Jump to content

Malware has shut down all attempts to clean pc


Recommended Posts

I've tried several options:

Rkill

malware bytes

gmer

superantispyware

but when ever something starts it is stopped in its tracks, ussually after about 13 seconds by malware.

got the following from gmer before it shut:

Gmer has found system modification which might have caused by rootkit activity.

Do you want to fully scan your system:

Id I say yes it shuts down.

does list at the top: Service (***hidden***) [Manual] vbmaa15b

if I run rkill it gives me a root program which it shuts down.

Can still get online and bott in safemode

also in device manager there is a yellow exclamation point near SYMTDI

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

  • Download the file TDSSKiller.zip and extract it into a folder on the infected PC.
  • Execute the file TDSSKiller.exe by double-clicking on it.
  • Wait for the scan and disinfection process to be over.
  • When its work is over, the utility prompts for a reboot to complete the disinfection.

By default, the utility outputs runtime log into the system disk root directory (the disk where the operating system is installed, C:\ as a rule).

The log is like UtilityName.Version_Date_Time_log.txt.

for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt.

Please post that log here.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post DDS.txt directly into your reply.

Link to post
Share on other sites

Sorry still haven't gotten a chance to run anything yet as I have not been home I just wanted to add one more detail that o forgot to mention in my original post, when I run the antimalware it starts running and then stops, when I try to run it again, I get a message saying that I can not access the file and I may not have permission to use it.

Just in case that sparks any other thoughts...

Anyway, I will still run everything the way that you specified above..

Thanks again....

Link to post
Share on other sites

so far so good.

will do dds

malwarebtes

and superanti whatever now

system did not ask for a reboot:

here is the ultra long log:

2011/03/01 20:23:38.0116 5588 TDSS rootkit removing tool 2.4.19.0 Feb 28 2011 17:08:37

2011/03/01 20:23:38.0413 5588 ================================================================================

2011/03/01 20:23:38.0413 5588 SystemInfo:

2011/03/01 20:23:38.0413 5588

2011/03/01 20:23:38.0413 5588 OS Version: 5.1.2600 ServicePack: 3.0

2011/03/01 20:23:38.0413 5588 Product type: Workstation

2011/03/01 20:23:38.0413 5588 ComputerName: KATE

2011/03/01 20:23:38.0413 5588 UserName: kei

2011/03/01 20:23:38.0413 5588 Windows directory: C:\WINDOWS

2011/03/01 20:23:38.0413 5588 System windows directory: C:\WINDOWS

2011/03/01 20:23:38.0413 5588 Processor architecture: Intel x86

2011/03/01 20:23:38.0413 5588 Number of processors: 2

2011/03/01 20:23:38.0413 5588 Page size: 0x1000

2011/03/01 20:23:38.0413 5588 Boot type: Normal boot

2011/03/01 20:23:38.0413 5588 ================================================================================

2011/03/01 20:23:38.0803 5588 Initialize success

2011/03/01 20:23:44.0100 2152 ================================================================================

2011/03/01 20:23:44.0100 2152 Scan started

2011/03/01 20:23:44.0100 2152 Mode: Manual;

2011/03/01 20:23:44.0100 2152 ================================================================================

2011/03/01 20:23:45.0085 2152 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS

2011/03/01 20:23:45.0132 2152 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

2011/03/01 20:23:45.0178 2152 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

2011/03/01 20:23:45.0210 2152 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\System32\DRIVERS\adpu160m.sys

2011/03/01 20:23:45.0257 2152 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys

2011/03/01 20:23:45.0288 2152 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

2011/03/01 20:23:45.0335 2152 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys

2011/03/01 20:23:45.0366 2152 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys

2011/03/01 20:23:45.0397 2152 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\System32\DRIVERS\agpCPQ.sys

2011/03/01 20:23:45.0428 2152 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\System32\DRIVERS\aha154x.sys

2011/03/01 20:23:45.0475 2152 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\System32\DRIVERS\aic78u2.sys

2011/03/01 20:23:45.0522 2152 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\System32\DRIVERS\aic78xx.sys

2011/03/01 20:23:45.0585 2152 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\System32\DRIVERS\aliide.sys

2011/03/01 20:23:45.0632 2152 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\System32\DRIVERS\alim1541.sys

2011/03/01 20:23:45.0694 2152 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\System32\DRIVERS\amdagp.sys

2011/03/01 20:23:45.0757 2152 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\System32\DRIVERS\amsint.sys

2011/03/01 20:23:45.0835 2152 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

2011/03/01 20:23:45.0866 2152 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\System32\DRIVERS\asc.sys

2011/03/01 20:23:45.0897 2152 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\System32\DRIVERS\asc3350p.sys

2011/03/01 20:23:45.0928 2152 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\System32\DRIVERS\asc3550.sys

2011/03/01 20:23:45.0975 2152 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys

2011/03/01 20:23:46.0069 2152 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

2011/03/01 20:23:46.0100 2152 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

2011/03/01 20:23:46.0178 2152 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

2011/03/01 20:23:46.0225 2152 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

2011/03/01 20:23:46.0272 2152 basic2 (1b9c81ab9a456eabd9f8335f04b5f495) C:\WINDOWS\system32\DRIVERS\HSF_BSC2.sys

2011/03/01 20:23:46.0319 2152 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

2011/03/01 20:23:46.0428 2152 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\System32\DRIVERS\cbidf2k.sys

2011/03/01 20:23:46.0460 2152 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

2011/03/01 20:23:46.0538 2152 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

2011/03/01 20:23:46.0616 2152 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys

2011/03/01 20:23:46.0678 2152 CdaC15BA (f76cb7259aa575cc53f3996bc6b68c18) C:\WINDOWS\system32\drivers\CDAC15BA.SYS

2011/03/01 20:23:46.0725 2152 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

2011/03/01 20:23:46.0772 2152 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

2011/03/01 20:23:46.0819 2152 Cdr4_xp (bf79e659c506674c0497cc9c61f1a165) C:\WINDOWS\system32\drivers\Cdr4_xp.sys

2011/03/01 20:23:46.0866 2152 Cdralw2k (2c41cd49d82d5fd85c72d57b6ca25471) C:\WINDOWS\system32\drivers\Cdralw2k.sys

2011/03/01 20:23:46.0913 2152 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

2011/03/01 20:23:46.0975 2152 cdudf_xp (bce04a21510e721aaba3f893b6770c12) C:\WINDOWS\system32\drivers\cdudf_xp.sys

2011/03/01 20:23:47.0069 2152 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\System32\DRIVERS\cmdide.sys

2011/03/01 20:23:47.0147 2152 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\System32\DRIVERS\cpqarray.sys

2011/03/01 20:23:47.0210 2152 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\System32\DRIVERS\dac2w2k.sys

2011/03/01 20:23:47.0241 2152 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\System32\DRIVERS\dac960nt.sys

2011/03/01 20:23:47.0366 2152 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

2011/03/01 20:23:47.0428 2152 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

2011/03/01 20:23:47.0522 2152 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

2011/03/01 20:23:47.0569 2152 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

2011/03/01 20:23:47.0616 2152 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

2011/03/01 20:23:47.0663 2152 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\System32\DRIVERS\dpti2o.sys

2011/03/01 20:23:47.0694 2152 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

2011/03/01 20:23:47.0741 2152 DS1410D (1a51e03b66635280684e9edf34a2e8c0) C:\WINDOWS\System32\drivers\ds1410d.sys

2011/03/01 20:23:47.0803 2152 dvd_2K (f5ca443d58a53de968685ee43fbe8f17) C:\WINDOWS\system32\drivers\dvd_2K.sys

2011/03/01 20:23:47.0835 2152 E1000 (02a0e4fdf3a09c14c0436539e0de6f3c) C:\WINDOWS\system32\DRIVERS\e1000325.sys

2011/03/01 20:23:47.0975 2152 eeCtrl (96bcd90ed9235a21629effde5e941fb1) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

2011/03/01 20:23:48.0022 2152 EL90XBC (6e883bf518296a40959131c2304af714) C:\WINDOWS\system32\DRIVERS\el90xbc5.sys

2011/03/01 20:23:48.0132 2152 Fallback (c823debe2548656549f84a875d65237b) C:\WINDOWS\system32\DRIVERS\HSF_FALL.sys

2011/03/01 20:23:48.0178 2152 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

2011/03/01 20:23:48.0241 2152 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

2011/03/01 20:23:48.0288 2152 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

2011/03/01 20:23:48.0335 2152 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

2011/03/01 20:23:48.0366 2152 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

2011/03/01 20:23:48.0428 2152 Fsks (6483414841d4cab6c3b4db2ac6edd70b) C:\WINDOWS\system32\DRIVERS\HSF_FSKS.sys

2011/03/01 20:23:48.0475 2152 fssfltr (c6ee3a87fe609d3e1db9dbd072a248de) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys

2011/03/01 20:23:48.0522 2152 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

2011/03/01 20:23:48.0553 2152 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

2011/03/01 20:23:48.0600 2152 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

2011/03/01 20:23:48.0663 2152 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

2011/03/01 20:23:48.0772 2152 hardlock (c818b973110a1c9f7763dd39bffd0fd3) C:\WINDOWS\system32\drivers\hardlock.sys

2011/03/01 20:23:48.0835 2152 Haspnt (2dd25f060dc9f79b5cdf33d90ed93669) C:\WINDOWS\system32\drivers\Haspnt.sys

2011/03/01 20:23:48.0913 2152 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

2011/03/01 20:23:49.0007 2152 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\System32\DRIVERS\hpn.sys

2011/03/01 20:23:49.0053 2152 HSFHWBS2 (95b894b508db03507b61fe213ef6fe19) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys

2011/03/01 20:23:49.0116 2152 HSF_DP (f66402179ca2b2ae68493103db5fa48c) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys

2011/03/01 20:23:49.0178 2152 hsf_msft (74e379857d4c0dfb56de2d19b8f4c434) C:\WINDOWS\system32\DRIVERS\HSF_MSFT.sys

2011/03/01 20:23:49.0241 2152 HTCAND32 (203e078b915eb67e100c972f9d337250) C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys

2011/03/01 20:23:49.0288 2152 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

2011/03/01 20:23:49.0366 2152 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys

2011/03/01 20:23:49.0397 2152 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\System32\DRIVERS\i2omp.sys

2011/03/01 20:23:49.0460 2152 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

2011/03/01 20:23:49.0538 2152 i81x (06b7ef73ba5f302eecc294cdf7e19702) C:\WINDOWS\system32\DRIVERS\i81xnt5.sys

2011/03/01 20:23:49.0569 2152 iAimFP0 (7b5b44efe5eb9dadfb8ee29700885d23) C:\WINDOWS\system32\DRIVERS\wADV01nt.sys

2011/03/01 20:23:49.0600 2152 iAimFP1 (eb1f6bab6c22ede0ba551b527475f7e9) C:\WINDOWS\system32\DRIVERS\wADV02NT.sys

2011/03/01 20:23:49.0663 2152 iAimFP2 (03ce989d846c1aa81145cb22fcb86d06) C:\WINDOWS\system32\DRIVERS\wADV05NT.sys

2011/03/01 20:23:49.0710 2152 iAimFP3 (525849b4469de021d5d61b4db9be3a9d) C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys

2011/03/01 20:23:49.0757 2152 iAimFP4 (589c2bcdb5bd602bf7b63d210407ef8c) C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys

2011/03/01 20:23:49.0803 2152 iAimTV0 (d83bdd5c059667a2f647a6be5703a4d2) C:\WINDOWS\system32\DRIVERS\wATV01nt.sys

2011/03/01 20:23:49.0819 2152 iAimTV1 (ed968d23354daa0d7c621580c012a1f6) C:\WINDOWS\system32\DRIVERS\wATV02NT.sys

2011/03/01 20:23:49.0913 2152 iAimTV3 (d738273f218a224c1ddac04203f27a84) C:\WINDOWS\system32\DRIVERS\wATV04nt.sys

2011/03/01 20:23:49.0960 2152 iAimTV4 (0052d118995cbab152daabe6106d1442) C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys

2011/03/01 20:23:50.0038 2152 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

2011/03/01 20:23:50.0100 2152 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\System32\DRIVERS\ini910u.sys

2011/03/01 20:23:50.0147 2152 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\System32\DRIVERS\intelide.sys

2011/03/01 20:23:50.0210 2152 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

2011/03/01 20:23:50.0241 2152 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

2011/03/01 20:23:50.0272 2152 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

2011/03/01 20:23:50.0303 2152 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

2011/03/01 20:23:50.0366 2152 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

2011/03/01 20:23:50.0413 2152 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

2011/03/01 20:23:50.0460 2152 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

2011/03/01 20:23:50.0522 2152 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

2011/03/01 20:23:50.0585 2152 K56 (9c5e3fdbfcc30cf71a49ca178b9ad442) C:\WINDOWS\system32\DRIVERS\HSF_K56K.sys

2011/03/01 20:23:50.0647 2152 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

2011/03/01 20:23:50.0694 2152 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

2011/03/01 20:23:50.0725 2152 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

2011/03/01 20:23:50.0866 2152 mdmxsdk (a1e9d936eac07ee9386e87bac1377fad) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

2011/03/01 20:23:50.0944 2152 mmc_2K (2739df798b44809407879e9134233de4) C:\WINDOWS\system32\drivers\mmc_2K.sys

2011/03/01 20:23:50.0991 2152 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

2011/03/01 20:23:51.0053 2152 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

2011/03/01 20:23:51.0085 2152 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

2011/03/01 20:23:51.0132 2152 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

2011/03/01 20:23:51.0178 2152 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\System32\DRIVERS\mraid35x.sys

2011/03/01 20:23:51.0225 2152 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

2011/03/01 20:23:51.0288 2152 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

2011/03/01 20:23:51.0413 2152 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

2011/03/01 20:23:51.0475 2152 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

2011/03/01 20:23:51.0507 2152 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

2011/03/01 20:23:51.0538 2152 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

2011/03/01 20:23:51.0569 2152 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

2011/03/01 20:23:51.0616 2152 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

2011/03/01 20:23:51.0663 2152 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys

2011/03/01 20:23:51.0694 2152 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

2011/03/01 20:23:51.0850 2152 NAVENG (d8f9e712479f2f8dc8c3524a62365f95) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20081020.003\naveng.sys

2011/03/01 20:23:51.0928 2152 NAVEX15 (0b127bbe41300dede016e86e47329cdd) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20081020.003\navex15.sys

2011/03/01 20:23:52.0022 2152 Ndi410dn (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\system32\drivers\afd.sys

2011/03/01 20:23:52.0069 2152 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

2011/03/01 20:23:52.0100 2152 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

2011/03/01 20:23:52.0147 2152 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

2011/03/01 20:23:52.0210 2152 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

2011/03/01 20:23:52.0241 2152 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

2011/03/01 20:23:52.0288 2152 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

2011/03/01 20:23:52.0335 2152 NetAlrt (73c0f29643f54ebe777521c88535114a) C:\WINDOWS\System32\drivers\NetAlrt.sys

2011/03/01 20:23:52.0397 2152 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

2011/03/01 20:23:52.0428 2152 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

2011/03/01 20:23:52.0569 2152 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

2011/03/01 20:23:52.0725 2152 NMSCFG (f7f15b15d7d376af554450387753d34a) C:\WINDOWS\System32\drivers\NMSCFG.SYS

2011/03/01 20:23:52.0803 2152 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

2011/03/01 20:23:52.0866 2152 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

2011/03/01 20:23:52.0944 2152 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

2011/03/01 20:23:53.0007 2152 nv (f21538d6e1af5016232aed7b37d5c7ad) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

2011/03/01 20:23:53.0085 2152 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

2011/03/01 20:23:53.0116 2152 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

2011/03/01 20:23:53.0147 2152 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

2011/03/01 20:23:53.0210 2152 omci (53d5f1278d9edb21689bbbcecc09108d) C:\WINDOWS\system32\DRIVERS\omci.sys

2011/03/01 20:23:53.0241 2152 P3 (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys

2011/03/01 20:23:53.0288 2152 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

2011/03/01 20:23:53.0319 2152 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

2011/03/01 20:23:53.0366 2152 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

2011/03/01 20:23:53.0428 2152 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

2011/03/01 20:23:53.0507 2152 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

2011/03/01 20:23:53.0553 2152 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

2011/03/01 20:23:53.0632 2152 PCTCore (807ff1dd6e1bdf8e7d2062fca0daecaf) C:\WINDOWS\system32\drivers\PCTCore.sys

2011/03/01 20:23:53.0819 2152 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\System32\DRIVERS\perc2.sys

2011/03/01 20:23:53.0850 2152 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\System32\DRIVERS\perc2hib.sys

2011/03/01 20:23:53.0944 2152 PlatAlrt (7e885eb50520747204947eff818b0a29) C:\WINDOWS\System32\drivers\PlatAlrt.sys

2011/03/01 20:23:54.0038 2152 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

2011/03/01 20:23:54.0085 2152 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys

2011/03/01 20:23:54.0147 2152 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

2011/03/01 20:23:54.0178 2152 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

2011/03/01 20:23:54.0225 2152 pwd_2k (2e162e3856c9c6a3b53e0ece28386fe3) C:\WINDOWS\system32\drivers\pwd_2k.sys

2011/03/01 20:23:54.0288 2152 PxHelp20 (1962166e0ceb740704f30fa55ad3d509) C:\WINDOWS\system32\Drivers\PxHelp20.sys

2011/03/01 20:23:54.0335 2152 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\System32\DRIVERS\ql1080.sys

2011/03/01 20:23:54.0397 2152 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\System32\DRIVERS\ql10wnt.sys

2011/03/01 20:23:54.0428 2152 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\System32\DRIVERS\ql12160.sys

2011/03/01 20:23:54.0460 2152 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\System32\DRIVERS\ql1240.sys

2011/03/01 20:23:54.0507 2152 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\System32\DRIVERS\ql1280.sys

2011/03/01 20:23:54.0538 2152 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

2011/03/01 20:23:54.0585 2152 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

2011/03/01 20:23:54.0616 2152 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

2011/03/01 20:23:54.0647 2152 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

2011/03/01 20:23:54.0710 2152 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

2011/03/01 20:23:54.0741 2152 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

2011/03/01 20:23:54.0803 2152 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

2011/03/01 20:23:54.0850 2152 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys

2011/03/01 20:23:54.0928 2152 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

2011/03/01 20:23:54.0991 2152 Rksample (bb7549bd94d1aac3599c7606c50c48a0) C:\WINDOWS\system32\DRIVERS\HSF_SAMP.sys

2011/03/01 20:23:55.0069 2152 RPPKT (b7e136986bb3dac249a00e760281f0a9) C:\WINDOWS\system32\DRIVERS\rp_pkt32.sys

2011/03/01 20:23:55.0116 2152 RPSKT (358034fe7995f80b0ed8900aea70b8cb) C:\WINDOWS\system32\DRIVERS\rp_skt32.sys

2011/03/01 20:23:55.0366 2152 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\DOCUME~1\kei\LOCALS~1\Temp\SAS_SelfExtract\SASDIFSV.SYS

2011/03/01 20:23:55.0491 2152 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\DOCUME~1\kei\LOCALS~1\Temp\SAS_SelfExtract\SASKUTIL.SYS

2011/03/01 20:23:55.0600 2152 SAVRT (c8023be4dda22a52cd2f60d9cb9b3985) C:\Program Files\Symantec AntiVirus CE 9.0.1\savrt.sys

2011/03/01 20:23:55.0632 2152 SAVRTPEL (30547fd7692dc799a0b397b2b918a158) C:\Program Files\Symantec AntiVirus CE 9.0.1\Savrtpel.sys

2011/03/01 20:23:55.0803 2152 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

2011/03/01 20:23:55.0913 2152 Sentinel (8627c992b8a80504fc477b2e8ff8ec4f) C:\WINDOWS\System32\Drivers\SENTINEL.SYS

2011/03/01 20:23:55.0960 2152 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

2011/03/01 20:23:56.0007 2152 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

2011/03/01 20:23:56.0069 2152 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

2011/03/01 20:23:56.0163 2152 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\System32\DRIVERS\sisagp.sys

2011/03/01 20:23:56.0210 2152 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

2011/03/01 20:23:56.0272 2152 smwdm (8583e3dc5285eb3ddfb74fb646cdf295) C:\WINDOWS\system32\drivers\smwdm.sys

2011/03/01 20:23:56.0335 2152 Sntnlusb (87f799c486302aceff098e067d481d9c) C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS

2011/03/01 20:23:56.0382 2152 SoftFax (d9e8e0ce154a2f6430d9efabdf730867) C:\WINDOWS\system32\DRIVERS\HSF_FAXX.sys

2011/03/01 20:23:56.0428 2152 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS

2011/03/01 20:23:56.0538 2152 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\System32\DRIVERS\sparrow.sys

2011/03/01 20:23:56.0616 2152 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

2011/03/01 20:23:56.0663 2152 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

2011/03/01 20:23:56.0725 2152 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys

2011/03/01 20:23:56.0835 2152 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

2011/03/01 20:23:56.0882 2152 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

2011/03/01 20:23:56.0913 2152 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

2011/03/01 20:23:56.0991 2152 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\System32\DRIVERS\symc810.sys

2011/03/01 20:23:57.0007 2152 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\System32\DRIVERS\symc8xx.sys

2011/03/01 20:23:57.0100 2152 SymEvent (42123611a49c33536ab29bdd852a9f5e) C:\Program Files\Symantec\SYMEVENT.SYS

2011/03/01 20:23:57.0163 2152 SYMTDI (ec1a39493fb104d317e8271162a74b94) C:\WINDOWS\System32\Drivers\SYMTDI.SYS

2011/03/01 20:23:57.0194 2152 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\System32\DRIVERS\sym_hi.sys

2011/03/01 20:23:57.0241 2152 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\System32\DRIVERS\sym_u3.sys

2011/03/01 20:23:57.0288 2152 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

2011/03/01 20:23:57.0350 2152 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

2011/03/01 20:23:57.0397 2152 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

2011/03/01 20:23:57.0444 2152 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

2011/03/01 20:23:57.0475 2152 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

2011/03/01 20:23:57.0585 2152 Tones (8021a499db46b2961c285168671cb9af) C:\WINDOWS\system32\DRIVERS\HSF_TONE.sys

2011/03/01 20:23:57.0632 2152 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\System32\DRIVERS\toside.sys

2011/03/01 20:23:57.0725 2152 UdfReadr_xp (e398bde2e6c978f357faedff784ffd70) C:\WINDOWS\system32\drivers\UdfReadr_xp.sys

2011/03/01 20:23:57.0772 2152 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

2011/03/01 20:23:57.0803 2152 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\System32\DRIVERS\ultra.sys

2011/03/01 20:23:57.0882 2152 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

2011/03/01 20:23:57.0960 2152 USBAAPL (e8c1b9ebac65288e1b51e8a987d98af6) C:\WINDOWS\system32\Drivers\usbaapl.sys

2011/03/01 20:23:58.0007 2152 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys

2011/03/01 20:23:58.0038 2152 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

2011/03/01 20:23:58.0100 2152 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

2011/03/01 20:23:58.0132 2152 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

2011/03/01 20:23:58.0178 2152 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

2011/03/01 20:23:58.0257 2152 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

2011/03/01 20:23:58.0288 2152 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

2011/03/01 20:23:58.0335 2152 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

2011/03/01 20:23:58.0413 2152 V124 (269c0ade94b90029b12497747be408cb) C:\WINDOWS\system32\DRIVERS\HSF_V124.sys

2011/03/01 20:23:58.0444 2152 Suspicious service (NoAccess): vbmaa15b

2011/03/01 20:23:58.0522 2152 vbmaa15b (b6aa0fa61902b69deeb14ca6a543a08d) C:\WINDOWS\system32\drivers\vbmaa15b.sys

2011/03/01 20:23:58.0522 2152 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\vbmaa15b.sys. md5: b6aa0fa61902b69deeb14ca6a543a08d

2011/03/01 20:23:58.0538 2152 vbmaa15b - detected Locked service (1)

2011/03/01 20:23:58.0585 2152 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

2011/03/01 20:23:58.0663 2152 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\System32\DRIVERS\viaagp.sys

2011/03/01 20:23:58.0694 2152 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\System32\DRIVERS\viaide.sys

2011/03/01 20:23:58.0757 2152 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

2011/03/01 20:23:58.0913 2152 VX1000 (f4fab0b9d43a65f79fc838c94006f643) C:\WINDOWS\system32\DRIVERS\VX1000.sys

2011/03/01 20:23:59.0053 2152 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

2011/03/01 20:23:59.0147 2152 Wdf01000 (4769596d7cc0f5fa447d2babc239672a) C:\WINDOWS\system32\Drivers\wdf01000.sys

2011/03/01 20:23:59.0225 2152 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

2011/03/01 20:23:59.0272 2152 winachsf (fe71b3857bed54600e02288b212e7b7c) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

2011/03/01 20:23:59.0491 2152 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

2011/03/01 20:23:59.0553 2152 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

2011/03/01 20:23:59.0616 2152 symmpi (ea776423fa3762802a19a6a74310730a) C:\WINDOWS\system32\drivers\symmpi.sys

2011/03/01 20:23:59.0694 2152 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

2011/03/01 20:24:00.0053 2152 ================================================================================

2011/03/01 20:24:00.0053 2152 Scan finished

2011/03/01 20:24:00.0053 2152 ================================================================================

2011/03/01 20:24:00.0069 2164 Detected object count: 1

2011/03/01 20:24:23.0663 2164 Locked service(vbmaa15b) - User select action: Skip

Link to post
Share on other sites

Ok,

Some things have gotten better some things have stayed the same.

After remoning some old program files and updating my Java tdsskill found something that I was able to cure and something that was locked.

I cured one and deleted the other.

I then rebooted and the same files were back again.

I removed again ad rebooted and the file that I was able to cure dissapeared and the dile that was locked vbmaa15? remains.

I have tried every possible way to scan with malware programs, but after a coup,le of minutes of work, the programs are automaticly shut down.

Super-antispyware does find some trojans early in the scan, but before I can take any action the scan is immeaditely shutdown and the software rendered unusable by my machine (i have to reinstall it again)

Malwarebytes on runs for about 20 seconds befor it is disabled.

DDS doesn't seem to be working at all, perhaps Im using it incorrectly.

My computer is operational (but slow) but im a bit tenative to do anything because I imagine things will get worse any second.

Anyway, can aynone help?

I'm not sure what else to do?

Link to post
Share on other sites

  • 3 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.