Jump to content

avast! Antivirus, avastsvc.exe, always connects to internet?


vlad111
 Share

Recommended Posts

please help:

is this some type of spyware or malware?

avast! antivirus is constantly trying to connect to the internet, but malawarebytes blocks it. the ports and ips are always different and the program is:

avastsvc.exe

thank you in advance!

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 3/26/2012 2:42:05 PM

System Uptime: 11/28/2012 9:24:20 AM (11 hours ago)

.

Motherboard: Hewlett-Packard | | 3387

Processor: AMD E-450 APU with Radeon HD Graphics | Socket FT1 | 825/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 446 GiB total, 171.873 GiB free.

D: is FIXED (NTFS) - 15 GiB total, 8.11 GiB free.

E: is FIXED (FAT32) - 4 GiB total, 1.1 GiB free.

G: is FIXED (NTFS) - 0 GiB total, 0.116 GiB free.

Y: is NetworkDisk (NTFS) - 928 GiB total, 244.19 GiB free.

Z: is NetworkDisk (NTFS) - 928 GiB total, 244.19 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}

Description: Broadcom 20702 Bluetooth 4.0 Adapter

Device ID: USB\VID_0A5C&PID_21E3\9439E5CC2A6F

Manufacturer: Broadcom

Name: Broadcom 20702 Bluetooth 4.0 Adapter

PNP Device ID: USB\VID_0A5C&PID_21E3\9439E5CC2A6F

Service: BTHUSB

.

==== System Restore Points ===================

.

RP150: 11/21/2012 2:47:51 AM - Центр обновления Windows

RP151: 11/23/2012 11:13:11 PM - Installed TuneUp Utilities 2012

RP152: 11/26/2012 2:03:15 PM - Installed calibre

RP153: 11/27/2012 5:09:04 PM - Центр обновления Windows

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

Звуковое устройство IDT Audio

ACDSee Pro 5

Active@ File Recovery

Adobe Community Help

Adobe Digital Editions 2.0

Adobe Flash Player 11 Plugin

Adobe Photoshop CS5.1

Adobe Reader X (10.1.4)

AMD APP SDK Runtime

AMD Media Foundation Decoders

AMD VISION Engine Control Center

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ATI Catalyst Install Manager

avast! Free Antivirus

BitTorrent

Bonjour

Broadcom 802.11 Wireless LAN Adapter

Broadcom Bluetooth Software

Broadcom InConcert Maestro

Canon MF3110

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-utility

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CCleaner

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

CyberLink YouCam

GiliSoft File Lock Pro 6.5

Google Chrome

Google Earth

Google Toolbar for Internet Explorer

Google Update Helper

Hewlett-Packard ACLM.NET v1.1.0.0

HP 3D DriveGuard

HP Product Detection

iCloud

iPhoneBrowser

iTunes

Java 6 Update 16

Malwarebytes Anti-Malware version 1.62.0.1300

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access MUI (Russian) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office Excel MUI (Russian) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove MUI (Russian) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office InfoPath MUI (Russian) 2007

Microsoft Office Language Pack 2007 - English

Microsoft Office O MUI (English) 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office OneNote MUI (Russian) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office Outlook MUI (Russian) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint MUI (Russian) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proof (Russian) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proof (Ukrainian) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing (Russian) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Publisher MUI (Russian) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared MUI (Russian) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)

Microsoft Office SharePoint Designer MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Office Word MUI (Russian) 2007

Microsoft Office X MUI (English) 2007

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Microsoft_VC80_ATL_x86

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_ATL_x86

Microsoft_VC90_CRT_x86

Microsoft_VC90_MFC_x86

Microsoft_VC90_MFCLOC_x86

Mozilla Firefox 16.0.2 (x86 en-US)

Mozilla Maintenance Service

PDF Settings CS5

PowerISO

QuickTime

Realtek USB 2.0 Card Reader

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition

Skype Click to Call

Skype™ 5.10

Spybot - Search & Destroy

SqrSoft® Advanced Crossfading (remove only)

SUPERAntiSpyware

Synaptics TouchPad Driver

TuneUp Utilities 2012

TuneUp Utilities Language Pack (en-US)

Ubisoft Game Launcher

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760413) 32-Bit Edition

VLC media player 1.1.11

WD SmartWare

Winamp

WinRAR 4.01 (32-bit)

WinSCP 5.1.1

.

==== End Of File ===========================

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 9.0.8112.16455

Run by Администратор at 20:51:00 on 2012-11-28

Microsoft Windows 7 Ultimate 6.1.7601.1.1251.7.1049.18.3579.1983 [GMT 2:00]

.

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\atiesrxx.exe

C:\Program Files\IDT\WDM\STacSV.exe

C:\Windows\system32\Hpservice.exe

C:\Windows\system32\atieclxx.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\IDT\WDM\aestsrv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\GiliSoft\File Lock Pro\FLService.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe

C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\GiliSoft\File Lock Pro\FLClient.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\CyberLink\YouCam\YCMMirage.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe

C:\Program Files\AVAST Software\BitTorrent\BitTorrent.exe

C:\Windows\explorer.exe

C:\Windows\explorer.exe

C:\Windows\explorer.exe

C:\Windows\explorer.exe

C:\Windows\explorer.exe

C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Windows\system32\taskhost.exe

C:\Windows\helppane.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\System32\svchost.exe -k secsvcs

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://isearch.avg.com/?cid={8F44B1E1-B8BF-46BE-A3EE-FCB69516E806}&mid=7f949fefaeff47d0a57f41e58f76ea5a-2b8bee0dbfb7965f88a785f41df708d879cf371d〈=en&ds=is015&pr=sa&d=2012-03-28 17:49:21&v=10.2.0.3&sap=hp

uWindow Title = Internet Explorer предоставлен: www.4free.in.ua

uDefault_Page_URL = hxxp://www.4free.in.ua/index.php

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll

BHO: FLockObj Class: {97F4988F-6D68-4abc-9F18-7B5AAFFDACE4} - c:\program files\gilisoft\file lock pro\FolderLockPlugin.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll

uRun: [Gili File Lock Helper] "c:\program files\gilisoft\file lock pro\WinFLockerHelp.exe" CheckLockedFolder

uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe

mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [sysTrayApp] c:\program files\idt\wdm\sttray.exe

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wddmst~1.lnk - c:\program files\western digital\wd smartware\wd drive manager\WDDMStatus.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wdsmar~1.lnk - c:\program files\western digital\wd smartware\front parlor\WDSmartWare.exe

uPolicies-Explorer: NoSMConfigurePrograms = dword:1

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

mPolicies-Explorer: ForceClassicControlPanel = dword:1

mPolicies-Explorer: NoSMConfigurePrograms = dword:1

IE: &Экспорт в Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

.

INFO: HKLM has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab

TCP: NameServer = 192.168.0.1

TCP: Interfaces\{D70BFB7C-45FE-4E9A-888D-753EF24A0F30} : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{D70BFB7C-45FE-4E9A-888D-753EF24A0F30}\05F64637F6C6E65787 : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{D70BFB7C-45FE-4E9A-888D-753EF24A0F30}\55E44534 : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{D70BFB7C-45FE-4E9A-888D-753EF24A0F30}\C656F6E696C616 : DHCPNameServer = 192.168.1.1

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL

LSA: Notification Packages = scecli c:\program files\widcomm\bluetooth software\BtwProximityCP.dll

IFEO: bttray.exe - "c:\program files\tuneup utilities 2012\TUAutoReactivator32.exe"

IFEO: itunes.exe - "c:\program files\tuneup utilities 2012\TUAutoReactivator32.exe"

Hosts: 127.0.0.1 www.spywareinfo.com

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\администратор\appdata\roaming\mozilla\firefox\profiles\r74mjq9r.default\

.

============= SERVICES / DRIVERS ===============

.

R0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys [2011-4-16 66688]

R0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys [2011-4-16 33408]

R0 FileLock;FileLock;c:\windows\system32\drivers\FileLock.sys [2012-11-9 35328]

R0 MxEFUF;Matrox Extio Upper Function Filter;c:\windows\system32\drivers\MxEFUF32.sys [2012-4-9 102728]

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-3-27 738504]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-3-27 361032]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-3-27 21256]

R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-3-27 58680]

R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2010-11-17 101392]

R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\drivers\clwvd.sys [2010-7-28 27632]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-4-7 22344]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2012-3-26 197224]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2012-4-6 514152]

R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2012\TuneUpUtilitiesDriver32.sys [2011-10-20 10064]

R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2012-3-26 41600]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]

S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys [2012-7-8 142632]

S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys [2012-7-8 525352]

S3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\drivers\btwdpan.sys [2012-7-8 76328]

S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2012-7-8 33832]

S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2011-8-2 18432]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-3-26 15872]

S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2009-2-13 11520]

SUnknown TsUsbFlt;TsUsbFlt; [x]

SUnknown tsusbhub;tsusbhub; [x]

.

=============== Created Last 30 ================

.

2012-11-28 18:51:10 -------- d-----w- c:\users\?фьшэшёЄЁрЄюЁ\appdata\local\Microsoft

2012-11-28 18:14:43 -------- d-----w- c:\programdata\MFAData

2012-11-28 17:54:21 -------- d-----w- c:\users\администратор\appdata\roaming\SUPERAntiSpyware.com

2012-11-28 17:53:38 -------- d-----w- c:\programdata\SUPERAntiSpyware.com

2012-11-28 17:53:38 -------- d-----w- c:\program files\SUPERAntiSpyware

2012-11-27 15:09:47 6812136 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{9c065237-8689-4f7b-a48d-39146e789dc6}\mpengine.dll

2012-11-25 13:29:52 -------- d-----w- c:\windows\system32\D

2012-11-23 21:14:38 31552 ----a-w- c:\windows\system32\TURegOpt.exe

2012-11-23 21:14:37 21312 ----a-w- c:\windows\system32\authuitu.dll

2012-11-23 21:14:11 -------- d-----w- c:\users\администратор\appdata\roaming\TuneUp Software

2012-11-23 21:13:51 -------- d-----w- c:\program files\TuneUp Utilities 2012

2012-11-23 21:13:01 -------- d-----w- c:\programdata\TuneUp Software

2012-11-23 21:12:51 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}

2012-11-23 19:44:36 402432 ----a-w- c:\program files\mozilla firefox\d\tuneup.utilities.2012.v12.0.2030.10.incl.keygen-lz0\lz0\KeyMaker.exe

2012-11-23 19:44:32 26669432 ----a-w- c:\program files\mozilla firefox\d\tuneup.utilities.2012.v12.0.2030.10.incl.keygen-lz0\TuneUpUtilities2012_en-US.exe

2012-11-15 08:06:04 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-11-15 08:06:02 420864 ----a-w- c:\windows\system32\vbscript.dll

2012-11-15 08:06:02 194048 ----a-w- c:\program files\internet explorer\IEShims.dll

2012-11-15 08:06:02 140960 ----a-w- c:\program files\internet explorer\sqmapi.dll

2012-11-15 08:06:00 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2012-11-15 08:02:20 -------- d-sh--w- c:\windows\system32\%APPDATA%

2012-11-14 21:56:52 78336 ----a-w- c:\windows\system32\synceng.dll

2012-11-14 21:56:46 2345984 ----a-w- c:\windows\system32\win32k.sys

2012-11-14 17:29:39 -------- d-----w- c:\program files\WinSCP

2012-11-14 17:14:08 -------- d-----w- c:\program files\iPhoneBrowser

2012-11-12 10:55:33 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2012-11-09 15:57:45 21539 ----a-w- c:\windows\FileLock.bin

2012-11-09 15:55:11 -------- d-----w- c:\users\администратор\appdata\roaming\Gili File Lock

2012-11-09 15:54:30 -------- d-----w- c:\programdata\GiliSoft

2012-11-09 15:54:26 35328 ----a-w- c:\windows\system32\drivers\FileLock.sys

2012-11-09 15:54:18 -------- d-----w- c:\program files\GiliSoft

2012-11-09 15:04:2

.

==================== Find3M ====================

.

2012-10-30 22:51:58 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2012-10-30 22:51:57 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2012-10-30 22:51:07 41224 ----a-w- c:\windows\avastSS.scr

2012-10-15 16:59:28 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys

2012-10-08 07:56:24 1800704 ----a-w- c:\windows\system32\jscript9.dll

2012-10-08 07:48:03 1129472 ----a-w- c:\windows\system32\wininet.dll

2012-10-08 07:47:44 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2012-09-22 12:45:53 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-09-22 12:45:53 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-09-14 18:28:53 2048 ----a-w- c:\windows\system32\tzres.dll

.

============= FINISH: 20:54:31.18 ===============

Link to post
Share on other sites

Hello vlad111 and welcome to MalwareBytes forums.

First of all, Avastsvc is an Avast service.

Second, set trust settings for both AVAST & for MBAM as listed in the example in our MBAM F.A.Q. section

http://forums.malwarebytes.org/index.php?act=findpost&pid=417798

Do that and restart your system.

Save and close any work documents, close any apps that you started.

Start your MBAM MalwareBytes' Anti-Malware.

Click the Settings Tab and then the General Settings sub-tab. Make sure all option lines have a checkmark.

Then click the Scanner settings sub-tab in second row of tabs. Make sure all option lines have a checkmark.

Next, Click the Update tab. Press the "Check for Updates" button.

If prompted for a Restart, do that.

When done, click the Scanner tab.

Do a Quick Scan.

When the scan is complete, click OK, then Show Results to view the results.

Make sure that everything is checked, and click Remove Selected.

When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.

The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

Copy and Paste the latest MBAM scan log into a new reply.

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.