Salve..sono alle solite..ho il pc che mi va lento, non parliamo poi della connessione, non capisco il perchè..non voglio portare di nuovo il pc a formattare mi aiutate per favore?

Con i test velocità adsl che risultato ti dà?

se dovessi decidere di formattarlo fai una bella cosa, prima di ritornare in rete crea l'immagine del disco fisso con macrium reflect che trovi in aiutamici in modo che la prossima volta in 5 minuti ripristini il tutto senza piu' formattare.

E questo è il log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16.26.22, on 01/08/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\PixArt\PAC7302\Monitor.exe
C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmi\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\WIDCOMM\SOFTWA~1\BTSTAC~1.EXE
C:\Programmi\Alice ti aiuta\bin\mpbtn.exe
C:\Programmi\File comuni\Logitech\KHAL\KHALMNPR.EXE
C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Leon\Desktop\emule.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: HP Smart Web Printing 1.0 - {AE84A6AA-A333-4B92-B276-C11E2212E4FE} - C:\Programmi\HP\Smart Web Printing\SmartWebPrinting.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Programmi\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmi\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Leon\Menu Avvio\Programmi\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{2D19145B-C34A-4E53-8560-193917AC37B3}: NameServer = 85.37.17.11 85.38.28.69
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe

--
End of file - 7626 bytes

Ciao shapiro..ho fatto quello che mi hai detto, infine si è completata la scansione di malware, mi dice di aver trovato un file infetto: Adware.MyWebSearch ma non ho eliminato..ti posto il log:

Malwarebytes' Anti-Malware 1.39
Versione del database: 2540
Windows 5.1.2600 Service Pack 2

01/08/2009 19.00.25
mbam-log-2009-08-01 (19-00-19).txt

Tipo di scansione: Scansione completa (A:\|C:\|D:\|E:\|)
Elementi scansionati: 121207
Tempo trascorso: 49 minute(s), 6 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 1
Valori di registro infetti: 0
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 0

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> No action taken.

Valori di registro infetti:
(Nessun elemento malevolo rilevato)

Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
(Nessun elemento malevolo rilevato)

Ecco il log di combofix:

ComboFix 09-07-31.04 - Leon 01/08/2009 20.31.21.1.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.39.1040.18.383.155 [GMT 2:00]
Eseguito da: c:\documents and settings\Leon\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090801-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Installer\3dc67.msp
c:\windows\Installer\5c09c.msi
c:\windows\system32\w32apiw.dll

.
((((((((((((((((((((((((( Files Creati Da 2009-07-01 al 2009-08-01 )))))))))))))))))))))))))))))))))))
.

2009-08-01 18:15 . 2009-08-01 18:15 -------- d-----w- c:\documents and settings\Leon\Dati applicazioni\IMVU
2009-08-01 18:14 . 2009-08-01 18:14 82041 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\Uninstall.exe
2009-08-01 18:13 . 2009-08-01 18:14 -------- d-----w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient
2009-08-01 14:59 . 2009-08-01 14:59 -------- d-----w- c:\documents and settings\Leon\Dati applicazioni\nCleaner
2009-08-01 14:53 . 2009-08-01 14:53 -------- d-----w- c:\programmi\NKProds
2009-08-01 13:28 . 2009-08-01 13:28 -------- d-----w- c:\programmi\Trend Micro
2009-08-01 13:19 . 2009-08-01 13:19 -------- d-----w- c:\documents and settings\Leon\Dati applicazioni\Malwarebytes
2009-08-01 13:18 . 2009-07-13 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-01 13:18 . 2009-08-01 13:18 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-08-01 13:18 . 2009-07-13 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-08-01 13:18 . 2009-08-01 13:19 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2009-07-31 06:36 . 2009-07-31 06:36 -------- d-----w- c:\documents and settings\NetworkService\Impostazioni locali\Dati applicazioni\PCHealth
2009-07-30 20:19 . 2009-07-30 20:19 -------- d-----w- c:\windows\Sun
2009-07-27 18:14 . 2009-07-27 18:14 92192 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\IMVUupdater.exe
2009-07-27 18:14 . 2009-07-27 18:14 18688 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\imvuqualityagent.exe
2009-07-27 18:14 . 2009-07-27 18:14 49920 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\IMVUClient.exe
2009-07-27 18:08 . 2009-07-27 18:08 1249280 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\SceneWindow.dll
2009-07-27 18:08 . 2009-07-27 18:08 15872 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\MemoryHook.dll
2009-07-27 18:07 . 2009-07-27 18:07 296960 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\cal3d.dll
2009-07-27 18:07 . 2009-07-27 18:07 30720 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\CallStack.dll
2009-07-27 18:07 . 2009-07-27 18:07 257536 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\audiere.dll
2009-07-27 18:07 . 2009-07-27 18:07 192000 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\boost_python.dll
2009-07-21 08:23 . 2009-07-21 09:32 -------- d-----w- c:\documents and settings\Leon\Dati applicazioni\uTorrent
2009-07-17 14:08 . 2009-07-17 14:08 -------- d-----w- c:\documents and settings\Leon\Impostazioni locali\Dati applicazioni\Identities
2009-07-17 07:11 . 2009-07-17 07:11 -------- d-----w- c:\documents and settings\Leon\WINDOWS
2009-07-10 10:51 . 2009-07-10 10:51 4484 ----a-w- c:\windows\system32\drivers\cpuidlep.sys
2009-07-10 10:50 . 2009-07-10 18:47 -------- d-----w- c:\programmi\SpeedFan
2009-07-09 11:32 . 2009-07-09 11:32 -------- d-sh--w- c:\documents and settings\Leon\PrivacIE
2009-07-09 11:30 . 2009-07-09 11:30 -------- d-sh--w- c:\documents and settings\Leon\IETldCache
2009-07-09 11:25 . 2009-07-29 19:48 -------- d-----w- c:\windows\ie8updates
2009-07-09 09:31 . 2009-07-09 09:31 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Office Genuine Advantage
2009-07-09 09:28 . 2009-07-09 11:24 -------- dc-h--w- c:\windows\ie8
2009-07-09 09:22 . 2009-06-02 10:12 102912 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-07-09 09:22 . 2009-07-03 16:55 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-07-09 09:22 . 2009-07-03 16:55 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-07-09 09:19 . 2009-07-09 09:20 -------- d-----w- C:\b43c3b2f3175de090270c6c9ca
2009-07-09 09:13 . 2009-07-09 09:13 -------- d-----w- c:\programmi\Windows Defender
2009-07-09 08:09 . 2009-07-09 08:09 -------- d-----w- c:\programmi\AC3Filter
2009-07-03 14:18 . 2009-07-03 14:18 -------- d-----w- c:\documents and settings\Leon\Impostazioni locali\Dati applicazioni\Ahead
2009-07-03 14:14 . 2009-07-03 14:21 -------- d-----w- c:\documents and settings\Leon\Dati applicazioni\Ahead
2009-07-03 14:13 . 2009-07-03 14:13 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Ahead
2009-07-03 14:03 . 2009-07-03 14:10 -------- d-----w- c:\programmi\File comuni\Ahead
2009-07-03 14:03 . 2009-07-03 14:03 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Nero
2009-07-03 13:12 . 2009-07-03 13:17 -------- d-----w- C:\DVDTemp
2009-07-03 13:11 . 2008-10-10 16:25 7680 ----a-w- c:\windows\system32\ff_vfw.dll
2009-07-03 13:11 . 2008-10-04 08:22 60273 ----a-w- c:\windows\system32\pthreadGC2.dll
2009-07-03 13:11 . 2009-07-03 13:11 -------- d-----w- c:\programmi\ffdshow
2009-07-03 13:10 . 2009-07-11 06:20 -------- d-----w- c:\programmi\Free DVD Creator
2009-07-03 12:31 . 2009-07-03 12:31 -------- d-----w- c:\documents and settings\Leon\Dati applicazioni\InfraRecorder
2009-07-03 12:08 . 2009-07-03 12:12 -------- d-----w- c:\programmi\Elaborate Bytes
2009-07-03 11:18 . 2009-07-03 11:18 -------- d-----w- c:\programmi\AskTBar
2009-07-03 11:00 . 2009-07-03 11:00 -------- d-----w- c:\programmi\Nero
2009-07-03 10:36 . 2009-07-03 10:36 -------- d-----w- c:\documents and settings\Leon\Dati applicazioni\AVS4YOU
2009-07-03 10:36 . 2009-07-03 10:36 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\AVS4YOU
2009-07-03 10:35 . 2009-07-03 10:35 -------- d-----w- c:\documents and settings\Leon\Dati applicazioni\FinalBurner Video DVD
2009-07-03 10:34 . 2009-07-03 10:35 -------- d-----w- C:\finalburner
2009-07-03 10:30 . 2009-07-03 10:42 -------- d-----w- c:\programmi\AVS4YOU
2009-07-03 10:30 . 2009-07-03 10:42 -------- d-----w- c:\programmi\File comuni\AVSMedia
2009-07-03 10:30 . 2003-05-21 11:50 24576 ----a-w- c:\windows\system32\msxml3a.dll
2009-07-03 10:30 . 2002-01-05 14:48 974848 ----a-w- c:\windows\system32\mfc70.dll
2009-07-03 10:30 . 2002-01-05 13:40 487424 ----a-w- c:\windows\system32\msvcp70.dll
2009-07-03 10:30 . 2002-01-05 01:37 344064 ----a-w- c:\windows\system32\msvcr70.dll
2009-07-03 07:27 . 2004-08-19 12:00 25600 ----a-w- c:\documents and settings\LocalService\Dati applicazioni\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2009-07-03 07:21 . 2009-07-03 07:21 -------- d-----w- c:\programmi\Windows Media Connect 2
2009-07-03 07:17 . 2009-07-03 07:19 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-07-03 07:17 . 2009-07-03 07:17 -------- d-----w- c:\windows\system32\LogFiles

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-01 13:45 . 2009-06-30 19:39 -------- d-----w- c:\programmi\Yahoo!
2009-07-03 16:55 . 2004-08-19 12:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-02 08:25 . 2004-08-19 12:00 48568 ----a-w- c:\windows\system32\perfc010.dat
2009-07-02 08:25 . 2004-08-19 12:00 347866 ----a-w- c:\windows\system32\perfh010.dat
2009-07-01 12:06 . 2009-06-22 13:06 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\WinZip
2009-06-30 19:40 . 2009-06-30 19:39 -------- d-----w- c:\programmi\CCleaner
2009-06-30 19:39 . 2009-06-30 19:39 -------- d-----w- c:\documents and settings\Leon\Dati applicazioni\Yahoo!
2009-06-28 17:52 . 2009-06-22 13:51 26600 ----a-w- c:\documents and settings\Leon\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-06-27 19:24 . 2009-06-27 19:23 -------- d-----w- c:\programmi\File comuni\Adobe
2009-06-27 19:23 . 2009-06-22 12:06 -------- d--h--w- c:\programmi\InstallShield Installation Information
2009-06-24 21:24 . 2009-06-24 21:24 -------- d-----w- c:\programmi\MSXML 4.0
2009-06-24 21:24 . 2009-06-22 19:29 -------- d-----w- c:\programmi\VS Revo Group
2009-06-23 14:07 . 2009-06-22 11:54 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-06-22 19:56 . 2009-06-22 19:56 -------- d-----w- c:\programmi\Microsoft
2009-06-22 19:56 . 2009-06-22 19:55 -------- d-----w- c:\programmi\Windows Live
2009-06-22 19:55 . 2009-06-22 19:55 -------- d-----w- c:\programmi\Windows Live SkyDrive
2009-06-22 19:49 . 2009-06-22 19:49 -------- d-----w- c:\programmi\File comuni\Windows Live
2009-06-22 14:05 . 2009-06-22 14:05 -------- d-----w- c:\programmi\Alwil Software
2009-06-22 13:17 . 2009-06-22 13:17 -------- d-----w- c:\documents and settings\Leon\Dati applicazioni\Corel
2009-06-22 13:17 . 2009-06-22 13:17 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-06-22 13:17 . 2009-06-22 13:17 -------- d-----w- c:\programmi\Java
2009-06-22 13:17 . 2009-06-22 13:17 152576 ----a-w- c:\documents and settings\Leon\Dati applicazioni\Sun\Java\jre1.6.0_14\lzma.dll
2009-06-22 13:13 . 2009-06-22 13:13 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\WEBREG
2009-06-22 13:13 . 2009-06-22 13:08 140342 ----a-w- c:\windows\HPHins13.dat
2009-06-22 13:13 . 2009-06-22 13:13 -------- d-----w- c:\documents and settings\Leon\Dati applicazioni\HP
2009-06-22 13:13 . 2009-06-22 13:12 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\HP
2009-06-22 13:13 . 2009-06-22 13:11 -------- d-----w- c:\programmi\File comuni\HP
2009-06-22 13:13 . 2009-06-22 13:09 -------- d-----w- c:\programmi\HP
2009-06-22 13:12 . 2009-06-22 13:12 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\HPSSUPPLY
2009-06-22 13:10 . 2009-06-22 13:10 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Hewlett-Packard
2009-06-22 13:01 . 2009-06-22 13:01 -------- d-----w- c:\programmi\File comuni\Corel
2009-06-22 13:01 . 2009-06-22 12:05 -------- d-----w- c:\programmi\File comuni\InstallShield
2009-06-22 13:01 . 2009-06-22 13:01 -------- d-----w- c:\programmi\Corel
2009-06-22 12:59 . 2009-06-22 12:58 -------- d-----w- c:\documents and settings\Leon\Dati applicazioni\ArcSoft
2009-06-22 12:55 . 2009-06-22 12:55 -------- d-----w- c:\programmi\File comuni\ArcSoft
2009-06-22 12:55 . 2009-06-22 12:55 -------- d-----w- c:\programmi\ArcSoft
2009-06-22 12:54 . 2009-06-22 12:54 -------- d-----w- c:\programmi\Trust
2009-06-22 12:54 . 2009-06-22 12:54 -------- d-----w- c:\documents and settings\Leon\Dati applicazioni\InstallShield
2009-06-22 12:48 . 2009-06-22 12:48 -------- d-----w- c:\programmi\WIDCOMM
2009-06-22 12:41 . 2009-06-22 12:41 -------- d-----w- c:\programmi\Realtek AC97
2009-06-22 12:31 . 2009-06-22 12:31 -------- d-----w- c:\programmi\Pirelli
2009-06-22 12:31 . 2009-06-22 12:31 -------- d-----w- c:\programmi\Common Files
2009-06-22 12:31 . 2009-06-22 12:31 -------- d-----w- c:\programmi\Alice ti aiuta
2009-06-22 12:31 . 2009-06-22 12:31 -------- d-----w- c:\programmi\Motive
2009-06-22 12:31 . 2009-06-22 12:31 2232 ----a-w- c:\windows\java\Packages\Data\N1R1FBT7.DAT
2009-06-22 12:31 . 2009-06-22 12:31 155995 ----a-w- c:\windows\java\Packages\3RFBL3D7.ZIP
2009-06-22 12:31 . 2009-06-22 12:31 2678 ----a-w- c:\windows\java\Packages\Data\WXR5Z97P.DAT
2009-06-22 12:31 . 2009-06-22 12:31 2678 ----a-w- c:\windows\java\Packages\Data\4OI0S471.DAT
2009-06-22 12:31 . 2009-06-22 12:31 2678 ----a-w- c:\windows\java\Packages\Data\JRTFNTVT.DAT
2009-06-22 12:31 . 2009-06-22 12:31 2678 ----a-w- c:\windows\java\Packages\Data\GME5JB1N.DAT
2009-06-22 12:31 . 2009-06-22 12:31 2678 ----a-w- c:\windows\java\Packages\Data\B9RP7LRD.DAT
2009-06-22 12:30 . 2009-06-22 12:30 -------- d-----w- c:\programmi\Telecom Italia
2009-06-22 12:24 . 2009-06-22 12:24 -------- d-----w- c:\documents and settings\Leon\Dati applicazioni\Logitech
2009-06-22 12:22 . 2009-06-22 12:22 -------- d-----w- c:\programmi\File comuni\Logitech
2009-06-22 12:22 . 2009-06-22 12:22 -------- d-----w- c:\programmi\Logitech
2009-06-22 12:18 . 2009-06-22 12:17 -------- d-----w- c:\programmi\Ahead
2009-06-22 12:07 . 2009-06-22 12:07 -------- d-----w- c:\programmi\ATI Technologies
2009-06-22 11:55 . 2009-06-22 11:55 -------- d-----w- c:\programmi\microsoft frontpage
2009-06-22 11:53 . 2009-06-22 11:53 -------- d-----w- c:\programmi\Servizi in linea
2009-06-22 11:51 . 2009-06-22 11:51 21840 ----a-w- c:\windows\system32\emptyregdb.dat
2009-06-16 14:53 . 2004-08-19 12:00 82432 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:53 . 2004-08-19 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-11 19:36 . 2009-06-11 19:36 3771296 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\ui\plugins\npswf32.dll
2009-06-08 23:45 . 2009-06-08 23:45 271929 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\pixomatic.dll
2009-06-08 23:43 . 2009-06-08 23:43 4608 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\w9xpopen.exe
2009-06-08 23:43 . 2009-06-08 23:43 348160 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\MSVCR71.dll
2009-06-08 23:43 . 2009-06-08 23:43 327680 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\pythoncom25.dll
2009-06-08 23:43 . 2009-06-08 23:43 2113536 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\python25.dll
2009-06-08 23:43 . 2009-06-08 23:43 102400 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\pywintypes25.dll
2009-06-03 19:25 . 2004-08-19 12:00 1295872 ----a-w- c:\windows\system32\quartz.dll
2009-05-07 15:41 . 2004-08-19 12:00 346112 ----a-w- c:\windows\system32\localspl.dll
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-19 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"MSMSGS"="c:\programmi\Messenger\msmsgs.exe" [2004-08-19 1667584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-06-25 335872]
"NeroCheck"="c:\windows\system32\\NeroCheck.exe" [2001-07-09 155648]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"HP Software Update"="c:\programmi\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-06-22 148888]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"NeroFilterCheck"="c:\programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"Windows Defender"="c:\programmi\Windows Defender\MSASCui.exe" [2006-11-03 866584]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2006-11-17 577536]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360]
"DWQueuedReporting"="c:\progra~1\FILECO~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]

c:\documents and settings\Leon\Menu Avvio\Programmi\Esecuzione automatica\
IMVU.lnk - c:\documents and settings\Leon\Dati applicazioni\IMVUClient\IMVUClient.exe [2009-7-27 49920]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Gamma Loader.lnk - c:\programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2009-6-27 113664]
Alice ti aiuta.lnk - c:\programmi\Alice ti aiuta\bin\matcli.exe [2009-6-22 212992]
BTTray.lnk - c:\programmi\WIDCOMM\Software Bluetooth\BTTray.exe [2005-5-31 577597]
HP Digital Imaging Monitor.lnk - c:\programmi\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
Logitech SetPoint.lnk - c:\programmi\Logitech\SetPoint\SetPoint.exe [2009-6-22 450560]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\Leon\\Desktop\\emule.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [22/06/2009 16.05.56 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [22/06/2009 16.05.56 20560]
R2 WinDefend;Windows Defender;c:\programmi\Windows Defender\MsMpEng.exe [03/11/2006 19.19.58 13592]
R3 PAC7302;PAC7302 VGA USB Camera;c:\windows\system32\drivers\PAC7302.SYS [22/06/2009 14.54.31 457856]
S0 CanonDrv;CanonDrv;c:\windows\system32\Drivers\CanonDrv.sys --> c:\windows\system32\Drivers\CanonDrv.sys [?]

--- Altri Servizi/Drivers In Memoria ---

*Deregistered* - MBAMSwissArmy

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenuto della cartella 'Scheduled Tasks'

2009-08-01 c:\windows\Tasks\MP Scheduled Scan.job
- c:\programmi\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]

2009-07-31 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]

2009-08-01 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uInternet Settings,ProxyOverride = 127.0.0.1
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Invia a &Bluetooth - c:\programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Leon\Menu Avvio\Programmi\IMVU\Run IMVU.lnk
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-01 20:38
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\ð•€|ÿÿÿÿ.•€|þ»Ñw*]
"0140311900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
Ora fine scansione: 2009-08-01 20.41.16
ComboFix-quarantined-files.txt 2009-08-01 18:40

Pre-Run: 19.138.977.792 byte disponibili
Post-Run: 19.136.552.960 byte disponibili

242 --- E O F --- 2009-07-31 06:37

Fatto:

ComboFix 09-07-31.04 - Leon 02/08/2009 11.58.58.2.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.39.1040.18.383.120 [GMT 2:00]
Eseguito da: c:\documents and settings\Leon\Desktop\ComboFix.exe
Opzioni usate :: c:\documents and settings\Leon\Desktop\CFScript.txt
AV: avast! antivirus 4.8.1335 [VPS 090801-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!

FILE ::
"c:\windows\java\Packages\3RFBL3D7.ZIP"
"c:\windows\java\Packages\Data\4OI0S471.DAT"
"c:\windows\java\Packages\Data\B9RP7LRD.DAT"
"c:\windows\java\Packages\Data\GME5JB1N.DAT"
"c:\windows\java\Packages\Data\JRTFNTVT.DAT"
"c:\windows\java\Packages\Data\N1R1FBT7.DAT"
"c:\windows\java\Packages\Data\WXR5Z97P.DAT"
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\java\Packages\3RFBL3D7.ZIP
c:\windows\java\Packages\Data\4OI0S471.DAT
c:\windows\java\Packages\Data\B9RP7LRD.DAT
c:\windows\java\Packages\Data\GME5JB1N.DAT
c:\windows\java\Packages\Data\JRTFNTVT.DAT
c:\windows\java\Packages\Data\N1R1FBT7.DAT
c:\windows\java\Packages\Data\WXR5Z97P.DAT

.
((((((((((((((((((((((((( Files Creati Da 2009-07-02 al 2009-08-02 )))))))))))))))))))))))))))))))))))
.

2009-08-02 09:31 . 2009-08-02 09:31 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-08-01 18:15 . 2009-08-01 21:18 -------- d-----w- c:\documents and settings\Leon\Dati applicazioni\IMVU
2009-08-01 18:14 . 2009-08-01 18:14 82041 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\Uninstall.exe
2009-08-01 18:13 . 2009-08-01 18:14 -------- d-----w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient
2009-08-01 14:59 . 2009-08-01 14:59 -------- d-----w- c:\documents and settings\Leon\Dati applicazioni\nCleaner
2009-08-01 14:53 . 2009-08-01 14:53 -------- d-----w- c:\programmi\NKProds
2009-08-01 13:28 . 2009-08-01 13:28 -------- d-----w- c:\programmi\Trend Micro
2009-08-01 13:19 . 2009-08-01 13:19 -------- d-----w- c:\documents and settings\Leon\Dati applicazioni\Malwarebytes
2009-08-01 13:18 . 2009-07-13 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-01 13:18 . 2009-08-01 13:18 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-08-01 13:18 . 2009-07-13 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-08-01 13:18 . 2009-08-01 13:19 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2009-07-31 06:36 . 2009-07-31 06:36 -------- d-----w- c:\documents and settings\NetworkService\Impostazioni locali\Dati applicazioni\PCHealth
2009-07-30 20:19 . 2009-07-30 20:19 -------- d-----w- c:\windows\Sun
2009-07-27 18:14 . 2009-07-27 18:14 92192 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\IMVUupdater.exe
2009-07-27 18:14 . 2009-07-27 18:14 18688 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\imvuqualityagent.exe
2009-07-27 18:14 . 2009-07-27 18:14 49920 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\IMVUClient.exe
2009-07-27 18:08 . 2009-07-27 18:08 1249280 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\SceneWindow.dll
2009-07-27 18:08 . 2009-07-27 18:08 15872 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\MemoryHook.dll
2009-07-27 18:07 . 2009-07-27 18:07 296960 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\cal3d.dll
2009-07-27 18:07 . 2009-07-27 18:07 30720 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\CallStack.dll
2009-07-27 18:07 . 2009-07-27 18:07 257536 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\audiere.dll
2009-07-27 18:07 . 2009-07-27 18:07 192000 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\boost_python.dll
2009-07-21 08:23 . 2009-07-21 09:32 -------- d-----w- c:\documents and settings\Leon\Dati applicazioni\uTorrent
2009-07-17 14:08 . 2009-07-17 14:08 -------- d-----w- c:\documents and settings\Leon\Impostazioni locali\Dati applicazioni\Identities
2009-07-17 07:11 . 2009-07-17 07:11 -------- d-----w- c:\documents and settings\Leon\WINDOWS
2009-07-10 10:51 . 2009-07-10 10:51 4484 ----a-w- c:\windows\system32\drivers\cpuidlep.sys
2009-07-10 10:50 . 2009-07-10 18:47 -------- d-----w- c:\programmi\SpeedFan
2009-07-09 11:32 . 2009-07-09 11:32 -------- d-sh--w- c:\documents and settings\Leon\PrivacIE
2009-07-09 11:30 . 2009-07-09 11:30 -------- d-sh--w- c:\documents and settings\Leon\IETldCache
2009-07-09 11:25 . 2009-07-29 19:48 -------- d-----w- c:\windows\ie8updates
2009-07-09 09:31 . 2009-07-09 09:31 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Office Genuine Advantage
2009-07-09 09:28 . 2009-07-09 11:24 -------- dc-h--w- c:\windows\ie8
2009-07-09 09:22 . 2009-06-02 10:12 102912 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-07-09 09:22 . 2009-07-03 16:55 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-07-09 09:22 . 2009-07-03 16:55 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-07-09 09:19 . 2009-07-09 09:20 -------- d-----w- C:\b43c3b2f3175de090270c6c9ca
2009-07-09 09:13 . 2009-07-09 09:13 -------- d-----w- c:\programmi\Windows Defender
2009-07-09 08:09 . 2009-07-09 08:09 -------- d-----w- c:\programmi\AC3Filter
2009-07-03 14:18 . 2009-07-03 14:18 -------- d-----w- c:\documents and settings\Leon\Impostazioni locali\Dati applicazioni\Ahead
2009-07-03 14:14 . 2009-07-03 14:21 -------- d-----w- c:\documents and settings\Leon\Dati applicazioni\Ahead
2009-07-03 14:13 . 2009-07-03 14:13 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Ahead
2009-07-03 14:03 . 2009-07-03 14:10 -------- d-----w- c:\programmi\File comuni\Ahead
2009-07-03 14:03 . 2009-07-03 14:03 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Nero
2009-07-03 13:12 . 2009-07-03 13:17 -------- d-----w- C:\DVDTemp
2009-07-03 13:11 . 2008-10-10 16:25 7680 ----a-w- c:\windows\system32\ff_vfw.dll
2009-07-03 13:11 . 2008-10-04 08:22 60273 ----a-w- c:\windows\system32\pthreadGC2.dll
2009-07-03 13:11 . 2009-07-03 13:11 -------- d-----w- c:\programmi\ffdshow
2009-07-03 13:10 . 2009-07-11 06:20 -------- d-----w- c:\programmi\Free DVD Creator
2009-07-03 12:31 . 2009-07-03 12:31 -------- d-----w- c:\documents and settings\Leon\Dati applicazioni\InfraRecorder
2009-07-03 12:08 . 2009-07-03 12:12 -------- d-----w- c:\programmi\Elaborate Bytes
2009-07-03 11:18 . 2009-07-03 11:18 -------- d-----w- c:\programmi\AskTBar
2009-07-03 11:00 . 2009-07-03 11:00 -------- d-----w- c:\programmi\Nero
2009-07-03 10:36 . 2009-07-03 10:36 -------- d-----w- c:\documents and settings\Leon\Dati applicazioni\AVS4YOU
2009-07-03 10:36 . 2009-07-03 10:36 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\AVS4YOU
2009-07-03 10:35 . 2009-07-03 10:35 -------- d-----w- c:\documents and settings\Leon\Dati applicazioni\FinalBurner Video DVD
2009-07-03 10:34 . 2009-07-03 10:35 -------- d-----w- C:\finalburner
2009-07-03 10:30 . 2009-07-03 10:42 -------- d-----w- c:\programmi\AVS4YOU
2009-07-03 10:30 . 2009-07-03 10:42 -------- d-----w- c:\programmi\File comuni\AVSMedia
2009-07-03 10:30 . 2003-05-21 11:50 24576 ----a-w- c:\windows\system32\msxml3a.dll
2009-07-03 10:30 . 2002-01-05 14:48 974848 ----a-w- c:\windows\system32\mfc70.dll
2009-07-03 10:30 . 2002-01-05 13:40 487424 ----a-w- c:\windows\system32\msvcp70.dll
2009-07-03 10:30 . 2002-01-05 01:37 344064 ----a-w- c:\windows\system32\msvcr70.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-01 13:45 . 2009-06-30 19:39 -------- d-----w- c:\programmi\Yahoo!
2009-07-03 16:55 . 2004-08-19 12:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-03 07:21 . 2009-07-03 07:21 -------- d-----w- c:\programmi\Windows Media Connect 2
2009-07-02 08:25 . 2004-08-19 12:00 48568 ----a-w- c:\windows\system32\perfc010.dat
2009-07-02 08:25 . 2004-08-19 12:00 347866 ----a-w- c:\windows\system32\perfh010.dat
2009-07-01 12:06 . 2009-06-22 13:06 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\WinZip
2009-06-30 19:40 . 2009-06-30 19:39 -------- d-----w- c:\programmi\CCleaner
2009-06-30 19:39 . 2009-06-30 19:39 -------- d-----w- c:\documents and settings\Leon\Dati applicazioni\Yahoo!
2009-06-28 17:52 . 2009-06-22 13:51 26600 ----a-w- c:\documents and settings\Leon\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-06-27 19:24 . 2009-06-27 19:23 -------- d-----w- c:\programmi\File comuni\Adobe
2009-06-27 19:23 . 2009-06-22 12:06 -------- d--h--w- c:\programmi\InstallShield Installation Information
2009-06-24 21:24 . 2009-06-24 21:24 -------- d-----w- c:\programmi\MSXML 4.0
2009-06-24 21:24 . 2009-06-22 19:29 -------- d-----w- c:\programmi\VS Revo Group
2009-06-23 14:07 . 2009-06-22 11:54 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-06-22 19:56 . 2009-06-22 19:56 -------- d-----w- c:\programmi\Microsoft
2009-06-22 19:56 . 2009-06-22 19:55 -------- d-----w- c:\programmi\Windows Live
2009-06-22 19:55 . 2009-06-22 19:55 -------- d-----w- c:\programmi\Windows Live SkyDrive
2009-06-22 19:49 . 2009-06-22 19:49 -------- d-----w- c:\programmi\File comuni\Windows Live
2009-06-22 14:05 . 2009-06-22 14:05 -------- d-----w- c:\programmi\Alwil Software
2009-06-22 13:17 . 2009-06-22 13:17 -------- d-----w- c:\documents and settings\Leon\Dati applicazioni\Corel
2009-06-22 13:17 . 2009-06-22 13:17 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-06-22 13:17 . 2009-06-22 13:17 -------- d-----w- c:\programmi\Java
2009-06-22 13:17 . 2009-06-22 13:17 152576 ----a-w- c:\documents and settings\Leon\Dati applicazioni\Sun\Java\jre1.6.0_14\lzma.dll
2009-06-22 13:13 . 2009-06-22 13:13 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\WEBREG
2009-06-22 13:13 . 2009-06-22 13:08 140342 ----a-w- c:\windows\HPHins13.dat
2009-06-22 13:13 . 2009-06-22 13:13 -------- d-----w- c:\documents and settings\Leon\Dati applicazioni\HP
2009-06-22 13:13 . 2009-06-22 13:12 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\HP
2009-06-22 13:13 . 2009-06-22 13:11 -------- d-----w- c:\programmi\File comuni\HP
2009-06-22 13:13 . 2009-06-22 13:09 -------- d-----w- c:\programmi\HP
2009-06-22 13:12 . 2009-06-22 13:12 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\HPSSUPPLY
2009-06-22 13:10 . 2009-06-22 13:10 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Hewlett-Packard
2009-06-22 13:01 . 2009-06-22 13:01 -------- d-----w- c:\programmi\File comuni\Corel
2009-06-22 13:01 . 2009-06-22 12:05 -------- d-----w- c:\programmi\File comuni\InstallShield
2009-06-22 13:01 . 2009-06-22 13:01 -------- d-----w- c:\programmi\Corel
2009-06-22 12:59 . 2009-06-22 12:58 -------- d-----w- c:\documents and settings\Leon\Dati applicazioni\ArcSoft
2009-06-22 12:55 . 2009-06-22 12:55 -------- d-----w- c:\programmi\File comuni\ArcSoft
2009-06-22 12:55 . 2009-06-22 12:55 -------- d-----w- c:\programmi\ArcSoft
2009-06-22 12:54 . 2009-06-22 12:54 -------- d-----w- c:\programmi\Trust
2009-06-22 12:54 . 2009-06-22 12:54 -------- d-----w- c:\documents and settings\Leon\Dati applicazioni\InstallShield
2009-06-22 12:48 . 2009-06-22 12:48 -------- d-----w- c:\programmi\WIDCOMM
2009-06-22 12:41 . 2009-06-22 12:41 -------- d-----w- c:\programmi\Realtek AC97
2009-06-22 12:31 . 2009-06-22 12:31 -------- d-----w- c:\programmi\Pirelli
2009-06-22 12:31 . 2009-06-22 12:31 -------- d-----w- c:\programmi\Common Files
2009-06-22 12:31 . 2009-06-22 12:31 -------- d-----w- c:\programmi\Alice ti aiuta
2009-06-22 12:31 . 2009-06-22 12:31 -------- d-----w- c:\programmi\Motive
2009-06-22 12:30 . 2009-06-22 12:30 -------- d-----w- c:\programmi\Telecom Italia
2009-06-22 12:24 . 2009-06-22 12:24 -------- d-----w- c:\documents and settings\Leon\Dati applicazioni\Logitech
2009-06-22 12:22 . 2009-06-22 12:22 -------- d-----w- c:\programmi\File comuni\Logitech
2009-06-22 12:22 . 2009-06-22 12:22 -------- d-----w- c:\programmi\Logitech
2009-06-22 12:18 . 2009-06-22 12:17 -------- d-----w- c:\programmi\Ahead
2009-06-22 12:07 . 2009-06-22 12:07 -------- d-----w- c:\programmi\ATI Technologies
2009-06-22 11:55 . 2009-06-22 11:55 -------- d-----w- c:\programmi\microsoft frontpage
2009-06-22 11:53 . 2009-06-22 11:53 -------- d-----w- c:\programmi\Servizi in linea
2009-06-22 11:51 . 2009-06-22 11:51 21840 ----a-w- c:\windows\system32\emptyregdb.dat
2009-06-16 14:53 . 2004-08-19 12:00 82432 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:53 . 2004-08-19 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-11 19:36 . 2009-06-11 19:36 3771296 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\ui\plugins\npswf32.dll
2009-06-08 23:45 . 2009-06-08 23:45 271929 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\pixomatic.dll
2009-06-08 23:43 . 2009-06-08 23:43 4608 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\w9xpopen.exe
2009-06-08 23:43 . 2009-06-08 23:43 348160 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\MSVCR71.dll
2009-06-08 23:43 . 2009-06-08 23:43 327680 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\pythoncom25.dll
2009-06-08 23:43 . 2009-06-08 23:43 2113536 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\python25.dll
2009-06-08 23:43 . 2009-06-08 23:43 102400 ----a-w- c:\documents and settings\Leon\Dati applicazioni\IMVUClient\pywintypes25.dll
2009-06-03 19:25 . 2004-08-19 12:00 1295872 ----a-w- c:\windows\system32\quartz.dll
2009-05-07 15:41 . 2004-08-19 12:00 346112 ----a-w- c:\windows\system32\localspl.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-08-01_18.38.20 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-08-02 10:08 . 2009-08-02 10:08 16384 c:\windows\Temp\Perflib_Perfdata_670.dat
+ 2009-08-02 10:08 . 2009-08-02 10:08 16384 c:\windows\Temp\Perflib_Perfdata_5e4.dat
+ 2009-08-02 09:30 . 2009-08-02 09:30 16384 c:\windows\Temp\Perflib_Perfdata_5c0.dat
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-19 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"MSMSGS"="c:\programmi\Messenger\msmsgs.exe" [2004-08-19 1667584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-06-25 335872]
"NeroCheck"="c:\windows\system32\\NeroCheck.exe" [2001-07-09 155648]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"HP Software Update"="c:\programmi\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-06-22 148888]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"NeroFilterCheck"="c:\programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"Windows Defender"="c:\programmi\Windows Defender\MSASCui.exe" [2006-11-03 866584]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2006-11-17 577536]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360]
"DWQueuedReporting"="c:\progra~1\FILECO~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Gamma Loader.lnk - c:\programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2009-6-27 113664]
Alice ti aiuta.lnk - c:\programmi\Alice ti aiuta\bin\matcli.exe [2009-6-22 212992]
BTTray.lnk - c:\programmi\WIDCOMM\Software Bluetooth\BTTray.exe [2005-5-31 577597]
HP Digital Imaging Monitor.lnk - c:\programmi\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
Logitech SetPoint.lnk - c:\programmi\Logitech\SetPoint\SetPoint.exe [2009-6-22 450560]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\Leon\\Desktop\\emule.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [22/06/2009 16.05.56 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [22/06/2009 16.05.56 20560]
R2 WinDefend;Windows Defender;c:\programmi\Windows Defender\MsMpEng.exe [03/11/2006 19.19.58 13592]
R3 PAC7302;PAC7302 VGA USB Camera;c:\windows\system32\drivers\PAC7302.SYS [22/06/2009 14.54.31 457856]
S0 CanonDrv;CanonDrv;c:\windows\system32\Drivers\CanonDrv.sys --> c:\windows\system32\Drivers\CanonDrv.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenuto della cartella 'Scheduled Tasks'

2009-08-02 c:\windows\Tasks\MP Scheduled Scan.job
- c:\programmi\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]

2009-08-02 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]

2009-08-02 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uInternet Settings,ProxyOverride = 127.0.0.1
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Invia a &Bluetooth - c:\programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Leon\Menu Avvio\Programmi\IMVU\Run IMVU.lnk
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-02 12:09
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\ð•€|ÿÿÿÿ.•€|þ»Ñw*]
"0140311900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(680)
c:\windows\system32\COMRes.dll

- - - - - - - > 'explorer.exe'(2744)
c:\windows\system32\WININET.dll
c:\programmi\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\Alwil Software\Avast4\aswUpdSv.exe
c:\programmi\Alwil Software\Avast4\ashServ.exe
c:\programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\File comuni\Ahead\Lib\NMIndexingService.exe
c:\programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
c:\programmi\Alice ti aiuta\bin\mpbtn.exe
c:\programmi\File comuni\Logitech\KHAL\KHALMNPR.EXE
c:\progra~1\WIDCOMM\SOFTWA~1\BTSTAC~1.EXE
c:\programmi\HP\Digital Imaging\bin\hpqste08.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Ora fine scansione: 2009-08-02 12.23.09 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2009-08-02 10:23
ComboFix2.txt 2009-08-01 18:41

Pre-Run: 13.924.188.160 byte disponibili
Post-Run: 13.920.038.912 byte disponibili

278 --- E O F --- 2009-07-31 06:37

Non mi sembra piu di avere la asktbar..in tal caso dimmi come eliminarla, ho cancellato quella cartella che mi hai detto e che non conoscevo, ho fatto pulizia con ccleaner e questo è il log di hijack..

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13.17.32, on 02/08/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\PixArt\PAC7302\Monitor.exe
C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmi\Logitech\SetPoint\SetPoint.exe
C:\Programmi\Alice ti aiuta\bin\mpbtn.exe
C:\Programmi\File comuni\Logitech\KHAL\KHALMNPR.EXE
C:\PROGRA~1\WIDCOMM\SOFTWA~1\BTSTAC~1.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\explorer.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\Programmi\Corel\Corel Graphics 12\PROGRAMS\CORELDRW.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: HP Smart Web Printing 1.0 - {AE84A6AA-A333-4B92-B276-C11E2212E4FE} - C:\Programmi\HP\Smart Web Printing\SmartWebPrinting.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Programmi\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FILECO~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmi\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Leon\Menu Avvio\Programmi\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{2D19145B-C34A-4E53-8560-193917AC37B3}: NameServer = 85.37.17.11 85.38.28.69
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe

--
End of file - 7306 bytes

Fatto..è tutto apposto adesso? Ti volevo chiedere un ultima cosa, come faccio a togliere tutti i programmi all'avvio quando accendo il pc..perchè mi rallentano. Grazie per avermi assistito e per la tua disponibilità, ti posto il reporter:

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Folder "C:\Programmi\AskTBar" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.