Ciao a tutti.
Ho questo problema: ogni volta che apro una pagina internet, spunta il messaggio url maligno. Succede con qualunque sito, persino con google e il sito di avast. La versione di avast é la free e il browser é firefox. Cosa posso fare?
Servono un po più di informazioni…
Versione di avast? (6.0.1289?) Database dei virus?
Versione di firefox? Hai provato con Internet Explorer o Chrome?
Sistema operativo?
Ciao
Ciao. Ho anche io lo stesso problema, avast mi segnala url maligno con qualsiasi sito internet. Ho questi problemi con firefox e chrome ma non con internet explorer. La mia versione (free) di avast è 7.0.1426. Viene sempre scritto questo messaggio: Dettagli dell’infezione
URL: http://includeit.info/scripts/inl_dmmtch…
Processo: C:\Program Files\Mozilla Firefox\firefox…
Infezione: URL:Mal
Potete aiutarmi? grazie mille
Ciao,
hai già provato a settare una scansione all’avvio con avast (scansione computer->scansione all’avvio->programma adesso)?
Versione di firefox e chrome sono le ultime?
Il sistema operativo è aggiornato?
Ho appena fatto la scansione all’avvio con avast, mi ha rilevato di pup che ho cancellato. Il problema però rimane.
Sì le versioni di firefox e di chrome sono le ultime. Il sistema operativo è windows vista ed è aggiornato in automatico (l’ultimo aggiornamento risale alla scorsa settimana)
Controlla che vista sia al Service Pack 2, poi scarica MBAM free,
http://www.malwarebytes.org/products/malwarebytes_free
esegui la scansione completa e posta il log.
Ciao
Versione database: v2012.06.18.07
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Utente :: PC-UTENTE [amministratore]
18/06/2012 20.37.49
mbam-log-2012-06-18 (20-37-49).txt
Tipo di scansione: Scansione completa
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File system | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 436852
Tempo impiegato: 2 ore, 13 minuti, 40 secondi
Processi rilevati in memoria: 0
(non sono stati rilevati elementi nocivi)
Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)
Chiavi di registro rilevate: 15
HKCR\CLSID{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) → Spostato in quarantena ed eliminato con successo.
HKCR\TypeLib{BB7256DD-EBA9-480B-8441-A00388C2BEC3} (PUP.VShareRedir) → Spostato in quarantena ed eliminato con successo.
HKCR\Interface{3D782BB2-F2A5-11D3-BF4C-000000000000} (PUP.VShareRedir) → Spostato in quarantena ed eliminato con successo.
HKCR\MyNewsBarLauncher.IE5BarLauncherBHO.1 (PUP.VShareRedir) → Spostato in quarantena ed eliminato con successo.
HKCR\MyNewsBarLauncher.IE5BarLauncherBHO (PUP.VShareRedir) → Spostato in quarantena ed eliminato con successo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) → Spostato in quarantena ed eliminato con successo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) → Spostato in quarantena ed eliminato con successo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) → Spostato in quarantena ed eliminato con successo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) → Spostato in quarantena ed eliminato con successo.
HKCR\CLSID{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) → Spostato in quarantena ed eliminato con successo.
HKCR\MyNewsBarLauncher.IE5BarLauncher.1 (PUP.VShareRedir) → Spostato in quarantena ed eliminato con successo.
HKCR\MyNewsBarLauncher.IE5BarLauncher (PUP.VShareRedir) → Spostato in quarantena ed eliminato con successo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) → Spostato in quarantena ed eliminato con successo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) → Spostato in quarantena ed eliminato con successo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) → Spostato in quarantena ed eliminato con successo.
Valori di registro rilevati: 2
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) → Dati: VShareTB → Spostato in quarantena ed eliminato con successo.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) → Dati: → Spostato in quarantena ed eliminato con successo.
Voci rilevate nei dati di registro: 1
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) → Cattivo: (http://startsear.ch/?aff=1&cf=f6447f08-1ac2-11e1-839a-84ad0f3f17ca) Buono: (http://www.google.com) → Spostato in quarantena e riparato con successo.
Cartelle rilevate: 0
(non sono stati rilevati elementi nocivi)
File rilevati: 3
C:\Program Files\vShare.tv plugin\BarLcher.dll (PUP.VShareRedir) → Spostato in quarantena ed eliminato con successo.
C:\Users\Utente\Downloads\SoftonicDownloader_per_daemon-tools.exe (PUP.BundleOffer.Downloader.S) → Spostato in quarantena ed eliminato con successo.
C:\Users\Utente\Downloads\SoftonicDownloader_per_mycam.exe (PUP.ToolbarDownloader) → Spostato in quarantena ed eliminato con successo.
(fine)
Hai ancora problemi ora?
Ciao
Ciao Giorgio, purtroppo sì, vedo che i problemi continuano.
Ti ringrazio per tutti i consigli che mi stai dando.
Ciao
scarica questo programma
http://www.trendmicro.com/ftp/products/hijackthis/HiJackThis.msi
lo installi, lo avvi e clicca su “Do a system scan and save logfile” quindi posta il log, grazie
Ecco il log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17.34.00, on 19/06/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Hp\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\BrowserCompanion\BCHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Encarta\Microsoft Encarta 2008 - Premium DVD\EDICT.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe
C:\Windows\system32\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=it_it&c=81&bd=Pavilion&pf=laptop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://it.ask.com/?l=dis&o=41648108&gct=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=it_it&c=81&bd=Pavilion&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: Softonic-IT Toolbar - {e3393495-8103-46a0-8181-270273eddd60} - C:\Program Files\Softonic-IT\tbSoft.dll
O1 - Hosts: ::1 localhost
O2 - BHO: script helper for ie - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files\BrowserCompanion\jsloader.dll
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\bh\BabylonToolbar.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files\BrowserCompanion\updatebhoWin32.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Softonic-IT Toolbar - {e3393495-8103-46a0-8181-270273eddd60} - C:\Program Files\Softonic-IT\tbSoft.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Softonic-IT Toolbar - {e3393495-8103-46a0-8181-270273eddd60} - C:\Program Files\Softonic-IT\tbSoft.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarTlbr.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM..\Run: [QPService] “C:\Program Files\HP\QuickPlay\QPService.exe”
O4 - HKLM..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM..\Run: [GrooveMonitor] “C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe”
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKLM..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM..\Run: [avast] “C:\Program Files\Alwil Software\Avast5\avastUI.exe” /nogui
O4 - HKLM..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM..\Run: [ApnUpdater] “C:\Program Files\Ask.com\Updater\Updater.exe”
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
O4 - HKLM..\Run: [Adobe ARM] “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM..\Run: [offerbox] C:\Program Files\OfferBox\OfferBox.exe
O4 - HKLM..\Run: [Browser companion helper] C:\Program Files\BrowserCompanion\BCHelper.exe /T=3 /CHI=kolgnaidildmdbfgdnoapjdianbpajne
O4 - HKLM..\Run: [SunJavaUpdateSched] “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU..\Run: [E08IXLRD_21439326] “C:\Program Files\Microsoft Encarta\Microsoft Encarta 2008 - Premium DVD\EDICT.EXE” -m
O4 - HKCU..\Run: [EA Core] “C:\Program Files\Electronic Arts\EADM\Core.exe” -silent
O4 - HKCU..\Run: [TomTomHOME.exe] “C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe”
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU..\Run: [DAEMON Tools Lite] “C:\Program Files\DAEMON Tools Lite\DTLite.exe” -autorun
O4 - HKUS\S-1-5-19..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘SERVIZIO LOCALE’)
O4 - HKUS\S-1-5-19..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘SERVIZIO LOCALE’)
O4 - HKUS\S-1-5-20..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘SERVIZIO DI RETE’)
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Barra di ricerca di Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/it/mjss/MJSS.cab109791.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/it/uno1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip..{28EC7D4D-C46B-40EB-90B2-8CB4D85F34D7}: NameServer = 85.37.17.55 85.38.28.93
O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Servizio di Google Update (gupdate1c9a0304a5d843) (gupdate1c9a0304a5d843) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
–
End of file - 13948 bytes
Ciao,
la prossima volta clicca in basso a sinistra, mentre stai rispondendo, su Attachments and other options cosi puoi postare il file senza creare post lunghi da leggere 
Comunque, prova cosi e dimmi se hai ancora problemi:
Rifai lo scan con lo stesso programma e poi selezioni questi valori e clicchi su Fix Checked
prima però prova a disinstallare da pannello di controllo tutto quello che trovi riferito a:
ask toolbar
softonic
browser companion
offerbox
e se trovi ancora questi valori li elimini
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://it.ask.com/?l=dis&o=41648108&gct=hp
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: Softonic-IT Toolbar - {e3393495-8103-46a0-8181-270273eddd60} - C:\Program Files\Softonic-IT\tbSoft.dll
O2 - BHO: script helper for ie - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files\BrowserCompanion\jsloader.dll
O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files\BrowserCompanion\updatebhoWin32.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Softonic-IT Toolbar - {e3393495-8103-46a0-8181-270273eddd60} - C:\Program Files\Softonic-IT\tbSoft.dll
O3 - Toolbar: Softonic-IT Toolbar - {e3393495-8103-46a0-8181-270273eddd60} - C:\Program Files\Softonic-IT\tbSoft.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
.exe
O4 - HKLM..\Run: [ApnUpdater] “C:\Program Files\Ask.com\Updater\Updater.exe”
O4 - HKLM..\Run: [offerbox] C:\Program Files\OfferBox\OfferBox.exe
O4 - HKLM..\Run: [Browser companion helper] C:\Program Files\BrowserCompanion\BCHelper.exe /T=3 /CHI=kolgnaidildmdbfgdnoapjdianbpajne
O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
mentre questi sono opzionali e ti consiglio di toglierli
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
O4 - HKLM..\Run: [Adobe ARM] “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
CIAO 
non so se è il posto giusto… ma ho lo stesso identico problema… ho seguito le procedure che hai indicato… ti posto di seguito il risultato…
Scusa l’intrusione… e grazie in anticipo…
Scusa volevo dire che allegavo il file… non che lo postavo… e poi io uso chrome e non firefox… ma Avast mi da lo stesso identico problema…
Ciao Giorgio,
ho fatto tutta la procedura eliminando le cose che mi hai detto, ma vedo che i problemi continuano
P.S: hai ragione, prossima volta evito di fare post lunghi
Ok,
ora prova a scaricare questo
http://public.avast.com/~gmerek/aswMBR.exe
e poi posta il log
Ciao
ps anche tu Halbhe
e fai il fix di questi valori
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8888;https=127.0.0.1:8888
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll
O4 - HKLM..\Run: [DRPU PC Management - Basic] “C:\Program Files\DRPU PC Management - Basic\Basic Manage.exe” “hd”
O4 - HKLM..\Run: [DRPU PC Management - Advanced] “C:\Program Files\PC Management - Advanced\Advance Manage.exe” “hd”
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM..\Run: [Adobe ARM] “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] “C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe”
O4 - HKLM..\Run: [QuickTime Task] “C:\Program Files\QuickTime\QTTask.exe” -atboottime
O4 - HKCU..\Run: [LegacyTraceSessionCollection] regsvr32 /s /u “C:\Users\Alberto\AppData\Local\LegacyTraceSessionCollection\LegacyTraceSessionCollection.dll”
Allora, il programmino parte… ma dopo un pò mi dice che ha smesso di funzionare e si chiude… però ho fixato quello che mi hai detto con Hijackthis e sembra che ora il problema non si presenti più…
Grazie mille per la disponibiltà era insopportabile…
@ Halbhe
Se si blocca devi provare ad avviarlo da modalità provvisoria (premendo F8 continuamente durante l’avvio del pc)
va be sperem si sia risolto
Ecco il log…sembrerebbe comunque che ora sia sparito il problema
Grazie mille di nuovo per la disponibilità