vlad111
-
Posts
1 -
Joined
-
Last visited
This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.
avast! Antivirus, avastsvc.exe, always connects to internet?
in Resolved Malware Removal Logs
Posted
please help:
is this some type of spyware or malware?
avast! antivirus is constantly trying to connect to the internet, but malawarebytes blocks it. the ports and ips are always different and the program is:
avastsvc.exe
thank you in advance!
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 3/26/2012 2:42:05 PM
System Uptime: 11/28/2012 9:24:20 AM (11 hours ago)
.
Motherboard: Hewlett-Packard | | 3387
Processor: AMD E-450 APU with Radeon HD Graphics | Socket FT1 | 825/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 446 GiB total, 171.873 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 8.11 GiB free.
E: is FIXED (FAT32) - 4 GiB total, 1.1 GiB free.
G: is FIXED (NTFS) - 0 GiB total, 0.116 GiB free.
Y: is NetworkDisk (NTFS) - 928 GiB total, 244.19 GiB free.
Z: is NetworkDisk (NTFS) - 928 GiB total, 244.19 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Description: Broadcom 20702 Bluetooth 4.0 Adapter
Device ID: USB\VID_0A5C&PID_21E3\9439E5CC2A6F
Manufacturer: Broadcom
Name: Broadcom 20702 Bluetooth 4.0 Adapter
PNP Device ID: USB\VID_0A5C&PID_21E3\9439E5CC2A6F
Service: BTHUSB
.
==== System Restore Points ===================
.
RP150: 11/21/2012 2:47:51 AM - Центр обновления Windows
RP151: 11/23/2012 11:13:11 PM - Installed TuneUp Utilities 2012
RP152: 11/26/2012 2:03:15 PM - Installed calibre
RP153: 11/27/2012 5:09:04 PM - Центр обновления Windows
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Звуковое устройство IDT Audio
ACDSee Pro 5
Active@ File Recovery
Adobe Community Help
Adobe Digital Editions 2.0
Adobe Flash Player 11 Plugin
Adobe Photoshop CS5.1
Adobe Reader X (10.1.4)
AMD APP SDK Runtime
AMD Media Foundation Decoders
AMD VISION Engine Control Center
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI Catalyst Install Manager
avast! Free Antivirus
BitTorrent
Bonjour
Broadcom 802.11 Wireless LAN Adapter
Broadcom Bluetooth Software
Broadcom InConcert Maestro
Canon MF3110
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
CyberLink YouCam
GiliSoft File Lock Pro 6.5
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Hewlett-Packard ACLM.NET v1.1.0.0
HP 3D DriveGuard
HP Product Detection
iCloud
iPhoneBrowser
iTunes
Java 6 Update 16
Malwarebytes Anti-Malware version 1.62.0.1300
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access MUI (Russian) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Excel MUI (Russian) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove MUI (Russian) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office InfoPath MUI (Russian) 2007
Microsoft Office Language Pack 2007 - English
Microsoft Office O MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office OneNote MUI (Russian) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office Outlook MUI (Russian) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint MUI (Russian) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Russian) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proof (Ukrainian) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (Russian) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Publisher MUI (Russian) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (Russian) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
Microsoft Office SharePoint Designer MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office Word MUI (Russian) 2007
Microsoft Office X MUI (English) 2007
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
Mozilla Firefox 16.0.2 (x86 en-US)
Mozilla Maintenance Service
PDF Settings CS5
PowerISO
QuickTime
Realtek USB 2.0 Card Reader
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition
Skype Click to Call
Skype™ 5.10
Spybot - Search & Destroy
SqrSoft® Advanced Crossfading (remove only)
SUPERAntiSpyware
Synaptics TouchPad Driver
TuneUp Utilities 2012
TuneUp Utilities Language Pack (en-US)
Ubisoft Game Launcher
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760413) 32-Bit Edition
VLC media player 1.1.11
WD SmartWare
Winamp
WinRAR 4.01 (32-bit)
WinSCP 5.1.1
.
==== End Of File ===========================
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16455
Run by Администратор at 20:51:00 on 2012-11-28
Microsoft Windows 7 Ultimate 6.1.7601.1.1251.7.1049.18.3579.1983 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\atiesrxx.exe
C:\Program Files\IDT\WDM\STacSV.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\GiliSoft\File Lock Pro\FLService.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\GiliSoft\File Lock Pro\FLClient.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\CyberLink\YouCam\YCMMirage.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files\AVAST Software\BitTorrent\BitTorrent.exe
C:\Windows\explorer.exe
C:\Windows\explorer.exe
C:\Windows\explorer.exe
C:\Windows\explorer.exe
C:\Windows\explorer.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\system32\taskhost.exe
C:\Windows\helppane.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://isearch.avg.com/?cid={8F44B1E1-B8BF-46BE-A3EE-FCB69516E806}&mid=7f949fefaeff47d0a57f41e58f76ea5a-2b8bee0dbfb7965f88a785f41df708d879cf371d〈=en&ds=is015&pr=sa&d=2012-03-28 17:49:21&v=10.2.0.3&sap=hp
uWindow Title = Internet Explorer предоставлен: www.4free.in.ua
uDefault_Page_URL = hxxp://www.4free.in.ua/index.php
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: FLockObj Class: {97F4988F-6D68-4abc-9F18-7B5AAFFDACE4} - c:\program files\gilisoft\file lock pro\FolderLockPlugin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [Gili File Lock Helper] "c:\program files\gilisoft\file lock pro\WinFLockerHelp.exe" CheckLockedFolder
uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [sysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wddmst~1.lnk - c:\program files\western digital\wd smartware\wd drive manager\WDDMStatus.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wdsmar~1.lnk - c:\program files\western digital\wd smartware\front parlor\WDSmartWare.exe
uPolicies-Explorer: NoSMConfigurePrograms = dword:1
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-Explorer: ForceClassicControlPanel = dword:1
mPolicies-Explorer: NoSMConfigurePrograms = dword:1
IE: &Экспорт в Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{D70BFB7C-45FE-4E9A-888D-753EF24A0F30} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{D70BFB7C-45FE-4E9A-888D-753EF24A0F30}\05F64637F6C6E65787 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{D70BFB7C-45FE-4E9A-888D-753EF24A0F30}\55E44534 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{D70BFB7C-45FE-4E9A-888D-753EF24A0F30}\C656F6E696C616 : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
LSA: Notification Packages = scecli c:\program files\widcomm\bluetooth software\BtwProximityCP.dll
IFEO: bttray.exe - "c:\program files\tuneup utilities 2012\TUAutoReactivator32.exe"
IFEO: itunes.exe - "c:\program files\tuneup utilities 2012\TUAutoReactivator32.exe"
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\администратор\appdata\roaming\mozilla\firefox\profiles\r74mjq9r.default\
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys [2011-4-16 66688]
R0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys [2011-4-16 33408]
R0 FileLock;FileLock;c:\windows\system32\drivers\FileLock.sys [2012-11-9 35328]
R0 MxEFUF;Matrox Extio Upper Function Filter;c:\windows\system32\drivers\MxEFUF32.sys [2012-4-9 102728]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-3-27 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-3-27 361032]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-3-27 21256]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-3-27 58680]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2010-11-17 101392]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\drivers\clwvd.sys [2010-7-28 27632]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-4-7 22344]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2012-3-26 197224]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2012-4-6 514152]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2012\TuneUpUtilitiesDriver32.sys [2011-10-20 10064]
R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2012-3-26 41600]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys [2012-7-8 142632]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys [2012-7-8 525352]
S3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\drivers\btwdpan.sys [2012-7-8 76328]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2012-7-8 33832]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2011-8-2 18432]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-3-26 15872]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2009-2-13 11520]
SUnknown TsUsbFlt;TsUsbFlt; [x]
SUnknown tsusbhub;tsusbhub; [x]
.
=============== Created Last 30 ================
.
2012-11-28 18:51:10 -------- d-----w- c:\users\?фьшэшёЄЁрЄюЁ\appdata\local\Microsoft
2012-11-28 18:14:43 -------- d-----w- c:\programdata\MFAData
2012-11-28 17:54:21 -------- d-----w- c:\users\администратор\appdata\roaming\SUPERAntiSpyware.com
2012-11-28 17:53:38 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-11-28 17:53:38 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-11-27 15:09:47 6812136 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{9c065237-8689-4f7b-a48d-39146e789dc6}\mpengine.dll
2012-11-25 13:29:52 -------- d-----w- c:\windows\system32\D
2012-11-23 21:14:38 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2012-11-23 21:14:37 21312 ----a-w- c:\windows\system32\authuitu.dll
2012-11-23 21:14:11 -------- d-----w- c:\users\администратор\appdata\roaming\TuneUp Software
2012-11-23 21:13:51 -------- d-----w- c:\program files\TuneUp Utilities 2012
2012-11-23 21:13:01 -------- d-----w- c:\programdata\TuneUp Software
2012-11-23 21:12:51 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-11-23 19:44:36 402432 ----a-w- c:\program files\mozilla firefox\d\tuneup.utilities.2012.v12.0.2030.10.incl.keygen-lz0\lz0\KeyMaker.exe
2012-11-23 19:44:32 26669432 ----a-w- c:\program files\mozilla firefox\d\tuneup.utilities.2012.v12.0.2030.10.incl.keygen-lz0\TuneUpUtilities2012_en-US.exe
2012-11-15 08:06:04 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-15 08:06:02 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-15 08:06:02 194048 ----a-w- c:\program files\internet explorer\IEShims.dll
2012-11-15 08:06:02 140960 ----a-w- c:\program files\internet explorer\sqmapi.dll
2012-11-15 08:06:00 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-15 08:02:20 -------- d-sh--w- c:\windows\system32\%APPDATA%
2012-11-14 21:56:52 78336 ----a-w- c:\windows\system32\synceng.dll
2012-11-14 21:56:46 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-11-14 17:29:39 -------- d-----w- c:\program files\WinSCP
2012-11-14 17:14:08 -------- d-----w- c:\program files\iPhoneBrowser
2012-11-12 10:55:33 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-11-09 15:57:45 21539 ----a-w- c:\windows\FileLock.bin
2012-11-09 15:55:11 -------- d-----w- c:\users\администратор\appdata\roaming\Gili File Lock
2012-11-09 15:54:30 -------- d-----w- c:\programdata\GiliSoft
2012-11-09 15:54:26 35328 ----a-w- c:\windows\system32\drivers\FileLock.sys
2012-11-09 15:54:18 -------- d-----w- c:\program files\GiliSoft
2012-11-09 15:04:2
.
==================== Find3M ====================
.
2012-10-30 22:51:58 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51:57 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:51:07 41224 ----a-w- c:\windows\avastSS.scr
2012-10-15 16:59:28 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-10-08 07:56:24 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-10-08 07:48:03 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-10-08 07:47:44 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-09-22 12:45:53 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-22 12:45:53 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-14 18:28:53 2048 ----a-w- c:\windows\system32\tzres.dll
.
============= FINISH: 20:54:31.18 ===============