxy.type - 1
FF - plugin: c:\program files\nos\bin\np_gp.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - c:\program files\avg\avg10\Firefox
FF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} - c:\program files\avg\avg10\Firefox4
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============
.
R? EMSAgent;Maas360 Visibility Service
R? MSSQL$UPSWSDBSERVER;MSSQL$UPSWSDBSERVER
R? SQLAgent$UPSWSDBSERVER;SQLAgent$UPSWSDBSERVER
R? vsdatant;vsdatant
R? XoftSpyService;XoftSpyService
S? ASFAgent;ASF Agent
S? AVGIDSAgent;AVGIDSAgent
S? AVGIDSDriver;AVGIDSDriver
S? AVGIDSEH;AVGIDSEH
S? AVGIDSFilter;AVGIDSFilter
S? AVGIDSShim;AVGIDSShim
S? Avgldx86;AVG AVI Loader Driver
S? Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield
S? Avgrkx86;AVG Anti-Rootkit Driver
S? Avgtdix;AVG TDI Driver
S? avgwd;AVG WatchDog
S? ccEvtMgr;Symantec Event Manager
S? ccSetMgr;Symantec Settings Manager
S? e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K
S? EraserUtilRebootDrv;EraserUtilRebootDrv
S? NAVENG;NAVENG
S? NAVEX15;NAVEX15
S? SFAUDIO;Sonic Focus DSP Driver
S? Symantec AntiVirus;Symantec Endpoint Protection
.
=============== Created Last 30 ================
.
2011-05-03 13:27:00 -------- d-----w- c:\program files\common files\XoftSpySE
2011-05-03 13:27:00 -------- d-----w- c:\program files\common files\ParetoLogic
2011-05-03 13:27:00 -------- d-----w- c:\docume~1\alluse~1\applic~1\XoftSpySE
2011-05-03 13:27:00 -------- d-----w- c:\docume~1\alluse~1\applic~1\ParetoLogic
2011-05-03 13:26:52 -------- d-----w- c:\program files\XoftSpySE6
2011-05-03 12:56:26 1152 ----a-w- c:\windows\system32\windrv.sys
2011-05-03 12:56:20 -------- d-----w- c:\program files\SpyNoMore
2011-05-03 12:55:23 -------- d-----w- c:\docume~1\mwcoun~1\applic~1\GetRightToGo
2011-05-02 18:04:18 -------- d--h--w- C:\$AVG
2011-05-02 16:49:17 -------- d-----w- c:\docume~1\mwcoun~1\applic~1\AVG10
2011-05-02 16:46:56 -------- d--h--w- c:\docume~1\alluse~1\applic~1\Common Files
2011-05-02 16:45:52 -------- d-----w- c:\windows\system32\drivers\AVG
2011-05-02 16:45:52 -------- d-----w- c:\docume~1\alluse~1\applic~1\AVG10
2011-05-02 16:45:14 -------- d-----w- c:\program files\AVG
2011-05-02 16:29:26 -------- d-----w- c:\docume~1\alluse~1\applic~1\MFAData
2011-05-02 16:29:15 5497592 ----a-w- c:\program files\avg_free_stb_all_2011_1321_cnet.exe
2011-05-02 15:46:33 -------- d-----w- C:\Microsoft
2011-04-28 14:35:50 -------- d-sh--w- c:\documents and settings\mwcountertwo\IECompatCache
2011-04-28 13:13:43 -------- d-----w- c:\docume~1\mwcoun~1\applic~1\Malwarebytes
2011-04-27 21:00:38 -------- d-----w- c:\docume~1\alluse~1\applic~1\PopCap
2011-04-15 08:05:31 -------- d-----w- c:\windows\ServicePackFiles
2011-04-14 08:39:02 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
.
==================== Find3M ====================
.
2011-03-07 05:33:50 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:37:06 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:27:43 1866880 ----a-w- c:\windows\system32\win32k.sys
2011-02-22 23:06:29 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:06:29 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-22 23:06:29 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-02-22 11:41:59 385024 ----a-w- c:\windows\system32\html.iec
2011-02-17 12:32:12 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56:39 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-11 13:25:52 229888 ----a-w- c:\windows\system32\fxscover.exe
2011-02-09 13:53:52 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53:52 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33:55 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33:55 974848 ----a-w- c:\windows\system32\mfc42u.dll
.
============= FINISH: 10:48:10.35 ===============

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4052

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

5/3/2011 10:11:47 AM
mbam-log-2011-05-03 (10-11-47).txt

Scan type: Full scan (C:\|)
Objects scanned: 209640
Time elapsed: 49 minute(s), 2 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

windows-virus

Attach.txt (21.98 KB)

The attachment preview is chopped off after the first 10 KB. Please download the entire file.

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 3/23/2009 2:17:37 PM
System Uptime: 5/3/2011 10:25:11 AM (0 hours ago)
.
Motherboard: Dell Inc. |  | 0F373D
Processor: Intel(R) Core(TM)2 Duo CPU     E7300  @ 2.66GHz | CPU | 2659/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 74 GiB total, 54.45 GiB free.
D: is CDROM ()
E: is Removable
W: is NetworkDisk (NTFS) - 465 GiB total, 465.289 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP478: 2/3/2011 9:27:59 AM - System Checkpoint
RP479: 2/4/2011 10:34:28 AM - System Checkpoint
RP480: 2/7/2011 10:35:57 AM - System Checkpoint
RP481: 2/8/2011 11:02:56 AM - System Checkpoint
RP482: 2/9/2011 12:46:50 PM - System Checkpoint
RP483: 2/10/2011 3:00:12 AM - Software Distribution Service 3.0
RP484: 2/11/2011 8:07:07 AM - System Checkpoint
RP485: 2/12/2011 2:17:58 PM - System Checkpoint
RP486: 2/14/2011 9:02:36 AM - System Checkpoint
RP487: 2/15/2011 11:24:58 AM - System Checkpoint
RP488: 2/16/2011 11:50:03 AM - System Checkpoint
RP489: 2/17/2011 2:13:50 PM - System Checkpoint
RP490: 2/18/2011 2:52:02 PM - System Checkpoint
RP491: 2/21/2011 1:24:10 PM - System Checkpoint
RP492: 2/22/2011 3:13:12 PM - System Checkpoint
RP493: 2/23/2011 4:24:16 PM - System Checkpoint
RP494: 2/25/2011 8:18:52 AM - System Checkpoint
RP495: 2/28/2011 8:19:30 AM - System Checkpoint
RP496: 3/1/2011 11:25:08 AM - System Checkpoint
RP497: 3/2/2011 1:11:31 PM - System Checkpoint
RP498: 3/3/2011 2:18:41 PM - System Checkpoint
RP499: 3/4/2011 2:55:14 PM - System Checkpoint
RP500: 3/6/2011 2:50:06 PM - System Checkpoint
RP501: 3/7/2011 3:25:36 PM - System Checkpoint
RP502: 3/8/2011 4:21:13 PM - System Checkpoint
RP503: 3/9/2011 1:47:52 PM - Installed Cisco Systems VPN Client 5.0.04.0300
RP504: 3/9/2011 2:07:52 PM - Removed Cisco Systems VPN Client 5.0.04.0300
RP505: 3/9/2011 2:11:49 PM - Installed Cisco Systems VPN Client 5.0.04.0300
RP506: 3/10/2011 3:00:12 AM - Software Distribution Service 3.0
RP507: 3/11/2011 7:40:44 AM - System Checkpoint
RP508: 3/14/2011 11:12:51 AM - System Checkpoint
RP509: 3/15/2011 11:30:35 AM - System Checkpoint
RP510: 3/16/2011 1:30:59 PM - System Checkpoint
RP511: 3/18/2011 8:53:36 AM - System Checkpoint
RP512: 3/19/2011 10:07:36 AM - System Checkpoint
RP513: 3/20/2011 11:31:21 AM - System Checkpoint
RP514: 3/21/2011 1:44:25 PM - System Checkpoint
RP515: 3/22/2011 2:09:38 PM - System Checkpoint
RP516: 3/23/2011 5:06:48 PM - System Checkpoint
RP517: 3/24/2011 3:00:12 AM - Software Distribution Service 3.0
RP518: 3/25/2011 8:14:40 AM - System Checkpoint
RP519: 3/28/2011 8:17:45 AM - System Checkpoint
RP520: 3/29/2011 8:25:05 AM - System Checkpoint
RP521: 3/30/2011 9:01:43 AM - System Checkpoint
RP522: 3/31/2011 9:04:19 AM - System Checkpoint
RP523: 4/1/2011 12:17:10 PM - System Checkpoint
RP524: 4/4/2011 9:36:36 AM - System Checkpoint
RP525: 4/5/2011 12:03:11 PM - System Checkpoint
RP526: 4/6/2011 1:18:54 PM - System Checkpoint
RP527: 4/7/2011 1:45:55 PM - System Checkpoint
RP528: 4/8/2011 3:48:07 PM - System Checkpoint
RP529: 4/11/2011 10:17:53 AM - System Checkpoint
RP530: 4/12/2011 8:25:47 AM - Removed Cisco Systems VPN Client 5.0.04.0300
RP531: 4/13/2011 10:05:24 AM - System Checkpoint
RP532: 4/14/2011 10:18:38 AM - System Checkpoint
RP533: 4/15/2011 3:00:12 AM - Software Distribution Service 3.0
RP534: 4/18/2011 7:31:35 AM - System Checkpoint
RP535: 4/19/2011 7:55:57 AM - System Checkpoint
RP536: 4/20/2011 9:50:43 AM - System Checkpoint
RP537: 4/21/2011 12:56:56 PM - System Checkpoint
RP538: 4/22/2011 1:20:55 PM - System Checkpoint
RP539: 4/23/2011 1:52:53 PM - System Checkpoint
RP540: 4/24/2011 4:17:07 PM - System Checkpoint
RP541: 4/25/2011 4:38:04 PM - System Checkpoint
RP542: 4/26/2011 11:39:24 AM - Installed Microsoft Visual C++ 2005 Redistributable - KB2467175
RP543: 4/27/2011 1:54:31 PM - System Checkpoint
RP544: 4/28/2011 8:09:54 AM - Installed Cisco Systems VPN Client 5.0.04.0300
RP545: 4/29/2011 11:10:15 AM - System Checkpoint
RP546: 5/2/2011 11:45:02 AM - Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
RP547: 5/2/2011 11:45:14 AM - Installed AVG 2011
RP548: 5/2/2011 11:45:38 AM - Installed AVG 2011
.
==== Installed Programs ======================
.
2007 Microsoft Office Suite Service Pack 1 (SP1)
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9.4.4
AVG 2011
Brother MFL-Pro Suite
CCC
Choice Guard
Citrix XenApp Web Plugin
Dell Wireless WLAN Card
Extend360 Enforcement Agent
FormsComponent
FOSS
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB953955)
Hotfix for Windows XP (KB954434)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB958347)
Hotfix for Windows XP (KB959252)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
ICCHelp
Intel(R) Graphics Media Accelerator Driver
Intel(R) Network Connections 13.1.34.2
Intel(R) PRO Alerting Agent
Java(TM) 6 Update 13
Junk Mail filter update
LiveUpdate 3.3 (Symantec Corporation)
MaaS360 Control Service
MaaS360 Software Uninstall Utility
MaaS360 Visibility Service
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Search Enhancement Pack
Microsoft Software Update for Web Folders  (English) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Desktop Engine (UPSWSDBSERVER)
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox (3.0.17)
MSIChecker
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB927977)
NA1Messenger
Network Drive Mapping Utility
NRF
PaperPort Image Printer
PolicyManager
PowerDVD
Reconciler
ReportServer
ScanSoft PaperPort 11
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB958439)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB982135)
Security Update for Microsoft Visual Basic for Applications 6.5 (KB974945)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update f

2 Contributors
13 Replies
327 Views
3 Days Discussion Span
Latest Post 13 Years Ago Latest Post by jholland1964

jholland1964 650 Posting Expert

13 Years Ago

Please read carefully and follow these steps.

Download TDSSKiller and save it to your Desktop.
Extract its contents to your desktop.
Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.

If an infected file is detected, the default action will be Cure, click on Continue.

If a suspicious file is detected, the default action will be Skip, click on Continue.

It may ask you to reboot the computer to complete the process. Click on Reboot Now.

If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Edited 13 Years Ago by jholland1964 because: n/a

jholland1964 650 Posting Expert

13 Years Ago

Now, update MBA-M and run another Full Scan with it. Have it remove everything found and Reboot the computer>>>This is VERY IMPORTANT, it must be done to complete the cleaning.
Post back here with that new log.

jholland1964 650 Posting Expert

13 Years Ago

Are you able to access the internet normally and without problems?

Please run a DDS scan following directions from the Read Me Sticky and post the log here.

Edited 13 Years Ago by jholland1964 because: n/a

jholland1964 650 Posting Expert

13 Years Ago

That is only one of the DDS logs, where is the other one?

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

aschmidt 0 Newbie Poster · Answer 1 · 2011-05-04T01:57:25+00:00

2011/05/03 14:30:14.0546 6344 TDSS rootkit removing tool 2.5.0.0 May 1 2011 14:20:16
2011/05/03 14:30:14.0953 6344 ================================================================================
2011/05/03 14:30:14.0953 6344 SystemInfo:
2011/05/03 14:30:14.0953 6344
2011/05/03 14:30:14.0953 6344 OS Version: 5.1.2600 ServicePack: 3.0
2011/05/03 14:30:14.0953 6344 Product type: Workstation
2011/05/03 14:30:14.0953 6344 ComputerName: MWCOUNTER2
2011/05/03 14:30:14.0953 6344 UserName: mwcountertwo
2011/05/03 14:30:14.0953 6344 Windows directory: C:\WINDOWS
2011/05/03 14:30:14.0953 6344 System windows directory: C:\WINDOWS
2011/05/03 14:30:14.0953 6344 Processor architecture: Intel x86
2011/05/03 14:30:14.0953 6344 Number of processors: 2
2011/05/03 14:30:14.0953 6344 Page size: 0x1000
2011/05/03 14:30:14.0953 6344 Boot type: Normal boot
2011/05/03 14:30:14.0953 6344 ================================================================================
2011/05/03 14:30:15.0140 6344 Initialize success
2011/05/03 14:30:21.0078 5984 ================================================================================
2011/05/03 14:30:21.0078 5984 Scan started
2011/05/03 14:30:21.0078 5984 Mode: Manual;
2011/05/03 14:30:21.0078 5984 ================================================================================
2011/05/03 14:30:22.0968 5984 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2011/05/03 14:30:23.0015 5984 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/05/03 14:30:23.0062 5984 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/05/03 14:30:23.0140 5984 ADIHdAudAddService (d80d1d73d1dbf38d0afe692c8bdc939a) C:\WINDOWS\system32\drivers\ADIHdAud.sys
2011/05/03 14:30:23.0187 5984 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2011/05/03 14:30:23.0234 5984 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/05/03 14:30:23.0421 5984 AFD (7618d5218f2a614672ec61a80d854a37) C:\WINDOWS\System32\drivers\afd.sys
2011/05/03 14:30:23.0500 5984 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2011/05/03 14:30:23.0546 5984 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2011/05/03 14:30:23.0593 5984 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2011/05/03 14:30:23.0609 5984 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2011/05/03 14:30:23.0656 5984 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2011/05/03 14:30:23.0718 5984 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2011/05/03 14:30:23.0765 5984 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2011/05/03 14:30:23.0828 5984 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2011/05/03 14:30:23.0859 5984 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2011/05/03 14:30:23.0906 5984 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2011/05/03 14:30:24.0078 5984 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2011/05/03 14:30:24.0125 5984 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2011/05/03 14:30:24.0171 5984 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/05/03 14:30:24.0203 5984 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/05/03 14:30:24.0281 5984 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/05/03 14:30:24.0328 5984 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/05/03 14:30:24.0390 5984 AVGIDSDriver (646cccd12886facb8676bdd9b7d54e29) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
2011/05/03 14:30:24.0453 5984 AVGIDSEH (1af676db3f3d4cc709cfab2571cf5fc3) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
2011/05/03 14:30:24.0578 5984 AVGIDSFilter (4c51e233c87f9ec7598551de554bc99d) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
2011/05/03 14:30:24.0656 5984 AVGIDSShim (c3fc426e54f55c1cc3219e415b88e10c) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
2011/05/03 14:30:24.0703 5984 Avgldx86 (4e796d3d2c3182b13b3e3b5a2ad4ef0a) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
2011/05/03 14:30:24.0750 5984 Avgmfx86 (5639de66b37d02bd22df4cf3155fba60) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
2011/05/03 14:30:24.0812 5984 Avgrkx86 (ffbe8adeb1fd8640540bf6e4a137b3ef) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
2011/05/03 14:30:24.0875 5984 Avgtdix (69e6adf5cbbdeb5f2b727c93937a5823) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
2011/05/03 14:30:25.0031 5984 BCM43XX (b89bcf0a25aeb3b47030ac83287f894a) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
2011/05/03 14:30:25.0234 5984 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/05/03 14:30:25.0281 5984 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2011/05/03 14:30:25.0296 5984 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/05/03 14:30:25.0343 5984 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2011/05/03 14:30:25.0390 5984 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/05/03 14:30:25.0421 5984 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/05/03 14:30:25.0468 5984 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/05/03 14:30:25.0515 5984 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2011/05/03 14:30:25.0531 5984 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2011/05/03 14:30:25.0609 5984 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\WINDOWS\system32\DRIVERS\CVirtA.sys
2011/05/03 14:30:25.0656 5984 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2011/05/03 14:30:25.0703 5984 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2011/05/03 14:30:25.0875 5984 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/05/03 14:30:25.0921 5984 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/05/03 14:30:26.0046 5984 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/05/03 14:30:26.0062 5984 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/05/03 14:30:26.0140 5984 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/05/03 14:30:26.0218 5984 DNE (86d52c32a308f84bbc626bff7c1fb710) C:\WINDOWS\system32\DRIVERS\dne2000.sys
2011/05/03 14:30:26.0406 5984 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2011/05/03 14:30:26.0453 5984 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/05/03 14:30:26.0500 5984 e1kexpress (d60759140694150360bbefd9cab7c920) C:\WINDOWS\system32\DRIVERS\e1k5132.sys
2011/05/03 14:30:26.0640 5984 eeCtrl (089296aedb9b72b4916ac959752bdc89) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
2011/05/03 14:30:26.0718 5984 EraserUtilRebootDrv (850259334652d392e33ee3412562e583) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
2011/05/03 14:30:26.0796 5984 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/05/03 14:30:27.0015 5984 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/05/03 14:30:27.0031 5984 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/05/03 14:30:27.0046 5984 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/05/03 14:30:27.0093 5984 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/05/03 14:30:27.0296 5984 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/05/03 14:30:27.0343 5984 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/05/03 14:30:27.0375 5984 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/05/03 14:30:27.0421 5984 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/05/03 14:30:27.0484 5984 HECI (e4a123ad734a3731d29ebd3a01b3e535) C:\WINDOWS\system32\DRIVERS\HECI.sys
2011/05/03 14:30:27.0531 5984 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/05/03 14:30:27.0578 5984 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2011/05/03 14:30:27.0656 5984 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/05/03 14:30:27.0687 5984 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
2011/05/03 14:30:27.0734 5984 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2011/05/03 14:30:28.0031 5984 ialm (9acb03875cfe068d5cc0e98fb2cf7017) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
2011/05/03 14:30:28.0375 5984 iaStor (707c1692214b1c290271067197f075f6) C:\WINDOWS\system32\drivers\iaStor.sys
2011/05/03 14:30:28.0453 5984 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/05/03 14:30:28.0546 5984 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2011/05/03 14:30:28.0578 5984 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/05/03 14:30:28.0625 5984 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/05/03 14:30:28.0687 5984 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/05/03 14:30:28.0703 5984 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/05/03 14:30:28.0718 5984 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/05/03 14:30:28.0781 5984 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/05/03 14:30:28.0828 5984 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/05/03 14:30:28.0875 5984 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/05/03 14:30:28.0921 5984 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/05/03 14:30:29.0109 5984 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/05/03 14:30:29.0187 5984 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/05/03 14:30:29.0250 5984 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/05/03 14:30:29.0343 5984 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/05/03 14:30:29.0406 5984 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/05/03 14:30:29.0453 5984 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/05/03 14:30:29.0500 5984 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/05/03 14:30:29.0515 5984 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/05/03 14:30:29.0531 5984 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/05/03 14:30:29.0562 5984 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2011/05/03 14:30:29.0625 5984 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/05/03 14:30:29.0828 5984 MRxSmb (0ea4d8ed179b75f8afa7998ba22285ca) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/05/03 14:30:29.0937 5984 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/05/03 14:30:30.0000 5984 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/05/03 14:30:30.0015 5984 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/05/03 14:30:30.0031 5984 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/05/03 14:30:30.0062 5984 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/05/03 14:30:30.0140 5984 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/05/03 14:30:30.0203 5984 NAL (03ca886ba148b6b9996be1368ddc3fc0) C:\WINDOWS\system32\Drivers\iqvw32.sys
2011/05/03 14:30:30.0406 5984 NAVENG (c34e2a884ccca8b5567d0c2752527073) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20110502.018\NAVENG.SYS
2011/05/03 14:30:30.0453 5984 NAVEX15 (b3916eeec738dd4178f4fd6a44a32e36) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20110502.018\NAVEX15.SYS
2011/05/03 14:30:30.0687 5984 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/05/03 14:30:30.0765 5984 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/05/03 14:30:30.0828 5984 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/05/03 14:30:30.0890 5984 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/05/03 14:30:30.0953 5984 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/05/03 14:30:31.0031 5984 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/05/03 14:30:31.0062 5984 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/05/03 14:30:31.0078 5984 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/05/03 14:30:31.0156 5984 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/05/03 14:30:31.0203 5984 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/05/03 14:30:31.0265 5984 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/05/03 14:30:31.0265 5984 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/05/03 14:30:31.0328 5984 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/05/03 14:30:31.0328 5984 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/05/03 14:30:31.0375 5984 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/05/03 14:30:31.0406 5984 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/05/03 14:30:31.0562 5984 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/05/03 14:30:31.0625 5984 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/05/03 14:30:31.0703 5984 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
2011/05/03 14:30:31.0765 5984 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
2011/05/03 14:30:31.0812 5984 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/05/03 14:30:31.0875 5984 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/05/03 14:30:31.0937 5984 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/05/03 14:30:32.0000 5984 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
2011/05/03 14:30:32.0062 5984 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
2011/05/03 14:30:32.0093 5984 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
2011/05/03 14:30:32.0140 5984 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
2011/05/03 14:30:32.0187 5984 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
2011/05/03 14:30:32.0203 5984 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/05/03 14:30:32.0234 5984 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/05/03 14:30:32.0296 5984 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/05/03 14:30:32.0312 5984 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/05/03 14:30:32.0359 5984 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/05/03 14:30:32.0375 5984 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/05/03 14:30:32.0421 5984 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/05/03 14:30:32.0468 5984 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/05/03 14:30:32.0515 5984 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/05/03 14:30:32.0562 5984 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/05/03 14:30:32.0609 5984 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/05/03 14:30:32.0671 5984 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/05/03 14:30:32.0750 5984 SFAUDIO (b6401608579b6431994425ba7653f774) C:\WINDOWS\system32\drivers\sfaudio.sys
2011/05/03 14:30:32.0812 5984 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/05/03 14:30:32.0843 5984 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
2011/05/03 14:30:32.0875 5984 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
2011/05/03 14:30:33.0078 5984 SPBBCDrv (38c030777dabfc771dac7873443cfcba) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
2011/05/03 14:30:33.0281 5984 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/05/03 14:30:33.0359 5984 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/05/03 14:30:33.0421 5984 SRTSP (11564fd80e0d2fc80b904a5bcbf8d761) C:\WINDOWS\system32\Drivers\SRTSP.SYS
2011/05/03 14:30:33.0453 5984 SRTSPL (c668edee729925635c254b04e70f9493) C:\WINDOWS\system32\Drivers\SRTSPL.SYS
2011/05/03 14:30:33.0562 5984 SRTSPX (73d9add286baebdbf636eb53acf64e12) C:\WINDOWS\system32\Drivers\SRTSPX.SYS
2011/05/03 14:30:33.0609 5984 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/05/03 14:30:33.0671 5984 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
2011/05/03 14:30:33.0765 5984 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/05/03 14:30:33.0828 5984 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/05/03 14:30:33.0843 5984 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2011/05/03 14:30:33.0859 5984 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2011/05/03 14:30:33.0921 5984 SymEvent (e03ee3ef1037099554d17bed99545a5e) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
2011/05/03 14:30:33.0984 5984 SYMREDRV (9181892e5af5df8d2ac3d9d2cea48afd) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
2011/05/03 14:30:34.0015 5984 SYMTDI (d539f317e6caaa4e08911a84c2180938) C:\WINDOWS\System32\Drivers\SYMTDI.SYS
2011/05/03 14:30:34.0046 5984 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2011/05/03 14:30:34.0093 5984 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2011/05/03 14:30:34.0156 5984 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/05/03 14:30:34.0234 5984 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/05/03 14:30:34.0390 5984 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/05/03 14:30:34.0421 5984 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/05/03 14:30:34.0468 5984 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/05/03 14:30:34.0562 5984 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
2011/05/03 14:30:34.0625 5984 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/05/03 14:30:34.0671 5984 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
2011/05/03 14:30:34.0734 5984 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/05/03 14:30:34.0750 5984 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/05/03 14:30:34.0796 5984 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/05/03 14:30:34.0875 5984 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/05/03 14:30:34.0984 5984 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/05/03 14:30:35.0046 5984 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/05/03 14:30:35.0125 5984 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/05/03 14:30:35.0140 5984 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/05/03 14:30:35.0203 5984 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/05/03 14:30:35.0265 5984 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
2011/05/03 14:30:35.0296 5984 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/05/03 14:30:35.0359 5984 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/05/03 14:30:35.0421 5984 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/05/03 14:30:35.0500 5984 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/05/03 14:30:35.0687 5984 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2011/05/03 14:30:35.0718 5984 \HardDisk1 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/05/03 14:30:35.0734 5984 ================================================================================
2011/05/03 14:30:35.0734 5984 Scan finished
2011/05/03 14:30:35.0734 5984 ================================================================================
2011/05/03 14:30:35.0750 10204 Detected object count: 1
2011/05/03 14:30:46.0031 10204 \HardDisk1 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot
2011/05/03 14:30:46.0031 10204 \HardDisk1 - ok
2011/05/03 14:30:46.0031 10204 Rootkit.Win32.TDSS.tdl4(\HardDisk1) - User select action: Cure
2011/05/03 14:31:12.0703 4324 Deinitialize success

aschmidt 0 Newbie Poster · Answer 2 · 2011-05-04T04:11:35+00:00

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6501

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

5/3/2011 4:49:32 PM
mbam-log-2011-05-03 (16-49-32).txt

Scan type: Full scan (C:\|)
Objects scanned: 244809
Time elapsed: 44 minute(s), 11 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 6

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\documents and settings\all users\application data\MaaS360\maas360 visibility service\postinstall\vpostinstallrunner.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\Sun\Java\deployment\cache\6.0\40\6bff5f68-3c086744 (Backdoor.Cycbot.Gen) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\Sun\Java\deployment\cache\6.0\46\42fe12ae-50d20b94 (Trojan.FakeMS) -> Quarantined and deleted successfully.
c:\system volume information\_restore{45b5e8b9-949a-471e-999d-f381da56a2d3}\RP548\A0076870.exe (Backdoor.Cycbot.Gen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{45b5e8b9-949a-471e-999d-f381da56a2d3}\RP548\A0076942.exe (Backdoor.Cycbot.Gen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{45b5e8b9-949a-471e-999d-f381da56a2d3}\RP548\A0077086.exe (Trojan.FakeMS) -> Quarantined and deleted successfully.

aschmidt 0 Newbie Poster · Answer 3 · 2011-05-04T05:08:39+00:00

the MaaS360 program is necessary in order for me to communicate with other branches within our company, it was automatically re-installed when I restarted the computer also, while MBA-M was scanning AVG came up with trojan Pakes.KCO, trojan Generic22.ADUA, and trojan Generic22.ADSY I deleted these and restarted computer, I disabled the firewall and opened internet explorer and message came on that said "Internet Explorer cannot display webpage"

aschmidt 0 Newbie Poster · Answer 4 · 2011-05-04T05:09:22+00:00

aschmidt 0 Newbie Poster

13 Years Ago

running DDS now

aschmidt 0 Newbie Poster · Answer 5 · 2011-05-04T05:11:23+00:00

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6501

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

5/3/2011 4:49:32 PM
mbam-log-2011-05-03 (16-49-32).txt

Scan type: Full scan (C:\|)
Objects scanned: 244809
Time elapsed: 44 minute(s), 11 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 6

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\documents and settings\all users\application data\MaaS360\maas360 visibility service\postinstall\vpostinstallrunner.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\Sun\Java\deployment\cache\6.0\40\6bff5f68-3c086744 (Backdoor.Cycbot.Gen) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\Sun\Java\deployment\cache\6.0\46\42fe12ae-50d20b94 (Trojan.FakeMS) -> Quarantined and deleted successfully.
c:\system volume information\_restore{45b5e8b9-949a-471e-999d-f381da56a2d3}\RP548\A0076870.exe (Backdoor.Cycbot.Gen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{45b5e8b9-949a-471e-999d-f381da56a2d3}\RP548\A0076942.exe (Backdoor.Cycbot.Gen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{45b5e8b9-949a-471e-999d-f381da56a2d3}\RP548\A0077086.exe (Trojan.FakeMS) -> Quarantined and deleted successfully.

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 3/23/2009 2:17:37 PM
System Uptime: 5/3/2011 5:50:37 PM (1 hours ago)
.
Motherboard: Dell Inc. | | 0F373D
Processor: Intel(R) Core(TM)2 Duo CPU E7300 @ 2.66GHz | CPU | 2659/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 74 GiB total, 54.277 GiB free.
D: is CDROM ()
E: is Removable
W: is NetworkDisk (NTFS) - 465 GiB total, 465.289 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP478: 2/3/2011 9:27:59 AM - System Checkpoint
RP479: 2/4/2011 10:34:28 AM - System Checkpoint
RP480: 2/7/2011 10:35:57 AM - System Checkpoint
RP481: 2/8/2011 11:02:56 AM - System Checkpoint
RP482: 2/9/2011 12:46:50 PM - System Checkpoint
RP483: 2/10/2011 3:00:12 AM - Software Distribution Service 3.0
RP484: 2/11/2011 8:07:07 AM - System Checkpoint
RP485: 2/12/2011 2:17:58 PM - System Checkpoint
RP486: 2/14/2011 9:02:36 AM - System Checkpoint
RP487: 2/15/2011 11:24:58 AM - System Checkpoint
RP488: 2/16/2011 11:50:03 AM - System Checkpoint
RP489: 2/17/2011 2:13:50 PM - System Checkpoint
RP490: 2/18/2011 2:52:02 PM - System Checkpoint
RP491: 2/21/2011 1:24:10 PM - System Checkpoint
RP492: 2/22/2011 3:13:12 PM - System Checkpoint
RP493: 2/23/2011 4:24:16 PM - System Checkpoint
RP494: 2/25/2011 8:18:52 AM - System Checkpoint
RP495: 2/28/2011 8:19:30 AM - System Checkpoint
RP496: 3/1/2011 11:25:08 AM - System Checkpoint
RP497: 3/2/2011 1:11:31 PM - System Checkpoint
RP498: 3/3/2011 2:18:41 PM - System Checkpoint
RP499: 3/4/2011 2:55:14 PM - System Checkpoint
RP500: 3/6/2011 2:50:06 PM - System Checkpoint
RP501: 3/7/2011 3:25:36 PM - System Checkpoint
RP502: 3/8/2011 4:21:13 PM - System Checkpoint
RP503: 3/9/2011 1:47:52 PM - Installed Cisco Systems VPN Client 5.0.04.0300
RP504: 3/9/2011 2:07:52 PM - Removed Cisco Systems VPN Client 5.0.04.0300
RP505: 3/9/2011 2:11:49 PM - Installed Cisco Systems VPN Client 5.0.04.0300
RP506: 3/10/2011 3:00:12 AM - Software Distribution Service 3.0
RP507: 3/11/2011 7:40:44 AM - System Checkpoint
RP508: 3/14/2011 11:12:51 AM - System Checkpoint
RP509: 3/15/2011 11:30:35 AM - System Checkpoint
RP510: 3/16/2011 1:30:59 PM - System Checkpoint
RP511: 3/18/2011 8:53:36 AM - System Checkpoint
RP512: 3/19/2011 10:07:36 AM - System Checkpoint
RP513: 3/20/2011 11:31:21 AM - System Checkpoint
RP514: 3/21/2011 1:44:25 PM - System Checkpoint
RP515: 3/22/2011 2:09:38 PM - System Checkpoint
RP516: 3/23/2011 5:06:48 PM - System Checkpoint
RP517: 3/24/2011 3:00:12 AM - Software Distribution Service 3.0
RP518: 3/25/2011 8:14:40 AM - System Checkpoint
RP519: 3/28/2011 8:17:45 AM - System Checkpoint
RP520: 3/29/2011 8:25:05 AM - System Checkpoint
RP521: 3/30/2011 9:01:43 AM - System Checkpoint
RP522: 3/31/2011 9:04:19 AM - System Checkpoint
RP523: 4/1/2011 12:17:10 PM - System Checkpoint
RP524: 4/4/2011 9:36:36 AM - System Checkpoint
RP525: 4/5/2011 12:03:11 PM - System Checkpoint
RP526: 4/6/2011 1:18:54 PM - System Checkpoint
RP527: 4/7/2011 1:45:55 PM - System Checkpoint
RP528: 4/8/2011 3:48:07 PM - System Checkpoint
RP529: 4/11/2011 10:17:53 AM - System Checkpoint
RP530: 4/12/2011 8:25:47 AM - Removed Cisco Systems VPN Client 5.0.04.0300
RP531: 4/13/2011 10:05:24 AM - System Checkpoint
RP532: 4/14/2011 10:18:38 AM - System Checkpoint
RP533: 4/15/2011 3:00:12 AM - Software Distribution Service 3.0
RP534: 4/18/2011 7:31:35 AM - System Checkpoint
RP535: 4/19/2011 7:55:57 AM - System Checkpoint
RP536: 4/20/2011 9:50:43 AM - System Checkpoint
RP537: 4/21/2011 12:56:56 PM - System Checkpoint
RP538: 4/22/2011 1:20:55 PM - System Checkpoint
RP539: 4/23/2011 1:52:53 PM - System Checkpoint
RP540: 4/24/2011 4:17:07 PM - System Checkpoint
RP541: 4/25/2011 4:38:04 PM - System Checkpoint
RP542: 4/26/2011 11:39:24 AM - Installed Microsoft Visual C++ 2005 Redistributable - KB2467175
RP543: 4/27/2011 1:54:31 PM - System Checkpoint
RP544: 4/28/2011 8:09:54 AM - Installed Cisco Systems VPN Client 5.0.04.0300
RP545: 4/29/2011 11:10:15 AM - System Checkpoint
RP546: 5/2/2011 11:45:02 AM - Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
RP547: 5/2/2011 11:45:14 AM - Installed AVG 2011
RP548: 5/2/2011 11:45:38 AM - Installed AVG 2011
RP549: 5/3/2011 2:48:01 PM - Installed SQL KB960082(ENU).
.
==== Installed Programs ======================
.
2007 Microsoft Office Suite Service Pack 1 (SP1)
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9.4.4
AVG 2011
Brother MFL-Pro Suite
CCC
Choice Guard
Citrix XenApp Web Plugin
Dell Wireless WLAN Card
Extend360 Enforcement Agent
FormsComponent
FOSS
Hotfix 2055 for SQL Server 2000 ENU (KB960082)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB953955)
Hotfix for Windows XP (KB954434)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB958347)
Hotfix for Windows XP (KB959252)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
ICCHelp
Intel(R) Graphics Media Accelerator Driver
Intel(R) Network Connections 13.1.34.2
Intel(R) PRO Alerting Agent
Java(TM) 6 Update 13
Junk Mail filter update
LiveUpdate 3.3 (Symantec Corporation)
MaaS360 Control Service
MaaS360 Software Uninstall Utility
MaaS360 Visibility Service
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Search Enhancement Pack
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Desktop Engine (UPSWSDBSERVER)
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
MSIChecker
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB927977)
NA1Messenger
Network Drive Mapping Utility
NRF
PaperPort Image Printer
PolicyManager
PowerDVD
Reconciler
ReportServer
ScanSoft PaperPort 11
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB980376)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB982135)
Security Update for Microsoft Visual Basic for Applications 6.5 (KB974945)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953155)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
SupportUtility
Symantec Endpoint Protection
System
UnifiedPrinting
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Outlook 2007 Junk Email Filter (kb977839)
Update for Windows Internet Explorer 8 (KB971930)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB898461)
Update for Windows XP (KB951618-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
UPS WorldShip
UPSDB
UPSICC
UPSlinkHTTP
UPSVCMM
WebEx
WebFldrs XP
WebHelp
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Presentation Foundation
Windows Search 4.0
WorldShip
XML Paper Specification Shared Components Pack 1.0
.
==== Event Viewer Messages From Past Week ========
.
5/3/2011 7:55:17 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
5/3/2011 7:51:48 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx86 Avgmfx86 eeCtrl Fips intelppm SPBBCDrv SRTSP SRTSPX SYMTDI
5/3/2011 7:50:58 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
5/3/2011 7:50:57 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service LiveUpdate with arguments "" in order to run the server: {03E0E6C2-363B-11D3-B536-00902771A435}
5/3/2011 5:51:46 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000243' while processing the file 'SrtETmp' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
5/3/2011 5:12:41 PM, error: Service Control Manager [7034] - The Maas360 Visibility Service service terminated unexpectedly. It has done this 1 time(s).
5/3/2011 10:40:41 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the LiveUpdate service to connect.
5/3/2011 10:40:41 AM, error: Service Control Manager [7000] - The LiveUpdate service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/3/2011 10:40:41 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service LiveUpdate with arguments "" in order to run the server: {03E0E6C2-363B-11D3-B536-00902771A435}
5/3/2011 10:39:10 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the System Connect Util Service service to connect.
5/3/2011 10:39:10 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Maas360 Visibility Service service to connect.
5/3/2011 10:39:10 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Java Quick Starter service to connect.
5/3/2011 10:39:10 AM, error: Service Control Manager [7000] - The Maas360 Visibility Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/3/2011 10:39:10 AM, error: Service Control Manager [7000] - The Java Quick Starter service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/2/2011 7:31:14 AM, error: Service Control Manager [7023] - The Windows Firewall/Internet Connection Sharing (ICS) service terminated with the following error: Access is denied.
5/2/2011 7:30:50 AM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
5/2/2011 3:55:08 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Extend360 Agent service to connect.
5/2/2011 3:50:23 PM, error: Service Control Manager [7022] - The Automatic Updates service hung on starting.
5/2/2011 3:50:23 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Windows Search service to connect.
5/2/2011 3:50:23 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the MSSQL$UPSWSDBSERVER service to connect.
5/2/2011 3:50:23 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Fax service to connect.
5/2/2011 3:50:23 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the AVGIDSAgent service to connect.
5/2/2011 3:50:23 PM, error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/2/2011 3:50:23 PM, error: Service Control Manager [7000] - The MSSQL$UPSWSDBSERVER service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/2/2011 3:50:23 PM, error: Service Control Manager [7000] - The Fax service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/2/2011 3:50:23 PM, error: Service Control Manager [7000] - The AVGIDSAgent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/2/2011 3:48:36 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
5/2/2011 2:46:05 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
5/2/2011 11:05:21 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Symantec Endpoint Protection service to connect.
5/2/2011 11:02:51 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service Symantec AntiVirus with arguments "" in order to run the server: {5CEC0E13-CF22-414C-8D67-D44B06420FC1}
4/28/2011 7:43:11 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Extend360 Enforcement Agent service to connect.
.
==== End Of File ===========================

aschmidt 0 Newbie Poster · Answer 6 · 2011-05-04T05:23:56+00:00

Tues. 630 pm CT, I am leaving the office for the day, and I will be out all day Wed. but I will keep trying to repair the computer again on Thurs. 730am CT, thank you for helping me I really appreciate it

aschmidt 0 Newbie Poster · Answer 7 · 2011-05-05T18:40:14+00:00

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by mwcountertwo at 18:09:17.34 on Tue 05/03/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3036.2223 [GMT -5:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Symantec Endpoint Protection *Enabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\WINDOWS\Explorer.EXE
C:\DOCUME~1\MWCOUN~1\Desktop\ciscovpn\INSTAL~1.EXE
C:\Program Files\MaaS360\MaaS360 Visibility Service\EMSAgent.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\MaaS360\MaaS360 Control Service\FLUtilsSvc.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\UPS\WSTD\MSSQL$UPSWSDBSERVER\Binn\sqlservr.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\UPS\WSTD\UPSNA1Msgr.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Linksys\Network Storage\Network Drive Mapping Utility.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
C:\Program Files\MICROSOFT SQL SERVER\80\TOOLS\BINN\sqlmangr.exe
C:\UPS\WSTD\WSTDMessaging.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\WINDOWS\system32\fxssvc.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\BigFix Enterprise\BES Client\BESClient.exe
C:\Program Files\MaaS360\MaaS360 Control Service\ServiceMgr.exe
C:\Program Files\MaaS360\MaaS360 Control Service\e360sysTray.exe
C:\Program Files\BigFix Enterprise\BES Client\BESClientUI.exe
E:\dds.scr
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.live.com
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = http=127.0.0.1:54202
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
uRun: [Network Drive Mapping Utility] "c:\program files\linksys\network storage\Network Drive Mapping Utility.exe"
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [Network Drive Mapping Utility] "c:\program files\linksys\network storage\Network Drive Mapping Utility.exe" Z
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [PaperPort PTD] "c:\program files\scansoft\paperport\pptd40nt.exe"
mRun: [IndexSearch] "c:\program files\scansoft\paperport\IndexSearch.exe"
mRun: [PPort11reminder] "c:\program files\scansoft\paperport\ereg\ereg.exe" -r "c:\documents and settings\all users\application data\scansoft\paperport\11\config\ereg\Ereg.ini"
mRun: [BrMfcWnd] c:\program files\brother\brmfcmon\BrMfcWnd.exe /AUTORUN
mRun: [ControlCenter3] c:\program files\brother\controlcenter3\brctrcen.exe /autorun
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [NA1Messenger] c:\ups\wstd\UPSNA1Msgr.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [SNM] c:\program files\spynomore\SNM.exe /startup
dRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\servic~1.lnk - c:\program files\microsoft sql server\80\tools\binn\sqlmangr.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\upswor~2.lnk - c:\ups\wstd\WSTDMessaging.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\upswor~1.lnk - c:\ups\wstd\wstdPldReminder.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Notify: igfxcui - igfxdev.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
mASetup: {55789A0E-F687-4104-9C23-131BB6859C71} - "c:\program files\maas360\maas360 control service\ISUSPM_ini.exe"
uASetup: {55789A0E-F687-4104-9C23-131BB6859C71} - "c:\program files\maas360\maas360 control service\ISUSPM_ini.exe"
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-1-19 32464]
R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [2009-3-17 24064]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-1-7 248656]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-2-10 296400]
R2 ASFAgent;ASF Agent;c:\program files\intel\asf agent\ASFAgent.exe [2007-4-19 133968]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-2-15 7421280]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520]
R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2008-9-15 108392]
R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2008-9-15 108392]
R2 EMSAgent;Maas360 Visibility Service;c:\program files\maas360\maas360 visibility service\EMSAgent.exe [2010-3-16 265312]
R2 MSSQL$UPSWSDBSERVER;MSSQL$UPSWSDBSERVER;c:\ups\wstd\mssql$upswsdbserver\binn\sqlservr.exe -supswsdbserver --> c:\ups\wstd\mssql$upswsdbserver\binn\sqlservr.exe -sUPSWSDBSERVER [?]
R2 Symantec AntiVirus;Symantec Endpoint Protection;c:\program files\symantec\symantec endpoint protection\Rtvscan.exe [2008-9-15 2240944]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-3-30 134480]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 27216]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k5132.sys [2009-3-17 144480]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-5-28 102448]
R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20110502.018\NAVENG.SYS [2011-5-2 86136]
R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20110502.018\NAVEX15.SYS [2011-5-2 1393144]
S3 SQLAgent$UPSWSDBSERVER;SQLAgent$UPSWSDBSERVER;c:\ups\wstd\mssql$upswsdbserver\binn\sqlagent.exe -i upswsdbserver --> c:\ups\wstd\mssql$upswsdbserver\binn\sqlagent.EXE -i UPSWSDBSERVER [?]
S3 vsdatant;vsdatant;\??\c:\windows\system32\vsdatant.sys --> c:\windows\system32\vsdatant.sys [?]
.
=============== Created Last 30 ================
.
2011-05-03 19:47:54 -------- d-----w- c:\windows\$SQLUninstallSQL2000-KB960082-v8.00.2055-x86-ENU$
2011-05-03 12:56:26 1152 ----a-w- c:\windows\system32\windrv.sys
2011-05-03 12:55:23 -------- d-----w- c:\docume~1\mwcoun~1\applic~1\GetRightToGo
2011-05-02 18:04:18 -------- d--h--w- C:\$AVG
2011-05-02 16:49:17 -------- d-----w- c:\docume~1\mwcoun~1\applic~1\AVG10
2011-05-02 16:46:56 -------- d--h--w- c:\docume~1\alluse~1\applic~1\Common Files
2011-05-02 16:45:52 -------- d-----w- c:\windows\system32\drivers\AVG
2011-05-02 16:45:52 -------- d-----w- c:\docume~1\alluse~1\applic~1\AVG10
2011-05-02 16:45:14 -------- d-----w- c:\program files\AVG
2011-05-02 16:29:26 -------- d-----w- c:\docume~1\alluse~1\applic~1\MFAData
2011-05-02 16:29:15 5497592 ----a-w- c:\program files\avg_free_stb_all_2011_1321_cnet.exe
2011-05-02 15:46:33 -------- d-----w- C:\Microsoft
2011-04-28 14:35:50 -------- d-sh--w- c:\documents and settings\mwcountertwo\IECompatCache
2011-04-28 13:13:43 -------- d-----w- c:\docume~1\mwcoun~1\applic~1\Malwarebytes
2011-04-27 21:00:38 -------- d-----w- c:\docume~1\alluse~1\applic~1\PopCap
2011-04-15 08:05:31 -------- d-----w- c:\windows\ServicePackFiles
2011-04-14 08:39:02 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
.
==================== Find3M ====================
.
2011-03-07 05:33:50 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:37:06 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:27:43 1866880 ----a-w- c:\windows\system32\win32k.sys
2011-02-22 23:06:29 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:06:29 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-22 23:06:29 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-02-22 11:41:59 385024 ----a-w- c:\windows\system32\html.iec
2011-02-17 12:32:12 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56:39 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-11 13:25:52 229888 ----a-w- c:\windows\system32\fxscover.exe
2011-02-09 13:53:52 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53:52 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33:55 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33:55 974848 ----a-w- c:\windows\system32\mfc42u.dll
.
============= FINISH: 18:10:10.46 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 3/23/2009 2:17:37 PM
System Uptime: 5/3/2011 5:50:37 PM (1 hours ago)
.
Motherboard: Dell Inc. | | 0F373D
Processor: Intel(R) Core(TM)2 Duo CPU E7300 @ 2.66GHz | CPU | 2659/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 74 GiB total, 54.277 GiB free.
D: is CDROM ()
E: is Removable
W: is NetworkDisk (NTFS) - 465 GiB total, 465.289 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP478: 2/3/2011 9:27:59 AM - System Checkpoint
RP479: 2/4/2011 10:34:28 AM - System Checkpoint
RP480: 2/7/2011 10:35:57 AM - System Checkpoint
RP481: 2/8/2011 11:02:56 AM - System Checkpoint
RP482: 2/9/2011 12:46:50 PM - System Checkpoint
RP483: 2/10/2011 3:00:12 AM - Software Distribution Service 3.0
RP484: 2/11/2011 8:07:07 AM - System Checkpoint
RP485: 2/12/2011 2:17:58 PM - System Checkpoint
RP486: 2/14/2011 9:02:36 AM - System Checkpoint
RP487: 2/15/2011 11:24:58 AM - System Checkpoint
RP488: 2/16/2011 11:50:03 AM - System Checkpoint
RP489: 2/17/2011 2:13:50 PM - System Checkpoint
RP490: 2/18/2011 2:52:02 PM - System Checkpoint
RP491: 2/21/2011 1:24:10 PM - System Checkpoint
RP492: 2/22/2011 3:13:12 PM - System Checkpoint
RP493: 2/23/2011 4:24:16 PM - System Checkpoint
RP494: 2/25/2011 8:18:52 AM - System Checkpoint
RP495: 2/28/2011 8:19:30 AM - System Checkpoint
RP496: 3/1/2011 11:25:08 AM - System Checkpoint
RP497: 3/2/2011 1:11:31 PM - System Checkpoint
RP498: 3/3/2011 2:18:41 PM - System Checkpoint
RP499: 3/4/2011 2:55:14 PM - System Checkpoint
RP500: 3/6/2011 2:50:06 PM - System Checkpoint
RP501: 3/7/2011 3:25:36 PM - System Checkpoint
RP502: 3/8/2011 4:21:13 PM - System Checkpoint
RP503: 3/9/2011 1:47:52 PM - Installed Cisco Systems VPN Client 5.0.04.0300
RP504: 3/9/2011 2:07:52 PM - Removed Cisco Systems VPN Client 5.0.04.0300
RP505: 3/9/2011 2:11:49 PM - Installed Cisco Systems VPN Client 5.0.04.0300
RP506: 3/10/2011 3:00:12 AM - Software Distribution Service 3.0
RP507: 3/11/2011 7:40:44 AM - System Checkpoint
RP508: 3/14/2011 11:12:51 AM - System Checkpoint
RP509: 3/15/2011 11:30:35 AM - System Checkpoint
RP510: 3/16/2011 1:30:59 PM - System Checkpoint
RP511: 3/18/2011 8:53:36 AM - System Checkpoint
RP512: 3/19/2011 10:07:36 AM - System Checkpoint
RP513: 3/20/2011 11:31:21 AM - System Checkpoint
RP514: 3/21/2011 1:44:25 PM - System Checkpoint
RP515: 3/22/2011 2:09:38 PM - System Checkpoint
RP516: 3/23/2011 5:06:48 PM - System Checkpoint
RP517: 3/24/2011 3:00:12 AM - Software Distribution Service 3.0
RP518: 3/25/2011 8:14:40 AM - System Checkpoint
RP519: 3/28/2011 8:17:45 AM - System Checkpoint
RP520: 3/29/2011 8:25:05 AM - System Checkpoint
RP521: 3/30/2011 9:01:43 AM - System Checkpoint
RP522: 3/31/2011 9:04:19 AM - System Checkpoint
RP523: 4/1/2011 12:17:10 PM - System Checkpoint
RP524: 4/4/2011 9:36:36 AM - System Checkpoint
RP525: 4/5/2011 12:03:11 PM - System Checkpoint
RP526: 4/6/2011 1:18:54 PM - System Checkpoint
RP527: 4/7/2011 1:45:55 PM - System Checkpoint
RP528: 4/8/2011 3:48:07 PM - System Checkpoint
RP529: 4/11/2011 10:17:53 AM - System Checkpoint
RP530: 4/12/2011 8:25:47 AM - Removed Cisco Systems VPN Client 5.0.04.0300
RP531: 4/13/2011 10:05:24 AM - System Checkpoint
RP532: 4/14/2011 10:18:38 AM - System Checkpoint
RP533: 4/15/2011 3:00:12 AM - Software Distribution Service 3.0
RP534: 4/18/2011 7:31:35 AM - System Checkpoint
RP535: 4/19/2011 7:55:57 AM - System Checkpoint
RP536: 4/20/2011 9:50:43 AM - System Checkpoint
RP537: 4/21/2011 12:56:56 PM - System Checkpoint
RP538: 4/22/2011 1:20:55 PM - System Checkpoint
RP539: 4/23/2011 1:52:53 PM - System Checkpoint
RP540: 4/24/2011 4:17:07 PM - System Checkpoint
RP541: 4/25/2011 4:38:04 PM - System Checkpoint
RP542: 4/26/2011 11:39:24 AM - Installed Microsoft Visual C++ 2005 Redistributable - KB2467175
RP543: 4/27/2011 1:54:31 PM - System Checkpoint
RP544: 4/28/2011 8:09:54 AM - Installed Cisco Systems VPN Client 5.0.04.0300
RP545: 4/29/2011 11:10:15 AM - System Checkpoint
RP546: 5/2/2011 11:45:02 AM - Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
RP547: 5/2/2011 11:45:14 AM - Installed AVG 2011
RP548: 5/2/2011 11:45:38 AM - Installed AVG 2011
RP549: 5/3/2011 2:48:01 PM - Installed SQL KB960082(ENU).
.
==== Installed Programs ======================
.
2007 Microsoft Office Suite Service Pack 1 (SP1)
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9.4.4
AVG 2011
Brother MFL-Pro Suite
CCC
Choice Guard
Citrix XenApp Web Plugin
Dell Wireless WLAN Card
Extend360 Enforcement Agent
FormsComponent
FOSS
Hotfix 2055 for SQL Server 2000 ENU (KB960082)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB953955)
Hotfix for Windows XP (KB954434)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB958347)
Hotfix for Windows XP (KB959252)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
ICCHelp
Intel(R) Graphics Media Accelerator Driver
Intel(R) Network Connections 13.1.34.2
Intel(R) PRO Alerting Agent
Java(TM) 6 Update 13
Junk Mail filter update
LiveUpdate 3.3 (Symantec Corporation)
MaaS360 Control Service
MaaS360 Software Uninstall Utility
MaaS360 Visibility Service
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Search Enhancement Pack
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Desktop Engine (UPSWSDBSERVER)
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
MSIChecker
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB927977)
NA1Messenger
Network Drive Mapping Utility
NRF
PaperPort Image Printer
PolicyManager
PowerDVD
Reconciler
ReportServer
ScanSoft PaperPort 11
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB980376)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB982135)
Security Update for Microsoft Visual Basic for Applications 6.5 (KB974945)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953155)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
SupportUtility
Symantec Endpoint Protection
System
UnifiedPrinting
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Outlook 2007 Junk Email Filter (kb977839)
Update for Windows Internet Explorer 8 (KB971930)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB898461)
Update for Windows XP (KB951618-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
UPS WorldShip
UPSDB
UPSICC
UPSlinkHTTP
UPSVCMM
WebEx
WebFldrs XP
WebHelp
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Presentation Foundation
Windows Search 4.0
WorldShip
XML Paper Specification Shared Components Pack 1.0
.
==== Event Viewer Messages From Past Week ========
.
5/3/2011 7:55:17 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
5/3/2011 7:51:48 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx86 Avgmfx86 eeCtrl Fips intelppm SPBBCDrv SRTSP SRTSPX SYMTDI
5/3/2011 7:50:58 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
5/3/2011 7:50:57 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service LiveUpdate with arguments "" in order to run the server: {03E0E6C2-363B-11D3-B536-00902771A435}
5/3/2011 5:51:46 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000243' while processing the file 'SrtETmp' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
5/3/2011 5:12:41 PM, error: Service Control Manager [7034] - The Maas360 Visibility Service service terminated unexpectedly. It has done this 1 time(s).
5/3/2011 10:40:41 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the LiveUpdate service to connect.
5/3/2011 10:40:41 AM, error: Service Control Manager [7000] - The LiveUpdate service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/3/2011 10:40:41 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service LiveUpdate with arguments "" in order to run the server: {03E0E6C2-363B-11D3-B536-00902771A435}
5/3/2011 10:39:10 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the System Connect Util Service service to connect.
5/3/2011 10:39:10 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Maas360 Visibility Service service to connect.
5/3/2011 10:39:10 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Java Quick Starter service to connect.
5/3/2011 10:39:10 AM, error: Service Control Manager [7000] - The Maas360 Visibility Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/3/2011 10:39:10 AM, error: Service Control Manager [7000] - The Java Quick Starter service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/2/2011 7:31:14 AM, error: Service Control Manager [7023] - The Windows Firewall/Internet Connection Sharing (ICS) service terminated with the following error: Access is denied.
5/2/2011 7:30:50 AM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
5/2/2011 3:55:08 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Extend360 Agent service to connect.
5/2/2011 3:50:23 PM, error: Service Control Manager [7022] - The Automatic Updates service hung on starting.
5/2/2011 3:50:23 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Windows Search service to connect.
5/2/2011 3:50:23 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the MSSQL$UPSWSDBSERVER service to connect.
5/2/2011 3:50:23 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Fax service to connect.
5/2/2011 3:50:23 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the AVGIDSAgent service to connect.
5/2/2011 3:50:23 PM, error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/2/2011 3:50:23 PM, error: Service Control Manager [7000] - The MSSQL$UPSWSDBSERVER service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/2/2011 3:50:23 PM, error: Service Control Manager [7000] - The Fax service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/2/2011 3:50:23 PM, error: Service Control Manager [7000] - The AVGIDSAgent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/2/2011 3:48:36 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
5/2/2011 2:46:05 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
5/2/2011 11:05:21 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Symantec Endpoint Protection service to connect.
5/2/2011 11:02:51 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service Symantec AntiVirus with arguments "" in order to run the server: {5CEC0E13-CF22-414C-8D67-D44B06420FC1}
4/28/2011 7:43:11 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Extend360 Enforcement Agent service to connect.
.
==== End Of File ===========================

aschmidt 0 Newbie Poster · Answer 8 · 2011-05-06T19:38:12+00:00

Here's How:
1.Open Control Panel through the Windows Start Menu.

2.Choose the Network Connections option in Control Panel. The list of available network connections will appear in this window.

3.Scroll down the list of available connections and right-click the item representing your Internet connection. On the right-click menu, choose the Properties option. A new popup window will appear.

4.In the connection Properties window, click the Advanced tab. Various connection settings appear in this window.

5.Find the option called "Protect my computer and network by limiting or preventing access to this computer from the Internet." This option represents ICF. Uncheck the box to disable the firewall.

I did this and my internet conection is back

jholland1964 650 Posting Expert Team Colleague Featured Poster · Answer 9 · 2011-05-06T20:30:57+00:00

Sorry, but you have confused me. Your last post begins with
Here's How and ends with I did this and my internet conection is back
while I am very glad your connection is back you haven't fully explained what ICF is and also why earlier you noted the MaaS360 program. I had not asked about it, I knew what it was.