View Full Version : [risolto][winXP] Antivirus non s'installa e Adware.Win32.Dm.v
ciccibomber
19-11-2007, 12:06
Ciao a tutti....da 2 giorni ho un problema: non riesco ad installare nessun antivirus ( ok gli altri programmi).
Ho anche qualche problema con la modalita' provvisoria che ogni tanto s'impalla.
Cercando in giro ho visto che potrebbe trattarsi del virus Bagle, ma nel mio caso non e' cosi', non c'e' traccia di cartelle o file facenti riferimento al virus.
Tutto e' iniziato non appena e' scaduto il trial di KIS 7 che avevo installato nel mio pc, decido di provare PANDA AV, lo installo e va' tutto ok solo che non si aggiorna: scarico cioe' i kb dell'aggiornamento senza che questi vengano in effetti installati.
Il PANDA nel frattempo mi trova ed elimina il file sospetto "RESTART.EXE", e contemporaneamente HijackThis mi evidenzia i file REBOOT.EXE e LANZAR2007 ( o qualcosa del genere) che mi consigliano di fixare, e cosi' faccio. Alla fine di tutto cio' non riesco piu' ad installare alcun antivirus.
Per favore spero che qualcuno possa aiutarmi.
Intanto procedi come indicato qui:
Guida alla rimozione virus Bagle (antivirus disattivato) (http://www.hwupgrade.it/forum/showthread.php?t=1562611)
Quando sei arrivato al punto 7, posta il log di HJT o nel thread ufficiale o qui.
ciccibomber
19-11-2007, 13:08
Allora: non posso scaricare alcun file zippato, il risultato e' un file danneggiato (CRC error).
Scaricato avenger sul sito del produttore in .exe non posso avviarlo, dice:" CRC error! File content has been modified. If you run a system debugger, clear all breakpoints before running this program!"
Ti posto i log di ElibaglA, KAV on line e Hijackthis.
ELIBAGLA_________________________________________________________
Sun Nov 18 22:54:00 2007
EliBagle v10.71 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
Sun Nov 18 22:54:05 2007
EliBagle v10.71 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
Nº Total de Directorios: 2826
Nº Total de Ficheros: 37114
Nº de Ficheros Analizados: 8233
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
Sun Nov 18 22:57:35 2007
EliBagle v10.71 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
Nº Total de Directorios: 2826
Nº Total de Ficheros: 37115
Nº de Ficheros Analizados: 8233
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
Sun Nov 18 23:05:09 2007
EliBagle v10.71 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
Sun Nov 18 23:05:24 2007
EliBagle v10.71 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
Nº Total de Directorios: 2826
Nº Total de Ficheros: 37215
Nº de Ficheros Analizados: 8233
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
Mon Nov 19 00:01:53 2007
EliBagle v10.71 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
Mon Nov 19 00:02:03 2007
EliBagle v10.71 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad M:\
Nº Total de Directorios: 259
Nº Total de Ficheros: 6218
Nº de Ficheros Analizados: 637
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
Mon Nov 19 00:02:14 2007
EliBagle v10.71 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad L:\
Nº Total de Directorios: 10
Nº Total de Ficheros: 391
Nº de Ficheros Analizados: 0
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
Mon Nov 19 00:02:18 2007
EliBagle v10.71 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad J:\
Nº Total de Directorios: 20
Nº Total de Ficheros: 1001
Nº de Ficheros Analizados: 10
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
Mon Nov 19 00:02:22 2007
EliBagle v10.71 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad H:\
Nº Total de Directorios: 0
Nº Total de Ficheros: 0
Nº de Ficheros Analizados: 0
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
Mon Nov 19 00:02:27 2007
EliBagle v10.71 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad G:\
Nº Total de Directorios: 44
Nº Total de Ficheros: 7431
Nº de Ficheros Analizados: 0
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
Mon Nov 19 00:02:34 2007
EliBagle v10.71 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad F:\
Nº Total de Directorios: 20
Nº Total de Ficheros: 1534
Nº de Ficheros Analizados: 3
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
Mon Nov 19 00:02:42 2007
EliBagle v10.71 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad E:\
Nº Total de Directorios: 223
Nº Total de Ficheros: 3221
Nº de Ficheros Analizados: 248
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
Mon Nov 19 00:03:40 2007
EliBagle v10.71 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad D:\
Nº Total de Directorios: 40
Nº Total de Ficheros: 90
Nº de Ficheros Analizados: 22
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
Mon Nov 19 00:03:53 2007
EliBagle v10.71 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
Nº Total de Directorios: 2826
Nº Total de Ficheros: 37413
Nº de Ficheros Analizados: 8234
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
_________________________________________________________________
KAV
Sunday, November 18, 2007 11:48:44 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 18/11/2007
Kaspersky Anti-Virus database records: 461375
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
A:\
C:\
D:\
E:\
F:\
G:\
H:\
Scan Statistics
Total number of scanned objects 50903
Number of viruses found 1
Number of infected objects 2
Number of suspicious objects 0
Duration of the scan process 01:10:21
Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\Amministratore\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Amministratore\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Amministratore\Impostazioni locali\Cronologia\History.IE5\MSHist012007111820071119\index.dat Object is locked skipped
C:\Documents and Settings\Amministratore\Impostazioni locali\Dati applicazioni\Ahead\Nero Home\bl.db Object is locked skipped
C:\Documents and Settings\Amministratore\Impostazioni locali\Dati applicazioni\Ahead\Nero Home\is2.db Object is locked skipped
C:\Documents and Settings\Amministratore\Impostazioni locali\Dati applicazioni\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Amministratore\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Amministratore\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Amministratore\Impostazioni locali\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Amministratore\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Amministratore\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Amministratore\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Programmi\AdunanzA\Incoming\DAP_v8.6_Crack_Premium.rar/DAP v8.5.5.5 Build 292+Crack Premium/CRACK/DAP.exe Infected: Trojan-Spy.Win32.Banker.fzf skipped
C:\Programmi\AdunanzA\Incoming\DAP_v8.6_Crack_Premium.rar RAR: infected - 1 skipped
C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20071118-210131.log Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{F0780216-5059-4B67-B4B7-63127638B4D6}\RP9\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\WINDOWS\{00000002-00000000-00000003-00001102-00000004-10071102}.CDF Object is locked skipped
F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
G:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Scan process completed.
_________________________________________________________________
Hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 12.55.48, on 19/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Programmi\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Programmi\ZyXEL\G360\Gcc.exe
C:\Programmi\ZyXEL\G360\OdHost.exe
C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\AdunanzA\eMule_AdnzA.exe
C:\Programmi\Steam\Steam.exe
c:\programmi\steam\steamapps\ciccibomber\portal\hl2.exe
C:\Programmi\Steam\GameOverlayUI.exe
C:\Documents and Settings\Amministratore\Desktop\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Programmi\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programmi\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [CTSysVol] C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Programmi\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [SBDrvDet] C:\Programmi\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Utilità adattatore senza fili ZyXEL G-360.lnk = C:\Programmi\ZyXEL\G360\Gcc.exe
O8 - Extra context menu item: Aggiungi all'elenco di stampa Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Anteprima Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stampa ad alta velocità Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Stampa Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1192616758968
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Quando si postano i log si devono rispettare le regole di sezione:
Quando viviene richiesto di inserire nel thread i log dei vari tool di disinfezione siete pregati di allegarli con la funzione "Gestisci Allegati" o altrimenti tra i tag (code)(/code) sostituire le parentesi con parentesi [];
http://img105.imageshack.us/img105/7689/1fr1.jpg
che poi inserirà i due tag evidenziati
http://img292.imageshack.us/img292/2624/1ub7.jpg
quindi incollare in mezzo i vari log
Sei pregato di modificare il tuo precedente post.
Bugs Bunny
19-11-2007, 13:11
vediamo un po'....
i log vanno ALLEGATI con la funzione allega del forum oppure su zshare.net
I programmi vanno COMPRATI invece di usare crack ;)
I programmi vanno COMPRATI invece di usare crack ;)
ahi ahi ahi... mi sa che qui deve internvenire il mod in modo pesante :(
ciccibomber
19-11-2007, 13:41
Sei pregato di modificare il tuo precedente post.
Fatto.
Il fatto e' che non son pratico di forum.
La forma e' stata rispettata .....:ciapet: della sostanza che mi dici?
ciccibomber
19-11-2007, 13:45
I programmi vanno COMPRATI invece di usare crack ;)
Sono d'accordo ma la mia privacy non e' meno importante di alcun copyright.
Bugs Bunny
19-11-2007, 13:48
non capisco come il fatto di non usare crack (infetti tralaltro) possa compromettere la tua privacy
Sono d'accordo ma la mia privacy non e' meno importante di alcun copyright.
Le regole del forum non dicono questo...
ciccibomber
19-11-2007, 14:11
non capisco come il fatto di non usare crack (infetti tralaltro) possa compromettere la tua privacy
Non ho usato alcun crack.....volevo provare DAP senza advertising e non ne ho avuto neanche il tempo. Non installo mai alcunche' senza prima passarlo a setaccio.
Quei due file li ho cancellati subito dopo la scansione con KAV on line.
Pero' non e' giusto che tutto cio' venga "spiattellato" ai 4 venti.
Non trovi?
xcdegasp
19-11-2007, 14:22
Sono d'accordo ma la mia privacy non e' meno importante di alcun copyright.
mica ti denunciamo alla Polizia di Stato, semplicemente facciamo uso del tuo consenso esplicito a trattare i log in questa sede..
non è colpa ne mia e nemmeno degli utenti che si sono prestati a darti una mano se nell'analisi è emerso un programma scaricato in modo illecito ma effettivamente non risulta in uso.
edit: oggi sono buono e ti chiedo 3 nuove scansioni con relativi log:
ESET ADS revelear
a-squared-free (deep scan)
prevx CSI
non dovrebbe essere un sacrificio produrre questi 3 log in cambio alla prova di fiducia che ti sto dando :)
Bugs Bunny
19-11-2007, 14:29
Non ho usato alcun crack.....volevo provare DAP senza advertising e non ne ho avuto neanche il tempo. Non installo mai alcunche' senza prima passarlo a setaccio.
Quei due file li ho cancellati subito dopo la scansione con KAV on line.
Pero' non e' giusto che tutto cio' venga "spiattellato" ai 4 venti.
Non trovi?
tu stesso lo hai spiattellato postando i log. Tu hai chiesto aiuto per una infezione e io ti ho detto che i crack o programmi reperiti su p2p sono al 70% infetti (come in questo caso)
Chill-Out
19-11-2007, 14:32
mica ti denunciamo alla Polizia di Stato, semplicemente facciamo uso del tuo consenso esplicito a trattare i log in questa sede..
non è colpa ne mia e nemmeno degli utenti che si sono prestati a darti una mano se nell'analisi è emerso un programma scaricato in modo illecito ma effettivamente non risulta in uso.
edit: oggi sono buono e ti chiedo 3 nuove scansioni con relativi log:
ESET ADS revelear
a-squared-free (deep scan)
prevx CSI
non dovrebbe essere un sacrificio produrre questi 3 log in cambio alla prova di fiducia che ti sto dando :)
:nonio: :asd:
ciccibomber
19-11-2007, 14:57
mica ti denunciamo alla Polizia di Stato, semplicemente facciamo uso del tuo consenso esplicito a trattare i log in questa sede..
non è colpa ne mia e nemmeno degli utenti che si sono prestati a darti una mano se nell'analisi è emerso un programma scaricato in modo illecito ma effettivamente non risulta in uso.
Mettiamoci una pietra sopra ok?
Veniamo al punto....sto facendo le scansioni; dimmi solo come produrti un log della scansione con ESET ADS, non c'e' alcun pulsante relativo.
Grazie per la pazienza:rolleyes:
ciccibomber
19-11-2007, 15:05
tu stesso lo hai spiattellato postando i log. Tu hai chiesto aiuto per una infezione e io ti ho detto che i crack o programmi reperiti su p2p sono al 70% infetti (come in questo caso)
Postare un log perche' si ha un problema non vuol dire esporsi al pubblico ludibrio, se no andavo a postare in lycos chat non credi?
Oltretutto trattavasi di un programma neanche installato ( come si evince anche dagli stessi log postati) e che non c'entra nulla col problema.
Ti dico questo solo per spiegare la mia incavolatura verso la tua espressione e vorrei finirla qua.....:) ok?
xcdegasp
19-11-2007, 15:21
Ads revelear lo crea in automatico alla fine e lo deposita dove è residente l'eseguibile del programma... ricordati di correggere tutte le cose che trova ;)
Riverside
19-11-2007, 15:35
Postare un log perche' si ha un problema non vuol dire esporsi al pubblico ludibrio, se no andavo a postare in lycos chat non credi?
Dai, sono tutte polemiche che lasciano il tempo che trovano.
per pulire gli ADS:
● rilancia HTHIS
● clicca sulla voce Open the Misc Tool section
● clicca su Open ADS Spy
● clicca su Scan
● se venissero rilevati ADS spunta tutte le caselline e clicca su Remove Selected
Lascia disattivato il Ripristino configurazione di sistema, rilancia HThis e fixa queste voci:
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O11 - Options group: [INTERNATIONAL] International*
Poi, BITDEFENDER ONLINE SCANNER
● esegui una scansione online da: clicca qui per lo scan online (http://www.bitdefender.com/scan8/ie.html)
● una volta aperta la pagina, clicca I AGREE: ti farà scaricare un activex, tu segui la procedura guidata.
● allega il Report che verrà rilasciato.
Dopo aver riavviato, allega un nuovo log di Hthis, eseguito da disconesso.
P.S.: durante la scansione, evita di lasciare Emule in esecuzione, per favore.
Per quanto riguarda l'Antivirus, inizia con lo scaricare questo (poi pensiamo ad installarlo):
ANTIVIR PERSONAL EDITION FREE: clicca qui per il download (http://www.free-av.com/down/windows/antivir_workstation_win7u_en_h.exe)
● una volta installato, scarica gli aggiornamenti e poi, esegui una scansione completa del sistema.
qui trovi la Guida di configurazione per Antivir (http://www.hwupgrade.it/forum/showthread.php?t=1514684) pubblicata da Juninho (leggi, attentamente, i primi tre post), ed altre cose importanti ed interessanti in relazione ad Antivir.
Se necessiti di informazioni o spiegazioni, posta, in quella discussione.
ciccibomber
19-11-2007, 15:43
Ads revelear lo crea in automatico alla fine e lo deposita dove è residente l'eseguibile del programma... ricordati di correggere tutte le cose che trova ;)
Mmmmm niente log.....cancello tutto quello che trova?
Riverside
19-11-2007, 15:47
Mmmmm niente log.....cancello tutto quello che trova?
Leggi sopra ..... mi appare scontato che devi eliminare tutto ciò che trova.
ciccibomber
19-11-2007, 16:13
Edit - Vedi sotto.
ciccibomber
19-11-2007, 16:36
Allora HTHIS non ha rilevato alcun ads.....fixate le voci di cui sopra......sto scansendo con BitDefender.
Ecco i log chiesti prima da xcdegasp:
Prevx CSI
Computer Security Investigator Output Log (v0.7)
System analyzed at: 15:41:49 11/19/07
Currently active windows: 5
C:\WINDOWS\SOUNDMAN.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\SoundMan SOUNDMAN.EXE
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
PX5: 4F78FABA00B35ABFE0D500808C69A100ECB77A94
Determination: GOOD
C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\CTSysVol C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
PX5: 0A0D175A00E412E3C01B00301DE52E0072521E9B
Determination: GOOD
C:\Programmi\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\CTDVDDet C:\Programmi\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
Loaded into: C:\Programmi\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
PX5: FB2F1D1100653B27B043002DDDE82A00A8B89DEC
Determination: GOOD
C:\WINDOWS\system32\CTHELPER.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\CTHelper CTHELPER.EXE
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
PX5: 9B5B082B0023D951700E0054A0C2560019B8B077
Determination: GOOD
C:\WINDOWS\system32\CTASIO.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\AsioReg REGSVR32.EXE /S CTASIO.DLL
PX5: F3204F4C006ACC75D0430144C408A5003B6B8BE3
Determination: GOOD
C:\WINDOWS\system32\REGSVR32.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\AsioReg REGSVR32.EXE /S CTASIO.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}\StubPath %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}\StubPath regsvr32.exe /s /n /i:U shell32.dll
PX5: 9F2DE48F0086912530FD001A3E083800D58E0872
Determination: GOOD
C:\WINDOWS\UpdReg.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\UpdReg C:\WINDOWS\UpdReg.EXE
PX5: 1F24BC4600299AC56032017CCB790F00755FCB4E
Determination: GOOD
C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\Adobe Reader Speed Launcher "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Avvio veloce di Adobe Reader.lnk\command C:\PROGRA~1\Adobe\READER~1.0\Reader\READER~1.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher\command "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
PX5: 7034BACB703B560C9BC900BFAF1E1000A084BCE4
Determination: GOOD
C:\WINDOWS\system32\CTFMON.EXE
Loaded from: \REGISTRY\User\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\CTFMON.EXE C:\WINDOWS\system32\CTFMON.EXE
Loaded from: \REGISTRY\User\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\CTFMON.EXE C:\WINDOWS\system32\CTFMON.EXE
Loaded from: \REGISTRY\User\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\CTFMON.EXE C:\WINDOWS\system32\CTFMON.EXE
Loaded from: \REGISTRY\User\S-1-5-21-682003330-2000478354-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\ctfmon.exe C:\WINDOWS\system32\ctfmon.exe
Loaded from: \REGISTRY\User\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\CTFMON.EXE C:\WINDOWS\system32\CTFMON.EXE
Loaded into: C:\WINDOWS\system32\ctfmon.exe
PX5: 7BE460C100E5509F3C0D00F14B5A510097B91217
Determination: GOOD
C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded from: \REGISTRY\User\S-1-5-21-682003330-2000478354-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSConfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}\command "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
PX5: D4314BAE28A4B9C155D302CEAA68E500AF7229C9
Determination: GOOD
C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
Loaded from: \REGISTRY\User\S-1-5-21-682003330-2000478354-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\SpybotSD TeaTimer C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
Loaded into: C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
PX5: 9A20ACCD506AAD6F49DF1673471ED200E9898A95
Determination: GOOD
C:\WINDOWS\system32\PDBoot.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Session Manager\BootExecute PDBoot.exe autocheck autochk * lsdelete
PX5: 97F2BCD708C633EF7902036062F09F005972A641
Determination: GOOD
C:\WINDOWS\system32\autochk.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Session Manager\BootExecute PDBoot.exe autocheck autochk * lsdelete
PX5: 38890F3300760B775A86096430A56A00DB68AE82
Determination: GOOD
C:\WINDOWS\system32\win32k.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Session Manager\SubSystems\Kmode %SystemRoot%\system32\win32k.sys
PX5: AF40E9838058D78E21CB1CA553259300AEAD9216
Determination: GOOD
C:\WINDOWS\system32\basesrv.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Session Manager\SubSystems\Windows %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
Loaded into: C:\WINDOWS\system32\csrss.exe
PX5: CDE7154D0060E2E4CE1D00F8B4D58500AEAC4112
Determination: GOOD
C:\WINDOWS\system32\csrss.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Session Manager\SubSystems\Windows %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
Loaded into: C:\WINDOWS\system32\csrss.exe
PX5: 457E08CD00DE83E3183600665DD0AE001F0FA82A
Determination: GOOD
C:\WINDOWS\system32\shell32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{AEB6717E-7E19-11d0-97EE-00C04FD91972}
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}\StubPath regsvr32.exe /s /n /i:U shell32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\VmApplet rundll32 shell32,Control_RunDLL "sysdm.cpl"
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\PostBootReminder {7849596a-48ea-486e-8937-a2a3009f31a9}
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\CDBurn {fbeb8a05-beee-4442-804e-409d6c4515e9}
Loaded from: \REGISTRY\User\S-1-5-21-682003330-2000478354-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{0E5CBF21-D15F-11D0-8301-00AA005B4383} !.\._..... . [C." . . . . L ... . F.
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Open With\(default) {09799AFB-AD67-11d1-ABCD-00C04FC30936}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Open With EncryptionMenu\(default) {A470F8CF-A1E8-4f65-8335-227475AA5C46}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}\(default) Blocco menu Start
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu\(default) {A470F8CF-A1E8-4f65-8335-227475AA5C46}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\PropertySheetHandlers\{ef43ecfe-2ab9-4632-bf21-58909dd177f0}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\FileSystem\(default) {217FC9C0-3AEA-1069-A2DB-08002B30309D}
Loaded into: C:\Documents and Settings\Amministratore\Impostazioni locali\Temp\Tmp___31011\PrevxCSI.exe
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\File comuni\LightScribe\LSSrvc.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\PREVXCSIFREE.EXE
PX5: C74DB9F400A749A98AD181C3816D18006A78E9E8
Determination: GOOD
C:\Programmi\Java\jre1.6.0_03\bin\regutils.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}\KeyFileName C:\Programmi\Java\jre1.6.0_03\bin\regutils.dll
PX5: 18FDF0650029FF2F9067038B74E5FB00E6236711
Determination: GOOD
C:\Programmi\Messenger\msmsgs.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}\KeyFileName C:\Programmi\Messenger\msmsgs.exe
PX5: 937DB9BC008B29B4DA13198C306CAF00327E8384
Determination: GOOD
C:\WINDOWS\system32\msieftp.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}\KeyFileName C:\WINDOWS\system32\msieftp.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{63da6ec0-2e98-11cf-8d82-444553540000} FTP Folders Webview
PX5: 44133DFB00C5C1B9D64903B9EB9B6E00A95E5477
Determination: GOOD
C:\WINDOWS\system32\ieudinit.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}\StubPath C:\WINDOWS\system32\ieudinit.exe
PX5: 9D50E37200728720360A0021165ED3009E4C0A27
Determination: GOOD
C:\WINDOWS\inf\unregmp2.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}\Stubpath C:\WINDOWS\inf\unregmp2.exe /ShowWMP
PX5: FC6E369700C7E58BF0180217C418240053B23395
Determination: GOOD
C:\WINDOWS\system32\ie4uinit.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}\StubPath C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}\StubPath C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
PX5: ADE0C3A900456573F88A00EBBC329900AC3A1660
Determination: GOOD
C:\WINDOWS\system32\IEDKCS32.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}\StubPath RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS\StubPath RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3}\DllName iedkcs32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B}\DllName iedkcs32.dll
PX5: 2844962A00A76C9BDE4E0572402CA40026882872
Determination: GOOD
C:\WINDOWS\system32\RunDLL32.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}\StubPath RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS\StubPath RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\VmApplet rundll32 shell32,Control_RunDLL "sysdm.cpl"
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} Autoplay for SlideShow
Loaded from: \REGISTRY\Machine\Software\Classes\ShellScrap\shell\open\command\(default) rundll32 %SystemRoot%\system32\shscrap.dll OpenScrap_RunDLL %1
PX5: 797CA9E8007174E38209003396ABA600D9E79205
Determination: GOOD
C:\WINDOWS\system32\shmgrate.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}\StubPath %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
PX5: 20602ECB00AD0F89A6D6007CC62E8E00FE74C13B
Determination: GOOD
C:\Programmi\File comuni\LightScribe\LSRunOnce.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}\StubPath "C:\Programmi\File comuni\LightScribe\LSRunOnce.exe"
PX5: 468CDB8820D9B294E51F060BDB98D700FB82C9F5
Determination: GOOD
C:\WINDOWS\system32\themeui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}\StubPath %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{41E300E0-78B6-11ce-849B-444553540000} PlusPack CPL Extension
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: BAC50787005D6D22F49E05A57642CD002A91E075
Determination: GOOD
C:\Programmi\Outlook Express\setup50.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}\StubPath "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}\StubPath "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
PX5: 990052A900467F972069015D0AA93E00C6116D6B
Determination: GOOD
C:\WINDOWS\system32\advpack.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub
PX5: 696A0E0E001811DCE8EF01C2ADD6E00006EFB6A4
Determination: GOOD
C:\WINDOWS\INF\msnetmtg.inf
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
PX5: C04A779A5AE1A5526A2101886D50EC0079807252
C:\WINDOWS\INF\msmsgs.inf
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
PX5: 39BCAAC848A1DEE092870140F8129000930CF579
C:\WINDOWS\INF\wmp10.inf
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub
PX5: 0031AB58FD9E3FB387E100D6FEBDD600F8E7E613
C:\WINDOWS\system32\logon.scr
Loaded from: \REGISTRY\User\.DEFAULT\Control Panel\Desktop\SCRNSAVE.EXE logon.scr
Loaded from: \REGISTRY\User\S-1-5-19\Control Panel\Desktop\SCRNSAVE.EXE %SystemRoot%\System32\logon.scr
Loaded from: \REGISTRY\User\S-1-5-20\Control Panel\Desktop\SCRNSAVE.EXE %SystemRoot%\System32\logon.scr
Loaded from: \REGISTRY\User\S-1-5-18\Control Panel\Desktop\SCRNSAVE.EXE logon.scr
PX5: 509D0B6F00114C175E1803F3B4819D004996445C
Determination: GOOD
C:\WINDOWS\Explorer.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell Explorer.exe
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 5F224AD100F73BC6CEBA0FDC56B8E400769BB8AE
Determination: GOOD
C:\WINDOWS\system32\userinit.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\UserInit C:\WINDOWS\system32\userinit.exe
PX5: 33A4BB2F001DA1EB620B00510674AE00F15A5361
Determination: GOOD
C:\WINDOWS\system32\logonui.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost logonui.exe
PX5: 6B3184960083D65DDE0B0761A134100078FE806C
Determination: GOOD
C:\WINDOWS\system32\sysdm.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\VmApplet rundll32 shell32,Control_RunDLL "sysdm.cpl"
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Extended Properties\{305CA226-D286-468e-B848-2B2E8E697B74} 2\%SystemRoot%\system32\sysdm.cpl
PX5: 77D613BF00DD23AB9A92044AE70A3A00F8BE273E
Determination: GOOD
C:\WINDOWS\system32\gptext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}\DllName gptext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{426031c0-0b47-4852-b0ca-ac3d37bfcb39}\DllName gptext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{42B5FAAE-6536-11d2-AE5A-0000F87571E3}\DllName gptext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{e437bc1c-aa7d-11d2-a382-00c04f991e27}\DllName gptext.dll
PX5: 3937BBDB001CF5150EDE03108010A6002700AFB6
Determination: GOOD
C:\WINDOWS\system32\fdeploy.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{25537BA6-77A8-11D2-9B6C-0000F8080861}\DllName fdeploy.dll
PX5: 4B245433003392E32A140131FF3EF30000999A70
Determination: GOOD
C:\WINDOWS\system32\dskquota.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{3610eda5-77ef-11d2-8dc5-00c04fa31a66}\DllName dskquota.dll
PX5: 67A29FF30003BFCF6E3801450DA1040095E8819B
Determination: GOOD
C:\WINDOWS\system32\scecli.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{827D319E-6EAC-11D2-A4EA-00C04F79F83A}\DllName scecli.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}\DllName scecli.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Notification Packages scecli
Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: C91F3DA800B1BEBADA0C02480448D00054984981
Determination: GOOD
C:\WINDOWS\System32\cscui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{C631DF4C-088F-4156-B058-4375F0853CD8}\DllName %SystemRoot%\System32\cscui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{750fdf0e-2a26-11d1-a3ea-080036587f03} Offline Files Menu
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{10CFC467-4392-11d2-8DB4-00C04FA31A66} Offline Files Folder Options
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E} Cartella file non in linea
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Offline Files\(default) {750fdf0e-2a26-11d1-a3ea-080036587f03}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\Offline Files\(default) {750fdf0e-2a26-11d1-a3ea-080036587f03}
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 8E7CD5F4006500C1188E05B6248B9200BAF8CA73
Determination: GOOD
C:\WINDOWS\system32\appmgmts.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{c6dc5466-785a-11d2-84d0-00c04fb169f7}\DllName appmgmts.dll
PX5: D38F92810065B7EDAC840228F23E3C004E625C37
Determination: GOOD
C:\WINDOWS\system32\Ati2evxx.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent\DLLName Ati2evxx.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
PX5: FE521D4000BA6685E0BF0112771ABA0035FB60FF
Determination: GOOD
C:\WINDOWS\system32\crypt32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain\DllName crypt32.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
Loaded into: C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\WINDOWS\system32\wdfmgr.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: DD3ED9060033BBFB2E83098709F8D4001E524429
Determination: GOOD
C:\WINDOWS\system32\cryptnet.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet\DllName cryptnet.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 7068F9AD00A507EDF8EF0072A0BBE3005197631B
Determination: GOOD
C:\WINDOWS\system32\cscdll.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll\DLLName cscdll.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 36CC0D8B0009157E909D017F19231E0041E0A92E
Determination: GOOD
C:\WINDOWS\system32\wlnotify.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp\DLLName wlnotify.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule\DllName wlnotify.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn\DLLName WlNotify.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv\DllName wlnotify.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon\DLLName wlnotify.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
PX5: 3C08F14B008AD1456C990109A197100002605D8A
Determination: GOOD
C:\WINDOWS\system32\sclgntfy.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy\DllName sclgntfy.dll
PX5: 164435B300B5B4E0548400AA1F6E0800C2CDD06A
Determination: GOOD
C:\WINDOWS\system32\comm.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\comm.drv comm.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 0D8B262B3068553F296F004B25B4F300F3172575
Determination: GOOD
C:\WINDOWS\system32\vga.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\display.drv vga.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 8D38D13480CC42FA089200F6F3895F00B79BCD14
Determination: GOOD
C:\WINDOWS\system32\mmsystem.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\drivers mmsystem.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: B7018ADE208113FC103101C8EB6DD700B1D99765
Determination: GOOD
C:\WINDOWS\system32\keyboard.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\keyboard.drv keyboard.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 159F7A82D0C5E0D3077700FE801B1000B79BCD14
Determination: GOOD
C:\WINDOWS\system32\mouse.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\mouse.drv mouse.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: D9EA0CB2F0FB384407BE00D28D0C0C00B79BCD14
Determination: GOOD
C:\WINDOWS\system32\wfwnet.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\network.drv wfwnet.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: E9641F0220200734353000D28FC59A003BEC664C
Determination: GOOD
C:\WINDOWS\system32\progman.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\shell progman.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: C0D0815600445D69AC3B01B2DAB067005DE0E11A
Determination: GOOD
C:\WINDOWS\system32\sound.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\sound.drv sound.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: E70CAE91D00DCE52067C00647C846400B79BCD14
Determination: GOOD
C:\WINDOWS\system32\system.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\system.drv system.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: D4BD27742043BEDB0DB0000478EA5C00B79BCD14
Determination: GOOD
C:\WINDOWS\system32\ntvdm.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\cmdline %SystemRoot%\system32\ntvdm.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\wowcmdline %SystemRoot%\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386
PX5: DFD881F400018F016A4F06473E7EAA001AE7779E
Determination: GOOD
C:\WINDOWS\system32\krnl386.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\wowcmdline %SystemRoot%\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386
PX5: 01F6A66B6040DCB569EA013E85A2EE004745F621
Determination: GOOD
C:\WINDOWS\system32\commdlg.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: D41FE74160643BD6833B006BB7E5A9004410FDC1
Determination: GOOD
C:\WINDOWS\system32\ctl3dv2.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: C84734B440655DC66A4D00304EF8AC0014627D07
Determination: GOOD
C:\WINDOWS\system32\ddeml.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 87F926CB00F2CB349A1200182C7413003E6FB37C
Determination: GOOD
C:\WINDOWS\system32\lanman.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: A797EACD0BCFF4C3663403FC8369B500D2DCA4A2
Determination: GOOD
C:\WINDOWS\system32\netapi.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 3B2621E2C04DF3B2A77E0156CAF52A0029A06ED9
Determination: GOOD
C:\WINDOWS\system32\olecli.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: B5F4F24400858B0246DF0121D0BC320031CB25FD
Determination: GOOD
C:\WINDOWS\system32\olesvr.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: CE221EF60049CF2B5E3B009B247C6A00F018477F
Determination: GOOD
C:\WINDOWS\system32\pmspl.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 98CDEBDE0094268EB67200C1C6BF85009014DA93
Determination: GOOD
C:\WINDOWS\system32\shell.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: CE2E2C35000BF1E3147B0046192BB900FA35E49E
Determination: GOOD
C:\WINDOWS\system32\toolhelp.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 87219368400265353643009B30E21C003936EBD7
Determination: GOOD
C:\WINDOWS\system32\win87em.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 22C03F9D0005E87A34B40075B0F00E00517D625F
Determination: GOOD
C:\WINDOWS\system32\winoldap.mod
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: E19A53B2202676D208C7002132DA8800B79BCD14
Determination: GOOD
C:\WINDOWS\system32\winsock.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: FCF9BBDC30E28D0D0BF200D9F4D9CD00B79BCD14
Determination: GOOD
C:\WINDOWS\system32\winspool.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: F5BB157440E5748C08D600021F9AD300B79BCD14
Determination: GOOD
C:\WINDOWS\system32\wowdeb.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: C1613D5DB0A80A260ABB006471357400B79BCD14
Determination: GOOD
C:\WINDOWS\system32\timer.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 01DC5380F09B29550F040024FDB8830045F6872C
Determination: GOOD
C:\WINDOWS\system32\compobj.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: DA21156DD0BCD8E77562007DCF26A600F4FFDA3F
Determination: GOOD
C:\WINDOWS\system32\storage.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 60BAD4D270E3252C10B800A49D4C780095AFB292
Determination: GOOD
C:\WINDOWS\system32\ole2.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: F2FC4A2A40B7B6B59BDF00629364AB00A54AED31
Determination: GOOD
C:\WINDOWS\system32\ole2disp.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 3E66404830EBCC7296B902E3361C6400BE12EFF7
Determination: GOOD
C:\WINDOWS\system32\ole2nls.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 09B13294B021FA9E558F026E08072F00900228B5
Determination: GOOD
C:\WINDOWS\system32\typelib.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: C0620321C004C14EB60D020DCCE16200701F9AEA
Determination: GOOD
C:\WINDOWS\system32\msvideo.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 790EE65FC0939660F0F4012F00509C00EF668BF3
Determination: GOOD
C:\WINDOWS\system32\avifile.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 23078576D07C879BAB0E016052733100CC123BD6
Determination: GOOD
C:\WINDOWS\system32\msacm.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 9509859960B48961EF3C0048E192C7002EB67DBB
Determination: GOOD
C:\WINDOWS\system32\mciavi.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 8B09E9FBC0AC80C41F5801300F1C5F00B1E6B4D8
Determination: GOOD
C:\WINDOWS\system32\mciseq.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 6F3561B8D089079262B000F61C353D001FC85F9C
Determination: GOOD
C:\WINDOWS\system32\mciwave.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 2D1A8D9600222A826E980084C50D45003B805765
Determination: GOOD
C:\WINDOWS\system32\avicap.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 8D50F512B0D5AAB0126C01BC85534E00FA0EC9E8
Determination: GOOD
C:\Programmi\Canon\Easy-WebPrint\EWPBrowseLoader.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}\(default) Canon Easy Web Print Helper
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: D81EA96E001BA66386FC0024A19021000E01A08C
Determination: GOOD
C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\NoExplorer .
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: BEEC7CE7903A1989A51C07665627A3001B1EF486
Determination: GOOD
C:\WINDOWS\system32\ntsd.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path\Debugger ntsd -d
PX5: 834FBBDD002D211C7C10004432E9BD00FC3D4F55
Determination: GOOD
C:\WINDOWS\system32\mmsys.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{00022613-0000-0000-C000-000000000046} Propriet. dei file Multimedia
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Extended Properties\{305CA226-D286-468e-B848-2B2E8E697B74} 2\%SystemRoot%\system32\mmsys.cpl .
PX5: 22BCF726009533B384CD093581FB0B00BBF55E93
Determination: GOOD
C:\WINDOWS\system32\icmui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{176d6597-26d3-11d1-b350-080036a75b03} Gestore scanner ICM
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5DB2625A-54DF-11D0-B6C4-0800091AA605} Gestore monitor ICM
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{675F097E-4C4D-11D0-B6C1-0800091AA605} Gestore stampante ICM
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{DBCE2480-C732-101B-BE72-BA78E9AD5B27} Profilo ICC
PX5: 79852F4F004FA70AD8870036A8B3F300BFB6CC72
Determination: GOOD
C:\WINDOWS\system32\rshx32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1F2E5C40-9550-11CE-99D2-00AA006E086C} Pagina di protezione NTFS
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F37C5810-4D3F-11d0-B4BF-00AA00BBB723} Pagina di protezione della stampante
PX5: 8E3D69C300B1B3BBA05400C01998E00021B13B08
Determination: GOOD
C:\WINDOWS\system32\docprop.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3EA48300-8CF6-101B-84FB-666CCB9BCD32} Pagina di propriet. di Docfile OLE
PX5: 4D155A630014F006B8E7003E1F6CD600C0918C31
Determination: GOOD
C:\WINDOWS\system32\ntshrui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{40dd6e20-7c17-11ce-a804-00aa003ca9f6} Estensioni shell per la condivisione
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} Estensioni shell per la condivisione
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\Sharing\(default) {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\PropertySheetHandlers\Sharing\(default) {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\Sharing\(default) {40dd6e20-7c17-11ce-a804-00aa003ca9f6}
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 5EB8DF8A0005A80F3870025CC8B2C100D6ECC82F
Determination: GOOD
C:\WINDOWS\system32\deskadp.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{42071712-76d4-11d1-8b24-00a0c9068ff3} Estensione scheda video del Pannello di controllo
PX5: 1FEBC52C0075696A427B005EACC72200AF70D61C
Determination: GOOD
C:\WINDOWS\system32\deskmon.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{42071713-76d4-11d1-8b24-00a0c9068ff3} Estensione monitor del Pannello di controllo
PX5: E6AC7E1B00B4347342D70033642CB1001FC78895
Determination: GOOD
C:\WINDOWS\system32\dssec.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4E40F770-369C-11d0-8922-00A024AB2DBB} Pagina di protezione DS
PX5: BF365090005B6ECFCC56008F370997000EDC51ED
Determination: GOOD
C:\WINDOWS\system32\SlayerXP.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} Pagina compatibilit.
PX5: 071E70380069307964410011CDEF880004B79666
Determination: GOOD
C:\WINDOWS\system32\shscrap.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{56117100-C0CD-101B-81E2-00AA004AE837} Gestore dati dei ritagli di shell
Loaded from: \REGISTRY\Machine\Software\Classes\ShellScrap\shell\open\command\(default) rundll32 %SystemRoot%\system32\shscrap.dll OpenScrap_RunDLL %1
PX5: CEE438A6004ACC126CE400DA76EA3300F6FBD343
Determination: GOOD
C:\WINDOWS\system32\diskcopy.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{59099400-57FF-11CE-BD94-0020AF85B590} Estensione copia dischi
PX5: 74FF218D0092AEB8EC3016F62F9A37009BC24342
Determination: GOOD
C:\WINDOWS\system32\ntlanui2.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{59be4990-f85c-11ce-aff7-00aa003ca9f6} Estensioni shell per oggetti Rete Microsoft Windows
PX5: 0FBD6225003D84B73AA5000A7557EF00532B5590
Determination: GOOD
C:\WINDOWS\system32\printui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{77597368-7b15-11d0-a0c2-080036af3f03} Estensione shell per la stampante Web
PX5: CFC465B500331E10BE8C08062B62D70065070AFA
Determination: GOOD
C:\WINDOWS\system32\dskquoui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7988B573-EC89-11cf-9C00-00AA00A14F56} Disk Quota UI
PX5: 22C011F30068927142C902641380E9009CE9DCD6
Determination: GOOD
C:\WINDOWS\system32\syncui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{85BBD920-42A0-1069-A2E4-08002B30309D} Sincronia file
PX5: 32CB8DAC001BF20AF6D60250E1D558008C7994BA
Determination: GOOD
C:\WINDOWS\system32\hticons.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88895560-9AA2-1069-930E-00AA0030EBC8} Estensione di icona di HyperTerminal
PX5: FDDAAC340069DC70AEDE004813C9AE00464F204F
Determination: GOOD
C:\WINDOWS\system32\fontext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BD84B380-8CA2-1069-AB1D-08000948F534} Tipi di carattere
PX5: A9B1E4F600762191E233053033E9D8001908E1DB
Determination: GOOD
C:\WINDOWS\system32\deskperf.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{f92e8c40-3d33-11d2-b1aa-080036a75b03} Display TroubleShoot CPL Extension
PX5: DEBA621400871F794A8D0005514927006E3B795A
Determination: GOOD
C:\WINDOWS\system32\cryptext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7444C717-39BF-11D1-8CD9-00C04FC29D45} Estensione Crypto PKO
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7444C719-39BF-11D1-8CD9-00C04FC29D45} Estensione firma crittografata
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\PropertySheetHandlers\CryptoSignMenu\(default) {7444C719-39BF-11D1-8CD9-00C04FC29D45}
PX5: 144B846200DE013DD4E800E6AFBAF700F56839D9
Determination: GOOD
C:\WINDOWS\system32\NETSHELL.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7007ACC7-3202-11D1-AAD2-00805FC1270E} Connessioni di rete
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{992CFFA0-F557-101A-88EC-00DD010CCC48} Connessioni di rete
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: F7F9A56A007CF701368C1AE01A3E1600E0C02A68
Determination: GOOD
C:\WINDOWS\system32\wiashext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E211B736-43FD-11D1-9EFB-0000F8757FCD} Scanner e fotocamere digitali
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD} Scanner e fotocamere digitali
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{905667aa-acd6-11d2-8080-00805f6596d2} Scanner e fotocamere digitali
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3F953603-1008-4f6e-A73A-04AAC7A992F1} Scanner e fotocamere digitali
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{83bbcbf3-b28a-4919-a5aa-73027445d672} Scanner e fotocamere digitali
PX5: C96A74CF00663EB10AB209D765C2F9007A08BE3F
Determination: GOOD
C:\WINDOWS\system32\remotepg.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F0152790-D56E-4445-850E-4F3117DB740C} Remote Sessions CPL Extension
PX5: B276FC4B0072F7D1EE38004C043BDE00E8D7EAE4
Determination: GOOD
C:\WINDOWS\system32\wshext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{60254CA5-953B-11CF-8C96-00AA00B8708C} Estensione shell per Windows Script Host
PX5: 66026A8D0045E4F800BE0104F649E900B9F8B8B3
Determination: GOOD
C:\Programmi\File comuni\System\Ole DB\oledb32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2206CDB2-19C1-11D1-89E0-00C04FD7A829} Microsoft Data Link
PX5: 722A7F0200065713701D079CB9F9D70095D47802
Determination: GOOD
C:\WINDOWS\system32\mstask.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF} Tasks Folder Icon Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF} Tasks Folder Shell Extension
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D6277990-4C6A-11CF-8D87-00AA0060F5BF} Operazioni pianificate
PX5: 28BAE091003DDB7248B2048CE9759F0060145387
Determination: GOOD
C:\WINDOWS\system32\shdocvw.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0} Set Program Access and Defaults
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0} Cerca
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0} Guida in linea e supporto tecnico
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0} Guida in linea e supporto tecnico
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} Esegui...
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0} Internet
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0} Posta elettronica
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D20EA4E1-3957-11d2-A40B-0C5020524152} Tipi di carattere
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D20EA4E1-3957-11d2-A40B-0C5020524153} Strumenti di amministrazione
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EFA24E61-B078-11d0-89E4-00C04FC9E26E} Favorites Band
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0A89A860-D7B1-11CE-8350-444553540000} Shell Automation Inproc Service
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A5E46E3A-8849-11D1-9D8C-00C04FC99D61} Microsoft Browser Architecture
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC} Schermata iniziale applicazioni Internet Explorer 4
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{67EA19A0-CCEF-11d0-8024-00C04FD75D13} CDF Extension Copy Hook
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{131A6951-7F78-11D0-A979-00C04FD705A2} ISFBand OC
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9461b922-3c5a-11d2-bf8b-00c04fb93661} Search Assistant OC
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EFA24E64-B078-11d0-89E4-00C04FC9E26E} Explorer Band
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\CDF\(default) {67EA19A0-CCEF-11d0-8024-00C04FD75D13}
Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}\BarSize A
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: D9FE865200F9C218D0E616C0CC5CD600B040545A
Determination: GOOD
C:\WINDOWS\system32\wuaucpl.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5F327514-6C5E-4d60-8F16-D07FA08A78ED} Auto Update Property Sheet Extension
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Extended Properties\{305CA226-D286-468e-B848-2B2E8E697B74} 2\%SystemRoot%\System32\wuaucpl.cpl .
PX5: DEC1D60858D0AD974D1603850E3A98002B746A2D
Determination: GOOD
C:\WINDOWS\system32\twext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{596AB062-B4D2-4215-9F74-E9109B0A8153} Pagina propriet. versioni precedenti
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9DB7A13C-F208-4981-8353-73CC61AE2783} Versioni precedenti
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\PropertySheetHandlers\{596AB062-B4D2-4215-9F74-E9109B0A8153}\(default)
PX5: 83D6D2D5007A7A78AC5A00555BE37F0060757F73
Determination: GOOD
C:\WINDOWS\system32\shmedia.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{875CB1A1-0F29-45de-A1AE-CFB4950D0B78} Audio Media Properties Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{40C3D757-D6E4-4b49-BB41-0E5BBEA28817} Video Media Properties Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E4B29F9D-D390-480b-92FD-7DDB47101D71} Wav Properties Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{87D62D94-71B3-4b9a-9489-5FE6850DC73E} Avi Properties Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A6FD9E45-6E44-43f9-8644-08598F5A74D9} Midi Properties Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{c5a40261-cd64-4ccf-84cb-c394da41d590} Video Thumbnail Extractor
PX5: 6F935BCA00698E3154450276A47BF4000FC59B48
Determination: GOOD
C:\WINDOWS\system32\browseui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5E6AB780-7743-11CF-A12B-00AA004AE837} Barra degli strumenti Microsoft Internet
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{22BF0C20-6DA7-11D0-B373-00A0C9034938} Stato del download
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{91EA3F8B-C99B-11d0-9815-00C04FD91972} Shell Folder accresciuto
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6413BA2C-B461-11d1-A18A-080036B11A03} Shell Folder 2 accresciuto
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F61FFEC1-754F-11d0-80CA-00AA005B4383} BandProxy
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7BA4C742-9E81-11CF-99D3-00AA004AE837} Microsoft BrowserBand
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{169A0691-8DF9-11d1-A1C4-00C04FD75D13} Ricerca all'interno
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{07798131-AF23-11d1-9111-00A0C98BA67D} Ricerca Web
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{AF4F6510-F982-11d0-8595-00AA004CD6D8} Utilit. opzioni della struttura del Registro di sistema
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{01E04581-4EEE-11d0-BFE9-00AA005B4383} &Indirizzo
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A08C11D2-A228-11d0-825B-00AA005B4383} Address EditBox
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{00BB2763-6A77-11D0-A535-00C04FD7D062} Completamento automatico Microsoft
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7376D660-C583-11d0-A3A5-00C04FD706EC} TridentImageExtractor
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6756A641-DE71-11d0-831B-00AA005B4383} Elenco di Completamento automatico MRU
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A} Elenco di Completamento automatico MRU personalizzato
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7e653215-fa25-46bd-a339-34a2790f3cb7} Accessibile
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{acf35015-526e-4230-9596-becbe19f0ac9} Indicatore di avanzamento popup
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{00BB2764-6A77-11D0-A535-00C04FD7D062} Elenco di Completamento automatico della Cronologia di Microsoft
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{03C036F1-A186-11D0-824A-00AA005B4383} Elenco di Completamento automatico di Shell Folder di Microsoft
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{00BB2765-6A77-11D0-A535-00C04FD7D062} Contenitore dell'elenco di Completamento automatico multiplo Microsoft
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ECD4FC4E-521C-11D0-B792-00A0C90312E1} Shell Band Site Menu
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3CCF8A41-5C85-11d0-9796-00AA00B90ADF} Shell DeskBarApp
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ECD4FC4C-521C-11D0-B792-00A0C90312E1} Shell DeskBar
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ECD4FC4D-521C-11D0-B792-00A0C90312E1} Shell Rebar BandSite
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{DD313E04-FEFF-11d1-8ECD-0000F87A470C} Assistenza utente
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} Impostazioni cartella globale
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{21569614-B795-46b1-85F4-E737A8DC09AD} Shell Search Band
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{438755C2-A8BA-11D1-B96B-00A0C90312E1} Precaricatore Browseui
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{8C7461EF-2B13-11d2-BE35-3078302C2030} Daemon di cache delle categorie di componenti
Loaded from: \REGISTRY\User\S-1-5-21-682003330-2000478354-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{01E04581-4EEE-11D0-BFE9-00AA005B4383} .E...N.... . [C.. ..2..
Loaded from: \REGISTRY\User\S-1-5-21-682003330-2000478354-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{01E04581-4EEE-11D0-BFE9-00AA005B4383} .E...N.... . [C.. ..2..
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 74E197CD00F453B89CCF0F389ED22800B566048B
Determination: GOOD
C:\WINDOWS\system32\ieframe.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{30D02401-6A81-11d0-8274-00C04FD5AE38} IE Search Band
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} Shell DocObject Viewer
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FBF23B40-E3F0-101B-8488-00AA003E56F8} InternetShortcut
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3C374A40-BAE4-11CF-BF7D-00AA006946EE} Microsoft Url History Service
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FF393560-C2A7-11CF-BFF4-444553540000} History
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7BD29E00-76C1-11CF-9DD0-00A0C9034933} Temporary Internet Files
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7BD29E01-76C1-11CF-9DD0-00A0C9034933} Temporary Internet Files
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CFBFAE00-17A6-11D0-99CB-00C04FD64497} Microsoft Url Search Hook
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3DC7A020-0ACD-11CF-A9BB-00AA004AE837} The Internet
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{871C5380-42A0-1069-A2EA-08002B30309D} Internet Name Space
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{07C45BB1-4A8C-4642-A1F5-237E7215FF66} IE Microsoft BrowserBand
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1C1EDB47-CE22-4bbb-B608-77B48F83C823} IE Fade Task
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{205D7A97-F16D-4691-86EF-F3075DCCA57D} IE Menu Desk Bar
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3028902F-6374-48b2-8DC6-9725E775B926} IE AutoComplete
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{43886CD5-6529-41c4-A707-7B3C92C05E68} IE Navigation Bar
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{44C76ECD-F7FA-411c-9929-1B77BA77F524} IE Menu Site
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4B78D326-D922-44f9-AF2A-07805C2A3560} IE Menu Band
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6038EF75-ABFC-4e59-AB6F-12D397F6568D} IE Microsoft History AutoComplete List
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} IE Tracking Shell Menu
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6CF48EF8-44CD-45d2-8832-A16EA016311B} IE IShellFolderBand
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{73CFD649-CD48-4fd8-A272-2070EA56526B} IE BandProxy
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} IE MRU AutoComplete List
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} IE RSS Feeder Folder
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9D958C62-3954-4b44-8FAB-C4670C1DB4C2} IE Microsoft Shell Folder AutoComplete List
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B31C5FAE-961F-415b-BAF0-E697A5178B94} IE Microsoft Multiple AutoComplete List Container
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BC476F4C-D9D7-4100-8D4E-E043F6DEC409} Microsoft Browser Architecture
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} IE Shell Rebar BandSite
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E6EE9AAC-F76B-4947-8260-A9F136138E11} IE Shell Band Site Menu
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F2CF5485-4E02-4f68-819C-B92DE9277049} &Links
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} IE Registry Tree Options Utility
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} IE User Assist
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FDE7673D-2E19-4145-8376-BBD58C4BC7BA} IE Custom MRU AutoCompleted List
Loaded from: \REGISTRY\User\S-1-5-21-682003330-2000478354-839522115-1003\Software\Microsoft\Internet Explorer\UrlSearchHooks\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 704A36C70060276A72205CFD9A23FA00183A9106
Determination: GOOD
C:\WINDOWS\system32\sendmail.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE} Sendmail service
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE} Sendmail service
PX5: 89815E52001B0148D88B0081AF133A006B487C42
Determination: GOOD
C:\WINDOWS\system32\occache.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88C6C381-2E85-11D0-94DE-444553540000} ActiveX Cache Folder
PX5: A045077D00E08BC590640115184ECA00E89E6273
Determination: GOOD
C:\WINDOWS\system32\webcheck.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E6FB5E20-DE35-11CF-9C87-00AA005127ED} WebCheck
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE} Subscription Mgr
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F5175861-2688-11d0-9C5E-00AA00A45957} Subscription Folder
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{08165EA0-E946-11CF-9C87-00AA005127ED} WebCheckWebCrawler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB} WebCheckChannelAgent
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7} TrayAgent
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7D559C10-9FE9-11d0-93F7-00AA0059CE02} Code Download Agent
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E6CC6978-6B6E-11D0-BECA-00C04FD940BE} ConnectionAgent
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D8BD2030-6FC9-11D0-864F-00AA006809D9} PostAgent
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB} WebCheck SyncMgr Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\WebCheck {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: FF2374C800BBC7CC8E6B036020466D00EC0B9F6F
Determination: GOOD
C:\WINDOWS\system32\appwiz.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{352EC2B7-8B9A-11D1-B8AE-006008059382} Gestione applicazioni shell
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0B124F8F-91F0-11D1-B8B5-006008059382} Enumeratore applicazioni installate
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CFCCC7A0-A282-11D1-9082-006008059382} Darwin App Publisher
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Extended Properties\{305CA226-D286-468e-B848-2B2E8E697B74} 2\%SystemRoot%\system32\appwiz.cpl .
PX5: 7BF23A6100E0F96772F20888CE0D3F00288DF318
Determination: GOOD
C:\WINDOWS\system32\shimgvw.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{e84fda7c-1d6a-45f6-b725-cb260c236066} Shell Image Verbs
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178} Shell Image Data Factory
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3F30C968-480A-4C6C-862D-EFC0897BB84B} GDI + programma di estrazione file in anteprima
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9DBD2C50-62AD-11d0-B806-00C04FD706EC} Summary Info Thumbnail handler (DOCFILES)
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EAB841A0-9550-11cf-8C16-00805F1408F3} Programma di estrazione pagine HTML in anteprima
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{eb9b1153-3b57-4e68-959a-a3266bc3d7fe} Shell Image Property Handler
PX5: BF42E4FC005BE16EB66806F7E01C32002F436309
Determination: GOOD
C:\WINDOWS\system32\netplwiz.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CC6EEFFB-43F6-46c5-9619-51D571967F7D} Pubblicazione guidata sul Web
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{add36aa8-751a-4579-a266-d66f5202ccbb} Ordinazione di stampe tramite Web
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6b33163c-76a5-4b6c-bf21-45de9cd503a1} Oggetto Pubblicazione guidata sul Web
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{58f1f272-9240-4f51-b6d4-fd63d1618591} Creazione guidata profilo Passport
PX5: C0B90A180022DF616EE40D61CC92200055AE5438
Determination: GOOD
C:\WINDOWS\system32\zipfldr.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31} Cartella compressa
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BD472F60-27FA-11cf-B8B4-444553540000} Compressed (zipped) Folder Right Drag Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{888DCA60-FC0A-11CF-8F0F-00C04FD7D062} Compressed (zipped) Folder SendTo Target
PX5: ED969ADB00D5666D2CF80569EB9E87007A803837
Determination: GOOD
C:\WINDOWS\system32\extmgr.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{692F0339-CBAA-47e6-B5B5-3B84DB604E87} Extensions Manager Folder
PX5: E754A35D00796728067802FD21EC25007697120C
Determination: GOOD
C:\WINDOWS\system32\docprop2.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{883373C3-BF89-11D1-BE35-080036B11A03} Microsoft DocProp Shell Ext
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A9CF0EAE-901A-4739-A481-E35B73E47F6D} Microsoft DocProp Inplace Edit Box Control
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8EE97210-FD1F-4B19-91DA-67914005F020} Microsoft DocProp Inplace ML Edit Box Control
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0EEA25CC-4362-4A12-850B-86EE61B0D3EB} Microsoft DocProp Inplace Droplist Combo Control
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6A205B57-2567-4A2C-B881-F787FAB579A3} Microsoft DocProp Inplace Calendar Control
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33} Microsoft DocProp Inplace Time Control
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\PropertySheetHandlers\{883373C3-BF89-11D1-BE35-080036B11A03}\(default) Summary Properties Page
PX5: BAD4E96E0064F346BC36008E2891DB0060D308D0
Determination: GOOD
C:\WINDOWS\system32\dsquery.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8A23E65E-31C2-11d0-891C-00A024AB2DBB} Directory Query UI
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9E51E0D0-6E0F-11d2-9601-00C04FA31A86} Shell properties for a DS object
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{163FDC20-2ABC-11d0-88F0-00A024AB2DBB} Directory Object Find
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F020E586-5264-11d1-A532-0000F8757D7E} Directory Start/Search Find
PX5: 97CEB5F9000C9E25AA2703A3E1CE88000E6ADB1E
Determination: GOOD
C:\WINDOWS\system32\dsuiext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0D45D530-764B-11d0-A1CA-00AA00C16E65} Directory Property UI
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{62AE1F9A-126A-11D0-A14B-0800361B1103} Directory Context Menu Verbs
PX5: 6A192EC500170EFDBCEB0145A96D9300BCCCF2CE
Determination: GOOD
C:\WINDOWS\system32\mydocs.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ECF03A33-103D-11d2-854D-006008059367} MyDocs Copy Hook
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ECF03A32-103D-11d2-854D-006008059367} MyDocs Drop Target
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4a7ded0a-ad25-11d0-98a8-0800361b1103} MyDocs Properties
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\MyDocuments\(default) {ECF03A33-103D-11d2-854D-006008059367}
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 57E2829600BA664D643501A4D8468A0095362A02
Determination: GOOD
C:\WINDOWS\msagent\agentpsh.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{143A62C8-C33B-11D1-84FE-00C04FA34A14} Microsoft Agent Character Property Sheet Handler
PX5: 7469413C00931FFF5E8700E559045400C1A9DC6C
Determination: GOOD
C:\WINDOWS\system32\dfsshlex.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6} DfsShell
PX5: C56F8BCC000B5CE570B200C57894E100F757413D
Determination: GOOD
C:\WINDOWS\system32\photowiz.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{60fd46de-f830-4894-a628-6fa81bc0190d} %DESC_PublishDropTarget%
PX5: B7418C4500E88487A00C02F731B52500E7F273D2
Determination: GOOD
C:\WINDOWS\System32\mmcshext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7A80E4A8-8005-11D2-BCF8-00C04F72C717} MMC Icon Handler
PX5: 8A0ADE010092153AC6C80087DEA97400BEB13B83
Determination: GOOD
C:\WINDOWS\system32\cabview.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0CD7A5C0-9F37-11CE-AE65-08002B2E1262} .CAB file viewer
PX5: 3D37E41700A8F7F74C2701763FA52300CB1B48CD
Determination: GOOD
C:\Programmi\Outlook Express\wabfind.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{32714800-2E5F-11d0-8B85-00AA0044F941} &Contatti...
PX5: 4FBC213F00A9A845805300462EEB2700C79BF84F
Determination: GOOD
C:\WINDOWS\system32\wmpshell.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8DD448E6-C188-4aed-AF92-44956194EB1F} Windows Media Player Play as Playlist Context Menu Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C} Windows Media Player Burn Audio CD Context Menu Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD} Windows Media Player Add to Playlist Context Menu Handler
PX5: 5244ECD4008B6363509B01DF7F43ED0040FEECDF
Determination: GOOD
C:\Programmi\WinRAR\rarext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B41DB860-8EE4-11D2-9906-E49FADC173CA} WinRAR shell extension
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\WinRAR\(default) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\WinRAR\(default) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\WinRAR\(default) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\DragDropHandlers\WinRAR\(default) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\DragDropHandlers\WinRAR\(default) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
PX5: 3D78E7C200E17F46F8670128E3FBB80096A203A3
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Web Folders\MSONSEXT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} Cartelle Web
PX5: 0F1AFB4348440729BAFF1329BEE4AB0046B37CB1
Determination: GOOD
C:\Programmi\Microsoft Office\OFFICE11\msohev.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{42042206-2D85-11D3-8CFF-005004838597} Microsoft Office HTML Icon Handler
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 9A454C88383E02BC06ED01134822DA00C01DA356
Determination: GOOD
C:\WINDOWS\system32\Audiodev.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{640167b4-59b0-47a6-b335-a6b3c0695aea} Portable Media Devices
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{cc86590a-b60a-48e6-996b-41d25ed39a1e} Portable Media Devices Menu
PX5: DE28E4C10017AEA86A3007EE0E3E0000AC1D7C0E
Determination: GOOD
C:\Programmi\MSN Messenger\fsshext.8.1.0178.00.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} Messenger Sharing Folders
PX5: 8843DBEC703CE08BE7AC042B1C39BD0022FB3418
Determination: GOOD
C:\Programmi\Unlocker\UnlockerCOM.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} UnlockerShellExtension
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\UnlockerShellExtension\(default) {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83}
PX5: 9EB5B9FE007911DF22090084964058006A4FF84E
Determination: GOOD
C:\Programmi\WinZip\wzshlstb.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E0D79304-84BE-11CE-9641-444553540000} WinZip
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E0D79305-84BE-11CE-9641-444553540000} WinZip
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E0D79306-84BE-11CE-9641-444553540000} WinZip
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E0D79307-84BE-11CE-9641-444553540000} WinZip
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\WinZip\(default) {E0D79304-84BE-11CE-9641-444553540000}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\WinZip\(default) {E0D79304-84BE-11CE-9641-444553540000}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\WinZip\(default) {E0D79304-84BE-11CE-9641-444553540000}
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\DragDropHandlers\WinZip\(default) {E0D79305-84BE-11CE-9641-444553540000}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\DragDropHandlers\WinZip\(default) {E0D79305-84BE-11CE-9641-444553540000}
PX5: F62C43B268CC9E3F2ADE0035690D4C003960FCAD
Determination: GOOD
C:\Programmi\TuneUp Utilities 2007\SDShelEx-win32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} TuneUp Shredder Shell Extension
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\TuneUp Shredder Shell Extension\(default) {4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\TuneUp Shredder Shell Extension\(default) {4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
PX5: A1503A74084B7E2364E300E3409E3C005A8D127F
Determination: GOOD
C:\WINDOWS\system32\uxtuneup.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{44440D00-FF19-4AFC-B765-9A0970567D97} TuneUp Theme Extension
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 1E50D8C208230E825EE700217AE7BE000346A3E3
Determination: GOOD
C:\Programmi\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} NeroCoverEd Live Icons
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\PreviewHandlers\{97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} NeroCoverEd Live Icons
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Cover Designer\(default) {73FCA462-9BD5-4065-A73F-A8E5F6904EF7}
PX5: 410684892812B0FA05431EF4F09DA800152D6DB5
Determination: GOOD
C:\WINDOWS\system32\stobject.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\SysTray {35CEC8A3-2BE6-11D2-8773-92E220524153}
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 54D80CDC00F43E2DDE26016C15CB850052548DBB
Determination: GOOD
C:\WINDOWS\system32\msapsspc.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\SecurityProviders\SecurityProviders msapsspc.dll schannel.dll, digest.dll, msnsspc.dll
PX5: 8C479BBA0065475850000105207F00002CA02E51
Determination: GOOD
C:\WINDOWS\system32\schannel.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\SecurityProviders\SecurityProviders msapsspc.dll schannel.dll digest.dll, msnsspc.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Security Packages kerberos msv1_0 schannel wdigest
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService\14 schannel.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 978AEDC000D16F92363B021213F745004B5CD31C
Determination: GOOD
C:\WINDOWS\system32\digest.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\SecurityProviders\SecurityProviders msapsspc.dll schannel.dll digest.dll msnsspc.dll
PX5: 2283761F0087EB020C9B01CC3CCBC600B4AB6B96
Determination: GOOD
C:\WINDOWS\system32\msnsspc.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\SecurityProviders\SecurityProviders msapsspc.dll schannel.dll digest.dll msnsspc.dll
PX5: 5FC3C3D6008FE4D0702D042D3521CB003038EB19
Determination: GOOD
C:\Programmi\Adobe\Reader 8.0\Reader\pdfprevhndlrshim.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\PreviewHandlers\{49400A7C-81A8-4F52-8CCE-D54739EE87EC} Adobe PDF Preview Handler
PX5: 623D7460882DBAFD90910060B8205E0036350873
Determination: GOOD
C:\Programmi\Adobe\Reader 8.0\Reader\pdfprevhndlr.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\PreviewHandlers\{DC6EFB56-9CFA-464D-8880-44885D7DC193} Adobe PDF Preview Handler for Vista
PX5: 3BD592F470063CF846ED01556DDA8700DCEF7EC5
Determination: GOOD
C:\Programmi\CyberLink\Shared Files\VideoFilter\CLVSD.ax
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Media Center\Service\Video\PreferredMPEG2VideoDecoder {9BC1B781-85E3-11D2-98D0-0080C84E9C39}
PX5: 286449D300A2669A100F081184A61700E62806BB
Determination: GOOD
C:\Programmi\CyberLink\Shared Files\AudioFilter\claud.ax
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Media Center\Service\Video\PreferredMPEG2AudioDecoder {9BC1B780-85E3-11D2-98D0-0080C84E9C39}
PX5: C9E2B571008809DEC0B107BFEB807D0065591A8D
Determination: GOOD
C:\WINDOWS\Resources\themes\Luna\Luna.msstyles
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Themes\InstallVisualStyle %SystemRoot%\Resources\themes\Luna\Luna.msstyles
PX5: D4AC08E190E1815FF0763FFB772E82003759142D
Determination: GOOD
C:\WINDOWS\system32\rdpclip.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms rdpclip
PX5: 3129DB34009CADCFF4300018D68AB90013FA4372
Determination: GOOD
C:\WINDOWS\system32\rdpwsx.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\WsxDll rdpwsx
PX5: 2D4F90888862EA65546401DF11DAFF009FB4CACF
Determination: GOOD
C:\WINDOWS\system32\RDPCFGEX.DLL
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\CfgDll RDPCFGEX.DLL
PX5: 648184F200AE0568123C00C1F661D900A8042FB8
Determination: GOOD
C:\WINDOWS\system32\login.cmd
Loaded from: \REGISTRY\Machine\Software\Microsoft\TelnetServer\1.0\LoginScript C:\WINDOWS\system32\login.cmd
Loaded from: \REGISTRY\Machine\Software\Microsoft\TelnetServer\Defaults\LoginScript C:\WINDOWS\system32\login.cmd
PX5: E84E330F16249FCA02E40021B9B70B00A6A3E1F7
C:\WINDOWS\System32\cmd.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\TelnetServer\1.0\DefaultShell %SYSTEMROOT%\System32\cmd.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\TelnetServer\Defaults\DefaultShell %SYSTEMROOT%\System32\cmd.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\TelnetServer\1.0\DefaultShell %SYSTEMROOT%\System32\cmd.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\TelnetServer\Defaults\DefaultShell %SYSTEMROOT%\System32\cmd.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\SafeBoot\AlternateShell cmd.exe
PX5: 174F65020044C14C121406F23AA7F300C65DE81F
Determination: GOOD
C:\WINDOWS\system32\msv1_0.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Authentication Packages msv1_0
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Security Packages kerberos msv1_0 schannel wdigest
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 7DDBB66E00F27A20FA0D01B81C65BB005752F1B9
Determination: GOOD
C:\WINDOWS\system32\kerberos.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Security Packages kerberos msv1_0 schannel wdigest
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 6F259D99008DE085843504BA6E05F400BD1351EF
Determination: GOOD
C:\WINDOWS\system32\wdigest.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Security Packages kerberos msv1_0 schannel wdigest
Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: A77EB4BD0001DCA2C0B500785ACD4E00DCC55D5B
Determination: GOOD
C:\WINDOWS\system32\rdpsnd.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP\wave rdpsnd.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP\mixer rdpsnd.dll
PX5: 34FBA65500CFB6AF4EE7003742BB470065937B12
Determination: GOOD
C:\WINDOWS\system32\msacm32.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP\wavemapper msacm32.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\wavemapper msacm32.drv
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: F8EB7CDA00A2596F522700876A3BC9005F29A42B
Determination: GOOD
C:\WINDOWS\system32\midimap.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP\midimapper midimap.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\midimapper midimap.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 8C299C3E002D88084A0000F598A51000C8C9681D
Determination: GOOD
C:\WINDOWS\system32\imaadp32.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.imaadpcm imaadp32.acm
PX5: 528D926A00EB3B4A408A0067B777E0007219DE4B
Determination: GOOD
C:\WINDOWS\system32\msadp32.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.msadpcm msadp32.acm
PX5: 9896734D003A7B4A3AD6001B2D129300C6CAD27F
Determination: GOOD
C:\WINDOWS\system32\msg711.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.msg711 msg711.acm
PX5: 98836843004ECD5624170012D62AF300ADA7FDE1
Determination: GOOD
C:\WINDOWS\system32\msgsm32.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.msgsm610 msgsm32.acm
PX5: 7715C6930008610D4E5300A5AC1D5400348AB758
Determination: GOOD
C:\WINDOWS\system32\tssoft32.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.trspch tssoft32.acm
PX5: 9DB260C30072F5C620530046E6B0DC000EF1898D
Determination: GOOD
C:\WINDOWS\system32\iccvid.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.cvid iccvid.dll
PX5: 0CEE20B80002FE623A80014E667E0900EDC97E34
Determination: GOOD
C:\WINDOWS\system32\msh263.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\VIDC.I420 msh263.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.M263 msh263.drv
PX5: D1EBECF00092F1C390AB04548720B200A8771D55
Determination: GOOD
C:\WINDOWS\system32\ir32_32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.iv31 ir32_32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.iv32 ir32_32.dll
PX5: 48C6FD2800CF7D770AB40340E9EE0B00336C0935
Determination: GOOD
C:\WINDOWS\system32\ir41_32.ax
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.iv41 ir41_32.ax
PX5: 88C1844600D60C2BF2960C06110E8900D716354E
Determination: GOOD
C:\WINDOWS\system32\iyuv_32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\VIDC.IYUV iyuv_32.dll
PX5: 8D2F485A000F6953BA8B00EF89F3AE0028DCEE98
Determination: GOOD
C:\WINDOWS\system32\msrle32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.mrle msrle32.dll
PX5: 6AD29AC5008293D12C2D00B216F74700B26503F0
Determination: GOOD
C:\WINDOWS\system32\msvidc32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.msvc msvidc32.dll
PX5: CE4E524C0073A8EC64FF00E1300C68000D8D97A8
Determination: GOOD
C:\WINDOWS\system32\msyuv.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\VIDC.UYVY msyuv.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\VIDC.YUY2 msyuv.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\VIDC.YVYU msyuv.dll
PX5: 92EC75E800DB9BE5440C000A47ABC3009642377A
Determination: GOOD
C:\WINDOWS\system32\tsbyuv.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\VIDC.YVU9 tsbyuv.dll
PX5: 86646A040019522320A100B4BB4D900094B11477
Determination: GOOD
C:\WINDOWS\system32\msg723.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.msg723 msg723.acm
PX5: 11020CC8008FB79ED00601EAD6C03900AA679A83
Determination: GOOD
C:\WINDOWS\system32\msh261.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.M261 msh261.drv
PX5: A41AA5420008DA3EF0B402388EE55600B25D24F8
Determination: GOOD
C:\WINDOWS\system32\msaud32.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.msaudio1 msaud32.acm
PX5: C38F33CC0026C9E080B10460DFC46F004CE633B9
Determination: GOOD
C:\WINDOWS\system32\sl_anet.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.sl_anet sl_anet.acm
PX5: 3DA8D952002B67BF508D01A57E615F00B2B2EA92
Determination: GOOD
C:\WINDOWS\system32\iac25_32.ax
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.iac2 C:\WINDOWS\system32\iac25_32.ax
PX5: D062C8E7003B5A390C1703C014BB9700CE1BED53
Determination: GOOD
C:\WINDOWS\system32\ir50_32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.iv50 ir50_32.dll
PX5: 8FA030FE0030B5D3865F0B4087D0420068F6854C
Determination: GOOD
C:\WINDOWS\system32\l3codeca.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.l3acm C:\WINDOWS\system32\l3codeca.acm
PX5: 29088BE70099BF88700A0426A3266D008E350E66
Determination: GOOD
C:\WINDOWS\system32\wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\wave wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\midi wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\mixer wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\wave1 wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\midi1 wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\mixer1 wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Userinstallable.drivers\wave wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Userinstallable.drivers\wave1 wdmaud.drv
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: E19B13CB00CFB9ED5C250033B033BB00A27F216F
Determination: GOOD
C:\WINDOWS\system32\sirenacm.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.siren sirenacm.dll
PX5: 92D29F56708DC7D2C7BF005BB97C8A00D5F934F9
Determination: GOOD
C:\WINDOWS\system32\ctwbjpg.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\VIDC.CJPG ctwbjpg.dll
PX5: C41E534300418A7E409C0151606BFC00DD494177
Determination: GOOD
C:\WINDOWS\system32\VfWWDM32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\MSVideo VfWWDM32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\MSVideo8 VfWWDM32.dll
PX5: 50A7CDEB00FEFE76D6A800E76B929700EFCC0032
Determination: GOOD
C:\WINDOWS\system32\DivX.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.DIVX DivX.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.yv12 DivX.dll
PX5: 6B982280001062F44AEF0BF0B704B200584BC908
Determination: GOOD
C:\WINDOWS\system32\mswsock.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001\PackedCatalogItem %SystemRoot%\system32\mswsock.dll Antivirus 2008\pavlsp.dll f
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002\PackedCatalogItem %SystemRoot%\system32\mswsock.dll Antivirus 2008\pavlsp.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003\PackedCatalogItem %SystemRoot%\system32\mswsock.dll Antivirus 2008\pavlsp.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006\PackedCatalogItem %SystemRoot%\system32\mswsock.dll Antivirus 2008\pavlsp.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007\PackedCatalogItem %SystemRoot%\system32\mswsock.dll Antivirus 2008\pavlsp.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008\PackedCatalogItem %SystemRoot%\system32\mswsock.dll Antivirus 2008\pavlsp.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009\PackedCatalogItem %SystemRoot%\system32\mswsock.dll Antivirus 2008\pavlsp.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010\PackedCatalogItem %SystemRoot%\system32\mswsock.dll Antivirus 2008\pavlsp.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011\PackedCatalogItem %SystemRoot%\system32\mswsock.dll Antivirus 2008\pavlsp.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012\PackedCatalogItem %SystemRoot%\system32\mswsock.dll Antivirus 2008\pavlsp.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013\PackedCatalogItem %SystemRoot%\system32\mswsock.dll Antivirus 2008\pavlsp.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000014\PackedCatalogItem %SystemRoot%\system32\mswsock.dll Antivirus 2008\pavlsp.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000015\PackedCatalogItem %SystemRoot%\system32\mswsock.dll Antivirus 2008\pavlsp.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000016\PackedCatalogItem %SystemRoot%\system32\mswsock.dll Antivirus 2008\pavlsp.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000017\PackedCatalogItem %SystemRoot%\system32\mswsock.dll Antivirus 2008\pavlsp.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\LibraryPath %SystemRoot%\System32\mswsock.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\LibraryPath %SystemRoot%\System32\mswsock.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 644C52BE00A05754C6240337B7759700C1FF12E3
Determination: GOOD
C:\WINDOWS\system32\rsvpsp.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004\PackedCatalogItem %SystemRoot%\system32\rsvpsp.dll Antivirus 2008\pavlsp.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005\PackedCatalogItem %SystemRoot%\system32\rsvpsp.dll Antivirus 2008\pavlsp.dll f
PX5: 316FAA8C007F4493605401B98234D5008F685EE8
Determination: GOOD
C:\WINDOWS\System32\winrnr.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\LibraryPath %SystemRoot%\System32\winrnr.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PX5: DD7C6D7B00A7C2A842AB003098E8920063CE769A
Determination: GOOD
C:\WINDOWS\system32\ipnathlp.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\AUTODHCP\DllName ipnathlp.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\DNSPROXY\DllName ipnathlp.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\FTP\DllName ipnathlp.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\H323\DllName ipnathlp.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\IPNAT\DllName ipnathlp.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 89882A6E0030CF0B12CE052A40AAE5009F9198F9
Determination: GOOD
C:\WINDOWS\system32\ipxrip.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ipx\IPXRIP\DllName ipxrip.dll
PX5: 859821B9009D40A9548200AD83A363008B36EF0D
Determination: GOOD
C:\WINDOWS\system32\ipxsap.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ipx\IPXSAP\DllName ipxsap.dll
PX5: 85797B9500D099280499015DBB948C00AAAAF548
Determination: GOOD
C:\WINDOWS\System32\iprtrmgr.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\DllPath %SystemRoot%\System32\iprtrmgr.dll
PX5: D40494A6008ED12A98FE023AAD1857000DD8C7B5
Determination: GOOD
C:\WINDOWS\System32\ipxrtmgr.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ipx\DllPath %SystemRoot%\System32\ipxrtmgr.dll
PX5: 4718448E00AA1CC09C1B00C6E262700012078A35
Determination: GOOD
C:\WINDOWS\system32\Firewall.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\Internet Connection Firewall Firewall.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Extended Properties\{305CA226-D286-468e-B848-2B2E8E697B74} 2\%SystemRoot%\system32\Firewall.cpl 3,10
PX5: C6AD4E5900619E5B3AA801566FFF65004318E0B5
Determination: GOOD
C:\WINDOWS\system32\NetSetup.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\NetSetupWizard NetSetup.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Extended Properties\{305CA226-D286-468e-B848-2B2E8E697B74} 2\%SystemRoot%\system32\NetSetup.cpl .
PX5: 1727E2B500CA6EDF648A0091303FF7003D7EE312
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Speech\sapi.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\Speech C:\Programmi\File comuni\Microsoft Shared\Speech\sapi.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Extended Properties\{305CA226-D286-468e-B848-2B2E8E697B74} 2\C:\Programmi\File comuni\Microsoft Shared\Speech\sapi.cpl .
PX5: 4B95DF2F0028608F7026024663B5470081E40772
Determination: GOOD
C:\Programmi\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\Nero BurnRights C:\Programmi\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl
PX5: A592467130B6ED7BD69509E650146F004B51387D
Determination: GOOD
C:\WINDOWS\system32\wscui.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Extended Properties\{305CA226-D286-468e-B848-2B2E8E697B74} 2\%SystemRoot%\system32\wscui.cpl
PX5: 0AB36C58008B72DF440C02165EE7C300BE8DF682
Determination: GOOD
C:\WINDOWS\system32\access.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Extended Properties\{305CA226-D286-468e-B848-2B2E8E697B74} 2\%SystemRoot%\system32\access.cpl .
PX5: 66B5761300CDE0E114800159D3951800C9FCAE57
Determination: GOOD
C:\WINDOWS\system32\bthprops.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Extended Properties\{305CA226-D286-468e-B848-2B2E8E697B74} 2\%SystemRoot%\system32\bthprops.cpl 2,3
PX5: 920CECD7007DBB52B05F01F1031411000F57F72B
Determination: GOOD
C:\WINDOWS\system32\desk.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Extended Properties\{305CA226-D286-468e-B848-2B2E8E697B74} 2\%SystemRoot%\system32\desk.cpl .
PX5: 010D5DC800ED8C1A1C3F02839D7F6C008FCC440D
Determination: GOOD
C:\WINDOWS\system32\hdwwiz.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Extended Properties\{305CA226-D286-468e-B848-2B2E8E697B74} 2\%SystemRoot%\system32\hdwwiz.cpl
PX5: EAEBC0470067763F625702E1C61F540028E1C5C8
Determination: GOOD
C:\WINDOWS\system32\inetcpl.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Extended Properties\{305CA226-D286-468e-B848-2B2E8E697B74} 2\%SystemRoot%\system32\inetcpl.cpl 3,10
PX5: F4F1F29B00213AEFD81B1B01DE197C00B97EA31E
Determination: GOOD
C:\WINDOWS\system32\intl.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Extended Properties\{305CA226-D286-468e-B848-2B2E8E697B74} 2\%SystemRoot%\system32\intl.cpl .
PX5: DF84267300CAD26D066202DAA5F649009B8709CD
Determination: GOOD
C:\WINDOWS\system32\irprops.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Extended Properties\{305CA226-D286-468e-B848-2B2E8E697B74} 2\%SystemRoot%\system32\irprops.cpl .
PX5: B3FDBBC000F00ECED0E005FC4352BD00BF2165ED
Determination: GOOD
C:\WINDOWS\system32\joy.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Extended Properties\{305CA226-D286-468e-B848-2B2E8E697B74} 2\%SystemRoot%\system32\joy.cpl .
PX5: C1DFE38C00E2AE6910B60143DE2429008C7C4885
Determination: GOOD
C:\WINDOWS\system32\main.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Extended Properties\{305CA226-D286-468e-B848-2B2E8E697B74} 2\%SystemRoot%\system32\main.cpl .
PX5: EF8FAA8000FE3081E28202B48229AE00715307AE
Determination: GOOD
C:\WINDOWS\system32\ncpa.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Extended Properties\{305CA226-D286-468e-B848-2B2E8E697B74} 2\%SystemRoot%\system32\ncpa.cpl .
PX5: F96D363E009B4BD58C3D00A5C785D900C31CB145
Determination: GOOD
C:\WINDOWS\system32\nwc.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Extended Properties\{305CA226-D286-468e-B848-2B2E8E697B74} 2\%SystemRoot%\system32\nwc.cpl
PX5: 3F7F3A37008DD755927F001FFE8E6700C62C8C01
Determination: GOOD
C:\WINDOWS\system32\nusrmgr.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Extended Properties\{305CA226-D286-468e-B848-2B2E8E697B74} 2\%SystemRoot%\system32\nusrmgr.cpl .
PX5: E1652210001A1CE2F45F0361D5B34E00AD1D51FE
Determination: GOOD
C:\WINDOWS\system32\odbccp32.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Extended Properties\{305CA226-D286-468e-B848-2B2E8E697B74} 2\%SystemRoot%\system32\odbccp32.cpl
PX5: 16170C7300D7451A80C4002DDDE82A003B9DEB23
Determination: GOOD
C:\WINDOWS\system32\powercfg.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Extended Properties\{305CA226-D286-468e-B848-2B2E8E697B74} 2\%SystemRoot%\system32\powercfg.cpl .
PX5: D213C58E0032C297CADC015CC7AE1200741860FA
Determination: GOOD
C:\WINDOWS\system32\telephon.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Extended Properties\{305CA226-D286-468e-B848-2B2E8E697B74} 2\%SystemRoot%\system32\telephon.cpl .
PX5: EAA4FBDC00B97C6E6E7E008543C54B002A19C0EB
Determination: GOOD
C:\WINDOWS\system32\timedate.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Extended Properties\{305CA226-D286-468e-B848-2B2E8E697B74} 2\%SystemRoot%\system32\timedate.cpl .
PX5: A2B887D1004F68E970AE01F6B8BB3200C4128F0E
Determination: GOOD
C:\WINDOWS\system32\Magnify.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Accessibility\Utility Manager\Magnifier\Application path Magnify.exe
PX5: 8FD0DD1200F1CC211E520147693D72005CC20F83
Determination: GOOD
C:\WINDOWS\system32\osk.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Accessibility\Utility Manager\On-Screen Keyboard\Application path osk.exe
PX5: 865A974F008F100B4EF6035F16FFB2007D13E899
Determination: GOOD
C:\WINDOWS\system32\secur32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService secur32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService\10 secur32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService\16 secur32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService secur32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService\18 secur32.dll
Loaded into: C:\Documents and Settings\Amministratore\Impostazioni locali\Temp\Tmp___31011\PrevxCSI.exe
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\CTsvcCDA.exe
Loaded into: C:\Programmi\File comuni\LightScribe\LSSrvc.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\WINDOWS\system32\wdfmgr.exe
Loaded into: C:\WINDOWS\system32\MsPMSPSv.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\gmer.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\PREVXCSIFREE.EXE
PX5: 2226211D005B7868DA45009E23898E00149E78C6
Determination: GOOD
C:\WINDOWS\system32\netlogon.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService\68 netlogon.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: 7826BE4E00B0693C362206A7BBB246000E968C98
Determination: GOOD
C:\WINDOWS\system32\rpcrt4.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols\ncacn_np rpcrt4.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols\ncacn_ip_tcp rpcrt4.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols\ncadg_ip_udp rpcrt4.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols\ncacn_http rpcrt4.dll
Loaded into: C:\Documents and Settings\Amministratore\Impostazioni locali\Temp\Tmp___31011\PrevxCSI.exe
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\CTsvcCDA.exe
Loaded into: C:\Programmi\File comuni\LightScribe\LSSrvc.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\WINDOWS\system32\wdfmgr.exe
Loaded into: C:\WINDOWS\system32\MsPMSPSv.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\gmer.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\PREVXCSIFREE.EXE
PX5: D30BFA4500E11CC3EA0408EA8337540073B46F29
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\GRPHFLT\GIFIMP32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Export\GIF\Path C:\PROGRA~1\FILECO~1\MICROS~1\GRPHFLT\GIFIMP32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\GIF\Path C:\PROGRA~1\FILECO~1\MICROS~1\GRPHFLT\GIFIMP32.FLT
PX5: 1AFC15B7586A5DF9BCF2022DB710D4008D512047
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\GRPHFLT\JPEGIM32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Export\JPEG\Path C:\PROGRA~1\FILECO~1\MICROS~1\GRPHFLT\JPEGIM32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\JPEG\Path C:\PROGRA~1\FILECO~1\MICROS~1\GRPHFLT\JPEGIM32.FLT
PX5: 561D8D31584B04827C1102EBE625B600DEC6EAF4
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\GRPHFLT\PNG32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Export\PNG\Path C:\PROGRA~1\FILECO~1\MICROS~1\GRPHFLT\PNG32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\PNG\Path C:\PROGRA~1\FILECO~1\MICROS~1\GRPHFLT\PNG32.FLT
PX5: 41F3277C587D0DCC802F02C1B6DDD100D7B2F136
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\GRPHFLT\CDRIMP32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\CDR\Path C:\PROGRA~1\FILECO~1\MICROS~1\GRPHFLT\CDRIMP32.FLT
PX5: 08219BE2581A9C48DAA4068E99590D00DEE0B657
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\GRPHFLT\CGMIMP32.CFG
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\CGM\OPTIONS\FontMap C:\PROGRA~1\FILECO~1\MICROS~1\GRPHFLT\CGMIMP32.CFG
PX5: 15A7A7B6D7269B62194300E2DE7C0000E9A31A57
C:\WINDOWS\system32\Graphics.com
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\CGM\Name Formato CGM (Computer Graphics Metafile)
PX5: 551DA463BEDF98464DBB000DD943F300A29B96AA
C:\Programmi\File comuni\Microsoft Shared\GRPHFLT\CGMIMP32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\CGM\Path C:\PROGRA~1\FILECO~1\MICROS~1\GRPHFLT\CGMIMP32.FLT
PX5: 2EA2961858E8E56258270406A6CCE000ADE48AAF
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\GRPHFLT\EPSIMP32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\EPS\Path C:\PROGRA~1\FILECO~1\MICROS~1\GRPHFLT\EPSIMP32.FLT
PX5: 32EC21B05869C5577E1F0662DE1C0A0072491BA6
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\GRPHFLT\PICTIM32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\PICT\Path C:\PROGRA~1\FILECO~1\MICROS~1\GRPHFLT\PICTIM32.FLT
PX5: 2B3FBA5458C98F78F08400114D3B6600CE83D717
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\GRPHFLT\WPGIMP32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\WPG\Path C:\PROGRA~1\FILECO~1\MICROS~1\GRPHFLT\WPGIMP32.FLT
PX5: 5772631F58B5A2FFB88401F208DE130083E2EA0D
Determination: GOOD
C:\Programmi\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Adobe Reader Synchronizer.lnk\command C:\PROGRA~1\Adobe\READER~1.0\Reader\ADOBEC~1.EXE
PX5: DD62D24398B717E546450B15DFB2DB009B6D67C0
Determination: GOOD
C:\Programmi\MSN Messenger\msnmsgr.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSConfig\startupreg\MsnMsgr\command "C:\Programmi\MSN Messenger\msnmsgr.exe" /background
PX5: 59E438AB70B0D00595F1567CB8966B00A1C6CF9F
Determination: GOOD
C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSConfig\startupreg\NeroFilterCheck\command C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
PX5: 37BD2E6C301AD296568E027FCF342200706A49DD
Determination: GOOD
C:\Programmi\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl\command "C:\Programmi\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
PX5: 82D2FEDB00B9BC8C801D000D769CF000C0FCF469
Determination: GOOD
C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched\command "C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe"
PX5: 658E1F1B905B4E3D05360276C335CD0058FB5A32
Determination: GOOD
C:\Programmi\Unlocker\UnlockerAssistant.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSConfig\startupreg\UnlockerAssistant\command "C:\Programmi\Unlocker\UnlockerAssistant.exe"
PX5: 4B34C88800DF78623E6500F57ED73A00B3DF1C8C
Determination: GOOD
C:\WINDOWS\wbcgosvc.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSConfig\startupreg\WebCam Go Sti Service Application\item wbcgosvc
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSConfig\startupreg\WebCam Go Sti Service Application\command wbcgosvc
PX5: 1C7AD484A5CCCCF370E200C7A17500003944B044
Determination: GOOD
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSConfig\startupreg\Yahoo! Pager\command "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
PX5: 1CBE4918F06BFDA1443F47BDD0C9C0001FE54D95
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\MSInfo\ieinfo5.ocx
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSInfo\Templates\ieinfo5\(default) C:\Programmi\File comuni\Microsoft Shared\MSInfo\ieinfo5.ocx
PX5: D9CCCE7600AE330472C5014263EDAE006E08A176
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\MSInfo\OINFO11.OCX
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSInfo\Templates\OInfo11\(default) C:\PROGRA~1\FILECO~1\MICROS~1\MSINFO\OINFO11.OCX
PX5: FB9F0DC45862323C4A580BB65E7AC000AC09EC29
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\MSInfo\MSInfo32.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSInfo\Path C:\Programmi\File comuni\Microsoft Shared\MSInfo\MSInfo32.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSInfo\Path C:\Programmi\File comuni\Microsoft Shared\MSInfo\MSInfo32.exe
PX5: DCC20BBB0036A3BB9EFA00953DF8F200E6CDE36A
Determination: GOOD
C:\Programmi\Microsoft Office\OFFICE11\MSQRY32.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSQuery\Path C:\PROGRA~1\MICROS~2\OFFICE11\MSQRY32.EXE
PX5: 742FB872380EAE8EBA4809A85C15F50021837323
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\PROOF\MSGR_IT.LEX
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Proofing Tools\Grammar\1040\Normal\Dictionary C:\PROGRA~1\FILECO~1\MICROS~1\PROOF\MSGR_IT.LEX
PX5: 4AA4030A4EFECCB4EA1112DF195146009556CFE4
C:\Programmi\File comuni\Microsoft Shared\PROOF\1040\MSGRIT32.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Proofing Tools\Grammar\1040\Normal\Engine C:\PROGRA~1\FILECO~1\MICROS~1\PROOF\1040\MSGRIT32.DLL
PX5: 42F3C9FD002F54FFE03017397A149C008B67B3BA
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\TextConv\html32.cnv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\HTML\Path C:\Programmi\File comuni\Microsoft Shared\TextConv\html32.cnv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\HTML\Path C:\Programmi\File comuni\Microsoft Shared\TextConv\html32.cnv
PX5: 4D9506A9385CE7D6C22D044B3348F800EABDC1BF
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\TextConv\WRD6ER32.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\MSWord6RTFExp\Path C:\PROGRA~1\FILECO~1\MICROS~1\TEXTCONV\WRD6ER32.CNV
PX5: C3C71C92400AE19A461E003B3C2E07005391A6FD
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\TEXTCONV\works632.cnv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\MSWorksWin6\Path C:\Programmi\File comuni\Microsoft Shared\TEXTCONV\works632.cnv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWorksWin6\Path C:\Programmi\File comuni\Microsoft Shared\TEXTCONV\works632.cnv
PX5: D77CAA94A8086C398A38002DDDE82A0023C9226D
Determination: GOOD
C:\WINDOWS\system32\Write.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWinWrite.wpc\Name Windows Write
PX5: A0F081B7004C5F23161B008D3B23F7008F717C49
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\TextConv\write32.wpc
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWinWrite.wpc\Path C:\Programmi\File comuni\Microsoft Shared\TextConv\write32.wpc
PX5: 71A6A3C449C4AC08B01A01656F55D100B9B2E691
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\TextConv\mswrd632.wpc
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWord6.wpc\Path C:\Programmi\File comuni\Microsoft Shared\TextConv\mswrd632.wpc
PX5: 255241CE4A8E0D0D40E903D813E15E00D95525A3
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\TextConv\MSWRD832.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWord8\Path C:\PROGRA~1\FILECO~1\MICROS~1\TEXTCONV\MSWRD832.CNV
PX5: 6C2F7F9458015FF64E040324CD763100F5986932
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\TextConv\RECOVR32.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\Recover\Path C:\PROGRA~1\FILECO~1\MICROS~1\TEXTCONV\RECOVR32.CNV
PX5: A0E75DBF5869DD1778C700BCF0A48A00305991ED
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\TextConv\WPFT632.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\WordPerfect6x\Path C:\PROGRA~1\FILECO~1\MICROS~1\TEXTCONV\WPFT632.CNV
PX5: 56A8074B580DC0E7267A03466E1D9E00482DF9A6
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\TextConv\WPFT532.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\WrdPrfctDos\Path C:\PROGRA~1\FILECO~1\MICROS~1\TEXTCONV\WPFT532.CNV
PX5: 923DBD7858D7A7439A38025CE4445600B7BA8E8A
Determination: GOOD
C:\Programmi\Canon\Easy-WebPrint\Toolband.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Toolbar\{327C2873-E90D-4c37-AA9D-10AC9BABA46C} Easy-WebPrint
PX5: EC39F8CF00BA1B99702808102DF51500074D3D5F
Determination: GOOD
C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\PDFShell.dll
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{F9DB5320-233E-11D1-9F84-707F02C10627}\(default) PDF Column Info
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 8C22B1270080452CB0520538F9A2700042807472
Determination: GOOD
C:\Programmi\VSO\Image Resizer\RSZShell.dll
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\ImageResizer\(default) {2BB59FC0-31E8-42DA-9D3C-E9A52953853B}
PX5: A25987F3005D1BB87402083DF92DA4003338F294
Determination: GOOD
C:\Programmi\Nero\Nero 7\Nero BackItUp\NBShell.dll
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\DragDropHandlers\NBShellHook\(default) {EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\DragDropHandlers\NBShellHook\(default) {EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208}
PX5: F93804182800299C854C01B3984B40005ECAA58F
Determination: GOOD
C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\aawservice "C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe"
Loaded into: C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
PX5: AF411CD55876B80DF55108F535234300A8CED3FC
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\ACPI.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ACPI system32\DRIVERS\ACPI.sys
PX5: 6EB7D724001F4D96E0A8029EF0BB700070C5BA93
Determination: GOOD
C:\WINDOWS\system32\drivers\aec.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\aec system32\drivers\aec.sys
PX5: E884BE24808C5EEB2C92028B464629005484ED65
Determination: GOOD
C:\WINDOWS\System32\drivers\afd.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\AFD \SystemRoot\System32\drivers\afd.sys
PX5: EE224F5C0089E9241DEF0273688B740025971F4C
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\agp440.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\agp440 system32\DRIVERS\agp440.sys
PX5: 92796BB0806349F8A56F00F55D76CD00994ACF2C
Determination: GOOD
C:\WINDOWS\system32\drivers\ALCXSENS.SYS
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ALCXSENS system32\drivers\ALCXSENS.SYS
PX5: F2B7362C005A254C2D2E06D0032D63000CA5A467
Determination: GOOD
C:\WINDOWS\system32\drivers\ALCXWDM.SYS
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ALCXWDM system32\drivers\ALCXWDM.SYS
PX5: 080414D15C638FA00F3B07DDFCF6550028173896
Determination: GOOD
C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Alerter %SystemRoot%\system32\svchost.exe -k LocalService
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\AppMgmt %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\AudioSrv %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\BITS %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Browser %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\CryptSvc %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\DcomLaunch %SystemRoot%\system32\svchost -k DcomLaunch
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Dhcp %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\dmserver %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Dnscache %SystemRoot%\system32\svchost.exe -k NetworkService
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ERSvc %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\EventSystem C:\WINDOWS\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\FastUserSwitchingCompatibility %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\helpsvc %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\HidServ %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\HTTPFilter %SystemRoot%\System32\svchost.exe -k HTTPFilter
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\lanmanserver %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\lanmanworkstation %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\LmHosts %SystemRoot%\system32\svchost.exe -k LocalService
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Messenger %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Netman %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Nla %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NtmsSvc %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RasAuto %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RasMan %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RemoteAccess %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RemoteRegistry %SystemRoot%\system32\svchost.exe -k LocalService
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RpcSs %SystemRoot%\system32\svchost -k rpcss
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Schedule %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\seclogon %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SENS %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SharedAccess %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ShellHWDetection %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\srservice %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SSDPSRV %SystemRoot%\system32\svchost.exe -k LocalService
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\stisvc %SystemRoot%\system32\svchost.exe -k imgsvc
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\TapiSrv %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\TermService %SystemRoot%\System32\svchost -k DComLaunch
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Themes %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\TrkWks %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\upnphost %SystemRoot%\system32\svchost.exe -k LocalService
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\UxTuneUp %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\W32Time %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\WebClient %SystemRoot%\system32\svchost.exe -k LocalService
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\winmgmt %systemroot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\WmdmPmSN %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Wmi %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\wscsvc %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\wuauserv %systemroot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\WZCSVC %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\xmlprov %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 41467A9700616549387D0095555BE300B7CBF228
Determination: GOOD
C:\WINDOWS\System32\alg.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ALG %SystemRoot%\System32\alg.exe
Loaded into: C:\WINDOWS\System32\alg.exe
PX5: A1E5D90F00A84BB2AEC200E087F3A200AB0BF90E
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\arp1394.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Arp1394 system32\DRIVERS\arp1394.sys
PX5: E79B803D809043E9ED9C00655C5EAE00E1E46E49
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\asyncmac.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\AsyncMac system32\DRIVERS\asyncmac.sys
PX5: 8BD45D2B002F3B40389D007E91CC59004B62F8E9
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\atapi.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\atapi system32\DRIVERS\atapi.sys
PX5: 9D6081B280209DE174C2011395153C00E47C5A8D
Determination: GOOD
C:\WINDOWS\system32\Ati2evxx.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Ati HotKey Poller %SystemRoot%\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
PX5: 0EE00A06002E6FFE609D07732A85990090F4DC28
Determination: GOOD
C:\WINDOWS\system32\ati2sgag.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ATI Smart C:\WINDOWS\system32\ati2sgag.exe
PX5: 0D86579400AF74A6106E09885547380070280E51
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ati2mtag system32\DRIVERS\ati2mtag.sys
PX5: 0110E96D00A8CE007A162583194E0400E23BA8F7
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\atmarpc.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Atmarpc system32\DRIVERS\atmarpc.sys
PX5: C41A09F600246E0AEA81009B2DE4BF0073057136
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\audstub.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\audstub system32\DRIVERS\audstub.sys
PX5: C910D030000E35B30CDC00441BDEF300B79BCD14
Determination: GOOD
C:\WINDOWS\system32\CBTNDIS5.SYS
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\CBTNDIS5 \??\C:\WINDOWS\system32\CBTNDIS5.SYS
PX5: A0592C08F6D0B7E842700005C8258400F874F062
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\CCDECODE system32\DRIVERS\CCDECODE.sys
PX5: 4E4CADF380552430426F00BC05FF9D0038FB5853
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\cdrom.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Cdrom system32\DRIVERS\cdrom.sys
PX5: B3CE44DD80DABE80C1400031E25C450069663A5F
Determination: GOOD
C:\WINDOWS\system32\cisvc.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\CiSvc %SystemRoot%\system32\cisvc.exe
PX5: B03833B20005A59D1629005665669D00201F0525
Determination: GOOD
C:\WINDOWS\system32\clipsrv.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ClipSrv %SystemRoot%\system32\clipsrv.exe
PX5: 50E35C41004F616D823700EBB15ECF008A4FA87F
Determination: GOOD
C:\WINDOWS\system32\dllhost.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\COMSysApp C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SwPrv C:\WINDOWS\system32\dllhost.exe /Processid:{813AE614-FEA2-4F98-8E2D-63FF47A4BE9B}
PX5: 6EA1D06F0041EB21141900B4A32FF2002F6B8881
Determination: GOOD
C:\WINDOWS\system32\CTsvcCDA.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Creative Service for CDROM Access C:\WINDOWS\system32\CTsvcCDA.exe
Loaded into: C:\WINDOWS\system32\CTsvcCDA.exe
PX5: FDF278CE0084A779AC7900F415FF3D004FCA9DBC
Determination: GOOD
C:\WINDOWS\System32\drivers\ctac32k.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ctac32k System32\drivers\ctac32k.sys
PX5: 7CAA803400A626590E86022B213CA800D1C0A57E
Determination: GOOD
C:\WINDOWS\system32\drivers\ctaud2k.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ctaud2k system32\drivers\ctaud2k.sys
PX5: 4E5B5E14902A6555A9A1074A4EDC270020947C3C
Determination: GOOD
C:\WINDOWS\system32\drivers\ctdvda2k.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ctdvda2k system32\drivers\ctdvda2k.sys
PX5: A3046285B063CCCD643F04878E8E3700DB9ABF73
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\ctgame.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ctgame system32\DRIVERS\ctgame.sys
PX5: 7EC92705804656E72F4E001289308D004CAEFF56
Determination: GOOD
C:\WINDOWS\System32\drivers\ctprxy2k.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ctprxy2k System32\drivers\ctprxy2k.sys
PX5: 890A8C560023F92518AD00E5750B1800109C67EA
Determination: GOOD
C:\WINDOWS\System32\drivers\ctsfm2k.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ctsfm2k System32\drivers\ctsfm2k.sys
PX5: 4A7B38FC101CE2F012D7027EE54D3B002531004B
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\disk.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Disk system32\DRIVERS\disk.sys
PX5: 61E4E34300C80A908E6D00C10934AF006F571071
Determination: GOOD
C:\WINDOWS\System32\dmadmin.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\dmadmin %SystemRoot%\System32\dmadmin.exe /com
PX5: CB8A3D6900018319702703238C5916001DF268F6
Determination: GOOD
C:\WINDOWS\System32\drivers\dmboot.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\dmboot System32\drivers\dmboot.sys
PX5: 917F152000320DE9366A0C362239380089D45879
Determination: GOOD
C:\WINDOWS\System32\drivers\dmio.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\dmio System32\drivers\dmio.sys
PX5: 33A7916180B2EE7E5AC702A49AA6DC00E6795F14
Determination: GOOD
C:\WINDOWS\System32\drivers\dmload.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\dmload System32\drivers\dmload.sys
PX5: FC216AA0003B46A9171D00359F9C1600E909FEB4
Determination: GOOD
C:\WINDOWS\system32\drivers\DMusic.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\DMusic system32\drivers\DMusic.sys
PX5: 64B493018066E6FACEE6008D21636D008F236B03
Determination: GOOD
C:\WINDOWS\system32\drivers\drmkaud.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\drmkaud system32\drivers\drmkaud.sys
PX5: FA93CCC9802BA0DD0B8800D3A4C66500B79BCD14
Determination: GOOD
C:\WINDOWS\system32\drivers\emupia2k.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\emupia system32\drivers\emupia2k.sys
PX5: 08CA247760350948354A02AE32A1500010549BC1
Determination: GOOD
C:\WINDOWS\system32\services.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Eventlog %SystemRoot%\system32\services.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PlugPlay %SystemRoot%\system32\services.exe
Loaded into: C:\WINDOWS\system32\services.exe
PX5: 55CFB3920083E585A8B8011373392400747D1070
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\fdc.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Fdc system32\DRIVERS\fdc.sys
PX5: 030113CC009ED3836B77000B64308F0030511E66
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\flpydisk.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Flpydisk system32\DRIVERS\flpydisk.sys
PX5: 60E1171000EEA79E50BF00391F7EE000F2860CEC
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\fltMgr.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\FltMgr system32\DRIVERS\fltMgr.sys
PX5: DD494D2180C4BB98F7F901405AA62900817D3A94
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\ftdisk.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Ftdisk system32\DRIVERS\ftdisk.sys
PX5: D543638280F1FAF5EBA30154BD3E7700D3ED2EEC
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\gmer.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\gmer System32\DRIVERS\gmer.sys
PX5: 2363898871BA3A5C11ED011C6BB8A400275AD21D
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\msgpc.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Gpc system32\DRIVERS\msgpc.sys
PX5: A6DC8C520088C979894600B57B2B1A00363C4157
Determination: GOOD
C:\WINDOWS\system32\drivers\ha10kx2k.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ha10kx2k system32\drivers\ha10kx2k.sys
PX5: 2DAEE4DBC0845F99FBE00CDF9A711B007D517300
Determination: GOOD
C:\WINDOWS\System32\drivers\hap16v2k.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\hap16v2k System32\drivers\hap16v2k.sys
PX5: 5FC3485DA078BC082D2302764D41F900C063BFBC
Determination: GOOD
C:\WINDOWS\System32\Drivers\HTTP.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\HTTP System32\Drivers\HTTP.sys
PX5: 1A572A9180D9F92E022704747529EC0016C1652C
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\i8042prt.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\i8042prt system32\DRIVERS\i8042prt.sys
PX5: 5176B379805D75ECD1900002BF9BC2003FF0C0D5
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\imapi.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Imapi system32\DRIVERS\imapi.sys
PX5: A6DE19768012C7FDA37F00B5535D7900050612BF
Determination: GOOD
C:\WINDOWS\system32\imapi.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ImapiService C:\WINDOWS\system32\imapi.exe
PX5: 74CFCD09009BDDD14A8402202B1E530034B0D214
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\intelide.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\IntelIde system32\DRIVERS\intelide.sys
PX5: 13577194803FCB8815F90068ABEFAF00861C758E
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\intelppm.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\intelppm system32\DRIVERS\intelppm.sys
PX5: 308DA7E000DC5FE09D58006BABC91A0052CD17AF
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Ip6Fw system32\DRIVERS\Ip6Fw.sys
PX5: 554B18088049820E711F003BBA86E4005B660DCC
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\IpFilterDriver system32\DRIVERS\ipfltdrv.sys
PX5: E130718C809C039180F700DA0AC8EE00F2B31814
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\ipinip.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\IpInIp system32\DRIVERS\ipinip.sys
PX5: 9655BFAF0030F62E523A00C352D248003081C413
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\ipnat.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\IpNat system32\DRIVERS\ipnat.sys
PX5: 16BC903800541BF40F8E02F0609797000CA3B3FE
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\ipsec.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\IPSec system32\DRIVERS\ipsec.sys
PX5: 84ED89D600412A2C245201A3F8A740006B772EC6
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\irenum.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\IRENUM system32\DRIVERS\irenum.sys
PX5: 42D7DCAC001BE9A12C7B00EF915041002AED16BC
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\isapnp.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\isapnp system32\DRIVERS\isapnp.sys
PX5: 8A87001A0002BFB48D1F0066402D8A00BD468997
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\kbdclass.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Kbdclass system32\DRIVERS\kbdclass.sys
PX5: 11013D51001BA498620F00A282D06D00135D5A16
Determination: GOOD
C:\WINDOWS\system32\drivers\kmixer.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\kmixer system32\drivers\kmixer.sys
PX5: 1C3250A68067C4B7A11302D8512D99006E8A628F
Determination: GOOD
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\LightScribeService "C:\Programmi\File comuni\LightScribe\LSSrvc.exe"
Loaded into: C:\Programmi\File comuni\LightScribe\LSSrvc.exe
PX5: 6345442A204C65D235B3014279556B00D0B4E0A8
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MDM "C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE"
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
PX5: 2E5BA9D3480CBAE9EA2A04C9F6D7FB00F945EC88
Determination: GOOD
C:\WINDOWS\system32\mnmsrvc.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
PX5: F2F6E69800D71BFC80AE00AF40E07800F93A911A
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\mouclass.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Mouclass system32\DRIVERS\mouclass.sys
PX5: 7E80CA6A0038C59C5C6F0047F0E35500920EB276
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\mrxdav.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MRxDAV system32\DRIVERS\mrxdav.sys
PX5: 2A28D206005617C9C4F8026FCC47BD006A62BA75
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MRxSmb system32\DRIVERS\mrxsmb.sys
PX5: 3A6FDF2E00838449EA5E06BDEF52FE0062D6AA8B
Determination: GOOD
C:\WINDOWS\system32\msdtc.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MSDTC C:\WINDOWS\system32\msdtc.exe
PX5: 3A5257C800292C38184B000639E3D800639539E0
Determination: GOOD
C:\WINDOWS\system32\msiexec.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MSIServer C:\WINDOWS\system32\msiexec.exe /V
Loaded from: \REGISTRY\Machine\Software\Classes\Msi.Package\shell\open\command\(default) "%SystemRoot%\System32\msiexec.exe" /i "%1" %*
Loaded from: \REGISTRY\Machine\Software\Classes\Msi.Patch\shell\open\command\(default) "%SystemRoot%\System32\msiexec.exe" /p "%1" %*
PX5: 2199A4A600D88009341401C8D9AE0A004C78202A
Determination: GOOD
C:\WINDOWS\system32\drivers\MSKSSRV.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MSKSSRV system32\drivers\MSKSSRV.sys
PX5: 441E162B80A429811D1500CB9CEDF700CED69BEA
Determination: GOOD
C:\WINDOWS\system32\drivers\MSPCLOCK.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MSPCLOCK system32\drivers\MSPCLOCK.sys
PX5: 3656535900693AA115D1001337247B009D5BCE4B
Determination: GOOD
C:\WINDOWS\system32\drivers\MSPQM.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MSPQM system32\drivers\MSPQM.sys
PX5: 5D7EA63E804A637C13CA0078C414AC000E912E93
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\mssmbios.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\mssmbios system32\DRIVERS\mssmbios.sys
PX5: 5C75220680F731D03C3D001BD399CC00D7DBED29
Determination: GOOD
C:\WINDOWS\system32\drivers\MSTEE.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MSTEE system32\drivers\MSTEE.sys
PX5: EF9F4FE18003FE44154E00AC0DDE6800FF407119
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NABTSFEC system32\DRIVERS\NABTSFEC.sys
PX5: 37E661E8803A144B4DFD01732787D600D94FD14F
Determination: GOOD
C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NBService C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
PX5: CE515C9D281DF1CC35850C09D2EC0100DCB9B571
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\NdisIP.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NdisIP system32\DRIVERS\NdisIP.sys
PX5: 92D82929807F4CDE2A6000D7EF7E8C008BDE37E2
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\ndistapi.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NdisTapi system32\DRIVERS\ndistapi.sys
PX5: 25AEC9EA809D4D4825A500A2A9E22F00CCB1FFC8
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\ndisuio.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Ndisuio system32\DRIVERS\ndisuio.sys
PX5: 0BF3AB388038D73732EB00A9A855ED006D3C0384
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\ndiswan.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NdisWan system32\DRIVERS\ndiswan.sys
PX5: 304E26E9803B344266FF0104DAA0B500E6B358BD
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\netbios.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NetBIOS system32\DRIVERS\netbios.sys
PX5: 6F5EDA40008AE18787EB007972CAB100F174D35C
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\netbt.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NetBT system32\DRIVERS\netbt.sys
PX5: 7D3B6A2A0069D5737CDE020A47DE6F00F472D659
Determination: GOOD
C:\WINDOWS\system32\netdde.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NetDDE %SystemRoot%\system32\netdde.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NetDDEdsdm %SystemRoot%\system32\netdde.exe
PX5: AAA3C89900BB76ABBADC01BFB3AC1B00E2E8A55F
Determination: GOOD
C:\WINDOWS\system32\lsass.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Netlogon %SystemRoot%\system32\lsass.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NtLmSsp %SystemRoot%\system32\lsass.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PolicyAgent %SystemRoot%\system32\lsass.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ProtectedStorage %SystemRoot%\system32\lsass.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SamSs %SystemRoot%\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: CC1BA69F00AF6D2D3445003B3C2E0700B638080D
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\nic1394.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NIC1394 system32\DRIVERS\nic1394.sys
PX5: 720917AF800A6EE8F12400F5E9C6E000F750E215
Determination: GOOD
C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NMIndexingService "C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe"
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
PX5: 1A03592828F9F407452804A293D38F00BD8E3498
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NwlnkFlt system32\DRIVERS\nwlnkflt.sys
PX5: A826BA3A803B83AE30C000488911C200DC3CA878
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NwlnkFwd system32\DRIVERS\nwlnkfwd.sys
PX5: B9B73139006979BB7FBC0031EA7E320032D237D0
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\odysseyIM4.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\odysseyIM4 system32\DRIVERS\odysseyIM4.sys
PX5: B0E151B300282BFFA4EB021AE338CA0020D517BC
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\ohci1394.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ohci1394 system32\DRIVERS\ohci1394.sys
PX5: 4A6E8F7F8033FF34EE4200E871B4F300047CEC38
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ose "C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE"
PX5: F61B8D0330B79FF65C6601A611B00C00EFE13B0C
Determination: GOOD
C:\WINDOWS\system32\drivers\ctoss2k.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ossrv system32\drivers\ctoss2k.sys
PX5: 855B232BE0A80E60E67902BAF03A620074E964EB
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\parport.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Parport system32\DRIVERS\parport.sys
PX5: 4A82394D8019443A393C017F618C1500973C174B
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\pci.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PCI system32\DRIVERS\pci.sys
PX5: 9DA3602E807459480C5D01595A918400CA482387
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\pciide.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PCIIde system32\DRIVERS\pciide.sys
PX5: 826808EE00CFD8500D55002AE8E7E200B79BCD14
Determination: GOOD
C:\WINDOWS\System32\Drivers\pcouffin.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\pcouffin System32\Drivers\pcouffin.sys
PX5: 9D150E4700899BC4B992007FB1FEF200AAF5ADAC
Determination: GOOD
C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PDAgent C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
PX5: 452DC40B08D5689C5507060002932E00859C543F
Determination: GOOD
C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PDEngine C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
PX5: 64CA3A67089654DC35620B66C3FEE00071D4E190
Determination: GOOD
C:\WINDOWS\system32\PfModNT.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PfModNT \??\C:\WINDOWS\system32\PfModNT.sys
PX5: A0E60B58E01990813DD300DB0980030054ABD108
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\raspptp.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PptpMiniport system32\DRIVERS\raspptp.sys
PX5: F406FA260016D348BD2800EFDBDF52003203F53C
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\psched.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PSched system32\DRIVERS\psched.sys
PX5: C7C1320E008655110E77011715C66E0009C5AE75
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\ptilink.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Ptilink system32\DRIVERS\ptilink.sys
PX5: F96F182D805891FA452B007EBD870E004C25BA07
Determination: GOOD
C:\WINDOWS\System32\Drivers\PxHelp20.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PxHelp20 System32\Drivers\PxHelp20.sys
PX5: CEED5A5408FE9DE2AA3300585AD0A300BEEAAC3B
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\rasacd.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RasAcd system32\DRIVERS\rasacd.sys
PX5: EF519CA180B540A42200002C4F06E3005372DD33
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Rasl2tp system32\DRIVERS\rasl2tp.sys
PX5: C15C1546804EC8E6C8410037F34FAD00B1FBF6DF
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\raspppoe.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RasPppoe system32\DRIVERS\raspppoe.sys
PX5: A8F2C94800B2E031A21A00F0EC682E009B5794D5
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\raspti.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Raspti system32\DRIVERS\raspti.sys
PX5: 506F10F380FEE57C406900BE351741009F00F0DE
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\rdbss.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Rdbss system32\DRIVERS\rdbss.sys
PX5: EE21D17900972EBEAA93023D87A14E0013D2E867
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RDPCDD System32\DRIVERS\RDPCDD.sys
PX5: 14FCFAAE80A686EB103300CFAE183900CB624D74
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\rdpdr.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\rdpdr system32\DRIVERS\rdpdr.sys
PX5: 02477783007980B5019E03607F7E03003B692115
Determination: GOOD
C:\WINDOWS\system32\sessmgr.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RDSessMgr C:\WINDOWS\system32\sessmgr.exe
PX5: 2C67C68B0020C05D2C3E02893D0F09005D1CF7F5
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\redbook.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\redbook system32\DRIVERS\redbook.sys
PX5: AEF2FC7D804F986FE3C7004FF2D91D0029FD0FC2
Determination: GOOD
C:\WINDOWS\system32\locator.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RpcLocator %SystemRoot%\system32\locator.exe
PX5: C3C0A8550045DDC726E601EBB10B83000E4A4556
Determination: GOOD
C:\WINDOWS\system32\rpcss.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RpcSs %SystemRoot%\system32\svchost -k rpcss
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 27F0519E00F08DE512070643B0627F006598C78A
Determination: GOOD
C:\WINDOWS\system32\rsvp.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RSVP %SystemRoot%\system32\rsvp.exe
PX5: 2057508700E163D906880231F30F2D00E5519440
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\rtl8139 system32\DRIVERS\RTL8139.SYS
PX5: 0D1CF5B000B2C8EA5211002E76778C00F4B2E39E
Determination: GOOD
C:\WINDOWS\System32\SCardSvr.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SCardSvr %SystemRoot%\System32\SCardSvr.exe
PX5: FFC6D19800BAA7847E46014ECC3CD200949D4E12
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\secdrv.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Secdrv system32\DRIVERS\secdrv.sys
PX5: 6C1F33AD30B48B8F6BBC0037A0F8A400F11BD786
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\serenum.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\serenum system32\DRIVERS\serenum.sys
PX5: 4F3C7EAD801665B83CEF00E324D68C009966C2DD
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\serial.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Serial system32\DRIVERS\serial.sys
PX5: 84269A0C80DA4AE9020E01315B99420097A96A32
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\SLIP.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SLIP system32\DRIVERS\SLIP.sys
PX5: C05453A580D50DE62B1A00E6C96F380022C2D117
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SONYPVU1 system32\DRIVERS\SONYPVU1.SYS
PX5: 49228A1D80759C6F1DA00083AB639C0054C27DB1
Determination: GOOD
C:\WINDOWS\system32\drivers\splitter.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\splitter system32\drivers\splitter.sys
PX5: 249A00630095166C194E008C6AC35800063B57CE
Determination: GOOD
C:\WINDOWS\system32\spoolsv.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Spooler %SystemRoot%\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 1DCDB07A00179F65E28700A02CD4BA00B29C7A8B
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\sr.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\sr \SystemRoot\system32\DRIVERS\sr.sys
PX5: 4D90659E00D8A4771F1A013E6E421F00F36027A5
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\srv.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Srv system32\DRIVERS\srv.sys
PX5: 75BFBC608040FEEB14BC05A8A20D28000AA8481B
Determination: GOOD
C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\StarWindServiceAE C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PX5: 6E3F870F008EBEF336270452A8732B00B15E0D48
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\StreamIP.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\streamip system32\DRIVERS\StreamIP.sys
PX5: 37C869AE00A1D1423CD000F9D66948002AC47A8D
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\swenum.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\swenum system32\DRIVERS\swenum.sys
PX5: FDB253C8004ADC8E110200CB82EF3C003BACCEF1
Determination: GOOD
C:\WINDOWS\system32\drivers\swmidi.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\swmidi system32\drivers\swmidi.sys
PX5: D73823E800EBA9D4D48400057CBBEE004EA1E5C8
Determination: GOOD
C:\WINDOWS\system32\drivers\sysaudio.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\sysaudio system32\drivers\sysaudio.sys
PX5: 23CF2276806778A5EDCF00D9512FDE00BB195FEF
Determination: GOOD
C:\WINDOWS\system32\smlogsvc.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SysmonLog %SystemRoot%\system32\smlogsvc.exe
PX5: C0E6801A0095AB606A660128541E440050C06325
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\tcpip.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Tcpip system32\DRIVERS\tcpip.sys
PX5: 4F73F53680D573A87D91052B82C9450084D6047A
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\termdd.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\TermDD system32\DRIVERS\termdd.sys
PX5: 3111E3EA882052CE9F39002D38F46900A7415306
Determination: GOOD
C:\WINDOWS\system32\tlntsvr.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\TlntSvr C:\WINDOWS\system32\tlntsvr.exe
PX5: F869AF89008EB51B24EC0113A0DCBB001FBDD7D2
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\TNET1130.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\TNET1130 system32\DRIVERS\TNET1130.sys
PX5: 917E7E2880166B6E59680776D466AB006EB3617C
Determination: GOOD
C:\WINDOWS\system32\wdfmgr.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\UMWdf C:\WINDOWS\system32\wdfmgr.exe
Loaded into: C:\WINDOWS\system32\wdfmgr.exe
PX5: 9FA38DDC00508FFA98BC0037D087BF0071EC7096
Determination: GOOD
C:\Programmi\Unlocker\UnlockerDriver5.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\UnlockerDriver5 \??\C:\Programmi\Unlocker\UnlockerDriver5.sys
PX5: D90FC9D600B91FAB100D00594066CB00B79BCD14
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\update.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Update system32\DRIVERS\update.sys
PX5: DB815C1080BD5D598E3605C672D6A20096A59C7E
Determination: GOOD
C:\WINDOWS\System32\ups.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\UPS %SystemRoot%\System32\ups.exe
PX5: B1B748F7000750CB484000B4D1F04D00484BD2C2
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\usbehci.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\usbehci system32\DRIVERS\usbehci.sys
PX5: 42E57CAC00DC4FAF684000867EE93C003087E4F7
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\usbhub.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\usbhub system32\DRIVERS\usbhub.sys
PX5: 1972CD35009EF197E1E10053A918EE0090181966
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\usbprint.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\usbprint system32\DRIVERS\usbprint.sys
PX5: C449F0710094064A6580004CDAAF0B00CAA1349A
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\USBSTOR system32\DRIVERS\USBSTOR.SYS
PX5: 6135CAAA80509344675C002A218295006093CEAA
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\usbuhci.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\usbuhci system32\DRIVERS\usbuhci.sys
PX5: 4756F37D00016D8B5030004DF844F10054C11836
Determination: GOOD
C:\Programmi\MSN Messenger\usnsvc.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\usnjsvc "C:\Programmi\MSN Messenger\usnsvc.exe"
PX5: 5ADE8CB4702068007B8E0103793683003D23EE98
Determination: GOOD
C:\WINDOWS\System32\drivers\vga.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\VgaSave \SystemRoot\System32\drivers\vga.sys
PX5: 14B18202007EA0B752C8003693833D00BCED634F
Determination: GOOD
C:\WINDOWS\System32\vssvc.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\VSS %SystemRoot%\System32\vssvc.exe
PX5: F8FD01E1006746AE7C9C04ADE2180F00B254A617
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\wanarp.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Wanarp system32\DRIVERS\wanarp.sys
PX5: D61BDDFF00BF41D487E5002B87E94900EE92AF43
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\Wbcgohal.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\WBCGOHAL system32\DRIVERS\Wbcgohal.sys
PX5: 06C83301C06A6D531928000F793F6B00D5590933
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\wbcgovid.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\WBCGOVID system32\DRIVERS\wbcgovid.sys
PX5: 0823F103805FCA7D52A5019ED6124D00FA259914
Determination: GOOD
C:\WINDOWS\system32\drivers\wdmaud.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\wdmaud system32\drivers\wdmaud.sys
PX5: 1A706C8200C406CF446E0184AD924B00FE330A09
Determination: GOOD
C:\WINDOWS\system32\MsPMSPSv.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\WMDM PMSP Service C:\WINDOWS\system32\MsPMSPSv.exe
Loaded into: C:\WINDOWS\system32\MsPMSPSv.exe
PX5: AB0B7E2010E8101ED148002658AB3C009845D35D
Determination: GOOD
C:\WINDOWS\system32\wbem\wmiapsrv.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
PX5: A8EB9B0C007C19C1EE9501FD1D31580061EB57F5
Determination: GOOD
C:\WINDOWS\System32\drivers\ws2ifsl.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\WS2IFSL \SystemRoot\System32\drivers\ws2ifsl.sys
PX5: E3FE23AC0026FAFE2FF10052E88519002DA1A545
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\WSTCODEC system32\DRIVERS\WSTCODEC.SYS
PX5: B2CFBF068074D4084BB4001A2B9A35007D8AF7A1
Determination: GOOD
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\desktop.ini
Loaded from: REGRUNSHELL
PX5: D6A685675402E3F00095003E7246A900B4A9FE35
C:\Documents and Settings\Amministratore\Menu Avvio\Programmi\Esecuzione automatica\desktop.ini
Loaded from: REGRUNSHELL
PX5: D6A685675402E3F00095003E7246A900B4A9FE35
C:\Documents and Settings\Amministratore\Impostazioni locali\Temp\Tmp___31011\PrevxCSI.exe
Loaded into: C:\Documents and Settings\Amministratore\Impostazioni locali\Temp\Tmp___31011\PrevxCSI.exe
PX5: 0D1B89B4001EE027B0411B31C81987000383BEDB
Determination: GOOD
C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\Documents and Settings\Amministratore\Impostazioni locali\Temp\Tmp___31011\PrevxCSI.exe
Loaded into: C:\WINDOWS\System32\smss.exe
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\CTsvcCDA.exe
Loaded into: C:\Programmi\File comuni\LightScribe\LSSrvc.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\WINDOWS\system32\wdfmgr.exe
Loaded into: C:\WINDOWS\system32\MsPMSPSv.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\gmer.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\PREVXCSIFREE.EXE
PX5: 98EF83350066C70122B20B444BEBEA00D217A1B2
Determination: GOOD
C:\WINDOWS\system32\kernel32.dll
Loaded into: C:\Documents and Settings\Amministratore\Impostazioni locali\Temp\Tmp___31011\PrevxCSI.exe
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\CTsvcCDA.exe
Loaded into: C:\Programmi\File comuni\LightScribe\LSSrvc.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\WINDOWS\system32\wdfmgr.exe
Loaded into: C:\WINDOWS\system32\MsPMSPSv.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\gmer.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\PREVXCSIFREE.EXE
PX5: 0AD652AA00FC1D0CB2930F5593CD84005E517D9A
Determination: GOOD
C:\WINDOWS\system32\USER32.DLL
Loaded into: C:\Documents and Settings\Amministratore\Impostazioni locali\Temp\Tmp___31011\PrevxCSI.exe
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\CTsvcCDA.exe
Loaded into: C:\Programmi\File comuni\LightScribe\LSSrvc.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\WINDOWS\system32\wdfmgr.exe
Loaded into: C:\WINDOWS\system32\MsPMSPSv.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\gmer.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\PREVXCSIFREE.EXE
PX5: D423C40D007DC87CD48F089CF302B800036F5CB9
Determination: GOOD
C:\WINDOWS\system32\GDI32.dll
Loaded into: C:\Documents and Settings\Amministratore\Impostazioni locali\Temp\Tmp___31011\PrevxCSI.exe
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\CTsvcCDA.exe
Loaded into: C:\Programmi\File comuni\LightScribe\LSSrvc.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\WINDOWS\system32\wdfmgr.exe
Loaded into: C:\WINDOWS\system32\MsPMSPSv.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\gmer.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\PREVXCSIFREE.EXE
PX5: E0AE989400FE60C04EE004B2BF0AC40001B8B70F
Determination: GOOD
C:\WINDOWS\system32\COMDLG32.DLL
Loaded into: C:\Documents and Settings\Amministratore\Impostazioni locali\Temp\Tmp___31011\PrevxCSI.exe
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe
PX5: D1079ADC002DFDB3487D042258AF1F00F0FB72E4
Determination: GOOD
C:\WINDOWS\system32\SHLWAPI.dll
Loaded into: C:\Documents and Settings\Amministratore\Impostazioni locali\Temp\Tmp___31011\PrevxCSI.exe
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\File comuni\LightScribe\LSSrvc.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\gmer.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\PREVXCSIFREE.EXE
PX5: 5CE7C78F005ABB1E3E0D07293CC6C00032E98682
Determination: GOOD
C:\WINDOWS\system32\ADVAPI32.dll
Loaded into: C:\Documents and Settings\Amministratore\Impostazioni locali\Temp\Tmp___31011\PrevxCSI.exe
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\CTsvcCDA.exe
Loaded into: C:\Programmi\File comuni\LightScribe\LSSrvc.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\WINDOWS\system32\wdfmgr.exe
Loaded into: C:\WINDOWS\system32\MsPMSPSv.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\gmer.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\PREVXCSIFREE.EXE
PX5: DA31EA390036C3916C5C0A395DA4E3007CA4EABA
Determination: GOOD
C:\WINDOWS\system32\msvcrt.dll
Loaded into: C:\Documents and Settings\Amministratore\Impostazioni locali\Temp\Tmp___31011\PrevxCSI.exe
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\File comuni\LightScribe\LSSrvc.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\WINDOWS\system32\wdfmgr.exe
Loaded into: C:\WINDOWS\system32\MsPMSPSv.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\gmer.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\PREVXCSIFREE.EXE
PX5: EAD3CF360087D2AD3C120509FE506F008FB88290
Determination: GOOD
C:\WINDOWS\system32\COMCTL32.dll
Loaded into: C:\Documents and Settings\Amministratore\Impostazioni locali\Temp\Tmp___31011\PrevxCSI.exe
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\File comuni\LightScribe\LSSrvc.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\gmer.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\PREVXCSIFREE.EXE
PX5: 58711F2E00E7D4E26C3A0946506D1B008DF24393
Determination: GOOD
C:\WINDOWS\system32\OLE32.DLL
Loaded into: C:\Documents and Settings\Amministratore\Impostazioni locali\Temp\Tmp___31011\PrevxCSI.exe
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\WINDOWS\system32\MsPMSPSv.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\gmer.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe
PX5: 85434D2700A77E169AF713D8C3B0DC00CF7A5885
Determination: GOOD
C:\WINDOWS\system32\OLEAUT32.DLL
Loaded into: C:\Documents and Settings\Amministratore\Impostazioni locali\Temp\Tmp___31011\PrevxCSI.exe
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\gmer.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe
PX5: 0ADCFE240032582262B908FFB341E7008E7C2AC4
Determination: GOOD
C:\WINDOWS\system32\PSAPI.DLL
Loaded into: C:\Documents and Settings\Amministratore\Impostazioni locali\Temp\Tmp___31011\PrevxCSI.exe
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
Loaded into: C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\File comuni\LightScribe\LSSrvc.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
Loaded into: C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 5DB1DF3A00AE978A5A1800B9B5A8C30041FF3076
Determination: GOOD
C:\WINDOWS\system32\VERSION.DLL
Loaded into: C:\Documents and Settings\Amministratore\Impostazioni locali\Temp\Tmp___31011\PrevxCSI.exe
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\gmer.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe
PX5: 17E09890009DDCC84AAD00E153CBBA0071FD3882
Determination: GOOD
C:\WINDOWS\system32\WININET.DLL
Loaded into: C:\Documents and Settings\Amministratore\Impostazioni locali\Temp\Tmp___31011\PrevxCSI.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 8333D731002FB446965F0CBE15859300F5792F3B
Determination: GOOD
C:\WINDOWS\system32\Normaliz.dll
Loaded into: C:\Documents and Settings\Amministratore\Impostazioni locali\Temp\Tmp___31011\PrevxCSI.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: E3FC1A7000BA1C775C420052AC60C600F74EBAFC
Determination: GOOD
C:\WINDOWS\system32\iertutil.dll
Loaded into: C:\Documents and Settings\Amministratore\Impostazioni locali\Temp\Tmp___31011\PrevxCSI.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: D1CD546D007C72B3169504B94285C9006712CE9A
Determination: GOOD
C:\WINDOWS\system32\WS2_32.DLL
Loaded into: C:\Documents and Settings\Amministratore\Impostazioni locali\Temp\Tmp___31011\PrevxCSI.exe
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe
PX5: 42D0077300700B1344D7019D11CF0E00A225E294
Determination: GOOD
C:\WINDOWS\system32\WS2HELP.dll
Loaded into: C:\Documents and Settings\Amministratore\Impostazioni locali\Temp\Tmp___31011\PrevxCSI.exe
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe
PX5: 097C6291004A18B14EEC00B4A6264D00B84611B9
Determination: GOOD
C:\WINDOWS\system32\IMM32.DLL
Loaded into: C:\Documents and Settings\Amministratore\Impostazioni locali\Temp\Tmp___31011\PrevxCSI.exe
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\CTsvcCDA.exe
Loaded into: C:\Programmi\File comuni\LightScribe\LSSrvc.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\WINDOWS\system32\wdfmgr.exe
Loaded into: C:\WINDOWS\system32\MsPMSPSv.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\gmer.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\PREVXCSIFREE.EXE
PX5: CDBF4DDD001A7574AE3A01510D252400AF18CE5E
Determination: GOOD
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
Loaded into: C:\Documents and Settings\Amministratore\Impostazioni locali\Temp\Tmp___31011\PrevxCSI.exe
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\File comuni\LightScribe\LSSrvc.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\gmer.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\PREVXCSIFREE.EXE
PX5: 6C2DA8F700C891F6167D107D5B6FFD004BDE3FD7
Determination: GOOD
C:\WINDOWS\SYSTEM32\uxtheme.dll
Loaded into: C:\Documents and Settings\Amministratore\Impostazioni locali\Temp\Tmp___31011\PrevxCSI.exe
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\gmer.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe
PX5: D88EDDB7006796175ABD03E85DCCE30039E51CA1
Determination: GOOD
C:\WINDOWS\system32\MSCTF.dll
Loaded into: C:\Documents and Settings\Amministratore\Impostazioni locali\Temp\Tmp___31011\PrevxCSI.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\gmer.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe
PX5: 64563C73008EB95E7EDD046B94EDCE00A3D588EB
Determination: GOOD
C:\WINDOWS\system32\msctfime.ime
Loaded into: C:\Documents and Settings\Amministratore\Impostazioni locali\Temp\Tmp___31011\PrevxCSI.exe
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\gmer.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe
PX5: A0883E0F00146873B4BB0255156E8700B1387578
Determination: GOOD
C:\WINDOWS\system32\ctagent.dll
Loaded into: C:\Documents and Settings\Amministratore\Impostazioni locali\Temp\Tmp___31011\PrevxCSI.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\gmer.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe
PX5: 7FC9E36B00597D45E03000B82DB4780016DD83D2
Determination: GOOD
C:\WINDOWS\system32\CLBCATQ.DLL
Loaded into: C:\Documents and Settings\Amministratore\Impostazioni locali\Temp\Tmp___31011\PrevxCSI.exe
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: DDDD061C00DDD1C99CCC07876975D5003DF223DA
Determination: GOOD
C:\WINDOWS\system32\COMRes.dll
Loaded into: C:\Documents and Settings\Amministratore\Impostazioni locali\Temp\Tmp___31011\PrevxCSI.exe
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: D3FD3AB2006F991AE8A30C7CE8FD780095D6A640
Determination: GOOD
C:\WINDOWS\System32\smss.exe
Loaded into: C:\WINDOWS\System32\smss.exe
PX5: EAEF384300B86E2BC60900AD18ED0300B6B454BF
Determination: GOOD
C:\WINDOWS\system32\CSRSRV.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
PX5: 672F934100D50DA280D100335AB03A0006C3D206
Determination: GOOD
C:\WINDOWS\system32\winsrv.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
PX5: EA125ACC0017E3527A0804FB6E773E00D0D2275E
Determination: GOOD
C:\WINDOWS\system32\sxs.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: F6867B260073AE3BE8420A9D4CB88200ED96EA53
Determination: GOOD
C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
PX5: D0D54E6C00E89575B4CC07CFE43BE400C1F31A26
Determination: GOOD
C:\WINDOWS\system32\AUTHZ.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 869C1EE500523D0FDE60003D7F38BD0038C5A93D
Determination: GOOD
C:\WINDOWS\system32\MSASN1.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
Loaded into: C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\WINDOWS\system32\wdfmgr.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 09F301D4001F77D2E0150027945354004927323C
Determination: GOOD
C:\WINDOWS\system32\NDdeApi.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
PX5: 8E19EB1100E774A0488300C192BED30080B1D3E4
Determination: GOOD
C:\WINDOWS\system32\PROFMAP.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
PX5: 90AEB4A600D0EF596C4F00D134ACAA00BDFD0752
Determination: GOOD
C:\WINDOWS\system32\NETAPI32.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 0919F94300F3C16412B605F0CC86050045AA2AE7
Determination: GOOD
C:\WINDOWS\system32\USERENV.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\gmer.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 02BF46CD00DC848D207F0BA7D391AB00DCDEB32E
Determination: GOOD
C:\WINDOWS\system32\REGAPI.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: BDCF1CB600ACB6D2C2EE007361942C0007606048
Determination: GOOD
C:\WINDOWS\system32\SETUPAPI.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\WINDOWS\system32\wdfmgr.exe
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 085443D800EAF0FA42960F6622B8E300CB4CB91D
Determination: GOOD
C:\WINDOWS\system32\WINSTA.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 1789B2A5005E39C8D2660086022E8500C3B9450D
Determination: GOOD
C:\WINDOWS\system32\WINTRUST.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\WINDOWS\system32\wdfmgr.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 0D34C3E0002C3B32B2670226273B8500327F7603
Determination: GOOD
C:\WINDOWS\system32\IMAGEHLP.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\WINDOWS\system32\wdfmgr.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 92D4CA5F00EA8A5C340F02F2506EE800E1319CFF
Determination: GOOD
C:\WINDOWS\SYSTEM32\MSGINA.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 0590994000D0A8B53A390FFB32187D003143117B
Determination: GOOD
C:\WINDOWS\SYSTEM32\ODBC32.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
PX5: A52E0F9B00E1697FD015036BACB9C10078B33C67
Determination: GOOD
C:\WINDOWS\SYSTEM32\odbcint.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
PX5: 17030F830012904980B601AEBBE29A00B94ABB0D
Determination: GOOD
C:\WINDOWS\SYSTEM32\SHSVCS.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 593617FD0028BAC30E8502553039DB005AE5DAA4
Determination: GOOD
C:\WINDOWS\system32\sfc.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 16BA5AAF006AA18914FD002B882F7D0027109E10
Determination: GOOD
C:\WINDOWS\SYSTEM32\sfc_os.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 53B4176200566C3D2844029CE35AC3003149753E
Determination: GOOD
C:\WINDOWS\system32\Apphelp.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\PREVXCSIFREE.EXE
PX5: 2E534C590076A85BF05D01EC9E4FFB0089A4554F
Determination: GOOD
C:\WINDOWS\SYSTEM32\WINSCARD.DLL
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
PX5: 49E7BE4C00EA6409841F01CF112B5500E75D0DD5
Determination: GOOD
C:\WINDOWS\SYSTEM32\WTSAPI32.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 1CDB8610004CDD7F48CB007245065C0097B2DD61
Determination: GOOD
C:\WINDOWS\SYSTEM32\WINMM.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe
PX5: 8B514EB5005BE141BAA3022C5AD8F400CAAEB534
Determination: GOOD
C:\WINDOWS\SYSTEM32\rsaenh.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 19B797A900BB112F5426027FDD39EC001D5760F1
Determination: GOOD
C:\WINDOWS\SYSTEM32\WINSPOOL.DRV
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe
PX5: A35B6D1900D11F1D3E5102B97EFC0500E974203D
Determination: GOOD
C:\WINDOWS\system32\MPR.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
PX5: 4E92FBCC002BB291EAE5000F10C15F00A1E7AD21
Determination: GOOD
C:\WINDOWS\SYSTEM32\iphlpapi.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 352A2D920078A26F766401FF71F80300DA785AEF
Determination: GOOD
C:\WINDOWS\SYSTEM32\SAMLIB.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\MsPMSPSv.exe
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 6D3509C200E203F6FAF00078D7EA35003D8429D0
Determination: GOOD
C:\Programmi\Funk Software\Funk Client\odLogin.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
PX5: C9B7CD8C4273868930E702998D7CC300227383EF
Determination: GOOD
C:\WINDOWS\SYSTEM32\xpsp2res.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: DD9EAB9A00D5F12036192D6118710400ADB6810C
Determination: GOOD
C:\WINDOWS\SYSTEM32\NTMARTA.DLL
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\MsPMSPSv.exe
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 1D452FC300F103CCD4AF019C0B4A1000D0C05759
Determination: GOOD
C:\WINDOWS\system32\WLDAP32.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Loaded into: C:\WINDOWS\system32\MsPMSPSv.exe
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 9E81915C002CE532A4010226E6EC3100C992DBA0
Determination: GOOD
C:\WINDOWS\SYSTEM32\MSACM32.dll
Loaded into: C:\WINDOWS\SYSTEM32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: CD32AC5300D4DB3A183401A597817D009B477A6B
Determination: GOOD
C:\WINDOWS\system32\SCESRV.dll
Loaded into: C:\WINDOWS\system32\services.exe
PX5: 42090831009A7DEDFC25041A41C0A6009F850DB8
Determination: GOOD
C:\WINDOWS\system32\umpnpmgr.dll
Loaded into: C:\WINDOWS\system32\services.exe
PX5: A0722C41001DFC8BE8A7011B43DD8300C52FA704
Determination: GOOD
C:\WINDOWS\system32\NCObjAPI.DLL
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 7EA0BF3D001A18F58E38007796CD8000CD7F3FCC
Determination: GOOD
C:\WINDOWS\system32\MSVCP60.dll
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
PX5: 2D7DD02900BE71EC5085060A796CD8005BF97344
Determination: GOOD
C:\WINDOWS\system32\ShimEng.dll
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\WINDOWS\System32\alg.exe
PX5: 279F162200D45347000001BBAACC850063724C8D
Determination: GOOD
C:\WINDOWS\AppPatch\AcGenral.DLL
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\WINDOWS\System32\alg.exe
PX5: 5F6310EE002D3DBC446C1C5A826CF10048881669
Determination: GOOD
C:\WINDOWS\system32\eventlog.dll
Loaded into: C:\WINDOWS\system32\services.exe
PX5: D2B7D57A001E9CD9DA5600E2BE4F3C00079E4466
Determination: GOOD
C:\WINDOWS\system32\LSASRV.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: 181FFA8C00B85EB21A490B978BFB5C007BE61F0C
Determination: GOOD
C:\WINDOWS\system32\NTDSAPI.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: B049763B0042836806A701AA022FCD00F10A90B1
Determination: GOOD
C:\WINDOWS\system32\DNSAPI.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 74EB5FA400ECF6FA447C02F4107A1600E5E5C273
Determination: GOOD
C:\WINDOWS\system32\SAMSRV.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: E92EC68300CE21C68E4E06BCC0EDF6004268C49A
Determination: GOOD
C:\WINDOWS\system32\cryptdll.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 81B30DAB0078862F82C6000202049600DB968CD1
Determination: GOOD
C:\WINDOWS\system32\msprivs.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: 0CA48DC3002C50B3BC750065E2B27800000C62EB
Determination: GOOD
C:\WINDOWS\system32\w32time.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: B0DB78E90001F969B24A022F16FE9C007D6DCCBC
Determination: GOOD
C:\WINDOWS\system32\ipsecsvc.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: B05D914900808F8FCED102E7A46D080020A33905
Determination: GOOD
C:\WINDOWS\system32\oakley.DLL
Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: A4E8D0C400046CE116C204B93C6D3F0003672778
Determination: GOOD
C:\WINDOWS\system32\WINIPSEC.DLL
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 5E3F044E00E5E84280510004471F8A00BD7E5854
Determination: GOOD
C:\WINDOWS\system32\pstorsvc.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: DCF79E3E001DA16F86F70051A83A8600579ADC98
Determination: GOOD
C:\WINDOWS\system32\psbase.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: E242805400420CE08090017E79023900E657FC90
Determination: GOOD
C:\WINDOWS\system32\hnetcfg.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 2CFD58C600B6F9414A810565679BD6001F42D5DE
Determination: GOOD
C:\WINDOWS\System32\wshtcpip.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 522AC66D001B6D5A4E8E00D8A0AEF000528059BA
Determination: GOOD
C:\WINDOWS\system32\dssenh.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 31E843BE00E2A81C18FA0265E10B6500232880A4
Determination: GOOD
C:\WINDOWS\system32\powrprof.dll
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
PX5: 31AB7E9C00B2127E4485007208C03300950D28C1
Determination: GOOD
C:\WINDOWS\system32\cfgMgr32.dll
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
PX5: 74C69D7C00EDC85142F6003C4DC9A1006D7B8195
Determination: GOOD
C:\WINDOWS\system32\Ati2edxx.dll
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
PX5: 56101C4F00928E5BAA060020BE64A100CA7FC85D
Determination: GOOD
C:\WINDOWS\system32\atipdlxx.dll
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\SYSTEM32\Ati2evxx.exe
PX5: BC320EB70093D2AB30D402F3307BC500A2118825
Determination: GOOD
C:\WINDOWS\system32\msi.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
PX5: B09678EF00F05CBD8EB12B2266AE240024089B64
Determination: GOOD
c:\windows\system32\termsrv.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 15A4D5880058E23888C304BFF814830042F0D520
Determination: GOOD
c:\windows\system32\ICAAPI.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: BB3E4FC6005CCAE92CC10044E2AB07008B832EBD
Determination: GOOD
c:\windows\system32\mstlsapi.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: F3CF001500470019C4F901369ADAFD00DF876B1F
Determination: GOOD
c:\windows\system32\ACTIVEDS.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
PX5: EFB02947002647C8F6250205FD9612006E9558F5
Determination: GOOD
c:\windows\system32\adsldpc.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
PX5: 6D8B11FE00EF99F53026027F152EC40097EA0ACA
Determination: GOOD
c:\windows\system32\ATL.DLL
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 90FBA32A008A4DC9E6A3004879775D009B9241D5
Determination: GOOD
C:\WINDOWS\system32\rasadhlp.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 44992DD300BD805F2027003B3C2E0700008DD7C4
Determination: GOOD
c:\windows\system32\dbghelp.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: CA15549600DD8409C430096381351D009D50E233
Determination: GOOD
c:\windows\system32\dhcpcsvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 6B31A5B6003DEA2AB413012609A16300F9086E97
Determination: GOOD
c:\windows\system32\wzcsvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 3DF4750600996C8B7E470562CED514005814EDBA
Determination: GOOD
c:\windows\system32\rtutils.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: BF0F14BA00130FA5ACFA00D907EAE70083958E2B
Determination: GOOD
c:\windows\system32\WMI.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 781B3D7300C600C41695006A26ACBD006AA9CB45
Determination: GOOD
c:\windows\system32\ESENT.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 44A1D0F1009656EFAA4210CE1D5F1E00AAA3CF3A
Determination: GOOD
C:\WINDOWS\System32\rastls.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: F64AC68A00F37A69B87E01DB8E696800CC9225D9
Determination: GOOD
C:\WINDOWS\system32\CRYPTUI.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 5142AFD100A220AEFE57076D08D9310067F36935
Determination: GOOD
C:\WINDOWS\System32\MPRAPI.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: F40536E000846CE4547B017CD7ABC100D153D57A
Determination: GOOD
C:\WINDOWS\System32\RASAPI32.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 7E18516500FFE5CC9C5B03564D831C0011FCFEEB
Determination: GOOD
C:\WINDOWS\System32\rasman.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 7F1D9BFF002D89D3F04E005C98AFF900ECE9EEA3
Determination: GOOD
C:\WINDOWS\System32\TAPI32.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: ECB3A62200F5E5E3C61D0271F9934A0018AE4A00
Determination: GOOD
C:\WINDOWS\System32\raschap.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 6CBEE3D600A4FEB310F101DE8C083F003D6F721F
Determination: GOOD
C:\WINDOWS\System32\WZCSAPI.DLL
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
PX5: EBF8733200CD9B7CCA4C0051E7642A0024707F2E
Determination: GOOD
c:\windows\system32\schedsvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 5DDC4A3800A53317F204023D51875A00711FF5B5
Determination: GOOD
C:\WINDOWS\System32\MSIDLE.DLL
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 892E25230047BFE41A2700448F955F00DB3FDA3D
Determination: GOOD
c:\windows\system32\audiosrv.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 97A7792B000122A1A6A80092373D18006EB85382
Determination: GOOD
c:\windows\system32\wkssvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: F785B0520050629F0457028102F0DA00CD162C70
Determination: GOOD
c:\windows\system32\qmgr.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: A628078700D0FC00D60105464D1E6100132AFD53
Determination: GOOD
c:\windows\system32\SHFOLDER.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
PX5: 209DE55C009ABDE8627700E93AF07200F7058D40
Determination: GOOD
c:\windows\system32\WINHTTP.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
PX5: 8A8FE9C3008B23F25C3905D494C02C00D181B661
Determination: GOOD
c:\windows\system32\dmserver.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: FABFF932000B9F155E610037E22ABC006B953D35
Determination: GOOD
c:\windows\system32\cryptsvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 4924777000FF363CECB300E8D69F7300112A6AF8
Determination: GOOD
c:\windows\system32\certcli.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 925C7DF9003B9C1200C5031520AB850028BB5515
Determination: GOOD
c:\windows\system32\es.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 79EA0C1C007DD384B6CC033ACA71FA00F62D9D5F
Determination: GOOD
c:\windows\pchealth\helpctr\binaries\pchsvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 5BE772A20028818F98B300E973AA5500998EE021
Determination: GOOD
c:\windows\system32\ersvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 1075AE7B006257925A3B00E01F4D2400B15FB39E
Determination: GOOD
c:\windows\system32\srvsvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 0BFF5A6200F821CA7A0401E40DD655008D70866B
Determination: GOOD
c:\windows\system32\netman.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 65612A5600E1886F042503516394BA0003C1C8BE
Determination: GOOD
c:\windows\system32\credui.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: E886FD9F0056D4F18254029213832F003DEFF647
Determination: GOOD
c:\windows\system32\seclogon.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 5B80E36F00AA396B4A8300B7E7951D00D7AA4B2D
Determination: GOOD
c:\windows\system32\sens.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 00AF89660086F69E989700E590F03600F597A8F5
Determination: GOOD
c:\windows\system32\srsvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: F652BD0100BA7CC29C6202A16DDB5500C590261B
Determination: GOOD
c:\windows\system32\trkwks.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 906F8E37007C9B5A621D011F493B83005C29CC43
Determination: GOOD
c:\windows\system32\wbem\wmisvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: CEF9F3BC00C6E32738BF0260919AD800E787713F
Determination: GOOD
C:\WINDOWS\system32\VSSAPI.DLL
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: FAEC6BFB002AF8059230067AACCA280087EB5B02
Determination: GOOD
c:\windows\system32\wuauserv.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 0799809A00702BD41AB400068A66AC0043C84727
Determination: GOOD
C:\WINDOWS\system32\wuaueng.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 26C07DF358FF2BE623151A8BD3FD64005FC70733
Determination: GOOD
C:\WINDOWS\System32\Cabinet.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 60605FEC005AB19AEA050033F1225300422702FD
Determination: GOOD
C:\WINDOWS\System32\mspatcha.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 192CF4F3003C31E4769D0029DA080500F7D037E4
Determination: GOOD
c:\windows\system32\browser.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 9CDD0A4F005D0D9D2E6201C807EC76000E0D1CE8
Determination: GOOD
c:\windows\system32\wscsvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: B11BC224000C550D3E4B01F1618F6300676DF706
Determination: GOOD
C:\WINDOWS\system32\wbem\wbemcomn.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 30B285D60040901346F3037FF72C08005C58C30E
Determination: GOOD
C:\WINDOWS\system32\netcfgx.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 4F8DF8B4009990EE9C82091CBF6CD600CD59067D
Determination: GOOD
C:\WINDOWS\system32\CLUSAPI.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: F4F4A6AD001EC8C1E2C500B4FE61840054C0DDE3
Determination: GOOD
C:\WINDOWS\system32\comsvcs.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: ED0A598E00540BAB56A9139D5AFF60002DA225EE
Determination: GOOD
C:\WINDOWS\system32\colbact.DLL
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: A0B0F9B500ACD436ECA70034F32E2C001398A8B7
Determination: GOOD
C:\WINDOWS\system32\MTXCLU.DLL
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 66978F8E0092BC0304EB01E29B925900A2E75CFB
Determination: GOOD
C:\WINDOWS\system32\WSOCK32.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 2C097C2B007169C960BA0014DCE7CC0038229E38
Determination: GOOD
C:\WINDOWS\System32\RESUTILS.DLL
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 6DFA47A500DAF26FE68800D61F5B31009BB0B65D
Determination: GOOD
C:\WINDOWS\SYSTEM32\WBEM\wbemcore.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: D34E2BC3004DE1451AED08DF0B2B620026599912
Determination: GOOD
C:\WINDOWS\SYSTEM32\WBEM\esscli.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: DE687FC600BAAC77C8B4030B6F14AB0094AE7226
Determination: GOOD
C:\WINDOWS\SYSTEM32\WBEM\FastProx.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: AEBA61B800E4BC9A34F5075F66FDAB005D1447F9
Determination: GOOD
C:\WINDOWS\system32\wbem\wbemsvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 25397BDF00757EBFAAF700E3ED2B7800B9284F1B
Determination: GOOD
C:\WINDOWS\system32\wbem\wmiutils.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 0BDBA5A5000A6748803F0102F9279500D2C1C9B2
Determination: GOOD
C:\WINDOWS\system32\wbem\repdrvfs.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: DAAC922100087395B4C8026D60ACD300B870E129
Determination: GOOD
C:\WINDOWS\system32\wbem\wmiprvsd.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: DCBBBE7700F574BEAC5B06A359C30800D52199FA
Determination: GOOD
C:\WINDOWS\system32\wbem\wbemess.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 57BC20470030CEBC2E7C0420B5413100E2A61178
Determination: GOOD
C:\WINDOWS\System32\RASDLG.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 289AD96400BB9C934C7F0AD56A0D5500E683D618
Determination: GOOD
C:\WINDOWS\system32\wbem\ncprov.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 28C2B58B00AC779DB8320092176FE400CB94678D
Determination: GOOD
c:\windows\system32\tapisrv.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 77B7DE3500985E80CE7503E2DF55BE00B03FFDDD
Determination: GOOD
c:\windows\system32\rasmans.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 6AC5343500463BCBC43C0233B0575500AE7EBADF
Determination: GOOD
C:\WINDOWS\System32\rastapi.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 699D459D008C3BC6E634009735DEBF004B936485
Determination: GOOD
C:\WINDOWS\System32\unimdm.tsp
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: BFCEE8FF0036A1F42CB803103A63E10078271DF9
Determination: GOOD
C:\WINDOWS\System32\uniplat.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: D4A3FA58003A460436E500FC8F082200CAF4CCCF
Determination: GOOD
C:\WINDOWS\System32\kmddsp.tsp
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: C200FF390086F832824F0082C924C70039E73BB5
Determination: GOOD
C:\WINDOWS\System32\ndptsp.tsp
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 9787C23000D76D69E07F0030C6CACA005BA7ED34
Determination: GOOD
C:\WINDOWS\System32\ipconf.tsp
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: BB9887B4006414FA44B900C28BC43200412916D4
Determination: GOOD
C:\WINDOWS\System32\h323.tsp
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 72FD790F00B8268510FF046EA54C6E0080B1B5D1
Determination: GOOD
C:\WINDOWS\System32\hidphone.tsp
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 578102E800C1441976DD00BD8619300083827C0B
Determination: GOOD
C:\WINDOWS\System32\HID.DLL
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 551CD37300F70F6C527C0010EC920400B756D4FA
Determination: GOOD
C:\WINDOWS\System32\rasppp.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 69B8011C006A35C426B80310309570000552A536
Determination: GOOD
C:\WINDOWS\System32\ntlsapi.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 182944C0006C52E520B8003B3C2E0700820D2E78
Determination: GOOD
C:\WINDOWS\system32\wups2.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 8F8648A158D15CF4A9FE004434B05300230EE2A8
Determination: GOOD
C:\WINDOWS\system32\mlang.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: A0FB8BA50045A9FEF20208062C04B3005F96B032
Determination: GOOD
C:\WINDOWS\System32\xmlprovi.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: F8AAB7ED00389F6FC419009F9AC92500C1676D16
Determination: GOOD
c:\windows\system32\dnsrslvr.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 3AB739DC00686EC6B26F00A3B54A4300F767B865
Determination: GOOD
c:\windows\system32\lmhsvc.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 050B19680015AAE33629000A173BF5000631D061
Determination: GOOD
c:\windows\system32\webclnt.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: F49C6F7000D3BB7B0AFE01B9E6A55A009E654432
Determination: GOOD
c:\windows\system32\regsvc.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 0038ECD50092146CEAE600DC41696F006EFFA138
Determination: GOOD
C:\Programmi\Lavasoft\Ad-Aware 2007\CEAPI.dll
Loaded into: C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
PX5: B9A9A350683F4CC015C40B004D1B0100CE760A0A
Determination: GOOD
C:\Programmi\Lavasoft\Ad-Aware 2007\PKArchive84cb.dll
Loaded into: C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
PX5: EAE5B01648BD2BEBB736099BCB24C600CD615AD8
Determination: GOOD
C:\Programmi\Lavasoft\Ad-Aware 2007\Update.dll
Loaded into: C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
PX5: 37445B8260863790053A08EE7CC64800F452D75D
Determination: GOOD
C:\WINDOWS\system32\MSIMG32.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe
PX5: CB413D4600B070AF127100D0C427CA00FD59EFF9
Determination: GOOD
C:\WINDOWS\system32\LINKINFO.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 87EB2C9D005DD1A14E450046E4D6CC0014CFCDB6
Determination: GOOD
C:\WINDOWS\system32\urlmon.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 6ED2C51B00079014941E114AA3462E00DC76EA1A
Determination: GOOD
C:\WINDOWS\system32\BatMeter.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 73074F1200F9F02570C400FC5F48D3002E4325D8
Determination: GOOD
C:\WINDOWS\system32\wzcdlg.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: FDC5ABBF00DE72F2C818054EFDC634000861176E
Determination: GOOD
C:\WINDOWS\system32\browselc.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: EA63F88500B471270C9A01309A4A800054BE305C
Determination: GOOD
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCR80.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\File comuni\LightScribe\LSSrvc.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 6C82A3A300EB8CD49022098E20538200F3E7F8FE
Determination: GOOD
C:\Programmi\Spybot - Search & Destroy\SDHelper.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 8D9B092A504AF5BE1FAE113F9CB85F009EC65008
Determination: GOOD
C:\WINDOWS\system32\faultrep.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 8881272500607D363C8201F4E6BB3A00D79C24A3
Determination: GOOD
C:\WINDOWS\system32\olepro32.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\gmer.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe
PX5: 4451C5BD00B67BC2466601954AF9C000130A3600
Determination: GOOD
C:\WINDOWS\system32\DUSER.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 576588D800DB533AA46504C81FA1F900F6700574
Determination: GOOD
C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\PDFShell.ITA
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: D581665A000C981EC0E1044D188D40005CCA75A7
Determination: GOOD
C:\WINDOWS\system32\SensApi.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 945479A500423FB71A9A004C020A3B0024ABF6B3
Determination: GOOD
C:\WINDOWS\System32\drprov.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: BB8EDCE2008403A638800074FD083400905C26EC
Determination: GOOD
C:\WINDOWS\System32\ntlanman.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: FCEBCD7A009905FEAA4200960455950080D2A1BD
Determination: GOOD
C:\WINDOWS\System32\NETUI0.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 074187360063FEE5400A014D6C2C430053ABE349
Determination: GOOD
C:\WINDOWS\System32\NETUI1.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: A4DAD8A200850E09C097034C744E770099F86FBA
Determination: GOOD
C:\WINDOWS\System32\NETRAP.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: B3940B1900334CEB30F300847BE9340024D302E6
Determination: GOOD
C:\WINDOWS\System32\davclnt.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 5E0DDE0C0099E131624800B42D603500DF9BC5AA
Determination: GOOD
C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 43FC1F718034B0CAF2E7007A2CAFD0009BF22C42
Determination: GOOD
C:\WINDOWS\system32\shdoclc.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 552F282A005B9932A4DA08FB1D53CE00D5EAFBF4
Determination: GOOD
C:\Programmi\Adobe\Reader 8.0\Reader\viewerps.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: B0C52A9A80F62390429000B85505C60050C509AA
Determination: GOOD
C:\WINDOWS\system32\SPOOLSS.DLL
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: EEC4C153008FC3AA248101F4B2E71800601A2E7A
Determination: GOOD
C:\WINDOWS\system32\localspl.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 4416D740002AA3683E4E05C1EF102900643A9BD8
Determination: GOOD
C:\WINDOWS\system32\cnbjmon.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: ADFEA2D500C13C76C238009F710B75002AA8B844
Determination: GOOD
C:\WINDOWS\system32\CNMLM61.DLL
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 2F8EC68900FFE611C87A015EDE731B006753A28D
Determination: GOOD
C:\WINDOWS\system32\mdimon.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 4A580D5700F10E5846F3006043C178003D6E741C
Determination: GOOD
C:\WINDOWS\system32\pjlmon.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 84CFC62400E584133C01005DDEFEF70074DE7C99
Determination: GOOD
C:\WINDOWS\system32\tcpmon.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 4DB1307F00B38383B4DE0091A261F900D73B20B9
Determination: GOOD
C:\WINDOWS\system32\usbmon.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 355B55CF00434C1C429F0037D7A64900612AB6C2
Determination: GOOD
C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD61.DLL
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 48F3EA36006DAA1F465B007509F77C002C8B4AA9
Determination: GOOD
C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 90B16E50005219F14AEA007FE239C5004092D249
Determination: GOOD
C:\WINDOWS\system32\win32spl.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 3EE5A7330005B84D903F019D6D465800D7DE2821
Determination: GOOD
C:\WINDOWS\system32\inetpp.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 84746D7B00F17DE826600104529E590058DFB441
Determination: GOOD
C:\Programmi\File comuni\LightScribe\LSSProxy.dll
Loaded into: C:\Programmi\File comuni\LightScribe\LSSrvc.exe
PX5: ECA11C2500885292B0BA01424A8EE400EF1EA814
Determination: GOOD
C:\Programmi\File comuni\LightScribe\LSLog.dll
Loaded into: C:\Programmi\File comuni\LightScribe\LSSrvc.exe
PX5: 9059C54600B7CA85823800F50EC818002FE02B56
Determination: GOOD
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCP80.dll
Loaded into: C:\Programmi\File comuni\LightScribe\LSSrvc.exe
PX5: BDFA7584005A9BE560AE0893E94DC600312D7A15
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\1040\mdmui.dll
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
PX5: 2998F71B0054707760E1002DBABFEB007BD15900
Determination: GOOD
C:\Programmi\Raxco\PerfectDisk\PDCommon.dll
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
PX5: 6FAE01E208B8545D557E027699C7850086B6478A
Determination: GOOD
C:\Programmi\Raxco\PerfectDisk\MSVCP71.dll
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
PX5: F133D4F000B92F08A0E107FD67B66E0015498C05
Determination: GOOD
C:\Programmi\Raxco\PerfectDisk\MSVCR71.dll
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
PX5: 3FEE1145002F2EB8504E05ED76DA9100776D97E7
Determination: GOOD
C:\Programmi\Raxco\PerfectDisk\PDDb.dll
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
PX5: F5DF361D08794EFB25F401060A48C20077171D8C
Determination: GOOD
C:\Programmi\Raxco\PerfectDisk\sqlite3.dll
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
PX5: 2B50585E085224ED95C405EE342BBF008F974552
Determination: GOOD
C:\Programmi\Raxco\PerfectDisk\PDLangEN.dll
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
PX5: 9665E54608525BD1850C3117440DF60014611EF4
Determination: GOOD
C:\Programmi\Raxco\PerfectDisk\PDEngineps.dll
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
Loaded into: C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
PX5: AB7E864D08381FF64DAE007DCE6619004BB2BB8C
Determination: GOOD
C:\WINDOWS\system32\wsnmp32.dll
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PX5: DCF100F400C1FA92A6C0006EC31E10006A687480
Determination: GOOD
C:\WINDOWS\system32\MSXML3.DLL
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 60B20BB200F84299DCAB10FF374BBC00797C1A91
Determination: GOOD
c:\windows\system32\wiaservc.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: B69A81C6002918EE1A4705E2549FBB00ED5C7BBD
Determination: GOOD
c:\windows\system32\mscms.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: DF52A2B9002BAEF722FE01B4E2E8B900D4427BF9
Determination: GOOD
C:\WINDOWS\system32\actxprxy.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 007947C1003133828EF901D865E09C00F6A66BF3
Determination: GOOD
C:\WINDOWS\system32\MFC42.DLL
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
PX5: FD5A337B00529124B0D80F421E82790041341A00
Determination: GOOD
C:\WINDOWS\system32\MFC42LOC.DLL
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
Loaded into: C:\Programmi\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
PX5: 50EC1EAC0042F609E0B8000596D265006CAB3F5E
Determination: GOOD
C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.crl
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
PX5: F0AED79900CBBB534031009C733AB600ACEF6D29
Determination: GOOD
C:\Programmi\Creative\Shared Files\CTTheme.dll
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
PX5: 1E09D14900BC4112301B02098D7C9600033BD084
Determination: GOOD
C:\Programmi\Creative\Shared Files\CtrlSrc.dll
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
PX5: A645197C00E42F67A03600F4C096F9008454177A
Determination: GOOD
C:\Programmi\Creative\Shared Files\CTIniF.dll
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
PX5: BE102BDD00A2C97AD0AB00BB36D08100C212A577
Determination: GOOD
C:\Programmi\Creative\Shared Files\GDICtrl.skc
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
PX5: EB9018AE0049EC1FE0010413D07D3A00B7DDBFF4
Determination: GOOD
C:\Programmi\Creative\Shared Files\RTXCtrl.skc
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
PX5: 8F19B76600A08E3CC03B013B78192800A2BFFB3F
Determination: GOOD
C:\Programmi\Creative\Shared Files\mxlib.dll
Loaded into: C:\Programmi\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
PX5: 424C9C7A007EFB16300801223CCAA40081F02A7F
Determination: GOOD
C:\WINDOWS\SYSTEM32\CTDCIFCE.DLL
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
PX5: 773F06DD0003791620020274FFBDB500B0784477
Determination: GOOD
C:\WINDOWS\SYSTEM32\CTDC0001.DLL
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
PX5: C6BC44350061998B103206ED67578D002F3F0852
Determination: GOOD
C:\WINDOWS\SYSTEM32\ctosuser.dll
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
PX5: 0438B18A009E35B7604E024154018200D698558D
Determination: GOOD
C:\WINDOWS\SYSTEM32\CTDPROXY.DLL
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
PX5: 5DA0998C006AB6FCB00F01A894D58B00577A5984
Determination: GOOD
C:\WINDOWS\SYSTEM32\PIAPROXY.DLL
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
PX5: 411DFBD90084E917B0AF01D70F97B700A029C0AF
Determination: GOOD
C:\WINDOWS\system32\ctspkhlp.dll
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
PX5: 41402A650013F2F2B0870088D6924A00535B54A3
Determination: GOOD
C:\WINDOWS\system32\DSOUND.dll
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
PX5: E5087FD800F9DAEF9CF20543474A2400CFECBDBE
Determination: GOOD
C:\WINDOWS\system32\KsUser.dll
Loaded into: C:\WINDOWS\system32\CTHELPER.EXE
PX5: AAD6D56F00EC2271104D0037883D3E00B79BCD14
Determination: GOOD
C:\Programmi\File comuni\Ahead\Lib\MSVCP71.dll
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
PX5: F133D4F000B92F08A0E107FD67B66E0015498C05
MD5: 561fa2abb31dfa8fab762145f81667c2
Determination: GOOD
C:\Programmi\File comuni\Ahead\Lib\MSVCR71.dll
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
PX5: 3FEE1145002F2EB8504E05ED76DA9100776D97E7
MD5: 86f1895ae8c5e8b17d99ece768a70732
Determination: GOOD
C:\Programmi\File comuni\Ahead\Lib\AdvrCntr2.dll
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
PX5: 4F0D0FCF28D14993E5DA2E2B03E3DB00AF4ACD0F
Determination: GOOD
C:\Programmi\File comuni\Ahead\Lib\NMIndexingServicePS.dll
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
PX5: 3E41A7AC2822AAE6E74800344DD7530062FA9457
Determination: GOOD
C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvrPS.dll
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
PX5: 01F457F2287A761651CA005C3E33A8000AB6A2E7
Determination: GOOD
C:\Programmi\File comuni\Ahead\Lib\NMDataServices.dll
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
PX5: 6C2A44742862F360F57429A6A6A335007979BB0A
Determination: GOOD
C:\WINDOWS\system32\IPROP.dll
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
PX5: A4B5F86400EACF0B0ED900CF73583500B79BCD14
Determination: GOOD
C:\WINDOWS\system32\MSUTB.dll
Loaded into: C:\WINDOWS\system32\ctfmon.exe
PX5: 7A3AA486004261ECFC5902E8FBAFDA00B6B25BB1
Determination: GOOD
C:\WINDOWS\system32\hhctrl.ocx
Loaded into: C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
PX5: D3B0A24B002675A156C508DBC9824800F99F525D
Determination: GOOD
C:\WINDOWS\system32\mui\0010\hhctrlui.dll
Loaded into: C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
PX5: BA28999700DF7F81607B01C7951F4A005B77C7B8
Determination: GOOD
C:\Programmi\Spybot - Search & Destroy\advcheck.dll
Loaded into: C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
PX5: F33694CC501647F0A7F70AF59714FF00709F8D40
Determination: GOOD
C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
PX5: 6E86208300B2A92F90D700271AEC720076750C46
Determination: GOOD
C:\Programmi\ZyXEL\G360\Common.dll
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
PX5: B35FE8F900E7D63B90FF00B149F274000194F284
Determination: GOOD
C:\Programmi\ZyXEL\G360\Helper.dll
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
PX5: 0B57BCD40035C709107A01F39CCDFB00DC28685F
Determination: GOOD
C:\Programmi\ZyXEL\G360\Tray.dll
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
PX5: 3053C08F009A3895902C006195A1BB005536771A
Determination: GOOD
C:\Programmi\ZyXEL\G360\Dcc.dll
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
PX5: 43E70A580072C31170B600FCF4D64B00D2B2EE3B
Determination: GOOD
C:\Programmi\ZyXEL\G360\PcaNdis.dll
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
PX5: 1C8ACBC10016FC59D0B601631A3CA8009B4550AF
Determination: GOOD
C:\WINDOWS\system32\W32N50CT.dll
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
PX5: 6B66FEC300C50C4F70F801A5C14FDF001D50A136
Determination: GOOD
C:\Programmi\ZyXEL\G360\Odyssey.dll
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
PX5: 6A51117B00BBA7C5F08100414F765C00329D84EE
Determination: GOOD
C:\Programmi\Funk Software\Funk Client\odClientControl.dll
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
PX5: 213E468A48CD14E7E03A0A7C5A2F8300D6A726D1
Determination: GOOD
C:\Programmi\File comuni\Funk Software\dcfDOM.dll
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
PX5: AD4CE4C33C4F16B770B307ED4D8F5A003F812045
Determination: GOOD
C:\Programmi\File comuni\Funk Software\dcfLibrary.DLL
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
PX5: BBC92603405C13A29098041D9F675A00C0FAC800
Determination: GOOD
C:\Programmi\ZyXEL\G360\TI.dll
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
PX5: 5F3FB539003657E090EF019B0B736D006B24CFD5
Determination: GOOD
C:\Programmi\ZyXEL\G360\odSupp_M.dll
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
PX5: 5D1048AE5AAB7CDCB01F128916957A00016BEFEF
Determination: GOOD
C:\Programmi\ZyXEL\G360\tiwlnapi.dll
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
PX5: 6FE8F07300C018A7A0E400685DE4F300B94632E3
Determination: GOOD
C:\Programmi\ZyXEL\G360\GenChip.dll
Loaded into: C:\Programmi\ZyXEL\G360\Gcc.exe
PX5: 2BFE71EE00598EC5E0E5008078B41700FD0F2453
Determination: GOOD
C:\Programmi\ZyXEL\G360\OdHost.exe
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
PX5: 70D27AEF41CF4BC76026002DDDE82A0007109DA6
Determination: GOOD
C:\Programmi\Funk Software\Funk Client\odService.dll
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
PX5: 32519CB542C3557190B613F2F5AE5A0075ED33B0
Determination: GOOD
C:\Programmi\File comuni\Funk Software\odCert_M.dll
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
PX5: 4BB6715F418F9CB850F405BE0956C300EE773D94
Determination: GOOD
C:\Programmi\Funk Software\Funk Client\odServiceDialogs.dll
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
PX5: DA4AAF8249CC5C0BF08705F36FB18600917E8019
Determination: GOOD
C:\Programmi\File comuni\Funk Software\odLib_OSSL.dll
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
PX5: BB60843243203D95307D0DDAAD7ABB003B219AB3
Determination: GOOD
C:\Programmi\Funk Software\Funk Client\odSCard.dll
Loaded into: C:\Programmi\ZyXEL\G360\OdHost.exe
PX5: 6B2D7A83001566B7006C04955C701200034266AD
Determination: GOOD
C:\Programmi\File comuni\Ahead\Lib\NMLogCxx.dll
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
PX5: B940B329288F34BE151F01D066260300C1C11A39
Determination: GOOD
C:\Programmi\File comuni\Ahead\Lib\log4cxx.dll
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
PX5: 70A560F22863ADCA55E50B079CC3E300176AB7C7
Determination: GOOD
C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
PX5: 05E801EB28CC2B5B858512ACBB81CF007A262A9B
Determination: GOOD
C:\Programmi\File comuni\Ahead\Lib\NMSQLDB.dll
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
PX5: B0FACEC1285416CFE5770445CC0474003C4D8278
Determination: GOOD
C:\Programmi\File comuni\Ahead\Lib\NMCoFoundation.dll
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
PX5: 452BA08F288690B64503087BCD97B6006A35C298
Determination: GOOD
C:\Programmi\File comuni\Ahead\Lib\NMPluginBase.dll
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
PX5: 8F6D5B7528D80724A5010109B391D2002B8CBA1D
Determination: GOOD
C:\Programmi\File comuni\Ahead\Lib\NMFullTextExtraction.dll
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
PX5: 88426051287CCD6FC53902828232D4005FD9D3D6
Determination: GOOD
C:\WINDOWS\system32\query.dll
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
PX5: 59992EC9006A16C8F61E15C90EE99300407430BB
Determination: GOOD
C:\Programmi\File comuni\Ahead\Lib\NMSearchPluginSimilarImages.dll
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
PX5: 2CC7E770285EC095C5AF02A8497CAE000EFE4C11
Determination: GOOD
C:\Programmi\File comuni\Ahead\Lib\NeroIPP.dll
Loaded into: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
PX5: AFCD552628DAA283857733EDCD3F3E004ED8EF65
Determination: GOOD
C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
PX5: A36EE43900E6E09B3694008A88863A00DD6FF528
Determination: GOOD
C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded from: \REGISTRY\Machine\Software\Classes\ftp\shell\open\command\(default) "C:\Programmi\Internet Explorer\IEXPLORE.EXE" %1
PX5: 5837E91D00EC74268A6309D18D418F004FABE3E1
Determination: GOOD
C:\WINDOWS\system32\IEUI.dll
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: D0F6CF36001F9714C22802861E743B00CD0093F8
Determination: GOOD
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: EEECA2A200AE193420E61AFE5130B8009DDBAA0F
Determination: GOOD
C:\WINDOWS\system32\xmllite.dll
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: DBDBF6F300FC6405DCA0019FAEEF2800153F1E93
Determination: GOOD
C:\WINDOWS\system32\msimtf.dll
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 84310A0800BF02296E1202C6BE073C009D305F2B
Determination: GOOD
C:\Programmi\Internet Explorer\ieproxy.dll
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 34FDA5BC00E33FFA64210444AC259B00288399D3
Determination: GOOD
C:\WINDOWS\system32\MSVCR71.dll
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 3FEE1145002F2EB8504E05ED76DA9100776D97E7
MD5: 86f1895ae8c5e8b17d99ece768a70732
Determination: GOOD
C:\Programmi\Canon\Easy-WebPrint\EWPCore.dll
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: E9BBB3A700E1842BFA2400173088EA0057467C63
Determination: GOOD
C:\WINDOWS\system32\MSVCP71.dll
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: F133D4F000B92F08A0E107FD67B66E0015498C05
MD5: 561fa2abb31dfa8fab762145f81667c2
Determination: GOOD
C:\WINDOWS\system32\mshtml.dll
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 4CB848A6009653E6B2F636C70E22630096E8F4A3
Determination: GOOD
C:\WINDOWS\system32\msls31.dll
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 06578F3600BE0A1C62E3026806CB9A00A1DAF899
Determination: GOOD
C:\WINDOWS\system32\ieapfltr.dll
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: D158AA4F00D45015DA0405BA0AC2BD0033DC9DF2
Determination: GOOD
C:\WINDOWS\system32\jscript.dll
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: FA885F76005A710A80BB072BB1453100D393DD16
Determination: GOOD
C:\WINDOWS\system32\Dxtrans.dll
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: C883626D00AB836C464D030787FF9C0018C28255
Determination: GOOD
C:\WINDOWS\system32\ddrawex.dll
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 21C24AAB00CCE7946A9500C9FC9A0600C816EBD1
Determination: GOOD
C:\WINDOWS\system32\DDRAW.dll
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 4E606A3E004BFD1E107104ECA94E4700B2873B8F
Determination: GOOD
C:\WINDOWS\system32\DCIMAN32.dll
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 256E9CF3007B0060223C00722D6B1100E50006BD
Determination: GOOD
C:\WINDOWS\system32\Dxtmsft.dll
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: D81C676A0002CE944A5605DFFBEB3600D59313BD
Determination: GOOD
C:\WINDOWS\system32\IMGUTIL.DLL
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: CAF7E19500E00DD38E9300C38F63CD008472484B
Determination: GOOD
C:\WINDOWS\system32\pngfilt.dll
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: DD996BD000B62F17AE70009830B2BD0048905DC3
Determination: GOOD
C:\WINDOWS\system32\mshtmled.dll
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: E3B0A39E005856A74ABC073AEAB14100E8848C5D
Determination: GOOD
C:\WINDOWS\system32\USP10.dll
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 6CE757A3000138D5346106B2255A2400746F4EDC
Determination: GOOD
C:\WINDOWS\system32\vbscript.dll
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 701EA96400A441615057067848F52A0073789F12
Determination: GOOD
C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: AC7D9039E8DC159C982F2272AE11B50008E4D442
Determination: GOOD
C:\WINDOWS\system32\MSRATING.dll
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 2CF5DAC700B2C4D1F29E029191DDE1003315FF85
Determination: GOOD
C:\WINDOWS\system32\iepeers.dll
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 203CA2AC005F4E41EC6702AB4F31CE001E77FBDD
Determination: GOOD
C:\WINDOWS\system32\wuapi.dll
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: CDD35EBA58DB0AE863FB08B33BD0060031EAFA5A
Determination: GOOD
C:\Documents and Settings\Amministratore\Desktop\gmer.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\gmer.exe
PX5: 72FF4713003F55FAE08E0806436EB300BA0F5943
Determination: GOOD
C:\WINDOWS\gmer.dll
Loaded into: C:\Documents and Settings\Amministratore\Desktop\gmer.exe
PX5: F0C918D83FF21742F072081E53B72400AB278D28
Determination: GOOD
C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe
PX5: 6528E2C9003728EF18B0099A16B85900B0B1EFD5
Determination: GOOD
C:\WINDOWS\system32\Wship6.dll
Loaded into: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe
PX5: 71346A8900739CB63800009B5C3ADC00C45ECF37
Determination: GOOD
C:\WINDOWS\system32\mshta.exe
Loaded from: \REGISTRY\Machine\Software\Classes\htafile\shell\open\command\(default) C:\WINDOWS\system32\mshta.exe "%1" %*
PX5: 718367AA002A4EB4B2EB00A2C177ED00FAF63606
Determination: GOOD
C:\WINDOWS\System32\WScript.exe
Loaded from: \REGISTRY\Machine\Software\Classes\VBSFile\shell\open\command\(default) %SystemRoot%\System32\WScript.exe "%1" %*
Loaded from: \REGISTRY\Machine\Software\Classes\VBEFile\shell\open\command\(default) %SystemRoot%\System32\WScript.exe "%1" %*
Loaded from: \REGISTRY\Machine\Software\Classes\WSHFile\shell\open\command\(default) %SystemRoot%\System32\WScript.exe "%1" %*
Loaded from: \REGISTRY\Machine\Software\Classes\WSFFile\shell\open\command\(default) %SystemRoot%\System32\WScript.exe "%1" %*
Loaded from: \REGISTRY\Machine\Software\Classes\JSEFile\shell\open\command\(default) %SystemRoot%\System32\WScript.exe "%1" %*
Loaded from: \REGISTRY\Machine\Software\Classes\JSFile\shell\open\command\(default) %SystemRoot%\System32\WScript.exe "%1" %*
PX5: 4850A70600D60426C0410166FCF6E000B918B6A5
Determination: GOOD
C:\Programmi\Winamp\winamp.exe
Loaded from: \REGISTRY\Machine\Software\Classes\Winamp.PlayList\shell\open\command\(default) "C:\Programmi\Winamp\winamp.exe" "%1"
PX5: 33A69BFB0000ADBE16EC138FC0560300B5CEB17B
Determination: GOOD
C:\WINDOWS\system32\mmc.exe
Loaded from: \REGISTRY\Machine\Software\Classes\MSCFile\shell\open\command\(default) %SystemRoot%\system32\mmc.exe "%1" %*
PX5: C6EB514E00915CDD74820CD0EB0CF8007694B8C8
Determination: GOOD
C:\Programmi\Outlook Express\msimn.exe
Loaded from: \REGISTRY\Machine\Software\Classes\mailto\shell\open\command\(default) "%ProgramFiles%\Outlook Express\msimn.exe" /mailurl:%1
PX5: C590CE8500B66EAEEC1A000D7D657F00AB8E0704
Determination: GOOD
C:\Programmi\Nero\Nero 7\Nero CoverDesigner\CoverDes.exe
Loaded from: \REGISTRY\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\NCoverEd.exe
PX5: BC7925E828D307BEA5DF573F7DD82000F325D9DE
Determination: GOOD
C:\WINDOWS\system32\mspaint.exe
Loaded from: \REGISTRY\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\pbrush.exe
PX5: 54E6440A00AD5EE848D205207C533200AE1C47A1
Determination: GOOD
C:\Programmi\WinZip\winzip32.exe
Loaded from: \REGISTRY\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\winzip.exe
PX5: 18DDA7E16060E158856644E4E202A700F528F71C
Determination: GOOD
C:\Programmi\Windows NT\Accessori\WORDPAD.EXE
Loaded from: \REGISTRY\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WRITE.EXE
PX5: 0436849800806242546F03954F618700463565AE
Determination: GOOD
C:\WINDOWS\system32\cdplayer.exe.manifest
Loaded from: Hidden
PX5: 5A5CFF37EDF1BD0F028600B9BDAAD700A9445882
C:\WINDOWS\system32\logonui.exe.manifest
Loaded from: Hidden
PX5: 5D76C3FBE873651401E100D7C8879100E7322784
C:\WINDOWS\system32\ncpa.cpl.manifest
Loaded from: Hidden
PX5: 5A5CFF37EDF1BD0F028600B9BDAAD700A9445882
C:\WINDOWS\system32\nwc.cpl.manifest
Loaded from: Hidden
PX5: 5A5CFF37EDF1BD0F028600B9BDAAD700A9445882
C:\WINDOWS\system32\sapi.cpl.manifest
Loaded from: Hidden
PX5: 5A5CFF37EDF1BD0F028600B9BDAAD700A9445882
C:\WINDOWS\system32\WindowsLogon.manifest
Loaded from: Hidden
PX5: 5D76C3FBE873651401E100D7C8879100E7322784
C:\WINDOWS\system32\wuaucpl.cpl.manifest
Loaded from: Hidden
PX5: 5A5CFF37EDF1BD0F028600B9BDAAD700A9445882
C:\WINDOWS\bootstat.dat
Loaded from: Hidden
PX5: 6A2CB42900661368085400F446451600FBB4AE72
C:\WINDOWS\WindowsShell.Manifest
Loaded from: Hidden
PX5: 5A5CFF37EDF1BD0F028600B9BDAAD700A9445882
C:\WINDOWS\winnt.bmp
Loaded from: Hidden
PX5: 2F3CDC1D28898FD2BE5B002547F5BF00EB01FD0D
C:\WINDOWS\winnt256.bmp
Loaded from: Hidden
PX5: 2F3CDC1D28898FD2BE5B002547F5BF00EB01FD0D
C:\\boot.ini
Loaded from: Hidden
PX5: FA579938D3B0733B008700066546AF00E951082C
C:\\Bootfont.bin
Loaded from: Hidden
PX5: 0A1C64FA582ACB4013B5003887ED73004B68DC20
C:\\NTDETECT.COM
Loaded from: Hidden
PX5: B2DE3452CCDE0367B94C006CEC68B800C8CE7C78
C:\\ntldr
Loaded from: Hidden
PX5: 9A292977C08E1180D4A503BF07A84800B3031960
Results:
Known malicious programs: 0
End of PrevxCSI Log - http://www.prevx.com
Alternate Data Streams Revealer (C) Paolo Monti - Future Time S.r.l. 2006
[Info]: report started at 11/19/07 16.30.05
[Info]: OS: 5.1 build 2600 (Service Pack 2)
[Note]: Analysis started at: 16.30.08
[Note]: Scan option: "Complete: all NTFS drives"
[Note]: C:\Documents and Settings\All Users\Documenti\Immagini\Immagini campione\Thumbs.db (:encryptable:$DATA) => Size: 0 => SHA1: N/A
[Note]: C:\Documents and Settings\Amministratore\Desktop\avenger.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\ANTIVIRUS\amico.mio.exe (:�SummaryInformation:$DATA) => Size: 88 => SHA1: 09E4D3AC4F9D0FE666228A632430785F9A7D2A93
[Note]: C:\Documents and Settings\Amministratore\Desktop\ANTIVIRUS\amico.mio.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\ANTIVIRUS\amico.mio.exe (:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}:$DATA) => Size: 0 => SHA1: N/A
[Note]: C:\Documents and Settings\Amministratore\Desktop\ANTIVIRUS\amicone.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\ANTIVIRUS\it_avaspy_ca_32_it_Store_trial.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\ANTIVIRUS\it_av_ca_32_it_Store_trial.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\Assegni Familiari\SR16_ANF_DIP.pdf (:Zone.Identifier:$DATA) => Size: 26 => SHA1: ECF45C407708B09B856E4CCF0C9C002E80785226
[Note]: C:\Documents and Settings\Amministratore\Desktop\Bioshock\Bioshock.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\Collegamenti Vari\Mast SAMSUNG\One Click Firmware Upgrade Method.pdf (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\Collegamenti Vari\Mast SAMSUNG\sfdnwin.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\Collegamenti Vari\Mast SAMSUNG\SH-S162L_TS08.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\Collegamenti Vari\Mast SAMSUNG\Wininquiry.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\Fausto Coppi\Thumbs.db (:encryptable:$DATA) => Size: 0 => SHA1: N/A
[Note]: C:\Documents and Settings\Amministratore\Desktop\FOTO VARIE\Thumbs.db (:encryptable:$DATA) => Size: 0 => SHA1: N/A
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\7-10_xp32-64_ccc_lang2_53251.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\7-10_xp32_dd_53250.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\a2FreeSetup.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\aaw2007.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\ac3filter_0_70b.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\adsr.zip (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\agentenu-spellita400-100.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\agentenu400-1071.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\Alcohol120_trial_1.9.6.5429.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\ccsetup201_exe.vir (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\ccsetup202_exe.vir (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\cspy23.zip (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\eMule_AdunanzA_3-14_Installer.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\FastLogin_Setup.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\Install_Messenger.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\LS_HSI.EXE (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\LS_Update_1.10.16.1_.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\Monitor Samsung SM192V.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\mp10setup.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\Nero-7.10.1.0_ita_update.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\pd80ds.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\PrevXCSIFREE1.zip (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\spybotsd15.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\TunaticSetup.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\unlocker1.8.5.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\vlc-0.8.6c-win32.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\vso_image_resizer_setup.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\winamp55_full_emusic-7plus_it-it.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\XviD-1[1].1.3-28062007.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\Canon\b6C25ITx.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\Canon\B7600ITx.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\Canon\B7601ITx.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\Canon\EWP_IT_264_Setup.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\Canon\iP3000_PUG_IT.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\Canon\winzip111.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe.sig (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\PREVXCSIFREE.EXE (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PULIZIA\EliBaglA.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PULIZIA\gmer.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PULIZIA\CloneSpy\CloneSpy.chm (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PULIZIA\CloneSpy\CloneSpy.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PULIZIA\CloneSpy\File_id.diz (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\PULIZIA\CloneSpy\Readme.txt (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\TELECOM - FASTWEB\Abbonamento Sky Calcio_offline.pdf (:Zone.Identifier:$DATA) => Size: 26 => SHA1: ECF45C407708B09B856E4CCF0C9C002E80785226
[Note]: C:\Documents and Settings\Amministratore\Desktop\TELECOM - FASTWEB\AliceMail.txt (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Desktop\TELECOM - FASTWEB\ATT00006.txt (:Zone.Identifier:$DATA) => Size: 26 => SHA1: ECF45C407708B09B856E4CCF0C9C002E80785226
[Note]: C:\Documents and Settings\Amministratore\Desktop\TELECOM - FASTWEB\ATT00015.txt (:Zone.Identifier:$DATA) => Size: 26 => SHA1: ECF45C407708B09B856E4CCF0C9C002E80785226
[Note]: C:\Documents and Settings\Amministratore\Desktop\TELECOM - FASTWEB\Fattura.pdf (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Documenti\13102007034.jpg (:Zone.Identifier:$DATA) => Size: 26 => SHA1: ECF45C407708B09B856E4CCF0C9C002E80785226
[Note]: C:\Documents and Settings\Amministratore\Documenti\gmer.zip (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Documenti\L08.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Documents and Settings\Amministratore\Documenti\NAV081500IT.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: C:\Programmi\AdunanzA\Incoming\Thumbs.db (:encryptable:$DATA) => Size: 0 => SHA1: N/A
[Note]: C:\Programmi\Raxco\PerfectDisk\Images\Thumbs.db (:encryptable:$DATA) => Size: 0 => SHA1: N/A
[Note]: C:\Programmi\Ubisoft\Tom Clancy's Splinter Cell Chaos Theory\Versus\System\EditorRes\Thumbs.db (:encryptable:$DATA) => Size: 0 => SHA1: N/A
[Note]: C:\WINDOWS\gmer.exe (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: F:\FILM\Blu Notte 2003-01-05 - Strage Di Ustica.mpg (:�SummaryInformation:$DATA) => Size: 88 => SHA1: 09E4D3AC4F9D0FE666228A632430785F9A7D2A93
[Note]: F:\FILM\Blu Notte 2003-01-05 - Strage Di Ustica.mpg (:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}:$DATA) => Size: 0 => SHA1: N/A
[Note]: F:\FILM\Thumbs.db (:encryptable:$DATA) => Size: 0 => SHA1: N/A
[Note]: F:\Filmati Sportivi\Thumbs.db (:encryptable:$DATA) => Size: 0 => SHA1: N/A
[Note]: F:\Personali\21 OTTOBRE 2007\Thumbs.db (:encryptable:$DATA) => Size: 0 => SHA1: N/A
[Note]: F:\Personali\Battesimo Matteo\Thumbs.db (:encryptable:$DATA) => Size: 0 => SHA1: N/A
[Note]: F:\Personali\Compleanno Matteo 07 02 07\DSCN4135.JPG (:Zone.Identifier:$DATA) => Size: 26 => SHA1: ECF45C407708B09B856E4CCF0C9C002E80785226
[Note]: F:\Personali\Compleanno Matteo 07 02 07\DSCN4137.JPG (:Zone.Identifier:$DATA) => Size: 26 => SHA1: ECF45C407708B09B856E4CCF0C9C002E80785226
[Note]: F:\Personali\Compleanno Matteo 07 02 07\DSCN4140.JPG (:Zone.Identifier:$DATA) => Size: 26 => SHA1: ECF45C407708B09B856E4CCF0C9C002E80785226
[Note]: F:\Personali\Compleanno Matteo 07 02 07\Thumbs.db (:encryptable:$DATA) => Size: 0 => SHA1: N/A
[Note]: F:\Personali\Compleanno Peppe 01-08-2005\Thumbs.db (:encryptable:$DATA) => Size: 0 => SHA1: N/A
[Note]: F:\Personali\FOTO\Thumbs.db (:encryptable:$DATA) => Size: 0 => SHA1: N/A
[Note]: F:\Personali\FOTO\101MSDCF\Thumbs.db (:encryptable:$DATA) => Size: 0 => SHA1: N/A
[Note]: F:\Personali\Foto 2\Thumbs.db (:encryptable:$DATA) => Size: 0 => SHA1: N/A
[Note]: F:\Personali\Foto 2\Lampedusa\Thumbs.db (:encryptable:$DATA) => Size: 0 => SHA1: N/A
[Note]: F:\Personali\Foto Montagna\04012006.jpg (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: F:\Personali\Foto Montagna\05012006(006).jpg (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: F:\Personali\Foto Montagna\05012006(007).jpg (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: F:\Personali\Foto Montagna\10012006(005).jpg (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: F:\Personali\Foto Montagna\27012006(001).jpg (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: F:\Personali\Foto Montagna\27012006(002).jpg (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: F:\Personali\Foto Montagna\27012006(003).jpg (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: F:\Personali\Foto Montagna\27012006(007).jpg (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: F:\Personali\Foto Montagna\27012006(008).jpg (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: F:\Personali\Foto Montagna\Thumbs.db (:encryptable:$DATA) => Size: 0 => SHA1: N/A
[Note]: F:\Personali\Fotografie\Thumbs.db (:encryptable:$DATA) => Size: 0 => SHA1: N/A
[Note]: F:\Personali\Fotografie\Annalisa foto\16092006(001).jpg (:Zone.Identifier:$DATA) => Size: 26 => SHA1: ECF45C407708B09B856E4CCF0C9C002E80785226
[Note]: F:\Personali\Fotografie\Annalisa foto\16092006(003).jpg (:Zone.Identifier:$DATA) => Size: 26 => SHA1: ECF45C407708B09B856E4CCF0C9C002E80785226
[Note]: F:\Personali\Fotografie\Annalisa foto\16092006(005).jpg (:Zone.Identifier:$DATA) => Size: 26 => SHA1: ECF45C407708B09B856E4CCF0C9C002E80785226
[Note]: F:\Personali\Fotografie\Annalisa foto\16092006.jpg (:Zone.Identifier:$DATA) => Size: 26 => SHA1: ECF45C407708B09B856E4CCF0C9C002E80785226
[Note]: F:\Personali\Fotografie\Annalisa foto\20060923_0440.JPG (:Zone.Identifier:$DATA) => Size: 26 => SHA1: ECF45C407708B09B856E4CCF0C9C002E80785226
[Note]: F:\Personali\Fotografie\Annalisa foto\20060923_0444.JPG (:Zone.Identifier:$DATA) => Size: 26 => SHA1: ECF45C407708B09B856E4CCF0C9C002E80785226
[Note]: F:\Personali\Fotografie\Annalisa foto\foto betta.jpg (:Zone.Identifier:$DATA) => Size: 26 => SHA1: ECF45C407708B09B856E4CCF0C9C002E80785226
[Note]: F:\Personali\Fotografie\Annalisa foto\Thumbs.db (:encryptable:$DATA) => Size: 0 => SHA1: N/A
[Note]: F:\Personali\Matteo\02042006.3gp (:Zone.Identifier:$DATA) => Size: 26 => SHA1: ECF45C407708B09B856E4CCF0C9C002E80785226
[Note]: F:\Personali\Matteo\08042006(002).jpg (:Zone.Identifier:$DATA) => Size: 26 => SHA1: ECF45C407708B09B856E4CCF0C9C002E80785226
[Note]: F:\Personali\Matteo\12042006.3gp (:Zone.Identifier:$DATA) => Size: 26 => SHA1: ECF45C407708B09B856E4CCF0C9C002E80785226
[Note]: F:\Personali\Matteo\matteo1.3gp (:Zone.Identifier:$DATA) => Size: 26 => SHA1: ECF45C407708B09B856E4CCF0C9C002E80785226
[Note]: F:\Personali\Matteo\matteo2.3gp (:Zone.Identifier:$DATA) => Size: 26 => SHA1: ECF45C407708B09B856E4CCF0C9C002E80785226
[Note]: F:\Personali\Matteo\Thumbs.db (:encryptable:$DATA) => Size: 0 => SHA1: N/A
[Note]: G:\Alex Baroni - Semplicemente\Thumbs.db (:encryptable:$DATA) => Size: 0 => SHA1: N/A
[Note]: G:\Immagini CD\Incognito - Eleven (Back).jpg (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: G:\Immagini CD\Incognito - Eleven (Front).jpg (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: G:\Immagini CD\Thumbs.db (:encryptable:$DATA) => Size: 0 => SHA1: N/A
[Note]: G:\Immagini CD\Cover - Mina\Thumbs.db (:encryptable:$DATA) => Size: 0 => SHA1: N/A
[Note]: G:\Immagini CD\Dall'altra parte del cancello\Thumbs.db (:encryptable:$DATA) => Size: 0 => SHA1: N/A
[Note]: G:\Musica condivisa\Roberto_Benigni - l'Inno Del Corpo Sciolto.mp3 (:Zone.Identifier:$DATA) => Size: 26 => SHA1: D59FC84CDD5217C6CF74785703655F78DA6B582B
[Note]: G:\Musica condivisa\Thumbs.db (:encryptable:$DATA) => Size: 0 => SHA1: N/A
[Note]: G:\Supertramp\Thumbs.db (:encryptable:$DATA) => Size: 0 => SHA1: N/A
[Note]: G:\Supertramp - Breakfast In America-The Pirate Bay-\Thumbs.db (:encryptable:$DATA) => Size: 0 => SHA1: N/A
[Note]: Analysis finished. Elapsed time (hh:mm:ss): 00:01:04. Files checked: 51553
[Note]: Stream G:\Supertramp - Breakfast In America-The Pirate Bay-\Thumbs.db:encryptable:$DATA deleted successfully.
[Note]: Stream G:\Supertramp\Thumbs.db:encryptable:$DATA deleted successfully.
[Note]: Stream G:\Musica condivisa\Thumbs.db:encryptable:$DATA deleted successfully.
[Note]: Stream G:\Musica condivisa\Roberto_Benigni - l'Inno Del Corpo Sciolto.mp3:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream G:\Immagini CD\Dall'altra parte del cancello\Thumbs.db:encryptable:$DATA deleted successfully.
[Note]: Stream G:\Immagini CD\Cover - Mina\Thumbs.db:encryptable:$DATA deleted successfully.
[Note]: Stream G:\Immagini CD\Thumbs.db:encryptable:$DATA deleted successfully.
[Note]: Stream G:\Alex Baroni - Semplicemente\Thumbs.db:encryptable:$DATA deleted successfully.
[Note]: Stream F:\Personali\Matteo\Thumbs.db:encryptable:$DATA deleted successfully.
[Note]: Stream F:\Personali\Matteo\matteo2.3gp:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream F:\Personali\Matteo\matteo1.3gp:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream F:\Personali\Matteo\12042006.3gp:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream F:\Personali\Matteo\02042006.3gp:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream F:\Personali\Fotografie\Annalisa foto\Thumbs.db:encryptable:$DATA deleted successfully.
[Note]: Stream F:\Personali\Fotografie\Annalisa foto\foto betta.jpg:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream F:\Personali\Fotografie\Annalisa foto\20060923_0444.JPG:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream F:\Personali\Fotografie\Annalisa foto\20060923_0440.JPG:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream F:\Personali\Fotografie\Annalisa foto\16092006.jpg:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream F:\Personali\Fotografie\Thumbs.db:encryptable:$DATA deleted successfully.
[Note]: Stream F:\Personali\Foto Montagna\Thumbs.db:encryptable:$DATA deleted successfully.
[Note]: Stream F:\Personali\Foto Montagna\04012006.jpg:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream F:\Personali\Foto 2\Lampedusa\Thumbs.db:encryptable:$DATA deleted successfully.
[Note]: Stream F:\Personali\Foto 2\Thumbs.db:encryptable:$DATA deleted successfully.
[Note]: Stream F:\Personali\FOTO\101MSDCF\Thumbs.db:encryptable:$DATA deleted successfully.
[Note]: Stream F:\Personali\FOTO\Thumbs.db:encryptable:$DATA deleted successfully.
[Note]: Stream F:\Personali\Compleanno Peppe 01-08-2005\Thumbs.db:encryptable:$DATA deleted successfully.
[Note]: Stream F:\Personali\Compleanno Matteo 07 02 07\Thumbs.db:encryptable:$DATA deleted successfully.
[Note]: Stream F:\Personali\Compleanno Matteo 07 02 07\DSCN4140.JPG:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream F:\Personali\Compleanno Matteo 07 02 07\DSCN4137.JPG:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream F:\Personali\Compleanno Matteo 07 02 07\DSCN4135.JPG:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream F:\Personali\Battesimo Matteo\Thumbs.db:encryptable:$DATA deleted successfully.
[Note]: Stream F:\Personali\21 OTTOBRE 2007\Thumbs.db:encryptable:$DATA deleted successfully.
[Note]: Stream F:\Filmati Sportivi\Thumbs.db:encryptable:$DATA deleted successfully.
[Note]: Stream F:\FILM\Thumbs.db:encryptable:$DATA deleted successfully.
[Note]: Stream F:\FILM\Blu Notte 2003-01-05 - Strage Di Ustica.mpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}:$DATA deleted successfully.
[Note]: Stream F:\FILM\Blu Notte 2003-01-05 - Strage Di Ustica.mpg:�SummaryInformation:$DATA deleted successfully.
[Note]: Stream C:\WINDOWS\gmer.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Programmi\Ubisoft\Tom Clancy's Splinter Cell Chaos Theory\Versus\System\EditorRes\Thumbs.db:encryptable:$DATA deleted successfully.
[Note]: Stream C:\Programmi\Raxco\PerfectDisk\Images\Thumbs.db:encryptable:$DATA deleted successfully.
[Note]: Stream C:\Programmi\AdunanzA\Incoming\Thumbs.db:encryptable:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Documenti\NAV081500IT.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Documenti\L08.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Documenti\gmer.zip:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Documenti\13102007034.jpg:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\TELECOM - FASTWEB\Fattura.pdf:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\TELECOM - FASTWEB\ATT00015.txt:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\TELECOM - FASTWEB\ATT00006.txt:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\TELECOM - FASTWEB\AliceMail.txt:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\TELECOM - FASTWEB\Abbonamento Sky Calcio_offline.pdf:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PULIZIA\CloneSpy\Readme.txt:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PULIZIA\CloneSpy\File_id.diz:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PULIZIA\CloneSpy\CloneSpy.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PULIZIA\CloneSpy\CloneSpy.chm:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PULIZIA\gmer.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PULIZIA\EliBaglA.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\PREVXCSIFREE.EXE:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe.sig:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI PER RIPULIRE\ADSR.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\Canon\winzip111.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\Canon\iP3000_PUG_IT.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\Canon\EWP_IT_264_Setup.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\Canon\B7601ITx.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\Canon\B7600ITx.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\Canon\b6C25ITx.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\XviD-1[1].1.3-28062007.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\winamp55_full_emusic-7plus_it-it.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\vso_image_resizer_setup.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\vlc-0.8.6c-win32.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\unlocker1.8.5.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\TunaticSetup.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\spybotsd15.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\PrevXCSIFREE1.zip:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\pd80ds.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\Nero-7.10.1.0_ita_update.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\mp10setup.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\Monitor Samsung SM192V.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\LS_Update_1.10.16.1_.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\LS_HSI.EXE:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\Install_Messenger.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\FastLogin_Setup.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\eMule_AdunanzA_3-14_Installer.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\cspy23.zip:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\ccsetup202_exe.vir:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\ccsetup201_exe.vir:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\Alcohol120_trial_1.9.6.5429.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\agentenu400-1071.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\agentenu-spellita400-100.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\adsr.zip:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\ac3filter_0_70b.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\aaw2007.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\a2FreeSetup.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\7-10_xp32_dd_53250.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\PROGRAMMI\7-10_xp32-64_ccc_lang2_53251.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\FOTO VARIE\Thumbs.db:encryptable:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\Fausto Coppi\Thumbs.db:encryptable:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\Collegamenti Vari\Mast SAMSUNG\Wininquiry.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\Collegamenti Vari\Mast SAMSUNG\SH-S162L_TS08.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\Collegamenti Vari\Mast SAMSUNG\sfdnwin.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\Collegamenti Vari\Mast SAMSUNG\One Click Firmware Upgrade Method.pdf:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\Bioshock\Bioshock.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\Assegni Familiari\SR16_ANF_DIP.pdf:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\ANTIVIRUS\it_av_ca_32_it_Store_trial.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\ANTIVIRUS\it_avaspy_ca_32_it_Store_trial.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\ANTIVIRUS\amicone.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\ANTIVIRUS\amico.mio.exe:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\ANTIVIRUS\amico.mio.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\ANTIVIRUS\amico.mio.exe:�SummaryInformation:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\Amministratore\Desktop\avenger.exe:Zone.Identifier:$DATA deleted successfully.
[Note]: Stream C:\Documents and Settings\All Users\Documenti\Immagini\Immagini campione\Thumbs.db:encryptable:$DATA deleted successfully.
a-squared Free - Version 3.0
Last update: 19/11/2007 15.49.36
Impostazioni scansione:
Oggetti: Memoria, Tracce, Cookies, C:\, F:\, G:\, K:\
Archivio scansioni: On
Scientifico: On
ADS Scan: On
Scansione avviata: 19/11/2007 16.07.05
C:\Documents and Settings\Amministratore\Cookies\amministratore@atdmt[1].txt rilevati: Trace.TrackingCookie
F:\System Volume Information\_restore{C73B9D16-D7FF-48DC-A67F-1A3E2392FB8D}\RP667\A0749660.exe rilevati: Adware.Win32.Dm.v
Scansionati
Files: 94941
Tracce: 336529
Cookies: 44
Processi: 42
Rilevato
Files: 1
Tracce: 0
Cookies: 1
Processi: 0
Chiavi registro: 0
Fine scansione: 19/11/2007 16.55.02
Tempo scansione: 0.47.57
ciccibomber
19-11-2007, 16:47
Report BitDefender......nulla.
E meno male. No, scherzo, volevo dire che sarebbe meglio se tu usassi la funzione gestisci allegati. :D
Sarebbe utile un nuovo log di HJT. Inoltre prova ad installare Avira Antivir e dicci se ci sono ancora problemi ad installarlo.
ciccibomber
19-11-2007, 17:12
E meno male. No, scherzo, volevo dire che sarebbe meglio se tu usassi la funzione gestisci allegati. :D
NUZZZZ ma che palllll.....:D ;) .....non so perche' ma non mi fa allegare i file....dice file invalido.
Allora caricali su www.zshare.net e metti qui il link.
ciccibomber
19-11-2007, 17:39
Allora caricali su www.zshare.net e metti qui il link.
Siiiiiiii ce l'ho fatta, sono riuscito ad installare Antivir, anche se non capisco cosa possa essere cambiato rispetto a prima.
Forse quei fix che mi consigliato Riverside?
Sono anche riuscito a caricare l'ultimo log di HTHIS ( dopo averlo rinominato, ecco perche' non mi si attaccava prima).
xcdegasp
19-11-2007, 17:41
allora abbiamo fatto pulizia:
F:\System Volume Information\_restore{C73B9D16-D7FF-48DC-A67F-1A3E2392FB8D}\RP667\A0749660.exe rilevati: Adware.Win32.Dm.v
a-squared lo ha rimosso, quindi ora dovresti essere sufficentemente a posto... manca la scansione di Prevx CSI .
grazie per la collaborazione :)
La scansione di PREVX CSI è al #22 e non ha trovato infezioni.:D
ciccibomber
19-11-2007, 17:50
grazie per la collaborazione :)
Grazie a tutti voi ;) ;)
Riverside
19-11-2007, 18:34
allora abbiamo fatto pulizia: a-squared lo ha rimosso
Deg, in C: Asquared ha rimosso, semplicemente, 45 cookies;
C:\Documents and Settings\Amministratore\Cookies\amministratore@atdmt[1].txt
Rilevati: Trace.TrackingCookie
F:\System Volume Information\_restore{C73B9D16-D7FF-48DC-A67F-1A3E2392FB8D}\RP667\A0749660.exe
rilevati: Adware.Win32.Dm.v
Mia pare strano che un Win32 piazzato in F:\ impedisca l’installazione di un antivirus.
ce l'ho fatta, sono riuscito ad installare Antivir, anche se non capisco cosa possa essere cambiato rispetto a prima.
Il fatto che, molto probabilmente, BitDefender ha rimosso ciò che ti impediva di installare l’antivirus.
Non ti avevo chiesto di allegare il Report per niente.
In ogni caso, pare, problema risolto.
ciccibomber
19-11-2007, 19:25
Mi pare strano che un Win32 piazzato in F:\ impedisca l’installazione di un antivirus.
Anche a me.
Il fatto che, molto probabilmente, BitDefender ha rimosso ciò che ti impediva di installare l’antivirus.
Non ti avevo chiesto di allegare il Report per niente.
In ogni caso, pare, problema risolto.
Mah....BitDefender non puo' rimuovere cio' che non trova.
Non so...speriamo sia risolto.
Ciao e grazie ancora per la pazienza.
xcdegasp
19-11-2007, 22:26
sicuramente quel file prima era attivo o è stato quel file a scatenare l'infezione :D
vBulletin® v3.6.4, Copyright ©2000-2025, Jelsoft Enterprises Ltd.