salve mi controlate il log?
grazie

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:45:21, on 14/07/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Users\diego\Documents\Tor Browser\Browser\firefox.exe
C:\Users\diego\Documents\Tor Browser\Browser\TorBrowser\Tor\tor.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_203.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_203.exe
C:\Users\diego\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://it.yahoo.com/?fr=fp-yie9
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fornito da Yahoo!
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: AviraBrowserSafety.BrowserSafety - {c3c77255-42c0-499f-b664-6e981a0b1647} - mscoree.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Avira Browser Safety - {d8f67242-b229-4065-95fa-391b077ed6ca} - mscoree.dll (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: abs - {E00957BD-D0E1-4EB9-A025-7743FDC8B27B} - mscoree.dll (file missing)
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Pianificatore (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Camfrog Update Service (camfrog_update_service) - Camshare Inc. - C:\Program Files (x86)\Camfrog\Camfrog Video Chat\update\cf_update_service.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe

--
End of file - 13302 bytes

Solitamente si posta un log di hijackthis quando ci sono dei problemi, tu che problemi hai ?
Dal log non si vedono infezioni ma ci sono delle voci e dei programmi che mi sembrano inutili.
Conosci questi programmi e li hai mesi tu: EgisTec - Zone Alarm
Fammi sapere, ciao

il problema è che all'avvio di windows 7 mi compare una finestra cmd.exe con la scritta "kurt cleaning script" o una cosa del genere

Malwarebytes Anti-Malware
www.malwarebytes.org

Data scansione: 15/07/2015
Ora scansione: 23:35
File di log: log.txt
Amministratore: Sì

Versione: 2.1.8.1057
Database malware: v2015.07.15.06
Database rootkit: v2015.07.15.01
Licenza: Gratuito
Protezione da malware: Disattivata
Protezione da siti web nocivi: Disattivata
Auto-protezione: Disattivata

SO: Windows 7 Service Pack 1
CPU: x64
File system: NTFS
Utente: diego

Tipo di scansione: Ricerca elementi nocivi
Risultati: Completata
Elementi analizzati: 370766
Tempo impiegato: 48 min, 48 sec

Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Disattivata
Euristiche: Attivata
PUP: Attivata
PUM: Attivata

Processi: 0
(Nessun elemento nocivo rilevato)

Moduli: 0
(Nessun elemento nocivo rilevato)

Chiavi di registro: 1
PUP.Optional.Spigot.A, HKU\S-1-5-21-3245179290-486166780-4058341772-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0A39F958-B29F-45C7-AB09-E5BB57925832}, In quarantena, [cf43a63c3852af870d9863a4f40fe719],

Valori di registro: 1
PUP.Optional.Spigot.A, HKU\S-1-5-21-3245179290-486166780-4058341772-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0A39F958-B29F-45C7-AB09-E5BB57925832}|URL, https://it.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=926458&p={searchTerms}, In quarantena, [cf43a63c3852af870d9863a4f40fe719]

Dati di registro: 0
(Nessun elemento nocivo rilevato)

Cartelle: 1
PUP.Optional.PriceMinus.A, C:\Program Files (x86)\PriceMinus, In quarantena, [48cad80a6e1c51e5f712becf0df7e61a],

File: 4
PUP.Optional.Spigot.A, C:\Users\diego\AppData\Roaming\Mozilla\Firefox\Profiles\ifal8ryq.default\searchplugins\yahoo_ff.xml, In quarantena, [ba584a98d6b4e155f55726f0e41f17e9],
PUP.Optional.PriceMinus.A, C:\Program Files (x86)\PriceMinus\5gDc5TgRGgv1cP.tlb, In quarantena, [48cad80a6e1c51e5f712becf0df7e61a],
PUP.Optional.PriceMinus.A, C:\Program Files (x86)\PriceMinus\5gDc5TgRGgv1cP.dat, In quarantena, [48cad80a6e1c51e5f712becf0df7e61a],
PUP.Optional.Spigot.A, C:\Users\diego\AppData\Roaming\Mozilla\Firefox\Profiles\ifal8ryq.default\prefs.js, Buono: (), Nocivo (user_pref("keyword.URL", "https://it.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=926458&p=");), Sostituito,[54bef7eb7e0c6bcb8300f96faf5617e9]

Settori fisici: 0
(Nessun elemento nocivo rilevato)


(end)


# AdwCleaner v4.208 - Creato file registro eventi 16/07/2015 in 01:48:44
# Aggiornato 09/07/2015 da Xplode
# Database : 2015-07-15.1 [Server]
# Sistema operativo : Windows 7 Home Premium Service Pack 1 (x64)
# Nome utente : diego - DIEGO-PC
# In esecuzione da : C:\Users\diego\Desktop\adwcleaner_4.208.exe
# Opzione : Pulizia

***** [ Servizi ] *****

[#] Servizio Eliminato : YahooAUService
[#] Servizio Eliminato : mcaudrv_simple
[#] Servizio Eliminato : ManyCam

***** [ File / Cartelle ] *****

Cartella Eliminato : C:\ProgramData\AVG Security Toolbar
Cartella Eliminato : C:\ProgramData\Yahoo! Companion
Cartella Eliminato : C:\ProgramData\4811658048577681415
Cartella Eliminato : C:\Program Files (x86)\Check Point Software Technologies LTD
Cartella Eliminato : C:\Program Files (x86)\PriiceMinuS
Cartella Eliminato : C:\Users\diego\AppData\LocalLow\ShopperReports3
Cartella Eliminato : C:\Users\diego\AppData\LocalLow\Yahoo! Companion
Cartella Eliminato : C:\Users\diego\AppData\Roaming\Solvusoft
Cartella Eliminato : C:\Users\diego\AppData\Roaming\Check Point Software Technologies LTD
Cartella Eliminato : C:\Users\diego\AppData\Roaming\Mozilla\Firefox\Profiles\ifal8ryq.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Cartella Eliminato : C:\Users\diego\AppData\Roaming\Mozilla\Firefox\Profiles\ifal8ryq.default\Extensions\ffxtlbr@zonealarm.com
Cartella Eliminato : C:\Users\diego\AppData\Roaming\Mozilla\Firefox\Profiles\ifal8ryq.default\Extensions\me4k7Q@2vO.org
Cartella Eliminato : C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh
Cartella Eliminato : C:\ProgramData\mobohbhjecahalngepnmlikhcgopdgge
File Eliminato : C:\Users\Public\Desktop\eBay.lnk
File Eliminato : C:\Windows\Reimage.ini
File Eliminato : C:\Windows\System32\roboot64.exe
File Eliminato : C:\Windows\System32\drivers\mcaudrv_x64.sys
File Eliminato : C:\Windows\System32\drivers\mcvidrv.sys
File Eliminato : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
File Eliminato : C:\Users\diego\AppData\Roaming\Mozilla\Firefox\Profiles\ifal8ryq.default\searchplugins\zonealarm.xml
File Eliminato : C:\Users\diego\AppData\Roaming\Mozilla\Firefox\Profiles\ifal8ryq.default\user.js

***** [ Attività pianificate ] *****


***** [ Collegamenti ] *****


***** [ Registry ] *****

Chiave Eliminato : HKCU\Software\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh
Chiave Eliminato : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Chiave Eliminato : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Chiave Eliminato : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Chiave Eliminato : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Chiave Eliminato : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Chiave Eliminato : HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Chiave Eliminato : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Chiave Eliminato : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Chiave Eliminato : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Chiave Eliminato : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Chiave Eliminato : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Chiave Eliminato : HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Chiave Eliminato : HKLM\SOFTWARE\Classes\CLSID\{987D9269-F8A1-408F-BF62-4397D2F5363E}
Chiave Eliminato : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Chiave Eliminato : HKLM\SOFTWARE\Classes\CLSID\{E0722BEB-FDA1-4AA1-A2A8-15A74A5B3F70}
Chiave Eliminato : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Chiave Eliminato : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Chiave Eliminato : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
Chiave Eliminato : HKLM\SOFTWARE\Classes\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Chiave Eliminato : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Chiave Eliminato : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Chiave Eliminato : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Chiave Eliminato : HKLM\SOFTWARE\Classes\TypeLib\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Chiave Eliminato : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Chiave Eliminato : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Chiave Eliminato : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Chiave Eliminato : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Chiave Eliminato : HKLM\SOFTWARE\Classes\TypeLib\{E00DE9B9-B128-4C39-B732-B5D85013FA48}
Chiave Eliminato : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Chiave Eliminato : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Chiave Eliminato : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Chiave Eliminato : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Chiave Eliminato : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Chiave Eliminato : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Chiave Eliminato : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Chiave Eliminato : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Chiave Eliminato : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Chiave Eliminato : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Chiave Eliminato : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Chiave Eliminato : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Chiave Eliminato : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Valore Eliminato : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Chiave Eliminato : [x64] HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Chiave Eliminato : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Chiave Eliminato : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Chiave Eliminato : HKCU\Software\AVG Nation toolbar
Chiave Eliminato : HKCU\Software\Reimage
Chiave Eliminato : HKCU\Software\Avg Secure Update
Chiave Eliminato : HKCU\Software\AppDataLow\Software\ShopperReports3
Chiave Eliminato : HKLM\SOFTWARE\AVG Nation toolbar
Chiave Eliminato : HKLM\SOFTWARE\AVG Secure Search
Chiave Eliminato : HKLM\SOFTWARE\AVG Security Toolbar
Chiave Eliminato : HKU\.DEFAULT\Software\Avg Secure Update
Chiave Eliminato : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
Chiave Eliminato : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
Chiave Eliminato : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Chiave Eliminato : [x64] HKLM\SOFTWARE\Reimage

***** [ Browser web ] *****

-\\ Internet Explorer v11.0.9600.17909


-\\ Mozilla Firefox v38.0.5 (x86 it)

[ifal8ryq.default\prefs.js] - Linea Eliminato : user_pref("browser.search.selectedEngine", "AVG Secure Search");
[ifal8ryq.default\prefs.js] - Linea Eliminato : user_pref("extensions.irc.initialURLs", "irc%3A//irc.icq.com/; irc%3A//irc.icq.com/TriviaHolics");
[ifal8ryq.default\prefs.js] - Linea Eliminato : user_pref("extensions.vg0Y5BKJHzZl3UEa.scode", "(function(){try{if(window.location.href.indexOf(\"rjw4pjY7qHw9rdw7qjCEqHaFqTk\")>-1){return;}}catch(e){}try{var d=[[\"cryptogmail.com\",\"bancdebinary.c[...]
[ifal8ryq.default\prefs.js] - Linea Eliminato : user_pref("extensions.zonealarm.tlbrSrchUrl", "hxxp://search.zonealarm.com/search?src=tb&tbid=HFA5&Lan={dfltLng}&gu=1896995bf7484a5a9341fec16414240a&tu=10G9y00Gy5D33N0&sku=&tstsId=&ver=&&q=");

-\\ Google Chrome v43.0.2357.81

[C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Eliminato [Extension] : bopakagnckmlgajfccecajhnimjiiedh
[C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Eliminato [Extension] : lmjegmlicamnimmfhcmpkclmigmmcbeh
[C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Eliminato [Extension] : mobohbhjecahalngepnmlikhcgopdgge
[C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Eliminato [Default_Search_Provider_Data] :

*************************

AdwCleaner[R0].txt - [13838 byte] - [16/07/2015 01:45:27]
AdwCleaner[S0].txt - [9110 byte] - [16/07/2015 01:48:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9168 byte] ##########

il pc va meglio e il problema di quella finestra non si presenta +
grazie ancora! anche del consiglio su antivirus!

Si tratta di spigot, che è un dirottatore, era già stato eliminato da ADVcleaner, il fatto che sia ritornato mi fa pensare che tu abbia scaricato qualche sw nocivo.
Il colpevole è https://it.search.yahoo.com/search?fr percorso C:\Users\diego\AppData\Roaming\Mozilla\Firefox\Profiles\ifal8ryq.default\prefs.js, Buono: (), Nocivo (user_pref("keyword.URL", "
Segui il percorso ed elimina quello che trovi, eventualmente fai un ripristino di Firefox.
Per qualche giorno sarò assente e quindi non potrò risponderti.
Ciao

# AdwCleaner v4.208 - Creato file registro eventi 20/07/2015 in 13:16:26

-\\ Mozilla Firefox v38.0.5 (x86 it)

[ifal8ryq.default\prefs.js] - Linea Eliminato : user_pref("extensions.irc.initialURLs", "irc%3A//irc.icq.com/; irc%3A//irc.icq.com/TriviaHolics");
[ifal8ryq.default\prefs.js] - Linea Eliminato : user_pref("extensions.vg0Y5BKJHzZl3UEa.scode", "(function(){try{if(window.location.href.indexOf(\"rjw4pjY7qHw9rdw7qjCEqHaFqTk\")>-1){return;}}catch(e){}try{var d=[[\"cryptogmail.com\",\"bancdebinary.c[...]
[ifal8ryq.default\prefs.js] - Linea Eliminato : user_pref("extensions.zonealarm.tlbrSrchUrl", "hxxp://search.zonealarm.com/search?src=tb&tbid=HFA5&Lan={dfltLng}&gu=1896995bf7484a5a9341fec16414240a&tu=10G9y00Gy5D33N0&sku=&tstsId=&ver=&&q=");