well, after a trip to a local copy store, my 1TB HDD got infected with this extremely annoying maleware, it hides everything in the ".trashes" folder and then puts shortcuts instead wich points to "system32" folder when i hover the mouse at them but they still open my original folders.
the original folders are hidden in the .trashes folder on myUSB HDD, unhiding them and moving them to root folder works but only to happen again after a little while!
i noticed that it also disabled my Avira antivirus real time protection and it can't be enabled again, it blocked malewarebytes anti-malware installation with this stupid message, too !
it doesn't kill the process of installation immediately,though.. the installation window is present but it's hidden behind this stupid pop-up window, if i move it i can complete the installation by clicking quick enough!
Mbam couldn't find a threat after a full system scan,though...and when i try o scan my hard drive alone it mostly hangs and can't be completed, but i mostly think it's because my HDD was having some "head stuck on a platter" issues the other day. it infected my mobile when i connected it,too..so i think it's present at my system by now, not only the flash drive, but still mbam couldn't find anything.
it also blocks the opening of both mbam (after installation) and dds, and i couldn't run them until i changed their names to something else.
please guys, i need some help with this..thanks a million.
- Code: Select all
voDDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.17207 Run by MOI at 6:16:41 on 2014-10-31 Microsoft Windows 7 Ultimate 6.1.7601.1.1256.20.1033.18.8159.5570 [GMT 2:00] . AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859} SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files\Sandboxie\SbieSvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe C:\Program Files (x86)\Bluetooth Suite\adminservice.exe E:\GAMES\Sources\PS3 controller\SCP-DS-Driver-Package-1.2.0.160\ScpServer\bin\ScpService.exe C:\Windows\system32\IProsetMonitor.exe C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\WUDFHost.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Windows\system32\taskeng.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe E:\Programs\CPU-Z\Core Temp.exe C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe C:\Program Files (x86)\X7 Oscar Keyboard Editor\OscarEditor.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\Sandboxie\SbieCtrl.exe C:\Users\MOI\AppData\Roaming\wusofuvir\dllmonitor32.exe C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe C:\Users\MOI\AppData\Roaming\wusofuvir\tcpmgr.exe C:\Users\MOI\AppData\Roaming\wusofuvir\amdupdater64.exe C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = about:blank mStart Page = about:blank mSearch Page = about:blank mDefault_Page_URL = about:blank mDefault_Search_URL = about:blank mWinlogon: Userinit = userinit.exe BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: BitComet Helper: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll uRun: [OscarEditor] "C:\Program Files (x86)\X7 Oscar Keyboard Editor\\OscarEditor.exe" Minimum uRun: [OscarKeyboard] "C:\Program Files (x86)\X7 Oscar Keyboard Editor\OscarEditor.exe" Minimum uRun: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s uRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe uRun: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe" mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin mRun: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min mRun: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe dRun: [AviraSpeedup] "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun StartupFolder: C:\Users\MOI\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\WINDOW~1.LNK - C:\Users\MOI\AppData\Roaming\wusofuvir\tcpmgr.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WINDOW~1.LNK - C:\Users\MOI\AppData\Roaming\wusofuvir\tcpmgr.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-Explorer: NoDriveTypeAutoRun = dword:255 mPolicies-Explorer: NoAutorun = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 mPolicies-System: mtxk_hidefastuserswitching = dword:1 IE: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe/AddLink.htm IE: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 TCP: Interfaces\{24492637-1787-4670-B1DC-F75E4DB6DB82} : DHCPNameServer = 7.254.254.254 TCP: Interfaces\{961F65A3-8AA1-4202-8669-69DA03F45BC1} : NameServer = 8.8.8.8,8.8.4.4 TCP: Interfaces\{EC1FBBDC-2BFE-4529-B414-69C0E3C8C95D} : DHCPNameServer = 10.211.254.254 8.8.8.8 SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-mStart Page = about:blank x64-mSearch Page = about:blank x64-mDefault_Page_URL = about:blank x64-mDefault_Search_URL = about:blank x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" x64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe" x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\MOI\AppData\Roaming\Mozilla\Firefox\Profiles\sgambccf.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll . ============= SERVICES / DRIVERS =============== . R0 AiChargerPlus;ASUS Charger Plus Driver;C:\Windows\System32\drivers\AiChargerPlus.sys [2014-8-7 14464] R0 mv91xx;mv91xx;C:\Windows\System32\drivers\mv91xx.sys [2010-8-27 297000] R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2014-8-31 28600] R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-8-31 431920] R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [2011-6-13 922240] R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [2010-12-2 915584] R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2014-8-7 586880] R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-3-13 74912] R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2014-8-31 119272] R2 Ds3Service;SCP DS3 Service;E:\GAMES\Sources\PS3 controller\SCP-DS-Driver-Package-1.2.0.160\ScpServer\bin\ScpService.exe [2014-9-12 381952] R2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2014-8-28 180136] R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2014-8-30 133800] R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-8-7 1720608] R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-8-7 18956064] R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2014-8-7 2656280] R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\System32\drivers\ssadadb.sys [2014-9-5 36328] R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-9-14 129000] R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-9-14 394216] R3 ASUSstpt;ASUS USB 3.0 Boost Storage Driver (Storage Driver);C:\Windows\System32\drivers\ASUSstpt.sys [2014-8-7 24648] R3 ASUSumsc;ASUS USB 3.0 Boost Storage Driver (WDM);C:\Windows\System32\drivers\ASUSumsc.sys [2014-8-7 141896] R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2011-3-13 28832] R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);C:\Windows\System32\drivers\ICCWDT.sys [2010-8-17 26136] R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-8-7 20256] R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-8-7 40392] R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2013-7-8 199384] R3 ScpVBus;Scp Virtual Bus Driver;C:\Windows\System32\drivers\ScpVBus.sys [2014-9-12 39168] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2014-9-5 157160] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2014-9-5 16872] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2014-9-5 177128] R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\System32\drivers\ssadserd.sys [2014-9-5 145384] R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\System32\drivers\tap0901t.sys [2014-9-25 31232] RUnknown mbamchameleon;mbamchameleon; [x] S2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-8-31 431920] S2 Avira.OE.ServiceHost;Avira Service Host;C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-9-23 160560] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-1-30 103992] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-1-30 123960] S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2011-3-13 36000] S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\System32\drivers\AthDfu.sys [2011-3-13 51872] S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;C:\Program Files\BitComet\tools\BitCometService.exe -service --> C:\Program Files\BitComet\tools\BitCometService.exe -service [?] S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2011-3-13 298656] S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2011-3-13 201376] S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2011-3-13 55456] S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2011-3-13 154272] S3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2011-3-13 280224] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2014-9-5 82112] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-8-10 111616] S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\System32\drivers\MijXfilt.sys [2014-9-8 121416] S3 MUTENX_SERVICE;MUTENX_SERVICE;C:\Windows\System32\drivers\mutenx.sys [2014-9-26 67728] S3 MUTESV_SERVICE;MUTESV_SERVICE;C:\Program Files\ASTER-V7\mutesv.exe [2010-9-1 8704] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-8-8 20992] S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2014-9-27 31800] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2014-9-5 202560] S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-8-8 59392] S3 TunngleService;TunngleService;C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2014-9-25 758224] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-8-8 1255736] . =============== Created Last 30 ================ . 2014-10-31 03:46:13 -------- d-----w- C:\Users\MOI\AppData\Roaming\Malwarebytes 2014-10-31 03:45:35 -------- d-----w- C:\ProgramData\Malwarebytes 2014-10-31 03:45:35 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-10-30 14:02:40 -------- d-----w- C:\Program Files\SUPERAntiSpyware 2014-10-26 22:43:16 -------- d--h--w- C:\Users\MOI\AppData\Roaming\wusofuvir 2014-10-24 17:18:03 -------- d-----w- C:\Program Files (x86)\abgx360 2014-10-19 07:54:03 -------- d-----w- C:\Users\MOI\AppData\Local\Daring_Development_Inc 2014-10-19 07:53:57 -------- d-----w- C:\Program Files (x86)\Horizon 2014-10-12 16:49:48 -------- d-----w- C:\ProgramData\Oberon Media 2014-10-10 16:23:48 -------- d-----w- C:\Users\MOI\AppData\Local\Game Launcher 2014-10-09 21:50:06 -------- d-----w- C:\Program Files\LinkShellExtension 2014-10-09 17:18:57 2297552 ----a-w- C:\Windows\SysWow64\d3dx9_26.dll 2014-10-09 17:11:39 -------- d-----w- C:\Users\MOI\AppData\Local\CAPCOM 2014-10-09 16:59:01 462864 ----a-w- C:\Windows\SysWow64\d3dx10_37.dll 2014-10-09 16:59:01 3786760 ----a-w- C:\Windows\SysWow64\D3DX9_37.dll 2014-10-09 16:59:01 1420824 ----a-w- C:\Windows\SysWow64\D3DCompiler_37.dll 2014-10-09 16:58:39 -------- d-----w- C:\Windows\SysWow64\xlive 2014-10-09 16:58:39 -------- d-----w- C:\Program Files (x86)\Microsoft Games for Windows - LIVE 2014-10-08 05:36:17 -------- d-----w- C:\Users\MOI\Movies . ==================== Find3M ==================== . 2014-10-23 08:36:24 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2014-10-23 08:36:24 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2014-10-14 11:57:07 43064 ----a-w- C:\Windows\System32\drivers\avnetflt.sys 2014-10-14 11:57:03 119272 ----a-w- C:\Windows\System32\drivers\avgntflt.sys 2014-10-07 14:32:34 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2014-10-07 14:32:34 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2014-10-05 12:58:07 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0 2014-09-18 03:15:41 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe 2014-08-15 08:30:05 28600 ----a-w- C:\Windows\System32\drivers\avkmgr.sys 2014-08-10 12:50:14 878080 ----a-w- C:\Windows\System32\advapi32.dll 2014-08-10 12:50:14 859648 ----a-w- C:\Windows\System32\tdh.dll 2014-08-10 12:50:14 1732032 ----a-w- C:\Windows\System32\ntdll.dll 2014-08-10 12:50:13 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll 2014-08-10 12:50:13 619520 ----a-w- C:\Windows\SysWow64\tdh.dll 2014-08-10 12:50:13 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll 2014-08-10 12:48:06 1887232 ----a-w- C:\Windows\System32\d3d11.dll 2014-08-10 12:48:06 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll 2014-08-08 12:59:02 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll 2014-08-08 12:59:01 175616 ----a-w- C:\Windows\System32\msclmd.dll 2014-08-08 10:58:04 97504 ----a-w- C:\ProgramData\1407495366.bdinstall.bin 2014-08-08 10:56:11 37634 ----a-w- C:\ProgramData\1407495365.bdinstall.bin 2014-08-08 04:31:41 40445 ----a-w- C:\Users\MOI\uninstall.exe 2014-08-08 03:49:18 300981 ----a-w- C:\ProgramData\1407469293.bdinstall.bin 2014-08-08 03:37:16 48455 ----a-w- C:\ProgramData\1407469028.bdinstall.bin 2014-08-08 03:12:13 47340 ----a-w- C:\ProgramData\1407467490.bdinstall.bin 2014-08-07 19:43:53 16896 ----a-w- C:\Windows\AsTaskSched.dll 2014-08-07 18:42:39 111016 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll 2014-08-05 07:20:00 270496 ------w- C:\Windows\System32\MpSigStub.exe . ============= FINISH: 6:17:00.54 ===============
PS: couldn't provide the logs because it exceeds the 100000 character limit, and i couldn't use pastebin for the same reason..i will try to post it seprately
PPS: here's a link to just "view" the "attach" log, since i can't really post it anywhere for being too long
http://www.heypasteit.com/clip/1M10
EDIT: forgot to mention that none of these manfistations appear insafe mode, i can actually download, install, and scan with any antivirus i have (except bitdefender, couldn't install that) during safe mode, the problem still persist though as none of them can find anything.