Ciao a tutti da ieri ,subito dopo il login mi appare questa schermata:
e ovviamente si blocca completamente se non inserisci i dati.
Ho fatto scansioni rapide con MSE-Malwarebytes-Tdsskiller ma nessuna minaccia
Ho fatto la prova con Opera portable e il problema non c'e'.... ma solo con internet explorer
vi posto il log di hijackthis:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:42:15, on 14/05/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\explorer.exe
C:\Program Files\3 Internet\3 Internet.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Administrator\Desktop\UTILITA'\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [CCProxy] C:\CCProxy\CCProxy.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Adsafivyw] C:\Users\Administrator\AppData\Roaming\Uxid\toin.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{643CE665-965C-45A5-9E2B-6DC97E1BF3A2}: NameServer = 62.13.173.92 62.13.173.93
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 2343 bytes
e questo e' combofix:
ComboFix 12-05-14.01 - Administrator 14/05/2012 11:12:57.1.1 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.39.1040.18.2048.1358 [GMT 2:00]
Eseguito da: c:\users\Administrator\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Administrator\2d
c:\users\Administrator\2d\R2AX7D.png
c:\users\Administrator\2d\R2KP54.png
c:\users\Administrator\2d\R3DPS5.png
c:\users\Administrator\2d\R49P01.png
c:\users\Administrator\2d\R5TP69.png
c:\users\Administrator\2d\R69P36.png
c:\users\Administrator\2d\R8PP01.png
c:\users\Administrator\2d\R9FP36.png
c:\users\Administrator\2d\REHP41.png
c:\users\Administrator\2d\RF3E52.png
c:\users\Administrator\2d\RHUP7J.png
c:\users\Administrator\2d\RIAP52.png
c:\users\Administrator\2d\RKMP5D.png
c:\users\Administrator\2d\RM8P01.png
c:\users\Administrator\2d\RMCP01.png
c:\users\Administrator\2d\RMKP01.png
c:\users\Administrator\2d\RPPP41.png
c:\users\Administrator\2d\RQ8P08.png
c:\users\Administrator\2d\RSPP01.png
c:\users\Administrator\2d\RTRP18.png
c:\users\Administrator\2d\RV8PRT.png
c:\users\Administrator\2d\RVSP69.png
c:\users\Administrator\2d\RWSP8P.png
c:\users\Administrator\2d\RXDY4Q.png
c:\users\Administrator\2d\RZTP01.png
c:\users\Administrator\2d\S2PPA4.png
c:\users\Administrator\2d\S2QP54.png
c:\users\Administrator\2d\SA6PAF.png
c:\users\Administrator\2d\SB4P01.png
c:\users\Administrator\2d\SB6P52.png
c:\users\Administrator\2d\SBHPNK.png
c:\users\Administrator\2d\SC2P8P.png
c:\users\Administrator\2d\SCTPNK.png
c:\users\Administrator\2d\SCYP4Q.png
c:\users\Administrator\2d\SDVE41.png
c:\users\Administrator\2d\SE2P69.png
c:\users\Administrator\2d\SEMP4Q.png
c:\users\Administrator\2d\SEMX4Q.png
c:\users\Administrator\2d\SF8P01.png
c:\users\Administrator\2d\SFQP8P.png
c:\users\Administrator\2d\SFVEXJ.png
c:\users\Administrator\2d\SG2XUG.png
c:\users\Administrator\2d\SI3X69.png
c:\users\Administrator\2d\SIIP8P.png
c:\users\Administrator\2d\SJUPXT.png
c:\users\Administrator\2d\SKKPHY.png
c:\users\Administrator\2d\SKTP78.png
c:\users\Administrator\2d\SKUP78.png
c:\users\Administrator\2d\SMBP8P.png
c:\users\Administrator\2d\SN3EYG.png
c:\users\Administrator\2d\SNHP69.png
c:\users\Administrator\2d\SOIPHZ.png
c:\users\Administrator\2d\SP2P01.png
c:\users\Administrator\2d\SQMP52.png
c:\users\Administrator\2d\SRKEFP.png
c:\users\Administrator\2d\SS2PFR.png
c:\users\Administrator\2d\SSQP01.png
c:\users\Administrator\2d\ST7P01.png
c:\users\Administrator\2d\STXP69.png
c:\users\Administrator\2d\SV2P78.png
c:\users\Administrator\2d\SVMP01.png
c:\users\Administrator\AppData\Roaming\Amyzgu
c:\users\Administrator\AppData\Roaming\Amyzgu\evfu.ycr
c:\users\Administrator\AppData\Roaming\Uxid
c:\users\Administrator\AppData\Roaming\Uxid\toin.exe
c:\windows\IsUn0407.exe
c:\windows\XSxS
.
.
((((((((((((((((((((((((( Files Creati Da 2012-04-14 al 2012-05-14 )))))))))))))))))))))))))))))))))))
.
.
2012-05-14 09:23 . 2012-05-14 09:23 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-05-14 09:23 . 2012-05-14 09:23 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-05-14 08:05 . 2012-05-14 08:05 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B7775501-C0B2-4A33-84FA-2FFEB3E9F3BC}\MpKsl407ae647.sys
2012-05-14 06:58 . 2012-04-13 07:36 6734704 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B7775501-C0B2-4A33-84FA-2FFEB3E9F3BC}\mpengine.dll
2012-05-13 09:45 . 2012-05-14 08:56 -------- d-----w- c:\users\Administrator\AppData\Roaming\Ytac
2012-05-13 06:33 . 2012-04-13 07:36 6734704 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-05-09 13:01 . 2012-03-30 10:23 1291632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-09 13:01 . 2012-03-31 04:30 1221632 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-05-09 13:01 . 2012-03-31 04:29 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 13:01 . 2012-03-31 04:29 989184 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-05-09 13:01 . 2012-03-31 04:29 969216 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-05-09 13:00 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-09 13:00 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-09 13:00 . 2012-03-31 02:36 2343424 ----a-w- c:\windows\system32\win32k.sys
2012-05-09 13:00 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\system32\DWrite.dll
2012-05-09 13:00 . 2012-03-17 07:27 56176 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-09 07:17 . 2012-05-09 07:30 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-04 21:02 . 2008-03-17 09:57 103680 ----a-w- c:\windows\system32\drivers\ewusbfake.sys
2012-05-04 21:02 . 2008-03-17 09:05 101632 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2012-05-04 21:02 . 2008-03-16 12:47 872192 ----a-w- c:\windows\system32\drivers\mod7700.sys
2012-05-04 21:02 . 2008-01-22 13:10 100864 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2012-05-04 21:02 . 2007-08-09 02:06 23424 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2012-05-04 21:01 . 2012-05-04 21:04 -------- d-----w- c:\program files\3 Internet
2012-05-01 08:50 . 2012-05-01 08:50 -------- d-----w- c:\users\Administrator\AppData\Roaming\adpzowml
2012-04-30 18:19 . 2012-04-30 18:19 -------- d-----w- c:\programdata\Local Settings
2012-04-30 11:37 . 2012-04-30 11:37 -------- d-----w- c:\programdata\ProcessLasso
2012-04-19 06:57 . 2012-04-19 07:20 -------- d-----w- c:\program files\Phyxion.net
2012-04-18 07:04 . 2012-04-18 07:04 -------- d-----w- c:\programdata\Ask
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-09 07:30 . 2011-08-13 09:00 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-04 13:56 . 2011-09-13 20:27 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-20 18:44 . 2011-04-27 13:25 74112 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-03-20 18:44 . 2011-04-18 11:18 171064 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-03-01 05:46 . 2012-04-11 07:43 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-03-01 05:37 . 2012-04-11 07:43 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-03-01 05:33 . 2012-04-11 07:43 159232 ----a-w- c:\windows\system32\imagehlp.dll
2012-03-01 05:29 . 2012-04-11 07:43 5120 ----a-w- c:\windows\system32\wmi.dll
2012-02-28 05:38 . 2012-04-11 07:41 981504 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 03:52 . 2012-04-11 07:41 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-17 05:34 . 2012-03-18 20:36 919040 ----a-w- c:\windows\system32\rdpcorets.dll
2012-02-17 05:34 . 2012-03-18 20:36 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 04:14 . 2012-03-18 20:36 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:13 . 2012-03-18 20:36 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCProxy"="c:\ccproxy\CCProxy.exe" [2011-03-28 1165312]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-29 17148552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"= 0 (0x0)
"NoStartMenuMyMusic"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoChangeAnimation"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoFileAssociate"= 0 (0x0)
"NoStartMenuMyGames"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)
"NoSimpleStartMenu"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
2011-08-04 07:50 966712 ----a-w- c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-02-15 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-09 257696]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 74112]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 214952]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2011-05-18 137600]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2011-05-18 8576]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
S1 MpKsl407ae647;MpKsl407ae647;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B7775501-C0B2-4A33-84FA-2FFEB3E9F3BC}\MpKsl407ae647.sys [2012-05-14 29904]
S2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files\IObit\Advanced SystemCare 4\ASCService.exe [2011-08-09 328536]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35088]
S3 P1130VID;Creative WebCam NX Pro;c:\windows\system32\DRIVERS\P1130Vid.sys [2004-05-04 90229]
.
.
--- Altri Servizi/Drivers In Memoria ---
.
*NewlyCreated* - 23293899
*NewlyCreated* - MPKSL407AE647
*Deregistered* - 23293899
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Contenuto della cartella 'Scheduled Tasks'
.
2012-05-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-09 07:30]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it
mStart Page = hxxp://www.google.it
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-Adsafivyw - c:\users\Administrator\AppData\Roaming\Uxid\toin.exe
SafeBoot-86889396.sys
MSConfigStartUp-Adsafivyw - c:\users\Administrator\AppData\Roaming\Uxid\toin.exe
AddRemove-Moorhuhn Winter-Edition - c:\windows\IsUn0407.exe
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ec,0e,ae,d2,c1,15,c1,47,97,b7,6b,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8c,4b,03,42,45,5b,f5,4d,bf,67,d9,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ec,0e,ae,d2,c1,15,c1,47,97,b7,6b,\
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3GP"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3GP"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AAC\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADT\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AVI"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.CDA"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iso\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\UltraISO.exe"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2t\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2ts\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.m3u"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M4A"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mod\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MOV"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP3"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP3"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpe\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mts\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ts\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.TTS"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tts\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.TTS"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAV"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAX"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMA"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMD"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wms\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMS"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMV"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmz\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMZ"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WPL"
.
[HKEY_USERS\S-1-5-21-2421177780-455896677-675608428-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WVX"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ec,0e,ae,d2,c1,15,c1,47,97,b7,6b,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ec,0e,ae,d2,c1,15,c1,47,97,b7,6b,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Ora fine scansione: 2012-05-14 11:28:49
ComboFix-quarantined-files.txt 2012-05-14 09:28
.
Pre-Run: 18.613.334.016 byte disponibili
Post-Run: 18.439.094.272 byte disponibili
.
- - End Of File - - 500792105AF69D206BDAEF6B62A61D6E


Vi ringrazio per la Vostra preziosa collaborazione ed attendo istruzioni
Grazie

---

... Facebook è il secondo* flagello dell'umanità.
Il primo essendo io.

*Ex aequo con Internet Explorer.

Ciao fax71

Visto che si presenta solo con IE, ripristina IE: strumenti>opzioni internet>avanzate>reimposta. Se risolvi, al riavvio del browser, attiva uno

alla volta i componeti aggiuntivi e verifica.

Se non risolvi, disattiva il ripristino di configurazione, aggiorna malwarebytes, riavvia in modalità provvisoria, ed effettua la scansione completa.

Prova e fai sapere.

Ciao

---

Ciao a tutti il problema del blocco di Facebook e' stato risolto da Combofix in automatico, poiche' dopo la scansione al riavvio di Facebook il problema non c'era piu'.... non so spiegare cosa effettivamente ha tolto ma credo che il problema fosse questa chiave di registro:
O4 - HKCU\..\Run: [Adsafivyw] C:\Users\Administrator\AppData\Roaming\Uxid\toin.exe
ho provato a lanciare hijackthis e questa chiave non c'e' piu' e Facebook funziona...

booooooooo sono contento mia moglie a fatto pace con il pc.....

---