allora, inizio a mostrarvi il log di SPYWARETERMNATOR:
Logfile of Spyware Terminator v2.0.1.224 (db:1.0.002.764)
Scan Time: 23/11/2007 7.14.11 length: 569 s
Platform: Windows Vista (WINNT 6.0.6000)
User: Admin
Boot Mode: Normal
Scan type: Fast_Spyware_Scan
Scanned Objects: 28997 (Critical:18)
Filter: No System items, No Safe items
Running Processes
smss.exe ( PID=464 )
csrss.exe ( PID=604 )
wininit.exe ( PID=656 )
csrss.exe ( PID=668 )
services.exe ( PID=704 )
lsass.exe ( PID=740 )
lsm.exe ( PID=752 )
svchost.exe ( PID=880 )
svchost.exe ( PID=936 )
svchost.exe ( PID=1012 )
svchost.exe ( PID=1056 )
svchost.exe ( PID=1088 )
winlogon.exe ( PID=1136 )
audiodg.exe ( PID=1192 )
SLsvc.exe ( PID=1220 )
svchost.exe ( PID=1260 )
svchost.exe ( PID=1356 )
ccSvcHst.exe ( PID=1516 )
AppSvc32.exe ( PID=1628 )
aawservice.exe ( PID=1772 )
spoolsv.exe ( PID=1468 )
svchost.exe ( PID=868 )
a2service.exe ( PID=2228 )
ALaunchSvc.exe ( PID=2272 )
guard.exe ( PID=2296 )
eDSService.exe ( PID=2320 )
eLockServ.exe ( PID=2364 )
eNet Service.exe ( PID=2476 )
IAANTmon.exe ( PID=2536 )
LSSrvc.exe ( PID=2580 )
MobilityService.exe ( PID=2620 )
svchost.exe ( PID=2708 )
RichVideo.exe ( PID=2752 )
sp_rsser.exe ( PID=2788 )
svchost.exe ( PID=2860 )
AluSchedulerSvc.exe ( PID=2888 )
svchost.exe ( PID=2996 )
SearchIndexer.exe ( PID=3016 )
XAudio.exe ( PID=3044 )
eRecoveryService.exe ( PID=3080 )
capuserv.exe ( PID=3116 )
ePowerSvc.exe ( PID=3164 )
WmiPrvSE.exe ( PID=3296 )
unsecapp.exe ( PID=3336 )
WmiPrvSE.exe ( PID=3520 )
rundll32.exe [Microsoft Corporation] : C:\Windows\system32\rundll32.exe
RtHDVCpl.exe [Realtek Semiconductor] : C:\Windows\RtHDVCpl.exe
rundll32.exe [Microsoft Corporation] : C:\Windows\system32\rundll32.exe
taskeng.exe ( PID=3876 )
SynTPEnh.exe ( PID=4012 )
eDSLoader.exe [HiTRUST] : C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
eAudio.exe [CyberLink] : C:\Acer\Empowering Technology\eAudio\eAudio.exe
QtZgAcer.EXE ( PID=1712 )
PMVService.exe [CyberLink Corp.] : C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
IAAnotif.exe [Intel Corporation] : C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
sidebar.exe [Microsoft Corporation] : C:\Program Files\Windows Sidebar\sidebar.exe
wmpnscfg.exe [Microsoft Corporation] : C:\Program Files\Windows Media Player\wmpnscfg.exe
AcerVCM.exe ( PID=3976 )
RtkBtMnt.exe [Realtek Semiconductor Corp.] : C:\Users\Matteo\AppData\Local\Temp\RtkBtMnt.exe
wmpnetwk.exe ( PID=4108 )
ENMTRAY.EXE [Acer Inc.] : C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
EPOWER_DMC.EXE [Acer Inc.] : C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE [Acer Inc.] : C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
ERAGENT.EXE [Acer Inc.] : C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
symlcsvc.exe ( PID=5172 )
VC.exe ( PID=5192 )
acp2HID.exe ( PID=5204 )
SearchProtocolHost.exe ( PID=4556 )
Internet Settings
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page =
http://it.intl.acer.yahoo.com
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =
BHO
02 - BHO: - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
02 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - [HiTRUST] : C:\Windows\system32\ActiveToolBand.dll
02 - BHO: - {2670000A-7350-4f3c-8081-5663EE0C6C49} - File not found
02 - BHO: - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - File not found
Toolbars
03 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - [HiTRUST] : C:\Windows\system32\eDStoolbar.dll
03 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
StartUps
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Sidebar : [Microsoft Corporation] : C:\Program Files\Windows Sidebar\sidebar.exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Acer Tour Reminder : [Acer Inc.] : C:\Acer\AcerTour\Reminder.exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, WMPNSCFG : [Microsoft Corporation] : C:\Program Files\Windows Media Player\wmpnscfg.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, NvSvc : [NVIDIA Corporation] : C:\Windows\system32\NVSVC.DLL
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ALaunch : : C:\Acer\ALaunch\AlaunchClient.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, RtHDVCpl : [Realtek Semiconductor] : C:\Windows\RtHDVCpl.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, eDataSecurity Loader : [HiTRUST] : C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, eAudio : [CyberLink] : C:\Acer\Empowering Technology\eAudio\eAudio.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, osCheck : [Symantec Corporation] : C:\Program Files\NORTON INTERNET SECURITY\OSCHECK.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, PLFSet : : C:\Windows\PLFSET.DLL
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, PlayMovie : [CyberLink Corp.] : C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Acer Tour Reminder : [Acer Inc.] : C:\Acer\AcerTour\Reminder.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, WarReg_PopUp : [Acer Inc.] : C:\Acer\WR_PopUp\WarReg_PopUp.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, IAAnotif : [Intel Corporation] : C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SetPanel : : C:\Acer\APanel\APanel.cmd
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Symantec PIF AlertEng : [Symantec Corporation] : C:\Program Files\Common Files\SYMANTEC SHARED\PIF\{B8E1DD85-8582-4C61-B58F-2F227FCA9A08}\PIFSVC.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs : [acer] : C:\Windows\system32\eNetHook.dll
04 - HKLM\System\CurrentControlSet\Control\Session Manager, BootExecute : : LSDELETE.EXE
04 - Startup: %START_PROGRAMSALL%\Startup\Acer VCM.lnk [Acer] : C:\Program Files\Acer\Acer VCM\AcerVCM.exe
04 - Startup: %START_PROGRAMSALL%\Startup\Empowering Technology Launcher.lnk [Acer Inc.] : C:\Acer\Empowering Technology\eAPLauncher.exe
Explorer Bars
Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - [HiTRUST] : C:\Windows\system32\eDStoolbar.dll
Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - [HiTRUST] : C:\Windows\system32\eDStoolbar.dll
Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
Shell Extensions
Microsoft OLE DB Service Component Data Links - {2206CDB2-19C1-11D1-89E0-00C04FD7A829} - File not found
ExtractIcon Class - {7A80E4A8-8005-11D2-BCF8-00C04F72C717} - File not found
WebCheckWebCrawler - {08165EA0-E946-11CF-9C87-00AA005127ED} - File not found
Code Download Agent - {7D559C10-9FE9-11d0-93F7-00AA0059CE02} - File not found
WebCheck SyncMgr Handler - {7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB} - File not found
Subscription Mgr - {ABBE31D0-6DAE-11D0-BECA-00C04FD940BE} - File not found
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - File not found
Subscription Folder - {F5175861-2688-11d0-9C5E-00AA00A45957} - File not found
CLSID_PreviewMime - {92dbad9f-5025-49b0-9078-2d78f935e341} - File not found
CLSID_PreviewEmail - {b9815375-5d7f-4ce2-9245-c9d4da436930} - File not found
CLSID_PreviewHtml - {f8b8412b-dea3-4130-b36c-5e8be73106ac} - File not found
Shell Message Handler - {5FA29220-36A1-40f9-89C6-F4B384B7642E} - File not found
Shell DocObject Viewer - {E7E4BC40-E76A-11CE-A9BB-00AA004AE837} - File not found
Microsoft Browser Architecture - {BC476F4C-D9D7-4100-8D4E-E043F6DEC409} - File not found
Internet Shortcut - {FBF23B40-E3F0-101B-8488-00AA003E56F8} - File not found
Microsoft Url History Service - {3C374A40-BAE4-11CF-BF7D-00AA006946EE} - File not found
History - {FF393560-C2A7-11CF-BFF4-444553540000} - File not found
Temporary Internet Files - {7BD29E00-76C1-11CF-9DD0-00A0C9034933} - File not found
Temporary Internet Files - {7BD29E01-76C1-11CF-9DD0-00A0C9034933} - File not found
Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - File not found
The Internet - {3DC7A020-0ACD-11CF-A9BB-00AA004AE837} - File not found
IE BandProxy - {73CFD649-CD48-4fd8-A272-2070EA56526B} - File not found
IE Microsoft BrowserBand - {07C45BB1-4A8C-4642-A1F5-237E7215FF66} - File not found
IE Navigation Bar - {43886CD5-6529-41c4-A707-7B3C92C05E68} - File not found
IE Search Band - {30D02401-6A81-11d0-8274-00C04FD5AE38} - File not found
IE Registry Tree Options Utility - {F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} - File not found
IE AutoComplete - {3028902F-6374-48b2-8DC6-9725E775B926} - File not found
IE MRU AutoComplete List - {98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} - File not found
IE Custom MRU AutoCompleted List - {FDE7673D-2E19-4145-8376-BBD58C4BC7BA} - File not found
IE Microsoft History AutoComplete List - {6038EF75-ABFC-4e59-AB6F-12D397F6568D} - File not found
IE Microsoft Shell Folder AutoComplete List - {9D958C62-3954-4b44-8FAB-C4670C1DB4C2} - File not found
IE Microsoft Multiple AutoComplete List Container - {B31C5FAE-961F-415b-BAF0-E697A5178B94} - File not found
IE Shell Band Site Menu - {E6EE9AAC-F76B-4947-8260-A9F136138E11} - File not found
IE Shell Rebar BandSite - {BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} - File not found
IE User Assist - {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} - File not found
IE Menu Band - {4B78D326-D922-44f9-AF2A-07805C2A3560} - File not found
- {6CF48EF8-44CD-45d2-8832-A16EA016311B} - File not found
&Links - {F2CF5485-4E02-4f68-819C-B92DE9277049} - File not found
IE Fade Task - {1C1EDB47-CE22-4bbb-B608-77B48F83C823} - File not found
IE Tracking Shell Menu - {6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} - File not found
IE Menu Site - {44C76ECD-F7FA-411c-9929-1B77BA77F524} - File not found
IE Menu Desk Bar - {205D7A97-F16D-4691-86EF-F3075DCCA57D} - File not found
- {871C5380-42A0-1069-A2EA-08002B30309D} - File not found
IE RSS Feeds Folder - {9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} - File not found
Microsoft Web Browser - {8856f961-340a-11d0-a96b-00c04fd705a2} - File not found
MHTML Document - {3050f3d9-98b5-11cf-bb82-00aa00bdce0b} - File not found
HTML Document - {25336920-03f9-11cf-8fd0-00aa00686f13} - File not found
- {00020d75-0000-0000-c000-000000000046} - File not found
ICM Scanner Management - {176d6597-26d3-11d1-b350-080036a75b03} - File not found
ICM Monitor Management - {5DB2625A-54DF-11D0-B6C4-0800091AA605} - File not found
ICM Printer Management - {675F097E-4C4D-11D0-B6C1-0800091AA605} - File not found
Color Profile - {DBCE2480-C732-101B-BE72-BA78E9AD5B27} - File not found
Color Control Panel Applet - {b2c761c6-29bc-4f19-9251-e6195265baf1} - File not found
PrintUIShellExtension Class - {77597368-7b15-11d0-a0c2-080036af3f03} - File not found
Windows Update - {36eef7db-88ad-4e81-ad49-0e313f0c35f8} - File not found
Add New Hardware - {7A979262-40CE-46ff-AEEE-7884AC3B6136} - File not found
Get Programs Online - {3e7efb4c-faf1-453d-89eb-56026875ef90} - File not found
Taskbar and Start Menu - {0DF44EAA-FF21-4412-828E-260A8728E7F1} - File not found
- {1b24a030-9b20-49bc-97ac-1be4426f9e59} - File not found
- {34449847-FD14-4fc8-A75A-7432F5181EFB} - File not found
- {C8494E42-ACDD-4739-B0FB-217361E4894F} - File not found
- {E29F9716-5C08-4FCD-955A-119FDB5A522D} - File not found
Control Panel command object for Start menu - {5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0} - File not found
Default Programs command object for Start menu - {E44E5D18-0652-4508-A4E2-8A090067BCB0} - File not found
Folder Options - {6dfd7c5c-2451-11d3-a299-00c04f8ef6af} - File not found
ActiveX Cache Folder - {88C6C381-2E85-11D0-94DE-444553540000} - File not found
- {2C2577C2-63A7-40e3-9B7F-586602617ECB} - File not found
prturl Class - {92337A8C-E11D-11D0-BE48-00C04FC30DF6} - File not found
Microsoft XPS Shell Metadata Handler - {45670FA8-ED97-4F44-BC93-305082590BFB} - File not found
- {44121072-A222-48f2-A58A-6D9AD51EBBE9} - File not found
- {38a98528-6cbf-4ca9-8dc0-b1e1d10f7b1b} - File not found
CLSID_ContactReadingPane - {13D3C4B8-B179-4ebb-BF62-F704173E7448} - : %COMMONPROGRAMFILES%\System\wab32.dll
For &People... - {32714800-2E5F-11d0-8B85-00AA0044F941} - File not found
- {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} - File not found
.group shell extension handler - {4F58F63F-244B-4c07-B29F-210BE59BE9B4} - File not found
.contact shell extension handler - {8082C5E6-4C27-48ec-A809-B8E1122E8F97} - File not found
.group shell context menu - {16C2C29D-0E5F-45f3-A445-03E03F587B7D} - File not found
.contact shell context menu - {CF67796C-F57F-45F8-92FB-AD698826C602} - File not found
LayerUIPropPage - {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} - File not found
Remote Sessions CPL Extension - {F0152790-D56E-4445-850E-4F3117DB740C} - File not found
Windows Firewall - {4026492f-2f69-46b8-b9bf-5654fc07e423} - File not found
Extensions Manager Folder - {692F0339-CBAA-47e6-B5B5-3B84DB604E87} - File not found
Problem Reports and Solutions - {fcfeecae-ee1b-4849-ae50-685dcf7717ec} - File not found
iSCSI Initiator - {a304259d-52b8-4526-8b1a-a1d6cecc8243} - File not found
Power Options - {025A5937-A6BE-4686-A844-36FE4BEC8B6D} - File not found
User Accounts - {60632754-c523-4b62-b45c-4172da012619} - File not found
AutoPlay - {9C60DE1E-E5FC-40f4-A487-460851A8D915} - File not found
CompressedFolder - {E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31} - [Microsoft Corporation] : C:\Windows\system32\zipfldr.dll
Compressed (zipped) Folder Right Drag Handler - {BD472F60-27FA-11cf-B8B4-444553540000} - [Microsoft Corporation] : C:\Windows\system32\zipfldr.dll
Compressed (zipped) Folder SendTo Target - {888DCA60-FC0A-11CF-8F0F-00C04FD7D062} - [Microsoft Corporation] : C:\Windows\system32\zipfldr.dll
Compressed (zipped) Folder Context Menu - {b8cdcb65-b1bf-4b42-9428-1dfdb7ee92af} - [Microsoft Corporation] : C:\Windows\system32\zipfldr.dll
Compressed (zipped) Folder DropHandler - {ed9d80b9-d157-457b-9192-0e7280313bf0} - [Microsoft Corporation] : C:\Windows\system32\zipfldr.dll
- {911051fa-c21c-4246-b470-070cd8df6dc4} - File not found
- {da67b8ad-e81b-4c70-9b91b417b5e33527} - File not found
DfsShell Class - {ECCDF543-45CC-11CE-B9BF-0080C87CDBA6} - File not found
IPropertyStore Handler for Images - {a38b883c-1682-497e-97b0-0a3a9e801682} - File not found
Photo Thumbnail Provider - {C7657C4A-9F68-40fa-A4DF-96BC08EB3551} - File not found
Photo Extract Image - {3F30C968-480A-4C6C-862D-EFC0897BB84B} - File not found
Windows Photo Gallery Viewer Video Verbs - {E598560B-28D5-46aa-A14A-8A3BEA34B576} - [Microsoft Corporation] : C:\Program Files\Windows Photo Gallery\PhotoViewer.dll
Scanner and Camera Control Panel - {00f2886f-cd64-4fc9-8ec5-30ef6cdbe8c3} - File not found
&Windows Media Player - {0a4286ea-e355-44fb-8086-af3df7645bd9} - [Microsoft Corporation] : C:\Program Files\Windows Media Player\wmpband.dll
- {BB6B2374-3D79-41DB-87F4-896C91846510} - File not found
Windows SideShow - {E95A4861-D57A-4be1-AD0F-35267E261739} - File not found
@%systemroot%\system32\mssvp.dll,-110 - {89D83576-6BD1-4c86-9454-BEB04E94C819} - File not found
Windows Photo Gallery Viewer Autoplay Handler - {9D687A4C-1404-41ef-A089-883B6FBECDE6} - :
DropTarget Object for Photo Printing Wizard - {60fd46de-f830-4894-a628-6fa81bc0190d} - File not found
Windows Sidebar Properties - {37efd44d-ef8d-41b1-940d-96973a50e9e0} - File not found
Portable Media Devices - {640167b4-59b0-47a6-b335-a6b3c0695aea} - File not found
PhotoAcqDropTarget - {00f20eb5-8fd6-4d9d-b75e-36801766c8f1} - File not found
@C:\Windows\System32\shell32.dll,-30579 - {ED228FDF-9EA8-4870-83B1-96B02CFE0D52} - File not found
Windows Features - {67718415-c450-4f3c-bf8a-b487642dc39b} - File not found
Backup and Restore Center - {335a31dd-f04b-4d76-a925-d6b47cf360df} - File not found
Windows Photo Gallery Viewer Image Verbs - {FFE2A43C-56B9-4bf5-9A79-CC6D4285608A} - [Microsoft Corporation] : C:\Program Files\Windows Photo Gallery\PhotoViewer.dll
Windows Defender - {d8559eb9-20c0-410e-beda-7ed416aecc2a} - File not found
Mobility Center Control Panel - {5ea4f148-308c-46d7-98a9-49041b1dd468} - File not found
File Backup Index - {877ca5ac-cb41-4842-9c69-9136e42d47e2} - File not found
Portable Devices Menu - {D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} - File not found
Speech Recognition Options - {58E3C745-D971-4081-9034-86E34B30836A} - File not found
Tablet PC Input Panel - {15D633E2-AD00-465b-9EC7-F56B7CDF8E27} - File not found
Performance Information and Tools - {78F3955E-3B90-4184-BD14-5397C15F1EFC} - File not found
MAPI Mail Previewer - {53BEDF0B-4E5B-4183-8DC9-B844344FA104} - File not found
Windows gadget DropTarget - {6b9228da-9c15-419e-856c-19e768a13bdc} - [Microsoft Corporation] : C:\Program Files\Windows Sidebar\sbdrop.dll
Portable Devices - {35786D3C-B075-49b9-88DD-029876E11C01} - File not found
@%systemroot%\system32\mssvp.dll,-112 - {BD7A2E7B-21CB-41b2-A086-B309680C6B7E} - File not found
User Accounts - {7A9D77BD-5403-11d2-8785-2E0420524153} - File not found
- {2F603045-309F-11CF-9774-0020AFD0CFF6} - [Synaptics, Inc.] : C:\Program Files\Synaptics\SynTP\SynTPCpl.dll
EPM-PO Shell Extensions - {2b45bd21-71f8-4c8c-a87a-7eeb25a1a3e0} - : epm-po.dll
a-squared Free Shell Extension - {A155339D-CCCD-4714-85EB-3754B804C9DF} - [Emsi Software GmbH] : C:\Program Files\a-squared Free\a2freecontmenu.dll
Protocol Filters
AP encoding/decoding Filters - {8f6b0360-b80d-11d0-a9b3-006097942311} - File not found
AP encoding/decoding Filters - {8f6b0360-b80d-11d0-a9b3-006097942311} - File not found
Protocol Handler
Microsoft HTML About Pluggable Protocol - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - File not found
CDL: Asychronous Pluggable Protocol Handler - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - File not found
DVD: Pluggable Protocol - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - File not found
file:, local: Asychronous Pluggable Protocol Handler - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - File not found
ftp: Asychronous Pluggable Protocol Handler - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - File not found
http: Asychronous Pluggable Protocol Handler - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - File not found
https: Asychronous Pluggable Protocol Handler - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - File not found
Microsoft InfoTech Protocols for IE 4.0 - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - File not found
Microsoft HTML Javascript Pluggable Protocol - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - File not found
file:, local: Asychronous Pluggable Protocol Handler - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - File not found
Microsoft HTML Mailto Pluggable Protocol - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - File not found
MHTML Asynchronous Pluggable Protocol Handler - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - File not found
mk: Asychronous Pluggable Protocol Handler - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - File not found
Microsoft InfoTech Protocols for IE 4.0 - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - File not found
Microsoft HTML Resource Pluggable Protocol - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - File not found
TV: Pluggable Protocol - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - File not found
Microsoft HTML Javascript Pluggable Protocol - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - File not found
Services
23 - [Emsi Software GmbH] : C:\Program Files\A-SQUARED FREE\A2SERVICE.EXE
23 - [Lavasoft AB] : C:\Program Files\LAVASOFT\AD-AWARE 2007\AAWSERVICE.EXE
23 - : C:\Acer\ALaunch\ALaunchSvc.exe
23 - : C:\??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys
23 - [GRISOFT s.r.o.] : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
23 - [GRISOFT, s.r.o.] : C:\Windows\system32\DRIVERS\AvgAsCln.sys
23 - [Symantec Corporation] : C:\Program Files\Common Files\SYMANTEC SHARED\CCSVCHST.EXE
23 - [Symantec Corporation] : C:\Program Files\Common Files\SYMANTEC SHARED\CCSVCHST.EXE
23 - [Symantec Corporation] : C:\Program Files\Common Files\SYMANTEC SHARED\CCSVCHST.EXE
23 - [HiTRSUT] : C:\ACER\EMPOWERING TECHNOLOGY\EDATASECURITY\EDSSERVICE.EXE
23 - : C:\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
23 - [Acer Inc.] : C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
23 - [Acer Inc.] : C:\Acer\Empowering Technology\eNet\eNet Service.exe
23 - [Acer Inc.] : C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
23 - : C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
23 - [Intel Corporation] : C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
23 - [Intel Corporation] : C:\Windows\system32\drivers\iastor.sys
23 - [Intel Corporation] : C:\Windows\system32\drivers\iastorv.sys
23 - : C:\??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20071120.002\IDSvix86.sys
23 - : C:\??\C:\Acer\Empowering Technology\eRecovery\int15.sys
23 - [Hewlett-Packard Company] : C:\Program Files\Common Files\LIGHTSCRIBE\LSSRVC.EXE
23 - [Symantec Corporation] : C:\Program Files\Common Files\SYMANTEC SHARED\CCSVCHST.EXE
23 - [Conexant] : C:\Windows\system32\DRIVERS\mdmxsdk.sys
23 - : C:\ACER\MOBILITY CENTER\MOBILITYSERVICE.EXE
23 - [HiTRUST] : C:\Windows\system32\DRIVERS\psdfilter.sys
23 - [HiTRUST] : C:\Windows\system32\drivers\PSDNServ.sys
23 - [HiTRUST] : C:\Windows\system32\drivers\psdvdisk.sys
23 - : C:\Program Files\CYBERLINK\SHARED FILES\RICHVIDEO.EXE
23 - [REDC] : C:\Windows\system32\DRIVERS\rimmptsk.sys
23 - [REDC] : C:\Windows\system32\DRIVERS\rimsptsk.sys
23 - [REDC] : C:\Windows\system32\DRIVERS\rixdptsk.sys
23 - [Microsoft Corporation] : C:\Windows\system32\SLsvc.exe
23 - : C:\??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
23 - : C:\??\C:\Windows\system32\drivers\sp_rsdrv2.sys
23 - [Symantec Corporation] : C:\Windows\system32\Drivers\SRTSPX.SYS
23 - [Symantec Corporation] : C:\Program Files\Common Files\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE
23 - [Symantec Corporation] : C:\Program Files\Common Files\SYMANTEC SHARED\APPCORE\APPSVC32.EXE
23 - [Symantec Corporation] : C:\Windows\system32\Drivers\SYMTDI.SYS
23 - [Symantec Corporation] : C:\Program Files\SYMANTEC\LIVEUPDATE\ALUSCHEDULERSVC.EXE
23 - [acer] : C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
23 - [Microsoft Corporation] : C:\Program Files\WINDOWS MEDIA PLAYER\WMPNETWK.EXE
23 - [Conexant Systems, Inc.] : C:\Windows\system32\DRIVERS\xaudio.sys
23 - [Conexant Systems, Inc.] : C:\Windows\system32\DRIVERS\xaudio.exe
23 - : C:\??\C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl
Threat Files
<Sgoope> : C:\Program Files\Acer\Acer VCM\AcerSkypeAPI.dll
Advanced Files Report
%SYSDIR%\nvd3dum.dll [NVidia Corporation] [NVidia Windows 95 drivers] MD5=854CB5AB7D44C67F98C7C75F2979C6F9 SIZE=4763648
%SYSDIR%\MsnChatHook.dll [HiTRUST Inc.] [MsnChatHook] MD5=81ADB60C39DECB86676D1C6F9578E68B SIZE=94208
%SYSDIR%\ShowErrMsg.dll [] [ShowErrMsg] MD5=FF265743D5FA487D5721B4E94D17842A SIZE=63488
%SYSDIR%\sysenv.dll [HiTRUST] [SysEnv] MD5=2FB1494C450FB7B0C350492ACC24607D SIZE=286720
%SYSDIR%\BatchCrypto.dll [] [BatchCrypto Dynamic Link Library] MD5=9F97089FA244B38321464F0AA40E186F SIZE=28672
%SYSDIR%\CryptoAPI.dll [HiTRUST] [CryptoAPI] MD5=DF53B8BD2C2D86E8CFEB4BB488B5EA37 SIZE=401408
%SYSDIR%\keyManager.dll [HiTRSUT] [keyManager] MD5=69A6F66E921AE6A6814F021F7E9FA1D0 SIZE=237568
%SystemDiskRoot%\Acer\Empowering Technology\EPOWER\SysHook.dll [] [SysHook Dynamic Link Library] MD5=DBEBE0C451F1EE6ED9028D116E77495B SIZE=208896
%COMMONFILES%\Symantec Shared\ccL60U.dll [Symantec Corporation] [Symantec Security Technologies] MD5=2E5B7FDEF76B9D5972C57E8DC2B40E07 SIZE=532584
%SYSDIR%\nvapi.dll [NVIDIA Corporation] [NVIDIA Windows drivers] MD5=5C1AE554D123621C13474BF067EFEE39 SIZE=344064
%SYSDIR%\rundll32.exe [Microsoft Corporation] [Sistema operativo Microsoft® Windows®] MD5=4B555106290BD117334E9A08761C035A SIZE=44544
%SYSDIR%\ADMIN_CLASS_LIB.dll [HiTRUST] [eDataSecurity Aministration Core Class library] MD5=B9876A758B370FF98E21B95A855BFE9B SIZE=122880
%SYSDIR%\PSDUtil.dll [HiTRUST] MD5=36B091CB0B6FDBE01DF37425014B2BB2 SIZE=121344
%SystemDiskRoot%\Acer\Empowering Technology\eAudio\Lang.dll [CyberLink] [Resource Dynamic Link Library] MD5=CD5E1A816083CCEE34316EDF5E53A546 SIZE=8192
%SystemDiskRoot%\Acer\Empowering Technology\eAudio\AcrRtAud.dll [Realtek Semiconductor] [HD Audio COM object for Acer Inc.] MD5=5FA8CD3FD1988B7B85C4E17F51B68990 SIZE=84776
%COMMONFILES%\Symantec Shared\SymNeti.dll [Symantec Corporation] [Symantec Security Drivers] MD5=749ABA9C6E9D5CD0FBCBA8820F0B8B5C SIZE=617104
%COMMONFILES%\Symantec Shared\ccVrTrst.dll [Symantec Corporation] [Symantec Security Technologies] MD5=545CD8A7975FF33F54C499750EC6E7B9 SIZE=128616
%COMMONFILES%\Symantec Shared\ccSvc.dll [Symantec Corporation] [Symantec Security Technologies] MD5=0B519CA09E1B240CA0CD71AC06566D58 SIZE=296552
%COMMONFILES%\Symantec Shared\ccSet.dll [Symantec Corporation] [Symantec Security Technologies] MD5=33BA084A9AF57CF1E766F49CFB59F667 SIZE=145000
%COMMONFILES%\Symantec Shared\AppCore\AppPlg32.dll [Symantec Corporation] [Symantec Application Core] MD5=1F12F89DBD2553096395189D26ED4FE2 SIZE=59536
%COMMONFILES%\Symantec Shared\AppCore\AppMgr32.dll [Symantec Corporation] [Symantec Application Core] MD5=A2950479EFCD2BEDD470EE83C6400C6B SIZE=190608
%COMMONFILES%\Symantec Shared\AppCore\AppSet32.dll [Symantec Corporation] [Symantec Application Core] MD5=4987563CB82AD92E98E1A857734408E4 SIZE=46224
%COMMONFILES%\Symantec Shared\ccAlert.dll [Symantec Corporation] [Symantec Security Technologies] MD5=3271404A91DF0CEF4223F9029EE23281 SIZE=263784
%COMMONFILES%\Symantec Shared\ccEmlPxy.dll [Symantec Corporation] [Symantec Security Technologies] MD5=AC1757FFB283A5B4DDDA4F99F759CC03 SIZE=345704
%PROGRAMFILES%\Norton Internet Security\fwAlert.dll [Symantec Corporation] [Symantec Shared Component] MD5=7DCF3BCA9D7A4DB8C0CD1349B5F4203D SIZE=231080
%PROGRAMFILES%\Norton Internet Security\fwAlRes.dll [Symantec Corporation] [Symantec Shared Component] MD5=383E3E7D81BD6E8240E62EFA48894EF7 SIZE=22136
%PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\DefAlert.dll [Symantec Corporation] [Norton AntiVirus] MD5=328BD71AA2CAF9941B2ACDE7C7AB7E73 SIZE=431776
%PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\AVPAPP32.dll [Symantec Corporation] [Norton AntiVirus] MD5=632D5AA7F3DA24641BE0EAA6EAA5D124 SIZE=226976
%PROGRAMFILES%\Norton Internet Security\NisTray.dll [Symantec Corporation] [Internet Security] MD5=21CB1DC67DB2E5EB9DE7923A10CF9473 SIZE=97408
%PROGRAMFILES%\Norton Internet Security\ISLAlert.dll [Symantec Corporation] [Internet Security] MD5=BF3C605E6DB6F875D21C08F324C32470 SIZE=303480
%COMMONFILES%\Symantec Shared\NPC\npcTRAY.dll [Symantec Corporation] [Norton Protection Center] MD5=A4272D73DCA1A65E69EBE42CEFDA13B5 SIZE=140664
%COMMONFILES%\Symantec Shared\CF\PEP2.dll [Symantec Corporation] [Symantec Component Framework] MD5=84CAF892D379A2259EEA35369A63B0F2 SIZE=421008
%COMMONFILES%\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll [Symantec Corporation] [LiveUpdate Notice] MD5=1AF91B3D6829A1656654F183232EAD05 SIZE=177800
%COMMONFILES%\Symantec Shared\COH\sesHlp.dll [Symantec Corporation] [SONAR] MD5=99F1069468F00EF8B73092E36330CED6 SIZE=140640
%PROGRAMFILES%\Norton Internet Security\AlertRes.dll [Symantec Corporation] [Internet Security] MD5=458FCF9E9DE951457DE7FD09D967E839 SIZE=75912
%PROGRAMFILES%\Norton Internet Security\NISTrRes.dll [Symantec Corporation] [Internet Security] MD5=A88277DE8A09275010DBA502B51A003E SIZE=9864
%PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\AVPAPP32.loc [Symantec Corporation] [Norton AntiVirus] MD5=9576C212B16BA85A62FB1B9795A3670B SIZE=206456
%PROGRAMFILES%\Norton Internet Security\SetEvtHp.dll [Symantec Corporation] [Symantec Shared Component] MD5=63DEC0B35EB63A2E71FC3B29B93A73E3 SIZE=78504
%COMMONFILES%\Symantec Shared\ccSetEvt.dll [Symantec Corporation] [Symantec Security Technologies] MD5=6D94D0D3E91FF2AE34D901E1DFB0B136 SIZE=71272
%COMMONFILES%\Symantec Shared\ccProSub.dll [Symantec Corporation] [Symantec Security Technologies] MD5=88343BD82812A2EA113F26E00148FF32 SIZE=63080
%COMMONFILES%\Symantec Shared\ccEvtCli.dll [Symantec Corporation] [Symantec Security Technologies] MD5=958A92DD0BB993904319C1983FFA28E1 SIZE=206440
%COMMONFILES%\Symantec Shared\NPC\DataPvdr.dll [Symantec Corporation] [Norton Protection Center] MD5=0F6C92D2E483B8E98C2D70A3E32F1799 SIZE=57720
%PROGRAMFILES%\Norton Internet Security\isDataCl.dll [Symantec Corporation] [Symantec Shared Component] MD5=8A3C117C2C17774EFADCCEBDD762E96B SIZE=366200
%COMMONFILES%\Symantec Shared\NcoItf.dll [Symantec Corporation] [Norton Confidential] MD5=1AE9ADB6ECEC107E3639ED9C3454C42A SIZE=278704
%COMMONFILES%\Symantec Shared\AntiVirus\AVIfc.dll [Symantec Corporation] [Symantec AntiVirus Shared Component] MD5=45DD1618620987E7DAC06B99B39993BB SIZE=290912
%COMMONFILES%\Symantec Shared\COH\sH0000.dll [Symantec Corporation] [SONAR] MD5=7E16D4830C908FA6EC21E5F99052EB3F SIZE=300384
%COMMONFILES%\Symantec Shared\rcEmlPxy.dll [Symantec Corporation] [Symantec Security Technologies] MD5=F287F7C65D541AEF705E0073BAB850EB SIZE=15008
%COMMONFILES%\Symantec Shared\SymRedir.dll [Symantec Corporation] [Symantec Security Drivers] MD5=3CC5076730CF551242EB8182998A4E85 SIZE=242320
%COMMONFILES%\Symantec Shared\AntiVirus\AVMail.dll [Symantec Corporation] [Symantec AntiVirus Shared Component] MD5=C4043D9634EFD72E8CEDB170114C4B36 SIZE=70240
%PROGRAMFILES%\Norton Internet Security\fwEvent.dll [Symantec Corporation] [Symantec Shared Component] MD5=7D8D22FAF477AC7653B0129ADDF4FB88 SIZE=198312
%COMMONFILES%\Symantec Shared\NPC\NSCHlpr2.dll [Symantec Corporation] [Norton Protection Center] MD5=8AD9D0C2222E7B64F175ACCCB6258664 SIZE=57720
%COMMONFILES%\Symantec Shared\NPC\pcStatus.dll [Symantec Corporation] [Norton Protection Center] MD5=17D9FB5830CD8AE3C5385E3FE894E306 SIZE=667000
%COMMONFILES%\Symantec Shared\NPC\uiLicPlg.dll [Symantec Corporation] [Norton Protection Center] MD5=82B2F02667BE919324B8282306492A70 SIZE=128888
%COMMONFILES%\Symantec Shared\NPC\NSCWSCR2.DLL [Symantec Corporation] [Norton Protection Center] MD5=28864CD3E590D460A75BE7B74EEF43D2 SIZE=493432
%COMMONFILES%\Symantec Shared\NPC\npcWmiCl.dll [Symantec Corporation] [Norton Protection Center] MD5=349A3C380B49ED124663F90CF2E607BC SIZE=90488
%COMMONFILES%\Symantec Shared\NPC\npcWmiDt.dll [Symantec Corporation] [Norton Protection Center] MD5=798598366B291FE28EFE6529424B3667 SIZE=82808
%COMMONFILES%\Symantec Shared\AntiVirus\AVExclu.dll [Symantec Corporation] [Symantec AntiVirus Shared Component] MD5=EE31EE72CAA20608D256CB34C6D911E0 SIZE=162912
%PROGRAMFILES%\Norton Internet Security\IMCfg.dll [Symantec Corporation] [Symantec Shared Component] MD5=305C2B2A1974E3D11ED7D1B4B1FEB710 SIZE=50032
%COMMONFILES%\Symantec Shared\NPC\PEPEvnt.dll [Symantec Corporation] [Norton Protection Center] MD5=CA05F6C311047AB966223A5B8846FCEC SIZE=64376
%PROGRAMFILES%\Norton Internet Security\isError.dll [Symantec Corporation] [Symantec Shared Component] MD5=757A12AE80E116CF7EDD9A2A111F9221 SIZE=71336
%PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\navevent.dll [Symantec Corporation] [Norton AntiVirus] MD5=23D68F9C0CDDB5C97901795B7C651E09 SIZE=190112
%PROGRAMFILES%\Intel\Intel Matrix Storage Manager\ISDI.dll [Intel Corporation] [Intel Storage Driver Interface Dynamic Lib] MD5=E9E95E7B9527F9899E6DEDEAD894C574 SIZE=258048
%PROGRAMFILES%\Intel\Intel Matrix Storage Manager\IAAMon_ITA.dll [Intel Corporation] [RAID Event Monitor] MD5=6537B0B5BE61F285E0C4846E9CBE02BD SIZE=73728
%TEMP%\RtkBtMnt.exe [Realtek Semiconductor Corp.] [Realtek HD Audio Data Rerouter] MD5=5EF87457AB8A58694EBE35E55D093D04 SIZE=208896
%SystemDiskRoot%\Acer\Empowering Technology\ENET\ENMTRAY.EXE [Acer Inc.] [Acer eNet Management] MD5=5B1A52A2F4573A1CA947A3AF859CF6F7 SIZE=753664
%SystemDiskRoot%\Acer\Empowering Technology\ENET\eNMIPCmm.dll [Acer Inc.] [Acer eNet Management] MD5=90E857889D71C3D46D60BD352C8DAB99 SIZE=77824
%SystemDiskRoot%\Acer\Empowering Technology\ENET\Network.dll [Acer Inc.] [Acer eNet Management] MD5=E6AE8A882646891C35AF11300BF9A7EA SIZE=135168
%SystemDiskRoot%\Acer\Empowering Technology\ENET\NetworkCardMgr.dll [Acer Inc.] [Acer eNet Management] MD5=0DD9A112F0FA435D354EB4BDF3298B7D SIZE=11776
%SystemDiskRoot%\Acer\Empowering Technology\ENET\eNetHook.dll [acer] [acer eNetManagement] MD5=2BB5B239A4501C0A846A2E43D3A98986 SIZE=90112
%SystemDiskRoot%\Acer\Empowering Technology\eNet\eNetServiceInterface.dll [Acer Inc.] [Acer eNet Management] MD5=84E951281677788DB8FD9D0A669A8E0F SIZE=34816
%SystemDiskRoot%\Acer\Empowering Technology\eNet\ICmdDispatcher.dll [Acer Inc.] [Acer eNet Management] MD5=44DB6DFF9CF3902B120BF846F1AE96D6 SIZE=43520
%SystemDiskRoot%\Acer\Empowering Technology\eNet\PfMgr.dll [Acer Inc.] [Acer eNet Management] MD5=CA4DA3278410FF88A6B56FD4213963C2 SIZE=118784
%SystemDiskRoot%\Acer\Empowering Technology\eNet\Wlan.dll [Acer Inc.] [Acer eNet Management] MD5=152DBB3DBBB3B7110FECEBDB34CC7248 SIZE=75264
%SystemDiskRoot%\Acer\Empowering Technology\eNet\Acer.Empowering.Windows.Forms.dll [Acer inc.] [Acer Empowering UI Components] MD5=72A2A89CFE8ECEEBE84EFBE5CBBC1DD7 SIZE=1503232
%SystemDiskRoot%\Acer\Empowering Technology\eNet\MultiLang.dll [Acer Inc.] [Acer eNet Management] MD5=A36A62960D9DA21FB5FDD7276C5BEACD SIZE=39424
%SystemDiskRoot%\Acer\Empowering Technology\eNet\ProfileSwitch.dll [Acer Inc.] [Acer eNet Management] MD5=F9BD37444B07018D5BF56D49EC12DC03 SIZE=88064
%SystemDiskRoot%\Acer\Empowering Technology\eNet\Diagnosis.dll [Acer Inc.] [Acer eNet Management] MD5=76605BBAC5E28AB48EC0FACE46EE743E SIZE=78336
%SystemDiskRoot%\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE [Acer Inc.] [Acer ePower Management] MD5=0F0E9EBE47A7B2BD7444424473FA3962 SIZE=528384
%SystemDiskRoot%\Acer\Empowering Technology\ePower\WMIInterface.dll [acer] [WMIInter Dynamic Link Library] MD5=442E9FBBEEBD916519D8381BC2F71EA9 SIZE=34816
%SystemDiskRoot%\Acer\Empowering Technology\ePower\Acer.Empowering.Windows.Forms.dll [Acer inc.] [Acer Empowering UI Components] MD5=72A2A89CFE8ECEEBE84EFBE5CBBC1DD7 SIZE=1503232
%SystemDiskRoot%\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE [Acer Inc.] MD5=39CBE2E778299F468BBD5B45CFB90A70 SIZE=323584
%SystemDiskRoot%\Acer\Empowering Technology\log4net.dll [The Apache Software Foundation] [log4net] MD5=5F3BD963F02108C36592B5728FA725C5 SIZE=270336
%SystemDiskRoot%\Acer\Empowering Technology\Acer.Empowering.Framework.DialogManager.dll [] [DialogManager] MD5=4CD3DCA5F48D7DCE9A3EE90DF83A1223 SIZE=57344
%SystemDiskRoot%\Acer\Empowering Technology\Acer.Empowering.Shared.UI.dll [Acer Inc.] MD5=6D0DB7B8895BBBD610A8D6AF9672431A SIZE=53248
%SystemDiskRoot%\Acer\Empowering Technology\Acer.Empowering.Windows.Forms.dll [Acer inc.] [Acer Empowering UI Components] MD5=72A2A89CFE8ECEEBE84EFBE5CBBC1DD7 SIZE=1503232
%SystemDiskRoot%\Acer\Empowering Technology\Acer.Empowering.Framework.Presenter.dll [Acer Inc.] MD5=13A8CEC1D544C448F974912690277B7E SIZE=49152
%SystemDiskRoot%\Acer\Empowering Technology\Acer.Empowering.Framework.LaunchBarView.dll [Acer Inc.] MD5=8092BC19097A8D5B07A44E49D3AA239D SIZE=1851392
%SystemDiskRoot%\Acer\Empowering Technology\Acer.Empowering.Framework.Shared.dll [Acer Inc.] MD5=B044D50A56FE16FC9F3D5445E9BF106F SIZE=32768
%SystemDiskRoot%\Acer\Empowering Technology\Acer.Empowering.Framework.Host.dll [Acer Inc.] [Empowering Technology] MD5=1B05CFDBF6E769028703B6368E91BA8D SIZE=45056
%SystemDiskRoot%\Acer\Empowering Technology\Acer.Empowering.Framework.PasswordSetting.dll [] MD5=50413B53240D067EADF1E7BD6A38D0F2 SIZE=24576
%SystemDiskRoot%\Acer\Empowering Technology\Acer.Empowering.Framework.Interface.dll [Acer Inc.] [Empowering Technology] MD5=363EC83893477E492C2EA52FA95253DC SIZE=20480
%SystemDiskRoot%\Acer\Empowering Technology\it\Acer.Empowering.Framework.LaunchBarView.resources.dll [Acer Inc.] MD5=DA56144AA6E1D1A2076E56E5C6722B62 SIZE=86016
%SystemDiskRoot%\Acer\Empowering Technology\ePower\ePower_UI.dll [Acer Inc.] [Empowering Technology] MD5=E75999892CEC703B3E1B5221B5BAC92A SIZE=1454080
%SystemDiskRoot%\Acer\Empowering Technology\eAudio\eAudioUI.dll [] [eAudioUI] MD5=742F73F3DCC4F29B157AC2F6F59A466B SIZE=106496
%SystemDiskRoot%\Acer\Empowering Technology\ePower\it\ePower_UI.resources.dll [Acer Inc.] [Empowering Technology] MD5=CB5AE5A4BF043F60035CE883AF3C0D0C SIZE=516096
%SystemDiskRoot%\Acer\Empowering Technology\eAudio\it\eAudioUI.resources.dll [] [eAudioUI] MD5=1400974119FDBC67EC1CD7ABC6157243 SIZE=3584
%SystemDiskRoot%\Acer\Empowering Technology\ePresentation\ePresentationCTL.dll [] MD5=E09F72B19D45906CEB2115E55005BFC5 SIZE=307200
%SystemDiskRoot%\Acer\Empowering Technology\ePresentation\it\ePresentationCTL.resources.dll [] MD5=FF33754A372E6B11411B66B45F2AA0FF SIZE=77824
%SystemDiskRoot%\Acer\Empowering Technology\eDataSecurity\eDSplugin.dll [HiTRUST Inc.] [Acer eDataSecurity Management] MD5=320D3528DE1771C8C7E9B53DB0EBEF74 SIZE=217088
%SystemDiskRoot%\Acer\Empowering Technology\eLock\eLockCTL.dll [] MD5=59870ABA7EAB51EBD56F21D90FBD456B SIZE=831488
%SystemDiskRoot%\Acer\Empowering Technology\eLock.Serv.Interface.dll [Acer Inc.] [Acer eLock Management] MD5=503A72D3B29427A80C610C92163830E7 SIZE=20480
%SystemDiskRoot%\Acer\Empowering Technology\eLock\eLock.Client.dll [Acer Inc.] [Acer eLock Management] MD5=490001CC1C1A5B2E120199480BA6ADFF SIZE=20480
%SystemDiskRoot%\Acer\Empowering Technology\eLock\it\eLockCTL.resources.dll [] MD5=BE10D311E26DCC6DA04EAD3408AFAB4F SIZE=139264
%SystemDiskRoot%\Acer\Empowering Technology\eRecovery\eRecoveryUI.dll [Acer Inc.] [Empowering Technology] MD5=4F0D42339259D4AB955B565845BBE583 SIZE=2584576
%SystemDiskRoot%\Acer\Empowering Technology\eRecovery\ServiceInterface.dll [] [ServiceInterface] MD5=6B46E837EC3FF448A0665DC86C5208DC SIZE=16384
%SystemDiskRoot%\Acer\Empowering Technology\eSettings\eSettings.Plugin.dll [] [eSettings.Plugin] MD5=A2906F5E57E6787E5C47BA0948C99C29 SIZE=28672
%SystemDiskRoot%\Acer\Empowering Technology\eSettings.Model.ComputerInterfaces.dll [] [ComputerInterfaces] MD5=AA6B27692B551811EC2F4E0D0D886197 SIZE=32768
%SystemDiskRoot%\Acer\Empowering Technology\eSettings\eSettings.View.dll [] [eSettings.View] MD5=06D9E19A9AB02A26B8A9E553F6893B0C SIZE=983040
%SystemDiskRoot%\Acer\Empowering Technology\eSettings\eSettings.Presenter.dll [] [Presenter.Provider] MD5=9BEEE0B1EF8904F69F36710A4382FA39 SIZE=143360
%SystemDiskRoot%\Acer\Empowering Technology\eNet\eNetPlugin.dll [] MD5=72EE63FF69A73BA13DBB8FC9FB69ACBB SIZE=249856
%SystemDiskRoot%\Acer\Empowering Technology\eNet\eNet.dll [Acer Inc.] [Acer eNet Management] MD5=282ABEBF70112D79CD92DFD3046CDEEA SIZE=1589248
%SystemDiskRoot%\Acer\Empowering Technology\eRecovery\it\eRecoveryUI.resources.dll [Acer Inc.] [Empowering Technology] MD5=52189F6D76EF655900859E09222DDE01 SIZE=118784
%SystemDiskRoot%\Acer\Empowering Technology\eSettings\it\eSettings.Plugin.resources.dll [] [eSettings.Plugin] MD5=62E06605AB282C96690E69B1B9C679B5 SIZE=3584
%SystemDiskRoot%\Acer\Empowering Technology\eSettings\it\eSettings.Presenter.resources.dll [] [Presenter.Provider] MD5=2B3CC56833B670A7C8C24FAAD6036BED SIZE=10752
%SystemDiskRoot%\Acer\Empowering Technology\eRecovery\ERAGENT.EXE [Acer Inc.] [Acer eRecovery Management] MD5=4F779AD993A2975D945EE6985CAC0FEA SIZE=397312
%PROGRAMFILES%\Skype\Plugin Manager\ezPMUtils.dll [EasyBits Software Corp.] MD5=A4A9278626397492BB641D15498167FB SIZE=2174408
%SystemDiskRoot%\Acer\ALaunch\AlaunchClient.exe []
%SystemDiskRoot%\Acer\APanel\APanel.cmd []
%PROGRAMFILES%\Acer\Acer VCM\AcerVCM.exe [Acer] [Video Conference Manager] MD5=5FE3C56A43516B40EE01FD3BCF4BBB54 SIZE=1208320
%SystemDiskRoot%\Acer\Empowering Technology\eAPLauncher.exe [Acer Inc.] [Acer eAP Launch Tool] MD5=57554A2CA345734696AF72BEEE28B718 SIZE=535336
%COMMONPROGRAMFILES%\System\wab32.dll []
%SYSDIR%\zipfldr.dll [Microsoft Corporation] [Sistema operativo Microsoft® Windows®] MD5=C9F8C752ED450D74A51FC4DA40B0DA16 SIZE=338432
%PROGRAMFILES%\Windows Photo Gallery\PhotoViewer.dll [Microsoft Corporation] [Sistema operativo Microsoft® Windows®] MD5=7CB1C510F55B2D5E3DE24823839D320D SIZE=2313216
%PROGRAMFILES%\Windows Media Player\wmpband.dll [Microsoft Corporation] [Sistema operativo Microsoft® Windows®] MD5=4AEED1FBB53F915CBE30671793776A80 SIZE=99328
[]
%PROGRAMFILES%\Windows Sidebar\sbdrop.dll [Microsoft Corporation] [Sistema operativo Microsoft® Windows®] MD5=A74701976D6D75099B9FCA993685C452 SIZE=66048
%PROGRAMFILES%\Synaptics\SynTP\SynTPCpl.dll [Synaptics, Inc.] [Synaptics Pointing Device Driver] MD5=D4F5718779A40AE27260B7F6491DAB10 SIZE=901120
epm-po.dll []
%PROGRAMFILES%\a-squared Free\a2freecontmenu.dll [Emsi Software GmbH] [a-squared Free] MD5=C3DEB4802A2C89AF25BD007008D760C2 SIZE=216208
%PROGRAMFILES%\A-SQUARED FREE\A2SERVICE.EXE [Emsi Software GmbH] [a-squared] MD5=C0C09160883A964B1B6E6CF32643A394 SIZE=217208
%PROGRAMFILES%\LAVASOFT\AD-AWARE 2007\AAWSERVICE.EXE [Lavasoft AB] [Ad-Aware 2007 Service] MD5=25F8546FD40E40EC5A2A23AECAE4FDCA SIZE=587096
%SystemDiskRoot%\Acer\ALaunch\ALaunchSvc.exe [] [ALaunchSvc Service Image] MD5=3845B6555DE995F6C0C07AE2ABCC0532 SIZE=50688
%SystemDiskRoot%\??\%PROGRAMFILES%\Grisoft\AVG Anti-Spyware 7.5\guard.sys []
%PROGRAMFILES%\Grisoft\AVG Anti-Spyware 7.5\guard.exe [GRISOFT s.r.o.] [AVG Anti-Spyware] MD5=5DCD235C061022BCDA9AA48670B64211 SIZE=312880
%SYSDIR%\DRIVERS\AvgAsCln.sys [GRISOFT, s.r.o.] [AVG7 Clean Driver] MD5=856B0CEE009946BF2D327E6B24FE7E3F SIZE=10872
%COMMONFILES%\SYMANTEC SHARED\CCSVCHST.EXE [Symantec Corporation] [Symantec Security Technologies] MD5=E7AAB1A32AC2EEA4C4B735B8D034C802 SIZE=107624
%SystemDiskRoot%\ACER\EMPOWERING TECHNOLOGY\EDATASECURITY\EDSSERVICE.EXE [HiTRSUT] [eDataSecurity Management] MD5=F54907AA07F60AFF81E1E09E97AF98B0 SIZE=457512
%SystemDiskRoot%\??\%COMMONFILES%\Symantec Shared\EENGINE\eeCtrl.sys []
%SystemDiskRoot%\Acer\Empowering Technology\eLock\Service\eLockServ.exe [Acer Inc.] [Acer eLock Management] MD5=FB5383BFD4DEC6792AAEF76C9343ECFF SIZE=24576
%SystemDiskRoot%\Acer\Empowering Technology\eNet\eNet Service.exe [Acer Inc.] [Acer eNet Management] MD5=9316C26F089CF2CEA2BD1496AC9F38A4 SIZE=135168
%SystemDiskRoot%\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [Acer Inc.] [eRecoveryService] MD5=3D184410EF5EE017E186AC96181B3FF8 SIZE=53248
%SystemDiskRoot%\Acer\Empowering Technology\eSettings\Service\capuserv.exe [] [Service] MD5=CF2584CDF90DA24D3044021AAAD5DBAB SIZE=24576
%PROGRAMFILES%\Intel\Intel Matrix Storage Manager\IAANTMon.exe [Intel Corporation] [RAID Monitor] MD5=582F2D900A3AC34C98FBDC2C0ABEF6B9 SIZE=355096
%SYSDIR%\drivers\iastor.sys [Intel Corporation] [Intel Matrix Storage Manager driver] MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 SIZE=277784
%SYSDIR%\drivers\iastorv.sys [Intel Corporation] [Intel Matrix Storage Manager driver (base)] MD5=C957BF4B5D80B46C5017BF0101E6C906 SIZE=232040
%SystemDiskRoot%\??\%SystemDiskRoot%\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20071120.002\IDSvix86.sys []
%SystemDiskRoot%\??\%SystemDiskRoot%\Acer\Empowering Technology\eRecovery\int15.sys []
%COMMONFILES%\LIGHTSCRIBE\LSSRVC.EXE [Hewlett-Packard Company] [LightScribe] MD5=793FF718477345CD5D232C50BED1E452 SIZE=61440
%SYSDIR%\DRIVERS\mdmxsdk.sys [Conexant] [Diagnostic Interface x86 Driver] MD5=0CEA2D0D3FA284B85ED5B68365114F76 SIZE=12672
%SystemDiskRoot%\ACER\MOBILITY CENTER\MOBILITYSERVICE.EXE [] MD5=842684E0DF20A59E293DA1C6F0DFE261 SIZE=107008
%SYSDIR%\DRIVERS\psdfilter.sys [HiTRUST] MD5=E801D5CC24E1CF18FA87D24D7074B876 SIZE=20776
%SYSDIR%\drivers\PSDNServ.sys [HiTRUST] MD5=24B5E3429F7F0E779FC2E6E36A0A5F73 SIZE=16680
%SYSDIR%\drivers\psdvdisk.sys [HiTRUST] MD5=01CBFD08C0E8A6106BB26FCDA297154E SIZE=60712
%PROGRAMFILES%\CYBERLINK\SHARED FILES\RICHVIDEO.EXE [] [RichVideo Module] MD5=0A468612A19FEB657D127E7C4810F6FC SIZE=266343
%SYSDIR%\DRIVERS\rimmptsk.sys [REDC] [RICOH SD/MMC Driver] MD5=355AAC141B214BEF1DBC1483AFD9BD50 SIZE=39936
%SYSDIR%\DRIVERS\rimsptsk.sys [REDC] [Ricoh Memorystick Controller] MD5=A4216C71DD4F60B26418CCFD99CD0815 SIZE=42496
%SYSDIR%\DRIVERS\rixdptsk.sys [REDC] [R5C852 Ricoh xD Controller] MD5=D231B577024AA324AF13A42F3A807D10 SIZE=37376
%SYSDIR%\SLsvc.exe [Microsoft Corporation] [Sistema operativo Microsoft® Windows®] MD5=A1DCD30534835CB67733AD00175125A6 SIZE=2605568
%SystemDiskRoot%\??\%COMMONFILES%\Symantec Shared\SPBBC\SPBBCDrv.sys []
%SYSDIR%\spoolsv.exe [Microsoft Corporation] [Sistema operativo Microsoft® Windows®] MD5=DA612EF2556776DF2630B68BF2D48935 SIZE=124928
%SystemDiskRoot%\??\%SYSDIR%\drivers\sp_rsdrv2.sys []
%SYSDIR%\Drivers\SRTSPX.SYS [Symantec Corporation] [AutoProtect] MD5=D6C028BB553E7A8DFA082360CA09B4C0 SIZE=43696
%COMMONFILES%\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE [Symantec Corporation] [Symantec Core Component] MD5=2698CD77F4D73EA7988F0BC63DE8E3D6 SIZE=1174152
%COMMONFILES%\SYMANTEC SHARED\APPCORE\APPSVC32.EXE [Symantec Corporation] [Symantec Application Core] MD5=2FE779B1A07747FED8074C433C3C4604 SIZE=46736
%SYSDIR%\Drivers\SYMTDI.SYS [Symantec Corporation] [Symantec Security Drivers] MD5=2F03CBDB0F22278D05D5D616C993AB58 SIZE=185744
%PROGRAMFILES%\SYMANTEC\LIVEUPDATE\ALUSCHEDULERSVC.EXE [Symantec Corporation] [LiveUpdate] MD5=B5D974C1FD078A68C7536C561B031D39 SIZE=554352
%SystemDiskRoot%\Acer\Empowering Technology\ePower\ePowerSvc.exe [acer] [Acer ePower Management] MD5=EE80AC462A171DBF06EEB2058B5D3BC6 SIZE=163840
%PROGRAMFILES%\WINDOWS MEDIA PLAYER\WMPNETWK.EXE [Microsoft Corporation] [Sistema operativo Microsoft® Windows®] MD5=ACB2E63D50157E3EA7140F29D9E76A48 SIZE=895488
%SYSDIR%\DRIVERS\xaudio.sys [Conexant Systems, Inc.] [SoftK56 Modem Driver] MD5=2E579520E114A9CA309F13BF40AD8292 SIZE=8704
%SYSDIR%\DRIVERS\xaudio.exe [Conexant Systems, Inc.] [SoftK56 Modem Driver] MD5=F82FC2C30A19442B95AE554215837C46 SIZE=386560
%SystemDiskRoot%\??\%PROGRAMFILES%\Acer Arcade Deluxe\Play Movie\000.fcl []
End of Report
Procedura per la Rimozione:
Preparazione delle strutture
Creazione del punto di ripristino
Rimuovi Sgoope
Registry Deletion Failed: HKCR\SkypeAPI.Access
Registry Deletion Failed: HKCR\SkypeAPI.Access.1
Registry Deletion Failed: HKCR\SkypeAPI.Call
Registry Deletion Failed: HKCR\SkypeAPI.Call.1
Registry Deletion Failed: HKCR\SkypeAPI.Conversion
Registry Deletion Failed: HKCR\SkypeAPI.Conversion.1
Registry Deletion Failed: HKCR\SkypeAPI.Profile
Registry Deletion Failed: HKCR\SkypeAPI.Profile.1
Registry Deletion Failed: HKCR\SkypeAPI.UI
Registry Deletion Failed: HKCR\SkypeAPI.UI.1
Registry Deletion Failed: HKCR\CLSID\{286E51B7-1E50-4B7A-B29C-77E1630CA583}
Rilevamento File non riuscito (User Access Denied) : C:\Program Files\Acer\Acer VCM\AcerSkypeAPI.dll
Rilevamento File non riuscito: C:\Program Files\Acer\Acer VCM\AcerSkypeAPI.dll
Registry Deletion Failed: HKCR\CLSID\{5E44580A-C478-44A9-801C-967B7276ACD3}
Registry Deletion Failed: HKCR\CLSID\{BB3784C3-E63E-40DD-8888-F1DB02CA3046}
Registry Deletion Failed: HKCR\CLSID\{C2C2D92A-4DF3-445D-89F2-3F8197429C7D}
Registry Deletion Failed: HKCR\CLSID\{D9C30395-F423-48C1-88F7-6EA78F2026B4}
Registry Deletion Failed: HKCR\SkypeAPI.Access
Registry Deletion Failed: HKCR\SkypeAPI.Access.1
Registry Deletion Failed: HKCR\SkypeAPI.Call
Registry Deletion Failed: HKCR\SkypeAPI.Call.1
Registry Deletion Failed: HKCR\SkypeAPI.Conversion
Registry Deletion Failed: HKCR\SkypeAPI.Conversion.1
Registry Deletion Failed: HKCR\SkypeAPI.Profile
Registry Deletion Failed: HKCR\SkypeAPI.Profile.1
Registry Deletion Failed: HKCR\SkypeAPI.UI
Registry Deletion Failed: HKCR\SkypeAPI.UI.1
Rimuovi Invalid Startup Items
Registry Deletion Failed: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ALaunch=C:\Acer\ALaunch\AlaunchClient.exe
Registry Deletion Failed: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run SetPanel=C:\Acer\APanel\APanel.cmd
Chiusura del punto di ripristino
Fine
come vedete non riece a togliere 2 spyware. Inoltre
HIJACKTHIS prima di partire con scansione mi dice:
for somereason your system denied writeaccess to the Hosts file....
comunque qs è il LOG relativo:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7.28.37, on 23/11/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Spyware Terminator\Spywareterminatorshield.Exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\Matteo\AppData\Local\Temp\RtkBtMnt.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Users\Matteo\Desktop\HiJackThis.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\PROGRA~1\SPYWAR~1\STServer.Exe
C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://it.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.corriere.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://it.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://it.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://it.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Toolbar &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ALaunch] C:\Acer\ALaunch\AlaunchClient.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_0
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&sporta in Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{975F3836-3E62-4B35-9517-7EFC5F4EBFE0}: NameServer = 193.70.152.15,193.70.152.25
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Convalida password di Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 11202 bytes
se da qs trafila immensa qlcuno riesce ad estrarre qlcosa...beh...grazie genio...