Kaspersky says that the scan is complete, but keeps scanning files. I think I have an infection or a trojan!!
This is my DDS, I posted it here cause I had no replies in the malware section.
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Daniele at 13:25:50 on 2012-10-08
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.39.1040.18.4092.2034 [GMT 2:00]
.
AV: Kaspersky Internet Security *Enabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
SP: Kaspersky Internet Security *Enabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security *Enabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\Windows\SysWOW64\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Users\Daniele\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
C:\Users\Daniele\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\taskeng.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Users\Daniele\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Daniele\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Daniele\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Daniele\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Daniele\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Daniele\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Daniele\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Daniele\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtblfs.exe
C:\Users\Daniele\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Daniele\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Windows\splwow64.exe
C:\Users\Daniele\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.babylon.com/?affID=109986 ... 22688f2702
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Guida per l'accesso a Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [Google Update] "C:\Users\Daniele\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [AdobeBridge]
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
uPolicies-system: WallpaperStyle = 2
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
dPolicies-system: WallpaperStyle = 2
IE: Aggiungi ad Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
IE: E&sporta in Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{DF091CE3-5C51-410C-8B83-001318138050} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{DF091CE3-5C51-410C-8B83-001318138050}\C696E6B6379737 : DhcpNameServer = 192.168.0.11 192.168.0.190
TCP: Interfaces\{F0614F53-470D-4844-9F16-17940AB5374E} : DhcpNameServer = 192.168.0.11 192.168.0.190
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
SEH: EasyBits ShellExecute Hook: {e54729e8-bb3d-4270-9d49-7389ea579090} - C:\Windows\SysWow64\EZUPBH~1.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{E33CF602-D945-461A-83F0-819F76A199F8}
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
mRun-x64: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun-x64: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun-x64: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun-x64: [(Predefinito)]
mRun-x64: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SEH-X64: {E54729E8-BB3D-4270-9D49-7389EA579090}: EasyBits Security Shield Hook - prevents launching insecure programs by kids
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 kl2;kl2;C:\Windows\system32\DRIVERS\kl2.sys --> C:\Windows\system32\DRIVERS\kl2.sys [?]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys --> C:\Windows\system32\DRIVERS\klim6.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-9-30 169408]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-3-2 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AVP;Servizio Kaspersky Anti-Virus;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [2011-4-24 202296]
R2 ezSharedSvc;Easybits Shared Services for Windows;C:\Windows\system32\svchost.exe -k netsvcs [2009-7-14 20992]
R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]
R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-8-28 228408]
R3 enecir;ENE CIR Receiver;C:\Windows\system32\DRIVERS\enecir.sys --> C:\Windows\system32\DRIVERS\enecir.sys [?]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\system32\DRIVERS\klmouflt.sys --> C:\Windows\system32\DRIVERS\klmouflt.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Servizio Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-7-10 116648]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-3 160944]
S3 gupdatem;Servizio Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-7-10 116648]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Servizio Windows Activation Technologies;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
.
=============== Created Last 30 ================
.
2012-10-08 10:36:30 -------- d-----w- C:\Users\Daniele\AppData\Local\{D56D344E-B35D-4332-B4B6-C0A7B9121875}
2012-10-08 10:17:36 -------- d-----w- C:\Users\Daniele\AppData\Local\{727CC052-E444-438A-A887-ED9A8D5BC171}
2012-10-08 02:13:23 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9739F3D0-693D-4218-891D-75542C8D5C51}\offreg.dll
2012-10-07 17:55:19 -------- d-----w- C:\Users\Daniele\AppData\Local\{58DF81FF-2143-44BE-8CD5-3AB5FB51CA57}
2012-10-06 15:51:32 -------- d-----w- C:\Users\Daniele\AppData\Local\{C49D85D5-EEE4-44FE-B7AA-78E93F0212EA}
2012-10-05 23:30:22 -------- d-----w- C:\Users\Daniele\AppData\Local\{AB7B4B32-BF52-4501-9736-7073C18B096C}
2012-10-05 10:45:36 -------- d-----w- C:\Users\Daniele\AppData\Local\{D362C4B2-63F4-45B6-B0FD-8A017548C7A8}
2012-10-05 10:43:13 9308616 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9739F3D0-693D-4218-891D-75542C8D5C51}\mpengine.dll
2012-10-04 13:18:31 -------- d-----w- C:\Users\Daniele\AppData\Local\{5D26B4CA-28EA-4F54-AB88-42C23B2EE2C2}
2012-10-03 12:50:28 -------- d-----w- C:\Users\Daniele\AppData\Local\{803D7A1E-BE76-47E1-B09C-5610F8B323AF}
2012-10-02 22:17:55 -------- d-----w- C:\Users\Daniele\AppData\Local\{81880A0F-7EE7-4D46-8813-2C1EC2007EAE}
2012-10-02 12:31:52 -------- d-----w- C:\Users\Daniele\AppData\Local\{4FA4CAF4-DFC1-458B-A1FB-2FD174D80781}
2012-10-01 13:25:42 -------- d-----w- C:\Users\Daniele\AppData\Local\{117D0D45-1890-4A74-A7D9-471EEC4CF3FD}
2012-09-30 14:49:26 -------- d-----w- C:\Users\Daniele\AppData\Local\{6026E1B2-F00D-4AAF-8754-CCE6A152D3C4}
2012-09-30 02:48:56 -------- d-----w- C:\Users\Daniele\AppData\Local\{18D63E0D-294E-478B-8889-F1C973F007D1}
2012-09-29 13:38:58 -------- d-----w- C:\Users\Daniele\AppData\Local\{B65EDF60-F82E-4A6D-B966-D7C15A775867}
2012-09-28 14:06:33 -------- d-----w- C:\Users\Daniele\AppData\Local\{16D291B1-0A19-459E-A654-3EC80CD31A2F}
2012-09-28 02:06:06 -------- d-----w- C:\Users\Daniele\AppData\Local\{845E25E9-5CB4-4D2A-BFB6-4D0368CCA3D4}
2012-09-27 13:01:21 -------- d-----w- C:\Users\Daniele\AppData\Local\{F63EF44B-10D2-4C30-AFF7-0C91220C5B0C}
2012-09-26 15:06:27 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2012-09-25 06:45:06 -------- d-----w- C:\Users\Daniele\AppData\Local\{5713AB65-5A06-4FAA-BD97-EEE2E6341B7E}
2012-09-24 12:59:08 -------- d-----w- C:\Users\Daniele\AppData\Local\{7997DFE4-5485-428D-B013-99A0E382D738}
2012-09-24 00:58:39 -------- d-----w- C:\Users\Daniele\AppData\Local\{24F4DB28-28E1-491A-9E08-4AE3DE3D17CA}
2012-09-22 00:27:23 -------- d-----w- C:\Users\Daniele\AppData\Local\{0F3A613A-A573-4D8D-8A59-593DA875C2FF}
2012-09-21 11:56:18 -------- d-----w- C:\Users\Daniele\AppData\Local\{438A6DFC-77C7-4B74-B3D3-671D85AAF4CB}
2012-09-20 07:51:44 -------- d-----w- C:\Users\Daniele\AppData\Local\{C504D3BC-4D51-440F-9B4E-CFA4641D4E25}
2012-09-19 15:48:47 -------- d-----w- C:\Users\Daniele\AppData\Local\{A20B6B6C-9C60-4D99-A2A7-6956307CFDA6}
2012-09-19 00:13:35 -------- d-----w- C:\Users\Daniele\AppData\Local\{9DB3E3CA-E578-4AE0-BB77-039DBD7718EA}
2012-09-18 23:56:38 -------- d-----w- C:\Users\Daniele\AppData\Local\{AB42241C-0729-46CD-846D-5715142D43D6}
2012-09-18 06:58:06 -------- d-----w- C:\Users\Daniele\AppData\Local\{54F2F412-23BA-4F14-B808-2AE508C13687}
2012-09-17 11:18:41 -------- d-----w- C:\Users\Daniele\AppData\Local\{83477EE6-40AB-4F8D-8F78-9767634B24D4}
2012-09-16 15:07:20 -------- d-----w- C:\Users\Daniele\AppData\Local\{422D1CBF-CCB2-470F-88F9-9DBE032E98D0}
2012-09-16 01:52:17 -------- d-----w- C:\Users\Daniele\AppData\Local\{B73854F2-2D7A-4A71-B26E-B68172EC2BA0}
2012-09-15 13:50:09 -------- d-----w- C:\Users\Daniele\AppData\Local\{64FCC32D-802E-4A3A-A29E-E6BECE2F65DC}
2012-09-15 01:48:02 -------- d-----w- C:\Users\Daniele\AppData\Local\{141AB4F4-1903-4068-8064-61287AA8C773}
2012-09-14 13:33:03 -------- d-----w- C:\Users\Daniele\AppData\Local\{4071762A-25BE-406E-AE33-AF4CCF016ACC}
2012-09-14 01:32:31 -------- d-----w- C:\Users\Daniele\AppData\Local\{DCAD3E2F-79A4-47A5-9C59-058ABDEFA176}
2012-09-13 11:24:08 -------- d-----w- C:\Users\Daniele\AppData\Local\{66327CE4-A043-4013-94C7-CED9A749EE08}
2012-09-12 21:46:21 -------- d-----w- C:\Users\Daniele\AppData\Local\{5DA63BEC-EAA3-4DCE-9160-35D9D211DB9F}
2012-09-12 11:58:34 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2012-09-12 11:58:33 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys
2012-09-12 11:58:32 574464 ----a-w- C:\Windows\System32\d3d10level9.dll
2012-09-12 11:58:32 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2012-09-12 11:58:31 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-09-12 11:58:30 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2012-09-12 11:58:30 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-09-12 09:45:55 -------- d-----w- C:\Users\Daniele\AppData\Local\{48F72BFE-0484-429C-829F-B12C4CB2BC02}
2012-09-11 19:21:08 -------- d-----w- C:\Users\Daniele\AppData\Local\{1AF01E2C-503B-43C0-A21D-EFF0F4008240}
2012-09-11 07:01:17 -------- d-----w- C:\Users\Daniele\AppData\Local\{388EA1DA-D5EE-4DAB-BBB3-3A6A042A5DDB}
2012-09-10 12:43:07 -------- d-----w- C:\Users\Daniele\AppData\Local\{06603441-FED8-4620-8643-BCF3E5623046}
2012-09-10 00:41:46 -------- d-----w- C:\Users\Daniele\AppData\Local\{02BFBC87-EEBF-43EB-969E-569A80AEA5BE}
2012-09-09 03:55:47 -------- d-----w- C:\Users\Daniele\AppData\Local\{7ED3ACD2-2480-4C31-A665-9BD5732762B8}
2012-09-08 15:55:17 -------- d-----w- C:\Users\Daniele\AppData\Local\{236EFA7E-1689-4664-8A73-08B64FBDD19C}
2012-09-08 15:15:45 -------- d-----w- C:\Users\Daniele\AppData\Local\{7F3E8A32-D213-404E-AEFC-F7C051359207}
.
==================== Find3M ====================
.
2012-08-28 18:24:56 477168 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2012-08-28 18:24:53 473072 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-07-18 18:15:06 3148800 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 13:26:59,33 ===============