Fai queste pulizie:
Scarica Adwcleaner sul desktop:
http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner
Per il download cliccare alla destra su: Download now
Chiudi tutti i browser (è importante IE,Firefox Chrome ecc...)
Clicca sul pulsante "Scan".
Finita la scansione clicca su "Clean"
Conferma con OK le varie finestre che ti compariranno.
Il pc si riavvierà, e uscirà il log con le eliminazioni.
Postalo qui.

# AdwCleaner v4.207 - Logfile created 25/06/2015 at 13:44:32
# Updated 21/06/2015 by Xplode
# Database : 2015-06-23.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Andrea - ANDREA-5F9321F1
# Running from : C:\Documents and Settings\Andrea\Desktop\adwcleaner_4.207.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Dati applicazioni\apn
Folder Deleted : C:\Documents and Settings\All Users\Dati applicazioni\AVG Security Toolbar
Folder Deleted : C:\Documents and Settings\All Users\Dati applicazioni\Trymedia
Folder Deleted : C:\DOCUME~1\Andrea\IMPOST~1\Temp\apn
Folder Deleted : C:\Documents and Settings\Andrea\Dati applicazioni\AceWebExtension
File Deleted : C:\Documents and Settings\Andrea\Dati applicazioni\Mozilla\Firefox\Profiles\n30gy27y.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
File Deleted : C:\Programmi\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AVG Nation toolbar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AceStream
Key Deleted : HKCU\Software\Avg Secure Update
Key Deleted : HKLM\SOFTWARE\AVG Nation toolbar
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\Vittalia
Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AceStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F2E0D3DD9E5E4B74CA43BCE77815E287
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7

***** [ Web browsers ] *****

-\\ Internet Explorer v7.0.6000.17091


-\\ Mozilla Firefox v38.0.5 (x86 it)

[n30gy27y.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");

-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [2978 bytes] - [25/06/2015 13:43:10]
AdwCleaner[S0].txt - [2968 bytes] - [25/06/2015 13:44:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3027 bytes] ##########

Ciao

Fai queste pulizie:

Poi fai una scansione con HijackThis e posta il log, vediamo cosa c'è nel pc. HJT scaricalo da qui:
http://sourceforge.net/projects/hjt/ clic su download, attendi qualche secondo e appare l'eseguibile da installare. Se non conosci il programma trovi le istruzioni in aiutamici sezione software.
Prova a controllare in Avvio se c'è qualche programma sconosciuto e lo disattivi. Controlla anche nel taskmanager se c'è qualche processo sconosciuto e lo fermi oppure dimmi il nome.

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 14.07.50, on 25/06/2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17091)

FIREFOX: 38.0.5 (x86 it)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\AVG\AVG2015\avgidsagent.exe
C:\Programmi\AVG\AVG2015\avgwdsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Java\jre7\bin\jqs.exe
C:\Programmi\AVG\AVG2015\avgnsx.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Programmi\AVG\AVG2015\avgemcx.exe
C:\Programmi\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Programmi\Unlocker\UnlockerAssistant.exe
C:\Programmi\AVG\AVG2015\avgui.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Thunderbird-Tray\TBTray.exe
C:\Programmi\AVG\AVG2015\avgrsx.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\AVG\AVG2015\avgcsrvx.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\7-Zip\7zFM.exe
C:\DOCUME~1\Andrea\IMPOST~1\Temp\7zO1.tmp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://goalsmania.com/Enabler/Enabler.application
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O1 - Hosts: 195.149.220.94 agentclient2.ntdll.net
O1 - Hosts: 195.149.220.94 agentclient.ntdll.net
O1 - Hosts: 95.131.232.195 www.goldwinpoker.com
O1 - Hosts: 95.131.232.195 goldwinpoker.com
O1 - Hosts: 195.149.222.148 live.goldbet.com
O1 - Hosts: 195.149.220.209 old.goldbet.com
O1 - Hosts: 195.149.220.209 ced.goldbet.com
O1 - Hosts: 195.149.220.210 marketing.goldbet.com
O1 - Hosts: 95.131.232.195 goldwinportal.com
O1 - Hosts: 95.131.232.195 www.goldwinportal.com
O1 - Hosts: 195.149.220.209 www.betxpro.com
O1 - Hosts: 95.131.232.195 www25.goldbet.com
O1 - Hosts: 95.131.232.195 www35.goldbet.com
O1 - Hosts: 95.131.232.195 goldbet.com
O1 - Hosts: 195.149.222.154 secure.goldbet.com
O1 - Hosts: 91.213.212.163 livecasino.goldbet.com
O1 - Hosts: 195.149.222.154 gbservice.goldbet.com
O1 - Hosts: 195.149.222.139 mail.goldbetmail.com
O1 - Hosts: 195.149.222.139 mail.goldbet.com
O1 - Hosts: 195.149.222.139 exchange.goldbetmail.com
O1 - Hosts: 195.149.222.139 exchange.goldbet.com
O1 - Hosts: 23.40.166.121 affiliates.goldbet.com
O1 - Hosts: 195.149.222.154 content.goldbet.com
O1 - Hosts: 195.149.222.133 www.goalsmania.com
O1 - Hosts: 195.149.222.133 www.goalsmania.info
O1 - Hosts: 23.40.166.121 www.goldbet.com
O1 - Hosts: 23.40.166.121 www.goldbetsports.com
O1 - Hosts: 195.149.222.152 goldbetsports.com
O1 - Hosts: 23.40.166.121 casino.goldbet.com
O1 - Hosts: 95.131.232.195 www.casino.goldbet.com
O1 - Hosts: 23.40.166.121 poker.goldbet.com
O1 - Hosts: 95.131.232.195 www.poker.goldbet.com
O1 - Hosts: 195.149.222.151 ssh.goldbet.com
O1 - Hosts: 37.114.73.217 www.virtual-races.com
O1 - Hosts: 37.114.73.217 virtual-races.com
O1 - Hosts: 89.146.220.38 cdn.virtual-races.com
O1 - Hosts: 195.149.222.144 sslportal.goldbet.com
O1 - Hosts: 195.149.222.133 enabler.ags.gwsrv.com
O1 - Hosts: 66.212.226.169 partners.goldbet.com
O1 - Hosts: 54.228.75.181 support.golden-race.com
O1 - Hosts: 95.131.232.196 admin.goldbetleague.com
O1 - Hosts: 23.40.166.121 svcs.goldbetsports.com
O1 - Hosts: 195.149.222.142 citrix.goldbet.com
O1 - Hosts: 195.149.222.159 storefront.goldbet.com
O1 - Hosts: 195.149.222.151 ssh.goldbetsports.com
O1 - Hosts: 195.149.222.154 secure.goldbetsports.com
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [CamserviceDP] C:\Programmi\Hercules\DualPix Exchange\Camservice.exe /startup
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Programmi\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programmi\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Programmi\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [AVG-Secure-Search-Update_0913b] C:\Documents and Settings\Andrea\Dati applicazioni\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid 3f0f0880201147d38d6ad145b0b223c4-03555db8cb9fd2b3e6f45bf01560b8daa2a54366 --CMPID 0913b
O4 - HKCU\..\Run: [EPSON SX210 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFDE.EXE /FU "C:\WINDOWS\TEMP\E_S5B.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [GUDelayStartup] "C:\Programmi\Glary Utilities 5\StartupManager.exe" -delayrun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: TB-Tray.lnk = C:\Programmi\Thunderbird-Tray\TBTray.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{726DF525-47CA-4249-84C6-1405475901E3}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{BFAB40E1-9971-466B-A13C-369F99487FC8}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{DEE83AF9-EDA3-4FCD-92FF-8F3D28EBF39F}: NameServer = 8.8.8.8,8.8.4.4
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Programmi\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Programmi\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Intel Graphics Miniport Driver (igxpmp32) - Intel Corporation - C:\Programmi\IntelR G33G31 Express Chipset Family\igxpmp32.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Programmi\Java\jre7\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Programmi\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Programmi\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
O23 - Service: Macrium Reflect Image Mounting Service (ReflectService.exe) - Paramount Software UK Ltd - C:\Programmi\Macrium\Reflect\ReflectService.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Programmi\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Programmi\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Programmi\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Programmi\Skype\Updater\Updater.exe

--
End of file - 9722 bytes
Ciao