I dont know what happen. Malwarebytes stop working -,-

[abuabas]

Greetings, people.

I only realize that my CD-Rom (E:) have been changed to BD-ROM (F:), it's malware ? then anyone can help me how to solve it ? this is my DDS logs

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.0.0

Run by aidil 7 at 19:47:31 on 2011-10-11

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.1013.238 [GMT 8:00]

.

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\3320060200:3622181690.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE

C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

C:\Program Files\Bluetooth Suite\adminservice.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

C:\Program Files\UCStream\UCStream.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\UCStream\UCClient.exe

C:\Windows\Explorer.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Users\aidil 7\AppData\Roaming\B1B71\F4FF0.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\Users\aidil 7\AppData\Roaming\Microsoft\F09B\4DB.exe

C:\Users\AIDIL7~1\AppData\Local\Temp\lvvm.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Bluetooth Suite\BtvStack.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Bluetooth Suite\AthBtTray.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\LockKey\LockKey.exe

C:\Program Files\WSED\WSED.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Internet Download Manager\IDMan.exe

C:\Program Files\DAEMON Tools Lite\DTLite.exe

C:\Program Files\Internet Download Manager\IEMonitor.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Users\aidil 7\cfgov.exe

C:\Users\aidil 7\aohost.exe

C:\Windows\System32\ping.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\conhost.exe

.

============== Pseudo HJT Report ===============

.

uSearch Page = hxxp://www.google.com

uStart Page = hxxp://search.babylon.com/home?AF=18790

uDefault_Search_URL = hxxp://www.google.com/ie

uSearch Bar = hxxp://www.google.com/ie

uInternet Settings,ProxyServer = http=127.0.0.1:64222

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

uWinlogon: Shell=explorer.exe,c:\users\aidil 7\appdata\roaming\b1b71\F4FF0.exe

uWindows: Load=c:\users\aidil7~1\appdata\local\temp\lvvm.exe

BHO: IDM integration (IDMIEHlprObj Class): {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - c:\program files\trend micro\amsp\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~1\office14\URLREDIR.DLL

BHO: TmBpIeBHO Class: {bbacbafd-fa5e-4079-8b33-00eb9f13d4ac} - c:\program files\trend micro\amsp\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll

BHO: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - No File

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll

TB: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - No File

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

TB: {EEE6C35B-6118-11DC-9C72-001320C79847} - No File

uRun: [iDMan] c:\program files\internet download manager\IDMan.exe /onboot

uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun

uRun: [conhost] c:\users\aidil 7\appdata\roaming\microsoft\lvvm.exe

uRun: [4DB.exe] c:\users\aidil 7\appdata\roaming\microsoft\f09b\4DB.exe

uRun: [Anti Trojan Elite] c:\program files\anti trojan elite\TJEnder.exe :NO

uRun: [cfgov] c:\users\aidil 7\cfgov.exe /b

mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s

mRun: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

mRun: [AtherosBtStack] "c:\program files\bluetooth suite\BtvStack.exe"

mRun: [AthBtTray] "c:\program files\bluetooth suite\AthBtTray.exe"

mRun: [LockKey] c:\program files\lockkey\LockKey.exe

mRun: [WSED] c:\program files\wsed\WSED.exe

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [broadcom Wireless Manager UI] c:\program files\broadcom\broadcom 802.11 network adapter\WLTRAY.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [Trend Micro Client Framework] "c:\program files\trend micro\uniclient\uifrmwrk\UIWatchDog.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

mRunOnce: [innoSetupRegFile.0000000001] "c:\windows\is-KMUTE.exe" /REG /REGSVRMODE

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm

IE: Download with IDM - c:\program files\internet download manager\IEExt.htm

IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~1\micros~1\office14\ONBttnIE.dll/105

IE: Search the Web - c:\program files\sweetim\toolbars\internet explorer\resources\menuext.html

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~1\office12\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL

LSP: mswsock.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab

TCP: DhcpNameServer = 192.168.0.1

TCP: Interfaces\{4847EFA8-5269-4957-B677-EC2CAA0226E8} : NameServer = 208.67.222.222,208.67.222.220

TCP: Interfaces\{4847EFA8-5269-4957-B677-EC2CAA0226E8} : DhcpNameServer = 192.168.0.1

TCP: Interfaces\{4847EFA8-5269-4957-B677-EC2CAA0226E8}\051384F647A5F6E656 : DhcpNameServer = 10.0.2.1

TCP: Interfaces\{4847EFA8-5269-4957-B677-EC2CAA0226E8}\3547275616D6978702A5F6E656 : DhcpNameServer = 202.188.1.5 202.188.0.133

TCP: Interfaces\{4847EFA8-5269-4957-B677-EC2CAA0226E8}\B4C4D455 : NameServer = 208.67.222.222,208.67.220.220

TCP: Interfaces\{4847EFA8-5269-4957-B677-EC2CAA0226E8}\B4C4D455 : DhcpNameServer = 192.168.1.1 192.168.1.1 192.168.1.1

TCP: Interfaces\{4847EFA8-5269-4957-B677-EC2CAA0226E8}\F4666696365635D4B42424 : DhcpNameServer = 192.168.2.1

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - c:\program files\trend micro\amsp\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll

Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:\program files\trend micro\amsp\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

Notify: igfxcui - igfxdev.dll

AppInit_DLLs:

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\aidil 7\appdata\roaming\mozilla\firefox\profiles\iz7ef7g0.default\

FF - prefs.js: browser.search.defaulturl -

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - about:home

FF - prefs.js: keyword.URL - hxxp://search.bearshare.com//web?src=ffb&appid=21&systemid=2&sr=0&q=

FF - prefs.js: network.proxy.http - 127.0.0.1

FF - prefs.js: network.proxy.http_port - 64222

FF - prefs.js: network.proxy.type - 1

FF - plugin: c:\progra~1\micros~1\office14\NPAUTHZ.DLL

FF - plugin: c:\progra~1\micros~1\office14\NPSPWRAP.DLL

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\java\jre7\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\java\jre7\bin\new_plugin\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

.

============= SERVICES / DRIVERS ===============

.

R0 EMSC;COMPAL Embedded System Control;c:\windows\system32\drivers\EMSC.sys [2009-6-27 13680]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-10-10 232512]

R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]

R2 AtherosSvc;AtherosSvc;c:\program files\bluetooth suite\AdminService.exe [2010-7-30 56480]

R2 IDMWFP;IDMWFP;c:\windows\system32\drivers\idmwfp.sys [2011-9-14 89376]

R2 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2011-10-11 64080]

R2 uCamMonitor;CamMonitor;c:\program files\arcsoft\magic-i visual effects 2\uCamMonitor.exe [2010-12-30 104960]

R2 UCStream;UCStream;c:\program files\ucstream\UCStream.exe [2010-12-30 57344]

R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\drivers\ArcSoftKsUFilter.sys [2010-12-30 17920]

R3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys [2010-7-30 24736]

R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\drivers\rtl8192se.sys [2010-12-29 1017448]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]

R4 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-10-11 22216]

R4 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-10-11 366152]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]

S2 Amsp;Trend Micro Solution Platform;c:\program files\trend micro\amsp\coreServiceShell.exe [2011-10-11 196320]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\drivers\btath_flt.sys [2010-7-30 34976]

S3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\drivers\AthDfu.sys [2010-7-30 43680]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]

S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2010-7-30 255648]

S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys [2010-7-30 175776]

S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\drivers\btath_lwflt.sys [2010-7-30 45728]

S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys [2010-7-30 141088]

S3 BtFilter;BtFilter;c:\windows\system32\drivers\btfilter.sys [2010-7-30 235168]

S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-12-30 39272]

S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]

S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2010-12-28 171520]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-12-27 249888]

S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]

S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-9-13 52224]

S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-5-2 1343400]

S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-23 51040]

.

=============== Created Last 30 ================

.

2011-10-11 11:38:34 -------- d-----w- C:\TDSSKiller_Quarantine

2011-10-11 11:07:38 709968 ----a-w- c:\windows\is-KMUTE.exe

2011-10-11 10:48:14 180224 --sh--r- c:\users\aidil 7\cfgov.exe

2011-10-11 10:48:07 659456 ----a-w- c:\users\aidil 7\zauqm.exe

2011-10-11 06:59:38 69632 ----a-w- c:\users\aidil 7\aohost.exe

2011-10-11 06:59:31 180224 ----a-w- c:\users\aidil 7\rbUCGLt3.exe

2011-10-11 06:59:28 659456 ----a-w- c:\users\aidil 7\ntif.exe

2011-10-11 06:58:29 174592 ----a-w- c:\users\aidil 7\appdata\roaming\wmplayer.exe

2011-10-11 05:50:53 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-10-11 05:30:23 156486 ----a-w- c:\users\aidil 7\ezhost.exe

2011-10-11 05:29:51 24576 ----a-w- c:\users\aidil 7\dzhost.exe

2011-10-11 05:29:47 174080 ----a-w- c:\users\aidil 7\czhost.exe

2011-10-11 05:29:07 163256 ----a-w- c:\users\aidil 7\azhost.exe

2011-10-11 05:27:52 703262 ----a-w- c:\users\aidil 7\paavuf.exe

2011-10-11 04:36:02 -------- d-----w- c:\program files\Anti Trojan Elite

2011-10-10 22:33:00 92112 ----a-w- c:\windows\system32\drivers\tmtdi.sys

2011-10-10 22:30:30 80464 ----a-w- c:\windows\system32\drivers\tmactmon.sys

2011-10-10 22:30:30 64080 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys

2011-10-10 22:30:30 189520 ----a-w- c:\windows\system32\drivers\tmcomm.sys

2011-10-10 22:08:02 174592 ----a-w- c:\users\aidil 7\appdata\roaming\microsoft\f09b\4DB.exe

2011-10-10 21:55:28 -------- d-----w- c:\programdata\Trend Micro

2011-10-10 21:55:26 -------- d-----w- c:\program files\Trend Micro

2011-10-10 21:54:18 -------- d-----w- c:\users\aidil 7\appdata\roaming\B1B71

2011-10-10 21:26:46 473 ----a-w- c:\programdata\1318281998.2164.bin

2011-10-10 21:26:46 459 ----a-w- c:\programdata\1318281998.3600.bin

2011-10-10 21:26:39 579 ----a-w- c:\programdata\1318281998.3776.bin

2011-10-10 21:26:39 462 ----a-w- c:\programdata\1318281998.3504.bin

2011-10-10 21:26:38 28135 ----a-w- c:\programdata\1318281998.3800.bin

2011-10-10 21:18:10 459 ----a-w- c:\programdata\1318281484.2980.bin

2011-10-10 21:18:10 446 ----a-w- c:\programdata\1318281484.2404.bin

2011-10-10 21:18:06 583 ----a-w- c:\programdata\1318281484.3408.bin

2011-10-10 21:18:06 462 ----a-w- c:\programdata\1318281484.2460.bin

2011-10-10 21:18:04 28043 ----a-w- c:\programdata\1318281484.2736.bin

2011-10-10 21:07:55 459 ----a-w- c:\programdata\1318280870.3700.bin

2011-10-10 21:07:55 396 ----a-w- c:\programdata\1318280870.1292.bin

2011-10-10 21:07:51 579 ----a-w- c:\programdata\1318280870.3352.bin

2011-10-10 21:07:51 462 ----a-w- c:\programdata\1318280870.1480.bin

2011-10-10 21:07:50 28140 ----a-w- c:\programdata\1318280870.3316.bin

2011-10-10 21:06:39 -------- d-----w- c:\program files\common files\Bitdefender

2011-10-10 19:44:40 -------- d-----w- c:\program files\try

2011-10-10 18:41:49 -------- d-----w- c:\users\aidil 7\appdata\roaming\Malwarebytes

2011-10-10 18:41:35 -------- d-----w- c:\programdata\Malwarebytes

2011-10-10 18:41:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-10-10 18:16:58 703262 ----a-w- c:\users\aidil 7\qtiv.exe

2011-10-10 18:11:20 17966 ----a-w- c:\users\aidil 7\calc.exe

2011-10-10 18:05:26 180224 ----a-w- c:\users\aidil 7\wOjgadi4.exe

2011-10-10 18:02:45 703262 ----a-w- c:\users\aidil 7\lzat.exe

2011-10-10 17:46:52 767952 ----a-w- c:\windows\BDTSupport.dll1056.old

2011-10-10 17:46:51 149456 ----a-w- c:\windows\SGDetectionTool.dll1056.old

2011-10-10 17:46:50 1652688 ----a-w- c:\windows\PCTBDCore.dll1056.old

2011-10-10 17:44:19 -------- d-----w- c:\program files\common files\PC Tools

2011-10-10 17:34:43 174080 ----a-w- c:\users\aidil 7\appdata\roaming\microsoft\lvvm.exe

2011-10-10 17:33:27 180224 ------w- c:\users\aidil 7\qoeupoh.exe

2011-10-10 16:02:06 7269712 ------w- c:\programdata\microsoft\windows defender\definition updates\{23c201d5-c71e-47c1-8410-8355f78d7e10}\mpengine.dll

2011-10-10 14:49:13 -------- d-----w- c:\users\aidil 7\appdata\local\AresXZ

2011-10-10 10:45:58 -------- d-----w- c:\users\aidil 7\spkpod

2011-10-10 09:48:31 -------- d-----w- c:\users\aidil 7\appdata\roaming\RegGenie

2011-10-10 09:41:37 -------- d-----w- c:\users\aidil 7\appdata\roaming\LimeRunner

2011-10-10 09:35:55 173568 ----a-w- c:\users\aidil 7\appdata\roaming\java.exe

2011-10-10 09:25:31 -------- d-----w- c:\programdata\cA27400HgMcD27400

2011-10-10 09:22:27 174592 ----a-w- c:\users\aidil 7\appdata\roaming\firefox.exe

2011-10-10 08:17:08 232512 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys

2011-10-10 08:16:50 -------- d-----w- c:\program files\DAEMON Tools Lite

2011-10-10 08:16:16 -------- d-----w- c:\users\aidil 7\appdata\roaming\DAEMON Tools Lite

2011-10-10 08:16:11 -------- d-----w- c:\programdata\DAEMON Tools Lite

2011-10-03 08:20:49 -------- d-----w- c:\program files\Sun

2011-10-03 08:20:22 544656 ----a-w- c:\windows\system32\deployJava1.dll

2011-10-01 14:18:45 -------- d-----w- c:\users\aidil 7\appdata\local\Graboid_Inc

2011-10-01 14:18:43 -------- d-----w- c:\users\aidil 7\appdata\local\Graboid

2011-10-01 14:18:38 -------- d-----w- c:\users\aidil 7\appdata\local\Geckofx

2011-10-01 14:13:50 -------- d-----w- c:\program files\VideoLAN

2011-10-01 14:12:57 -------- d-----w- c:\program files\Graboid

2011-10-01 04:36:37 175616 ----a-w- c:\windows\system32\unrar.dll

2011-10-01 04:36:21 232448 ----a-w- c:\windows\system32\mp3fhg.acm

2011-10-01 04:36:19 151552 ----a-w- c:\windows\system32\ac3acm.acm

2011-10-01 04:33:34 -------- d-----w- c:\program files\K-Lite Codec Pack

2011-10-01 04:21:31 -------- d-----w- c:\users\aidil 7\appdata\local\Babylon

2011-10-01 04:21:30 -------- d-----w- c:\programdata\Babylon

2011-10-01 04:21:29 -------- d-----w- c:\users\aidil 7\appdata\roaming\Babylon

2011-10-01 04:07:39 -------- d-----w- c:\windows\system32\custom matrices

2011-10-01 04:07:22 -------- d-----w- c:\windows\system32\QuickTime

2011-10-01 04:07:22 -------- d-----w- c:\windows\system32\C2MP

2011-09-28 15:04:19 957952 ----a-w- c:\windows\system32\BCMLogon.dll

2011-09-28 15:03:53 6656 ----a-w- c:\windows\system32\bcmwlrc.dll

2011-09-28 15:03:52 50704 ----a-w- c:\windows\system32\drivers\npf.sys

2011-09-28 15:03:52 18424 ----a-w- c:\windows\system32\drivers\bcm42rly.sys

2011-09-28 15:03:50 4190208 ----a-w- c:\windows\system32\bcmttls.dll

2011-09-28 15:03:49 58368 ----a-w- c:\windows\system32\bcmwlrmt.dll

2011-09-28 15:03:49 52224 ----a-w- c:\windows\system32\wltrynt.dll

2011-09-28 15:03:47 7162368 ----a-w- c:\windows\system32\BCMWLCPL.CPL

2011-09-28 15:03:46 457 ----a-w- c:\windows\system32\vcredist_x86.bat

2011-09-28 15:03:46 2682880 ----a-w- c:\windows\system32\vcredist_x86.exe

2011-09-28 15:03:46 -------- d-----w- c:\windows\system32\vs08

2011-09-28 15:03:36 -------- d-----w- c:\program files\Broadcom

2011-09-28 14:51:29 -------- d-----w- c:\windows\system32\SPReview

2011-09-28 14:48:56 -------- d-----w- c:\windows\system32\EventProviders

2011-09-26 02:00:40 -------- d-----w- c:\users\aidil 7\appdata\local\Programs

2011-09-25 15:36:26 -------- d-----w- c:\users\aidil 7\appdata\local\ElevatedDiagnostics

2011-09-24 19:03:00 -------- d-----w- c:\program files\MSXML 4.0

2011-09-24 02:21:49 -------- d-----w- c:\users\aidil 7\appdata\local\Dark_Swan_Knight

2011-09-24 01:48:08 -------- d-----w- c:\programdata\Sunbelt

2011-09-24 01:47:19 -------- d-----w- c:\program files\Sunbelt Software

2011-09-23 19:45:06 -------- d-----w- c:\programdata\Alwil Software

2011-09-23 04:26:25 7269712 ------w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll

2011-09-22 11:57:38 -------- d-----w- c:\program files\Mario Forever

2011-09-22 11:00:54 -------- d-----w- c:\programdata\PCSettings

2011-09-21 23:16:26 192512 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\iuser.dll

2011-09-21 23:16:25 724992 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\iKernel.dll

2011-09-21 23:16:25 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\ctor.dll

2011-09-21 23:16:25 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\DotNetInstaller.exe

2011-09-21 23:16:25 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\iscript.dll

2011-09-21 23:16:18 311428 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\Setup.dll

2011-09-21 23:16:18 184452 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\iGdi.dll

2011-09-21 22:51:14 -------- d-----w- C:\Team17

2011-09-21 21:02:25 -------- d-----w- c:\program files\Rovio

2011-09-21 20:51:20 200313 ----a-w- c:\windows\Angry Birds Uninstaller.exe

2011-09-21 20:51:02 -------- d-----w- c:\program files\Angry Birds

2011-09-21 11:02:39 -------- d-----w- c:\users\aidil 7\appdata\roaming\IDM

2011-09-21 11:02:39 -------- d-----w- c:\users\aidil 7\appdata\roaming\DMCache

2011-09-21 11:02:21 -------- d-----w- c:\program files\Internet Download Manager

2011-09-20 20:25:30 -------- d-----w- c:\programdata\boost_interprocess

2011-09-20 12:43:48 -------- d-----w- c:\users\aidil 7\appdata\roaming\MusicNet

2011-09-20 12:36:17 -------- d-----w- c:\users\aidil 7\appdata\local\PackageAware

2011-09-20 09:07:56 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-09-19 17:39:46 -------- d-----w- c:\windows\system32\appmgmt

2011-09-17 18:06:50 -------- d-----w- c:\users\aidil 7\appdata\local\Real

2011-09-17 18:06:50 -------- d-----w- c:\program files\Real Alternative

2011-09-17 08:25:14 -------- d-----w- c:\users\aidil 7\appdata\local\Windows Live

2011-09-17 08:24:51 -------- d-----w- c:\users\aidil 7\appdata\local\{4281F5BB-10B3-4878-AA21-BB982643354B}

2011-09-17 08:24:33 -------- d-----w- c:\users\aidil 7\Tracing

2011-09-17 08:22:57 -------- d-----w- c:\programdata\VOWSoft

2011-09-14 10:20:22 89376 ----a-w- c:\windows\system32\drivers\idmwfp.sys

2011-09-13 09:11:58 520064 ----a-w- c:\windows\system32\mcupdate_GenuineIntel.dll

2011-09-13 09:10:59 49488 ----a-w- c:\windows\system32\netfxperf.dll

2011-09-13 09:09:59 392192 ----a-w- c:\windows\system32\imapi2.dll

2011-09-13 09:08:59 161792 ----a-w- c:\windows\system32\netjoin.dll

2011-09-13 09:07:59 95232 ----a-w- c:\windows\system32\logagent.exe

2011-09-13 09:06:59 41984 ----a-w- c:\windows\system32\browcli.dll

2011-09-13 09:05:21 780288 ----a-w- c:\windows\system32\wbem\wbemcore.dll

2011-09-13 09:05:21 363008 ----a-w- c:\windows\system32\wbemcomn.dll

2011-09-13 09:05:21 189952 ----a-w- c:\program files\windows portable devices\sqmapi.dll

2011-09-13 09:05:20 606208 ----a-w- c:\windows\system32\wbem\fastprox.dll

2011-09-13 09:05:20 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll

2011-09-13 09:04:49 189952 ----a-w- c:\windows\system32\sqmapi.dll

2011-09-13 09:04:48 697344 ----a-w- c:\windows\system32\SmiEngine.dll

2011-09-13 09:04:18 209920 ----a-w- c:\windows\system32\PkgMgr.exe

2011-09-13 09:04:18 189952 ----a-w- c:\windows\system32\wdscore.dll

2011-09-13 09:02:54 323072 ----a-w- c:\windows\system32\drvstore.dll

2011-09-13 09:02:52 257024 ----a-w- c:\windows\system32\dpx.dll

2011-09-13 06:25:42 2048 ----a-w- c:\windows\system32\tzres.dll

.

==================== Find3M ====================

.

2011-09-28 15:14:56 152576 ----a-w- c:\windows\system32\msclmd.dll

2011-08-29 08:00:00 74752 ----a-w- c:\windows\system32\ff_vfw.dll

2011-07-31 18:47:46 3577856 ----a-w- c:\windows\system32\ffdshow.ax

2011-07-31 18:31:38 3854848 ----a-w- c:\windows\system32\ffmpeg.dll

2011-07-22 04:54:18 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2011-07-19 19:06:48 259584 ----a-w- c:\windows\system32\TomsMoComp_ff.dll

2011-07-19 19:06:36 158208 ----a-w- c:\windows\system32\ff_unrar.dll

2011-07-19 19:06:34 96768 ----a-w- c:\windows\system32\ff_wmv9.dll

2011-07-19 19:06:34 1524224 ----a-w- c:\windows\system32\ff_samplerate.dll

2011-07-19 19:06:32 145920 ----a-w- c:\windows\system32\ff_libmad.dll

2011-07-19 19:06:30 136704 ----a-w- c:\windows\system32\libmpeg2_ff.dll

2011-07-19 19:06:30 113664 ----a-w- c:\windows\system32\ff_liba52.dll

2011-07-19 19:06:28 327680 ----a-w- c:\windows\system32\ff_libfaad2.dll

2011-07-19 19:06:28 211456 ----a-w- c:\windows\system32\ff_libdts.dll

2011-07-16 04:27:30 290816 ----a-w- c:\windows\system32\KernelBase.dll

2011-07-16 02:17:19 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll

2011-07-16 02:17:19 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2011-07-16 02:17:19 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2011-07-16 02:17:19 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll

.

============= FINISH: 19:50:25.65 ===============

[screen317]

Doesn't sound like malware to me, personally. We can certainly check though.

• Download the file TDSSKiller.zip and extract it into a folder on the infected PC.
  
• Execute the file TDSSKiller.exe by double-clicking on it.
  
• Wait for the scan and disinfection process to be over.
  
• When its work is over, the utility prompts for a reboot to complete the disinfection.

By default, the utility outputs runtime log into the system disk root directory (the disk where the operating system is installed, C:\ as a rule).

The log is like UtilityName.Version_Date_Time_log.txt.

for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt.

Please post that log here.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

• When the tool is finished, it will produce a report for you.
  
• Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

-screen317

[screen317]

Are you still with us? This topic will be closed in a few days if we do not hear back from you.

[screen317]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!