www.MegaLab.it

[azatoth80rm]

Ciao a tutti!!!
Premetto che è da ieri che il mio pc da un insolito problema.
Il 99% delle applicazioni (browser, office, o qualsiasi altro priogramma) di "blocca" facendo comparire a classica scritta "Non risponde" (Es: Firefox non risponde).
Fino ad ieri funzionava tutto alla perfezione, una scheggia.
Poi ho avviato Thunderbird per controllare le email ed ho dovuto attendere che si aggiornasse. Fin qui tutto ok se non fosse che stranamente ho perso tutti i miei account di posta (e meno male che avevo settato l'Imap così posso controllarli via web senza perdere le mail sul server).
Poco male, ho pensato, reinserisco i dati degli account... purtroppo non me lo faceva fare. Quando cliccavo su "Crea nuovo Account" non accadeva nulla. Ok disinstallo Thunderbird e mi rassegno a controllare la posta via web.
Ed invece no perché, ripeto, qualsiasi programma si blocca, compreso Esplora Risorse durante una semplice copia file da una cartella ad un'altra oppure se si cerca di far partire un video o un mp3 o qualsiasi altra operazione.
Purtroppo sia le scansioni con Avira Antivir Premium che con Malwarebyte si bloccano causa "Programma non risponde" e vi assicuro che non c'è sovraccarico di cpu o ram.
Vorrei evitare di formattare.
Di seguito vi posto la configurazione del mio pc

CPU Pentium i7-2600 3.40Ghz
Motherboard ASUS P8P67 WS Revolution
RAM 4,00 GB Canale Singolo DDR3 @ 668 MHz (9-9-9-24)
Scheda Video AMD Radeon HD 7700 Series 1024 MB
Monitor Samsung Syncmaster 2494 HS
Hard Disk Western Digital WDC WD5000AAKX-001CA0 (SATA)
Driver Ottico Optiarc DVD RW AD-5240S
Scanner Epson Perfection 1670
S.O. Microsoft Windows 7 Ultimate 32-bit SP1

Di seguito posto il log Hijackthis

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:27:17, on 18/03/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16521)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Comodo\COMODO Internet Security\cistray.exe
C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\USB Safely Remove\USBSafelyRemove.exe
C:\Program Files\System Explorer\SystemExplorer.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Comodo\COMODO Internet Security\cis.exe
C:\Download\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.it
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)
R3 - URLSearchHook: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
O2 - BHO: IE 4.x-6.x BHO for Internet Download Accelerator - {2A646672-9C3A-4C28-9A7A-1FB0F63F28B6} - C:\PROGRA~1\IDA\idaiehlp.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Freemake.YoutubeButton - {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [KeyScrambler] C:\Program Files\KeyScrambler\keyscrambler.exe /a
O4 - HKLM\..\Run: [gbrspcontrol] "C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [USB Safely Remove] C:\Program Files\USB Safely Remove\USBSafelyRemove.exe /startup
O4 - HKCU\..\Run: [SystemExplorerAutoStart] "C:\Program Files\System Explorer\SystemExplorer.exe" /TRAY
O4 - HKCU\..\Run: [Internet Download Accelerator] C:\Program Files\IDA\ida.exe -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO DI RETE')
O4 - Startup: Dropbox.lnk = Enzo\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Start GeekBuddy.lnk = C:\Program Files\Comodo\GeekBuddy\launcher.exe
O8 - Extra context menu item: Download ALL with IDA - C:\Program Files\IDA\idaieall.htm
O8 - Extra context menu item: Download remotely with IDA - C:\Program Files\IDA\remdown.htm
O8 - Extra context menu item: Download with IDA - C:\Program Files\IDA\idaie.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
O9 - Extra 'Tools' menuitem: &Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
O9 - Extra button: @C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll,-4 - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU)
O9 - Extra 'Tools' menuitem: Freemake Video Downloader - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{11AD9065-5EB2-4309-AF95-B6182B7EE0D9}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{7C019F4A-91F6-44A3-BD9B-06BD9A00CDAE}: NameServer = 8.26.56.26,156.154.70.22
O20 - AppInit_DLLs:
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files\ASUS\AXSP\1.00.13\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - Unknown owner - C:\Program Files\ASUS\AAHM\1.00.13\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions Inc. - C:\Program Files\Common Files\COMODO\launcher_service.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) - WIBU-SYSTEMS AG - C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
O23 - Service: FreemakeVideoCapture - Freemake - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: GeekBuddyRSP Service (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Intel Corporation - C:\Windows\system32\IProsetMonitor.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files\System Explorer\service\SystemExplorerService.exe
O23 - Service: USB Safely Remove Assistant (USBSafelyRemoveService) - Crystal Rich Ltd - C:\Program Files\USB Safely Remove\USBSRService.exe

--
End of file - 11119 bytes

Quanto vedete dall'immagine sovrastante accade col 90% dei miei programmi, obbligandomi ad un riavvio del pc mediante pressione del tasto reset.
Ringrazio sin d'ora per le risposte.

[Uomo_Senza_Sonno]

Dal momento che gli antivirus non lavorano correttamente il mio primo consiglio è quello di utilizzare un rescue disk come quello di Kaspersky, di modo da fare un controllo a SO spento. In seguito, sarà meglio fixare le seguenti voci con HJT:

Codice: Seleziona tutto

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.it
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)
R3 - URLSearchHook: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
O2 - BHO: IE 4.x-6.x BHO for Internet Download Accelerator - {2A646672-9C3A-4C28-9A7A-1FB0F63F28B6} - C:\PROGRA~1\IDA\idaiehlp.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Freemake.YoutubeButton - {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [KeyScrambler] C:\Program Files\KeyScrambler\keyscrambler.exe /a
O4 - HKLM\..\Run: [gbrspcontrol] "C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKCU\..\Run: [Internet Download Accelerator] C:\Program Files\IDA\ida.exe -autorun
O4 - Startup: Dropbox.lnk = Enzo\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Start GeekBuddy.lnk = C:\Program Files\Comodo\GeekBuddy\launcher.exe
O8 - Extra context menu item: Download ALL with IDA - C:\Program Files\IDA\idaieall.htm
O8 - Extra context menu item: Download remotely with IDA - C:\Program Files\IDA\remdown.htm
O8 - Extra context menu item: Download with IDA - C:\Program Files\IDA\idaie.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
O9 - Extra 'Tools' menuitem: &Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
O9 - Extra button: @C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll,-4 - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU)
O9 - Extra 'Tools' menuitem: Freemake Video Downloader - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU)
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{11AD9065-5EB2-4309-AF95-B6182B7EE0D9}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{7C019F4A-91F6-44A3-BD9B-06BD9A00CDAE}: NameServer = 8.26.56.26,156.154.70.22
O20 - AppInit_DLLs:
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

e disabilitare i seguenti servizi digitando services.msc da esegui

Codice: Seleziona tutto

O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) - WIBU-SYSTEMS AG - C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
O23 - Service: FreemakeVideoCapture - Freemake - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: GeekBuddyRSP Service (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe

Riavvia il pc e verifica se i problemi persistono o meno, vedremo di fare altri controlli

[azatoth80rm]

Intanto grazie per la risposta Uomo_Senza_Sonno.

Ho fatto fare la scansione (riavviano il pc con boot da cd) sia dal rescue disk di kaspersky sia da quello di Avira e nessuno dei due ha rilevato nulla :(
Ti posto il nuovo log di Hikackthis, spero di aver fixato tutto.
Il problema sussiste.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:40:16, on 18/03/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16521)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Comodo\COMODO Internet Security\cistray.exe
C:\Program Files\KeyScrambler\KeyScrambler.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\USB Safely Remove\USBSafelyRemove.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Users\Enzo\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Comodo\COMODO Internet Security\cis.exe
C:\Download\HiJackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (file missing)
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [KeyScrambler] C:\Program Files\KeyScrambler\keyscrambler.exe /a
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [USB Safely Remove] C:\Program Files\USB Safely Remove\USBSafelyRemove.exe /startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO DI RETE')
O4 - Startup: Dropbox.lnk = Enzo\AppData\Roaming\Dropbox\bin\Dropbox.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files\ASUS\AXSP\1.00.13\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - Unknown owner - C:\Program Files\ASUS\AAHM\1.00.13\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions Inc. - C:\Program Files\Common Files\COMODO\launcher_service.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Intel Corporation - C:\Windows\system32\IProsetMonitor.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: USB Safely Remove Assistant (USBSafelyRemoveService) - Crystal Rich Ltd - C:\Program Files\USB Safely Remove\USBSRService.exe

--
End of file - 6373 bytes

[Uomo_Senza_Sonno]

Togli nuovamente la spunta su

Codice: Seleziona tutto

O4 - HKLM\..\Run: [KeyScrambler] C:\Program Files\KeyScrambler\keyscrambler.exe /a
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - Startup: Dropbox.lnk = Enzo\AppData\Roaming\Dropbox\bin\Dropbox.exe

e disabilita il seguente servizio

Codice: Seleziona tutto

O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe

Prova a disabilitare temporaneamente COMODO dall'avvio per verificare se il problema è imputabile a lui (avevo un problema simile in un pc con COMODO e dopo un suo aggiornamento si è tutto risolto), ed infine fai un test delle ram con memtest.

[azatoth80rm]

Allora ho fixato tutto quello che mi hai detto di fixare tranne la riga inerente Keyscrambler in quanto questo antikeylogger mi serve durante le operazioni sui siti bancari/negozi.
Il test effettuato con memtest non ha riscontrato nulla.
Una mia curiosità: Con Comodo IS (antivirus disabilitato)mi son sempre trovato bene ma ammetto che la versione 6 sia alquanto rognosetta sotto molti punti di vista: devo ancora provare a disabilitarlo.
A tal proposito volevo chiederti: nel caso dipendesse da comodo capisco che mi toccherebbe cambiarlo (anche se a malincuore. Tra le alternative free sembra veramente buona Privare Firewall, che provai qualche anno fa, ma poi lo disinstallai in quanto rallentava il pc oltre ad essere alquanto macchinosoper la configurazione/creazione regole 8o forse sono io che ero abituato troppo bene con Comodo ... boh).
Di seguito ti posto in mio nuovo Log Hijackthis.
Grazie ancora per le risposte

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 07:59:50, on 19/03/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16521)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Comodo\COMODO Internet Security\cistray.exe
C:\Program Files\KeyScrambler\KeyScrambler.exe
C:\Program Files\USB Safely Remove\USBSafelyRemove.exe
C:\Users\Enzo\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Comodo\COMODO Internet Security\cis.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Download\HiJackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (file missing)
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [KeyScrambler] C:\Program Files\KeyScrambler\keyscrambler.exe /a
O4 - HKLM\..\Run: [USB Safely Remove] C:\Program Files\USB Safely Remove\USBSafelyRemove.exe /startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO DI RETE')
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files\ASUS\AXSP\1.00.13\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - Unknown owner - C:\Program Files\ASUS\AAHM\1.00.13\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions Inc. - C:\Program Files\Common Files\COMODO\launcher_service.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Intel Corporation - C:\Windows\system32\IProsetMonitor.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: USB Safely Remove Assistant (USBSafelyRemoveService) - Crystal Rich Ltd - C:\Program Files\USB Safely Remove\USBSRService.exe

--
End of file - 6054 bytes

[farbix89]

Questa volta correggo io,ma ricorda di inserire i log di scansione dentro il tag MEMO; facilita di molto la lettura dei post

[azatoth80rm]

Ok Fabrix89 ti ringrazio.
Cercherò nel forum l'uso del tag MEMO che sarà usato dalla prossima volta

[farbix89]

topic45943.html

http://www.MegaLab.it/6451/MegaLab-it-c ... -le-novita

[Uomo_Senza_Sonno]

Senza comodo attivo i problemi persistono?

[azatoth80rm]

Guarda per tagliare la testa al toro ho disinstallato ComodoIS6 e fatto pulizia con ccleaner ma non è cambiato nulla.
Anzi poco fa cliccando su Firefox per avviarlo si è bloccato il pc (della serie che potevo soltanto muovere il mouse, qualsiasi altra operazione era impossibile da effettuare).
Premuto tasto reset e riavviato :(

[Uomo_Senza_Sonno]

Prova ad eseguire questo tool, poi postami il log generato da MbrScan.

[azatoth80rm]

Allora
Eseguendo il tool che mi hai consigliato ho optato per il tweak dei servizi (opzione 1) per poi scegliere il fix sicuro (sempre opzione 1); al termine dell'operazione mi è stato chiesto di riavviare il pc.
Riavviato il pc ho eseguito uno scan con MbrScan di cui ti posto il log di seguito:

Codice: Seleziona tutto

MBRScan v1.1.1

OS             : Windows 7 Service Pack 1 (32 bit)
PROCESSOR      : x86 Family 6 Model 42 Stepping 7, GenuineIntel
BOOT           : Normal Boot
DATE           : 2013/03/20 (ISO 8601) at 17:38:10
________________________________________________________________________________

DISK           : Device\Harddisk0\DR0 __WDC WD50 00AAKX-001CA (15.0)
BUS_TYPE       : (0x03)  P-ATA
USE_PIO        : NO
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

Device\Harddisk0\DR0   465.8 Go  [Fixed] ==> 7 MBR Code .

MBR_MD5   : 297A76BF6B29B73ECAA8C7EC0E26A206
MBR_SHA1  : 9F46C466BCC973B7CA06C6583289FC3A9C2B728A

Device\Harddisk0\Partition1   100.0 Mo     0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition2   465.7 Go     0x07 NTFS / HPFS
________________________________________________________________________________

############################### Additional scan ################################

SystemStartOptions :  NOEXECUTE=OPTIN

________________________________________________________________________________

_______MBR   \Device\Harddisk0\DR0 

0x00000000   33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00   3À.м.|.À.ؾ.|¿.
0x00000010   06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00   .¹..üó¤Ph..Ëû¹..
0x00000020   BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10   ½¾..~..|......Å.
0x00000030   E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00   âñÍ..V.UÆF..ÆF..
0x00000040   B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09   ´A»ªUÍ.]r..ûUªu.
0x00000050   F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74   ÷Á..t.þF.f`.~..t
0x00000060   26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00   &fh....f.v.h..h.
0x00000070   7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13   |h..h..´B.V..ôÍ.
0x00000080   9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00   ..Ä..ë.¸..».|.V.
0x00000090   8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE   .v..N..n.Í.fas.þ
0x000000A0   4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84   N.u..~......².ë.
0x000000B0   55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55   U2ä.V.Í.]ë..>þ}U
0x000000C0   AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64   ªun.v.è..u.ú°Ñæd
0x000000D0   E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75   è..°ßæ`è|.°.ædèu
0x000000E0   00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54   .û¸.»Í.f#Àu;f.ûT
0x000000F0   43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00   CPAu2.ù..r,fh.».
0x00000100   00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66   .fh....fh....fSf
0x00000110   53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66   SfUfh....fh.|..f
0x00000120   61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD   ah...Í.Z2öê.|..Í
0x00000130   18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4   ..·.ë..¶.ë..µ.2ä
0x00000140   05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD   ....ð¬<.t.»..´.Í
0x00000150   10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8   .ëòôëý+Éädë.$.àø
0x00000160   24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69   $.ÃInvalid parti
0x00000170   74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72   tion table.Error
0x00000180   20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69    loading operati
0x00000190   6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E   ng system.Missin
0x000001A0   67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74   g operating syst
0x000001B0   65 6D 00 00 00 63 7B 9A 9C 78 5C 48 00 00 80 20   em...c{..x\H...
0x000001C0   21 00 07 DF 13 0C 00 08 00 00 00 20 03 00 00 DF   !..ß....... ...ß
0x000001D0   14 0C 07 FE FF FF 00 28 03 00 00 30 35 3A 00 00   ...þ...(...05:..
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

__________________________16_BIT_ASM_CODE
   
0x0000    33c0            XOR AX, AX   
0x0002    8ed0            MOV SS, AX   
0x0004    bc 007c         MOV SP, 0x7c00   
0x0007    8ec0            MOV ES, AX   
0x0009    8ed8            MOV DS, AX   
0x000B    be 007c         MOV SI, 0x7c00   
0x000E    bf 0006         MOV DI, 0x600   
0x0011    b9 0002         MOV CX, 0x200   
0x0014    fc              CLD   
0x0015    f3 a4           REP MOVSB   
0x0017    50              PUSH AX   
0x0018    68 1c06         PUSH 0x61c   
0x001B    cb              RETF   
0x001C    fb              STI   
0x001D    b9 0400         MOV CX, 0x4   
0x0020    bd be07         MOV BP, 0x7be   
0x0023    807e 00 00      CMP BYTE [BP+0x0], 0x0   
0x0027    7c 0b           JL 0x34   
0x0029    0f85 0e01       JNZ 0x13b   
0x002D    83c5 10         ADD BP, 0x10   
0x0030    e2 f1           LOOP 0x23   
0x0032    cd 18           INT 0x18   
0x0034    8856 00         MOV [BP+0x0], DL   
0x0037    55              PUSH BP   
0x0038    c646 11 05      MOV BYTE [BP+0x11], 0x5   
0x003C    c646 10 00      MOV BYTE [BP+0x10], 0x0   
0x0040    b4 41           MOV AH, 0x41   
0x0042    bb aa55         MOV BX, 0x55aa   
0x0045    cd 13           INT 0x13   
0x0047    5d              POP BP   
0x0048    72 0f           JB 0x59   
0x004A    81fb 55aa       CMP BX, 0xaa55   
0x004E    75 09           JNZ 0x59   
0x0050    f7c1 0100       TEST CX, 0x1   
0x0054    74 03           JZ 0x59   
0x0056    fe46 10         INC BYTE [BP+0x10]   
0x0059    66 60           PUSHAD   
0x005B    807e 10 00      CMP BYTE [BP+0x10], 0x0   
0x005F    74 26           JZ 0x87   
0x0061    66 68 00000000  PUSH 0x0   
0x0067    66 ff76 08      PUSH DWORD [BP+0x8]   
0x006B    68 0000         PUSH 0x0   
0x006E    68 007c         PUSH 0x7c00   
0x0071    68 0100         PUSH 0x1   
0x0074    68 1000         PUSH 0x10   
0x0077    b4 42           MOV AH, 0x42   
0x0079    8a56 00         MOV DL, [BP+0x0]   
0x007C    8bf4            MOV SI, SP   
0x007E    cd 13           INT 0x13   
0x0080    9f              LAHF   
0x0081    83c4 10         ADD SP, 0x10   
0x0084    9e              SAHF   
0x0085    eb 14           JMP 0x9b   
0x0087    b8 0102         MOV AX, 0x201   
0x008A    bb 007c         MOV BX, 0x7c00   
0x008D    8a56 00         MOV DL, [BP+0x0]   
0x0090    8a76 01         MOV DH, [BP+0x1]   
0x0093    8a4e 02         MOV CL, [BP+0x2]   
0x0096    8a6e 03         MOV CH, [BP+0x3]   
0x0099    cd 13           INT 0x13   
0x009B    66 61           POPAD   
0x009D    73 1c           JAE 0xbb   
0x009F    fe4e 11         DEC BYTE [BP+0x11]   
0x00A2    75 0c           JNZ 0xb0   
0x00A4    807e 00 80      CMP BYTE [BP+0x0], 0x80   
0x00A8    0f84 8a00       JZ 0x136   
0x00AC    b2 80           MOV DL, 0x80   
0x00AE    eb 84           JMP 0x34   
0x00B0    55              PUSH BP   
0x00B1    32e4            XOR AH, AH   
0x00B3    8a56 00         MOV DL, [BP+0x0]   
0x00B6    cd 13           INT 0x13   
0x00B8    5d              POP BP   
0x00B9    eb 9e           JMP 0x59   
0x00BB    813e fe7d 55aa  CMP WORD [0x7dfe], 0xaa55   
0x00C1    75 6e           JNZ 0x131   
0x00C3    ff76 00         PUSH WORD [BP+0x0]   
0x00C6    e8 8d00         CALL 0x156   
0x00C9    75 17           JNZ 0xe2   
0x00CB    fa              CLI   
0x00CC    b0 d1           MOV AL, 0xd1   
0x00CE    e6 64           OUT 0x64, AL   
0x00D0    e8 8300         CALL 0x156   
0x00D3    b0 df           MOV AL, 0xdf   
0x00D5    e6 60           OUT 0x60, AL   
0x00D7    e8 7c00         CALL 0x156   
0x00DA    b0 ff           MOV AL, 0xff   
0x00DC    e6 64           OUT 0x64, AL   
0x00DE    e8 7500         CALL 0x156   
0x00E1    fb              STI   
0x00E2    b8 00bb         MOV AX, 0xbb00   
0x00E5    cd 1a           INT 0x1a   
0x00E7    66 23c0         AND EAX, EAX   
0x00EA    75 3b           JNZ 0x127   
0x00EC    66 81fb 54435041CMP EBX, 0x41504354   
0x00F3    75 32           JNZ 0x127   
0x00F5    81f9 0201       CMP CX, 0x102   
0x00F9    72 2c           JB 0x127   
0x00FB    66 68 07bb0000  PUSH 0xbb07   
0x0101    66 68 00020000  PUSH 0x200   
0x0107    66 68 08000000  PUSH 0x8   
0x010D    66 53           PUSH EBX   
0x010F    66 53           PUSH EBX   
0x0111    66 55           PUSH EBP   
0x0113    66 68 00000000  PUSH 0x0   
0x0119    66 68 007c0000  PUSH 0x7c00   
0x011F    66 61           POPAD   
0x0121    68 0000         PUSH 0x0   
0x0124    07              POP ES   
0x0125    cd 1a           INT 0x1a   
0x0127    5a              POP DX   
0x0128    32f6            XOR DH, DH   
0x012A    ea 007c 0000    JMP FAR 0x0:0x7c00   
0x012F    cd 18           INT 0x18   
0x0131    a0 b707         MOV AL, [0x7b7]   
0x0134    eb 08           JMP 0x13e   
0x0136    a0 b607         MOV AL, [0x7b6]   
0x0139    eb 03           JMP 0x13e   
0x013B    a0 b507         MOV AL, [0x7b5]   
0x013E    32e4            XOR AH, AH   
0x0140    05 0007         ADD AX, 0x700   
0x0143    8bf0            MOV SI, AX   
0x0145    ac              LODSB   
0x0146    3c 00           CMP AL, 0x0   
0x0148    74 09           JZ 0x153   
0x014A    bb 0700         MOV BX, 0x7   
0x014D    b4 0e           MOV AH, 0xe   
0x014F    cd 10           INT 0x10   
0x0151    eb f2           JMP 0x145   
0x0153    f4              HLT   
0x0154    eb fd           JMP 0x153   
0x0156    2bc9            SUB CX, CX   
0x0158    e4 64           IN AL, 0x64   
0x015A    eb 00           JMP 0x15c   
0x015C    24 02           AND AL, 0x2   
0x015E    e0 f8           LOOPNZ 0x158   
0x0160    24 02           AND AL, 0x2   
0x0162    c3              RET   
0x0163    49              DEC CX   
0x0164    6e              OUTSB   
0x0165    76 61           JBE 0x1c8   
0x0167    6c              INSB   
0x0168    6964 20 7061    IMUL SP, [SI+0x20], 0x6170   
0x016D    72 74           JB 0x1e3   
0x016F    6974 69 6f6e    IMUL SI, [SI+0x69], 0x6e6f   
0x0174    2074 61         AND [SI+0x61], DH   
0x0177    626c 65         BOUND BP, [SI+0x65]   
0x017A    0045 72         ADD [DI+0x72], AL   
0x017D    72 6f           JB 0x1ee   
0x017F    72 20           JB 0x1a1   
0x0181    6c              INSB   
0x0182    6f              OUTSW   
0x0183    61              POPA   
0x0184    64 696e 67 206f IMUL BP, FS:[BP+0x67], 0x6f20   
0x018A    70 65           JO 0x1f1   
0x018C    72 61           JB 0x1ef   
0x018E    74 69           JZ 0x1f9   
0x0190    6e              OUTSB   
0x0191    67 2073 79      AND [EBX+0x79], DH   
0x0195    73 74           JAE 0x20b   
0x0197    65 6d           INS WORD GS:[DI], DX   
0x0199    004d 69         ADD [DI+0x69], CL   
0x019C    73 73           JAE 0x211   
0x019E    696e 67 206f    IMUL BP, [BP+0x67], 0x6f20   
0x01A3    70 65           JO 0x20a   
0x01A5    72 61           JB 0x208   
0x01A7    74 69           JZ 0x212   
0x01A9    6e              OUTSB   
0x01AA    67 2073 79      AND [EBX+0x79], DH   
0x01AE    73 74           JAE 0x224   
0x01B0    65 6d           INS WORD GS:[DI], DX   
0x01B2    0000            ADD [BX+SI], AL   
0x01B4    0063 7b         ADD [BP+DI+0x7b], AH   
0x01B7    9a 9c78 5c48    CALL FAR 0x485c:0x789c   
0x01BC    0000            ADD [BX+SI], AL   
0x01BE    8020 21         AND BYTE [BX+SI], 0x21   
0x01C1    0007            ADD [BX], AL   
0x01C3    df13            FIST WORD [BP+DI]   
0x01C5    0c 00           OR AL, 0x0   
0x01C7    0800            OR [BX+SI], AL   
0x01C9    0000            ADD [BX+SI], AL   
0x01CB    2003            AND [BP+DI], AL   
0x01CD    0000            ADD [BX+SI], AL   
0x01CF    df14            FIST WORD [SI]   
0x01D1    0c 07           OR AL, 0x7   
0x01D3    fe              DB 0xfe   
0x01D4    ff              DB 0xff   
0x01D5    ff00            INC WORD [BX+SI]   
0x01D7    2803            SUB [BP+DI], AL   
0x01D9    0000            ADD [BX+SI], AL   
0x01DB    3035            XOR [DI], DH   
0x01DD    3a00            CMP AL, [BX+SI]   
0x01DF    0000            ADD [BX+SI], AL   
0x01E1    0000            ADD [BX+SI], AL   
0x01E3    0000            ADD [BX+SI], AL   
0x01E5    0000            ADD [BX+SI], AL   
0x01E7    0000            ADD [BX+SI], AL   
0x01E9    0000            ADD [BX+SI], AL   
0x01EB    0000            ADD [BX+SI], AL   
0x01ED    0000            ADD [BX+SI], AL   
0x01EF    0000            ADD [BX+SI], AL   
0x01F1    0000            ADD [BX+SI], AL   
0x01F3    0000            ADD [BX+SI], AL   
0x01F5    0000            ADD [BX+SI], AL   
0x01F7    0000            ADD [BX+SI], AL   
0x01F9    0000            ADD [BX+SI], AL   
0x01FB    0000            ADD [BX+SI], AL   
0x01FD    0055 aa         ADD [DI-0x56], DL   



PS: Visto che anche senza Comodo il problema si ripresentava l'ho reinstallato.
Ho provveduto a disinstallare Firefox e Thunderbird perché,vedi primo post, mi sembra che da loro è iniziato il problema.
Grazie.

[Uomo_Senza_Sonno]

Senza FF e TB cambia tutto o il problema persiste?

[azatoth80rm]

purtroppo il problema persiste...
Intanto ho tolto ComodoIS6 ed installato Online Armor free ma è successa un'altra cosa strana: dopo la disinstallazione di CIS6 mi vien chiesto di riavviare il pc (e fin qui tutto ok). Durante il riavvio parte in automatico il Chkdsk ma purtroppo, in fase di avvio non ti dà modo, di leggere il report.
Incuriosito,tornato al desktop, faccio partire il mio fidato HDTune che mi segnala un'anomalia.
Ti posto di seguito lo screenshot:

Incuriosito,sempre con HDTune, ho fatto uno scan approfondito e mi ha rilevato tre clouster danneggiati (mi segnalava su 500Gb lo 0,1% di clouster rossi)
Mi chiedo a questo punto: Può dipendere dall'Hard disk? Strano visto che formatto raramente in quanto difficilmente ho problemi e il mio Hd non è soggetto a scritture/cancellature continue.Cioè non sono il tipo che installa 10000 programmi per poi cancellarli subito dopo. Eseguo Defrag una volta al mese/ogni due mesi e Ccleaner ogni 7gg.
Devo cambiare l'harddiak? Sinceramente vorrei evitare una reinstallazione ex novo più per la seccatura e per la persita di tempo che per altro.
C'è possibilità di "riparare" l'Hd (sempre che dipenda da lui)? (So che alcuni programmi isolano i clouster danneggiati ma non so davvero quanto giovi).
Scusa le mille domande. Se queste anomalie non dipendono dal mio Hd allora non ne ho idea....
Ah un'ultima cosa: come sai ho disinstallato Firefox e Thumderbird. Lungi da me usare IE10 (urgh...) ho installato Opera. Ebbene all'inizio tutto ok ora anche Opera si blocca come FF :(
Ti ringrazio ancora per la tua disponibilità

[Uomo_Senza_Sonno]

Se vuoi escludere un problema al disco devi provarne un altro (magari te lo fai prestare se non ne hai uno sotto mano), fare un'installazione pulita del SO e poi dei programmi che utilizzi di solito. Eseguire formattazioni a basso livello su dischi danneggiati possono portare qualche vantaggio in prima istanza ma poi alla lunga i problemi riemergono.

[azatoth80rm]

Ciao
Ho provveduto a sostituire l'harddisk con un Western Digital da 1Tb che ho provveduto a partizionare in 2 harddiak da 500Gb (Chiamati C: e W:)
Sembra che non ci siano più problemi ma è insorta un'altra stranezza:
Avvio Firefox e digito nel campo di ricerca di Google ciò che devo cercare; premenro il tasto invio oppure cliccando su cerca non accade nulla resto sempre fermo alla pagina iniziale. Discorso diverso se digito nella "barra di ricerca" vicino a quella degli indirizzi; li invece la ricerca funziona perfettamente
Già provata disinstallazione e reinstallazione
Ti posto il nuovo log Hijack

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:12:15, on 25/03/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16521)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Online Armor\oaui.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\USB Safely Remove\USBSafelyRemove.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\System Explorer\SystemExplorer.exe
C:\Program Files\Online Armor\OAhlp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\Enzo\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe
C:\Program Files\Mozilla Firefox\firefox.exe
W:\Download\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Borowwsae2save - {3BB256C2-DFC0-7FDC-C732-684B3EE23DDB} - C:\ProgramData\Borowwsae2save\514de84f3bcd8.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Breowase22save - {DBB45420-9C6B-D92B-6826-D884CCCECB2D} - C:\ProgramData\Breowase22save\514ddf95e1d7d.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Online Armor\oaui.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [USB Safely Remove] C:\Program Files\USB Safely Remove\USBSafelyRemove.exe /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [SystemExplorerAutoStart] "C:\Program Files\System Explorer\SystemExplorer.exe" /TRAY
O4 - HKCU\..\Run: [Memory Cleaner] C:\Users\Enzo\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe boot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO DI RETE')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: c:\progra~1\browse~1\sprote~1.dll
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Intel Corporation - C:\Windows\system32\IProsetMonitor.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Online Armor Helper Service (OAcat) - Unknown owner - C:\Program Files\Online Armor\OAcat.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Unknown owner - C:\Program Files\Online Armor\oasrv.exe
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files\System Explorer\service\SystemExplorerService.exe
O23 - Service: USB Safely Remove Assistant (USBSafelyRemoveService) - Crystal Rich Ltd - C:\Program Files\USB Safely Remove\USBSRService.exe

--
End of file - 6139 bytes

Grazie.

[azatoth80rm]

Ho notato alcune applicazioni che si son installate senza alcun mio consenso. Sicuramente malware (Breowase22save ed Borowwsae2save)
Provando a disinstallarle non le disinstalla.
Fixati co Hijackthis scompaiono ma al loro posto appare BrowsetoSave il quale,dopo aver terminato i processi con System explorer) ne provo la rimozione al cui termone ricompaiono i due di cui ti ho parlato ad inizio post.
Scansionato pc con malwarebytes ed Avira (anche in modalità provvisoria) ma nessuna minaccia rilevata.

[azatoth80rm]

Ecco il log di Malwarebytes

Malwarebytes Anti-Malware 1.70.0.1100
http://www.malwarebytes.org

Versione database: v2013.03.25.11

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16521
Enzo :: ENZO-PC [amministratore]

25/03/2013 16:18:44
mbam-log-2013-03-25 (16-18-44).txt

Tipo di scansione: Scansione completa (C:\|)
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File di sistema | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 299781
Tempo impiegato: 35 minuti, 26 secondi

Processi rilevati in memoria: 0
(non sono stati rilevati elementi nocivi)

Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)

Chiavi di registro rilevate: 0
(non sono stati rilevati elementi nocivi)

Valori di registro rilevati: 0
(non sono stati rilevati elementi nocivi)

Voci rilevate nei dati di registro: 0
(non sono stati rilevati elementi nocivi)

Cartelle rilevate: 0
(non sono stati rilevati elementi nocivi)

File rilevati: 0
(non sono stati rilevati elementi nocivi)

(fine)

[bios]

nei componenti aggiuntivi di Firefox, non c'è questo ''browse2save'' ?
prova con Adwcleaner; scaricalo sul desktop:http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner
avvialo e clicca sul pulsante "Delete", fa' la scansione e allega il log.

[azatoth80rm]

Ecco il log di Adwcleaner

# AdwCleaner v2.115 - Logfile creato il 26/03/2013 alle 08:53:03
# Aggiornamento 17/03/2013 by Xplode
# Sistema Operativo : Windows 7 Ultimate Service Pack 1 (32 bits)
# Utente : Enzo - ENZO-PC
# Modalità Avvio : Modalità Normale
# Eseguito da : C:\Users\Enzo\Desktop\adwcleaner.exe
# Opzioni [Cerca]


***** [Servizi] *****


***** [File / Cartelle] *****

File Trovato : C:\Users\Enzo\AppData\Roaming\Mozilla\Firefox\Profiles\vmuo9cki.default\searchplugins\spamfreesearch.xml
File Trovato : C:\Users\Enzo\AppData\Roaming\Mozilla\Firefox\Profiles\vmuo9cki.default\searchplugins\SweetIm.xml

***** [Registro] *****

Chiave Trovata : HKCU\Software\APN PIP
Chiave Trovata : HKCU\Software\AppDataLow\SProtector
Chiave Trovata : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Chiave Trovata : HKLM\Software\PIP
Chiave Trovata : HKLM\Software\SP Global
Chiave Trovata : HKLM\Software\SProtector

***** [Browser Internet] *****

-\\ Internet Explorer v10.0.9200.16521

[OK] Registro Pulito.

-\\ Mozilla Firefox v19.0.2 (it)

File : C:\Users\Enzo\AppData\Roaming\Mozilla\Firefox\Profiles\vmuo9cki.default\prefs.js

Trovata : user_pref("aol_toolbar.default.homepage.check", false);
Trovata : user_pref("aol_toolbar.default.search.check", false);
Trovata : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Trovata : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Trovata : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Trovata : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Trovata : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Trovata : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Trovata : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Trovata : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Trovata : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Trovata : user_pref("sweetim.toolbar.searchguard.enable", "");

-\\ Google Chrome v [Impossibile rilevare la versione]

File : C:\Users\Enzo\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File Pulito.

*************************

AdwCleaner[R1].txt - [2223 octets] - [26/03/2013 08:53:03]

########## EOF - C:\AdwCleaner[R1].txt - [2283 octets] ##########