Dopo l'utilizzo di Malwarebytes ecco il Log.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Versione database: 4220

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

21/06/2010 17.53.54
mbam-log-2010-06-21 (17-53-54).txt

Tipo di scansione: Scansione completa (C:\|)
Elementi esaminati: 191932
Tempo trascorso: 2 ore, 23 minuti, 57 secondi

Processi infetti in memoria: 0
Moduli di memoria infetti: 0
Chiavi di registro infette: 4
Valori di registro infetti: 0
Voci infette nei dati di registro: 0
Cartelle infette: 5
File infetti: 11

Processi infetti in memoria:
(Non sono stati rilevati elementi nocivi)

Moduli di memoria infetti:
(Non sono stati rilevati elementi nocivi)

Chiavi di registro infette:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntiVirus) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{db893839-10f0-4af9-92fa-b23528f530af} (Trojan.Dialer) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\AdwareAlert (Rogue.AdwareAlert) -> No action taken.

Valori di registro infetti:
(Non sono stati rilevati elementi nocivi)

Voci infette nei dati di registro:
(Non sono stati rilevati elementi nocivi)

Cartelle infette:
C:\Programmi\AdwareAlert (Rogue.AdwareAlert) -> No action taken.
C:\Programmi\AdwareAlert\Log (Rogue.AdwareAlert) -> No action taken.
C:\Programmi\AdwareAlert\Quarantine (Rogue.AdwareAlert) -> No action taken.
C:\Programmi\AdwareAlert\Registry Backups (Rogue.AdwareAlert) -> No action taken.
C:\Programmi\AdwareAlert\Settings (Rogue.AdwareAlert) -> No action taken.

File infetti:
C:\Programmi\AdwareAlert\adwarealert.exe (Rogue.AdwareAlert) -> No action taken.
C:\Programmi\AdwareAlert\DataBaseNew.ref (Rogue.AdwareAlert) -> No action taken.
C:\Programmi\AdwareAlert\Log\log_2006_11_25_16_53_43.log (Rogue.AdwareAlert) -> No action taken.
C:\Programmi\AdwareAlert\Log\log_2006_11_25_16_53_44.log (Rogue.AdwareAlert) -> No action taken.
C:\Programmi\AdwareAlert\Settings\CustomScan.stg (Rogue.AdwareAlert) -> No action taken.
C:\Programmi\AdwareAlert\Settings\IgnoreList.stg (Rogue.AdwareAlert) -> No action taken.
C:\Programmi\AdwareAlert\Settings\ScanInfo.stg (Rogue.AdwareAlert) -> No action taken.
C:\Programmi\AdwareAlert\Settings\ScanResults.stg (Rogue.AdwareAlert) -> No action taken.
C:\Programmi\AdwareAlert\Settings\SelectedFolders.stg (Rogue.AdwareAlert) -> No action taken.
C:\Programmi\AdwareAlert\Settings\Settings.stg (Rogue.AdwareAlert) -> No action taken.
C:\Documents and Settings\genwin\Installer.exe (Trojan.Dropper) -> No action taken.

Log di ComboFix

ComboFix 10-06-20.06 - massimilianopc 21/06/2010 18.43.34.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.479.133 [GMT 2:00]
Eseguito da: c:\documents and settings\massimilianopc\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {00000002-0002-0000-7C25-9E7C08000A00}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {00000002-0002-0000-3C24-9E7C08000A00}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {804E5358-FFA4-00EB-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {804E5358-FFA4-00DA-0D24-347CA8A3377C}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\genwin\ATLANTIS.EXE
c:\documents and settings\genwin\Atlantis_Installazione.exe
c:\documents and settings\genwin\atlantis_update.exe
c:\documents and settings\genwin\cassa.exe
c:\documents and settings\genwin\consenso.exe
c:\documents and settings\genwin\contabilizza.exe
c:\documents and settings\genwin\dragedit.exe
c:\documents and settings\genwin\genera.exe
c:\documents and settings\genwin\help.exe
c:\documents and settings\genwin\immagine.exe
c:\documents and settings\genwin\infodati.exe
c:\documents and settings\genwin\LANCIA.EXE
c:\documents and settings\genwin\mailer.exe
c:\documents and settings\genwin\offerte.exe
c:\documents and settings\genwin\operaz.exe
c:\documents and settings\genwin\pn.exe
c:\documents and settings\genwin\prevent.exe
c:\documents and settings\genwin\SENDMAIL.EXE
c:\documents and settings\genwin\stetic.exe
c:\documents and settings\genwin\testi.edi
c:\documents and settings\genwin\upload.exe
c:\documents and settings\genwin\vendita.exe
c:\documents and settings\genwin\venditau.exe
c:\documents and settings\genwin\webmanag.exe
c:\windows\command
c:\windows\desktop
c:\windows\system\Color
c:\windows\system32\csftxctl.ocx

.
((((((((((((((((((((((((( Files Creati Da 2010-05-21 al 2010-06-21 )))))))))))))))))))))))))))))))))))
.

2010-06-21 13:27 . 2010-06-21 13:27 -------- d-----w- c:\documents and settings\massimilianopc\Dati applicazioni\Malwarebytes
2010-06-21 13:27 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-21 13:27 . 2010-06-21 13:27 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2010-06-21 13:27 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-21 13:27 . 2010-06-21 13:27 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2010-06-21 07:40 . 2010-06-21 07:44 -------- dc-h--w- c:\windows\ie8
2010-06-21 07:37 . 2010-05-06 10:32 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-06-03 08:25 . 2010-06-03 08:25 -------- d-----w- c:\documents and settings\massimilianopc\Dati applicazioni\SendBlaster2
2010-06-03 08:03 . 2010-06-03 08:03 -------- d-----w- c:\documents and settings\massimilianopc\Dati applicazioni\FIXIO PC Utilities
2010-06-03 07:53 . 2010-06-03 07:53 -------- d-----w- c:\programmi\FIXIO PC Utilities
2010-06-03 07:43 . 2010-06-03 07:49 -------- d-----w- c:\documents and settings\massimilianopc\Dati applicazioni\OfferBox
2010-05-27 07:26 . 2010-05-27 07:26 503808 ----a-w- c:\documents and settings\massimilianopc\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-532bb24b-n\msvcp71.dll
2010-05-27 07:26 . 2010-05-27 07:26 499712 ----a-w- c:\documents and settings\massimilianopc\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-532bb24b-n\jmc.dll
2010-05-27 07:26 . 2010-05-27 07:26 348160 ----a-w- c:\documents and settings\massimilianopc\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-532bb24b-n\msvcr71.dll
2010-05-27 07:26 . 2010-05-27 07:26 12800 ----a-w- c:\documents and settings\massimilianopc\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-686c29e9-n\decora-d3d.dll
2010-05-27 07:26 . 2010-05-27 07:26 61440 ----a-w- c:\documents and settings\massimilianopc\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-686c29e9-n\decora-sse.dll
2010-05-25 08:50 . 2010-05-25 08:50 -------- d-----w- c:\documents and settings\massimilianopc\Dati applicazioni\Yahoo!
2010-05-25 08:50 . 2010-05-25 08:50 -------- d-----w- c:\programmi\CCleaner

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-21 14:58 . 2009-10-16 09:10 -------- d-----w- c:\documents and settings\massimilianopc\Dati applicazioni\FileZilla
2010-06-03 07:35 . 2009-08-26 15:50 -------- d-----w- c:\documents and settings\massimilianopc\Dati applicazioni\TeamViewer
2010-05-25 09:51 . 2006-02-06 18:20 -------- d-----w- c:\programmi\Yahoo!
2010-05-13 11:10 . 2010-02-26 11:54 -------- d-----w- c:\programmi\Google
2010-05-07 08:12 . 2010-05-07 08:12 388096 ----a-r- c:\documents and settings\massimilianopc\Dati applicazioni\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-05-07 08:12 . 2010-05-07 08:12 -------- d-----w- c:\programmi\Trend Micro
2010-05-06 10:32 . 2006-01-26 10:34 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-06 07:51 . 2010-05-06 07:51 -------- d-----w- c:\programmi\Sophos
2010-05-03 15:53 . 2010-02-26 11:39 -------- d-----w- c:\programmi\Java
2010-05-02 08:06 . 2006-01-26 10:34 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-20 05:30 . 2006-01-26 10:26 285696 ----a-w- c:\windows\system32\atmfd.dll
2010-04-12 15:29 . 2010-05-03 15:54 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-04-09 09:29 . 2010-04-09 09:29 503808 ----a-w- c:\documents and settings\massimilianopc\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-2752f72f-n\msvcp71.dll
2010-04-09 09:29 . 2010-04-09 09:29 499712 ----a-w- c:\documents and settings\massimilianopc\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-2752f72f-n\jmc.dll
2010-04-09 09:29 . 2010-04-09 09:29 348160 ----a-w- c:\documents and settings\massimilianopc\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-2752f72f-n\msvcr71.dll
2010-04-09 09:29 . 2010-04-09 09:29 12800 ----a-w- c:\documents and settings\massimilianopc\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-7b6dad99-n\decora-d3d.dll
2010-04-09 09:29 . 2010-04-09 09:29 61440 ----a-w- c:\documents and settings\massimilianopc\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-7b6dad99-n\decora-sse.dll
2010-04-07 14:04 . 2006-02-08 08:00 29384 ----a-w- c:\documents and settings\massimilianopc\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-03-29 07:10 . 2006-01-26 10:36 345010 ----a-w- c:\windows\system32\perfh010.dat
2010-03-29 07:10 . 2006-01-26 10:36 47592 ----a-w- c:\windows\system32\perfc010.dat
2006-11-25 16:08 . 2006-11-25 16:08 2855080 ----a-w- c:\programmi\aawsepersonal.exe
2005-12-02 17:54 . 2005-12-02 17:44 266544 ----a-w- c:\programmi\unicows.exe
2005-02-16 14:09 . 2005-02-16 14:09 13101168 ----a-w- c:\programmi\MPSetup.exe
2004-03-09 13:51 . 2004-03-09 13:51 11267 ---ha-w- c:\programmi\folder.htt
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\massimilianopc\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe" [2009-10-22 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [2003-05-07 36864]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" [2008-05-27 413696]
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2010-02-18 248040]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\massimilianopc\Menu Avvio\Programmi\Esecuzione automatica\
OpenOffice.org 3.1.lnk - c:\programmi\OpenOffice.org 3\program\quickstart.exe [2009-4-16 384000]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Avvio veloce di Adobe Reader.lnk - c:\programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
Microsoft Office.lnk - c:\programmi\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
WinZip Quick Pick.lnk - c:\programmi\WinZip\WZQKPICK.EXE [2005-8-26 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\SYSTEM32\\ftp.exe"=
"c:\\Programmi\\JavaSoft\\JRE\\1.3.1_13\\bin\\javaw.exe"=
"c:\\MBW\\mbw.exe"=
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [26/02/2010 13.55.43 135664]
S3 MEMSWEEP2;MEMSWEEP2; [x]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\SYSTEM32\DRIVERS\s0017bus.sys [24/11/2008 10.11.18 90536]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\SYSTEM32\DRIVERS\s0017mdfl.sys [24/11/2008 10.11.19 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\SYSTEM32\DRIVERS\s0017mdm.sys [24/11/2008 10.11.19 122152]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\SYSTEM32\DRIVERS\s0017mgmt.sys [24/11/2008 10.11.22 115496]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\SYSTEM32\DRIVERS\s0017nd5.sys [24/11/2008 10.11.19 25768]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\SYSTEM32\DRIVERS\s0017obex.sys [24/11/2008 10.11.21 111912]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\SYSTEM32\DRIVERS\s0017unic.sys [24/11/2008 10.11.22 117672]

--- Altri Servizi/Drivers In Memoria ---

*Deregistered* - avgio
*Deregistered* - avipbb
.
Contenuto della cartella 'Scheduled Tasks'

2009-12-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-04-11 15:57]

2010-06-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-02-26 11:55]

2010-06-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-02-26 11:55]

2010-06-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1644491937-725345543-1003Core.job
- c:\documents and settings\massimilianopc\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2009-10-22 08:24]

2010-06-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1644491937-725345543-1003UA.job
- c:\documents and settings\massimilianopc\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2009-10-22 08:24]

2010-06-21 c:\windows\Tasks\User_Feed_Synchronization-{699F73EA-C09B-410B-819E-537E77014EBD}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~1\Office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
TCP: {C7711414-6F15-49EF-8E5C-3950BB89ABB6} = 151.99.125.1
DPF: {E292EFB0-EE32-11D1-8C74-0000C0B0E2E9} - hxxp://62.108.225.32/wi/ActiveX/RptViewerIT.cab
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

ShellExecuteHooks-{EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-21 18:58
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
Ora fine scansione: 2010-06-21 19:02:37
ComboFix-quarantined-files.txt 2010-06-21 17:02

Pre-Run: 16.411.076.096 byte disponibili
Post-Run: 16.649.132.544 byte disponibili

- - End Of File - - DC5F88C879F49877D3A7B76B23148D33

Problema risolto. GRAZIE!

L'unica nota stonata.. una lentezza impressionante e il messaggio WINDOWS Memoria minima insuficiente, quando apro un solo applicativo gestionale.

Posso fare qualcosa?
C'è anche un buon Firewall che posso utilizzare al posto di quello in dotazione?

Disattiva il ripristino configurazione di sistema, e tienilo disattivato, fino alla soluzione del problema http://guide.aiutamici.com/guide?C1=7&C2=68&ID=80121

Avvia hijackthis, metti la spunta alle voci che andrò ad elencarti e con tutte le applicazioni chiuse e disconnesso da Internet,premi su fix checked
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\massimilianopc\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe" /c
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Programmi\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmi\WinZip\WZQKPICK.EXE
O16 - DPF: {E292EFB0-EE32-11D1-8C74-0000C0B0E2E9} (RptViewerAX Class) - http://62.108.225.32/wi/ActiveX/RptViewerIT.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100

Dai una pulita (registro compreso)con CCleaner: http://www.aiutamici.com/software?ID=11223
Nella schermata iniziale di CCleaner, clicca su Opzioni e poi Avanzate, togli il segno di spunta a: Cancella i file in Windows Temp solo se più vecchi di 48 ore. (poi esegui le pulizie)

Riavvia il pc.

Poi:
Start\Esegui\copia e incolla la stringa %temp% clicca su Ok, svuota la cartella temp. (non eliminare la cartella)
Poi:
Provvedi a svuotare del suo contenuto la cartella Prefetch :
clicca su Risorse del Computer
clicca su Disco locale C:
cerca, all’interno delle cartelle che saranno visualizzate la cartella Windows, aprila ed, al suo interno, cerca la cartella Prefetch, la apri ed elimina tutte le voci conservate al suo interno ( non eliminare la cartella)
SVUOTA IL CESTINO
Poi:
Lancia Hijackthis e pulisci gli ADS in questo modo:
clicca sulla voce Open the misc tool section
clicca su Open ads spy
togli la spunta alla voce Quick scan (windows base folder only)
clicca su Scan.
Aspetta pazientemente la fine della scansione.
se venissero rilevati ADS, spunta tutte le caselline e clicca su Remove selected

Fai una deframmentazione del HD.
Esegui anche uno Scandisk.
Riattiva il ripristino configurazione di sistema e, se tutto è a posto, creane uno nuovo.

Vedi se il pc è un pò più veloce.

Per il messaggio "WINDOWS Memoria minima insuficiente":
http://www.technotizie.it/frame/66587/memoria-virtuale-minima-insufficiente-risoluzione-del-problema