scusami di nuovo per ieri, ma come puoi aver capito, non sono molto pratica di pc.
Mi hai scritto:Avvia hijackthis, metti la spunta alle voci che andrò ad elencarti e con tutte le applicazioni chiuse e disconnesso da Internet,premi su "fix checked".
Io l'ho fatto, ma volevo sapere se dovevo farlo in modalità provvisoria, perchè se cosi fosse, non l'ho fatto.
Ti dispiace, aiutarmi di nuovo e spiegarmi cosa devo fare per non far bloccare ed eliminare la lentezza del pc?
Mi hai anche scritto: Posta il log, ma non so cosa sia e come devo fare.
Grazie, mille

Ciao e prima di tutto grazie, ti invio il log di Malwarebytes' come da te richiesto.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Versione database: 5179

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

25/11/2010 8.03.42
mbam-log-2010-11-25 (08-03-42).txt

Tipo di scansione: Scansione veloce
Elementi esaminati: 155065
Tempo trascorso: 10 minuti, 3 secondi

Processi infetti in memoria: 0
Moduli di memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Voci infette nei dati di registro: 0
Cartelle infette: 0
File infetti: 0

Processi infetti in memoria:
(Non sono stati rilevati elementi nocivi)

Moduli di memoria infetti:
(Non sono stati rilevati elementi nocivi)

Chiavi di registro infette:
(Non sono stati rilevati elementi nocivi)

Valori di registro infetti:
(Non sono stati rilevati elementi nocivi)

Voci infette nei dati di registro:
(Non sono stati rilevati elementi nocivi)

Cartelle infette:
(Non sono stati rilevati elementi nocivi)

File infetti:
(Non sono stati rilevati elementi nocivi)

Ciao, ti invio il log, grazie.

ComboFix 10-11-28.05 - HP_Administrator 29/11/2010 11.20.21.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.510.224 [GMT 1:00]
Eseguito da: c:\documents and settings\HP_Administrator\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {00000002-0002-0000-6C25-9E7C08000A00}
AV: AntiVir Desktop *On-access scanning enabled* (Outdated) {00000002-0002-0000-7C25-9E7C08000A00}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {00200000-EE94-0012-94EE-120094EE1200}
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\HP_Administrator\Impostazioni locali\Dati applicazioni\queite.dat
c:\documents and settings\HP_Administrator\Impostazioni locali\Dati applicazioni\queite_nav.dat
c:\documents and settings\HP_Administrator\Impostazioni locali\Dati applicazioni\queite_navps.dat
c:\programmi\GooglePlusVideos
c:\programmi\GooglePlusVideos\DeploymentHelper.exe
c:\programmi\GooglePlusVideos\FFExt\chrome.manifest
c:\programmi\GooglePlusVideos\FFExt\chrome\content\googleplusvideos.xul
c:\programmi\GooglePlusVideos\FFExt\chrome\content\script-injector.js
c:\programmi\GooglePlusVideos\FFExt\install.rdf
c:\programmi\GooglePlusVideos\GooglePlusVideosLicense.txt
c:\programmi\GooglePlusVideos\GVConfig.ini
c:\programmi\GooglePlusVideos\MFC42U.DLL
c:\programmi\GooglePlusVideos\Uninstall.bat
c:\programmi\Search Settings
c:\programmi\Search Settings\kb128\SearchSettingsRes409.dll
c:\windows\system\MFC42D.DLL
c:\windows\system\MSVCRTD.DLL
c:\windows\system32\_000003_.tmp.dll
c:\windows\system32\_000005_.tmp.dll
c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\_000007_.tmp.dll
c:\windows\system32\_000008_.tmp.dll
c:\windows\system32\_000009_.tmp.dll
c:\windows\system32\_000010_.tmp.dll
c:\windows\system32\_000011_.tmp.dll
c:\windows\system32\_000012_.tmp.dll
c:\windows\system32\Thumbs.db
D:\resycled

.
((((((((((((((((((((((((( Files Creati Da 2010-10-28 al 2010-11-29 )))))))))))))))))))))))))))))))))))
.

2010-11-29 09:22 . 2010-11-29 09:22 -------- d-----w- c:\windows\LastGood
2010-11-24 16:46 . 2010-11-24 16:46 1409 ----a-w- c:\windows\QTFont.for
2010-11-23 20:03 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-23 20:03 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-23 16:04 . 2010-11-23 16:04 388096 ----a-r- c:\documents and settings\HP_Administrator\Dati applicazioni\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-11-23 16:04 . 2010-11-23 16:04 -------- d-----w- c:\programmi\Trend Micro
2010-11-07 20:31 . 2010-11-07 20:32 -------- d-----w- c:\programmi\Web Photo Album
2010-11-07 20:30 . 2010-11-07 20:31 -------- d-----w- c:\programmi\Light Artist

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-18 10:23 . 2004-09-07 04:00 974848 ------w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2004-09-07 04:00 974848 ------w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2004-09-07 04:00 954368 ------w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2004-09-07 04:00 953856 ------w- c:\windows\system32\mfc40u.dll
2010-09-10 05:49 . 2004-09-07 04:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:49 . 2004-09-07 04:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:49 . 2004-09-07 04:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-09-01 11:51 . 2004-09-07 04:00 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-09-01 07:54 . 2008-12-23 11:33 1852800 ------w- c:\windows\system32\win32k.sys
2008-02-05 22:44 . 2009-09-27 18:16 200704 -c--a-w- c:\programmi\BorisFXUI.fex
2009-04-07 18:52 . 2009-04-07 18:52 28672 -c--a-w- c:\programmi\mozilla firefox\components\GooglePlusVideosXPCOM.dll
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}]
2010-08-23 02:22 2195456 ----a-w- c:\programmi\Fun4IM\Plugins\IE\ieplugin.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\lib\NMBgMonitor.exe" [2005-09-25 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-18 64512]
"ftutil2"="ftutil2.dll" [2004-06-07 106496]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 16261632]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-02 77312]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-06-21 7622656]
"nwiz"="nwiz.exe" [2006-06-21 1519616]
"DMAScheduler"="c:\programmi\HP DigitalMedia Archive\DMAScheduler.exe" [2006-04-13 90112]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-22 237568]
"HPBootOp"="c:\programmi\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-15 249856]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2005-09-25 155648]
"fssui"="c:\programmi\Windows Live\Family Safety\fsui.exe" [2009-08-05 647520]
"HP Software Update"="c:\programmi\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"avgnt"="c:\programmi\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"MCtlSuc"="c:\programmi\FASTWEB\FastWeb 3G\Resource\MCtlSuc.exe" [2009-12-23 90624]
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"TkBellExe"="c:\programmi\File comuni\Real\Update_OB\realsched.exe" [2009-12-16 198160]

c:\documents and settings\HP_Administrator\Menu Avvio\Programmi\Esecuzione automatica\
Widget vodafone.lnk - c:\programmi\Widget vodafone.it\Widget vodafone.it.exe [2010-5-18 95232]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Microsoft Office.lnk - c:\programmi\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
NkbMonitor.exe.lnk - c:\programmi\Nikon\PictureProject\NkbMonitor.exe [2009-8-29 118784]
Windows Search.lnk - c:\programmi\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
Wireless Connection Manager.lnk - c:\programmi\D-Link\D-Link DWA-111 Wireless G USB Adapter\wirelesscm.exe [2008-12-28 19357696]

c:\documents and settings\Default User\Menu Avvio\Programmi\Esecuzione automatica\
Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-9-20 27136]
PinMcLnk.lnk - c:\hp\bin\cloaker.exe [2006-9-20 27136]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programmi\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Fun4IM\BndHook.dll
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QUAD Scheduler
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QUAD Windows service
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"TkBellExe"="c:\programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programmi\\World of Warcraft 2\\Launcher.exe"=
"c:\\Programmi\\Microsoft Games\\Age of Empires III\\age3.exe"=
"c:\\Programmi\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Programmi\\eMule AdunanzA\\eMule_AdnzA.exe"=
"c:\\Programmi\\Google\\Google Earth\\client\\googleearth.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"58983:TCP"= 58983:TCP:Pando Media Booster
"58983:UDP"= 58983:UDP:Pando Media Booster
"4662:TCP"= 4662:TCP:porta per emule
"4672:UDP"= 4672:UDP:porta emule

R2 Fun4IM Coordinator;Fun4IM Coordinator;c:\progra~1\Fun4IM\Bandoo.exe [25/10/2010 18.09.53 1938880]
R3 PAC207;NX-Vega;c:\windows\system32\drivers\pfc027.sys [25/01/2005 15.20.42 154112]
S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [31/03/2010 17.18.32 135664]
S2 Utilità di pianificazione di LiveUpdate automatico;Utilità di pianificazione di LiveUpdate automatico; [x]
S3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys --> c:\windows\system32\DRIVERS\avfsfilter.sys [?]
S3 HSPADataCardusbmdm;HSPADataCard Proprietary USB Driver;c:\windows\system32\drivers\HSPADataCardusbmdm.sys [25/05/2010 6.25.34 106880]
S3 HSPADataCardusbnmea;HSPADataCard NMEA Port;c:\windows\system32\drivers\HSPADataCardusbnmea.sys [25/05/2010 6.25.35 106880]
S3 HSPADataCardusbser;HSPADataCard Diagnostic Port;c:\windows\system32\drivers\HSPADataCardusbser.sys [25/05/2010 6.25.35 106880]
S3 HSPADataCardusbvoice;HSPADataCard VoUSB Port;c:\windows\system32\drivers\HSPADataCardusbvoice.sys [25/05/2010 6.25.35 106880]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2009-03-08 02:32 128512 ----a-w- c:\windows\system32\advpack.dll
.
Contenuto della cartella 'Scheduled Tasks'

2010-11-29 c:\windows\Tasks\GlaryInitialize.job
- c:\programmi\Glary Utilities\initialize.exe [2009-12-18 12:03]

2010-11-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-03-31 16:18]

2010-11-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-03-31 16:18]

2010-11-23 c:\windows\Tasks\HPCeeSchedule.job
- c:\programmi\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2005-09-08 17:22]

2010-09-25 c:\windows\Tasks\Install.job
- c:\windows\system32\Macromed\Shockwave 10\nssstub.exe [2010-09-25 05:08]

2010-11-29 c:\windows\Tasks\User_Feed_Synchronization-{19883167-849D-4794-A445-BA8C25B23856}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.libero.it/
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=IT_IT&c=64&bd=PAVILION&pf=desktop
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=IT_IT&c=64&bd=PAVILION&pf=desktop
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>
IE: Google Sidewiki... - c:\programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
DPF: {7A0D1738-10EA-47FF-92BE-4E137B5BE1A4} - hxxps://mpsnare.iesnare.com/StmOCX.cab
FF - ProfilePath - c:\documents and settings\HP_Administrator\Dati applicazioni\Mozilla\Firefox\Profiles\j6ac095n.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/
FF - prefs.js: keyword.URL - hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&tbid=60446&qkw=
FF - component: c:\programmi\Mozilla Firefox\components\GooglePlusVideosXPCOM.dll
FF - component: c:\programmi\Mozilla Firefox\extensions\search@searchsettings.com\components\SearchSettingsFF.dll
FF - component: c:\programmi\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\documents and settings\HP_Administrator\Dati applicazioni\Facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\documents and settings\HP_Administrator\Dati applicazioni\Mozilla\plugins\np-mswmp.dll
FF - plugin: c:\documents and settings\HP_Administrator\Dati applicazioni\Mozilla\plugins\npPxPlay.dll
FF - plugin: c:\programmi\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\programmi\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\programmi\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\programmi\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: c:\programmi\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\programmi\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Extension: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Extension: SearchSettings Plugin: search@searchsettings.com - c:\programmi\Mozilla Firefox\extensions\search@searchsettings.com
FF - Extension: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Extension: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Extension: Java Quick Starter: jqs@sun.com - c:\programmi\Java\jre6\lib\deploy\jqs\ff
FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Extension: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programmi\real\realplayer\browserrecord\firefox\ext
FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\documents and settings\HP_Administrator\Dati applicazioni\Mozilla\Firefox\Profiles\j6ac095n.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Extension: Searchqu Toolbar: {7FF99715-3016-4381-84CE-E4E4C9673020} - c:\documents and settings\HP_Administrator\Dati applicazioni\Mozilla\Firefox\Profiles\j6ac095n.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}
FF - Extension: AmbientFox: {c8f71e5b-88f8-42a7-98bb-e4c506161de9} - c:\documents and settings\HP_Administrator\Dati applicazioni\Mozilla\Firefox\Profiles\j6ac095n.default\extensions\{c8f71e5b-88f8-42a7-98bb-e4c506161de9}
FF - Extension: Oskar: {5b175400-2368-11de-8c30-0800200c9a66} - c:\documents and settings\HP_Administrator\Dati applicazioni\Mozilla\Firefox\Profiles\j6ac095n.default\extensions\{5b175400-2368-11de-8c30-0800200c9a66}
FF - Extension: Personas: personas@christopher.beard - c:\documents and settings\HP_Administrator\Dati applicazioni\Mozilla\Firefox\Profiles\j6ac095n.default\extensions\personas@christopher.beard
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-29 11:30
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2c,6c,f3,30,87,c7,91,4c,b6,50,3d,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2c,6c,f3,30,87,c7,91,4c,b6,50,3d,\

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\EN]
@DACL=(02 0000)
"OnLineServicesDirName"="Online Services"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\FR]
@DACL=(02 0000)
"OnLineServicesDirName"="Services en ligne"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\MX]
@DACL=(02 0000)
"OnLineServicesDirName"="Servicios en línea"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\NL]
@DACL=(02 0000)
"OnLineServicesDirName"="Online Services"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\NW]
@DACL=(02 0000)
"OnLineServicesDirName"="Online tjenster"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\SP]
@DACL=(02 0000)
"OnLineServicesDirName"="Servicios en línea"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\SW]
@DACL=(02 0000)
"OnLineServicesDirName"="Online tjänster"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\UK]
@DACL=(02 0000)
"OnLineServicesDirName"="Online services"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\US]
@DACL=(02 0000)
"OnLineServicesDirName"="Online Services"

[HKEY_USERS\S-1-5-21-3195307505-2902213095-3233704235-1007\Identities\{523594F0-7AFD-4658-B16F-0D078F433514}\Software\Microsoft\Outlook Express\5.0\Recent Stationery List]
@DACL=(02 0000)
@SACL=
"File0"="Cielo blu.htm"
"File1"="Natura.htm"
"File2"="Giallo.htm"
"File3"="Girasole.htm"
"File4"="Agrumi.htm"
"File5"="Quadretti bianchi.htm"
"File6"="Foglie.htm"

[HKEY_USERS\S-1-5-21-3195307505-2902213095-3233704235-1007\Identities\{523594F0-7AFD-4658-B16F-0D078F433514}\Software\Microsoft\Outlook Express\5.0\Shared Settings]
@DACL=(02 0000)
@SACL=

[HKEY_USERS\S-1-5-21-3195307505-2902213095-3233704235-1007\Software\Microsoft\MediaPlayer\Preferences\ProxySettings]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Classes\.avi\ShellEx\{FFB699E0-306A-11d3-8BD1-00104B6F7516}]
@DACL=(02 0000)
@SACL=
@="{FFB699E0-306A-11d3-8BD1-00104B6F7516}"

[HKEY_LOCAL_MACHINE\software\Classes\.wmv\ShellEx\{FFB699E0-306A-11d3-8BD1-00104B6F7516}]
@DACL=(02 0000)
@SACL=
@="{FFB699E0-306A-11d3-8BD1-00104B6F7516}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A489AA80-6F27-4C3A-895D-EAC0E45EC77B}\InprocServer32]
@DACL=(02 0000)
@SACL=
@="c:\\WINDOWS\\pchealth\\helpctr\\Vendors\\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\\plugin\\HPBasicDetection3.dll"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A489AA80-6F27-4C3A-895D-EAC0E45EC77B}\ProgID]
@DACL=(02 0000)
@SACL=
@="HPBasicDetection.HPStarter.1"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A489AA80-6F27-4C3A-895D-EAC0E45EC77B}\Programmable]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A489AA80-6F27-4C3A-895D-EAC0E45EC77B}\TypeLib]
@DACL=(02 0000)
@SACL=
@="{16D7A93E-6087-4567-AFDA-B0005107771E}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A489AA80-6F27-4C3A-895D-EAC0E45EC77B}\VersionIndependentProgID]
@DACL=(02 0000)
@SACL=
@="HPBasicDetection.HPStarter"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BF0118D4-63FF-4138-9327-F3028FB1A578}\ProgID]
@DACL=(02 0000)
@SACL=
@="AWhelper.Helper.1"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BF0118D4-63FF-4138-9327-F3028FB1A578}\Programmable]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BF0118D4-63FF-4138-9327-F3028FB1A578}\TypeLib]
@DACL=(02 0000)
@SACL=
@="{661E32FD-A5F0-49BC-96CC-D872FE10A7DC}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BF0118D4-63FF-4138-9327-F3028FB1A578}\VersionIndependentProgID]
@DACL=(02 0000)
@SACL=
@="AWhelper.Helper"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{34B1CBF1-03B8-43E1-AACF-7AD85AF17172}\ProxyStubClsid]
@DACL=(02 0000)
@SACL=
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{34B1CBF1-03B8-43E1-AACF-7AD85AF17172}\TypeLib]
@DACL=(02 0000)
@SACL=
@="{16D7A93E-6087-4567-AFDA-B0005107771E}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Classes\Software\RealNetworks\Update\6.0\Preferences\Components\Free:6.0\File38\ACCESSPOINT]
@DACL=(02 0000)
@SACL=
@="DESKTOP"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{54635C92-DFAF-4A99-8802-92FB068A6154}\1.0]
@DACL=(02 0000)
@SACL=
@="Symantec Core LC Type Library"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{661E32FD-A5F0-49BC-96CC-D872FE10A7DC}\1.0]
@DACL=(02 0000)
@SACL=
@="AWhelper 1.0 Type Library"

[HKEY_LOCAL_MACHINE\software\Hewlett-Packard\cpc\PCINTRO\Browser]
@DACL=(02 0000)
@SACL=
"IE"="0"
"Netscape"="0"

[HKEY_LOCAL_MACHINE\software\Hewlett-Packard\cpc\PCINTRO\BWOPT]
@DACL=(02 0000)
@SACL=
"bwsupport"="1"
"bwoffers"="0"

[HKEY_LOCAL_MACHINE\software\Hewlett-Packard\cpc\PCINTRO\HPGuide]
@DACL=(02 0000)
@SACL=
"HPGuideLaunch"="0"

[HKEY_LOCAL_MACHINE\software\Hewlett-Packard\cpc\PCINTRO\HPSU]
@DACL=(02 0000)
@SACL=
"OptInPath"="c:\\hp\\bin\\cloaker.exe"
"OptInCmdLine"="c:\\hp\\drivers\\hpsu\\HPSU_optin.bat"
"OptOutPath"="c:\\hp\\bin\\cloaker.exe"
"OptOutCmdLine"="c:\\hp\\drivers\\hpsu\\HPSU_optout.bat"
"hpsulaunch"="1"

[HKEY_LOCAL_MACHINE\software\Hewlett-Packard\cpc\PCINTRO\NIS]
@DACL=(02 0000)
@SACL=
"NISRun"="1"
"NISPath"="c:\\windows\\system32\\pcintro\\autorun.exe"
"NISCmdLine"="security.cmd"

[HKEY_LOCAL_MACHINE\software\Hewlett-Packard\DigitalImaging\Services\Remote]
@DACL=(02 0000)
@SACL=
"Name"="e36ebe56-1794-4c97-b547-30278ec4ee61"
"Password"="3P1N2SN15PQ0Q7657NN077631QP3790R"
"Realm"="clientauth2"

[HKEY_LOCAL_MACHINE\software\Microsoft\Advanced INF Setup\IEHomePageInfo\RegBackup]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_ACTIVEX_INACTIVATE_MODE]
@DACL=(02 0000)
@SACL=
"HPSdpApp.exe"=dword:00000001
"nda.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Effects\Alchemy]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\services]
@DACL=(02 0000)
@SACL=
"NoServices"=dword:00000000
.
Ora fine scansione: 2010-11-29 11:33:17
ComboFix-quarantined-files.txt 2010-11-29 10:33

Pre-Run: 67.496.775.680 byte disponibili
Post-Run: 67.672.104.960 byte disponibili

- - End Of File - - 08AC9AADD6D81BB2913FAE4DC55E13E0

Come immagino hai capito non mi intemdo molto di pc, mi sembra molto lento all'apertura delle pagine, sopratutto all'accensione del pc,(vorrei eliminare dei programmi che si avviano all'accensione, ma non so come si fa e non so quali devo eliminare),
non si connette in automatico, ma devo sempre riscrivere la chiave crittografica di fastweb, e spesso si blocca. Ti ringrazio e ti saluto