Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

Bagle 10

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

Messaggioda garrincha » sab gen 19, 2008 11:42 am

Salve anche a me ha colpito bag, cosa devo fare?
GOLDRAKE
Avatar utente
garrincha
Neo Iscritto
Neo Iscritto
 
Messaggi: 2
Iscritto il: sab gen 19, 2008 11:14 am

Messaggioda garrincha » sab gen 19, 2008 11:45 am

Sono di nuovo io, va bene lo steso un log ricavato con prevx anziche' kasperskY?

LOg file:

Prevx CSI
Computer Security Investigator Output Log
System analyzed at: 11:02:44 01/19/08

C:\WINDOWS\System32\smss.exe
Loaded into: C:\WINDOWS\System32\smss.exe
PX5: EAEF384300B86E2BC60900AD18ED0300B6B454BF
MD5: 036fc522ac5784ebf03c1f85e93415e7
Determination: GOOD

C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\System32\smss.exe
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
Loaded into: C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\HPQ\shared\hpqwmi.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\Programmi\eMule\emule.exe
Loaded into: F:\Utility\PREVXCSIFREE.EXE
PX5: 98EF83350066C70122B20B444BEBEA00D217A1B2
MD5: 75a0aecc55a3f0b9e2d54119fa4aab6d
Determination: GOOD

C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Session Manager\SubSystems\Windows %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
PX5: 457E08CD00DE83E3183600665DD0AE001F0FA82A
MD5: 2b511a5438308a1ac8d48482279810e6
Determination: GOOD

C:\WINDOWS\system32\CSRSRV.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
PX5: 672F934100D50DA280D100335AB03A0006C3D206
MD5: 4ba2dbac6357b3b9d89c53823afe15c5
Determination: GOOD

C:\WINDOWS\system32\basesrv.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Session Manager\SubSystems\Windows %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
PX5: CDE7154D0060E2E4CE1D00F8B4D58500AEAC4112
MD5: 7b37b598b55bf80415c15bffe7a992a2
Determination: GOOD

C:\WINDOWS\system32\winsrv.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
PX5: EA125ACC0017E3527A0804FB6E773E00D0D2275E
MD5: a372e3e086a11a01cfca3b8dccbfcb50
Determination: GOOD

C:\WINDOWS\system32\GDI32.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
Loaded into: C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\HPQ\shared\hpqwmi.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\Programmi\eMule\emule.exe
Loaded into: F:\Utility\PREVXCSIFREE.EXE
PX5: E0AE989400FE60C04EE004B2BF0AC40001B8B70F
MD5: 82d7de4df9b7ff8d8b9aefc48f2f3be5
Determination: GOOD

C:\WINDOWS\system32\KERNEL32.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
Loaded into: C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\HPQ\shared\hpqwmi.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\Programmi\eMule\emule.exe
Loaded into: F:\Utility\PREVXCSIFREE.EXE
PX5: 0AD652AA00FC1D0CB2930F5593CD84005E517D9A
MD5: eb1428078e1d10fdec060857aa526a9f
Determination: GOOD

C:\WINDOWS\system32\USER32.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
Loaded into: C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\HPQ\shared\hpqwmi.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\Programmi\eMule\emule.exe
Loaded into: F:\Utility\PREVXCSIFREE.EXE
PX5: D423C40D007DC87CD48F089CF302B800036F5CB9
MD5: 9daa2190a18739b657b58f794acf2e47
Determination: GOOD

C:\WINDOWS\system32\sxs.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\HPQ\shared\hpqwmi.exe
PX5: F6867B260073AE3BE8420A9D4CB88200ED96EA53
MD5: 1f0124663855af228233f43021400f72
Determination: GOOD

C:\WINDOWS\system32\ADVAPI32.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
Loaded into: C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\HPQ\shared\hpqwmi.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\Programmi\eMule\emule.exe
Loaded into: F:\Utility\PREVXCSIFREE.EXE
PX5: DA31EA390036C3916C5C0A395DA4E3007CA4EABA
MD5: 09bb0a2c325f7085e24fae6134de2d16
Determination: GOOD

C:\WINDOWS\system32\RPCRT4.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
Loaded into: C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\HPQ\shared\hpqwmi.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\Programmi\eMule\emule.exe
Loaded into: F:\Utility\PREVXCSIFREE.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols\ncacn_np rpcrt4.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols\ncacn_ip_tcp rpcrt4.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols\ncadg_ip_udp rpcrt4.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols\ncacn_http rpcrt4.dll
PX5: D30BFA4500E11CC3EA0408EA8337540073B46F29
MD5: 22413a53995e0a23915a6433bfb90563
Determination: GOOD

C:\WINDOWS\system32\Secur32.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
Loaded into: C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\HPQ\shared\hpqwmi.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\Programmi\eMule\emule.exe
Loaded into: F:\Utility\PREVXCSIFREE.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService secur32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService\10 secur32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService\16 secur32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService secur32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService\18 secur32.dll
PX5: 2226211D005B7868DA45009E23898E00149E78C6
MD5: 8285b8b146b42ff18ed08c558435011e
Determination: GOOD

C:\WINDOWS\system32\Apphelp.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\Programmi\eMule\emule.exe
Loaded into: F:\Utility\PREVXCSIFREE.EXE
PX5: 2E534C590076A85BF05D01EC9E4FFB0089A4554F
MD5: 086da77c3c612759d4ef437f67532e2d
Determination: GOOD

C:\WINDOWS\system32\VERSION.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\HPQ\shared\hpqwmi.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\Programmi\eMule\emule.exe
PX5: 17E09890009DDCC84AAD00E153CBBA0071FD3882
MD5: 9b5a59851d9a237c86210e07e2195a12
Determination: GOOD

C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\winlogon.exe
PX5: D0D54E6C00E89575B4CC07CFE43BE400C1F31A26
MD5: 4166454e2bcfcc20d1b8a5ac9feab243
Determination: GOOD

C:\WINDOWS\system32\AUTHZ.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 869C1EE500523D0FDE60003D7F38BD0038C5A93D
MD5: ac3257b2e441866289d7eb8377490765
Determination: GOOD

C:\WINDOWS\system32\msvcrt.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
Loaded into: C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\HPQ\shared\hpqwmi.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\Programmi\eMule\emule.exe
Loaded into: F:\Utility\PREVXCSIFREE.EXE
PX5: EAD3CF360087D2AD3C120509FE506F008FB88290
MD5: 9e6cb81be111b9935f6a97c367cabd4e
Determination: GOOD

C:\WINDOWS\system32\CRYPT32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\Programmi\eMule\emule.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain\DllName crypt32.dll
PX5: DD3ED9060033BBFB2E83098709F8D4001E524429
MD5: 5588d8afd51d060f82315c50d7590323
Determination: GOOD

C:\WINDOWS\system32\MSASN1.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\Programmi\eMule\emule.exe
PX5: 09F301D4001F77D2E0150027945354004927323C
MD5: 0a75ac7d90bd8e6bc942dba004579d5b
Determination: GOOD

C:\WINDOWS\system32\NDdeApi.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
PX5: 8E19EB1100E774A0488300C192BED30080B1D3E4
MD5: 11be44f0c0978927aed7d69b75c24937
Determination: GOOD

C:\WINDOWS\system32\PROFMAP.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
PX5: 90AEB4A600D0EF596C4F00D134ACAA00BDFD0752
MD5: 0328058695d324d26528077f5b136636
Determination: GOOD

C:\WINDOWS\system32\NETAPI32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\HPQ\shared\hpqwmi.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
PX5: 0919F94300F3C16412B605F0CC86050045AA2AE7
MD5: 9003e9374ea7c1a81db51cee64c427f6
Determination: GOOD

C:\WINDOWS\system32\USERENV.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\ntdll.dll
PX5: 02BF46CD00DC848D207F0BA7D391AB00DCDEB32E
MD5: ac31ca2b251fe8057528fa937335b164
Determination: GOOD

C:\WINDOWS\system32\PSAPI.DLL
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
PX5: 5DB1DF3A00AE978A5A1800B9B5A8C30041FF3076
MD5: 2baf81b8504d9c1600c51a498e5453b3
Determination: GOOD

C:\WINDOWS\system32\REGAPI.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: BDCF1CB600ACB6D2C2EE007361942C0007606048
MD5: bb756f78728c2d953574e8652b7e86a8
Determination: GOOD

C:\WINDOWS\system32\SETUPAPI.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\Programmi\eMule\emule.exe
PX5: 085443D800EAF0FA42960F6622B8E300CB4CB91D
MD5: 6f83a7ed3217d0e612445612d1991767
Determination: GOOD

C:\WINDOWS\system32\WINSTA.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 1789B2A5005E39C8D2660086022E8500C3B9450D
MD5: de24ebecf7833a4de925d0832956f21a
Determination: GOOD

C:\WINDOWS\system32\WINTRUST.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 0D34C3E0002C3B32B2670226273B8500327F7603
MD5: 48bd2908fe77abb5ef42dd4a108600b5
Determination: GOOD

C:\WINDOWS\system32\IMAGEHLP.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 92D4CA5F00EA8A5C340F02F2506EE800E1319CFF
MD5: f309c34e0f66dac995053e91effc9002
Determination: GOOD

C:\WINDOWS\system32\WS2_32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\HPQ\shared\hpqwmi.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\Programmi\eMule\emule.exe
PX5: 42D0077300700B1344D7019D11CF0E00A225E294
MD5: 12ead983c875ed9bcc8b90e3f77f2e4a
Determination: GOOD

C:\WINDOWS\system32\WS2HELP.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\HPQ\shared\hpqwmi.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\Programmi\eMule\emule.exe
PX5: 097C6291004A18B14EEC00B4A6264D00B84611B9
MD5: 0c1f495c1761c126bc820f4de4c8b967
Determination: GOOD

C:\WINDOWS\system32\MSGINA.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 0590994000D0A8B53A390FFB32187D003143117B
MD5: 4ba6464cf0d5fe0cd0b43ae4b3b32d26
Determination: GOOD

C:\WINDOWS\system32\SHELL32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
Loaded into: C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\HPQ\shared\hpqwmi.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\Programmi\eMule\emule.exe
Loaded into: F:\Utility\PREVXCSIFREE.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\VmApplet rundll32 shell32,Control_RunDLL "sysdm.cpl"
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{AEB6717E-7E19-11d0-97EE-00C04FD91972}
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}\StubPath regsvr32.exe /s /n /i:U shell32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\PostBootReminder {7849596a-48ea-486e-8937-a2a3009f31a9}
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\CDBurn {fbeb8a05-beee-4442-804e-409d6c4515e9}
Loaded from: \REGISTRY\User\S-1-5-21-1275210071-73586283-839522115-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{0E5CBF21-D15F-11D0-8301-00AA005B4383} !.\._..... . [C." . . . . L ... . F.
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Open With\(default) {09799AFB-AD67-11d1-ABCD-00C04FC30936}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Open With EncryptionMenu\(default) {A470F8CF-A1E8-4f65-8335-227475AA5C46}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}\(default) Blocco menu Start
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu\(default) {A470F8CF-A1E8-4f65-8335-227475AA5C46}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\PropertySheetHandlers\{ef43ecfe-2ab9-4632-bf21-58909dd177f0}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\FileSystem\(default) {217FC9C0-3AEA-1069-A2DB-08002B30309D}
PX5: 215DA5830048FB3674DB81C1D671C100E9F4366E
Determination: GOOD

C:\WINDOWS\system32\SHLWAPI.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
Loaded into: C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\HPQ\shared\hpqwmi.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\Programmi\eMule\emule.exe
Loaded into: F:\Utility\PREVXCSIFREE.EXE
PX5: EA1654A3005ABB1E3E0D071F26F89E00F4769D3A
MD5: a6acb5f641e0d1d5b54447635d86556b
Determination: GOOD

C:\WINDOWS\system32\COMCTL32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
Loaded into: C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\HPQ\shared\hpqwmi.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: F:\Utility\PREVXCSIFREE.EXE
PX5: 58711F2E00E7D4E26C3A0946506D1B008DF24393
MD5: efa21a3fe23bbcfdb6f61a3af723e05a
Determination: GOOD

C:\WINDOWS\system32\ODBC32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: A52E0F9B00E1697FD015036BACB9C10078B33C67
MD5: 485b2381cf003dad79f1371fbeaacd5a
Determination: GOOD

C:\WINDOWS\system32\comdlg32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
PX5: D1079ADC002DFDB3487D042258AF1F00F0FB72E4
MD5: c99fd691acafaeeefd03f1e4e6d3dd60
Determination: GOOD

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
Loaded into: C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\HPQ\shared\hpqwmi.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\Programmi\eMule\emule.exe
Loaded into: F:\Utility\PREVXCSIFREE.EXE
PX5: 6C2DA8F700C891F6167D107D5B6FFD004BDE3FD7
MD5: 837b282813808c17e9c94e56300aa29e
Determination: GOOD

C:\WINDOWS\system32\odbcint.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 17030F830012904980B601AEBBE29A00B94ABB0D
MD5: ea88a16da0d06069c0c06ab5a4669e26
Determination: GOOD

C:\WINDOWS\system32\SHSVCS.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 593617FD0028BAC30E8502553039DB005AE5DAA4
MD5: fad73705bed0910e910de852b0f8aebc
Determination: GOOD

C:\WINDOWS\system32\sfc.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 16BA5AAF006AA18914FD002B882F7D0027109E10
MD5: e6f026dbc75b6eed7331ebf581afd4d8
Determination: GOOD

C:\WINDOWS\system32\sfc_os.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 53B4176200B3CDD628DF02558C22250086F6EE01
MD5: 1a8fdb391571077871654bc107d6db5d
Determination: GOOD

C:\WINDOWS\system32\ole32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\HPQ\shared\hpqwmi.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\Programmi\eMule\emule.exe
PX5: 85434D2700A77E169AF713D8C3B0DC00CF7A5885
MD5: d5622b6d4cd43f2223718820c0a178ad
Determination: GOOD

C:\WINDOWS\system32\WINSCARD.DLL
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 49E7BE4C00EA6409841F01CF112B5500E75D0DD5
MD5: 840535254edd74e79d059229c5a2f800
Determination: GOOD

C:\WINDOWS\system32\WTSAPI32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 1CDB8610004CDD7F48CB007245065C0097B2DD61
MD5: e2703bb7beac36269482a8d32400ad38
Determination: GOOD

C:\WINDOWS\system32\uxtheme.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
Loaded into: C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\Programmi\eMule\emule.exe
PX5: D88EDDB7006796175ABD030EC4830300244622E4
MD5: e2265dc5937e7ac7eb2deab9b744a6ad
Determination: GOOD

C:\WINDOWS\system32\WINMM.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\Programmi\eMule\emule.exe
PX5: 8B514EB5005BE141BAA3022C5AD8F400CAAEB534
MD5: 1dc87f8c450e295fb8cc5039d27292e5
Determination: GOOD

C:\WINDOWS\system32\Ati2evxx.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent\DLLName Ati2evxx.dll
PX5: 101077C600AC1D04B4950017FCB09A0005BFF882
MD5: e8b9f008e3ae5f2cbc5c537816703a49
Determination: GOOD

C:\WINDOWS\system32\rsaenh.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
Loaded into: C:\Programmi\eMule\emule.exe
PX5: 19B797A900BB112F5426027FDD39EC001D5760F1
MD5: 26acbd865f8cff730f1791c4d0854352
Determination: GOOD

C:\WINDOWS\system32\cscdll.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\Programmi\eMule\emule.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll\DLLName cscdll.dll
PX5: 36CC0D8B0009157E909D017F19231E0041E0A92E
MD5: 38c69b2bc3182a85f0b323c9d1eb7e26
Determination: GOOD

C:\WINDOWS\system32\WlNotify.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp\DLLName wlnotify.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule\DllName wlnotify.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn\DLLName WlNotify.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv\DllName wlnotify.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon\DLLName wlnotify.dll
PX5: 3C08F14B008AD1456C990109A197100002605D8A
MD5: 72e4cad810a967449caab723e99c74b1
Determination: GOOD

C:\WINDOWS\system32\WINSPOOL.DRV
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\Programmi\eMule\emule.exe
PX5: A35B6D1900D11F1D3E5102B97EFC0500E974203D
MD5: a357128eea84698dcf3ed33e521292cc
Determination: GOOD

C:\WINDOWS\system32\MPR.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 4E92FBCC002BB291EAE5000F10C15F00A1E7AD21
MD5: 7013fc08075eef2d881d55f898f2d402
Determination: GOOD

C:\WINDOWS\system32\SAMLIB.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 6D3509C200E203F6FAF00078D7EA35003D8429D0
MD5: f16c9cdb4a47969b1cf48e0620f6e217
Determination: GOOD

C:\WINDOWS\system32\cscui.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\Programmi\eMule\emule.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{C631DF4C-088F-4156-B058-4375F0853CD8}\DllName %SystemRoot%\System32\cscui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{750fdf0e-2a26-11d1-a3ea-080036587f03} Offline Files Menu
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{10CFC467-4392-11d2-8DB4-00C04FA31A66} Offline Files Folder Options
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E} Cartella file non in linea
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Offline Files\(default) {750fdf0e-2a26-11d1-a3ea-080036587f03}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\Offline Files\(default) {750fdf0e-2a26-11d1-a3ea-080036587f03}
PX5: 8E7CD5F4006500C1188E05B6248B9200BAF8CA73
MD5: 53e5ab61ddcc0f057182bc1b5513b744
Determination: GOOD

C:\WINDOWS\system32\xpsp2res.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\HPQ\shared\hpqwmi.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\Programmi\eMule\emule.exe
PX5: DD9EAB9A00D5F12036192D6118710400ADB6810C
MD5: 0e8e6901c637095ec3b483475e39731e
Determination: GOOD

C:\WINDOWS\system32\NTMARTA.DLL
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 1D452FC300F103CCD4AF019C0B4A1000D0C05759
MD5: 3c1b1065c5bfca5190e7fa7efcb11b59
Determination: GOOD

C:\WINDOWS\system32\WLDAP32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\HPQ\shared\hpqwmi.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\Programmi\eMule\emule.exe
PX5: 9E81915C002CE532A4010226E6EC3100C992DBA0
MD5: a340dec6229f08d8b9644f2be00100fc
Determination: GOOD

C:\WINDOWS\system32\msv1_0.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Authentication Packages msv1_0
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Security Packages kerberos msv1_0 schannel wdigest
PX5: 7DDBB66E00F27A20FA0D01B81C65BB005752F1B9
MD5: affa7a2ecb1476f29641c90524f63e2e
Determination: GOOD

C:\WINDOWS\system32\iphlpapi.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\Programmi\eMule\emule.exe
PX5: 352A2D920078A26F766401FF71F80300DA785AEF
MD5: 6150872a38d85c8cddb1b2fbff1bb07f
Determination: GOOD

C:\WINDOWS\system32\wdmaud.drv
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\wave wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\midi wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\mixer wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\aux wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\wave1 wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\midi1 wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\mixer1 wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\wave2 wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\midi2 wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\mixer2 wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Userinstallable.drivers\wave wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Userinstallable.drivers\wave1 wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Userinstallable.drivers\wave2 wdmaud.drv
PX5: E19B13CB00CFB9ED5C250033B033BB00A27F216F
MD5: 6deb9059000c34770192b78d85f6d387
Determination: GOOD

C:\WINDOWS\system32\msacm32.drv
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP\wavemapper msacm32.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\wavemapper msacm32.drv
PX5: F8EB7CDA00A2596F522700876A3BC9005F29A42B
MD5: 05e84eead6b27c958621a4e6d33859d1
Determination: GOOD

C:\WINDOWS\system32\MSACM32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: CD32AC5300D4DB3A183401A597817D009B477A6B
MD5: b088085d01b3e80e2be0e9cd1838ba9b
Determination: GOOD

C:\WINDOWS\system32\midimap.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP\midimapper midimap.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\midimapper midimap.dll
PX5: 8C299C3E002D88084A0000F598A51000C8C9681D
MD5: eaaa11be5c162266e698f7658bd8a1da
Determination: GOOD

C:\WINDOWS\system32\COMRes.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\HPQ\shared\hpqwmi.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\Programmi\eMule\emule.exe
PX5: D3FD3AB2006F991AE8A30C7CE8FD780095D6A640
MD5: b979bbba74f4f5db69c3a5dfdc52828c
Determination: GOOD

C:\WINDOWS\system32\OLEAUT32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\HPQ\shared\hpqwmi.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\Programmi\eMule\emule.exe
PX5: 0ADCFE240032582262B908FFB341E7008E7C2AC4
MD5: 3025d5dab63b81f538e10878d8426389
Determination: GOOD

C:\WINDOWS\system32\CLBCATQ.DLL
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\HPQ\shared\hpqwmi.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\Programmi\eMule\emule.exe
PX5: DDDD061C00DDD1C99CCC07876975D5003DF223DA
MD5: 092813b8f60f1e12e8af5db98037b770
Determination: GOOD

C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Eventlog\ImagePath %SystemRoot%\system32\services.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PlugPlay\ImagePath %SystemRoot%\system32\services.exe
PX5: 55CFB3920083E585A8B8011373392400747D1070
MD5: e77f6fa2a15390f1727f4c1c55b69da6
Determination: GOOD

C:\WINDOWS\system32\SCESRV.dll
Loaded into: C:\WINDOWS\system32\services.exe
PX5: 42090831009A7DEDFC25041A41C0A6009F850DB8
MD5: e84a4bfd34f64af3a9b2e4ff45c02dca
Determination: GOOD

C:\WINDOWS\system32\umpnpmgr.dll
Loaded into: C:\WINDOWS\system32\services.exe
PX5: A0722C41001DFC8BE8A7011B43DD8300C52FA704
MD5: d717635e8c6d91644aeda4b37a49762a
Determination: GOOD

C:\WINDOWS\system32\NCObjAPI.DLL
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
PX5: 7EA0BF3D001A18F58E38007796CD8000CD7F3FCC
MD5: 1fc06b22ba62ab448613461d06c328c9
Determination: GOOD

C:\WINDOWS\system32\MSVCP60.dll
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\WIDCOMM\Software Bluetooth\BTStackServer.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\HPQ\shared\hpqwmi.exe
PX5: 2D7DD02900BE71EC5085060A796CD8005BF97344
MD5: b30c42dfa52a70037ab31a85057a5657
Determination: GOOD

C:\WINDOWS\system32\ShimEng.dll
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
PX5: 279F162200D45347000001BBAACC850063724C8D
MD5: dc7d49e0dec335b8e14c734ab1bade66
Determination: GOOD

C:\WINDOWS\AppPatch\AcGenral.DLL
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
PX5: 5F6310EE002D3DBC446C1C5A826CF10048881669
MD5: 26caaee19627a49509a5faaf49e418a0
Determination: GOOD

C:\WINDOWS\system32\eventlog.dll
Loaded into: C:\WINDOWS\system32\services.exe
PX5: D2B7D57A001E9CD9DA5600E2BE4F3C00079E4466
MD5: d1caa255f33c06c8302769a86ffb905e
Determination: GOOD

C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Netlogon\ImagePath %SystemRoot%\system32\lsass.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NtLmSsp\ImagePath %SystemRoot%\system32\lsass.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PolicyAgent\ImagePath %SystemRoot%\system32\lsass.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ProtectedStorage\ImagePath %SystemRoot%\system32\lsass.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SamSs\ImagePath %SystemRoot%\system32\lsass.exe
PX5: CC1BA69F00AF6D2D3445003B3C2E0700B638080D
MD5: 0815e8da286775fa432c7c9ee5e10ba1
Determination: GOOD

C:\WINDOWS\system32\LSASRV.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: 4A2D1F9A00EE2E841A4F0B1A2FFB0900A3181BF3
MD5: cca9a75fc163ed610cf3945069bf4a3a
Determination: GOOD

C:\WINDOWS\system32\NTDSAPI.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\HPQ\shared\hpqwmi.exe
PX5: B049763B0042836806A701AA022FCD00F10A90B1
MD5: 6ae3588c5fea68cdfcd743af5fc95398
Determination: GOOD

C:\WINDOWS\system32\DNSAPI.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\HPQ\shared\hpqwmi.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded into: C:\Programmi\eMule\emule.exe
PX5: 74EB5FA400ECF6FA447C02F4107A1600E5E5C273
MD5: b4936fb637c2e2ec03f2589cbcd077ef
Determination: GOOD

C:\WINDOWS\system32\SAMSRV.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: E92EC68300CE21C68E4E06BCC0EDF6004268C49A
MD5: 12b717e63f23bdf3fd43b295542154d9
Determination: GOOD

C:\WINDOWS\system32\cryptdll.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 81B30DAB0078862F82C6000202049600DB968CD1
MD5: 4ac54687b901091378c512a6c56f6214
Determination: GOOD

C:\WINDOWS\system32\msprivs.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: 0CA48DC3002C50B3BC750065E2B27800000C62EB
MD5: d7d64ff974b96816e1ae2c5b86de35ba
Determination: GOOD

C:\WINDOWS\system32\kerberos.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Security Packages kerberos msv1_0 schannel wdigest
PX5: 6F259D99008DE085843504BA6E05F400BD1351EF
MD5: a3103d196ce0db4c8b5c6a365628e9ef
Determination: GOOD

C:\WINDOWS\system32\netlogon.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService\68 netlogon.dll
PX5: 7826BE4E00B0693C362206A7BBB246000E968C98
MD5: 926bb51bb6de79dedb93e9c2b0811ccf
Determination: GOOD

C:\WINDOWS\system32\w32time.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: B0DB78E90001F969B24A022F16FE9C007D6DCCBC
MD5: 8b97d00e5c6a593ebb605ce4b8a5caa5
Determination: GOOD

C:\WINDOWS\system32\schannel.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\SecurityProviders\SecurityProviders msapsspc.dll schannel.dll digest.dll, msnsspc.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Security Packages kerberos msv1_0 schannel wdigest
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService\14 schannel.dll
PX5: 978AEDC000D16F92363B021213F745004B5CD31C
MD5: e9836d1ace460b4b96fbcb03861d0323
Determination: GOOD

C:\WINDOWS\system32\wdigest.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Security Packages kerberos msv1_0 schannel wdigest
PX5: F311FBD900986B6DC09400C9FE9A9C00CD8F608E
MD5: bc6964976170dc87caf151a144be586c
Determination: GOOD

C:\WINDOWS\system32\scecli.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{827D319E-6EAC-11D2-A4EA-00C04F79F83A}\DllName scecli.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}\DllName scecli.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Notification Packages scecli
GOLDRAKE
Avatar utente
garrincha
Neo Iscritto
Neo Iscritto
 
Messaggi: 2
Iscritto il: sab gen 19, 2008 11:14 am

Messaggioda ste_95 » sab gen 19, 2008 11:49 am

Negativo, apri una nuova discussione e posta la scansione online di kaspersky.
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Messaggioda Jim.x » sab gen 19, 2008 11:50 am

Forse non ti sei accorto... ma questa non è assolutamente la sezione giusta per discutere del tuo problema... Qui si discute solo di quale firewall utilizziamo, e non di come debellare virus.
Nella sezione Sicurezza trovi numerosi messaggi di utenti che come te hanno il problema BAGLE, accodati ad uno dei loro post o aprine uno nuovo... ma non continuare a scrivere qui...
Attento... se tua moglie si è fatta degli amici, presto si farà anche degli estranei!
Avatar utente
Jim.x
Bronze Member
Bronze Member
 
Messaggi: 604
Iscritto il: sab ott 01, 2005 12:49 pm


Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 5 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising