Il pc è quello della scuola,l'ho portato a casa per ripulirlo da virus. Non c'è una connessione internet a scuola ma le varie chiavette che vengono collegate non sono evidentemente sempre "pulite". Ho messo antivirus,usato ccleaner,malwarebytes,fatto scansioni e altre pulizie possibili. Rimane comunque un po' lento e non sono sicura che sia del tutto ripulito. Di seguito i log,non allego quello di malwarebytes perchè risulta pulito. In ccleaner,registro la stessa chiave mi si ripresenta ad ogni scansione nonostante venga regolarmente cancellata.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17.39.03, on 06/09/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17080)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmi\OpenOffice.org 3\program\soffice.exe
C:\Programmi\OpenOffice.org 3\program\soffice.bin
C:\Acer\Empowering Technology\eLock\Monitor\LockMon.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Programmi\Avira\AntiVir Desktop\avguard.exe
C:\Programmi\Java\jre6\bin\jqs.exe
c:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [AdminWorks Tray] "C:\Acer\LANScope Agent\awtray.exe"
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [ntiMUI] c:\Programmi\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [Device Detector] "C:\Programmi\File comuni\ACD Systems\IT\DevDetect.exe" -autorun
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Programmi\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Programmi\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 5998 bytes


ComboFix 10-09-03.01 - scuola 06/09/2010 17.41.59.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.383.122 [GMT 2:00]
Eseguito da: c:\documents and settings\scuola\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {00000002-0002-0000-6C25-9E7C08000A00}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((( Files Creati Da 2010-08-06 al 2010-09-06 )))))))))))))))))))))))))))))))))))
.

2010-09-03 23:12 . 2010-09-03 23:12 503808 ----a-w- c:\documents and settings\scuola\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-615bf25b-n\msvcp71.dll
2010-09-03 23:12 . 2010-09-03 23:12 499712 ----a-w- c:\documents and settings\scuola\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-615bf25b-n\jmc.dll
2010-09-03 23:12 . 2010-09-03 23:12 12800 ----a-w- c:\documents and settings\scuola\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-1ef3e110-n\decora-d3d.dll
2010-09-03 23:12 . 2010-09-03 23:12 348160 ----a-w- c:\documents and settings\scuola\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-615bf25b-n\msvcr71.dll
2010-09-03 23:12 . 2010-09-03 23:12 61440 ----a-w- c:\documents and settings\scuola\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-1ef3e110-n\decora-sse.dll
2010-09-03 22:43 . 2010-09-03 22:43 388096 ----a-r- c:\documents and settings\scuola\Dati applicazioni\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-09-03 22:43 . 2010-09-03 22:43 -------- d-----w- c:\programmi\Trend Micro
2010-09-03 21:49 . 2010-09-03 21:49 1 ----a-w- c:\documents and settings\scuola\Dati applicazioni\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-09-03 21:49 . 2010-09-03 21:49 -------- d-----w- c:\documents and settings\scuola\Dati applicazioni\OpenOffice.org
2010-09-03 21:23 . 2010-09-03 21:23 -------- d-----w- c:\programmi\JRE
2010-09-03 21:19 . 2010-09-03 21:22 -------- d-----w- c:\programmi\OpenOffice.org 3
2010-09-03 21:18 . 2010-09-03 21:17 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-03 20:58 . 2009-11-25 10:19 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-09-03 20:58 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-09-03 20:58 . 2009-02-13 10:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-09-03 20:58 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-09-03 20:58 . 2010-09-03 20:58 -------- d-----w- c:\programmi\Avira
2010-09-03 20:58 . 2010-09-03 20:58 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Avira
2010-09-03 20:49 . 2010-09-03 22:16 -------- d-----w- c:\programmi\CCleaner
2010-09-03 20:29 . 2010-09-03 20:29 -------- d-----w- c:\documents and settings\scuola\Dati applicazioni\VSRevoGroup
2010-09-03 20:10 . 2010-09-03 20:10 -------- d-----w- c:\programmi\VS Revo Group
2010-09-03 15:50 . 2009-11-21 15:54 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-09-03 15:50 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-09-03 15:49 . 2009-10-15 16:29 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-09-03 15:49 . 2009-10-15 16:29 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-09-03 15:48 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2010-09-03 15:48 . 2009-03-06 14:19 286208 -c----w- c:\windows\system32\dllcache\pdh.dll
2010-09-03 15:48 . 2009-02-09 11:22 111104 -c----w- c:\windows\system32\dllcache\services.exe
2010-09-03 15:48 . 2009-02-09 10:51 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2010-09-03 15:48 . 2009-02-09 10:51 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2010-09-03 15:48 . 2009-02-09 10:51 683520 -c----w- c:\windows\system32\dllcache\advapi32.dll
2010-09-03 15:48 . 2009-02-09 10:51 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-09-03 15:48 . 2009-02-09 10:51 736256 -c----w- c:\windows\system32\dllcache\ntdll.dll
2010-09-03 15:48 . 2009-06-21 21:47 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2010-09-03 15:46 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-09-03 15:45 . 2010-06-18 13:36 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2010-09-03 15:45 . 2008-04-21 21:14 219136 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-09-03 11:18 . 2010-09-03 11:18 -------- d-----w- c:\documents and settings\scuola\Dati applicazioni\Malwarebytes
2010-09-03 11:17 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-03 11:17 . 2010-09-03 11:17 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2010-09-03 11:17 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-09-03 11:17 . 2010-09-03 11:17 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2010-09-03 10:47 . 2010-09-03 20:21 -------- d-----w- c:\windows\Motive
2010-09-03 10:47 . 2010-09-03 10:47 -------- d-----w- c:\programmi\File comuni\Motive
2010-09-03 10:47 . 2010-09-03 10:47 -------- d-----w- c:\programmi\Common Files
2010-09-03 10:44 . 2010-09-03 11:12 -------- d-----w- c:\programmi\Telecom Italia
2010-09-01 13:29 . 2010-09-03 22:15 1184872 ----a-w- c:\programmi\ccsetup235_slim.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-03 23:10 . 2006-08-11 21:11 95968 ----a-w- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-09-03 21:45 . 2007-01-23 13:54 -------- d-----w- c:\programmi\Microsoft.NET
2010-09-03 21:19 . 2006-12-04 21:04 -------- d-----w- c:\programmi\File comuni\Java
2010-09-03 21:16 . 2006-12-04 21:04 -------- d-----w- c:\programmi\Java
2010-09-03 20:49 . 2009-03-09 13:50 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2010-09-03 20:40 . 2009-03-09 14:33 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft
2010-09-03 20:40 . 2008-02-18 13:16 -------- d-----w- c:\programmi\File comuni\Wise Installation Wizard
2010-09-03 20:19 . 2009-03-10 09:02 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\avg8
2010-09-03 17:34 . 2006-08-08 19:17 64872 ----a-w- c:\windows\system32\perfc010.dat
2010-09-03 17:34 . 2006-08-08 19:17 429538 ----a-w- c:\windows\system32\perfh010.dat
2010-09-03 16:48 . 2009-03-09 13:50 -------- d-----w- c:\programmi\Spybot - Search & Destroy
2010-09-03 10:46 . 2010-09-03 10:46 2232 ----a-w- c:\windows\java\Packages\Data\7TB1ZDN9.DAT
2010-09-03 10:46 . 2010-09-03 10:46 155995 ----a-w- c:\windows\java\Packages\4DN1BFJ3.ZIP
2010-09-03 10:45 . 2010-09-03 10:45 2678 ----a-w- c:\windows\java\Packages\Data\1JN7B1RD.DAT
2010-09-03 10:45 . 2010-09-03 10:45 2678 ----a-w- c:\windows\java\Packages\Data\93VZVNX7.DAT
2010-09-03 10:45 . 2010-09-03 10:45 2678 ----a-w- c:\windows\java\Packages\Data\2DB5RBRP.DAT
2010-09-03 10:45 . 2010-09-03 10:45 2678 ----a-w- c:\windows\java\Packages\Data\EQSLJRXJ.DAT
2010-09-03 10:45 . 2010-09-03 10:45 2678 ----a-w- c:\windows\java\Packages\Data\8U9ZHJ1J.DAT
2010-09-03 10:45 . 2006-08-08 19:22 -------- d--h--w- c:\programmi\InstallShield Installation Information
2010-06-30 12:31 . 2004-08-19 05:00 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:15 . 2006-03-04 04:00 832512 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 12:15 . 2004-08-19 05:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-06-24 12:15 . 2004-08-19 05:00 17408 ----a-w- c:\windows\system32\corpol.dll
2010-06-24 09:02 . 2005-10-06 03:08 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2005-05-10 00:17 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2004-08-19 05:00 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2004-08-19 05:00 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:41 . 2004-08-19 05:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-09-03_22.38.54 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-08-15 22:01 . 2006-08-15 22:01 16384 c:\windows\temp\Perflib_Perfdata_53c.dat
+ 2008-09-05 22:30 . 2009-03-10 20:18 970112 c:\windows\system32\WgaTray.exe
+ 2008-09-05 22:30 . 2009-03-10 20:18 265088 c:\windows\system32\WgaLogon.dll
+ 2006-08-11 21:07 . 2010-09-03 23:06 341032 c:\windows\system32\FNTCACHE.DAT
+ 2008-09-05 22:30 . 2009-03-10 20:18 970112 c:\windows\system32\dllcache\WgaTray.exe
+ 2008-09-05 22:30 . 2009-03-10 20:18 265088 c:\windows\system32\dllcache\wgaLogon.dll
+ 2008-03-20 17:06 . 2009-03-10 20:18 1482112 c:\windows\system32\LegitCheckControl.dll
+ 2010-09-03 22:43 . 2010-09-03 22:43 1094656 c:\windows\Installer\654f60.msi
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-19 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-19 455168]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-19 59392]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-19 208952]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-06-01 413696]
"eLockMonitor"="c:\acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe" [2006-03-31 16384]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2006-03-17 345088]
"AdminWorks Tray"="c:\acer\LANScope Agent\awtray.exe" [2006-04-17 1301504]
"Acer Empowering Technology Monitor"="c:\windows\system32\SysMonitor.exe" [2006-04-18 49152]
"ntiMUI"="c:\programmi\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 45056]
"Device Detector"="c:\programmi\File comuni\ACD Systems\IT\DevDetect.exe" [2004-09-02 225280]
"avgnt"="c:\programmi\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2010-02-18 248040]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

c:\documents and settings\scuola\Menu Avvio\Programmi\Esecuzione automatica\
OpenOffice.org 3.2.lnk - c:\programmi\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Acer WLAN 11g USB Dongle.lnk - c:\programmi\Acer WLAN 11g USB Dongle\ZDWlan.exe [2005-11-16 745472]
HP Digital Imaging Monitor.lnk - c:\programmi\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchApp]
Alaunch [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\zzzHPSETUP]
e:\setup.exe \RESET [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 18:43 69632 ----a-w- c:\windows\Alcmtr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2006-06-01 16:48 16208384 ----a-w- c:\windows\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 18:04 2879488 ----a-w- c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ose"=3 (0x3)
"MDM"=2 (0x2)
"LockServ"=2 (0x2)
"IDriverT"=3 (0x3)
"AWService"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Programmi\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9999:UDP"= 9999:UDP:AdminWorks UDP Port
"2804:TCP"= 2804:TCP:AdminWorks TCP Port

S3 PentaxUsb;PENTAX Optio E10 on USB;c:\windows\system32\drivers\CoachUsb.sys [18/02/2008 14.29.23 50976]
S3 PentaxVc;PENTAX Optio E10 Video Capture;c:\windows\system32\drivers\CoachVc.sys [18/02/2008 14.29.24 44256]
S4 LockServ;LockServ;c:\acer\Empowering Technology\eLock\LockServ.exe -p --> c:\acer\Empowering Technology\eLock\LockServ.exe -p [?]
.
.
------- Scansione supplementare -------
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = 127.0.0.1
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-06 17:47
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(728)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(1688)
c:\windows\system32\WININET.dll
c:\windows\system32\MSNCHATHOOK.DLL
c:\windows\system32\sysenv.dll
c:\windows\system32\CryptoAPI.dll
c:\windows\system32\MFC71U.DLL
.
Ora fine scansione: 2010-09-06 17:49:52
ComboFix-quarantined-files.txt 2010-09-06 15:49
ComboFix2.txt 2010-09-03 23:30

Pre-Run: 24.555.540.480 byte disponibili
Post-Run: 24.542.412.800 byte disponibili

- - End Of File - - 415CD43174E30337E6FFB65A9CE83D61

.per le pulizie disattiva il punto di ripristino e vai in modalita provvisoria..

lentezza del pc vedo istallata una rete wlan usb.. ci può satre ... +-

.... lavorate molto con documenti open office ?
......................... per le scuole è sempre meglio fare una immagine del disco ! :O)

---

ecco la chiave che mi appare ad ogni scansione di ccleaner,ho provato a cancellarla dal registro ma mi viene negata la cancellazione.

Estensione file non usata {80b8c23c-16e0-4cd8-bbc3-cecec9a78b79} HKCR\{80b8c23c-16e0-4cd8-bbc3-cecec9a78b79}

per Kobold: sono d'accordo ma come? si può solo contare sulla prevenzione dei singoli ma come vedi....

Cbbusto: ho già fatto la deframmentazione e rimosso i programmi che conosco e che non servono all'avvio, non so se posso toglierne altri.Ciao e bentornato

Mao: è una scuola,è ovvio che i programmi di scrittura,calcolo ecc. siano indispensabili

Thepiratebay: le pulizie le ho già fatte è un occhio e un parere esperto dei log che mi serve,la lentezza a cui mi riferisco è quella del pc in sè non in internet,fra l'altro non ho una connessione a 56K ma una ADSL a 7 mega.

@francesca64 ........... Mao: è una scuola,è ovvio che i programmi di scrittura,calcolo ecc. siano indispensabili ....

questo può essere anche vero ! .... ma lavora bene chi ha le idee chiare ! quindi una domanda in più non mi può far commettere qualche errore che per il tuo pc può essere determinante .... grazie :O)

vai a scaricarti il download .... lo installi .... non installare nessuna toolbar .... non tocchi nulla lascialo impostato così come è .... pulisci tutto ..... elimina solo i verdi ..... mettili nel cestino spegni e riaccendi .... e dovrebbe andare meglio !

http://www.brothersoft.com/d.php?soft_id=60675&url=http%3A%2F%2Fwww.wisecleaner.com%2Fsoft%2FWDCFree.exe

ciao e buon lavoro :O)


@panchoz + @francesca

si tratta di un errore di avira ..... dalla 8 alla 9 ( http://forum.avira.com/wbb/index.php?page=Thread&threadID=85175 )

comunque ,,,, disinstallare avira .... pulire ..... spegnere e riaccendere .... rinstallare avira ed aggiornarlo :O)

---

parto da un dato di fatto ovvero , i programmi che il pc carica:

---

---

---

--> \Adobe\Acrobat 7.0

---

altro prog che può creare lentezza : SPYBOT

---

bye

Già provato e... riprovato!!

Mao, lascia perdere a fare l'Esperto.

:::::::::::::::::::::::::::::::::::::::::::::::::::::: ??????

---