ciao

esegui .... msconfig .... e togli la spunta al programma

spegj e riaccendi e riapri in ( F8 ) Modalità PROVVISORIA e disinstalli il programma


ps
ciao baffo ! ... tutto bene ?

---

Malwarebytes Anti-Malware
www.malwarebytes.org

Data scansione: 11/01/2015
Ora scansione: 20:52:59
File di log: log3.txt
Amministratore: Si

Versione: 2.00.4.1028
Database malware: v2015.01.11.10
Database rootkit: v2015.01.07.01
Licenza: Free
Protezione da malware: Disattivata
Protezione da siti web nocivi: Disattivata
Autoprotezione: Disattivata

SO: Windows 7 Service Pack 1
CPU: x64
File system: NTFS
Utente: 10042014

Tipo di scansione: Scansione elementi nocivi
Risultati: Completata
Elementi analizzati: 316787
Tempo impiegato: 5 min, 13 sec

Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Disattivata
Euristica: Attivata
PUP: Attivata
PUM: Attivata

Processi: 0
(Nessun elemento malevolo rilevato)

Moduli: 0
(Nessun elemento malevolo rilevato)

Chiavi di registro: 2
PUP.Optional.Booster.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{423248f1}, Spostato in quarantena, [d452f0062e5be1552d8fc6c4a95a25db],
PUP.Optional.Softonic.A, HKU\S-1-5-21-2158896076-2760410929-1853944569-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Softonic, Spostato in quarantena, [e83ed224d5b457df9a6fda94788bfc04],

Valori di registro: 0
(Nessun elemento malevolo rilevato)

Dati di registro: 0
(Nessun elemento malevolo rilevato)

Cartelle: 35
PUP.Optional.StormAlert.A, C:\Users\10042014\AppData\Local\StormAlert, Spostato in quarantena, [7babd81eb9d0df579395571d5ba8e818],
PUP.Optional.StormAlert.A, C:\ProgramData\StormAlert, Spostato in quarantena, [bc6a5f97a0e9191d66c37cf81de67987],
Rogue.Multiple, C:\ProgramData\600440862, Spostato in quarantena, [50d6698d2168a591217256cdbd46817f],
PUP.Optional.OpenCandy, C:\Users\10042014\AppData\Roaming\OpenCandy, Spostato in quarantena, [db4b10e66524b28427fc2f047a8957a9],
PUP.Optional.OpenCandy, C:\Users\10042014\AppData\Roaming\OpenCandy\OpenCandy_17613D7BB99845D4B2EFB901ACEC401C, Spostato in quarantena, [db4b10e66524b28427fc2f047a8957a9],
PUP.Optional.WebsSearches.A, C:\Users\10042014\AppData\Roaming\webssearches, Spostato in quarantena, [f72ff204f99072c4475a1d1ce81b8779],
PUP.Optional.WebsSearches.A, C:\Users\10042014\AppData\Roaming\webssearches\images, Spostato in quarantena, [f72ff204f99072c4475a1d1ce81b8779],
PUP.Optional.WebsSearches.A, C:\Users\10042014\AppData\Roaming\webssearches\images\code, Spostato in quarantena, [f72ff204f99072c4475a1d1ce81b8779],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Spostato in quarantena, [bd696b8b19702f07de0c2e1c60a36b95],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, Spostato in quarantena, [bd696b8b19702f07de0c2e1c60a36b95],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.Nosibay.A, C:\Users\10042014\AppData\Roaming\Nosibay, Spostato in quarantena, [34f2678fb5d4d363bfeffb6743c0cf31],

File: 72
PUP.Optional.OpenCandy, C:\$Recycle.Bin\S-1-5-21-2158896076-2760410929-1853944569-1000\$R4XUM4X.exe, Spostato in quarantena, [180e43b35a2f6dc994da55611aeb08f8],
PUP.Optional.Somoto, C:\Users\10042014\AppData\Local\Temp\bitool.dll, Spostato in quarantena, [0c1a94625f2afb3beb92d8d209f916ea],
PUP.Optional.Clara.A, C:\Users\10042014\AppData\Local\Temp\setup.exe, Spostato in quarantena, [2ef8d0265a2f171f65255b789a67867a],
PUP.Optional.Somoto, C:\Users\10042014\AppData\Local\Temp\nscE7A4.tmp, Spostato in quarantena, [71b5d026f2973006df188f6ce61ed52b],
PUP.Optional.Wajam.A, C:\Users\10042014\AppData\Local\Temp\4591.tmp, Spostato in quarantena, [d0565b9bdaafc373bc5ee08599678f71],
PUP.Optional.Softonic, C:\Users\10042014\Downloads\SoftonicDownloader_per_daemon-tools-lite.exe, Spostato in quarantena, [9096975f6128a78f842ef9616799de22],
PUP.Optional.Softonic, C:\Users\10042014\Downloads\SoftonicDownloader_per_farming-simulator-2013-update.exe, Spostato in quarantena, [1214ce28bdcce94d0fa38ad0916f7b85],
PUP.Optional.BoBrowser.A, C:\Windows\System32\Tasks\Run_Bobby_Browser, Spostato in quarantena, [5fc720d62762b680de021158e41f25db],
PUP.Optional.Bubbledock.A, C:\Users\10042014\AppData\Roaming\Bubble Dock.boostrap.log, Spostato in quarantena, [a28410e6d5b40e282ff4e687bc478a76],
PUP.Optional.Bubbledock.A, C:\Users\10042014\AppData\Roaming\Bubble Dock.installation.log, Spostato in quarantena, [cc5a11e51079b97d1c072d40748f2bd5],
PUP.Optional.WindApp.A, C:\Users\10042014\AppData\Roaming\WindApp.boostrap.log, Spostato in quarantena, [4fd73abc127779bd45dfc6a77a895ca4],
PUP.Optional.StormAlert.A, C:\Users\10042014\AppData\Local\StormAlert\data2.dat, Spostato in quarantena, [7babd81eb9d0df579395571d5ba8e818],
PUP.Optional.StormAlert.A, C:\ProgramData\StormAlert\app.dat, Spostato in quarantena, [bc6a5f97a0e9191d66c37cf81de67987],
PUP.Optional.StormAlert.A, C:\ProgramData\StormAlert\data.dat, Spostato in quarantena, [bc6a5f97a0e9191d66c37cf81de67987],
PUP.Optional.WebsSearches.A, C:\Users\10042014\AppData\Roaming\webssearches\239.json, Spostato in quarantena, [f72ff204f99072c4475a1d1ce81b8779],
PUP.Optional.WebsSearches.A, C:\Users\10042014\AppData\Roaming\webssearches\MessageBox.xml, Spostato in quarantena, [f72ff204f99072c4475a1d1ce81b8779],
PUP.Optional.WebsSearches.A, C:\Users\10042014\AppData\Roaming\webssearches\uninstallDlg2.xml, Spostato in quarantena, [f72ff204f99072c4475a1d1ce81b8779],
PUP.Optional.WebsSearches.A, C:\Users\10042014\AppData\Roaming\webssearches\images\bg.png, Spostato in quarantena, [f72ff204f99072c4475a1d1ce81b8779],
PUP.Optional.WebsSearches.A, C:\Users\10042014\AppData\Roaming\webssearches\images\bg1.png, Spostato in quarantena, [f72ff204f99072c4475a1d1ce81b8779],
PUP.Optional.WebsSearches.A, C:\Users\10042014\AppData\Roaming\webssearches\images\bk_shadow.png, Spostato in quarantena, [f72ff204f99072c4475a1d1ce81b8779],
PUP.Optional.WebsSearches.A, C:\Users\10042014\AppData\Roaming\webssearches\images\button.png, Spostato in quarantena, [f72ff204f99072c4475a1d1ce81b8779],
PUP.Optional.WebsSearches.A, C:\Users\10042014\AppData\Roaming\webssearches\images\button1.png, Spostato in quarantena, [f72ff204f99072c4475a1d1ce81b8779],
PUP.Optional.WebsSearches.A, C:\Users\10042014\AppData\Roaming\webssearches\images\checkbox.png, Spostato in quarantena, [f72ff204f99072c4475a1d1ce81b8779],
PUP.Optional.WebsSearches.A, C:\Users\10042014\AppData\Roaming\webssearches\images\checkbox_select.png, Spostato in quarantena, [f72ff204f99072c4475a1d1ce81b8779],
PUP.Optional.WebsSearches.A, C:\Users\10042014\AppData\Roaming\webssearches\images\checked.png, Spostato in quarantena, [f72ff204f99072c4475a1d1ce81b8779],
PUP.Optional.WebsSearches.A, C:\Users\10042014\AppData\Roaming\webssearches\images\close.png, Spostato in quarantena, [f72ff204f99072c4475a1d1ce81b8779],
PUP.Optional.WebsSearches.A, C:\Users\10042014\AppData\Roaming\webssearches\images\loading_bg.png, Spostato in quarantena, [f72ff204f99072c4475a1d1ce81b8779],
PUP.Optional.WebsSearches.A, C:\Users\10042014\AppData\Roaming\webssearches\images\loading_light.png, Spostato in quarantena, [f72ff204f99072c4475a1d1ce81b8779],
PUP.Optional.WebsSearches.A, C:\Users\10042014\AppData\Roaming\webssearches\images\min.png, Spostato in quarantena, [f72ff204f99072c4475a1d1ce81b8779],
PUP.Optional.WebsSearches.A, C:\Users\10042014\AppData\Roaming\webssearches\images\scrollbar.bmp, Spostato in quarantena, [f72ff204f99072c4475a1d1ce81b8779],
PUP.Optional.WebsSearches.A, C:\Users\10042014\AppData\Roaming\webssearches\images\Thumbs.db, Spostato in quarantena, [f72ff204f99072c4475a1d1ce81b8779],
PUP.Optional.WebsSearches.A, C:\Users\10042014\AppData\Roaming\webssearches\images\unchecked.png, Spostato in quarantena, [f72ff204f99072c4475a1d1ce81b8779],
PUP.Optional.WebsSearches.A, C:\Users\10042014\AppData\Roaming\webssearches\images\code\code1.jpg, Spostato in quarantena, [f72ff204f99072c4475a1d1ce81b8779],
PUP.Optional.WebsSearches.A, C:\Users\10042014\AppData\Roaming\webssearches\images\code\code2.jpg, Spostato in quarantena, [f72ff204f99072c4475a1d1ce81b8779],
PUP.Optional.WebsSearches.A, C:\Users\10042014\AppData\Roaming\webssearches\images\code\code3.jpg, Spostato in quarantena, [f72ff204f99072c4475a1d1ce81b8779],
PUP.Optional.WebsSearches.A, C:\Users\10042014\AppData\Roaming\webssearches\images\code\code4.jpg, Spostato in quarantena, [f72ff204f99072c4475a1d1ce81b8779],
PUP.Optional.WebsSearches.A, C:\Users\10042014\AppData\Roaming\webssearches\images\code\code5.jpg, Spostato in quarantena, [f72ff204f99072c4475a1d1ce81b8779],
PUP.Optional.WebsSearches.A, C:\Users\10042014\AppData\Roaming\webssearches\images\code\code6.jpg, Spostato in quarantena, [f72ff204f99072c4475a1d1ce81b8779],
PUP.Optional.WebsSearches.A, C:\Users\10042014\AppData\Roaming\webssearches\images\code\Thumbs.db, Spostato in quarantena, [f72ff204f99072c4475a1d1ce81b8779],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, Spostato in quarantena, [bd696b8b19702f07de0c2e1c60a36b95],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\btn.png, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\close.png, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\main.xml, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\data.html, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE.html, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE8.html, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\main.css, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\ver.txt, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\google_trends.png, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon128.png, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon16.png, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon48.png, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\loading.gif, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt\messages.json, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json, Spostato in quarantena, [9195c531632669cd5d994d03f013669a],

Settori fisici: 0
(Nessun elemento malevolo rilevato)


(end)

# AdwCleaner v4.107 - Rapporto creato 11/01/2015 in 21:15:56
# Aggiornato 07/01/2015 di Xplode
# Database : 2015-01-11.2 [Live]
# Sistema operativo : Windows 7 Ultimate Service Pack 1 (64 bits)
# Nome utente : 10042014 - 10042014-PC
# In esecuzione da : C:\Users\10042014\Downloads\adwcleaner_4.107.exe
# Opzione : Pulisci

***** [ Servizi ] *****


***** [ File / Cartelle ] *****

Cartella Eliminato : C:\ProgramData\NCH Software
Cartella Eliminato : C:\Program Files (x86)\NCH Software
Cartella Eliminato : C:\Users\10042014\AppData\Roaming\NCH Software
Cartella Eliminato : C:\Users\10042014\Documents\Optimizer Pro
Cartella Eliminato : C:\Users\10042014\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
File Eliminato : C:\Users\10042014\Desktop\Continue Live Installation.lnk
File Eliminato : C:\Users\10042014\Desktop\VOPackage.exe

***** [ Compiti ] *****

Compito Eliminati : DriverEasy Scheduled Scan
Compito Eliminati : Run_Bobby_Browser

***** [ Collegamenti ] *****


***** [ Registro ] *****

Chiave Eliminati : HKLM\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki
Chiave Eliminati : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Chiave Eliminati : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Chiave Eliminati : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Chiave Eliminati : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Chiave Eliminati : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chiave Eliminati : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Chiave Eliminati : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Chiave Eliminati : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chiave Eliminati : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Chiave Eliminati : HKCU\Software\Myfree Codec
Chiave Eliminati : HKCU\Software\BoBrowser
Chiave Eliminati : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Chiave Eliminati : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Chiave Eliminati : HKLM\SOFTWARE\Myfree Codec
Chiave Eliminati : HKLM\SOFTWARE\Clara
Chiave Eliminati : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Google Chrome v39.0.2171.95

[C:\Users\10042014\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Eliminati [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&tt=010412_crm&babsrc=SP_crm
[C:\Users\10042014\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Eliminati [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&tt=010412_crm&babsrc=SP_crm
[C:\Users\10042014\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Eliminati [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={7E164D48-9F66-11E1-8E7D-C86000853E89}
[C:\Users\10042014\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Eliminati [Search Provider] : hxxp://search.softonic.com/MON00080/tb_v1?q={searchTerms}&SearchSource=49&cc=
[C:\Users\10042014\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Eliminati [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1417293566&from=nsbit&uid=ST2000DL003-9VT166_5YD4A6N7XXXX5YD4A6N7&q={searchTerms}
[C:\Users\10042014\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Eliminati [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1417293566&from=nsbit&uid=ST2000DL003-9VT166_5YD4A6N7XXXX5YD4A6N7&q={searchTerms}
[C:\Users\10042014\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Eliminati [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1417293566&from=nsbit&uid=ST2000DL003-9VT166_5YD4A6N7XXXX5YD4A6N7&q={searchTerms}
[C:\Users\10042014\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Eliminati [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1417293566&from=nsbit&uid=ST2000DL003-9VT166_5YD4A6N7XXXX5YD4A6N7&q={searchTerms}

*************************

AdwCleaner[R0].txt - [4522 octets] - [11/01/2015 21:12:07]
AdwCleaner[S0].txt - [4405 octets] - [11/01/2015 21:15:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4465 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Ultimate x64
Ran by 10042014 on 11/01/2015 at 21:21:33,05
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11/01/2015 at 21:24:21,27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

BobbyBrowser è stato eliminato, la scansione con malwarebytes è giusta: "Scansione elementi nocivi".
Il problema dovrebbe essere risolto, se riappare fai il ripristino di Chrome leggi qui:
http://www.ottimizzazione-pc.it/come-ripristinare-chrome/

Esatto Poker!
comunque, adesso è sparita...
ci sono altre cose che posso fare o va bene così?
grazie anticipatamente a tutti.....

Infatti il tipo di scansione ora si chiama scansione di minaccia come indicato nelle istruzioni che metto io,
devo dire che sul mio pc Mbam lo uso poco non avendo problemi, magari proverò a fare una scansione ed eventualmente ti aggiorno anche per quanto riguarda la scansione veloce.
In malwarebytes sarebbe utile attivare Protezione da malware, poi ci sarebbe anche Attivare protezione da siti
web nocivi.
Altra opzione utile, questo è un suggerimento di miticoalex, da Opzioni>Rilevamento e Protezione spuntare la voce:
Ricerca Rootkit, anche questa mi riservo di provare.
Ciao