1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Inactive Computer Check - Avast not detected by Action Center

Discussion in 'Malware and Virus Removal Archive' started by pippolo66, 2012/10/20.

  1. 2012/10/20
    pippolo66

    pippolo66 Inactive Thread Starter

    Joined:
    2012/10/20
    Messages:
    3
    Likes Received:
    0
    [Inactive] Computer Check - Avast not detected by Action Center

    Hi.
    I have a Windows 7 64 bit Enterprise with Avast IS installed.
    In the last week the Windows Action Center detect that I have no antivirus installed.
    I tried to clean the Wbem and made a full scan with Avast but all seems fine.


    Command line as admin:

    net stop winmgmt
    del C:\WINDOWS\system32\wbem\Repository
    net start winmgmt

    winmgmt /verifyrepository
    winmgmt /salvagerepository


    The action center still tell me I have no AV.

    Here my PC scan following the guidelines of your stiky post. Is it all ok ?

    mbam-log-2012-10-20 (19-11-54)


    Malwarebytes Anti-Malware (Prova) 1.65.1.1000
    www.malwarebytes.org

    Versione database: v2012.10.20.07

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    paolo :: SERVER [amministratore]

    Protezione: Attivata

    20/10/2012 19:11:54
    mbam-log-2012-10-20 (19-11-54).txt

    Tipo di scansione: Scansione veloce
    Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File di sistema | Euristica/Extra | Euristica/Shuriken | PUP | PUM
    Opzioni di scansione disattivate: P2P
    Elementi esaminati: 229959
    Tempo impiegato: 1 minuti, 3 secondi

    Processi rilevati in memoria: 0
    (non sono stati rilevati elementi nocivi)

    Moduli di memoria rilevati: 0
    (non sono stati rilevati elementi nocivi)

    Chiavi di registro rilevate: 0
    (non sono stati rilevati elementi nocivi)

    Valori di registro rilevati: 0
    (non sono stati rilevati elementi nocivi)

    Voci rilevate nei dati di registro: 0
    (non sono stati rilevati elementi nocivi)

    Cartelle rilevate: 0
    (non sono stati rilevati elementi nocivi)

    File rilevati: 0
    (non sono stati rilevati elementi nocivi)

    (fine)


    Gmer


    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit scan 2012-10-20 19:07:55
    Windows 6.1.7601 Service Pack 1
    Running: gmer.exe


    ---- Registry - GMER 1.0.15 ----

    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00268316ac34
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00268316ac34@e8cba15c638c 0xFA 0x11 0x8A 0xF2 ...
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00268316ac34 (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00268316ac34@e8cba15c638c 0xFA 0x11 0x8A 0xF2 ...

    ---- Files - GMER 1.0.15 ----

    File C:\Users\paolo\Desktop\aswMBR.exe 4731392 bytes executable

    ---- EOF - GMER 1.0.15 ----


    aswMBR


    aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
    Run date: 2012-10-20 18:58:59
    -----------------------------
    18:58:59.423 OS Version: Windows x64 5.1.2600 Service Pack 3
    18:58:59.423 Number of processors: 8 586 0x2A07
    18:58:59.424 ComputerName: SERVER UserName: paolo
    18:58:59.796 Initialize success
    18:58:59.832 AVAST engine defs: 12102000
    18:59:03.403 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
    18:59:03.403 Disk 0 Vendor: OCZ-VERT 1.35 Size: 171705MB BusType: 3
    18:59:03.413 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
    18:59:03.413 Disk 1 Vendor: ST315003 CC1H Size: 1430799MB BusType: 3
    18:59:03.413 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IAAStorageDevice-3
    18:59:03.413 Disk 2 Vendor: ST315003 CC1H Size: 1430799MB BusType: 3
    18:59:03.423 Disk 0 MBR read successfully
    18:59:03.423 Disk 0 MBR scan
    18:59:03.423 Disk 0 Windows 7 default MBR code
    18:59:03.423 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
    18:59:03.433 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 171603 MB offset 206848
    18:59:03.433 Disk 0 scanning C:\Windows\system32\drivers
    18:59:06.935 Service scanning
    18:59:11.005 Modules scanning
    18:59:11.010 Disk 0 trace - called modules:
    18:59:11.017 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
    18:59:11.020 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800d376410]
    18:59:11.023 3 CLASSPNP.SYS[fffff88000e0143f] -> nt!IofCallDriver -> [0xfffffa800d0e1a70]
    18:59:11.026 5 ACPI.sys[fffff88000f0e7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800d0e4050]
    18:59:11.387 AVAST engine scan C:\Windows
    18:59:12.477 AVAST engine scan C:\Windows\system32
    18:59:44.052 AVAST engine scan C:\Windows\system32\drivers
    18:59:45.964 AVAST engine scan C:\Users\paolo
    19:00:37.855 Disk 0 MBR has been saved successfully to "C:\Users\paolo\Desktop\MBR.dat "
    19:00:37.860 The log file has been saved successfully to "C:\Users\paolo\Desktop\aswMBR.txt "



    attach


    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-10-19.01)
    .
    Microsoft Windows 7 Enterprise
    Boot Device: \Device\HarddiskVolume1
    Install Date: 19/03/2012 22:01:31
    System Uptime: 20/10/2012 18:30:49 (0 hours ago)
    .
    Motherboard: ASUSTeK Computer INC. | | P8Z68-V PRO
    Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz | LGA1155 | 3401/100mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 168 GiB total, 95,36 GiB free.
    D: is CDROM (CDFS)
    E: is FIXED (NTFS) - 1397 GiB total, 465,377 GiB free.
    F: is Removable
    G: is Removable
    H: is Removable
    J: is CDROM ()
    K: is FIXED (NTFS) - 1397 GiB total, 192,761 GiB free.
    O: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    No restore point in system.
    .
    ==== Installed Programs ======================
    .
    7-Zip 9.20 (x64 edition)
    Adobe AIR
    Adobe Community Help
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Photoshop Elements 10
    Adobe Premiere Elements 10
    Adobe Premiere Elements 10 Content
    Adobe Premiere Elements 10 Content 1
    Adobe Premiere Elements 10 Content 2
    Adobe Premiere Elements 10 Content 3
    Adobe Premiere Elements 10 HD Content 1
    Adobe Premiere Elements 10 HD Content 2
    Adobe Premiere Elements 10 HD Content 3
    Adobe Reader X (10.1.4) - Italiano
    Aggiornamenti NVIDIA 1.10.8
    AI Suite II
    Air Video Server 2.4.3
    Any DVD Cloner Platinum 1.1.6
    Apple Mobile Device Support
    Apple Software Update
    Asmedia ASM104x USB 3.0 Host Controller Driver
    µTorrent
    avast! Internet Security
    AviSynth 2.5
    AVS Audio Converter 7
    AVS Audio Editor 7.1
    AVS Audio Recorder version 4.0
    AVS Cover Editor 2.0.1.3
    AVS Disc Creator 5
    AVS Document Converter 2.1.2
    AVS DVD Copy version 4.1.2
    AVS Image Converter 2.1.2.169
    AVS Media Player 4.1.8.93
    AVS Photo Editor
    AVS Registry Cleaner version 2.2
    AVS Ringtone Maker version 1.6
    AVS Screen Capture version 2.0.1
    AVS Update Manager 1.0
    AVS Video Converter 8
    AVS Video Editor 6
    AVS Video Recorder 2.4
    AVS Video ReMaker 4.0.8.140
    AVS4YOU Software Navigator 1.4
    Bluetooth Win7 Suite (64)
    Bonjour
    calibre
    CalMANv4
    Cheat Engine 6.1
    Civilization.V.GOTY.incl.Gods.and.Kings
    CloneCD
    CloneDVD2
    CoreAVC Professional Edition (remove only)
    Curse Client
    CutePDF Writer 2.8
    Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
    Diablo III
    DivX Setup
    Dragon Age II
    Dragon Age: Origins
    Driver San Francisco
    Dropbox
    DVD Shrink 3.2
    DVDFab 8.2.1.3 (28/09/2012) Qt
    Easy CD-DA Extractor 16
    Elements 10 Organizer
    eReg
    EVGA Precision X 3.0.4
    ffdshow v1.2.4486 [2012-08-25]
    ffdshow x64 v1.2.4486 [2012-08-25]
    Freemake Video Converter versione 3.0.2
    From Dust
    GO Contact Sync Mod
    Google Calendar Sync
    Google Chrome
    Google Drive
    Google Earth
    Google Update Helper
    GPL Ghostscript
    Haali Media Splitter
    Halto 4.4.10
    HD Tune 2.55
    Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
    iCloud
    Intel(R) Control Center
    Intel(R) Management Engine Components
    Intel(R) Network Connections 16.8.46.0
    Intel(R) Processor Graphics
    Intel(R) Rapid Storage Technology
    Intel® Watchdog Timer Driver (Intel® WDT)
    IrfanView (remove only)
    iTunes
    Java 7 Update 7
    Java Auto Updater
    Java(TM) 6 Update 31 (64-bit)
    JDownloader 0.9
    JMicron JMB36X Driver
    Launchy 2.6 Beta 2
    Logitech Flow Scroll 4.0
    Logitech Gaming Software
    Logitech Gaming Software 8.20
    Logitech Harmony Remote Software 7
    Logitech SetPoint 6.32
    LWS Webcam Software
    Magic Mouse Utilities version 1.1
    Magicka
    MakeMKV v1.7.7
    Manutenzione Samsung CLX-3180 Series
    marvell 91xx driver
    Mass Effect 3 - DLC CRACKFIX _LANGUAGE FIX ITALIANO 1.00
    MediaMonkey 4.0
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)
    Microsoft .NET Framework 4 Client Profile ITA Language Pack
    Microsoft .NET Framework 4 Extended
    Microsoft Games for Windows - LIVE Redistributable
    Microsoft Games for Windows Marketplace
    Microsoft Office 2010 Service Pack 1 (SP1)
    Microsoft Office Access MUI (Italian) 2010
    Microsoft Office Excel MUI (Italian) 2010
    Microsoft Office Groove MUI (Italian) 2010
    Microsoft Office InfoPath MUI (Italian) 2010
    Microsoft Office Office 32-bit Components 2010
    Microsoft Office OneNote MUI (Italian) 2010
    Microsoft Office Outlook MUI (Italian) 2010
    Microsoft Office PowerPoint MUI (Italian) 2010
    Microsoft Office Professional Plus 2010
    Microsoft Office Proof (English) 2010
    Microsoft Office Proof (French) 2010
    Microsoft Office Proof (German) 2010
    Microsoft Office Proof (Italian) 2010
    Microsoft Office Proofing (Italian) 2010
    Microsoft Office Publisher MUI (Italian) 2010
    Microsoft Office Shared 32-bit MUI (Italian) 2010
    Microsoft Office Shared MUI (Italian) 2010
    Microsoft Office Word MUI (Italian) 2010
    Microsoft Outlook Hotmail Connector a 64 bit
    Microsoft Silverlight
    Microsoft SkyDrive
    Microsoft Sync Framework 2.0 Core Components (x64) ENU
    Microsoft Sync Framework 2.0 Provider Services (x64) ENU
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable (x64)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft Xbox 360 Accessories 1.2
    Microsoft XNA Framework Redistributable 3.1
    Might & Magic Heroes VI - Complete Edition / by Ubisoft Entertainment
    MKVToolNix 5.8.0
    MMDoC-PDCLive Launcher
    Moborobo 2.0.5.377
    Mozilla Firefox 17.0 (x86 it)
    Mozilla Maintenance Service
    Mp3tag v2.50
    MSVC90_x64
    MSVC90_x86
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 4.0 SP3 Parser
    MSXML 4.0 SP3 Parser (KB2721691)
    MSXML 4.0 SP3 Parser (KB973685)
    Nokia Connectivity Cable Driver
    Nokia PC Suite
    Notepad++
    Nuance PaperPort 12
    Nuance PDF Viewer Plus
    NVIDIA Driver 3D Vision 306.97
    NVIDIA Driver audio HD 1.3.18.0
    NVIDIA Driver del controller 3D Vision 306.97
    NVIDIA Driver grafico 306.97
    NVIDIA Install Application
    NVIDIA PhysX
    NVIDIA PhysX System Software 9.12.0604
    NVIDIA Stereoscopic 3D Driver
    NVIDIA Update Components
    Oracle VM VirtualBox 4.1.20
    Pacchetto driver Windows - Apple Inc. Apple Wireless Mouse (06/01/2011 4.0.0.1)
    Pacchetto driver Windows - Nokia Modem (02/25/2011 4.7)
    Pacchetto driver Windows - Nokia Modem (02/25/2011 7.01.0.9)
    Pacchetto driver Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
    Panda USB Vaccine 1.0.1.4
    Pannello di controllo NVIDIA 306.97
    PaperPort Image Printer 64-bit
    PC Connectivity Solution
    PhoneClean 1.0.0
    Plex
    Plex Media Server
    plist Editor Pro 2.0.0
    PRE10STI64Installer
    PS3 Media Server
    PSE10 STI Installer
    PuTTY version 0.62
    QuickTime
    Readiris Pro 10
    Realtek High Definition Audio Driver
    rebox.NET 1.9.2.0
    Remote Control USB Driver
    SAMSUNG Dr.Printer
    Samsung Kies
    Samsung Network PC Fax
    Samsung Scan Assistant
    SAMSUNG USB Driver for Mobile Phones
    Scansoft PDF Professional
    Security Update for Microsoft .NET Framework 4 Client Profile - Language Pack (ITA) (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
    Security Update for Microsoft Excel 2010 (KB2597166) 64-Bit Edition
    Security Update for Microsoft InfoPath 2010 (KB2687417) 64-Bit Edition
    Security Update for Microsoft InfoPath 2010 (KB2687436) 64-Bit Edition
    Security Update for Microsoft Office 2010 (KB2553091)
    Security Update for Microsoft Office 2010 (KB2553096)
    Security Update for Microsoft Office 2010 (KB2553260) 64-Bit Edition
    Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition
    Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition
    Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition
    Security Update for Microsoft Office 2010 (KB2589322) 64-Bit Edition
    Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition
    Security Update for Microsoft PowerPoint 2010 (KB2553185) 64-Bit Edition
    Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
    Security Update for Microsoft Visio Viewer 2010 (KB2598287) 64-Bit Edition
    Security Update for Microsoft Word 2010 (KB2553488) 64-Bit Edition
    Silent Hunter 5
    Sky Go Player
    Skype Click to Call
    Skype™ 5.10
    SmarThru 4
    SmartSound Common Data
    SmartSound Premiere Elements 10 x64 Plugin
    SmartSound Sonicfire Pro 5
    Software della webcam Logitech
    SpeedFan (remove only)
    SPlayer
    StarCraft II
    Steam
    Supporto applicazioni Apple
    SyncToy 2.1 (x64)
    System Requirements Lab for Intel
    TeamSpeak 3 Client
    TeamViewer 7
    The KMPlayer (remove only)
    The Witcher 2
    theRenamer 7.57
    TightVNC
    Tom Clancy's H.A.W.X. 2
    TomTom HOME 2.8.3.2499
    TomTom HOME Visual Studio Merge Modules
    tools-freebsd
    tools-linux
    tools-netware
    tools-solaris
    tools-windows
    tools-winPre2k
    UltraISO Premium V9.36
    Unlocker 1.9.1-x64
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft .NET Framework 4 Extended (KB2468871)
    Update for Microsoft .NET Framework 4 Extended (KB2533523)
    Update for Microsoft .NET Framework 4 Extended (KB2600217)
    Update for Microsoft Office 2010 (KB2553065)
    Update for Microsoft Office 2010 (KB2553092)
    Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
    Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
    Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition
    Update for Microsoft Office 2010 (KB2553272) 64-Bit Edition
    Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
    Update for Microsoft Office 2010 (KB2566458)
    Update for Microsoft Office 2010 (KB2598289) 64-Bit Edition
    Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
    Update for Microsoft OneNote 2010 (KB2589345) 64-Bit Edition
    Update for Microsoft Outlook 2010 (KB2553248) 64-Bit Edition
    Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
    Uplay
    VC80CRTRedist - 8.0.50727.6195
    VirtualCloneDrive
    VLC media player 2.0.2
    VmciSockets
    VMware Workstation
    Windows Live ID Sign-in Assistant
    WinRAR 4.00 (64-bit)
    WinSCP 4.3.7
    World of Warcraft
    .
    ==== End Of File ===========================




    .................................CONTINUE........................................
     
    Last edited by a moderator: 2012/10/20
    pippolo66,
    #1
  2. 2012/10/20
    pippolo66

    pippolo66 Inactive Thread Starter

    Joined:
    2012/10/20
    Messages:
    3
    Likes Received:
    0
    ......................CONTINUE...........................


    dds


    DDS (Ver_2012-10-19.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2
    Run by paolo at 18:53:54 on 2012-10-20
    Microsoft Windows 7 Enterprise 6.1.7601.1.1252.39.1040.18.16281.9815 [GMT 2:00]
    .
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Program Files\AVAST Software\Avast\afwServ.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe
    C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
    C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
    C:\Windows\system32\IProsetMonitor.exe
    C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe
    C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
    C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
    C:\Program Files\TightVNC\tvnserver.exe
    C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
    C:\Windows\SysWOW64\vmnat.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\SysWOW64\vmnetdhcp.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
    C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
    C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files\Logitech Gaming Software\LCore.exe
    C:\Program Files\Logitech\SetPointP\SetPoint.exe
    C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
    C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe
    C:\Program Files (x86)\TeamViewer\Version7\tv_x64.exe
    C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
    C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Program Files\TightVNC\tvnserver.exe
    C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Program Files (x86)\AirVideoServer\AirVideoServer.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files (x86)\Google\Drive\googledrivesync.exe
    C:\Users\paolo\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    C:\Users\paolo\AppData\Local\Sky Italia\Sky Go Player\PCShowServerPMWrapper.exe
    C:\Program Files (x86)\WebGear\GO Contact Sync\GOContactSync.exe
    C:\Users\paolo\AppData\Local\Sky Italia\Sky Go Player\NDSPCShowServer.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
    C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
    C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
    C:\Program Files (x86)\Launchy\Launchy.exe
    C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe
    C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
    C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
    C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
    C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    C:\Users\paolo\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
    C:\Program Files (x86)\Nuance\PDFViewerPlus\pdfPro5Hook.exe
    C:\Users\paolo\AppData\Local\Apps\2.0\4VWB69W3.DBT\G7RELMA7.69Q\curs..tion_9e9e83ddf3ed3ead_0005.0001_161f1f0e4761792c\CurseClient.exe
    C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
    C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
    C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
    C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files (x86)\Google\Drive\googledrivesync.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\sysWOW64\wbem\wmiprvse.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
    C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
    C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
    C:\Windows\system32\DllHost.exe
    C:\Program Files (x86)\SpeedFan\speedfan.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    C:\Windows\system32\vssvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files (x86)\JDownloader\jre\bin\javaw.exe
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Users\paolo\Desktop\gmer.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxps://www.google.it/
    mWinlogon: Userinit = userinit.exe
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
    BHO: PlusIEEventHelper Class: {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDFViewerPlus\bin\PlusIEContextMenu.dll
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
    BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
    BHO: ZeonIEEventHelper Class: {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files (x86)\Nuance\PDFViewerPlus\bin\ZeonIEFavClient.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    BHO: Logitech Flow Scroll: {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\32-bit\LogiSmooth.dll
    TB: Nuance PDF: {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDFViewerPlus\bin\ZeonIEFavClient.dll
    TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    uRun: [Google Update] "C:\Users\paolo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
    uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
    uRun: [AirVideoServer] C:\Program Files (x86)\AirVideoServer\AirVideoServer.exe
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [DA158C225EFEA7E95393B7DE19C483B425D4B659._service_run] "C:\Users\paolo\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
    uRun: [CAHeadless] C:\Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
    uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
    uRun: [SkyDrive] "C:\Users\paolo\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
    uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    uRun: [PCShowServer] "C:\Users\paolo\AppData\Local\Sky Italia\Sky Go Player\PCShowServerPMWrapper.exe "
    uRun: [GoogleContactSync] C:\Program Files (x86)\WebGear\GO Contact Sync\GOContactSync.exe
    uRun: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
    uRun: [Plex Media Server] "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe "
    uRun: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
    mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
    mRun: [CLX3180_Scan2Pc] C:\Windows\Twain_32\Samsung\CLX3180\Scan2pc.exe
    mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
    mRun: [vmware-tray] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe "
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe "
    mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    mRun: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe "
    mRun: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe "
    mRun: [PDFHook] C:\Program Files (x86)\Nuance\PDFViewerPlus\pdfpro5hook.exe
    mRun: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDFViewerPlus\RegistryController.exe
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe "
    mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
    mRun: [3180 Scan2PC] "C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe "
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe "
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe "
    mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    StartupFolder: C:\Users\paolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
    StartupFolder: C:\Users\paolo\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\paolo\AppData\Roaming\Dropbox\bin\Dropbox.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\GOOGLE~1.LNK - C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\Launchy.lnk - C:\Program Files (x86)\Launchy\Launchy.exe
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: SoftwareSASGeneration = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    IE: Aggiungi a file PDF esistente - C:\Program Files (x86)\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
    IE: Aggiungi il contenuto dei collegamenti selezionati al file PDF esistente - C:\Program Files (x86)\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
    IE: Aggiungi il contenuto del collegamento al file PDF esistente - C:\Program Files (x86)\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
    IE: Apri con PDF Viewer Plus - C:\Program Files (x86)\Nuance\PDFViewerPlus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
    IE: Crea file PDF - C:\Program Files (x86)\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
    IE: Crea file PDF dai collegamenti selezionati - C:\Program Files (x86)\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
    IE: Crea file PDF dal contenuto del collegamento - C:\Program Files (x86)\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
    IE: E&sporta in Microsoft Excel - C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
    IE: I&nvia a OneNote - C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    LSP: %SystemRoot%\system32\vsocklib.dll
    DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.2.cab
    DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} - hxxps://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
    DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.3.0.cab
    TCP: Interfaces\{00DC62E8-F792-4E65-A302-B465F6759F08} : NameServer = 8.8.8.8,208.67.222.222
    TCP: Interfaces\{A30DFC1E-16AA-48C0-A02F-29F294C72B49} : DHCPNameServer = 213.230.155.10 213.230.129.10
    TCP: Interfaces\{DB8BB8BD-2BD3-41F9-AACE-0D17021FCF39} : DHCPNameServer = 213.230.155.10 213.230.129.10
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    x64-BHO: Logitech Flow Scroll: {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll
    x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe "
    x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe "
    x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
    x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
    x64-Run: [LogiScrollApp] C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
    x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    x64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
    x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe "
    x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
    x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
    x64-Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORDTSUPTBT
    x64-Run: [tvncontrol] "C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    x64-DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
    x64-SSODL: WebCheck - <orphaned>
    x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\paolo\AppData\Roaming\Mozilla\Firefox\Profiles\bhy1nkqv.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.it
    FF - prefs.js: network.proxy.type - 0
    FF - component: C:\Program Files (x86)\Free Download Manager\Firefox\Extension\components\vmsfdmff.dll
    FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
    FF - component: C:\Program Files (x86)\Orbitdownloader\addons\OneClickYouTubeDownloader\components\GrabXpcom.dll
    FF - component: C:\Users\Paolo\AppData\Roaming\Mozilla\Firefox\Profiles\bhy1nkqv.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc_fireftp.dll
    FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
    FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
    FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
    FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
    FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
    FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
    FF - plugin: C:\Users\paolo\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
    FF - plugin: C:\Users\paolo\AppData\Local\Sky Italia\Sky Go Player\npPlayerPlugin.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
    FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
    FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
    FF - plugin: E:\Paolo\Giochi\Uplay\npuplaypc.dll
    FF - plugin: E:\Paolo\Giochi\Uplay\npuplaypchub.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AiChargerPlus;ASUS Charger Plus Driver;C:\Windows\System32\drivers\AiChargerPlus.sys [2012-3-20 14464]
    R0 aswNdis;avast! Firewall NDIS Filter Service;C:\Windows\System32\drivers\aswNdis.sys [2012-10-12 12368]
    R0 aswNdis2;avast! Firewall Core Firewall Service;C:\Windows\System32\drivers\aswNdis2.sys [2012-10-12 266776]
    R0 mv91xx;mv91xx;C:\Windows\System32\drivers\mv91xx.sys [2010-9-17 297000]
    R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-3-21 55856]
    R1 aswFW;avast! TDI Firewall driver;C:\Windows\System32\drivers\aswFW.sys [2012-10-12 142128]
    R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2012-10-12 19600]
    R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-10-12 969200]
    R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-10-12 359464]
    R2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-9-14 169624]
    R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]
    R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-10-12 25232]
    R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-10-12 71600]
    R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-3-13 74912]
    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-12 44808]
    R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2012-10-12 133912]
    R2 DTSAudioService;DTSAudioService;C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [2012-8-31 210024]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-3-19 13592]
    R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-3-19 189608]
    R2 MoboroboDeviceService;Moborobo Device Service;C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe [2012-9-26 84336]
    R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-12 1258856]
    R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-8-13 3064000]
    R2 SSPORT;SSPORT;C:\Windows\System32\drivers\SSPORT.sys [2009-7-11 11576]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]
    R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-8-31 2754984]
    R2 tvnserver;TightVNC Server;C:\Program Files\TightVNC\tvnserver.exe [2012-6-26 1652280]
    R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-3-19 2656280]
    R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-8-29 846448]
    R2 VMwareHostd;VMware Workstation Server;C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2012-1-18 11839488]
    R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-9-14 129000]
    R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-9-14 394216]
    R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2011-3-13 36000]
    R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2011-3-13 298656]
    R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2011-3-13 28832]
    R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2011-3-13 201376]
    R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2011-3-13 55456]
    R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2011-3-13 154272]
    R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2011-3-13 280224]
    R3 BthMtpEnum;Enumeratore dispositivi MTP Bluetooth;C:\Windows\System32\drivers\BthMtpEnum.sys [2009-7-14 64512]
    R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C;C:\Windows\System32\drivers\e1c62x64.sys [2012-3-19 360624]
    R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);C:\Windows\System32\drivers\ICCWDT.sys [2012-3-20 26136]
    R3 IntcDAud;Audio schermo Intel(R);C:\Windows\System32\drivers\IntcDAud.sys [2011-8-23 317440]
    R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-23 22408]
    R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-23 16008]
    R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136]
    R3 LVUVC64;Logitech HD Webcam C310(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
    R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2012-3-19 56344]
    R3 MonitorFunction;Driver for Monitor;C:\Windows\System32\drivers\TVMonitor.sys [2012-7-15 16376]
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda64v.sys [2012-10-12 189288]
    R3 RTCore64;RTCore64;C:\Program Files (x86)\EVGA Precision X\RTCore64.sys [2012-10-17 15176]
    R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 gupdate;Servizio Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-3-26 116648]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-4 250808]
    S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\System32\drivers\ssadadb.sys [2012-6-17 36328]
    S3 applebmt;Apple Wireless Mouse;C:\Windows\System32\drivers\applebmt.sys [2012-8-28 52736]
    S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\System32\drivers\AthDfu.sys [2011-3-13 51872]
    S3 cphs;Intel(R) Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2012-3-19 276248]
    S3 DAUpdaterSvc;Dragon Age: Origins - Programma di aggiornamento;C:\Users\paolo\Documents\Bioware\Dragon Age\bin_ship\daupdatersvc.service.exe [2012-3-21 25832]
    S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2012-7-30 102240]
    S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
    S3 gupdatem;Servizio Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-3-26 116648]
    S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 51740536]
    S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-3-20 115168]
    S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-8-2 22528]
    S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    S3 PDFProFiltSrvPP;PDFProFiltSrvPP;C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-2-11 144672]
    S3 PORTMON;PORTMON;E:\Paolo\Programmi\_nirsoft_package_1.11.49\SysinternalsSuite\PORTMSYS.SYS [2012-3-28 28656]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
    S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2012-6-17 157672]
    S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2012-6-17 16872]
    S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2012-6-17 177640]
    S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\System32\drivers\ssadserd.sys [2012-6-17 146920]
    S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2012-7-30 203104]
    S3 StorSvc;Servizio di archiviazione;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
    S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
    S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
    S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
    S3 usbUDisc;usbUDisc;C:\Windows\System32\drivers\USBDrv_AMD64.sys [2012-9-28 17280]
    S3 VBoxUSB;VirtualBox USB;C:\Windows\System32\drivers\VBoxUSB.sys [2012-8-20 117080]
    S3 WatAdminSvc;Servizio Windows Activation Technologies;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-3-20 1255736]
    .
    =============== Created Last 30 ================
    .
    2012-10-20 04:01:26 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EAFBEDB9-2578-4A75-A0C6-A7EC8F841067}\offreg.dll
    2012-10-20 04:00:37 9291768 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EAFBEDB9-2578-4A75-A0C6-A7EC8F841067}\mpengine.dll
    2012-10-14 17:26:43 -------- d-----w- C:\Users\paolo\.shsh
    2012-10-14 15:06:28 -------- d-----w- C:\Users\paolo\AppData\Local\DirectWoWGuideRelease.com
    2012-10-12 21:12:44 142128 ----a-w- C:\Windows\System32\drivers\aswFW.sys
    2012-10-12 21:12:41 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
    2012-10-12 21:12:41 266776 ----a-w- C:\Windows\System32\drivers\aswNdis2.sys
    2012-10-12 21:12:40 969200 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
    2012-10-12 21:12:40 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
    2012-10-12 21:12:40 19600 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
    2012-10-12 21:12:37 12368 ----a-w- C:\Windows\System32\drivers\aswNdis.sys
    2012-10-12 21:12:31 41224 ----a-w- C:\Windows\avastSS.scr
    2012-10-12 21:02:04 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2012-10-12 21:02:03 715776 ----a-w- C:\Windows\System32\kerberos.dll
    2012-10-12 21:02:03 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll
    2012-10-12 21:02:03 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2012-10-12 21:02:03 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2012-10-12 20:34:26 891240 ----a-w- C:\Windows\System32\nvvsvc.exe
    2012-10-12 20:34:26 63336 ----a-w- C:\Windows\System32\nvshext.dll
    2012-10-12 20:34:26 6200680 ----a-w- C:\Windows\System32\nvcpl.dll
    2012-10-12 20:34:26 3536817 ----a-w- C:\Windows\System32\nvcoproc.bin
    2012-10-12 20:34:26 3293544 ----a-w- C:\Windows\System32\nvsvc64.dll
    2012-10-12 20:34:26 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll
    2012-10-12 20:34:26 118120 ----a-w- C:\Windows\System32\nvmctray.dll
    2012-10-12 20:34:16 60776 ----a-w- C:\Windows\System32\OpenCL.dll
    2012-10-12 20:34:16 52584 ----a-w- C:\Windows\SysWow64\OpenCL.dll
    2012-10-12 20:34:13 -------- d-----w- C:\ProgramData\NVIDIA Corporation
    2012-10-12 20:33:42 31080 ----a-w- C:\Windows\System32\nvhdap64.dll
    2012-10-12 20:33:42 189288 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
    2012-10-12 20:33:42 1472360 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
    2012-10-04 22:13:30 -------- d-----w- C:\Users\paolo\AppData\Roaming\DVDFab
    2012-10-04 21:58:19 -------- d-----w- C:\Program Files (x86)\DVDFab 8 Qt
    2012-10-04 21:56:04 99384 ----a-w- C:\Users\paolo\AppData\Roaming\inst.exe
    2012-10-04 21:56:04 82816 ----a-w- C:\Windows\System32\drivers\pcouffin.sys
    2012-10-04 21:56:04 82816 ----a-w- C:\Users\paolo\AppData\Roaming\pcouffin.sys
    2012-10-04 21:51:47 -------- d-----w- C:\Users\paolo\AppData\Roaming\MoveFab
    2012-10-04 21:37:44 -------- d-----w- C:\Users\paolo\.MakeMKV
    2012-10-04 21:37:39 -------- d-----w- C:\Program Files (x86)\MakeMKV
    2012-10-04 21:34:05 -------- d-----w- C:\Users\paolo\AppData\Roaming\TS3Client
    2012-10-04 21:34:00 -------- d-----w- C:\Program Files (x86)\TeamSpeak 3 Client
    2012-10-02 11:15:52 430952 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
    2012-09-28 10:49:13 708168 ----a-w- C:\Windows\System32\WinUSBCoInstaller.dll
    2012-09-28 10:49:13 17280 ----a-w- C:\Windows\System32\drivers\USBDrv_AMD64.sys
    2012-09-28 10:49:13 1490656 ----a-w- C:\Windows\System32\WdfCoInstaller01007.dll
    2012-09-28 04:50:21 48648 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
    2012-09-26 18:28:36 -------- d-----w- C:\Program Files (x86)\Moborobo
    .
    ==================== Find3M ====================
    .
    2012-10-16 15:36:53 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
    2012-10-09 17:28:12 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-10-09 17:28:12 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll
    2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2012-09-03 20:43:55 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2012-09-03 20:43:55 821736 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
    2012-09-03 20:43:55 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2012-08-31 18:19:35 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys
    2012-08-24 18:05:07 220160 ----a-w- C:\Windows\System32\wintrust.dll
    2012-08-24 16:57:48 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
    2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll
    2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll
    2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2012-08-22 19:12:18 127488 ----a-w- C:\Windows\System32\ff_vfw.dll
    2012-08-22 18:58:44 112640 ----a-w- C:\Windows\SysWow64\ff_vfw.dll
    2012-08-22 18:56:40 47616 ----a-w- C:\Windows\SysWow64\ff_acm.acm
    2012-08-22 18:12:50 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2012-08-22 18:12:40 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
    2012-08-22 18:12:40 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
    2012-08-22 18:12:33 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
    2012-08-21 21:01:00 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
    2012-08-21 11:01:20 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
    2012-08-21 11:01:20 125872 ----a-w- C:\Windows\System32\GEARAspi64.dll
    2012-08-21 11:01:20 106928 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
    2012-08-20 18:48:44 362496 ----a-w- C:\Windows\System32\wow64win.dll
    2012-08-20 18:48:44 243200 ----a-w- C:\Windows\System32\wow64.dll
    2012-08-20 18:48:44 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
    2012-08-20 18:48:43 215040 ----a-w- C:\Windows\System32\winsrv.dll
    2012-08-20 18:48:37 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
    2012-08-20 18:48:35 424448 ----a-w- C:\Windows\System32\KernelBase.dll
    2012-08-20 18:46:22 338432 ----a-w- C:\Windows\System32\conhost.exe
    2012-08-20 17:40:21 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2012-08-20 17:38:44 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
    2012-08-20 17:38:26 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2012-08-20 17:37:19 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
    2012-08-20 17:37:18 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
    2012-08-20 15:38:21 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2012-08-20 15:38:20 2048 ----a-w- C:\Windows\SysWow64\user.exe
    2012-08-20 15:33:28 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2012-08-20 15:33:28 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2012-08-20 15:33:28 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2012-08-20 15:33:28 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    2012-08-20 15:23:52 224088 ----a-w- C:\Windows\System32\drivers\VBoxDrv.sys
    2012-08-20 15:23:52 166232 ----a-w- C:\Windows\System32\drivers\VBoxNetFlt.sys
    2012-08-20 15:23:52 147288 ----a-w- C:\Windows\System32\drivers\VBoxNetAdp.sys
    2012-08-20 15:23:52 130904 ----a-w- C:\Windows\System32\drivers\VBoxUSBMon.sys
    2012-08-20 15:23:52 117080 ----a-w- C:\Windows\System32\drivers\VBoxUSB.sys
    2012-08-20 15:23:50 320856 ----a-w- C:\Windows\System32\VBoxNetFltNobj.dll
    2012-08-02 17:58:52 574464 ----a-w- C:\Windows\System32\d3d10level9.dll
    2012-08-02 16:57:20 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
    2012-07-30 11:32:08 203104 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys
    2012-07-30 11:32:08 102240 ----a-w- C:\Windows\System32\drivers\ssudbus.sys
    .
    ============= FINISH: 18:54:10,44 ===============



    Do you need something else ?

    Thanks for the cooperation :)


    .............END.........................
     
    Last edited by a moderator: 2012/10/20
    pippolo66,
    #2


  3. to hide this advert.

  4. 2012/10/20
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Welcome aboard [​IMG]

    Do NOT wrap logs in code.

    I don't see anything malicious.

    I suggest you start new topic in Windows forum.
     
    broni,
    #3
  5. 2012/10/20
    pippolo66

    pippolo66 Inactive Thread Starter

    Joined:
    2012/10/20
    Messages:
    3
    Likes Received:
    0
    Thanks for the info.
    So no virus or malware.
    Good.
    I try in the windows forum for a solution to the action center.
    Thanks again :)
     
    pippolo66,
    #4
  6. 2012/10/20
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    You're very welcome [​IMG]
     
    broni,
    #5

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...