aiuto molti virus

[mecoevale]

salve a tutti ho appena fatto la scansione al mio pc tramite malwarebyte pro e mi ha trovato tantissimi vuris .
io vi allego il mio log.
vi ringrazio anticipatamente per il vostro aiuto domenico


www.malwarebytes.org

Versione database: v2014.03.24.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
valentina :: SABLONE [amministratore]

Protezione: Attivata

24.03.2014 09:46:15
MBAM-log-2014-03-24 (10-50-24).txt

Tipo di scansione: Scansione completa (C:\|)
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File di sistema | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 264531
Tempo impiegato: 1 ore, 3 minuti, 16 secondi

Processi rilevati in memoria: 0
(non sono stati rilevati elementi nocivi)

Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)

Chiavi di registro rilevate: 11
HKCR\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
HKCR\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D} (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
HKCR\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8} (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WPM (PUP.Optional.WpManager) -> Nessuna azione intrapresa.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ExpressFiles (PUP.Optional.ExpressFiles.A) -> Nessuna azione intrapresa.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Nessuna azione intrapresa.
HKLM\SOFTWARE\qone8Software (PUP.Optional.Qone8.A) -> Nessuna azione intrapresa.
HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma (PUP.Optional.QuickStart.A) -> Nessuna azione intrapresa.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Nessuna azione intrapresa.

Valori di registro rilevati: 0
(non sono stati rilevati elementi nocivi)

Voci rilevate nei dati di registro: 3
HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command| (PUP.Optional.Qone8.A) -> Cattivo: ("C:\Programmi\Google\Chrome\Application\chrome.exe" http://start.qone8.com/?type=sc&ts=1395 ... 5CESYKMAX) Buono: (Chrome.exe) -> Nessuna azione intrapresa.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command| (PUP.Optional.Qone8) -> Cattivo: (C:\Programmi\Internet Explorer\iexplore.exe http://start.qone8.com/?type=sc&ts=1395 ... 5CESYKMAX) Buono: (iexplore.exe) -> Nessuna azione intrapresa.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|DefaultScope (PUP.Optional.Qone8) -> Cattivo: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}) Buono: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}) -> Nessuna azione intrapresa.

Cartelle rilevate: 24
C:\Programmi\SupTab (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\js (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\en-US (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\es-419 (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\es-ES (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\fr-BE (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\fr-CA (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\fr-CH (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\fr-FR (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\fr-LU (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\it-CH (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\it-IT (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\pl (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\pt-BR (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\ru (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\ru-MO (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\tr-TR (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\vi-VI (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\zh-CN (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\zh-TW (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.

File rilevati: 104
C:\Programmi\SupTab\SupTab.dll (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Documents and Settings\All Users\Dati applicazioni\WPM\wprotectmanager.exe (PUP.Optional.WpManager) -> Nessuna azione intrapresa.
C:\Documents and Settings\valentina\Dati applicazioni\SupTab\SupTab.dll (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Documents and Settings\valentina\Documenti\Downloads\Installer.exe (PUP.Optional.ExpressFiles.A) -> Nessuna azione intrapresa.
C:\Documents and Settings\valentina\Impostazioni locali\Temp\toolbar8032328.exe (PUP.Optional.SkyTech.A) -> Nessuna azione intrapresa.
C:\Documents and Settings\valentina\Impostazioni locali\Temp\Installer.exe (PUP.Optional.ExpressFiles.A) -> Nessuna azione intrapresa.
C:\Documents and Settings\valentina\Impostazioni locali\Temp\fullpackage_temp1395525465\alilog.dll (PUP.Optional.SkyTech.A) -> Nessuna azione intrapresa.
C:\Documents and Settings\valentina\Impostazioni locali\Temp\fullpackage_temp1395525465\package1.zip (PUP.Optional.SkyTech.A) -> Nessuna azione intrapresa.
C:\Documents and Settings\valentina\Impostazioni locali\Temp\fullpackage_temp1395525465\tmp\SupTab.exe (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Documents and Settings\valentina\Impostazioni locali\Temp\fullpackage_temp1395525465\tmp\wpm.exe (PUP.Optional.WpManager) -> Nessuna azione intrapresa.
C:\Programmi\ExpressFiles\uninstall.exe (PUP.Optional.ExpressFiles.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\RSHP.exe (PUP.Optional.IEPluginService.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\install.data (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\DpInterface32.dll (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\DpInterface64.dll (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\DpInterfacef32.dll (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\ient.json (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\SearchProtect32.dll (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\SearchProtect64.dll (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\SpAPPSv32.dll (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\SpAPPSv64.dll (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\uninstall.exe (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\indexIE.html (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\indexIE8.html (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\style.css (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\ver.txt (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\default_logo.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\icon128.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\icon16.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\icon48.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\loading.gif (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\27.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\0.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\1.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\10.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\11.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\12.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\13.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\14.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\15.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\16.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\17.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\18.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\19.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\2.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\20.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\21.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\22.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\23.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\24.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\25.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\26.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\28.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\29.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\3.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\30.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\31.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\32.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\33.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\34.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\35.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\36.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\37.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\38.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\39.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\4.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\40.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\41.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\42.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\43.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\44.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\45.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\46.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\47.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\5.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\6.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\7.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\8.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\img\weather\9.png (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\js\background.js (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\js\ga.js (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\js\jquery-base.js (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\js\jquery.autocomplete.js (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\js\js.js (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\js\xagainit.js (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\en-US\messages.json (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\es-419\messages.json (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\es-ES\messages.json (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\fr-BE\messages.json (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\fr-CA\messages.json (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\fr-CH\messages.json (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\fr-FR\messages.json (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\fr-LU\messages.json (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\it-CH\messages.json (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\it-IT\messages.json (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\pl\messages.json (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\pt-BR\messages.json (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\ru\messages.json (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\ru-MO\messages.json (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\tr-TR\messages.json (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\vi-VI\messages.json (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\zh-CN\messages.json (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\Programmi\SupTab\web\_locales\zh-TW\messages.json (PUP.Optional.SupTab.A) -> Nessuna azione intrapresa.
C:\WINDOWS\system32\roboot.exe (PUP.Optional.PCPerformer.A) -> Nessuna azione intrapresa.

(fine)

[shel]

ciao mecoevale

dopo la scansione devi cliccare su rimuovi elementi selezionati altrimenti non elimina niente

se non lo hai fatto ripeti la scansione e alla fine seleziona tutto e clicca su rimuovi elementi selezionati poi fai questa scansione

scarica OTL
Metti la spunta su SCAN ALL USERS.
Sotto output spunta minimal output
Clicca sulla freccettina di File Age e seleziona 60 Days
Metti la spunta a LOP Check and Purity Check.
A fine scansione OTL produrrà due file di log (OTL.txt ed Extras.txt)
Allegali nel forum

[mecoevale]

ciao shel.. granzie, e questi sono i due log

otl.txt:

OTL logfile created on: 24.03.2014 11:58:25 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\valentina\Documenti\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000810 | Country: Svizzera | Language: ITS | Date Format: dd.MM.yyyy

1014.20 Mb Total Physical Memory | 130.13 Mb Available Physical Memory | 12.83% Memory free
2.38 Gb Paging File | 1.53 Gb Available in Paging File | 64.32% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 149.04 Gb Total Space | 127.75 Gb Free Space | 85.71% Space Free | Partition Type: NTFS
Drive E: | 29.26 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: SABLONE | User Name: valentina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\valentina\Documenti\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programmi\ExpressFiles\EFUpdater.exe ()
PRC - C:\Programmi\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Programmi\cacaoweb\cacaoweb.exe ()
PRC - C:\Documents and Settings\valentina\Dati applicazioni\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programmi\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Programmi\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Programmi\ESET\ESET Smart Security\ekrn.exe (ESET)
PRC - C:\Programmi\ESET\ESET Smart Security\egui.exe (ESET)
PRC - C:\Programmi\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
PRC - C:\WINDOWS\system32\PersistenceThread.exe (Intel Corporation)
PRC - C:\Programmi\Mobile Partner\Mobile Partner.exe ()
PRC - C:\Programmi\Option\Acer 3G Connection Manager\GtDetectSc.exe (OptionNV)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programmi\File comuni\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (SafeNet, Inc)


========== Modules (No Company Name) ==========

MOD - c:\Documents and Settings\valentina\Impostazioni locali\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp8m1xpv.dll ()
MOD - C:\Programmi\ExpressFiles\EFUpdater.exe ()
MOD - C:\Programmi\Google\Chrome\Application\33.0.1750.154\ppgooglenaclpluginchrome.dll ()
MOD - C:\Programmi\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
MOD - C:\Programmi\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll ()
MOD - C:\Programmi\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll ()
MOD - C:\Programmi\cacaoweb\cacaoweb.exe ()
MOD - C:\Documents and Settings\valentina\Dati applicazioni\Dropbox\bin\wxmsw28uh_vc.dll ()
MOD - C:\Documents and Settings\valentina\Dati applicazioni\Dropbox\bin\libcef.dll ()
MOD - C:\Programmi\Mobile Partner\DeviceMgrPlugin.dll ()
MOD - C:\Programmi\Mobile Partner\DeviceMgrUIPlugin.dll ()
MOD - C:\Programmi\Mobile Partner\NDISAPI.dll ()
MOD - C:\Programmi\Mobile Partner\NetInfoPlugin.dll ()
MOD - C:\Programmi\Mobile Partner\Mobile Partner.exe ()
MOD - C:\Programmi\Mobile Partner\LocaleMgrPlugin.dll ()
MOD - C:\Programmi\Mobile Partner\SMSPlugin.dll ()
MOD - C:\Programmi\Mobile Partner\NotifyServicePlugin.dll ()
MOD - C:\Programmi\Mobile Partner\ConfigFilePlugin.dll ()
MOD - C:\Programmi\Mobile Partner\CallPlugin.dll ()
MOD - C:\Programmi\Mobile Partner\DialUpPlugin.dll ()
MOD - C:\Programmi\Mobile Partner\DetectDev.dll ()
MOD - C:\Programmi\Mobile Partner\XCodec.dll ()
MOD - C:\Programmi\Mobile Partner\DeviceOperate.dll ()
MOD - C:\Programmi\Mobile Partner\atcomm.dll ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\Programmi\Mobile Partner\isaputrace.dll ()
MOD - C:\Programmi\Mobile Partner\FileManager.dll ()


========== Services (SafeList) ==========

SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (FLEXnet Licensing Service) -- C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (MBAMService) -- C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Programmi\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (ekrn) -- C:\Programmi\ESET\ESET Smart Security\ekrn.exe (ESET)
SRV - (odserv) -- C:\Programmi\File comuni\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (GtDetectSc) -- C:\Programmi\Option\Acer 3G Connection Manager\GtDetectSc.exe (OptionNV)
SRV - (ose) -- C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (SentinelProtectionServer) -- C:\Programmi\File comuni\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (SafeNet, Inc)


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (Epfwndis) -- C:\WINDOWS\system32\drivers\epfwndis.sys (ESET)
DRV - (eamon) -- C:\WINDOWS\system32\drivers\eamon.sys (ESET)
DRV - (epfw) -- C:\WINDOWS\system32\drivers\epfw.sys (ESET)
DRV - (epfwtdi) -- C:\WINDOWS\system32\drivers\epfwtdi.sys (ESET)
DRV - (ehdrv) -- C:\WINDOWS\system32\drivers\ehdrv.sys (ESET)
DRV - (ewusbnet) -- C:\WINDOWS\system32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (hwusbdev) -- C:\WINDOWS\system32\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (SCDEmu) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (Sentinel) -- C:\WINDOWS\system32\drivers\sentinel.sys (SafeNet, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.qone8.com/web/?type=ds&ts=13 ... ESYKMAX&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.qone8.com/web/?type=ds&ts=13 ... ESYKMAX&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s

IE - HKU\S-1-5-21-507921405-1644491937-1275210071-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-507921405-1644491937-1275210071-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-507921405-1644491937-1275210071-1004\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-21-507921405-1644491937-1275210071-1004\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKU\S-1-5-21-507921405-1644491937-1275210071-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-507921405-1644491937-1275210071-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programmi\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programmi\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programmi\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programmi\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programmi\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Programmi\ESET\ESET Smart Security\Mozilla Thunderbird [2014.02.10 17:21:41 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: qone8 (Enabled)
CHR - default_search_provider: search_url = http://www.qone8.com/web/?type=ds&ts=13 ... ESYKMAX&q={searchTerms}
CHR - default_search_provider: suggest_url = ,
CHR - homepage: http://start.qone8.com/?type=hp&ts=1395 ... 15CESYKMAX
CHR - plugin: Error reading preferences file
CHR - Extension: Documenti Google = C:\Documents and Settings\valentina\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Documents and Settings\valentina\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\valentina\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Ricerca Google = C:\Documents and Settings\valentina\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: cacaoweb = C:\Documents and Settings\valentina\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\gebbadcnkcgcfgpbmcdleckpejgopimf\1.19_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\valentina\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Documents and Settings\valentina\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2001.09.01 15:00:00 | 000,000,768 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [Adobe ARM] C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [egui] C:\Programmi\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [PersistenceThread] C:\WINDOWS\system32\PersistenceThread.exe (Intel Corporation)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Programmi\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKU\S-1-5-21-507921405-1644491937-1275210071-1004..\Run: [cacaoweb] C:\Programmi\cacaoweb\cacaoweb.exe ()
O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-18..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-20..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - Startup: C:\Documents and Settings\valentina\Menu Avvio\Programmi\Esecuzione automatica\Dropbox.lnk = C:\Documents and Settings\valentina\Dati applicazioni\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-507921405-1644491937-1275210071-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.13.173.94 62.13.173.95
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AAC50D1D-E2D6-4FF5-A271-22EB51EEBB6E}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B9CF7CF5-3E54-4810-8437-BF11E02614A3}: DhcpNameServer = 62.13.173.94 62.13.173.95
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igdlogin: DllName - (igdlogin.dll) - C:\WINDOWS\System32\igdlogin.dll ()
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Colline.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Colline.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014.01.11 12:11:42 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2014.01.11 10:34:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009.08.26 03:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.) - E:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2008.03.07 01:34:52 | 000,000,047 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{37677b62-7aba-11e3-a7ef-00269e427cf3}\Shell - "" = AutoRun
O33 - MountPoints2\{37677b62-7aba-11e3-a7ef-00269e427cf3}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{5b39eb01-878e-11e3-a811-00269e427cf3}\Shell - "" = AutoRun
O33 - MountPoints2\{5b39eb01-878e-11e3-a811-00269e427cf3}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009.08.26 03:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{98860da2-7d0b-11e3-a7f9-00269e427cf3}\Shell - "" = AutoRun
O33 - MountPoints2\{98860da2-7d0b-11e3-a7f9-00269e427cf3}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009.08.26 03:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{c0442542-7aa9-11e3-a7e8-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{c0442542-7aa9-11e3-a7e8-806d6172696f}\Shell\AutoRun\command - "" = D:\setup.exe
O33 - MountPoints2\{e2481446-7aa6-11e3-a7ea-9291355f12cf}\Shell - "" = AutoRun
O33 - MountPoints2\{e2481446-7aa6-11e3-a7ea-9291355f12cf}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{e2481449-7aa6-11e3-a7ea-c89af6299019}\Shell - "" = AutoRun
O33 - MountPoints2\{e2481449-7aa6-11e3-a7ea-c89af6299019}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{fe4aaebe-a370-11e3-a855-00269e427cf3}\Shell\AutoRun\command - "" = E:\RunClubSanDisk.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009.08.26 03:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 60 Days ==========

[2014.03.22 23:06:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\valentina\Dati applicazioni\Malwarebytes
[2014.03.22 23:06:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Malwarebytes' Anti-Malware
[2014.03.22 23:06:19 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2014.03.22 23:06:19 | 000,000,000 | ---D | C] -- C:\Programmi\Malwarebytes' Anti-Malware
[2014.03.22 23:03:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\valentina\Dati applicazioni\SupTab
[2014.03.22 23:02:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Malwarebytes
[2014.03.22 23:01:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\WPM
[2014.03.22 23:00:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\valentina\Dati applicazioni\qone8
[2014.03.22 22:57:38 | 000,000,000 | ---D | C] -- C:\Programmi\ExpressFiles
[2014.03.22 22:57:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\valentina\Dati applicazioni\ExpressFiles
[2014.03.22 20:53:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Microsoft Silverlight
[2014.03.22 20:51:07 | 000,000,000 | ---D | C] -- C:\Programmi\Microsoft Silverlight
[2014.03.21 08:51:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\valentina\Desktop\rif project
[2014.03.13 13:06:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\valentina\Dati applicazioni\Google
[2014.03.13 12:55:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Google Earth
[2014.03.09 18:19:21 | 001,952,512 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\drivers\BCMWL5.SYS
[2014.03.07 18:46:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\valentina\Desktop\spalato
[2014.03.04 08:20:58 | 000,000,000 | ---D | C] -- C:\Programmi\SafeNet Sentinel
[2014.03.04 08:20:58 | 000,000,000 | ---D | C] -- C:\Programmi\File comuni\SafeNet Sentinel
[2014.03.04 08:13:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\valentina\Impostazioni locali\Dati applicazioni\Computers and Structures
[2014.03.04 08:11:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Computers and Structures
[2014.03.04 08:08:46 | 000,000,000 | ---D | C] -- C:\Programmi\Computers and Structures
[2014.03.01 20:54:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\valentina\Documenti\Dropbox
[2014.03.01 20:51:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\valentina\Dati applicazioni\DropboxMaster
[2014.03.01 20:51:13 | 000,000,000 | ---D | C] -- C:\Programmi\Dropbox
[2014.03.01 20:50:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\valentina\Menu Avvio\Programmi\Dropbox
[2014.03.01 20:48:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\valentina\Dati applicazioni\Dropbox
[2014.02.28 16:48:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\valentina\Desktop\prog strutt
[2014.02.25 19:54:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\valentina\Desktop\design
[2014.02.24 16:34:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\valentina\Desktop\cri
[2014.02.22 20:50:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\valentina\Desktop\tavole
[2014.02.22 20:32:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\valentina\Dati applicazioni\cacaoweb
[2014.02.22 20:32:27 | 000,000,000 | ---D | C] -- C:\Programmi\cacaoweb
[2014.02.10 17:25:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\valentina\Impostazioni locali\Dati applicazioni\ESET
[2014.02.10 17:25:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\valentina\Dati applicazioni\ESET
[2014.02.10 17:24:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\ESET
[2014.02.10 17:21:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\ESET
[2014.02.10 17:21:08 | 000,000,000 | ---D | C] -- C:\Programmi\ESET
[2014.02.10 17:21:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\ESET
[2014.02.05 20:17:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\valentina\Dati applicazioni\systweak
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\valentina\*.tmp files -> C:\Documents and Settings\valentina\*.tmp -> ]

========== Files - Modified Within 60 Days ==========

[2014.03.24 11:55:05 | 000,489,556 | ---- | M] () -- C:\WINDOWS\System32\perfh010.dat
[2014.03.24 11:55:04 | 000,441,852 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014.03.24 11:55:04 | 000,083,824 | ---- | M] () -- C:\WINDOWS\System32\perfc010.dat
[2014.03.24 11:55:03 | 000,070,968 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014.03.24 11:47:34 | 000,001,132 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.03.24 11:47:34 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\Express FilesUpdate.job
[2014.03.24 11:47:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.03.24 11:30:11 | 000,001,136 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014.03.24 09:29:49 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014.03.22 23:06:22 | 000,000,756 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2014.03.22 23:03:06 | 000,001,576 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Express Files.lnk
[2014.03.22 22:59:25 | 000,001,985 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2014.03.21 10:09:50 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014.03.20 08:45:52 | 000,011,429 | ---- | M] () -- C:\Documents and Settings\valentina\Desktop\images (5).jpg
[2014.03.20 08:43:27 | 000,008,788 | ---- | M] () -- C:\Documents and Settings\valentina\Desktop\images (4).jpg
[2014.03.20 08:41:18 | 000,008,481 | ---- | M] () -- C:\Documents and Settings\valentina\Desktop\download.jpg
[2014.03.20 08:27:50 | 000,009,419 | ---- | M] () -- C:\Documents and Settings\valentina\Desktop\images (3).jpg
[2014.03.20 08:26:20 | 000,011,308 | ---- | M] () -- C:\Documents and Settings\valentina\Desktop\images (2).jpg
[2014.03.20 08:20:11 | 000,009,811 | ---- | M] () -- C:\Documents and Settings\valentina\Desktop\images (1).jpg
[2014.03.20 08:18:50 | 000,011,479 | ---- | M] () -- C:\Documents and Settings\valentina\Desktop\images.jpg
[2014.03.16 15:52:15 | 000,047,104 | ---- | M] () -- C:\Documents and Settings\valentina\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014.03.07 11:05:47 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2014.03.04 08:22:35 | 000,000,350 | ---- | M] () -- C:\WINDOWS\System32\k0ln1mm.tgz
[2014.03.04 08:22:35 | 000,000,114 | ---- | M] () -- C:\WINDOWS\System32\prsgrc.tgz
[2014.03.04 08:22:35 | 000,000,100 | ---- | M] () -- C:\WINDOWS\System32\prsgrc.dll
[2014.03.04 08:22:35 | 000,000,086 | ---- | M] () -- C:\WINDOWS\System32\ssprs.tgz
[2014.03.04 08:13:13 | 000,001,024 | ---- | M] () -- C:\WINDOWS\System32\grcauth2.dll
[2014.03.04 08:13:13 | 000,001,024 | ---- | M] () -- C:\WINDOWS\System32\grcauth1.dll
[2014.03.04 08:12:53 | 000,001,024 | ---- | M] () -- C:\WINDOWS\System32\lcgnscb.tgz
[2014.03.04 08:12:53 | 000,001,024 | ---- | M] () -- C:\WINDOWS\System32\lcgnscb.dll
[2014.03.04 08:12:40 | 000,001,024 | ---- | M] () -- C:\WINDOWS\System32\clauth2.dll
[2014.03.04 08:12:40 | 000,001,024 | ---- | M] () -- C:\WINDOWS\System32\clauth1.dll
[2014.03.04 08:12:40 | 000,000,072 | ---- | M] () -- C:\WINDOWS\System32\ssprs.dll
[2014.03.04 08:12:00 | 000,001,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SAP2000 14.lnk
[2014.03.01 20:54:57 | 000,001,015 | ---- | M] () -- C:\Documents and Settings\valentina\Desktop\Dropbox.lnk
[2014.03.01 20:52:12 | 000,001,045 | ---- | M] () -- C:\Documents and Settings\valentina\Menu Avvio\Programmi\Esecuzione automatica\Dropbox.lnk
[2014.02.17 18:17:50 | 000,035,346 | ---- | M] () -- C:\Documents and Settings\valentina\Desktop\CALENDARIO 2° semestre INTEGRATO.pdf
[2014.02.06 12:58:56 | 000,342,624 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\valentina\*.tmp files -> C:\Documents and Settings\valentina\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.03.22 23:06:22 | 000,000,756 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2014.03.22 22:58:20 | 000,000,282 | ---- | C] () -- C:\WINDOWS\tasks\Express FilesUpdate.job
[2014.03.22 22:58:19 | 000,001,576 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Express Files.lnk
[2014.03.20 08:45:51 | 000,011,429 | ---- | C] () -- C:\Documents and Settings\valentina\Desktop\images (5).jpg
[2014.03.20 08:43:26 | 000,008,788 | ---- | C] () -- C:\Documents and Settings\valentina\Desktop\images (4).jpg
[2014.03.20 08:41:20 | 000,008,481 | ---- | C] () -- C:\Documents and Settings\valentina\Desktop\download.jpg
[2014.03.20 08:27:49 | 000,009,419 | ---- | C] () -- C:\Documents and Settings\valentina\Desktop\images (3).jpg
[2014.03.20 08:26:19 | 000,011,308 | ---- | C] () -- C:\Documents and Settings\valentina\Desktop\images (2).jpg
[2014.03.20 08:20:10 | 000,009,811 | ---- | C] () -- C:\Documents and Settings\valentina\Desktop\images (1).jpg
[2014.03.20 08:18:48 | 000,011,479 | ---- | C] () -- C:\Documents and Settings\valentina\Desktop\images.jpg
[2014.03.15 16:28:27 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Adobe Reader XI.lnk
[2014.03.04 08:16:03 | 000,066,896 | ---- | C] () -- C:\WINDOWS\System\lsvbwrap.dll
[2014.03.04 08:12:53 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\lcgnscb.tgz
[2014.03.04 08:12:00 | 000,001,792 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SAP2000 14.lnk
[2014.03.01 20:54:57 | 000,001,015 | ---- | C] () -- C:\Documents and Settings\valentina\Desktop\Dropbox.lnk
[2014.03.01 20:52:12 | 000,001,045 | ---- | C] () -- C:\Documents and Settings\valentina\Menu Avvio\Programmi\Esecuzione automatica\Dropbox.lnk
[2014.02.05 12:43:56 | 000,035,346 | ---- | C] () -- C:\Documents and Settings\valentina\Desktop\CALENDARIO 2° semestre INTEGRATO.pdf
[2014.01.18 15:38:24 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014.01.12 08:53:33 | 000,197,240 | ---- | C] () -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\FontCache3.0.0.0.dat
[2014.01.11 12:58:20 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2014.01.11 12:56:25 | 000,004,343 | ---- | C] () -- C:\WINDOWS\System32\lpgun.ini
[2014.01.11 12:56:15 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\igdlogin.dll
[2014.01.11 11:34:09 | 000,667,136 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2014.01.11 11:34:09 | 000,323,072 | ---- | C] () -- C:\WINDOWS\System32\WgaTray.exe
[2014.01.11 11:34:09 | 000,190,976 | ---- | C] () -- C:\WINDOWS\System32\WgaLogon.dll
[2014.01.11 11:20:15 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2014.01.11 11:18:54 | 000,342,624 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014.01.11 10:58:01 | 000,000,086 | ---- | C] () -- C:\Documents and Settings\valentina\DelC5C.bat
[2014.01.11 10:51:02 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2014.01.11 10:30:01 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2014.01.11 08:44:02 | 000,047,104 | ---- | C] () -- C:\Documents and Settings\valentina\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014.01.11 08:40:55 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat

========== ZeroAccess Check ==========

[2014.01.11 10:37:22 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 02:13:52 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2008.04.14 02:13:40 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 02:13:58 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014.01.11 12:27:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Autodesk
[2014.02.10 17:21:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\ESET
[2014.03.24 11:45:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\WPM
[2014.01.11 12:27:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\valentina\Dati applicazioni\Autodesk
[2014.03.22 20:44:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\valentina\Dati applicazioni\cacaoweb
[2014.03.24 11:54:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\valentina\Dati applicazioni\Dropbox
[2014.03.01 20:54:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\valentina\Dati applicazioni\DropboxMaster
[2014.02.10 17:25:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\valentina\Dati applicazioni\ESET
[2014.03.22 23:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\valentina\Dati applicazioni\ExpressFiles
[2014.03.22 23:00:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\valentina\Dati applicazioni\qone8
[2014.03.24 11:45:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\valentina\Dati applicazioni\SupTab
[2014.02.10 17:07:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\valentina\Dati applicazioni\systweak
[2014.01.14 07:41:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\valentina\Dati applicazioni\UDC Profiles

========== Purity Check ==========



< End of report >


Extras.txt:

OTL Extras logfile created on: 24.03.2014 11:58:25 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\valentina\Documenti\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000810 | Country: Svizzera | Language: ITS | Date Format: dd.MM.yyyy

1014.20 Mb Total Physical Memory | 130.13 Mb Available Physical Memory | 12.83% Memory free
2.38 Gb Paging File | 1.53 Gb Available in Paging File | 64.32% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 149.04 Gb Total Space | 127.75 Gb Free Space | 85.71% Space Free | Partition Type: NTFS
Drive E: | 29.26 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: SABLONE | User Name: valentina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-507921405-1644491937-1275210071-1004\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Programmi\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programmi\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programmi\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Programmi\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Programmi\Microsoft Office\Office12\GROOVE.EXE" = C:\Programmi\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Programmi\Microsoft Office\Office12\ONENOTE.EXE" = C:\Programmi\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Programmi\cacaoweb\cacaoweb.exe" = C:\Programmi\cacaoweb\cacaoweb.exe:*:Enabled:cacaoweb -- ()
"C:\Documents and Settings\valentina\Dati applicazioni\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\valentina\Dati applicazioni\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Programmi\File comuni\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe" = C:\Programmi\File comuni\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe:*:Enabled:Sentinel Protection Server -- (SafeNet, Inc)
"C:\Programmi\ExpressFiles\expressdl.exe" = C:\Programmi\ExpressFiles\expressdl.exe:*:Enabled:Express Files -- (http://www.express-files.com/)
"C:\Programmi\ExpressFiles\ExpressFiles.exe" = C:\Programmi\ExpressFiles\ExpressFiles.exe:*:Enabled:Express Files -- (http://www.express-files.com/)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1479472D-3FF7-450C-BC31-FC4F40405FFD}" = ESET Smart Security
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{350C9410-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{404C18ED-873A-4191-BA03-30F627445418}" = Sentinel Protection Installer 7.3.0
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{55CA4086-0D2C-30E3-A7B5-C76BA737CECE}" = Microsoft .NET Framework 3.5 Language Pack SP1 - ita
"{5783F2D7-8001-0410-0002-0060B0CE6BBA}" = AutoCAD 2010 - Italiano
"{5783F2D7-8001-0410-1002-0060B0CE6BBA}" = Language Pack di AutoCAD 2010 - Italiano
"{65813DA6-6F37-42F9-97BE-3D02B80A8920}" = Acer 3G Connection Manager
"{72EF03F5-0507-4861-9A44-D99FD4C41417}" = Paint.NET v3.5.11
"{7314A846-10ED-4BF6-B084-D359E9D4B89C}" = SAP2000 14
"{8054D734-39C7-463D-B764-9C883982B8F9}" = VC_CRT_x86
"{842F9881-E181-30B3-A152-008D61433274}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - ITA
"{86BA3130-5938-3192-BBCF-6B0A2D86FA58}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - ITA
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0410-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Italian) 12
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0410-0000-0000000FF1CE}_ENTERPRISE_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_ENTERPRISE_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_ENTERPRISE_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0410-0000-0000000FF1CE}_ENTERPRISE_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0410-0000-0000000FF1CE}_ENTERPRISE_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_ENTERPRISE_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0044-0410-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Italian) 2007
"{90120000-0044-0410-0000-0000000FF1CE}_ENTERPRISE_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_ENTERPRISE_{0A75DA12-55CB-4DE5-8B6A-74D97847204E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2007
"{90120000-00A1-0410-0000-0000000FF1CE}_ENTERPRISE_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0410-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Italian) 2007
"{90120000-00BA-0410-0000-0000000FF1CE}_ENTERPRISE_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1040-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Italiano
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"AutoCAD 2010 - Italiano" = AutoCAD 2010 - Italiano
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"LPCO" = Intel(R) Graphics Media Accelerator 500
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versione 1.75.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - ita" = Microsoft .NET Framework 3.5 - Language Pack SP1 (italiano)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mobile Partner" = Mobile Partner
"PowerISO" = PowerISO
"qone8 uninstaller" = qone8 uninstaller
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Universal Document Converter_is1" = Universal Document Converter Server Edition
"VLC media player" = VLC media player 1.1.10
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WinRAR archiver" = WinRAR gestione archivi
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-507921405-1644491937-1275210071-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 09.03.2014 13:02:47 | Computer Name = SABLONE | Source = MsiInstaller | ID = 1013
Description = Prodotto: Intel(R) Network Connections -- Impossibile installare i
driver. Nessuna scheda Intel(R) presente sul computer.

[ System Events ]
Error - 01.03.2014 06:53:21 | Computer Name = SABLONE | Source = Dhcp | ID = 1002
Description = Il lease 10.82.143.124 dell'indirizzo IP della scheda di rete con
indirizzo 001E101FE948 è stato negato dal server DHCP 10.86.37.34. Il server DHCP
ha inviato un messaggio DHCPNACK.

Error - 01.03.2014 07:48:16 | Computer Name = SABLONE | Source = Dhcp | ID = 1002
Description = Il lease 10.86.37.33 dell'indirizzo IP della scheda di rete con indirizzo
001E101FC3E9 è stato negato dal server DHCP 10.119.67.169. Il server DHCP ha inviato
un messaggio DHCPNACK.

Error - 01.03.2014 10:50:56 | Computer Name = SABLONE | Source = Dhcp | ID = 1002
Description = Il lease 10.119.67.171 dell'indirizzo IP della scheda di rete con
indirizzo 001E101F5329 è stato negato dal server DHCP 10.83.58.81. Il server DHCP
ha inviato un messaggio DHCPNACK.

Error - 01.03.2014 15:33:36 | Computer Name = SABLONE | Source = Service Control Manager | ID = 7016
Description = Il servizio WebClient ha riportato lo stato non valido corrente 87.

Error - 01.03.2014 15:33:36 | Computer Name = SABLONE | Source = Service Control Manager | ID = 7022
Description = Servizio WebClient bloccato in partenza.

Error - 02.03.2014 11:12:09 | Computer Name = SABLONE | Source = ACPIEC | ID = 327681
Description = \Device\ACPIEC: l'hardware del controller integrato (EC) non ha risposto
nei limiti del periodo di timeout. Ciò indica un errore dell'hardware o del firmware
del controller integrato oppure che un BIOS non all'altezza ha tentato di accedere
al controller integrato in modo errato. Il driver del controller integrato riproverà
eventualmente a effettuare la transizione non riuscita.

Error - 02.03.2014 11:14:17 | Computer Name = SABLONE | Source = Service Control Manager | ID = 7016
Description = Il servizio WebClient ha riportato lo stato non valido corrente 87.

Error - 02.03.2014 11:14:17 | Computer Name = SABLONE | Source = Service Control Manager | ID = 7022
Description = Servizio WebClient bloccato in partenza.

Error - 03.03.2014 15:40:03 | Computer Name = SABLONE | Source = Service Control Manager | ID = 7016
Description = Il servizio WebClient ha riportato lo stato non valido corrente 87.

Error - 03.03.2014 15:40:03 | Computer Name = SABLONE | Source = Service Control Manager | ID = 7022
Description = Servizio WebClient bloccato in partenza.


< End of report >