vlad111 Posted November 28, 2012 ID:618070 Share Posted November 28, 2012 please help:is this some type of spyware or malware?avast! antivirus is constantly trying to connect to the internet, but malawarebytes blocks it. the ports and ips are always different and the program is:avastsvc.exethank you in advance!.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 UltimateBoot Device: \Device\HarddiskVolume1Install Date: 3/26/2012 2:42:05 PMSystem Uptime: 11/28/2012 9:24:20 AM (11 hours ago).Motherboard: Hewlett-Packard | | 3387Processor: AMD E-450 APU with Radeon HD Graphics | Socket FT1 | 825/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 446 GiB total, 171.873 GiB free.D: is FIXED (NTFS) - 15 GiB total, 8.11 GiB free.E: is FIXED (FAT32) - 4 GiB total, 1.1 GiB free.G: is FIXED (NTFS) - 0 GiB total, 0.116 GiB free.Y: is NetworkDisk (NTFS) - 928 GiB total, 244.19 GiB free.Z: is NetworkDisk (NTFS) - 928 GiB total, 244.19 GiB free..==== Disabled Device Manager Items =============.Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}Description: Broadcom 20702 Bluetooth 4.0 AdapterDevice ID: USB\VID_0A5C&PID_21E3\9439E5CC2A6FManufacturer: BroadcomName: Broadcom 20702 Bluetooth 4.0 AdapterPNP Device ID: USB\VID_0A5C&PID_21E3\9439E5CC2A6FService: BTHUSB.==== System Restore Points ===================.RP150: 11/21/2012 2:47:51 AM - Центр обновления WindowsRP151: 11/23/2012 11:13:11 PM - Installed TuneUp Utilities 2012RP152: 11/26/2012 2:03:15 PM - Installed calibreRP153: 11/27/2012 5:09:04 PM - Центр обновления Windows.==== Installed Programs ======================. Update for Microsoft Office 2007 (KB2508958)Звуковое устройство IDT AudioACDSee Pro 5Active@ File RecoveryAdobe Community HelpAdobe Digital Editions 2.0Adobe Flash Player 11 PluginAdobe Photoshop CS5.1Adobe Reader X (10.1.4)AMD APP SDK RuntimeAMD Media Foundation DecodersAMD VISION Engine Control CenterApple Application SupportApple Mobile Device SupportApple Software UpdateATI Catalyst Install Manageravast! Free AntivirusBitTorrentBonjourBroadcom 802.11 Wireless LAN AdapterBroadcom Bluetooth SoftwareBroadcom InConcert MaestroCanon MF3110Catalyst Control Center - BrandingCatalyst Control Center Graphics Previews CommonCatalyst Control Center InstallProxyCatalyst Control Center Localization Allccc-utilityCCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help CzechCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help GreekCCC Help HungarianCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PolishCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCCC Help ThaiCCC Help TurkishCCleanerCisco EAP-FAST ModuleCisco LEAP ModuleCisco PEAP ModuleCyberLink YouCamGiliSoft File Lock Pro 6.5Google ChromeGoogle EarthGoogle Toolbar for Internet ExplorerGoogle Update HelperHewlett-Packard ACLM.NET v1.1.0.0HP 3D DriveGuardHP Product DetectioniCloudiPhoneBrowseriTunesJava 6 Update 16Malwarebytes Anti-Malware version 1.62.0.1300Microsoft Office 2007 Service Pack 3 (SP3)Microsoft Office Access MUI (English) 2007Microsoft Office Access MUI (Russian) 2007Microsoft Office Access Setup Metadata MUI (English) 2007Microsoft Office Enterprise 2007Microsoft Office Excel MUI (English) 2007Microsoft Office Excel MUI (Russian) 2007Microsoft Office File Validation Add-InMicrosoft Office Groove MUI (English) 2007Microsoft Office Groove MUI (Russian) 2007Microsoft Office Groove Setup Metadata MUI (English) 2007Microsoft Office InfoPath MUI (English) 2007Microsoft Office InfoPath MUI (Russian) 2007Microsoft Office Language Pack 2007 - EnglishMicrosoft Office O MUI (English) 2007Microsoft Office OneNote MUI (English) 2007Microsoft Office OneNote MUI (Russian) 2007Microsoft Office Outlook MUI (English) 2007Microsoft Office Outlook MUI (Russian) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office PowerPoint MUI (Russian) 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (German) 2007Microsoft Office Proof (Russian) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proof (Ukrainian) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing (Russian) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Publisher MUI (English) 2007Microsoft Office Publisher MUI (Russian) 2007Microsoft Office Shared MUI (English) 2007Microsoft Office Shared MUI (Russian) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)Microsoft Office SharePoint Designer MUI (English) 2007Microsoft Office Word MUI (English) 2007Microsoft Office Word MUI (Russian) 2007Microsoft Office X MUI (English) 2007Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319Microsoft_VC80_ATL_x86Microsoft_VC80_CRT_x86Microsoft_VC80_MFC_x86Microsoft_VC80_MFCLOC_x86Microsoft_VC90_ATL_x86Microsoft_VC90_CRT_x86Microsoft_VC90_MFC_x86Microsoft_VC90_MFCLOC_x86Mozilla Firefox 16.0.2 (x86 en-US)Mozilla Maintenance ServicePDF Settings CS5PowerISOQuickTimeRealtek USB 2.0 Card ReaderSecurity Update for Microsoft Office 2007 suites (KB2596615) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596672) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596744) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596754) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596785) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596792) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596856) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597969) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687311) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687314) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687439) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687441) 32-Bit EditionSecurity Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit EditionSecurity Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSecurity Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit EditionSecurity Update for Microsoft Office Word 2007 (KB2687315) 32-Bit EditionSkype Click to CallSkype™ 5.10Spybot - Search & DestroySqrSoft® Advanced Crossfading (remove only)SUPERAntiSpywareSynaptics TouchPad DriverTuneUp Utilities 2012TuneUp Utilities Language Pack (en-US)Ubisoft Game LauncherUpdate for 2007 Microsoft Office System (KB967642)Update for Microsoft Office 2007 suites (KB2596660) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596848) 32-Bit EditionUpdate for Microsoft Office Outlook 2007 (KB2687404) 32-Bit EditionUpdate for Microsoft Office Outlook 2007 Junk Email Filter (KB2760413) 32-Bit EditionVLC media player 1.1.11WD SmartWareWinampWinRAR 4.01 (32-bit)WinSCP 5.1.1.==== End Of File ===========================DDS (Ver_2012-11-20.01) - NTFS_x86Internet Explorer: 9.0.8112.16455Run by Администратор at 20:51:00 on 2012-11-28Microsoft Windows 7 Ultimate 6.1.7601.1.1251.7.1049.18.3579.1983 [GMT 2:00].AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ================.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\atiesrxx.exeC:\Program Files\IDT\WDM\STacSV.exeC:\Windows\system32\Hpservice.exeC:\Windows\system32\atieclxx.exeC:\Program Files\AVAST Software\Avast\AvastSvc.exeC:\Windows\system32\WLANExt.exeC:\Windows\system32\conhost.exeC:\Windows\System32\spoolsv.exeC:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files\IDT\WDM\aestsrv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\GiliSoft\File Lock Pro\FLService.exeC:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exeC:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exeC:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exeC:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exeC:\Program Files\Spybot - Search & Destroy\SDWinSec.exeC:\Windows\system32\taskhost.exeC:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\GiliSoft\File Lock Pro\FLClient.exeC:\Windows\System32\rundll32.exeC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Windows\system32\taskeng.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files\CyberLink\YouCam\YCMMirage.exeC:\Program Files\IDT\WDM\sttray.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exeC:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exec:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exeC:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exeC:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exeC:\Program Files\AVAST Software\BitTorrent\BitTorrent.exeC:\Windows\explorer.exeC:\Windows\explorer.exeC:\Windows\explorer.exeC:\Windows\explorer.exeC:\Windows\explorer.exeC:\Program Files\SUPERAntiSpyware\SASCORE.EXEC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeC:\Windows\system32\taskhost.exeC:\Windows\helppane.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Windows\system32\conhost.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Windows\System32\svchost.exe -k secsvcs.============== Pseudo HJT Report ===============.uStart Page = hxxp://isearch.avg.com/?cid={8F44B1E1-B8BF-46BE-A3EE-FCB69516E806}&mid=7f949fefaeff47d0a57f41e58f76ea5a-2b8bee0dbfb7965f88a785f41df708d879cf371d〈=en&ds=is015&pr=sa&d=2012-03-28 17:49:21&v=10.2.0.3&sap=hpuWindow Title = Internet Explorer предоставлен: www.4free.in.uauDefault_Page_URL = hxxp://www.4free.in.ua/index.phpBHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dllBHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dllBHO: FLockObj Class: {97F4988F-6D68-4abc-9F18-7B5AAFFDACE4} - c:\program files\gilisoft\file lock pro\FolderLockPlugin.dllBHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dllTB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dlluRun: [Gili File Lock Helper] "c:\program files\gilisoft\file lock pro\WinFLockerHelp.exe" CheckLockedFolderuRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exemRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /noguimRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttraymRun: [sysTrayApp] c:\program files\idt\wdm\sttray.exemRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exemRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRunmRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exeStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wddmst~1.lnk - c:\program files\western digital\wd smartware\wd drive manager\WDDMStatus.exeStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wdsmar~1.lnk - c:\program files\western digital\wd smartware\front parlor\WDSmartWare.exeuPolicies-Explorer: NoSMConfigurePrograms = dword:1uPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-System: ConsentPromptBehaviorAdmin = dword:0mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableLUA = dword:0mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: PromptOnSecureDesktop = dword:0mPolicies-Explorer: ForceClassicControlPanel = dword:1mPolicies-Explorer: NoSMConfigurePrograms = dword:1IE: &Экспорт в Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htmIE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htmIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dllIE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm.INFO: HKCU has more than 50 listed domains.If you wish to scan all of them, select the 'Force scan all domains' option...INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option..DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cabTCP: NameServer = 192.168.0.1TCP: Interfaces\{D70BFB7C-45FE-4E9A-888D-753EF24A0F30} : DHCPNameServer = 192.168.0.1TCP: Interfaces\{D70BFB7C-45FE-4E9A-888D-753EF24A0F30}\05F64637F6C6E65787 : DHCPNameServer = 192.168.1.1TCP: Interfaces\{D70BFB7C-45FE-4E9A-888D-753EF24A0F30}\55E44534 : DHCPNameServer = 192.168.1.1TCP: Interfaces\{D70BFB7C-45FE-4E9A-888D-753EF24A0F30}\C656F6E696C616 : DHCPNameServer = 192.168.1.1Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dllHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dllSSODL: WebCheck - <orphaned>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dllSEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLLLSA: Notification Packages = scecli c:\program files\widcomm\bluetooth software\BtwProximityCP.dllIFEO: bttray.exe - "c:\program files\tuneup utilities 2012\TUAutoReactivator32.exe"IFEO: itunes.exe - "c:\program files\tuneup utilities 2012\TUAutoReactivator32.exe"Hosts: 127.0.0.1 www.spywareinfo.com.================= FIREFOX ===================.FF - ProfilePath - c:\users\администратор\appdata\roaming\mozilla\firefox\profiles\r74mjq9r.default\.============= SERVICES / DRIVERS ===============.R0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys [2011-4-16 66688]R0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys [2011-4-16 33408]R0 FileLock;FileLock;c:\windows\system32\drivers\FileLock.sys [2012-11-9 35328]R0 MxEFUF;Matrox Extio Upper Function Filter;c:\windows\system32\drivers\MxEFUF32.sys [2012-4-9 102728]R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-3-27 738504]R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-3-27 361032]R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-3-27 21256]R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-3-27 58680]R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2010-11-17 101392]R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\drivers\clwvd.sys [2010-7-28 27632]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-4-7 22344]R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2012-3-26 197224]R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2012-4-6 514152]R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2012\TuneUpUtilitiesDriver32.sys [2011-10-20 10064]R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2012-3-26 41600]S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys [2012-7-8 142632]S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys [2012-7-8 525352]S3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\drivers\btwdpan.sys [2012-7-8 76328]S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2012-7-8 33832]S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2011-8-2 18432]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-3-26 15872]S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2009-2-13 11520]SUnknown TsUsbFlt;TsUsbFlt; [x]SUnknown tsusbhub;tsusbhub; [x].=============== Created Last 30 ================.2012-11-28 18:51:10 -------- d-----w- c:\users\?фьшэшёЄЁрЄюЁ\appdata\local\Microsoft2012-11-28 18:14:43 -------- d-----w- c:\programdata\MFAData2012-11-28 17:54:21 -------- d-----w- c:\users\администратор\appdata\roaming\SUPERAntiSpyware.com2012-11-28 17:53:38 -------- d-----w- c:\programdata\SUPERAntiSpyware.com2012-11-28 17:53:38 -------- d-----w- c:\program files\SUPERAntiSpyware2012-11-27 15:09:47 6812136 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{9c065237-8689-4f7b-a48d-39146e789dc6}\mpengine.dll2012-11-25 13:29:52 -------- d-----w- c:\windows\system32\D2012-11-23 21:14:38 31552 ----a-w- c:\windows\system32\TURegOpt.exe2012-11-23 21:14:37 21312 ----a-w- c:\windows\system32\authuitu.dll2012-11-23 21:14:11 -------- d-----w- c:\users\администратор\appdata\roaming\TuneUp Software2012-11-23 21:13:51 -------- d-----w- c:\program files\TuneUp Utilities 20122012-11-23 21:13:01 -------- d-----w- c:\programdata\TuneUp Software2012-11-23 21:12:51 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}2012-11-23 19:44:36 402432 ----a-w- c:\program files\mozilla firefox\d\tuneup.utilities.2012.v12.0.2030.10.incl.keygen-lz0\lz0\KeyMaker.exe2012-11-23 19:44:32 26669432 ----a-w- c:\program files\mozilla firefox\d\tuneup.utilities.2012.v12.0.2030.10.incl.keygen-lz0\TuneUpUtilities2012_en-US.exe2012-11-15 08:06:04 2382848 ----a-w- c:\windows\system32\mshtml.tlb2012-11-15 08:06:02 420864 ----a-w- c:\windows\system32\vbscript.dll2012-11-15 08:06:02 194048 ----a-w- c:\program files\internet explorer\IEShims.dll2012-11-15 08:06:02 140960 ----a-w- c:\program files\internet explorer\sqmapi.dll2012-11-15 08:06:00 142848 ----a-w- c:\windows\system32\ieUnatt.exe2012-11-15 08:02:20 -------- d-sh--w- c:\windows\system32\%APPDATA%2012-11-14 21:56:52 78336 ----a-w- c:\windows\system32\synceng.dll2012-11-14 21:56:46 2345984 ----a-w- c:\windows\system32\win32k.sys2012-11-14 17:29:39 -------- d-----w- c:\program files\WinSCP2012-11-14 17:14:08 -------- d-----w- c:\program files\iPhoneBrowser2012-11-12 10:55:33 -------- d-----w- c:\programdata\Spybot - Search & Destroy2012-11-09 15:57:45 21539 ----a-w- c:\windows\FileLock.bin2012-11-09 15:55:11 -------- d-----w- c:\users\администратор\appdata\roaming\Gili File Lock2012-11-09 15:54:30 -------- d-----w- c:\programdata\GiliSoft2012-11-09 15:54:26 35328 ----a-w- c:\windows\system32\drivers\FileLock.sys2012-11-09 15:54:18 -------- d-----w- c:\program files\GiliSoft2012-11-09 15:04:2.==================== Find3M ====================.2012-10-30 22:51:58 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys2012-10-30 22:51:57 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys2012-10-30 22:51:07 41224 ----a-w- c:\windows\avastSS.scr2012-10-15 16:59:28 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys2012-10-08 07:56:24 1800704 ----a-w- c:\windows\system32\jscript9.dll2012-10-08 07:48:03 1129472 ----a-w- c:\windows\system32\wininet.dll2012-10-08 07:47:44 1427968 ----a-w- c:\windows\system32\inetcpl.cpl2012-09-22 12:45:53 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-09-22 12:45:53 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe2012-09-14 18:28:53 2048 ----a-w- c:\windows\system32\tzres.dll.============= FINISH: 20:54:31.18 =============== Link to post Share on other sites More sharing options...
Maurice Naggar Posted December 1, 2012 ID:618796 Share Posted December 1, 2012 Hello vlad111 and welcome to MalwareBytes forums.First of all, Avastsvc is an Avast service.Second, set trust settings for both AVAST & for MBAM as listed in the example in our MBAM F.A.Q. sectionhttp://forums.malwarebytes.org/index.php?act=findpost&pid=417798Do that and restart your system.Save and close any work documents, close any apps that you started.Start your MBAM MalwareBytes' Anti-Malware.Click the Settings Tab and then the General Settings sub-tab. Make sure all option lines have a checkmark.Then click the Scanner settings sub-tab in second row of tabs. Make sure all option lines have a checkmark.Next, Click the Update tab. Press the "Check for Updates" button.If prompted for a Restart, do that.When done, click the Scanner tab.Do a Quick Scan.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy and Paste the latest MBAM scan log into a new reply. Link to post Share on other sites More sharing options...
Maurice Naggar Posted December 6, 2012 ID:620623 Share Posted December 6, 2012 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts