this is my first time here.
I think there's some issue with steelwerx on my firewall. It seems that steelwerx has freedom of access on the net, wich seems very odd to me. I don't know if anything else is working unproperly. Could u suggest something?
This is the log:
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Daniele at 21:33:56 on 2011-10-03
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.39.1040.18.4092.2386 [GMT 2:00]
.
AV: Kaspersky Internet Security *Enabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Kaspersky Internet Security *Enabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
FW: Kaspersky Internet Security *Enabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Windows\SysWOW64\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Giraffic\GirafficWatchdog.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Giraffic\Giraffic.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\VeohWebPlayer.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files (x86)\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Program Files (x86)\MarkAny\ContentSafer\MaAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\taskeng.exe
c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtblfs.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.it/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uURLSearchHooks: Veoh Web Player Toolbar: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeoh.dll
mURLSearchHooks: Veoh Web Player Toolbar: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeoh.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
BHO: AOL Toolbar BHO: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
BHO: Guida per l'accesso a Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Veoh Web Player Toolbar: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeoh.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Veoh Web Player Toolbar: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeoh.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [VeohPlugin] "C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [SMSTray] C:\Program Files (x86)\Samsung\Samsung Media Studio 5\SMSTray.exe
mRun: [MAAgent] C:\Program Files (x86)\MarkAny\ContentSafer\MAAgent.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDDMST~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
dPolicies-system: WallpaperStyle = 2
IE: &AOL Toolbar Cerca - C:\ProgramData\AOL\ieToolbar\resources\it-IT\local\search.html
IE: Aggiungi ad Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
IE: E&sporta in Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} - hxxps://picasaweb.google.com/s/v/71.27/uploader2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{7D97F6AD-FC42-4D1B-B0AE-0B7B4C2DF0F3} : DhcpNameServer = 10.10.1.254
TCP: Interfaces\{8117D451-CA3D-4BE7-96EA-1525DF754576} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{8117D451-CA3D-4BE7-96EA-1525DF754576}\05275636970275966696 : DhcpNameServer = 151.99.125.1 151.99.0.100
TCP: Interfaces\{8117D451-CA3D-4BE7-96EA-1525DF754576}\7796669686F64756C6 : DhcpNameServer = 192.168.1.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
SEH: EasyBits ShellExecute Hook: {e54729e8-bb3d-4270-9d49-7389ea579090} - C:\Windows\SysWow64\EZUPBH~1.DLL
SEH: ShellHook Class: {88485281-8b4b-4f8d-9ede-82e29a064277} - C:\PROGRA~2\MarkAny\CONTEN~1\MACSMA~1.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{30F9B915-B755-4826-820B-08FBA6BD249D}
{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}
{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{9FDDE16B-836F-4806-AB1F-1455CBEFF289}
{AA58ED58-01DD-4d91-8333-CF10577473F7}
{cd90bf73-20f6-44ef-993d-bb920303bd2e}
{d2ce3e00-f94a-4740-988e-03dc2f38c34f}
{D4027C7F-154A-4066-A1AD-4243D8127440}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{E33CF602-D945-461A-83F0-819F76A199F8}
{DE9C389F-3316-41A7-809B-AA305ED9D922}
{8dcb7100-df86-4384-8842-8fa844297b3f}
{D4027C7F-154A-4066-A1AD-4243D8127440}
{cd90bf73-20f6-44ef-993d-bb920303bd2e}
{30F9B915-B755-4826-820B-08FBA6BD249D}
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun-x64: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun-x64: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun-x64: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun-x64: [SMSTray] C:\Program Files (x86)\Samsung\Samsung Media Studio 5\SMSTray.exe
mRun-x64: [MAAgent] C:\Program Files (x86)\MarkAny\ContentSafer\MAAgent.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
AppInit_DLLs-X64: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
SEH-X64: {E54729E8-BB3D-4270-9D49-7389EA579090}: EasyBits Security Shield Hook - prevents launching insecure programs by kids
SEH-X64: {88485281-8b4b-4f8d-9ede-82e29a064277}: MarkAny Contents Safer Manager 1.0
.
============= SERVICES / DRIVERS ===============
.
R1 kl2;kl2;C:\Windows\system32\DRIVERS\kl2.sys --> C:\Windows\system32\DRIVERS\kl2.sys [?]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys --> C:\Windows\system32\DRIVERS\klim6.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-3-2 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AVP;Servizio Kaspersky Anti-Virus;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [2010-7-1 352976]
R2 ezSharedSvc;Easybits Shared Services for Windows;C:\Windows\system32\svchost.exe -k netsvcs [2009-7-14 20992]
R2 Giraffic;Giraffic Video Accelerator;C:\Program Files (x86)\Giraffic\GirafficWatchdog.exe --service --> C:\Program Files (x86)\Giraffic\GirafficWatchdog.exe --service [?]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-1-25 92216]
R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]
R2 WDDMService;WDDMService;C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-11-8 288256]
R2 WDFME;WD File Management Engine;C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [2010-11-8 1060352]
R2 WDSC;WD File Management Shadow Engine;C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [2010-11-8 485376]
R3 enecir;ENE CIR Receiver;C:\Windows\system32\DRIVERS\enecir.sys --> C:\Windows\system32\DRIVERS\enecir.sys [?]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\system32\DRIVERS\klmouflt.sys --> C:\Windows\system32\DRIVERS\klmouflt.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 ScreamBAudioSvc;ScreamBee Audio;C:\Windows\system32\drivers\ScreamingBAudio64.sys --> C:\Windows\system32\drivers\ScreamingBAudio64.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Servizio di Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-14 136176]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-15 183560]
S3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-8-28 228408]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
S3 gupdatem;Servizio Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-14 136176]
S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\system32\DRIVERS\ivusb.sys --> C:\Windows\system32\DRIVERS\ivusb.sys [?]
S3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Servizio Windows Activation Technologies;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
inffile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
VBEFile=%SystemRoot%\SysWow64\WScript.exe "%1" %*
VBSFile=%SystemRoot%\SysWow64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2011-10-03 08:54:19 -------- d-----w- C:\Users\Daniele\AppData\Local\{63EE4EA1-F490-4476-9FFD-419E0620EFE0}
2011-10-03 08:54:05 -------- d-----w- C:\Users\Daniele\AppData\Local\{68DC16C7-8785-4289-88F8-E44B4DB87380}
2011-10-02 13:47:37 -------- d-----w- C:\Users\Daniele\AppData\Local\{0526D611-CB3E-48C3-AA16-119568613A0C}
2011-10-02 13:47:25 -------- d-----w- C:\Users\Daniele\AppData\Local\{4ECC134B-843A-4E5B-B166-56117A8C219E}
2011-10-02 12:19:39 -------- d-----w- C:\Users\Daniele\AppData\Local\{BC10E76E-CE11-4225-965A-C65F1C87DA65}
2011-09-30 17:01:20 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{740E0C1A-A087-43F2-9760-2A8A8684CFD5}\offreg.dll
2011-09-30 17:01:17 9049936 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{740E0C1A-A087-43F2-9760-2A8A8684CFD5}\mpengine.dll
2011-09-30 07:06:51 -------- d-----w- C:\Users\Daniele\AppData\Local\{BBF465F3-07F6-4FD3-AEFD-BBF82D6FA5A7}
2011-09-30 07:06:35 -------- d-----w- C:\Users\Daniele\AppData\Local\{43622B64-D8DF-47B2-9039-891D3A11ACE6}
2011-09-29 21:50:38 -------- d-sh--w- C:\$RECYCLE.BIN
2011-09-29 21:09:50 98816 ----a-w- C:\Windows\sed.exe
2011-09-29 21:09:50 518144 ----a-w- C:\Windows\SWREG.exe
2011-09-29 21:09:50 256000 ----a-w- C:\Windows\PEV.exe
2011-09-29 21:09:50 208896 ----a-w- C:\Windows\MBR.exe
2011-09-29 21:09:40 -------- d-----w- C:\ComboFix
2011-09-29 20:57:29 -------- d-----w- C:\Users\Daniele\AppData\Local\{DD3BEA4F-5071-48EB-B3E8-39FEDFADD87D}
2011-09-29 12:32:01 -------- d-----w- C:\Users\Daniele\AppData\Local\{F16CA068-0F4A-4CBC-A1DE-811C0842E26D}
2011-09-28 10:18:13 -------- d-----w- C:\Users\Daniele\AppData\Local\{FA8EDCB7-519B-4A95-B013-CDF9371601D8}
2011-09-28 10:17:11 -------- d-----w- C:\Users\Daniele\AppData\Local\{5BFC4E78-8B42-4C15-B2B5-4B658E6AFB15}
2011-09-27 09:04:03 -------- d-----w- C:\Users\Daniele\AppData\Local\{01E3B4C5-CBB8-42C1-B931-2407CA3C4536}
2011-09-27 09:03:51 -------- d-----w- C:\Users\Daniele\AppData\Local\{3B11ECD5-7E34-46AD-97E9-2B4B71CE338C}
2011-09-26 21:03:18 -------- d-----w- C:\Users\Daniele\AppData\Local\{49DE03C8-3939-4170-9E5D-D2FF1C8EB15F}
2011-09-26 21:03:05 -------- d-----w- C:\Users\Daniele\AppData\Local\{D0669A16-D419-482B-B9A1-4AEFF05765C8}
2011-09-26 09:01:51 -------- d-----w- C:\Users\Daniele\AppData\Local\{938761A7-8F39-47C9-8ECE-4D0138295928}
2011-09-26 09:01:09 -------- d-----w- C:\Users\Daniele\AppData\Local\{37C78FEC-CB58-4CAC-B71E-3DB3BC03ECF2}
2011-09-25 11:55:34 -------- d-----w- C:\Users\Daniele\AppData\Local\{7683128C-267C-4779-AFA1-82F5A660B55A}
2011-09-25 11:55:20 -------- d-----w- C:\Users\Daniele\AppData\Local\{7C38A5AC-2C02-4E73-AE37-5AE3FCFDFDF9}
2011-09-24 22:30:49 -------- d-----w- C:\Users\Daniele\AppData\Local\{2D79FAEF-811B-410F-AB95-2EC46EC9868A}
2011-09-24 22:29:41 -------- d-----w- C:\Users\Daniele\AppData\Local\{8D8976EC-F662-44C6-A78A-3B7A9D16EE09}
2011-09-23 12:57:25 -------- d-----w- C:\Users\Daniele\AppData\Local\{1929E6B4-783D-498A-97E3-9C4E4CC76810}
2011-09-23 12:57:12 -------- d-----w- C:\Users\Daniele\AppData\Local\{D55CDCC2-F599-42D7-BEBB-1D3E103BF69B}
2011-09-22 15:25:00 -------- d-----w- C:\Users\Daniele\AppData\Local\{9773B804-A024-4366-8BE3-25E69DE9E6A9}
2011-09-22 15:24:08 -------- d-----w- C:\Users\Daniele\AppData\Local\{F7224226-6E87-4836-BADD-323585B29A9F}
2011-09-22 01:33:13 -------- d-----w- C:\Users\Daniele\AppData\Local\{9E5C135F-5416-4F00-87A8-F22DDE356E73}
2011-09-22 01:33:01 -------- d-----w- C:\Users\Daniele\AppData\Local\{67114B6C-DC15-40F9-8862-C0FA57050E8C}
2011-09-21 13:32:25 -------- d-----w- C:\Users\Daniele\AppData\Local\{C5F91545-E50B-4C7C-B19D-E0C765F0D2FD}
2011-09-20 09:51:03 -------- d-----w- C:\Users\Daniele\AppData\Local\{9FD05E31-FDC2-4F01-987A-F71995DE84A4}
2011-09-20 09:50:50 -------- d-----w- C:\Users\Daniele\AppData\Local\{2201DBDC-453D-4DE6-971A-25714A5C2833}
2011-09-19 13:40:36 -------- d-----w- C:\Users\Daniele\AppData\Local\{3104B8BD-94A4-4FB6-8F3A-B2820555D396}
2011-09-19 13:40:23 -------- d-----w- C:\Users\Daniele\AppData\Local\{53D8EDE3-8968-4D29-8150-D587B79A61CE}
2011-09-18 15:44:28 -------- d-----w- C:\Users\Daniele\AppData\Local\{631B4500-08FB-4EF1-8069-2ACC52DB67A9}
2011-09-18 15:44:16 -------- d-----w- C:\Users\Daniele\AppData\Local\{FC3AC925-1408-4B91-B70F-177402AEBAD2}
2011-09-18 15:44:05 -------- d-----w- C:\Users\Daniele\AppData\Local\{CF44D4C9-09F8-43C6-9BB9-5C49B7B40FE6}
2011-09-18 15:43:53 -------- d-----w- C:\Users\Daniele\AppData\Local\{17FDF390-E34B-40FF-B245-EA5591505764}
2011-09-18 03:42:42 -------- d-----w- C:\Users\Daniele\AppData\Local\{56F6086F-8E41-4C90-890F-C6267BF68CFC}
2011-09-18 03:41:47 -------- d-----w- C:\Users\Daniele\AppData\Local\{DE54470F-74CB-4685-9B1C-AA996A29530F}
2011-09-17 14:46:53 -------- d-----w- C:\Users\Daniele\AppData\Local\{20A60438-74F0-47D8-A1A4-8C14F120C71A}
2011-09-17 14:46:41 -------- d-----w- C:\Users\Daniele\AppData\Local\{73D14A9A-63DF-46FD-924A-233FD2510DFB}
2011-09-17 14:37:32 -------- d-----w- C:\Users\Daniele\AppData\Local\{3326127B-40BC-4015-B3A2-E3807EFE46A0}
2011-09-17 14:37:02 -------- d-----w- C:\Users\Daniele\AppData\Local\{E68CE2DC-31FE-41C9-AEB8-311EA3DC4771}
2011-09-16 15:42:39 -------- d-----w- C:\Users\Daniele\AppData\Local\{1CA147D0-A93E-4F6B-8E66-66407349659F}
2011-09-16 15:42:11 -------- d-----w- C:\Users\Daniele\AppData\Local\{7FDF0B64-D88E-46B3-AD51-8E39800DB728}
2011-09-15 15:41:41 -------- d-----w- C:\Users\Daniele\AppData\Local\{8E6015FD-690A-4BAA-B43D-65942911858A}
2011-09-15 15:41:17 -------- d-----w- C:\Users\Daniele\AppData\Local\{A3F3A3A9-EEFB-4080-9291-49027E777B7F}
2011-09-14 16:09:35 -------- d-----w- C:\Users\Daniele\AppData\Local\{41E0BEC8-A132-4B84-B199-F1B3FB3ED0FE}
2011-09-14 16:09:19 -------- d-----w- C:\Users\Daniele\AppData\Local\{99A39E6F-A2BD-46DA-9835-81A2F33C6F1A}
2011-09-14 02:16:10 -------- d-----w- C:\Users\Daniele\AppData\Local\{EA175377-E579-4FDD-99FB-5613733889B3}
2011-09-14 02:15:58 -------- d-----w- C:\Users\Daniele\AppData\Local\{1632A362-6EA5-4E10-BEC6-55836DB5BBBC}
2011-09-13 22:26:26 -------- d-----w- C:\Users\Daniele\AppData\Local\Google
2011-09-13 14:15:29 -------- d-----w- C:\Users\Daniele\AppData\Local\{7D44D0F6-30EF-4EF0-9F4F-80824C007F62}
2011-09-13 14:15:16 -------- d-----w- C:\Users\Daniele\AppData\Local\{27A02AF2-6854-4A40-8CFC-CFC9567D6A28}
2011-09-13 02:14:48 -------- d-----w- C:\Users\Daniele\AppData\Local\{4E7CA771-07E5-4F09-A601-AF057E4F8CB7}
2011-09-12 14:14:09 -------- d-----w- C:\Users\Daniele\AppData\Local\{04CF3E06-2866-46F8-8B41-F3F314323A4E}
2011-09-12 14:13:52 -------- d-----w- C:\Users\Daniele\AppData\Local\{924C4549-127E-4EFD-BCD6-BAF45CC24C65}
2011-09-11 15:36:02 -------- d-----w- C:\Users\Daniele\AppData\Local\{B5031E20-6D7A-4A1A-91F6-3B41A6308964}
2011-09-11 15:35:12 -------- d-----w- C:\Users\Daniele\AppData\Local\{08871E6F-A068-4837-8750-5A01F26CB693}
2011-09-11 03:04:30 -------- d-----w- C:\Users\Daniele\AppData\Local\{C01DD61A-7117-45AF-AF5E-BE3F9866C115}
2011-09-11 03:04:15 -------- d-----w- C:\Users\Daniele\AppData\Local\{DAE4A8AD-B7FE-45B4-B365-1B8FCAE51686}
2011-09-09 14:36:20 -------- d-----w- C:\Users\Daniele\AppData\Local\{577D4CFB-089E-453D-9338-F3CCB22D11A3}
2011-09-09 14:36:08 -------- d-----w- C:\Users\Daniele\AppData\Local\{B8A20030-31A3-4A31-8C30-F4BBF150107D}
2011-09-08 17:25:57 -------- d-----w- C:\Users\Daniele\AppData\Local\{91433680-5CA5-4A31-8F8B-B44A61436DD2}
2011-09-08 17:25:45 -------- d-----w- C:\Users\Daniele\AppData\Local\{61818E15-C56F-4145-89B3-F2BC1BF139F6}
2011-09-07 14:44:33 -------- d-----w- C:\Users\Daniele\AppData\Local\{EAF27D0F-4462-4B20-99CC-E77E2918DF01}
2011-09-07 14:44:18 -------- d-----w- C:\Users\Daniele\AppData\Local\{E3CD465D-B7F2-4843-AA74-CCBF0FFCCAE3}
2011-09-06 16:01:47 -------- d-----w- C:\Users\Daniele\AppData\Local\{0AD215F1-7986-4DE4-A76D-442E10DF3596}
2011-09-06 16:01:35 -------- d-----w- C:\Users\Daniele\AppData\Local\{07A18EFB-ED83-4F9F-8967-32E7FD0F51AC}
2011-09-05 14:57:08 -------- d-----w- C:\Users\Daniele\AppData\Local\{232A491F-546D-4363-8AD7-D5AC18D8BB21}
2011-09-05 14:56:13 -------- d-----w- C:\Users\Daniele\AppData\Local\{E130B98F-9985-4903-B694-DF7CCC471DA1}
2011-09-05 14:52:16 -------- d-----w- C:\Users\Daniele\AppData\Local\{93412A43-34F7-4E7C-9D3F-AA53157E9EFC}
2011-09-05 14:51:54 -------- d-----w- C:\Users\Daniele\AppData\Local\{3BC642D9-33A1-426A-9B3F-BC5263D972B8}
2011-09-04 15:15:45 -------- d-----w- C:\Users\Daniele\AppData\Local\{868FFC3C-0DB6-42C3-A66F-95BF61086AD5}
2011-09-04 15:15:03 -------- d-----w- C:\Users\Daniele\AppData\Local\{5F42D566-30F1-4623-A9FA-6730100F2718}
2011-09-04 02:53:46 -------- d-----w- C:\Users\Daniele\AppData\Local\{1CADB594-6971-40D2-87D8-2784FF1B0693}
2011-09-04 02:53:34 -------- d-----w- C:\Users\Daniele\AppData\Local\{709DE68A-D2C9-4F10-8AFF-7D015F48B6CE}
.
==================== Find3M ====================
.
2011-10-03 12:37:53 270856 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2011-10-03 12:37:53 270856 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2011-10-03 12:36:25 218496 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2011-09-21 21:27:08 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-22 05:42:23 2303488 ----a-w- C:\Windows\System32\jscript9.dll
2011-07-22 05:36:16 1389056 ----a-w- C:\Windows\System32\wininet.dll
2011-07-22 05:32:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-07-22 02:54:43 1797632 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-07-22 02:48:26 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-07-22 02:44:36 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-07-16 05:41:50 362496 ----a-w- C:\Windows\System32\wow64win.dll
2011-07-16 05:41:49 243200 ----a-w- C:\Windows\System32\wow64.dll
2011-07-16 05:41:49 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2011-07-16 05:39:10 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2011-07-16 05:37:12 421888 ----a-w- C:\Windows\System32\KernelBase.dll
2011-07-16 04:29:19 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2011-07-16 04:26:00 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2011-07-16 04:25:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2011-07-16 04:24:23 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2011-07-16 04:24:22 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2011-07-16 02:21:44 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2011-07-16 02:21:41 2048 ----a-w- C:\Windows\SysWow64\user.exe
2011-07-16 02:17:19 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:17:19 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:17:19 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:17:19 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-07-09 05:26:20 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-07-09 04:29:46 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-07-09 02:46:28 288768 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
.
============= FINISH: 21:37:41,96 ===============