Esegui 
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20.31.16, on 20/12/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\AVAST Software\Avast\avastUI.exe
C:\Programmi\COMODO\COMODO Internet Security\cfp.exe
C:\Programmi\Yuna Software\Messenger Plus!\PlusService.exe
C:\Programmi\RocketDock\RocketDock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\IObit\Advanced SystemCare 4\ASCService.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
C:\Programmi\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
C:\Programmi\Telecom Italia\WanMiniport1st\WanMiniport1st_srv.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\mezzodemone\Desktop\HiJackThis-2.0.4.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {3543619C-D563-43f7-95EA-4DA7E1CC396A} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - (no file)
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [avast] "C:\Programmi\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Programmi\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [RocketDock] "C:\Programmi\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - S-1-5-18 Startup: BreakTaker.appref-ms (User 'SYSTEM')
O4 - .DEFAULT Startup: BreakTaker.appref-ms (User 'Default user')
O4 - Startup: BreakTaker.appref-ms
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Scarica con Mipony - file://C:\Programmi\MiPony\Browser\IEContext.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\WINDOWS\system32\shdocvw.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{2BF1C53D-C827-400F-991C-0728B1A94A30}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{B4DFE40A-A3F3-41BD-9CFA-D6D1F403BF73}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{2BF1C53D-C827-400F-991C-0728B1A94A30}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{2BF1C53D-C827-400F-991C-0728B1A94A30}: NameServer = 176.31.229.24,176.31.229.25
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Programmi\IObit\Advanced SystemCare 4\ASCService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programmi\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Programmi\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Programmi\Ashampoo\Ashampoo WinOptimizer 2010\Dfsdks.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Network WanMiniport First Position - Unknown owner - C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Programmi\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
O23 - Service: Pos Service (PowerOffer Service) - PowerOfferService - C:\Documents and Settings\mezzodemone\Impostazioni locali\Dati applicazioni\PosService\Pos.exe
O23 - Service: Service Updater (ServUpdater) - ServiceUpd - C:\Documents and Settings\mezzodemone\Impostazioni locali\Dati applicazioni\ServUpdater\ServiceUpd.exe
--
End of file - 6133 bytes
Scan saved at 20.31.16, on 20/12/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\AVAST Software\Avast\avastUI.exe
C:\Programmi\COMODO\COMODO Internet Security\cfp.exe
C:\Programmi\Yuna Software\Messenger Plus!\PlusService.exe
C:\Programmi\RocketDock\RocketDock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\IObit\Advanced SystemCare 4\ASCService.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
C:\Programmi\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
C:\Programmi\Telecom Italia\WanMiniport1st\WanMiniport1st_srv.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\mezzodemone\Desktop\HiJackThis-2.0.4.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {3543619C-D563-43f7-95EA-4DA7E1CC396A} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - (no file)
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [avast] "C:\Programmi\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Programmi\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [RocketDock] "C:\Programmi\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - S-1-5-18 Startup: BreakTaker.appref-ms (User 'SYSTEM')
O4 - .DEFAULT Startup: BreakTaker.appref-ms (User 'Default user')
O4 - Startup: BreakTaker.appref-ms
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Scarica con Mipony - file://C:\Programmi\MiPony\Browser\IEContext.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\WINDOWS\system32\shdocvw.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{2BF1C53D-C827-400F-991C-0728B1A94A30}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{B4DFE40A-A3F3-41BD-9CFA-D6D1F403BF73}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{2BF1C53D-C827-400F-991C-0728B1A94A30}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{2BF1C53D-C827-400F-991C-0728B1A94A30}: NameServer = 176.31.229.24,176.31.229.25
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Programmi\IObit\Advanced SystemCare 4\ASCService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programmi\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Programmi\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Programmi\Ashampoo\Ashampoo WinOptimizer 2010\Dfsdks.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Network WanMiniport First Position - Unknown owner - C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Programmi\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
O23 - Service: Pos Service (PowerOffer Service) - PowerOfferService - C:\Documents and Settings\mezzodemone\Impostazioni locali\Dati applicazioni\PosService\Pos.exe
O23 - Service: Service Updater (ServUpdater) - ServiceUpd - C:\Documents and Settings\mezzodemone\Impostazioni locali\Dati applicazioni\ServUpdater\ServiceUpd.exe
--
End of file - 6133 bytes
![[^]](http://www.megalab.it/forum/images/smilies/Oh-yea.gif "Approvazione")
![[MLI]](http://www.megalab.it/forum/images/smilies/mli.gif "MegaLab.it")
Power User.
![[;)]](http://www.megalab.it/forum/images/smilies/wink.gif "Occhiolino")
