PDA

View Full Version : ancora virus?

trutlee
20-11-2007, 22:09
ancora virus?



apparizioni virus:
-soleluna:pop-up che chiedeva di scaricare software antivirus,
creava 2 collegamenti sul desktop(live search o giù di lì),
pop-up di presenza virus nella barra affianco all'orologio e apertura di
ie a savetheinformation.com. (mi pare).(apparentemente risolto)
-arresto di sistema automatico dopo 60 secondi... (apparentemente risolto)


scansioni svolte con:
-spyware terminator (aggiornato)
-hijackThis
-ad-aware
-avg (free-aggiornato)
-glary utilities (free)
-ccleaner
-nod32
-fixvundo
-(continua...?)

spyware terminator:
esito scansione antivirus & spyware 20/11/07:
Logfile of Spyware Terminator v2.0.0.194 (db:1.0.025.788)
Scan Time: 20/11/2007 16.03.17 length: 3983 s
Platform: Windows XP Service Pack 2 (WINNT 5.1.2600)
User: Admin
Boot Mode: Normal
Scan type: Full_Virus__Spyware_Scan
Scanned Objects: 70348 (Critical:4)
Filter: No System items, No Safe items, No Invalid items

Internet Settings
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =

BHO
02 - BHO: - {DCE170A4-C8D1-4050-BF26-06DBD0FC3819} - : C:\WINDOWS\system32\gebya.dll

StartUps
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Yodm3D : [Christian SALMON] : D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, WinRoll : : D:\Claudio\programmi\Rolltab\WinRoll\winroll.exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CursorXP : : D:\Claudio\programmi\personalizzazione xp\mouse\cursorxp\CursorXP.exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, VoipRaider : [VoipRaider] : D:\DOWNLOAD FIREFOX\VOIP\VOIPRAIDER\VOIPRAIDER.EXE
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 12Voip : [12Voip] : D:\DOWNLOAD FIREFOX\VOIP 2\12VOIP\12VOIP.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, RaidTool : [VIA Technologies] : C:\Programmi\VIA\RAID\raid_tool.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, FLMK08KB : : C:\Programmi\Multimedia Keyboard\KbdAp32A.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HP Software Update : [Hewlett-Packard Co.] : C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, KRun : [KSoft] : D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BootSkin Startup Jobs : : D:\CLAUDIO\PROGRAMMI\PERSONALIZZAZIONE XP\BOOTSKIN\BOOTSKIN.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, VisualTooltip : [Christian Salmon] : D:\Claudio\programmi\personalizzazione xp\VisualTooltip22\VisualToolTip.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, WinampAgent : : D:\Claudio\programmi\Winamp\winampa.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AVG7_CC : [GRISOFT, s.r.o.] : D:\download firefox\avg75free_428a818\avgcc.exe
04 - HKLM\System\CurrentControlSet\Control\Session Manager, BootExecute : : C:\WINDOWS\system32\LSDELETE.EXE
04 - Startup: %START_PROGRAMS%\Esecuzione automatica\Konfabulator.lnk [Yahoo, Inc.] : D:\Claudio\programmi\konfa\Konfabulator.exe
04 - Startup: %START_PROGRAMS%\Esecuzione automatica\OpenOffice.org 2.3.lnk : D:\Claudio\programmi\OpenOffice.org 2.2\program\quickstart.exe
04 - Startup: %START_PROGRAMS%\Esecuzione automatica\Vista Hard Drive.lnk : D:\Claudio\programmi\personalizzazione xp\Hard Drive.exe
04 - Startup: %START_PROGRAMS%\Esecuzione automatica\WMP11 Gadget.lnk : D:\Claudio\programmi\personalizzazione xp\WMP11_Gadget.exe
04 - Startup: %START_PROGRAMSALL%\Esecuzione automatica\Avvio rapido di HP Image Zone.lnk [Hewlett-Packard Co.] : C:\Programmi\HP\Digital Imaging\bin\hpqthb08.exe
04 - Startup: %START_PROGRAMSALL%\Esecuzione automatica\BTTray.lnk [Broadcom Corporation.] : C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
04 - Startup: %START_PROGRAMSALL%\Esecuzione automatica\HP Digital Imaging Monitor.lnk [Hewlett-Packard Co.] : C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe

Shell Extensions
WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} - : C:\Programmi\WinRAR\rarext.dll
Risorse di rete Bluetooth - {6af09ec9-b429-11d4-a1fb-0090960218cb} - [Broadcom Corporation.] : C:\WINDOWS\system32\btneighborhood.dll
SimpleShlExt Class - {5E2121EE-0300-11D4-8D3B-444553540000} - : C:\Programmi\ATI Technologies\ATI.ACE\atiacmxx.dll
SnagItShellExt Class - {CF74B903-3389-469c-B3B6-0204D204FCBD} - [TechSmith Corporation] : D:\download firefox\pinko\SnagItShellExt.dll
- {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} - [Sun Microsystems, Inc.] : D:\CLAUDIO\PROGRAMMI\OPENOFFICE.ORG 2.2\PROGRAM\SHLXTHDL.DLL
- {087B3AE3-E237-4467-B8DB-5A38AB959AC9} - [Sun Microsystems, Inc.] : D:\CLAUDIO\PROGRAMMI\OPENOFFICE.ORG 2.2\PROGRAM\SHLXTHDL.DLL
- {63542C48-9552-494A-84F7-73AA6A7C99C1} - [Sun Microsystems, Inc.] : D:\CLAUDIO\PROGRAMMI\OPENOFFICE.ORG 2.2\PROGRAM\SHLXTHDL.DLL
- {3B092F0C-7696-40E3-A80F-68D74DA84210} - [Sun Microsystems, Inc.] : D:\CLAUDIO\PROGRAMMI\OPENOFFICE.ORG 2.2\PROGRAM\SHLXTHDL.DLL
Glary Utilities Context Menu Shell Extension - {72923739-5A47-40A3-9895-25AF0DFBB9E4} - [GlarySoft,Inc.] : D:\download firefox\liberami\Glary Utilities\ContextHandler.dll

Services
23 - [Realtek Semiconductor Corp.] : C:\WINDOWS\system32\drivers\ALCXWDM.SYS
23 - [ATI Technologies Inc.] : C:\WINDOWS\system32\Ati2evxx.exe
23 - : C:\WINDOWS\system32\DRIVERS\atksgt.sys
23 - [GRISOFT, s.r.o.] : D:\download firefox\avg75free_428a818\avgamsvr.exe
23 - [GRISOFT, s.r.o.] : C:\WINDOWS\system32\DRIVERS\AvgAsCln.sys
23 - [Broadcom Corporation.] : C:\WINDOWS\system32\DRIVERS\btkrnl.sys
23 - [Broadcom Corporation.] : C:\Programmi\Belkin\Software Bluetooth\bin\btwdins.exe
23 - : C:\WINDOWS\system32\DRIVERS\lirsgt.sys
23 - : C:\WINDOWS\system32\DRIVERS\ASACPI.sys
23 - : C:\WINDOWS\system32\PnkBstrA.exe
23 - [Protection Technology] : C:\WINDOWS\system32\drivers\prodrv06.sys
23 - [Protection Technology] : C:\WINDOWS\system32\drivers\prohlp02.sys
23 - [Protection Technology] : C:\WINDOWS\system32\drivers\prosync1.sys
23 - [Protection Technology (StarForce)] : C:\WINDOWS\system32\drivers\sfdrv01.sys
23 - [Protection Technology] : C:\WINDOWS\system32\drivers\sfhlp01.sys
23 - [Protection Technology (StarForce)] : C:\WINDOWS\system32\drivers\sfhlp02.sys
23 - [Protection Technology (StarForce)] : C:\WINDOWS\system32\drivers\sfvfs02.sys
23 - [Silicon Image, Inc] : C:\WINDOWS\system32\DRIVERS\si3112r.sys
23 - : C:\WINDOWS\system32\Drivers\sptd.sys
23 - [VIA Technologies inc,.ltd] : C:\WINDOWS\system32\drivers\viamraid.sys
23 - [Marvell] : C:\WINDOWS\system32\DRIVERS\yk51x86.sys
23 - [Lavasoft AB] : D:\DOWNLOAD FIREFOX\SPIA\AAWSERVICE.EXE

Winlogon Notify
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent, DLLName : [ATI Technologies Inc.] : C:\WINDOWS\system32\Ati2evxx.dll
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\MCPClient, DLLName : [Stardock] : C:\Programmi\File comuni\Stardock\MCPStub.dll

Thread Files
<Unreadable Binary Files> : C:\WINDOWS\system32\Drivers\sptd.sys


-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.

Nonostante le scansioni c'è ancora qualche problema:
-dopo che hijackThis mi ha segnalato C:\WINDOWS\SYSTEM32\GEBYA.DLL
come dannoso ho tentato di eliminarlo ma poi con un'altra scansione ho visto che è rimasto,
allora l'ho bloccato con spyware terminator, purtroppo ogni 2 secondo ora esce il pop-up del blocco...
Questo file è dannoso? come lo elimino?
-tutte le finestre una volta ridotte non sono + recuperabili dalla barra delle applicazioni xkè in costante
caricamento! l'unico modo è attraverso il task manager...

grazie in anticipo!
Gle89
20-11-2007, 22:17
Per favore clicca qui (http://www.hwupgrade.it/forum/showthread.php?t=1599737) e segui TUTTE le istruzioni (da cima a fondo pagina).

MODIFICA inoltre il tuo precedente post e metti fra tag CODE anche il log di SpywareTerminetor oppure allegalo come hai fatto con HJT, grazie.

Aspettiamo che tu abbia fatto tutte le scansioni che ci sono da fare e aspettiamo tutti i log ALLEGATI (come da regole di sezione).
juninho85
21-11-2007, 22:04
O2 - BHO: (no name) - {DCE170A4-C8D1-4050-BF26-06DBD0FC3819} - C:\WINDOWS\system32\gebya.dll
O2 - BHO: {1e463bc4-b670-1239-c8c4-a4e7f620292e} - {e292026f-7e4a-4c8c-9321-076b4cb364e1} - (no file)

O20 - AppInit_DLLs: C:\WINDOWS\system32\__c0073671.dat
sicuramente da eliminare
Riverside
21-11-2007, 22:45
Nonostante le scansioni c'è ancora qualche problema: dopo che hijackThis mi ha segnalato C:\WINDOWS\SYSTEM32\GEBYA.DLL ...... Questo file è dannoso? come lo elimino?
Vundo. Quindi inizia da qui; scarica questo tool:
PREVX CSI: clicca qui per il download (http://info.prevx.com/download.asp?grab=prevxcsi)
● una volta installato, esegui una scansione
● al termine della scansione, clicca su:
● Options
● Save Log
● allega log salvato, per farlo analizzare

Per quanto riguarda la pubblicazione dei log o dei Report:
● se il relativo txt generato è al max 20 kb, deve essere allegato alla discussione, utilizzando l'apposita funzione Gestisci Allegati;
● se superiore a 20 kb, deve essere allegato utlizzando il tag code dall'editor del messaggio;
● in alternativa sempre se superiore a 20 kb, hostato su Zshare clicca qui per raggiungere ZShare (http://www.zshare.net/), pubblicando, nella discussione, il link che verrà rilasciato per il download
trutlee
22-11-2007, 17:37
sicuramente da eliminare
fatto

log csi:
Prevx CSI
Computer Security Investigator Output Log
System analyzed at: 18:34:34 11/22/07

C:\WINDOWS\System32\smss.exe
Loaded into: C:\WINDOWS\System32\smss.exe
PX5: EAEF384300B86E2BC60900AD18ED0300B6B454BF
MD5: 036fc522ac5784ebf03c1f85e93415e7
Determination: GOOD

C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\System32\smss.exe
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: D:\download firefox\spia\aawservice.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\File comuni\Stardock\SDMCP.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\VIA\RAID\raid_tool.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Browser Mouse\mouse32a.exe
Loaded into: C:\Programmi\Multimedia Keyboard\KbdAp32A.exe
Loaded into: C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\VisualTooltip22\VisualToolTip.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\SpywareTerminatorShield.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: D:\download firefox\avg75free_428a818\avgupsvc.exe
Loaded into: D:\Claudio\programmi\Rolltab\WinRoll\winroll.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\bin\btwdins.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\mouse\cursorxp\CursorXP.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\PnkBstrA.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\sp_rsser.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\wdfmgr.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\MSN Messenger\usnsvc.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
Loaded into: D:\download firefox\other\PREVXCSIFREE.EXE
PX5: 98EF83350066C70122B20B444BEBEA00D217A1B2
MD5: 75a0aecc55a3f0b9e2d54119fa4aab6d
Determination: GOOD

C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Session Manager\SubSystems\Windows %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
PX5: 457E08CD00DE83E3183600665DD0AE001F0FA82A
MD5: 2b511a5438308a1ac8d48482279810e6
Determination: GOOD

C:\WINDOWS\system32\CSRSRV.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
PX5: 672F934100D50DA280D100335AB03A0006C3D206
MD5: 4ba2dbac6357b3b9d89c53823afe15c5
Determination: GOOD

C:\WINDOWS\system32\basesrv.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Session Manager\SubSystems\Windows %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
PX5: CDE7154D0060E2E4CE1D00F8B4D58500AEAC4112
MD5: 7b37b598b55bf80415c15bffe7a992a2
Determination: GOOD

C:\WINDOWS\system32\winsrv.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
PX5: 8732376800C35F4172D80484B9A63B00A104B3EF
MD5: 09a89dee6e15e360b52e556e2a46d97c
Determination: GOOD

C:\WINDOWS\system32\USER32.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: D:\download firefox\spia\aawservice.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\File comuni\Stardock\SDMCP.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\VIA\RAID\raid_tool.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Browser Mouse\mouse32a.exe
Loaded into: C:\Programmi\Multimedia Keyboard\KbdAp32A.exe
Loaded into: C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\VisualTooltip22\VisualToolTip.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\SpywareTerminatorShield.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: D:\download firefox\avg75free_428a818\avgupsvc.exe
Loaded into: D:\Claudio\programmi\Rolltab\WinRoll\winroll.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\bin\btwdins.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\mouse\cursorxp\CursorXP.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\PnkBstrA.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\sp_rsser.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\wdfmgr.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\MSN Messenger\usnsvc.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
Loaded into: D:\download firefox\other\PREVXCSIFREE.EXE
PX5: 0F3EF70A0068B54FD2AC08079BAEE60002A2BAD2
MD5: 08447bdfce5d1b1956f962602381f5c1
Determination: GOOD

C:\WINDOWS\system32\KERNEL32.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: D:\download firefox\spia\aawservice.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\File comuni\Stardock\SDMCP.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\VIA\RAID\raid_tool.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Browser Mouse\mouse32a.exe
Loaded into: C:\Programmi\Multimedia Keyboard\KbdAp32A.exe
Loaded into: C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\VisualTooltip22\VisualToolTip.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\SpywareTerminatorShield.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: D:\download firefox\avg75free_428a818\avgupsvc.exe
Loaded into: D:\Claudio\programmi\Rolltab\WinRoll\winroll.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\bin\btwdins.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\mouse\cursorxp\CursorXP.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\PnkBstrA.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\sp_rsser.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\wdfmgr.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\MSN Messenger\usnsvc.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
Loaded into: D:\download firefox\other\PREVXCSIFREE.EXE
PX5: D52CD51B0060B5DEAEDC0F6CFC78C3000275A5DD
MD5: feb3cc200749ff119bb8b08224a1a594
Determination: GOOD

C:\WINDOWS\system32\GDI32.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: D:\download firefox\spia\aawservice.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\File comuni\Stardock\SDMCP.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\VIA\RAID\raid_tool.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Browser Mouse\mouse32a.exe
Loaded into: C:\Programmi\Multimedia Keyboard\KbdAp32A.exe
Loaded into: C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\VisualTooltip22\VisualToolTip.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\SpywareTerminatorShield.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: D:\download firefox\avg75free_428a818\avgupsvc.exe
Loaded into: D:\Claudio\programmi\Rolltab\WinRoll\winroll.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\bin\btwdins.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\mouse\cursorxp\CursorXP.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\PnkBstrA.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\sp_rsser.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\wdfmgr.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\MSN Messenger\usnsvc.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
Loaded into: D:\download firefox\other\PREVXCSIFREE.EXE
PX5: 1F9CE28700B6BB683E2104A31AD9960012802DE9
MD5: 2262fe3b392bd2d4d6e59f6024dce576
Determination: GOOD

C:\WINDOWS\system32\sxs.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
PX5: 8DD4793200312BB2E8C40A6B35703B00EAC2F4EA
MD5: 2326b65e910186b39d4c58376c97622c
Determination: GOOD

C:\WINDOWS\system32\ADVAPI32.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: D:\download firefox\spia\aawservice.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\File comuni\Stardock\SDMCP.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\VIA\RAID\raid_tool.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Browser Mouse\mouse32a.exe
Loaded into: C:\Programmi\Multimedia Keyboard\KbdAp32A.exe
Loaded into: C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\VisualTooltip22\VisualToolTip.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\SpywareTerminatorShield.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: D:\download firefox\avg75free_428a818\avgupsvc.exe
Loaded into: D:\Claudio\programmi\Rolltab\WinRoll\winroll.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\bin\btwdins.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\mouse\cursorxp\CursorXP.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\PnkBstrA.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\sp_rsser.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\wdfmgr.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\MSN Messenger\usnsvc.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
Loaded into: D:\download firefox\other\PREVXCSIFREE.EXE
PX5: DA31EA390036C3916C5C0A395DA4E3007CA4EABA
MD5: 09bb0a2c325f7085e24fae6134de2d16
Determination: GOOD

C:\WINDOWS\system32\RPCRT4.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: D:\download firefox\spia\aawservice.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\File comuni\Stardock\SDMCP.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\VIA\RAID\raid_tool.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Browser Mouse\mouse32a.exe
Loaded into: C:\Programmi\Multimedia Keyboard\KbdAp32A.exe
Loaded into: C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\VisualTooltip22\VisualToolTip.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\SpywareTerminatorShield.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: D:\download firefox\avg75free_428a818\avgupsvc.exe
Loaded into: D:\Claudio\programmi\Rolltab\WinRoll\winroll.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\bin\btwdins.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\mouse\cursorxp\CursorXP.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\PnkBstrA.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\sp_rsser.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\wdfmgr.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\MSN Messenger\usnsvc.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
Loaded into: D:\download firefox\other\PREVXCSIFREE.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols\ncacn_np rpcrt4.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols\ncacn_ip_tcp rpcrt4.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols\ncadg_ip_udp rpcrt4.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols\ncacn_http rpcrt4.dll
PX5: 779FC6C5008166E0DEAA08874C150000A68771E2
MD5: e40a1024ef253382bd296a59625bd5f5
Determination: GOOD

C:\WINDOWS\system32\Apphelp.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
Loaded into: D:\download firefox\other\PREVXCSIFREE.EXE
PX5: 2E534C590076A85BF05D01EC9E4FFB0089A4554F
MD5: 086da77c3c612759d4ef437f67532e2d
Determination: GOOD

C:\WINDOWS\system32\VERSION.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: D:\download firefox\spia\aawservice.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\SpywareTerminatorShield.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: D:\download firefox\avg75free_428a818\avgupsvc.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\sp_rsser.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\MSN Messenger\usnsvc.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 17E09890009DDCC84AAD00E153CBBA0071FD3882
MD5: 9b5a59851d9a237c86210e07e2195a12
Determination: GOOD

C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\winlogon.exe
PX5: D0D54E6C00E89575B4CC07CFE43BE400C1F31A26
MD5: 4166454e2bcfcc20d1b8a5ac9feab243
Determination: GOOD

C:\WINDOWS\system32\AUTHZ.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: E9DDEB920002ADAADEA00048047B1D002E56DB1B
MD5: c0f8a404df967cacb7489c7d56f30674
Determination: GOOD

C:\WINDOWS\system32\msvcrt.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: D:\download firefox\spia\aawservice.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\File comuni\Stardock\SDMCP.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\VIA\RAID\raid_tool.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Browser Mouse\mouse32a.exe
Loaded into: C:\Programmi\Multimedia Keyboard\KbdAp32A.exe
Loaded into: C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\VisualTooltip22\VisualToolTip.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\SpywareTerminatorShield.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: D:\download firefox\avg75free_428a818\avgupsvc.exe
Loaded into: D:\Claudio\programmi\Rolltab\WinRoll\winroll.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\bin\btwdins.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\mouse\cursorxp\CursorXP.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\PnkBstrA.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\sp_rsser.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\wdfmgr.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\MSN Messenger\usnsvc.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
Loaded into: D:\download firefox\other\PREVXCSIFREE.EXE
PX5: EAD3CF360087D2AD3C120509FE506F008FB88290
MD5: 9e6cb81be111b9935f6a97c367cabd4e
Determination: GOOD

C:\WINDOWS\system32\CRYPT32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: D:\download firefox\spia\aawservice.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\SpywareTerminatorShield.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\bin\btwdins.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\PnkBstrA.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\wdfmgr.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain\DllName crypt32.dll
PX5: DD3ED9060033BBFB2E83098709F8D4001E524429
MD5: 5588d8afd51d060f82315c50d7590323
Determination: GOOD

C:\WINDOWS\system32\MSASN1.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: D:\download firefox\spia\aawservice.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\SpywareTerminatorShield.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\bin\btwdins.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\PnkBstrA.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\wdfmgr.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 09F301D4001F77D2E0150027945354004927323C
MD5: 0a75ac7d90bd8e6bc942dba004579d5b
Determination: GOOD

C:\WINDOWS\system32\NDdeApi.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
PX5: 8E19EB1100E774A0488300C192BED30080B1D3E4
MD5: 11be44f0c0978927aed7d69b75c24937
Determination: GOOD

C:\WINDOWS\system32\PROFMAP.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
PX5: 90AEB4A600D0EF596C4F00D134ACAA00BDFD0752
MD5: 0328058695d324d26528077f5b136636
Determination: GOOD

C:\WINDOWS\system32\NETAPI32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: CC4BFB2E005E161C12BF0576C5EB94007AE54E90
MD5: a8db277fb7c964a2bae0159bc05c5621
Determination: GOOD

C:\WINDOWS\system32\USERENV.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: D:\download firefox\spia\aawservice.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 02BF46CD00DC848D207F0BA7D391AB00DCDEB32E
MD5: ac31ca2b251fe8057528fa937335b164
Determination: GOOD

C:\WINDOWS\system32\PSAPI.DLL
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: D:\download firefox\spia\aawservice.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\VisualTooltip22\VisualToolTip.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
PX5: 5DB1DF3A00AE978A5A1800B9B5A8C30041FF3076
MD5: 2baf81b8504d9c1600c51a498e5453b3
Determination: GOOD

C:\WINDOWS\system32\REGAPI.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: BDCF1CB600ACB6D2C2EE007361942C0007606048
MD5: bb756f78728c2d953574e8652b7e86a8
Determination: GOOD

C:\WINDOWS\system32\Secur32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: D:\download firefox\avg75free_428a818\avgupsvc.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\wdfmgr.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService secur32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService\10 secur32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService\16 secur32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService secur32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService\18 secur32.dll
PX5: 2226211D005B7868DA45009E23898E00149E78C6
MD5: 8285b8b146b42ff18ed08c558435011e
Determination: GOOD

C:\WINDOWS\system32\SETUPAPI.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\VIA\RAID\raid_tool.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\wdfmgr.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 085443D800EAF0FA42960F6622B8E300CB4CB91D
MD5: 6f83a7ed3217d0e612445612d1991767
Determination: GOOD

C:\WINDOWS\system32\WINSTA.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
PX5: 1789B2A5005E39C8D2660086022E8500C3B9450D
MD5: de24ebecf7833a4de925d0832956f21a
Determination: GOOD

C:\WINDOWS\system32\WINTRUST.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\SpywareTerminatorShield.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\bin\btwdins.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\WINDOWS\system32\PnkBstrA.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\wdfmgr.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 0D34C3E0002C3B32B2670226273B8500327F7603
MD5: 48bd2908fe77abb5ef42dd4a108600b5
Determination: GOOD

C:\WINDOWS\system32\IMAGEHLP.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\SpywareTerminatorShield.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\bin\btwdins.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\WINDOWS\system32\PnkBstrA.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\sp_rsser.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\wdfmgr.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 92D4CA5F00EA8A5C340F02F2506EE800E1319CFF
MD5: f309c34e0f66dac995053e91effc9002
Determination: GOOD

C:\WINDOWS\system32\WS2_32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: D:\download firefox\spia\aawservice.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\bin\btwdins.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\PnkBstrA.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 42D0077300700B1344D7019D11CF0E00A225E294
MD5: 12ead983c875ed9bcc8b90e3f77f2e4a
Determination: GOOD

C:\WINDOWS\system32\WS2HELP.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: D:\download firefox\spia\aawservice.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\bin\btwdins.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\PnkBstrA.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 097C6291004A18B14EEC00B4A6264D00B84611B9
MD5: 0c1f495c1761c126bc820f4de4c8b967
Determination: GOOD

C:\WINDOWS\system32\MSGINA.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 0590994000D0A8B53A390FFB32187D003143117B
MD5: 4ba6464cf0d5fe0cd0b43ae4b3b32d26
Determination: GOOD

C:\WINDOWS\system32\SHELL32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: D:\download firefox\spia\aawservice.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\File comuni\Stardock\SDMCP.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\VIA\RAID\raid_tool.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Browser Mouse\mouse32a.exe
Loaded into: C:\Programmi\Multimedia Keyboard\KbdAp32A.exe
Loaded into: C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\VisualTooltip22\VisualToolTip.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\SpywareTerminatorShield.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: D:\Claudio\programmi\Rolltab\WinRoll\winroll.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\bin\btwdins.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\mouse\cursorxp\CursorXP.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\PnkBstrA.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\sp_rsser.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
Loaded into: D:\download firefox\other\PREVXCSIFREE.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\VmApplet rundll32 shell32,Control_RunDLL "sysdm.cpl"
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{AEB6717E-7E19-11d0-97EE-00C04FD91972}
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}\StubPath regsvr32.exe /s /n /i:U shell32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\PostBootReminder {7849596a-48ea-486e-8937-a2a3009f31a9}
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\CDBurn {fbeb8a05-beee-4442-804e-409d6c4515e9}
Loaded from: \REGISTRY\User\S-1-5-21-1957994488-813497703-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{0E5CBF21-D15F-11D0-8301-00AA005B4383} !.\._..... . [C." . . . . L ... . F.
Loaded from: \REGISTRY\User\S-1-5-21-1957994488-813497703-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{0E5CBF21-D15F-11D0-8301-00AA005B4383} !.\._..... . [C." . . . . L ... . F.
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Open With\(default) {09799AFB-AD67-11d1-ABCD-00C04FC30936}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Open With EncryptionMenu\(default) {A470F8CF-A1E8-4f65-8335-227475AA5C46}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}\(default) Blocco menu Start
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu\(default) {A470F8CF-A1E8-4f65-8335-227475AA5C46}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\PropertySheetHandlers\{ef43ecfe-2ab9-4632-bf21-58909dd177f0}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\FileSystem\(default) {217FC9C0-3AEA-1069-A2DB-08002B30309D}
PX5: EA00C46A00DF4A1A601F80DDA7E37000C893634E
Determination: GOOD

C:\WINDOWS\system32\SHLWAPI.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: D:\download firefox\spia\aawservice.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\File comuni\Stardock\SDMCP.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\VIA\RAID\raid_tool.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Browser Mouse\mouse32a.exe
Loaded into: C:\Programmi\Multimedia Keyboard\KbdAp32A.exe
Loaded into: C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\VisualTooltip22\VisualToolTip.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\SpywareTerminatorShield.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: D:\download firefox\avg75free_428a818\avgupsvc.exe
Loaded into: D:\Claudio\programmi\Rolltab\WinRoll\winroll.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\bin\btwdins.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\mouse\cursorxp\CursorXP.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\PnkBstrA.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\sp_rsser.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
Loaded into: D:\download firefox\other\PREVXCSIFREE.EXE
PX5: 4CE7353F0026001C3CA7077551D26B00F192D3F0
MD5: bbf4bc84d6bb5858634657718f319b0b
Determination: GOOD

C:\WINDOWS\system32\COMCTL32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: D:\download firefox\spia\aawservice.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\VIA\RAID\raid_tool.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Browser Mouse\mouse32a.exe
Loaded into: C:\Programmi\Multimedia Keyboard\KbdAp32A.exe
Loaded into: C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\SpywareTerminatorShield.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
Loaded into: D:\Claudio\programmi\Rolltab\WinRoll\winroll.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\bin\btwdins.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\mouse\cursorxp\CursorXP.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: C:\WINDOWS\system32\PnkBstrA.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\sp_rsser.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\download firefox\other\PREVXCSIFREE.EXE
PX5: 0FFEE7C7000006B05465090C27232C00D413C33C
MD5: 0fe5f5912c30795c455a9645970e6c7c
Determination: GOOD

C:\WINDOWS\system32\ODBC32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\ntdll.dll
PX5: A52E0F9B00E1697FD015036BACB9C10078B33C67
MD5: 485b2381cf003dad79f1371fbeaacd5a
Determination: GOOD

C:\WINDOWS\system32\comdlg32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\VIA\RAID\raid_tool.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\VisualTooltip22\VisualToolTip.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: D1079ADC002DFDB3487D042258AF1F00F0FB72E4
MD5: c99fd691acafaeeefd03f1e4e6d3dd60
Determination: GOOD

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: D:\download firefox\spia\aawservice.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\File comuni\Stardock\SDMCP.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\VIA\RAID\raid_tool.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Browser Mouse\mouse32a.exe
Loaded into: C:\Programmi\Multimedia Keyboard\KbdAp32A.exe
Loaded into: C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\VisualTooltip22\VisualToolTip.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\SpywareTerminatorShield.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: D:\Claudio\programmi\Rolltab\WinRoll\winroll.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\bin\btwdins.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\mouse\cursorxp\CursorXP.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\PnkBstrA.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\sp_rsser.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
Loaded into: D:\download firefox\other\PREVXCSIFREE.EXE
PX5: 9530DEA70023A05308671094FE66420057AEE923
MD5: d81759006d620d41f7fd1d2a4a10c7f3
Determination: GOOD

C:\WINDOWS\system32\odbcint.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\ntdll.dll
PX5: 17030F830012904980B601AEBBE29A00B94ABB0D
MD5: ea88a16da0d06069c0c06ab5a4669e26
Determination: GOOD

C:\WINDOWS\system32\SHSVCS.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 29B6016000DA65A00EB502BB0FFC6D00E022C836
MD5: 500e8ef27757b1c463a4a263ed2c95d2
Determination: GOOD

C:\WINDOWS\system32\sfc.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 16BA5AAF006AA18914FD002B882F7D0027109E10
MD5: e6f026dbc75b6eed7331ebf581afd4d8
Determination: GOOD

C:\WINDOWS\system32\sfc_os.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 53B4176200566C3D2844029CE35AC3003149753E
MD5: 8fbf27ab56de71e2bdd5a2ccb7fb9023
Determination: GOOD

C:\WINDOWS\system32\ole32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: D:\download firefox\spia\aawservice.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\VIA\RAID\raid_tool.exe
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Browser Mouse\mouse32a.exe
Loaded into: C:\Programmi\Multimedia Keyboard\KbdAp32A.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\VisualTooltip22\VisualToolTip.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\SpywareTerminatorShield.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: D:\download firefox\avg75free_428a818\avgupsvc.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\bin\btwdins.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\PnkBstrA.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\sp_rsser.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\MSN Messenger\usnsvc.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: E758784E007AB6358C70131F94722D006C415D83
MD5: 66364440c71911d07468f3791206fb87
Determination: GOOD

C:\WINDOWS\system32\WINSCARD.DLL
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 49E7BE4C00EA6409841F01CF112B5500E75D0DD5
MD5: 840535254edd74e79d059229c5a2f800
Determination: GOOD

C:\WINDOWS\system32\WTSAPI32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
PX5: 1CDB8610004CDD7F48CB007245065C0097B2DD61
MD5: e2703bb7beac36269482a8d32400ad38
Determination: GOOD

C:\WINDOWS\system32\WINMM.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Multimedia Keyboard\KbdAp32A.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\mouse\cursorxp\CursorXP.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 8B514EB5005BE141BAA3022C5AD8F400CAAEB534
MD5: 1dc87f8c450e295fb8cc5039d27292e5
Determination: GOOD

C:\WINDOWS\system32\uxtheme.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\File comuni\Stardock\SDMCP.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\VIA\RAID\raid_tool.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Browser Mouse\mouse32a.exe
Loaded into: C:\Programmi\Multimedia Keyboard\KbdAp32A.exe
Loaded into: C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\VisualTooltip22\VisualToolTip.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\SpywareTerminatorShield.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: D:\download firefox\avg75free_428a818\avgupsvc.exe
Loaded into: D:\Claudio\programmi\Rolltab\WinRoll\winroll.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\bin\btwdins.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\mouse\cursorxp\CursorXP.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\sp_rsser.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: D88EDDB7006796175ABD030829F64C0039E51CA1
MD5: 00392689f8bf09f676381a54835b5ae8
Determination: GOOD

C:\WINDOWS\system32\Ati2evxx.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent\DLLName Ati2evxx.dll
PX5: DEFAAE8900D46D6BF0AC006C9526280030FD1101
MD5: 74d9f1eda0ca7c9f0501b7f4c3b81be0
Determination: GOOD

C:\WINDOWS\system32\cscdll.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll\DLLName cscdll.dll
PX5: 36CC0D8B0009157E909D017F19231E0041E0A92E
MD5: 38c69b2bc3182a85f0b323c9d1eb7e26
Determination: GOOD

C:\WINDOWS\system32\rsaenh.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: D:\download firefox\spia\aawservice.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\bin\btwdins.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\MSN Messenger\usnsvc.exe
PX5: 19B797A900BB112F5426027FDD39EC001D5760F1
MD5: 26acbd865f8cff730f1791c4d0854352
Determination: GOOD

C:\Programmi\File comuni\Stardock\MCPStub.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\MCPClient\DllName C:\PROGRA~1\FILECO~1\Stardock\mcpstub.dll
PX5: C6C8F55400A02C0AC06A0072A14AF2004560916D
MD5: 0eb2de8403f97505ad3c3cdceed09455
Determination: GOOD

C:\WINDOWS\system32\WlNotify.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp\DLLName wlnotify.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule\DllName wlnotify.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn\DLLName WlNotify.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv\DllName wlnotify.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon\DLLName wlnotify.dll
PX5: 3C08F14B008AD1456C990109A197100002605D8A
MD5: 72e4cad810a967449caab723e99c74b1
Determination: GOOD

C:\WINDOWS\system32\WINSPOOL.DRV
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\VIA\RAID\raid_tool.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\VisualTooltip22\VisualToolTip.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: A35B6D1900D11F1D3E5102B97EFC0500E974203D
MD5: a357128eea84698dcf3ed33e521292cc
Determination: GOOD

C:\WINDOWS\system32\MPR.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: D:\Claudio\programmi\Spyware Terminator\SpywareTerminatorShield.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\sp_rsser.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
PX5: 4E92FBCC002BB291EAE5000F10C15F00A1E7AD21
MD5: 7013fc08075eef2d881d55f898f2d402
Determination: GOOD

C:\WINDOWS\system32\msv1_0.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Authentication Packages msv1_0 C:\WINDOWS\system32\gebya.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Security Packages kerberos msv1_0 schannel wdigest
PX5: 7DDBB66E00F27A20FA0D01B81C65BB005752F1B9
MD5: affa7a2ecb1476f29641c90524f63e2e
Determination: GOOD

C:\WINDOWS\system32\iphlpapi.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 811D12860031DBC676BC0192323E8B00C52133AD
MD5: 494eb23ef42602f1622d515960a98074
Determination: GOOD

C:\WINDOWS\system32\SAMLIB.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 6D3509C200E203F6FAF00078D7EA35003D8429D0
MD5: f16c9cdb4a47969b1cf48e0620f6e217
Determination: GOOD

C:\WINDOWS\system32\cscui.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{C631DF4C-088F-4156-B058-4375F0853CD8}\DllName %SystemRoot%\System32\cscui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{750fdf0e-2a26-11d1-a3ea-080036587f03} Offline Files Menu
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{10CFC467-4392-11d2-8DB4-00C04FA31A66} Offline Files Folder Options
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E} Cartella file non in linea
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Offline Files\(default) {750fdf0e-2a26-11d1-a3ea-080036587f03}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\Offline Files\(default) {750fdf0e-2a26-11d1-a3ea-080036587f03}
PX5: 8E7CD5F4006500C1188E05B6248B9200BAF8CA73
MD5: 53e5ab61ddcc0f057182bc1b5513b744
Determination: GOOD

C:\WINDOWS\system32\xpsp2res.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: D:\download firefox\avg75free_428a818\avgupsvc.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\bin\btwdins.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\MSN Messenger\usnsvc.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: DD9EAB9A00D5F12036192D6118710400ADB6810C
MD5: 0e8e6901c637095ec3b483475e39731e
Determination: GOOD

C:\WINDOWS\system32\wdmaud.drv
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\midi wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\wave wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\midi1 wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\mixer wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\wave1 wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\midi2 wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\mixer1 wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\wave2 wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\midi3 wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\mixer2 wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\aux wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Userinstallable.drivers\midi wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Userinstallable.drivers\wave wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Userinstallable.drivers\wave1 wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Userinstallable.drivers\wave2 wdmaud.drv
PX5: E19B13CB00CFB9ED5C250033B033BB00A27F216F
MD5: 6deb9059000c34770192b78d85f6d387
Determination: GOOD

C:\WINDOWS\system32\NTMARTA.DLL
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 1D452FC300F103CCD4AF019C0B4A1000D0C05759
MD5: 3c1b1065c5bfca5190e7fa7efcb11b59
Determination: GOOD

C:\WINDOWS\system32\WLDAP32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: D:\download firefox\spia\aawservice.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 9E81915C002CE532A4010226E6EC3100C992DBA0
MD5: a340dec6229f08d8b9644f2be00100fc
Determination: GOOD

C:\WINDOWS\system32\msacm32.drv
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP\wavemapper msacm32.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\wavemapper msacm32.drv
PX5: F8EB7CDA00A2596F522700876A3BC9005F29A42B
MD5: 05e84eead6b27c958621a4e6d33859d1
Determination: GOOD

C:\WINDOWS\system32\MSACM32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: CD32AC5300D4DB3A183401A597817D009B477A6B
MD5: b088085d01b3e80e2be0e9cd1838ba9b
Determination: GOOD

C:\WINDOWS\system32\midimap.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP\midimapper midimap.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\midimapper midimap.dll
PX5: 8C299C3E002D88084A0000F598A51000C8C9681D
MD5: eaaa11be5c162266e698f7658bd8a1da
Determination: GOOD

C:\WINDOWS\system32\COMRes.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: D:\download firefox\avg75free_428a818\avgupsvc.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\MSN Messenger\usnsvc.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: D3FD3AB2006F991AE8A30C7CE8FD780095D6A640
MD5: b979bbba74f4f5db69c3a5dfdc52828c
Determination: GOOD

C:\WINDOWS\system32\OLEAUT32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: D:\download firefox\spia\aawservice.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\VIA\RAID\raid_tool.exe
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Browser Mouse\mouse32a.exe
Loaded into: C:\Programmi\Multimedia Keyboard\KbdAp32A.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\VisualTooltip22\VisualToolTip.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\SpywareTerminatorShield.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: D:\download firefox\avg75free_428a818\avgupsvc.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\bin\btwdins.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\sp_rsser.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\MSN Messenger\usnsvc.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: B8AC5953001510F87226084B320E2F00FADEC04D
MD5: 6be31dd27f035ae0aff3fa764ddc8b4b
Determination: GOOD

C:\WINDOWS\system32\CLBCATQ.DLL
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: D:\download firefox\avg75free_428a818\avgupsvc.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\MSN Messenger\usnsvc.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 7768E3ED00658AB9A66507AEECA75E0031A45A6F
MD5: 0189390cdbbfa0649898486ef5af4130
Determination: GOOD

C:\WINDOWS\system32\wbem\wbemprox.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
PX5: 118AA1B200D76A754A3B0017C7664600A1463C19
MD5: cece259d273771497d2c96c8121d9c58
Determination: GOOD

C:\WINDOWS\system32\wbem\wbemcomn.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
PX5: 30B285D60040901346F3037FF72C08005C58C30E
MD5: 7db0054945c1c937553f97fa1f1eaffb
Determination: GOOD

C:\WINDOWS\system32\wbem\wbemsvc.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
PX5: 25397BDF00757EBFAAF700E3ED2B7800B9284F1B
MD5: dd3e1e96ea769c31936d9b09f9137954
Determination: GOOD

C:\WINDOWS\system32\wbem\fastprox.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
PX5: AEBA61B800E4BC9A34F5075F66FDAB005D1447F9
MD5: fc9f0b7216d087f9502ece38439ae144
Determination: GOOD

C:\WINDOWS\system32\MSVCP60.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
PX5: 2D7DD02900BE71EC5085060A796CD8005BF97344
MD5: b30c42dfa52a70037ab31a85057a5657
Determination: GOOD

C:\WINDOWS\system32\NTDSAPI.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
PX5: B049763B0042836806A701AA022FCD00F10A90B1
MD5: 6ae3588c5fea68cdfcd743af5fc95398
Determination: GOOD

C:\WINDOWS\system32\DNSAPI.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: E002A9EF00BB5FBB44CD027C35B0550058480101
MD5: 6e8ce9bb6332762f102a075a65194870
Determination: GOOD

C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Eventlog\ImagePath %SystemRoot%\system32\services.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PlugPlay\ImagePath %SystemRoot%\system32\services.exe
PX5: 55CFB3920083E585A8B8011373392400747D1070
MD5: e77f6fa2a15390f1727f4c1c55b69da6
Determination: GOOD

C:\WINDOWS\system32\SCESRV.dll
Loaded into: C:\WINDOWS\system32\services.exe
PX5: 42090831009A7DEDFC25041A41C0A6009F850DB8
MD5: e84a4bfd34f64af3a9b2e4ff45c02dca
Determination: GOOD

C:\WINDOWS\system32\umpnpmgr.dll
Loaded into: C:\WINDOWS\system32\services.exe
PX5: 26E71B8F007D3456D4BB016B5AFBC800D7F565BB
MD5: 232f47c76cd56683a1a329eccb277f83
Determination: GOOD

C:\WINDOWS\system32\NCObjAPI.DLL
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 7EA0BF3D001A18F58E38007796CD8000CD7F3FCC
MD5: 1fc06b22ba62ab448613461d06c328c9
Determination: GOOD

C:\WINDOWS\system32\ShimEng.dll
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\alg.exe
PX5: 279F162200D45347000001BBAACC850063724C8D
MD5: dc7d49e0dec335b8e14c734ab1bade66
Determination: GOOD

C:\WINDOWS\AppPatch\AcGenral.DLL
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\alg.exe
PX5: 5F6310EE002D3DBC446C1C5A826CF10048881669
MD5: 26caaee19627a49509a5faaf49e418a0
Determination: GOOD

C:\WINDOWS\system32\eventlog.dll
Loaded into: C:\WINDOWS\system32\services.exe
PX5: D2B7D57A001E9CD9DA5600E2BE4F3C00079E4466
MD5: d1caa255f33c06c8302769a86ffb905e
Determination: GOOD

C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Netlogon\ImagePath %SystemRoot%\system32\lsass.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NtLmSsp\ImagePath %SystemRoot%\system32\lsass.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PolicyAgent\ImagePath %SystemRoot%\system32\lsass.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ProtectedStorage\ImagePath %SystemRoot%\system32\lsass.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SamSs\ImagePath %SystemRoot%\system32\lsass.exe
PX5: CC1BA69F00AF6D2D3445003B3C2E0700B638080D
MD5: 0815e8da286775fa432c7c9ee5e10ba1
Determination: GOOD

C:\WINDOWS\system32\LSASRV.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: DFF408A1009F902E1A360BCBB8D0DD00224FF50F
MD5: e0c3289e36894fb2348cb748cdb37516
Determination: GOOD

C:\WINDOWS\system32\SAMSRV.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: E92EC68300CE21C68E4E06BCC0EDF6004268C49A
MD5: 12b717e63f23bdf3fd43b295542154d9
Determination: GOOD

C:\WINDOWS\system32\cryptdll.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
PX5: 81B30DAB0078862F82C6000202049600DB968CD1
MD5: 4ac54687b901091378c512a6c56f6214
Determination: GOOD

C:\WINDOWS\system32\msprivs.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: 0CA48DC3002C50B3BC750065E2B27800000C62EB
MD5: d7d64ff974b96816e1ae2c5b86de35ba
Determination: GOOD

C:\WINDOWS\system32\kerberos.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Security Packages kerberos msv1_0 schannel wdigest
PX5: 5BA16E2800984E107E90042A99DCA400E3F73FD4
MD5: ccbd78ddfbddb5531a2b36684e1a2709
Determination: GOOD

C:\WINDOWS\system32\netlogon.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService\68 netlogon.dll
PX5: 7826BE4E00B0693C362206A7BBB246000E968C98
MD5: 926bb51bb6de79dedb93e9c2b0811ccf
Determination: GOOD

C:\WINDOWS\system32\w32time.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: B0DB78E90001F969B24A022F16FE9C007D6DCCBC
MD5: 8b97d00e5c6a593ebb605ce4b8a5caa5
Determination: GOOD

C:\WINDOWS\system32\schannel.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\SecurityProviders\SecurityProviders msapsspc.dll schannel.dll digest.dll, msnsspc.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Security Packages kerberos msv1_0 schannel wdigest
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService\14 schannel.dll
PX5: 6875CD56004DB153365402E13E2E3800ECF2B58B
MD5: 8991aa4feccd0f90963aa68d120782eb
Determination: GOOD

C:\WINDOWS\system32\wdigest.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Security Packages kerberos msv1_0 schannel wdigest
PX5: F311FBD900986B6DC09400C9FE9A9C00CD8F608E
MD5: bc6964976170dc87caf151a144be586c
Determination: GOOD

C:\WINDOWS\system32\scecli.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{827D319E-6EAC-11D2-A4EA-00C04F79F83A}\DllName scecli.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}\DllName scecli.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Notification Packages scecli
PX5: C91F3DA800B1BEBADA0C02480448D00054984981
MD5: 1446eb71adf0f54980cdd7e5a812e102
Determination: GOOD

C:\WINDOWS\system32\ipsecsvc.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: B05D914900808F8FCED102E7A46D080020A33905
MD5: 24e00a2782f1fbdda55173f6a92793b4
Determination: GOOD

C:\WINDOWS\system32\oakley.DLL
Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: A4E8D0C400046CE116C204B93C6D3F0003672778
MD5: f450886f41773a5faeb25e87b758d6a8
Determination: GOOD

C:\WINDOWS\system32\WINIPSEC.DLL
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 5E3F044E00E5E84280510004471F8A00BD7E5854
MD5: 30e14d74bcd1beea96a279f78a723346
Determination: GOOD

C:\WINDOWS\system32\pstorsvc.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: DCF79E3E001DA16F86F70051A83A8600579ADC98
MD5: 24b2f25a42ba3cad1d238f2adae63f7c
Determination: GOOD

C:\WINDOWS\system32\psbase.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: E242805400420CE08090017E79023900E657FC90
MD5: 7fe963bd4bde86b5eaf5c07c6d0118c3
Determination: GOOD

C:\WINDOWS\system32\imon.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\PnkBstrA.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001\PackedCatalogItem C:\WINDOWS\system32\imon.dll .dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002\PackedCatalogItem C:\WINDOWS\system32\imon.dll .dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003\PackedCatalogItem C:\WINDOWS\system32\imon.dll .dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004\PackedCatalogItem C:\WINDOWS\system32\imon.dll .dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005\PackedCatalogItem C:\WINDOWS\system32\imon.dll .dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000023\PackedCatalogItem C:\WINDOWS\system32\imon.dll .dll
PX5: 809EC88B78E42DAC8C7404A11D43D20020DE6B5C
MD5: 17038d8ff48563a02be04086f725e757
Determination: GOOD

C:\WINDOWS\system32\WSOCK32.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: D:\download firefox\spia\aawservice.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\PnkBstrA.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 2C097C2B007169C960BA0014DCE7CC0038229E38
MD5: 3bd93201e3afa5a0660c793a4bdae773
Determination: GOOD

D:\download firefox\Nuova cartella\pr_imon.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\PnkBstrA.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 2C2B552138FD2A55CC98002DDDE82A000AA96A33
MD5: 2524949da5758ed655b79b5867600773
Determination: GOOD

C:\WINDOWS\system32\mswsock.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\PnkBstrA.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006\PackedCatalogItem %SystemRoot%\system32\mswsock.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007\PackedCatalogItem %SystemRoot%\system32\mswsock.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008\PackedCatalogItem %SystemRoot%\system32\mswsock.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011\PackedCatalogItem %SystemRoot%\system32\mswsock.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012\PackedCatalogItem %SystemRoot%\system32\mswsock.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013\PackedCatalogItem %SystemRoot%\system32\mswsock.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000014\PackedCatalogItem %SystemRoot%\system32\mswsock.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000015\PackedCatalogItem %SystemRoot%\system32\mswsock.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000016\PackedCatalogItem %SystemRoot%\system32\mswsock.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000017\PackedCatalogItem %SystemRoot%\system32\mswsock.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000018\PackedCatalogItem %SystemRoot%\system32\mswsock.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000019\PackedCatalogItem %SystemRoot%\system32\mswsock.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000020\PackedCatalogItem %SystemRoot%\system32\mswsock.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000021\PackedCatalogItem %SystemRoot%\system32\mswsock.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000022\PackedCatalogItem %SystemRoot%\system32\mswsock.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\LibraryPath %SystemRoot%\System32\mswsock.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\LibraryPath %SystemRoot%\System32\mswsock.dll
PX5: 644C52BE00A05754C6240337B7759700C1FF12E3
MD5: 337cb52af1f7cf6c0f57ec8bd14dc6d1
Determination: GOOD

C:\WINDOWS\system32\hnetcfg.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\PnkBstrA.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 2CFD58C600B6F9414A810565679BD6001F42D5DE
MD5: 250d4f4e1e27543c121378268fe07208
Determination: GOOD

C:\WINDOWS\System32\wshtcpip.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\PnkBstrA.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 522AC66D001B6D5A4E8E00D8A0AEF000528059BA
MD5: 08b3a60a4dd7fae800b552f8f8d5deb0
Determination: GOOD

C:\WINDOWS\system32\dssenh.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: 31E843BE00E2A81C18FA0265E10B6500232880A4
MD5: cacd2c63a79268d131ea37e85524cc44
Determination: GOOD

C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Ati HotKey Poller\ImagePath %SystemRoot%\system32\Ati2evxx.exe
PX5: CD5430A000CAACD3303706EF95941000409B116D
MD5: c2576358eb08ae7889d2cbb8389ffa6a
Determination: GOOD

C:\WINDOWS\system32\Ati2edxx.dll
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: D53FECE0002B7501A22100B826FA8900AD28E06C
MD5: c16ded0becba84e295aa4f9dbb9837c3
Determination: GOOD

C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Alerter\ImagePath %SystemRoot%\system32\svchost.exe -k LocalService
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\AppMgmt\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\AudioSrv\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\BITS\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Browser\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\CryptSvc\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\DcomLaunch\ImagePath %SystemRoot%\system32\svchost -k DcomLaunch
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Dhcp\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\dmserver\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Dnscache\ImagePath %SystemRoot%\system32\svchost.exe -k NetworkService
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ERSvc\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\EventSystem\ImagePath C:\WINDOWS\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\FastUserSwitchingCompatibility\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\helpsvc\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\HidServ\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\HTTPFilter\ImagePath %SystemRoot%\System32\svchost.exe -k HTTPFilter
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\lanmanserver\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\lanmanworkstation\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\LmHosts\ImagePath %SystemRoot%\system32\svchost.exe -k LocalService
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Messenger\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Netman\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Nla\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NtmsSvc\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RasAuto\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RasMan\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RemoteAccess\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RemoteRegistry\ImagePath %SystemRoot%\system32\svchost.exe -k LocalService
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RpcSs\ImagePath %SystemRoot%\system32\svchost -k rpcss
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Schedule\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\seclogon\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SENS\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SharedAccess\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ShellHWDetection\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\srservice\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SSDPSRV\ImagePath %SystemRoot%\system32\svchost.exe -k LocalService
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\stisvc\ImagePath %SystemRoot%\system32\svchost.exe -k imgsvc
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\TapiSrv\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\TermService\ImagePath %SystemRoot%\System32\svchost -k DComLaunch
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Themes\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\TrkWks\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\upnphost\ImagePath %SystemRoot%\system32\svchost.exe -k LocalService
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\usprserv\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\W32Time\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\WebClient\ImagePath %SystemRoot%\system32\svchost.exe -k LocalService
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\winmgmt\ImagePath %systemroot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\WmdmPmSN\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Wmi\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\wscsvc\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\wuauserv\ImagePath %systemroot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\WZCSVC\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\xmlprov\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
PX5: 41467A9700616549387D0095555BE300B7CBF228
MD5: 73955b04f209d8a1c633867841267a96
Determination: GOOD

c:\windows\system32\rpcss.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RpcSs\ImagePath %SystemRoot%\system32\svchost -k rpcss
PX5: D10B46960010CCB40A5406A32381BD005F5BEA56
MD5: 0c015ab735a4624c44cb5696e9208c4c
Determination: GOOD

c:\windows\system32\termsrv.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 15A4D5880058E23888C304BFF814830042F0D520
MD5: c06cd1890279603e15020757e02de56b
Determination: GOOD

c:\windows\system32\ICAAPI.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: BB3E4FC6005CCAE92CC10044E2AB07008B832EBD
MD5: 66da850192b87548374fe13f38a2a265
Determination: GOOD

c:\windows\system32\mstlsapi.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: F3CF001500470019C4F901369ADAFD00DF876B1F
MD5: 9e54d8528f9b4324ed20cfcdf3be6a76
Determination: GOOD

c:\windows\system32\ACTIVEDS.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: EFB02947002647C8F6250205FD9612006E9558F5
MD5: 25e4e36ced6b15df8d8c10460be834a2
Determination: GOOD

c:\windows\system32\adsldpc.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 6D8B11FE00EF99F53026027F152EC40097EA0ACA
MD5: 15ce221ace929705ba7e4346d74e8a06
Determination: GOOD

c:\windows\system32\ATL.DLL
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
PX5: 90FBA32A008A4DC9E6A3004879775D009B9241D5
MD5: 32bd4cc64449ea2549be4a8efc54f4de
Determination: GOOD

C:\WINDOWS\system32\msi.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
PX5: E61CB2B900732EA71A202C11C29E1400D1F80F7A
MD5: 1cbc000ecd2de2e6fd2b19bc9aabcc52
Determination: GOOD

C:\WINDOWS\System32\winrnr.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\LibraryPath %SystemRoot%\System32\winrnr.dll
PX5: DD7C6D7B00A7C2A842AB003098E8920063CE769A
MD5: bb78454c44a5b0f97295a6d66b217d65
Determination: GOOD

C:\WINDOWS\system32\rasadhlp.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: C442A786008A10AC207B003B3C2E0700E2EB90DB
MD5: 057393dff71e294edf6db3ad2a0cd0de
Determination: GOOD

c:\windows\system32\dhcpcsvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: F53436F60068CE64B23A01BCB3126A00C328DCF2
MD5: 3d6f9b5c5c396bfbc14dc565ce624cef
Determination: GOOD

c:\windows\system32\wzcsvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 3DF4750600996C8B7E470562CED514005814EDBA
MD5: 312913174d070ed81e9d78da7b648774
Determination: GOOD

c:\windows\system32\rtutils.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: BF0F14BA00130FA5ACFA00D907EAE70083958E2B
MD5: 204a7d354683a49c37505be1646c5d43
Determination: GOOD

c:\windows\system32\WMI.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 781B3D7300C600C41695006A26ACBD006AA9CB45
MD5: 7f9fd6e98cf1898f94d4a6246d4d639e
Determination: GOOD

c:\windows\system32\ESENT.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 2D3CBE9900CA56E1AA3A1013ABD8CF0050E8E49A
MD5: cf52cd81a61e6deff93ca40bba955f30
Determination: GOOD

C:\WINDOWS\System32\rastls.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: F64AC68A00F37A69B87E01DB8E696800CC9225D9
MD5: f90a2f77cb88f8201a3ad783d7edb19c
Determination: GOOD

C:\WINDOWS\system32\CRYPTUI.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
PX5: 5142AFD100A220AEFE57076D08D9310067F36935
MD5: 502a30e1a880124d7f71667e75be9688
Determination: GOOD

C:\WINDOWS\system32\WININET.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: D:\download firefox\spia\aawservice.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 8F9E6FFA00F645FE0E950A17A1595B00D082E203
MD5: 27966534a0820cd3bd988bd1517c8ff2
Determination: GOOD

C:\WINDOWS\System32\MPRAPI.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: F40536E000846CE4547B017CD7ABC100D153D57A
MD5: b61978022a65fac95b8e3817d5029870
Determination: GOOD

C:\WINDOWS\System32\RASAPI32.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
PX5: 7E18516500FFE5CC9C5B03564D831C0011FCFEEB
MD5: 7ece54a6785e6a07ed02018a32b246e6
Determination: GOOD

C:\WINDOWS\System32\rasman.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 7F1D9BFF002D89D3F04E005C98AFF900ECE9EEA3
MD5: 79d87679f6f13f7f18062c39a3c5b38a
Determination: GOOD

C:\WINDOWS\System32\TAPI32.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: ECB3A62200F5E5E3C61D0271F9934A0018AE4A00
MD5: 9b53ce123c15e95de40592cfecec5a09
Determination: GOOD

C:\WINDOWS\System32\raschap.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 6CBEE3D600A4FEB310F101DE8C083F003D6F721F
MD5: d7de6cd7a5f84909b12b7dbd7d93811d
Determination: GOOD

c:\windows\system32\schedsvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 5DDC4A3800A53317F204023D51875A00711FF5B5
MD5: 546254d4769e165cdc3388d74b201fcb
Determination: GOOD

C:\WINDOWS\System32\MSIDLE.DLL
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 892E25230047BFE41A2700448F955F00DB3FDA3D
MD5: 3dc13080f28f80ed5d31e20e226536a5
Determination: GOOD

c:\windows\system32\audiosrv.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 97A7792B000122A1A6A80092373D18006EB85382
MD5: 15ee9eff206daa73b9642fcd51a69bb1
Determination: GOOD

c:\windows\system32\wkssvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 7EE71DE000CB8C06046102E707BEAD00EAB7A0DE
MD5: b96429b547c29cfe65e0a31c53f4bb06
Determination: GOOD

c:\windows\system32\dmserver.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: FABFF932000B9F155E610037E22ABC006B953D35
MD5: 499fff7bca07009a23447776286f0510
Determination: GOOD

c:\windows\system32\cryptsvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 4924777000FF363CECB300E8D69F7300112A6AF8
MD5: e0cc838265401128097d182fb583889a
Determination: GOOD

c:\windows\system32\certcli.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 925C7DF9003B9C1200C5031520AB850028BB5515
MD5: 5f24a58d40870f8fe6cf7e15e73de146
Determination: GOOD

c:\windows\system32\es.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
PX5: 8CFC4C9B007672F5B6D00383EE01A300F1E4D975
MD5: 16a4de76313dd3abf7635565baaf1512
Determination: GOOD

c:\windows\system32\hidserv.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 96C7C37F003251D454A000B31B11EF0040F22E18
MD5: 3c924c33de25e8f01eeb3c6b8030e7bd
Determination: GOOD

c:\windows\system32\HID.DLL
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Belkin\Software Bluetooth\bin\btwdins.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
PX5: 551CD37300F70F6C527C0010EC920400B756D4FA
MD5: 3b4e115a33a2bff0d74792d572f448dd
Determination: GOOD

c:\windows\pchealth\helpctr\binaries\pchsvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 5BE772A20028818F98B300E973AA5500998EE021
MD5: 03a7a19834e2a63c445b3ac5e73aab50
Determination: GOOD

c:\windows\system32\ersvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 1075AE7B006257925A3B00E01F4D2400B15FB39E
MD5: ff547b3876b6e652431412345fb8ee11
Determination: GOOD

c:\windows\system32\srvsvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 04962F40002073267A0D01D01873E300127D7D3E
MD5: 82a782a17aaf3ad92811f5023a94181f
Determination: GOOD

c:\windows\system32\netman.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 6E6B756F00C9FE25063E03CE96E58100C196B9F3
MD5: 4ad6f202266a25bc0cc1dce2a3d91563
Determination: GOOD

c:\windows\system32\netshell.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7007ACC7-3202-11D1-AAD2-00805FC1270E} Connessioni di rete
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{992CFFA0-F557-101A-88EC-00DD010CCC48} Connessioni di rete
PX5: F7F9A56A007CF701368C1AE01A3E1600E0C02A68
MD5: 4cc28de5620ace4f613b42a4f836dede
Determination: GOOD

c:\windows\system32\credui.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Messenger\msmsgs.exe
PX5: E886FD9F0056D4F18254029213832F003DEFF647
MD5: 2d68af44b169d033545fa501b9ff4f30
Determination: GOOD

c:\windows\system32\WZCSAPI.DLL
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: EBF8733200CD9B7CCA4C0051E7642A0024707F2E
MD5: 28cddfdf8c30d886284f3549c4a8e284
Determination: GOOD

c:\windows\system32\seclogon.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 5B80E36F00AA396B4A8300B7E7951D00D7AA4B2D
MD5: 241d074dab2a67d2d7616ce7c8b05650
Determination: GOOD

c:\windows\system32\sens.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 00AF89660086F69E989700E590F03600F597A8F5
MD5: 688be760c858e347a4e23186b725c86b
Determination: GOOD

C:\WINDOWS\system32\upnp.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 5CC09E6000F77B62063F026310FD670014E0CF2C
MD5: 7e7491c2cf7a0781c0004d2c5be71bc4
Determination: GOOD

C:\WINDOWS\system32\WINHTTP.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
PX5: 8A8FE9C3008B23F25C3905D494C02C00D181B661
MD5: 5b4ec6c0fbacc85430ce3d6ae8563a0d
Determination: GOOD

C:\WINDOWS\system32\SSDPAPI.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: B458C80C0094BE55886700FEA91CE300F0D01D10
MD5: 4ea31d2858780ddb446a9dc9b2d23c3d
Determination: GOOD

c:\windows\system32\srsvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: F652BD0100BA7CC29C6202A16DDB5500C590261B
MD5: ba4e8ac9a60c4527c969d08f3abe9d36
Determination: GOOD

c:\windows\system32\POWRPROF.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 31AB7E9C00B2127E4485007208C03300950D28C1
MD5: 41ff9d663219a1dd0397fe2c5b09436c
Determination: GOOD

c:\windows\system32\trkwks.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 906F8E37007C9B5A621D011F493B83005C29CC43
MD5: 6c7f265bd43a1d85103ec5cb1251d2b6
Determination: GOOD

c:\windows\system32\wbem\wmisvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: CEF9F3BC00C6E32738BF0260919AD800E787713F
MD5: a91acdd987dc3e0e1fcedda6f1ffef2a
Determination: GOOD

C:\WINDOWS\system32\VSSAPI.DLL
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: FAEC6BFB002AF8059230067AACCA280087EB5B02
MD5: b590f13f17409970a6994473eb98ef74
Determination: GOOD

c:\windows\system32\wuauserv.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 0799809A00702BD41AB400068A66AC0043C84727
MD5: 4cbb7cc975e5b67022a7f95dfc6ef9ec
Determination: GOOD

c:\windows\system32\browser.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 9CDD0A4F005D0D9D2E6201C807EC76000E0D1CE8
MD5: 72fbf0322be8a0f25ae722fde36ab1e6
Determination: GOOD

C:\WINDOWS\system32\wuaueng.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 21C8E5CB00C120B550EE11BB119AD3007D3D2035
MD5: ffdc783bd3fb57b38b34c20a51af2a20
Determination: GOOD

C:\WINDOWS\System32\ADVPACK.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
PX5: 40DE446000D9DEB58E9C01A9A95DBB0000B29576
MD5: 486a0d63381b08d5a41f44e58fe3b4e4
Determination: GOOD

C:\WINDOWS\System32\SHFOLDER.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\SpywareTerminatorShield.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\sp_rsser.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 209DE55C009ABDE8627700E93AF07200F7058D40
MD5: 8b205eb92b49d10055427365065357e8
Determination: GOOD

C:\WINDOWS\System32\Cabinet.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 60605FEC005AB19AEA050033F1225300422702FD
MD5: 4d7708fd334c23e17400ca8327ce3d11
Determination: GOOD

C:\WINDOWS\System32\mspatcha.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 192CF4F3003C31E4769D0029DA080500F7D037E4
MD5: a434e5666a953f6a0406cc99b8b8c6a0
Determination: GOOD

C:\WINDOWS\System32\Wbem\wbemcore.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: D34E2BC3004DE1451AED08DF0B2B620026599912
MD5: 2e9b41fdd71fddd9d596cf3fdf0a1fdd
Determination: GOOD

C:\WINDOWS\System32\Wbem\esscli.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: DE687FC600BAAC77C8B4030B6F14AB0094AE7226
MD5: 20938c6d287b27ab3f1fde53ff3507de
Determination: GOOD

C:\WINDOWS\system32\comsvcs.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 6F57383100059B5E1A78136E055F2B009076402A
MD5: fc898b99db05094df3f0942dfb39ba79
Determination: GOOD

C:\WINDOWS\system32\MTXCLU.DLL
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 01D9FA2C00EC336504830130CDB57B0066308F3E
MD5: 0607fbfb19d8de4726f4188563dd0519
Determination: GOOD

C:\WINDOWS\system32\colbact.DLL
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 19B6371D00577611F4E200972AE21300251E5074
MD5: c5eb8e303fffc951b9d338f601cb2a28
Determination: GOOD

C:\WINDOWS\System32\CLUSAPI.DLL
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: F4F4A6AD001EC8C1E2C500B4FE61840054C0DDE3
MD5: c3b4cfba8936d0af25d5391f53f2da91
Determination: GOOD

C:\WINDOWS\System32\RESUTILS.DLL
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 6DFA47A500DAF26FE68800D61F5B31009BB0B65D
MD5: cad4191048f595a794e14cee31db06fd
Determination: GOOD

c:\windows\system32\ipnathlp.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\AUTODHCP\DllName ipnathlp.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\DNSPROXY\DllName ipnathlp.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\FTP\DllName ipnathlp.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\H323\DllName ipnathlp.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\IPNAT\DllName ipnathlp.dll
PX5: 89882A6E0030CF0B12CE052A40AAE5009F9198F9
MD5: 1da364fa673e18bc1de8f5cdf3657dbd
Determination: GOOD

c:\windows\system32\wscsvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: B11BC224000C550D3E4B01F1618F6300676DF706
MD5: 17f70f4e37452a30c35565052ab68be9
Determination: GOOD

C:\WINDOWS\system32\wbem\wmiutils.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 0BDBA5A5000A6748803F0102F9279500D2C1C9B2
MD5: bc664c7546ef5c1a5712e7b48af24741
Determination: GOOD

C:\WINDOWS\system32\wbem\repdrvfs.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: DAAC922100087395B4C8026D60ACD300B870E129
MD5: 41b4ed9f8d444ce09b6a1fe76ae22040
Determination: GOOD

C:\WINDOWS\system32\wbem\wmiprvsd.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: DCBBBE7700F574BEAC5B06A359C30800D52199FA
MD5: d110a8cde08cc1d346814c814d32f2ed
Determination: GOOD

C:\WINDOWS\system32\wbem\wbemess.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 57BC20470030CEBC2E7C0420B5413100E2A61178
MD5: 1c4c78b5943ae143513dd1522e14926a
Determination: GOOD

C:\WINDOWS\system32\wbem\ncprov.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 28C2B58B00AC779DB8320092176FE400CB94678D
MD5: 1b8923492b022438764dcf6bd8b0efa9
Determination: GOOD

C:\WINDOWS\system32\netcfgx.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 4F8DF8B4009990EE9C82091CBF6CD600CD59067D
MD5: ab06350510c1f68c7202703480f6ff17
Determination: GOOD

C:\WINDOWS\System32\RASDLG.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 289AD96400BB9C934C7F0AD56A0D5500E683D618
MD5: d52a1298d47fa8652b30451855265f94
Determination: GOOD

C:\WINDOWS\System32\rasmans.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: B74DD77D0086DE32A83C0202492A5E005A986AC3
MD5: ede7d761426cc2afff20a3a460f9c85e
Determination: GOOD

c:\windows\system32\tapisrv.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: D241AAE200E9E6AEC21203236372D7003EB38FD6
MD5: 2f8cba2d2a332eb5d2a7dc084e3b30b3
Determination: GOOD

C:\WINDOWS\System32\rastapi.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 699D459D008C3BC6E634009735DEBF004B936485
MD5: f4de764732e8f6028bb18aadd4912317
Determination: GOOD

C:\WINDOWS\System32\unimdm.tsp
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: BFCEE8FF0036A1F42CB803103A63E10078271DF9
MD5: 12c9c630fd867446d8b846c28454a45f
Determination: GOOD

C:\WINDOWS\System32\uniplat.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: D4A3FA58003A460436E500FC8F082200CAF4CCCF
MD5: 8bc01cbcdc4345a7367f2edcbaa4a07f
Determination: GOOD

C:\WINDOWS\System32\kmddsp.tsp
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: C200FF390086F832824F0082C924C70039E73BB5
MD5: 516447bbb1a13f72e98989580eeaeb36
Determination: GOOD

C:\WINDOWS\System32\ndptsp.tsp
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 9787C23000D76D69E07F0030C6CACA005BA7ED34
MD5: ff5cbcadd5833b484c773f7df16f13bf
Determination: GOOD

C:\WINDOWS\System32\ipconf.tsp
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: BB9887B4006414FA44B900C28BC43200412916D4
MD5: 4e2f02e1ba55160806ad42fee296f8b2
Determination: GOOD

C:\WINDOWS\System32\h323.tsp
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 72FD790F00B8268510FF046EA54C6E0080B1B5D1
MD5: ea96018804feb47c384efdb3d07e7eb9
Determination: GOOD

C:\WINDOWS\System32\hidphone.tsp
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 578102E800C1441976DD00BD8619300083827C0B
MD5: ea5c2c1f5f74a5660fb0f72e63861030
Determination: GOOD

C:\WINDOWS\System32\rasppp.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 69B8011C006A35C426B80310309570000552A536
MD5: 4a48edcab3b97997055ac533cafdb501
Determination: GOOD

C:\WINDOWS\System32\ntlsapi.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 182944C0006C52E520B8003B3C2E0700820D2E78
MD5: 8ed1589d9a626027e4faf24c149860e6
Determination: GOOD

C:\WINDOWS\System32\NETRAP.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: B3940B1900334CEB30F300847BE9340024D302E6
MD5: e7fc69c00bebc04daef86071822b2b89
Determination: GOOD

C:\WINDOWS\system32\wbem\wbemcons.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: FEC4B3B500CE633918000143FDB47200CD210469
MD5: 89a935a5cb3fe6d25bb87de3370e6b5e
Determination: GOOD

c:\windows\system32\dnsrslvr.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 3AB739DC00686EC6B26F00A3B54A4300F767B865
MD5: 1a4ccb390093d1a6f0eec063f44aff31
Determination: GOOD

c:\windows\system32\lmhsvc.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 050B19680015AAE33629000A173BF5000631D061
MD5: 6e008b7eb9b67d555b5ee1c1091f3a7e
Determination: GOOD

c:\windows\system32\webclnt.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: DB971DA600E5CDC008BA01FF1B98B500F9F1371D
MD5: eba8dea9e279a9a50b608bff3cbc2cde
Determination: GOOD

C:\WINDOWS\system32\urlmon.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
PX5: 4A82D0640009D6FB307B0995BA5D61003FB7F7BB
MD5: 193ee4259ef6c5a9d641cec0944581d7
Determination: GOOD

c:\windows\system32\regsvc.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 0038ECD50092146CEAE600DC41696F006EFFA138
MD5: 78fbe7da29307ede7ed0e33f1c4969bc
Determination: GOOD

c:\windows\system32\ssdpsrv.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: EFEEB4A70072CCE218E201A90823060000AE77FB
MD5: 1fbf38a525eedd7402bfa7e27236a64f
Determination: GOOD

D:\download firefox\spia\aawservice.exe
Loaded into: D:\download firefox\spia\aawservice.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\aawservice\ImagePath "D:\download firefox\spia\aawservice.exe"
PX5: AF411CD55876B80DF55108F535234300A8CED3FC
MD5: 25f8546fd40e40ec5a2a23aecae4fdca
Determination: GOOD

D:\download firefox\spia\CEAPI.dll
Loaded into: D:\download firefox\spia\aawservice.exe
PX5: B9A9A350683F4CC015C40B004D1B0100CE760A0A
MD5: c0f9af85dca4255230cac674319664f9
Determination: GOOD

D:\download firefox\spia\PKArchive84cb.dll
Loaded into: D:\download firefox\spia\aawservice.exe
PX5: EAE5B01648BD2BEBB736099BCB24C600CD615AD8
MD5: 38f44d249b3980ce4e49bf96b0070fa9
Determination: GOOD

D:\download firefox\spia\Update.dll
Loaded into: D:\download firefox\spia\aawservice.exe
PX5: 37445B8260863790053A08EE7CC64800F452D75D
MD5: b824fe787de262a9f003f3ca8efc079d
Determination: GOOD

C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Spooler\ImagePath %SystemRoot%\system32\spoolsv.exe
PX5: 703F3D90006B0DE3E2430049B8FF4400BD40056F
MD5: 216f8454a9415dd3e451b169dc3121c4
Determination: GOOD

C:\WINDOWS\system32\SPOOLSS.DLL
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: EEC4C153008FC3AA248101F4B2E71800601A2E7A
MD5: dd90c59ef82d6cde5886b595ca8d8d8a
Determination: GOOD

C:\WINDOWS\system32\localspl.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 4416D740002AA3683E4E05C1EF102900643A9BD8
MD5: d5882abf5f3652acbf36c882ea4dc9a8
Determination: GOOD

C:\WINDOWS\system32\cnbjmon.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: ADFEA2D500C13C76C238009F710B75002AA8B844
MD5: a2660003f73982579ebfef1f6c2f6234
Determination: GOOD

C:\WINDOWS\system32\HpTcpMon.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: B1D622C900408E1260AB02FED4DEE40026EA1C0D
MD5: e0b83adfb16d794a0d207fe119d03182
Determination: GOOD

C:\WINDOWS\system32\hpzjrd01.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 22B03BD0005050CA20D8020358543600B1E77644
MD5: b85ec14c7a5f7b2c8d70d4443486dd77
Determination: GOOD

C:\WINDOWS\system32\HPTcpMUI.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 4FED52E100E4E2652091034DC29D31009D9FB2B2
MD5: 7c66b6c8ac455cea4e86023c963dd4cf
Determination: GOOD

C:\WINDOWS\system32\hptcpmib.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 4B31A32C00C6D077206601F903996D00A5BA30BC
MD5: 36247c6d5e1fe03a56ee81bb99d7e68c
Determination: GOOD

C:\WINDOWS\system32\mgmtapi.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: FA42D8A80080183C3A760069490DB000498EF2D5
MD5: ed72e24e26a3593b7f1d15ba2b9576d1
Determination: GOOD

C:\WINDOWS\system32\snmpapi.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 3C1E6DCB00F469604AC400D41294270018B9F42E
MD5: 4c5db6bcdd95c6cdae11a775d428fced
Determination: GOOD

C:\WINDOWS\system32\wsnmp32.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: DCF100F400C1FA92A6C0006EC31E10006A687480
MD5: 73df735ecc9ff9f511a1b5e5b825c0c4
Determination: GOOD

C:\WINDOWS\system32\hpz3l3xu.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 1A34EA4F0050795E924100C41CDC8D00F897B0CD
MD5: 6387029fe990dd5bdcd647d538c7181d
Determination: GOOD

C:\WINDOWS\system32\pjlmon.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 84CFC62400E584133C01005DDEFEF70074DE7C99
MD5: bbd335eeabda429e2a4a401ae977accc
Determination: GOOD

C:\WINDOWS\system32\bthcrp.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 664503BE00C8F6BBA0F701367A75C1002F53C6BE
MD5: b8375ca98c6042a2e0d57a72a2999c8a
Determination: GOOD

C:\WINDOWS\system32\WidcommSdk.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 3459DCD80086EC868006082771FB950004742BF1
MD5: 7626c75bde157b574067696e6f347954
Determination: GOOD

C:\WINDOWS\system32\wbtapi.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
PX5: D39778AB3D42C9FFA07008B59288DD00AC1D706A
MD5: eec0cf8b84c2728d1ebd4a20c3bc5ba8
Determination: GOOD

C:\WINDOWS\system32\MFC42.DLL
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
PX5: FD5A337B00529124B0D80F421E82790041341A00
MD5: 0ddd564836a87ea1c3232b48ff0e221c
Determination: GOOD

C:\WINDOWS\system32\MFC42LOC.DLL
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
PX5: 50EC1EAC0042F609E0B8000596D265006CAB3F5E
MD5: 4e03135c6b43689649293d6ca6c73dd0
Determination: GOOD

C:\WINDOWS\system32\tcpmon.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 4DB1307F00B38383B4DE0091A261F900D73B20B9
MD5: 1417745d9156eed7c8b871a3f8a8f56d
Determination: GOOD

C:\WINDOWS\system32\usbmon.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 355B55CF00434C1C429F0037D7A64900612AB6C2
MD5: 1ae1cda7f68b0a8603a3117ae5f00b03
Determination: GOOD

C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp3xu.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 84353471008E3B1706F7018B86665E0091BD47AA
MD5: a968427816355591877a449bd83951da
Determination: GOOD

C:\WINDOWS\System32\spool\PRTPROCS\W32X86\filterpipelineprintproc.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 44D7D7AD00E61C0C6C6F003DD9D6C0009975C7EC
MD5: d5c9dc605e1acb57bf37be3e9890b936
Determination: GOOD

C:\WINDOWS\system32\win32spl.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 3EE5A7330005B84D903F019D6D465800D7DE2821
MD5: 660e56bc8c253b5b47dcc6560ccd62da
Determination: GOOD

C:\WINDOWS\system32\inetpp.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 84746D7B00F17DE826600104529E590058DFB441
MD5: be4ff5fbbc55dc3c2445377c50497f1f
Determination: GOOD

C:\Programmi\File comuni\Stardock\SDMCP.exe
Loaded into: C:\Programmi\File comuni\Stardock\SDMCP.exe
PX5: D64C975F0052EAE6B0EC03CB00B14100F7CD4BC5
MD5: a6ea07a7d47c733d22b3f0dd6c393012
Determination: GOOD

C:\WINDOWS\system32\MSIMG32.dll
Loaded into: C:\Programmi\File comuni\Stardock\SDMCP.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: CB413D4600B070AF127100D0C427CA00FD59EFF9
MD5: 51f309aa675b5b77d19c573b7e0bb253
Determination: GOOD

D:\Claudio\programmi\personalizzazione xp\VisualTooltip22\VisualTooltip.dll
Loaded into: C:\Programmi\File comuni\Stardock\SDMCP.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\VIA\RAID\raid_tool.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Browser Mouse\mouse32a.exe
Loaded into: C:\Programmi\Multimedia Keyboard\KbdAp32A.exe
Loaded into: C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\VisualTooltip22\VisualToolTip.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\SpywareTerminatorShield.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: D:\Claudio\programmi\Rolltab\WinRoll\winroll.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\mouse\cursorxp\CursorXP.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 9CB2812900A5E29F9281006A1690F300ED939657
MD5: 7e38794e8475edbae98021eac4dbf5ea
Determination: GOOD

C:\WINDOWS\system32\MSCTF.dll
Loaded into: C:\Programmi\File comuni\Stardock\SDMCP.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\VIA\RAID\raid_tool.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Browser Mouse\mouse32a.exe
Loaded into: C:\Programmi\Multimedia Keyboard\KbdAp32A.exe
Loaded into: C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\VisualTooltip22\VisualToolTip.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\SpywareTerminatorShield.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: D:\Claudio\programmi\Rolltab\WinRoll\winroll.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\mouse\cursorxp\CursorXP.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 64563C73008EB95E7EDD046B94EDCE00A3D588EB
MD5: 5d2f1beea828b4951f550bade794c1ef
Determination: GOOD

D:\Claudio\programmi\Rolltab\WinRoll\winroll.dll
Loaded into: C:\Programmi\File comuni\Stardock\SDMCP.exe
Loaded into: C:\WINDOWS\system32\Ati2evxx.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\VIA\RAID\raid_tool.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Browser Mouse\mouse32a.exe
Loaded into: C:\Programmi\Multimedia Keyboard\KbdAp32A.exe
Loaded into: C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\VisualTooltip22\VisualToolTip.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\SpywareTerminatorShield.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: D:\Claudio\programmi\Rolltab\WinRoll\winroll.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\mouse\cursorxp\CursorXP.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: E1A3BC4A0073257322A5003B3C2E0700D1A4AB37
MD5: 0391a674201cdac77a3f689c85816b82
Determination: GOOD

C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell Explorer.exe
PX5: 808EA479005E1672CAB70FD05C1DC9002A5B0A82
MD5: 178d42bd8fc34a9837417a6ce1d6bb7b
Determination: GOOD

C:\WINDOWS\system32\BROWSEUI.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5E6AB780-7743-11CF-A12B-00AA004AE837} Barra degli strumenti Microsoft Internet
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{22BF0C20-6DA7-11D0-B373-00A0C9034938} Stato del download
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{91EA3F8B-C99B-11d0-9815-00C04FD91972} Shell Folder accresciuto
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6413BA2C-B461-11d1-A18A-080036B11A03} Shell Folder 2 accresciuto
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F61FFEC1-754F-11d0-80CA-00AA005B4383} BandProxy
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7BA4C742-9E81-11CF-99D3-00AA004AE837} Microsoft BrowserBand
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{30D02401-6A81-11d0-8274-00C04FD5AE38} SearchBand
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{169A0691-8DF9-11d1-A1C4-00C04FD75D13} Ricerca all'interno
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{07798131-AF23-11d1-9111-00A0C98BA67D} Ricerca Web
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{AF4F6510-F982-11d0-8595-00AA004CD6D8} Utilit. opzioni della struttura del Registro di sistema
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{01E04581-4EEE-11d0-BFE9-00AA005B4383} &Indirizzo
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A08C11D2-A228-11d0-825B-00AA005B4383} Address EditBox
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{00BB2763-6A77-11D0-A535-00C04FD7D062} Completamento automatico Microsoft
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7376D660-C583-11d0-A3A5-00C04FD706EC} TridentImageExtractor
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6756A641-DE71-11d0-831B-00AA005B4383} Elenco di Completamento automatico MRU
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A} Elenco di Completamento automatico MRU personalizzato
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7e653215-fa25-46bd-a339-34a2790f3cb7} Accessibile
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{acf35015-526e-4230-9596-becbe19f0ac9} Indicatore di avanzamento popup
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{00BB2764-6A77-11D0-A535-00C04FD7D062} Elenco di Completamento automatico della Cronologia di Microsoft
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{03C036F1-A186-11D0-824A-00AA005B4383} Elenco di Completamento automatico di Shell Folder di Microsoft
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{00BB2765-6A77-11D0-A535-00C04FD7D062} Contenitore dell'elenco di Completamento automatico multiplo Microsoft
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ECD4FC4E-521C-11D0-B792-00A0C90312E1} Shell Band Site Menu
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3CCF8A41-5C85-11d0-9796-00AA00B90ADF} Shell DeskBarApp
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ECD4FC4C-521C-11D0-B792-00A0C90312E1} Shell DeskBar
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ECD4FC4D-521C-11D0-B792-00A0C90312E1} Shell Rebar BandSite
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{DD313E04-FEFF-11d1-8ECD-0000F87A470C} Assistenza utente
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} Impostazioni cartella globale
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{438755C2-A8BA-11D1-B96B-00A0C90312E1} Precaricatore Browseui
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{8C7461EF-2B13-11d2-BE35-3078302C2030} Daemon di cache delle categorie di componenti
Loaded from: \REGISTRY\User\S-1-5-21-1957994488-813497703-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{01E04581-4EEE-11D0-BFE9-00AA005B4383} .E...N.... . [C.. ..2..
Loaded from: \REGISTRY\User\S-1-5-21-1957994488-813497703-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{01E04581-4EEE-11D0-BFE9-00AA005B4383} .E...N.... . [C.. ..2..
PX5: 21DE0C1E00286C5086FC0F3BED777100FCA597FC
MD5: aacd7af37c47d6a8484c6cc91a2ebd11
Determination: GOOD

C:\WINDOWS\system32\SHDOCVW.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0} Set Program Access and Defaults
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0} Cerca
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0} Guida in linea e supporto tecnico
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0} Guida in linea e supporto tecnico
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} Esegui...
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0} Internet
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0} Posta elettronica
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D20EA4E1-3957-11d2-A40B-0C5020524152} Tipi di carattere
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D20EA4E1-3957-11d2-A40B-0C5020524153} Strumenti di amministrazione
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EFA24E61-B078-11d0-89E4-00C04FC9E26E} Favorites Band
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0A89A860-D7B1-11CE-8350-444553540000} Shell Automation Inproc Service
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} Shell DocObject Viewer
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A5E46E3A-8849-11D1-9D8C-00C04FC99D61} Microsoft Browser Architecture
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FBF23B40-E3F0-101B-8488-00AA003E56F8} InternetShortcut
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3C374A40-BAE4-11CF-BF7D-00AA006946EE} Servizio Cronologia Url Microsoft
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FF393560-C2A7-11CF-BFF4-444553540000} Cronologia
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7BD29E00-76C1-11CF-9DD0-00A0C9034933} File temporanei Internet
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7BD29E01-76C1-11CF-9DD0-00A0C9034933} File temporanei Internet
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CFBFAE00-17A6-11D0-99CB-00C04FD64497} Hook per la ricerca di URL Microsoft
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC} Schermata iniziale applicazioni Internet Explorer 4
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{67EA19A0-CCEF-11d0-8024-00C04FD75D13} CDF Extension Copy Hook
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{131A6951-7F78-11D0-A979-00C04FD705A2} ISFBand OC
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9461b922-3c5a-11d2-bf8b-00c04fb93661} Search Assistant OC
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3DC7A020-0ACD-11CF-A9BB-00AA004AE837} Internet
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{871C5380-42A0-1069-A2EA-08002B30309D} Internet Name Space
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EFA24E64-B078-11d0-89E4-00C04FC9E26E} Explorer Band
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\CDF\(default) {67EA19A0-CCEF-11d0-8024-00C04FD75D13}
Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}\BarSize A
Loaded from: \REGISTRY\User\S-1-5-21-1957994488-813497703-839522115-1003\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E64-B078-11D0-89E4-00C04FC9E26E}\BarSize ..
Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\CLSID {1FBA04EE-3024-11d2-8F1F-0000F87ABD16}
Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F}\clsid {1FBA04EE-3024-11d2-8F1F-0000F87ABD16}
Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}\CLSID {1FBA04EE-3024-11D2-8F1F-0000F87ABD16}
Loaded from: \REGISTRY\User\S-1-5-21-1957994488-813497703-839522115-1003\Software\Microsoft\Internet Explorer\UrlSearchHooks\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}
PX5: DE7BBE0100F3689BA480161FA5C20900FE795A42
MD5: 4871eaa61bef8c94826c73842795977a
Determination: GOOD

C:\WINDOWS\system32\themeui.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}\StubPath %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{41E300E0-78B6-11ce-849B-444553540000} PlusPack CPL Extension
PX5: BAC50787005D6D22F49E05A57642CD002A91E075
MD5: 0f7bfe3ef3fc33fd598427c015bb8b5d
Determination: GOOD

C:\WINDOWS\system32\msutb.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\ctfmon.exe
PX5: 7A3AA486004261ECFC5902E8FBAFDA00B6B25BB1
MD5: fc6c38a1249d86fc62f72c8a5e3379db
Determination: GOOD

C:\WINDOWS\system32\mlang.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: A0FB8BA50045A9FEF20208062C04B3005F96B032
MD5: f036bc2525f8701628abb0a550c1c692
Determination: GOOD

C:\WINDOWS\system32\mshtml.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
PX5: 3A897A7500F535C6D44D2DE390FA8000780C5D97
MD5: b0d7b00d4fdc5bb8203e0a38d15cbaa2
Determination: GOOD

C:\WINDOWS\system32\msls31.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
PX5: EAE4C961000263583C2A020DBFE06E003B95D274
MD5: 29b3675c2d9b2d0e18470a14024df369
Determination: GOOD

C:\WINDOWS\system32\ntshrui.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{40dd6e20-7c17-11ce-a804-00aa003ca9f6} Estensioni shell per la condivisione
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} Estensioni shell per la condivisione
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\Sharing\(default) {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\PropertySheetHandlers\Sharing\(default) {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\Sharing\(default) {40dd6e20-7c17-11ce-a804-00aa003ca9f6}
PX5: 5EB8DF8A0005A80F3870025CC8B2C100D6ECC82F
MD5: 64e0c77faf1a30547739580eb5f3aacf
Determination: GOOD

C:\WINDOWS\system32\shdoclc.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
PX5: 552F282A005B9932A4DA08FB1D53CE00D5EAFBF4
MD5: 9373e3b36edbb58dcacc106530105954
Determination: GOOD

C:\Programmi\File comuni\Stardock\MCPCore.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 89FF004300FEE3D650B00152430779007FC69222
MD5: e0475dbae1d9e5f229acb3e1dc1264c2
Determination: GOOD

C:\WINDOWS\system32\msimtf.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 84310A0800BF02296E1202C6BE073C009D305F2B
MD5: e41d5bbed01edd653dfbe699c8b77fbf
Determination: GOOD

C:\WINDOWS\system32\IMM32.DLL
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: CDBF4DDD001A7574AE3A01510D252400AF18CE5E
MD5: ca38a6091ecac2668ec99afd4b6c0615
Determination: GOOD

C:\WINDOWS\system32\LINKINFO.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
PX5: 0F5B6BDF001D44C44A1600B3F3AA9500B78D17FC
MD5: aed27a44228c3b2d24406a2755133922
Determination: GOOD

C:\Programmi\Browser Mouse\MOUDL32A.DLL
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Browser Mouse\mouse32a.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\VisualTooltip22\VisualToolTip.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 3963D82800FAD99DE08F009115541D00EF251380
MD5: 994c0e52ededcf2dc0a238a2e9519dbe
Determination: GOOD

C:\WINDOWS\system32\webcheck.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E6FB5E20-DE35-11CF-9C87-00AA005127ED} WebCheck
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE} Subscription Mgr
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F5175861-2688-11d0-9C5E-00AA00A45957} Cartella Subscription
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{08165EA0-E946-11CF-9C87-00AA005127ED} WebCheckWebCrawler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB} WebCheckChannelAgent
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7} TrayAgent
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7D559C10-9FE9-11d0-93F7-00AA0059CE02} Code Download Agent
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E6CC6978-6B6E-11D0-BECA-00C04FD940BE} ConnectionAgent
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D8BD2030-6FC9-11D0-864F-00AA006809D9} PostAgent
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB} WebCheck SyncMgr Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\WebCheck {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
PX5: 7A671D1200F332C4486E04DF4339C300F2AAD0B7
MD5: 9adae07a13e295a98f5ee7726354c28f
Determination: GOOD

C:\WINDOWS\system32\stobject.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\SysTray {35CEC8A3-2BE6-11D2-8773-92E220524153}
PX5: 54D80CDC00F43E2DDE26016C15CB850052548DBB
MD5: 6474c3d1c136c60291b8a5ee9ed1735b
Determination: GOOD

C:\WINDOWS\system32\BatMeter.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 73074F1200F9F02570C400FC5F48D3002E4325D8
MD5: 66db9d9ca443d7c8c9222bff72f61acf
Determination: GOOD

D:\Claudio\programmi\personalizzazione xp\mouse\cursorxp\CurXP0.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\VisualTooltip22\VisualToolTip.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\mouse\cursorxp\CursorXP.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: F87E8004004341133ABE0076A4E26900BD23C331
MD5: 33cfc1e1dc8b71974806378a821143f9
Determination: GOOD

C:\WINDOWS\system32\sensapi.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
PX5: 945479A500423FB71A9A004C020A3B0024ABF6B3
MD5: 344e594bb748d4f828211a7c9cea0829
Determination: GOOD

C:\WINDOWS\system32\shimgvw.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{e84fda7c-1d6a-45f6-b725-cb260c236066} Shell Image Verbs
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178} Shell Image Data Factory
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3F30C968-480A-4C6C-862D-EFC0897BB84B} GDI + programma di estrazione file in anteprima
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9DBD2C50-62AD-11d0-B806-00C04FD706EC} Summary Info Thumbnail handler (DOCFILES)
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EAB841A0-9550-11cf-8C16-00805F1408F3} Programma di estrazione pagine HTML in anteprima
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{eb9b1153-3b57-4e68-959a-a3266bc3d7fe} Shell Image Property Handler
PX5: BF42E4FC005BE16EB66806F7E01C32002F436309
MD5: 3528c993453ca6aec6ab684ff1189950
Determination: GOOD

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\VisualTooltip22\VisualToolTip.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: EEECA2A200AE193420E61AFE5130B8009DDBAA0F
MD5: 100136f3c317b3fbffd33b9409aed1c3
Determination: GOOD

D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\VisualTooltip22\VisualToolTip.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\mouse\cursorxp\CursorXP.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 3130265000C48FCF8ACA00F00CC5370022873984
MD5: 34782938f3a8a2e991105c9bb5d3f559
Determination: GOOD

C:\WINDOWS\System32\drprov.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: BB8EDCE2008403A638800074FD083400905C26EC
MD5: 4f32c69e05ae35fc609218e94b0df5d9
Determination: GOOD

C:\WINDOWS\System32\ntlanman.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: FCEBCD7A009905FEAA4200960455950080D2A1BD
MD5: d72c81e7f4986beb202813fc743af8d7
Determination: GOOD

C:\WINDOWS\System32\NETUI0.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 074187360063FEE5400A014D6C2C430053ABE349
MD5: 9fe57c0551c88667b8fbde49bd399144
Determination: GOOD

C:\WINDOWS\System32\NETUI1.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: A4DAD8A200850E09C097034C744E770099F86FBA
MD5: a5ca0066df5a68d4a7403f2e32d620d8
Determination: GOOD

C:\WINDOWS\System32\davclnt.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 5E0DDE0C0099E131624800B42D603500DF9BC5AA
MD5: fa5791230a59dcc0f1bb0b0a193375a7
Determination: GOOD

C:\WINDOWS\system32\srclient.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
PX5: B81A1AC100CB8448087701697E088400D5013702
MD5: a8c25de0a2227f3d426bd55c6ce7cbec
Determination: GOOD

C:\WINDOWS\System32\Wbem\framedyn.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
PX5: 277AC8E500749021D640021DA8B978008E053355
MD5: 95f398a46a0c449f220d5b6ce5897905
Determination: GOOD

C:\WINDOWS\system32\browselc.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: EA63F88500B471270C9A01309A4A800054BE305C
MD5: 03163d2cd97c11514f29987971f50a13
Determination: GOOD

C:\WINDOWS\system32\DUSER.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 576588D800DB533AA46504C81FA1F900F6700574
MD5: 0e316ff410e9a5bca1bd1794dece800f
Determination: GOOD

D:\Claudio\programmi\OpenOffice.org 2.2\program\shlxthdl.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} OpenOffice.org Column Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{087B3AE3-E237-4467-B8DB-5A38AB959AC9} OpenOffice.org Infotip Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{63542C48-9552-494A-84F7-73AA6A7C99C1} OpenOffice.org Property Sheet Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3B092F0C-7696-40E3-A80F-68D74DA84210} OpenOffice.org Thumbnail Viewer
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\(default) OpenOffice.org Column Handler
PX5: 1A81EAE900A0B600206C054AD3D84B00CF2F2AFE
MD5: dd6b269a3f5abeaf526cb760df8f3074
Determination: GOOD

D:\Claudio\programmi\OpenOffice.org 2.2\program\uwinapi.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 5CD25BD8005071F180AE01EA930C8A00856AF4E6
MD5: 448c4676c44b18399969392c1bb0462e
Determination: GOOD

D:\Claudio\programmi\OpenOffice.org 2.2\program\MSVCR71.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 3FEE1145002F2EB8504E05ED76DA9100776D97E7
MD5: 86f1895ae8c5e8b17d99ece768a70732
Determination: GOOD

D:\Claudio\programmi\OpenOffice.org 2.2\program\stlport_vc7145.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: F01D878200E49B7ED03F08DFE1D8A4006FFB0544
MD5: 73b98b3754998aea0985b409b156908b
Determination: GOOD

D:\Claudio\programmi\OpenOffice.org 2.2\program\MSVCP71.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: F133D4F000B92F08A0E107FD67B66E0015498C05
MD5: 561fa2abb31dfa8fab762145f81667c2
Determination: GOOD

C:\Programmi\ATI Technologies\ATI.ACE\atiacmxx.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5E2121EE-0300-11D4-8D3B-444553540000} Catalyst Context Menu extension
PX5: B1890F3400D5EA5A20BB010834EFD000F277BA6A
MD5: 649e3ab705eb0f3af213dcd4378515cf
Determination: GOOD

C:\Programmi\Belkin\Software Bluetooth\btkeyind.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: BD504CAC00D81F10D03B00FEF89D2E00D9D97D85
MD5: 82ff2027e314c824e69758bb4be987ea
Determination: GOOD

C:\WINDOWS\system32\wmvcore.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 47685784F85021F12A1B244D360487000CCC686D
MD5: 110a38fda648c87f2212d8b50424ffcf
Determination: GOOD

C:\WINDOWS\system32\WMASF.DLL
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 36292686001AA0886E7C03E00113EA0067E81213
MD5: 8f8e038d81e16103cfb2772e13bf2d1a
Determination: GOOD

C:\Programmi\WinRAR\rarext.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B41DB860-8EE4-11D2-9906-E49FADC173CA} WinRAR shell extension
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\WinRAR\(default) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\WinRAR\(default) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\WinRAR\(default) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\DragDropHandlers\WinRAR\(default) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\DragDropHandlers\WinRAR\(default) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
PX5: 07DF7C73006B868CEA65018EC514810076D8EDF7
MD5: 3b42317c8a22b82b04bf8c4e13b27cf0
Determination: GOOD

C:\Programmi\Spyware Terminator\sptcontmenu.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BD88A479-9623-4897-8546-BC62B9628F44} SPTHandler
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\SPTContMenu\(default) {BD88A479-9623-4897-8546-BC62B9628F44}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\SPTContMenu\(default) {BD88A479-9623-4897-8546-BC62B9628F44}
PX5: B87AA3540061C1BB28C102633D77B200BFE93036
MD5: 8c119c47b6f009ef6fb60b80ffa66255
Determination: GOOD

D:\download firefox\pinko\SnagItShellExt.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CF74B903-3389-469c-B3B6-0204D204FCBD} SnagIt Shell Extension
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\SnagItMainShellExt\(default) {CF74B903-3389-469c-B3B6-0204D204FCBD}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\SnagItMainShellExt\(default) {CF74B903-3389-469c-B3B6-0204D204FCBD}
PX5: 335D193448419F1D1651029CD0DD4700B7F66778
MD5: b50b5a64cd2d090a33d3acc242677646
Determination: GOOD

C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80.DLL
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: C2148C6300282B34D02310815560F00037CA9FFC
MD5: 1b7524806d0270b81360c63a2fa047cb
Determination: GOOD

C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 9A45456900EE9D7990C909755A3A5C00A6DAF154
MD5: e4fece18310e23b1d8fee993e35e7a6f
Determination: GOOD

C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80ITA.DLL
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 3710283500375BFFF0720086F67E1B005D5C6492
MD5: cb23b162ac655f24c6711a5f5df348c6
Determination: GOOD

D:\download firefox\Nuova cartella\nodshex.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B089FE88-FB52-11D3-BDF1-0050DA34150D} NOD32 Context Menu Shell Extension
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\NOD32 Context Menu Shell Extension\(default) {B089FE88-FB52-11D3-BDF1-0050DA34150D}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\NOD32 Context Menu Shell Extension\(default) {B089FE88-FB52-11D3-BDF1-0050DA34150D}
PX5: 47597D6A808B4072EC0F00D8AC19F0007C788E00
MD5: d3cf29647131277b7db23e0d712461b1
Determination: GOOD

D:\download firefox\freeeee\Glary Utilities\ContextHandler.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{72923739-5A47-40A3-9895-25AF0DFBB9E4} Glary Utilities Context Menu Shell Extension
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\Glary Utilities\(default) {72923739-5A47-40A3-9895-25AF0DFBB9E4}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Glary Utilities\(default) {72923739-5A47-40A3-9895-25AF0DFBB9E4}
PX5: C2C6BEFB008702CE7CFC002FF591DC0063EFC1F4
MD5: 47cbea803fa0eec102db47b52e9302d3
Determination: GOOD

D:\download firefox\freeeee\Glary Utilities\rtl70.bpl
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: BDD4B4A5003D4EBBE0950BC45F2B39003B0C8117
MD5: 0dcd17c9a3b135c61834c716a412a5bf
Determination: GOOD

D:\download firefox\freeeee\Glary Utilities\vcl70.bpl
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 052A5783005B116014EE15DB30CE25004AAC31DC
MD5: 599dabd485b83b3ddbfcacfd60ac8774
Determination: GOOD

C:\WINDOWS\system32\oledlg.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\VIA\RAID\raid_tool.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\VisualTooltip22\VisualToolTip.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
PX5: 0F4248FC00565555D4D101CBEA69C700971E3F45
MD5: 83a7ef9bd97588857f702f7405ccf03c
Determination: GOOD

D:\download firefox\avg75free_428a818\avgse.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} AVG7 Shell Extension
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} AVG7 Find Extension
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\AVG7 Shell Extension\(default) {9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\AVG7 Shell Extension\(default) {9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
PX5: F9F3CE2B006E4BABC6AA009F1D03DF00B7FB4F13
MD5: 36687e123d87f468e33abf11e5dd0797
Determination: GOOD

C:\WINDOWS\system32\sti.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: D0C61BDE00B5681C0CA40120655A6E00CC4935F5
MD5: 8f44ba342774b5cc5e5a6a0b68e5ecc3
Determination: GOOD

C:\WINDOWS\system32\CFGMGR32.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\VIA\RAID\raid_tool.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 74C69D7C00EDC85142F6003C4DC9A1006D7B8195
MD5: 15797c5aa673590064348a025a5f17d9
Determination: GOOD

C:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 625F1664B0E594EF937100C27C2C0C007684DAD6
MD5: 8394abfc1be196a62c9f532511936df7
Determination: GOOD

C:\WINDOWS\system32\mscms.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
PX5: 940A8DEF003B85F62032012B04469D0069AD5188
MD5: 2b811f5594ea174b8cb31cedc8141e6c
Determination: GOOD

C:\WINDOWS\system32\twext.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{596AB062-B4D2-4215-9F74-E9109B0A8153} Pagina propriet. versioni precedenti
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9DB7A13C-F208-4981-8353-73CC61AE2783} Versioni precedenti
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\PropertySheetHandlers\{596AB062-B4D2-4215-9F74-E9109B0A8153}\(default)
PX5: 83D6D2D5007A7A78AC5A00555BE37F0060757F73
MD5: 9c0305df90319693b0b8025976de5c66
Determination: GOOD

C:\WINDOWS\system32\msieftp.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}\KeyFileName C:\WINDOWS\system32\msieftp.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{63da6ec0-2e98-11cf-8d82-444553540000} FTP Folders Webview
PX5: 44133DFB00C5C1B9D64903B9EB9B6E00A95E5477
MD5: 9ba0424bf46a751e9f68829a9afbe680
Determination: GOOD

C:\WINDOWS\system32\actxprxy.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 007947C1003133828EF901D865E09C00F6A66BF3
MD5: cac8ce72845461a8c6818071d923fc89
Determination: GOOD

C:\WINDOWS\system32\zipfldr.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31} Cartella compressa
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BD472F60-27FA-11cf-B8B4-444553540000} Compressed (zipped) Folder Right Drag Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{888DCA60-FC0A-11CF-8F0F-00C04FD7D062} Compressed (zipped) Folder SendTo Target
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\DragDropHandlers\{BD472F60-27FA-11cf-B8B4-444553540000}\(default)
PX5: ED969ADB00D5666D2CF80569EB9E87007A803837
MD5: 84dc2b97ae10dea7b265a74971634131
Determination: GOOD

C:\WINDOWS\system32\DSOUND.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: E5087FD800F9DAEF9CF20543474A2400CFECBDBE
MD5: e99a5df2a937580361d6c698e4620dba
Determination: GOOD

C:\WINDOWS\system32\btncopy.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\Monitor\(default) {7842554E-6BED-11D2-8CDB-B05550C10000}
PX5: 82001E2600653562003C0186C77F17006CFADE5A
MD5: 5559a50054e2bbbd697186cd2d0e11ed
Determination: GOOD

C:\WINDOWS\system32\mydocs.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ECF03A33-103D-11d2-854D-006008059367} MyDocs Copy Hook
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ECF03A32-103D-11d2-854D-006008059367} MyDocs Drop Target
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4a7ded0a-ad25-11d0-98a8-0800361b1103} MyDocs Properties
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\MyDocuments\(default) {ECF03A33-103D-11d2-854D-006008059367}
PX5: 57E2829600BA664D643501A4D8468A0095362A02
MD5: 0e34ad97f42004e23da845ff4f822090
Determination: GOOD

C:\Programmi\VIA\RAID\raid_tool.exe
Loaded into: C:\Programmi\VIA\RAID\raid_tool.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\RaidTool C:\Programmi\VIA\RAID\raid_tool.exe .^.
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\RaidTool C:\Programmi\VIA\RAID\raid_tool.exe .^.
PX5: BA38594700CDBD2600EA092C20D2A40077C9E93B
MD5: 1cf881aae046fa887e684b5b8d5d3156
Determination: GOOD

C:\Programmi\VIA\RAID\drvInterface.dll
Loaded into: C:\Programmi\VIA\RAID\raid_tool.exe
PX5: 9F2E2D3E00F1D144405901E63A1CB200E2ACA010
MD5: 026d3e0798b7d0a983d6971fd2de1e57
Determination: GOOD

C:\WINDOWS\system32\OLEPRO32.DLL
Loaded into: C:\Programmi\VIA\RAID\raid_tool.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
PX5: 4451C5BD00B67BC2466601954AF9C000130A3600
MD5: cb6b225cc6c85cda0430ef12441ea5b6
Determination: GOOD

C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\SoundMan SOUNDMAN.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\SoundMan SOUNDMAN.EXE
PX5: 6CBF885B0077AAE830B9013A4A8E9B00F7A2EF2E
MD5: fbef9f9c97b6b93e2041e65d3cd81c9c
Determination: GOOD

C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\SunJavaUpdateSched "C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe"
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\SunJavaUpdateSched "C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe"
PX5: 658E1F1B905B4E3D05360276C335CD0058FB5A32
MD5: d4f0f7437327dbaa264338baafb5e5af
Determination: GOOD

C:\Programmi\Browser Mouse\mouse32a.exe
Loaded into: C:\Programmi\Browser Mouse\mouse32a.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\FLMOFFICE4DMOUSE C:\Programmi\Browser Mouse\mouse32a.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\FLMOFFICE4DMOUSE C:\Programmi\Browser Mouse\mouse32a.exe
PX5: 43ED060500DAB51180190519F8FD0E00D3F4CD09
MD5: 5a868acb46ef0f6b681a434e1c9f349b
Determination: GOOD

C:\Programmi\Multimedia Keyboard\KbdAp32A.exe
Loaded into: C:\Programmi\Multimedia Keyboard\KbdAp32A.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\FLMK08KB C:\Programmi\Multimedia Keyboard\KbdAp32A.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\FLMK08KB C:\Programmi\Multimedia Keyboard\KbdAp32A.exe
PX5: EB608E2F00A82AA6D0FC059623DD7900AA1D8882
MD5: 3639b69ae68202143b6b3694e9a6d460
Determination: GOOD

C:\Programmi\Multimedia Keyboard\KBDDL32A.DLL
Loaded into: C:\Programmi\Multimedia Keyboard\KbdAp32A.exe
PX5: 812EB28500E820D7D0D800A1AB8CDB00CCFD8A4A
MD5: 27e51ea93f163726fe3d28d888fb3ba1
Determination: GOOD

C:\Programmi\Multimedia Keyboard\KBDMDLLA.DLL
Loaded into: C:\Programmi\Multimedia Keyboard\KbdAp32A.exe
PX5: F8C0AD7A00C4D93EC0A900000B9F5E0045D34EA6
MD5: d5011679019ab8be5e3fe778f17fda58
Determination: GOOD

C:\Programmi\Multimedia Keyboard\KBD32S.DLL
Loaded into: C:\Programmi\Multimedia Keyboard\KbdAp32A.exe
PX5: 83C7C41D00E4D9E83098007CA009EF0056862AA8
MD5: 1e0ea820ada464eeaa6ccdc7f39c4742
Determination: GOOD

C:\Programmi\Multimedia Keyboard\KBD32G.DLL
Loaded into: C:\Programmi\Multimedia Keyboard\KbdAp32A.exe
PX5: 304246E800C8D42D80E400C80298DA00290171A6
MD5: 1e8604255619e1267104cfff85b72712
Determination: GOOD

C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
Loaded into: C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\HP Software Update C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\HP Software Update C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
PX5: 85E9BFD90076143AC01700F89D9DBF00EF2A6C0F
MD5: ac116f16a7716a720a45d7ea47cfd983
Determination: GOOD

C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\ATICCC "C:\Programmi\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\ATICCC "C:\Programmi\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
PX5: CF09D5D800702E04B04C00E9733D4600A2D58E89
MD5: 64c4c17bf6a40ff1cd21205e6fd415b8
Determination: GOOD

C:\WINDOWS\system32\mscoree.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1D2680C9-0E2A-469d-B787-065558BC7D43} Fusion Cache
PX5: 36CE3DE9006AF1ED225D04AABCCEEE0051676249
MD5: 8256f0e39ad2b2d2c9a9db00242f594a
Determination: GOOD

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 40113FD50016CD90E0C925C4746D8000B458C001
MD5: d928ffabce0ac9d69fef1f645c6c7b1d
Determination: GOOD

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 3FEE1145002F2EB8504E05ED76DA9100776D97E7
MD5: 86f1895ae8c5e8b17d99ece768a70732
Determination: GOOD

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: E08410B0007E1DD25096047A09B79B008841768F
MD5: b8294afc55b31d835be038222f61230c
Determination: GOOD

c:\windows\microsoft.net\framework\v1.1.4322\mscorlib.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: B0377E6A00F2B6D2E08C1FC603EFB0005BBA18E8
MD5: a162574c97bb7c3c6dbe32d8dbca42c2
Determination: GOOD

c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_2611c09f\mscorlib.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 8BE9D5B80099D8D4306A32D7B604DD0042941C4D
Determination: GOOD

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: CC7AD136004B4270308701DD0BC98200BA922D69
MD5: 4c2bb0e88229d59c276d7ea31951eb5b
Determination: GOOD

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSCORJIT.DLL
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: CD7A0A7000EE94B0C02904DC5AEFA50018ED8446
MD5: e9634a7e73a30f0bd17f9b0c19bd211a
Determination: GOOD

c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: DE3BE83400DA288020341F684F4C6800C6C1B51B
MD5: 02681152fe52fc6e91a812a8a9420d2f
Determination: GOOD

c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_4d82ae64\system.windows.forms.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 3A5CCBD3007AFE51B06A2D7DDF153F001298C595
MD5: 65ce0341f83968254656f36adf7cce88
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.implementation.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 35228D61008BF2DF805A00D8FE7E29002CD1D2C7
MD5: 710e070fd65f2abf03b71fe29a4f8254
Determination: GOOD

c:\programmi\ati technologies\ati.ace\log.foundation.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 9EB0F9E2004F4F68903D004C72DB5900365C32C7
MD5: f45eab2bcaff6a525f949cb95f6e1e05
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.foundation.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 3FFBC05600ACBE7410720148355384007F1EEEC2
MD5: 7efeb47a2e295d99061e0ac7feaeefc3
Determination: GOOD

c:\programmi\ati technologies\ati.ace\log.foundation.service.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 7783972300EF6C41A03C00427F02E800EE37EBC1
MD5: 2c7a742c78ba5f548fe06a0ce17a551e
Determination: GOOD

c:\programmi\ati technologies\ati.ace\log.foundation.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: DC98DFFB0033D3CE5074002DDDE82A00D9EAD889
MD5: e02001c5aa38fb4fca67741852c422a7
Determination: GOOD

c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 0A0DE93D00952B9090111224AE1EBF003993DB53
MD5: d4525bffc6de7ddd95e841104494704f
Determination: GOOD

c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_0aee2aca\system.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: F92CE92000A0DC3570971DD9513684004FE7DE76
MD5: 1ebd3763aecb53c04624a8e64702415e
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.foundation.xmanifestation.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: F83EB1AF0089144360210004BA65440089EBCA68
MD5: 4bb59656d4eb3f8f9749e04c4f624a49
Determination: GOOD

c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 4F57C53E0070889860C4141F12F258000D0F303C
MD5: 4e0351ee76439f1fc14914b5bff7c9ae
Determination: GOOD

c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_9879de0e\system.xml.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: A63F3D4300EDB7BCB0751F9D7D792A00A79F8BB1
MD5: aa11f8700db6af650043b13534330f17
Determination: GOOD

c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: E2A6721700CC56DBF006043D0FB7610074CD0E1A
MD5: bb08dd3d626ca86092e2cdeb444f432b
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.component.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 066AB82B000BADA1508C01C6661D8000A1B72308
MD5: e16a885953b23f3ace8ad1e60434d55d
Determination: GOOD

c:\programmi\ati technologies\ati.ace\aticccom.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: C0B99687007F6F1D5089002DDDE82A0019F20AB5
MD5: 1acc00bc6bed33045d568e728fbe0410
Determination: GOOD

c:\programmi\ati technologies\ati.ace\aem.foundation.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 23C8AF8D0035DD216036005E06CD97000701FA21
MD5: 4c097c301cda4f42e2808569c31e4c83
Determination: GOOD

c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 965878AA00E97428208E07E98C95150040E90A16
MD5: 5b8755429a40c7280ff9ad7b4194df47
Determination: GOOD

c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_5fe1ad34\system.drawing.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: BB33A0C300693779C0E60C2B56E40E009D4C8A22
MD5: a5aae059870161bbc1faee38dad388ba
Determination: GOOD

c:\windows\assembly\gac\system.windows.forms.resources\1.0.5000.0_it_b77a5c561934e089\system.windows.forms.resources.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: EB6BC2D200BB7A88C04302CF2E1478007D17E3B8
MD5: c483cfe1812fc1e1428abc181571abfb
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.caste.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 8CCD56DE00DFA863C08200EED292C2004231F85C
MD5: bb669a426a70f5f9e6da44e5f922aff1
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.caste.graphics.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: DFC3A67300BAD80F90E0049D683F2400ED013241
MD5: 4d93b3df8b02c948371505a4d380cace
Determination: GOOD

c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_it_b77a5c561934e089\mscorlib.resources.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: B5D8BEF70040EEEC8087036C5DCC450094693B48
MD5: fe9347d70b134828c2da9d8d50c13afe
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.component.runtime.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: FE18A833008C712480CC00183A1FF400EA5E4FA9
MD5: 6b2ac3cc767b6fef55628bbe99e7732e
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.foundation.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 6FE77D4400E928CE40F9002DDDE82A00AB8BD7DF
MD5: 990e0b5c2aa42e76c0fdc8b91a793123
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.demosinfo.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 25004D8E007D734540680093DF69830006F24B8A
MD5: 01a08b8da7bbab3c7983b6c2ffb6e90c
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.demosadapterinfo.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 5DE713E9009BA7AC40BC005ECD25310079646C57
MD5: f35571e95891875f612f3f0e9ed06953
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.dematiadapterinfo.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 55BF9788005816A940B50027311ABA0010C9FE3A
MD5: 662d5d1f991d609214d5c060cfd88297
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.demdriversettings.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 8CD55DDC00264DA6401D0039A421F90073516092
MD5: 47eb401e27823394d774e5dc039a3979
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.displaysmanager.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 1FD3FAB60014C24D602D0072E3F22A00D45D5D41
MD5: fc5414bffca79e99fb910d1b1b714429
Determination: GOOD

c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: E26F647A0026EB7A007A136CDA3C1B001884D184
MD5: 297276bf40b7c89929aebb5e76b653fc
Determination: GOOD

c:\programmi\ati technologies\ati.ace\atidemgr.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 73AEEF0100207C48501D0457554D9E0080A7F07E
MD5: 3ef255d8e8e6b146ad26bcffd05b5025
Determination: GOOD

c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: E04A0B210045FCB0A060057C3D7F20002FCD5B5D
MD5: d24328cf719de28feff9f1866988a785
Determination: GOOD

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: AE7A381800E291967C6300FDBFD0420052B14F95
MD5: b3882530d9344653230fba2502babaf3
Determination: GOOD

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\perfcounter.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: F25CCE3F0040099360BB01D52971ED00982493EF
MD5: 38d44e4afd8bcb1204a68a4564aef586
Determination: GOOD

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_perf.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 2B598AC7006FCDC35C1A005EA2D2AC00CDD3F98B
MD5: 4342b8aa3353862db5acef3edaa21ae3
Determination: GOOD

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 8116022C00C4F6E3E0FE031DE770CA0052763745
MD5: 91aa521fb94e5f5049bae31fc45c093e
Determination: GOOD

C:\WINDOWS\system32\perfproc.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 9295671F006AB0848C9C0090B29D8700CE4DE46A
MD5: c903e30bdb77ab0c730237f270ec3f90
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.demosmodeinfo.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 422CEE5300ACDE3340AE003DAC9FB900255AB544
MD5: acfc78bedca9647d812849ea29560904
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.dematidisplaysmanagersettings.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 8F1D419900DD99CB50B1002DDDE82A0029893107
MD5: 708191cbebed47b5ae51b6dc7f34b8a8
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.demverylargedesktopsettings.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 529F153300006F22406A00D2227D7F00C5C62E30
MD5: 1d9479223290acc2beaa09b4df40491d
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.multivpu2.graphics.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 6A45C68700396A2C90F000DA5E076000E4716C4F
MD5: 29d026f5fcf46762c6fa27b9e17d6af6
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.multivpu2.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 58137BF300E51D8A60C400C727341B00B896CC8B
MD5: 978e5937945d5b073a02770ae9da40c5
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.multivpu.graphics.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 219C0B1600DF3E35902100AE64721E0050D2ED87
MD5: f68d039c1fa45d15a8ec27f4e146aa59
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.multivpu.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 6ECA60FE00E8A3BF607C0062D5D4D00024A2846F
MD5: f31d4985e07473125a904d5c7b1f8838
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.verylargedesktop.graphics.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 27159AFC00CD5282807300D2B735D6005B923B47
MD5: ea98f18c92faffefccfb5e67069dc8ae
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.verylargedesktop.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 05F9A17E001938EF60D400C616234F00C26E8BE7
MD5: bb1679cc2d24e44fba638e0449b7b663
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.radeon3d.graphics.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 31555A7E005C2F5CE07D005CF54DDA00B8FDBBBE
MD5: ac2e842ff52632515084fd07de2dbc6e
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.radeon3dlegacy.graphics.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: E1C947CC00169F74B07900E4C7DC710022F1252B
MD5: c6deacf131c4506a2ccb7a5e51b2390a
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.displayscolour2.graphics.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 80B9021500052646B0D400AA12EA44008538075C
MD5: 05d81b2e2da6d4895417cae046114fad
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.displayscolour2.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 790372180023A2C160BE00D205E7A9005F1CA073
MD5: 452253fdc9a32ba3ba9340ac3d2cb455
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.demdisplayscoloursettings.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 3F3948F700FBBA38401200682A834D00E5524F21
MD5: 82b9204b72d5d2aac030ccc1fffa7c29
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.displayscolour.graphics.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: D674E4F40072521BA0C100A5D8455600635BB870
MD5: 7acc142d519f86404bb9d3c8b2d3a3dd
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.displayscolour.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: EE35A8CE00111B9A60A3005737CCBF00DD4077A4
MD5: faf965a56c01055e715141eeca5b1589
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.mmvideo.graphics.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: B340716A004671D1A099005A8819220003AFA66B
MD5: b1f40bec67c8fc4dfec64f349bba0551
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.mmvideo.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 11255EED0086A15C80190014A1ED94005267C01F
MD5: 04bfa6970dd0dc38bd8db61ed14f3379
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.mmdeintlacingsettings.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 3E41558600967E7A40C10008CD5B0C0042BC5887
MD5: 91896962af25892fd058afa2974c6f65
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.videooverlay.graphics.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: EE7FC67900D8D76A908800A12E854E00D578301B
MD5: 40062ffe6173cb8ad5ac9f8016aaa825
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.videooverlay.graphics.runtime.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 4E04918F003398B7409100DE859E7F006A46CD53
MD5: 15983bcf0b7fbc1268f82c05f1004144
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.videooverlay.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 62AC8FE300BE8A5C40D1002DDDE82A0044987F44
MD5: f49b36f3f0fc27a43c355b96f9bb0437
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.smartgart.graphics.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 98DC2AE3006F92A9704B00CB7F3398008007E91B
MD5: d836afff51b156805a955d127e211b9c
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.demsmartgartsettings.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 05A6150B00BD33984079003E04C080007BCF57D9
MD5: e293972e64b92ec67fec7bca7d2b6bdf
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.vpurecover.graphics.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: AA21287D00B6674660B1006DAEF9BE0065608A61
MD5: 0b72aba37f1b73606395b866f66462b4
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.vpurecover.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: F03C0C880037DA6A60CB00727AB9A500A3E1AC08
MD5: 260a36cf795ab48a3a7479bab8e25c53
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.workstationconfig.graphics.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 6F7C5DDD0003510E80BF0084E398FA00413E9E35
MD5: 2f420a495e174486e39d43cd2fd3d57c
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.devicecrt.graphics.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 3E876DA3004CAB5C90590081E665DE00A4ADF9BC
MD5: 6f5ba8776beeaa5048fc33931fcfa692
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.devicecrt2.graphics.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: E2DE48360077DE819095004A5EC0260088941A2C
MD5: 57c6ebd87152a5cf506bd23773d371c8
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.devicelcd.graphics.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 8F7E62650050D34A702F00E221F3860090BCF478
MD5: 5671c151b69132c567ddeefcb1411d1c
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.devicelcd.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 51C72E5F0092E86A707D00A8FCAC6F00A29CB247
MD5: 0dfd89d6936f6f1336ee3aa0d45e6337
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.devicelcd2.graphics.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 00348810001934C17069005D77154600DAE63755
MD5: 399db50fc879cc63f3c224d704b75e6e
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.devicelcd2.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: F6CAFD510008F1E370E300CB46A61900E8A2F19E
MD5: ade7d45236be7c3b26421b5fccd1950f
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.devicecv.graphics.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 8EAEE42000972D64D03A001C2687BC007C832FDF
MD5: 1fcbbee68c3441c9088432169d7985de
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.devicecv.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 82F2423800298179901E00608F01D50076B5F4C5
MD5: b06afcde9482686be5b612b6f608f70f
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.customformats.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: C4CE7EF3007DF670604D008927345F002B254B79
MD5: 570856f0b426a36937371179ab5c4870
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.devicecv2.graphics.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 95BD35C2007CE048C07F00C29846F800FAB9B409
MD5: 927478ba49a8e3a7f1f5287894c899e6
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.devicecv2.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 10A2934F00B5F48A902D007093681100525A55DC
MD5: d65fa72eb4cf6df51f28e30eb62697a7
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.devicetv2.graphics.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: C89D08B8005C8E97F09A00D6CD752700620ABBBA
MD5: dcdcd44d96bde4dc4c830f53e62aad70
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.devicetv.graphics.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: E2D041D40055E922E004005290277D0000CAA211
MD5: 4861fca90b920ce20d832ffe35d5de4a
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.devicedfp.graphics.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: C20CF4020040B0D9A019000BE6FDE600560FF659
MD5: 70854126d20026ba8ac06404a4e67404
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.devicedfp.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: BFB11279001DD5DF901100A8E540CE004CA14703
MD5: 3d6f068e58ba4d086576eea223e1ac20
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.devicedfp2.graphics.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: F6B5CE20008CD4CFA04C00832C1D34000094BB58
MD5: 51a97f78e5e6ea983d365cb41e65e9fe
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.devicedfp2.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 060A21AE006A0495A07D0047BA0E0D00162B53F1
MD5: a769b10c4fdd9916f697c395848d9831
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.overdrive3.graphics.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: D3482F3700F36DAA303B01C5470B660006266761
MD5: c834701d19242eba1257821cf61e29d1
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.overdrive3.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: DAA597D600ED8D806073009F83B8F1005EA60778
MD5: 1f712ec7eeffdb6bec5d898a6b6955f2
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.overdrive2.graphics.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 956F9D6E005FC38F708F00B1461456001253A960
MD5: 7240e89880afe4d5bf021b56482b58bb
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.demoverdrivesettings.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 29954D77000F0A1040530018BD309700C54215D7
MD5: ee1832b5877d1b054b457b32e685a6da
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.powerplay3.graphics.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 68738FE300EBC3F5B0B400ECA350C700E78E1EA2
MD5: af1c9b4d1fb5d41ee6bd4c3e81d8d578
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.powerplay3.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: CF5A95C600D656CF706100EACFD001006233FD08
MD5: 9aa573b46656c7b0b8c608cac112a856
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.dempowerplaysettings.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: B6ACBA3C00BF5936409300AA7BE45000D7883B85
MD5: 109f6f5fe1ca6b49c34ffdf44664fbb8
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.displaysoptions.graphics.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 42B2FCEA00794BF990F1008D80CCE4003A391ED5
MD5: 2d06dccf3b85ff98342b14a568c6866b
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.integratedumaframebuffer.graphics.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: DA2EE30F000B9D3C5088004F2E9C1200CE536ACB
MD5: de81d9e7f67022c3d530ec2293d6efc6
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.infocentre.graphics.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 03F9BB0600E9AA01807D0082F8BEE1000A4FF0CE
MD5: f7dc8c0853bbdb8e03437527b443d34d
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.infocentre.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: FD131B9B008F022A704D000E1C8C0100171DD5BC
MD5: eed7ea8cb6fc69ef84b54110d7de9527
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.hotkeyshandling.graphics.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: B5F7C5AB0044DBB550F1002DDDE82A00EB9DDFF0
MD5: 487c21d6ee235e8e0f207aacf73ca059
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.hotkeyshandling.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: E29F1B0B00E3BF0950DB002DDDE82A008203BE3F
MD5: 4b0ebea1582aff904febeac30fe6a841
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.demmultivpusettings.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: E40E687300DC0BF8408900DC41A1E300E404D598
MD5: cb4015b1dab175b8ea9bbd7ec667193f
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.radeon3d.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: F88782A2001ED09AF0420006FCA54700EF2FE28D
MD5: c81fe6fb8d8c6f341dc280e89b2efe63
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.radeon3dlegacy.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: DCDCD649002E479FD072005A59664E00A7374FE7
MD5: aacd8330170df6f08615db34786ab46c
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.mmoverlaysettings.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 03A88AFF002F931A40E40027ED9C4C0095EFA76B
MD5: db919a67f5fc5b89ed32e9d890cfe3dd
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.demvideotheatermodesettings.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: A4FB29720013E54C408F002DDDE82A004CEE54D6
MD5: 4872c0c05cee0dc0dbd55ac5b122bd9c
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.videooverlay.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: A55E2B6C0010C33670D600E695DDB900E942E12E
MD5: d8bb1c9171f6716eb9b8d1681d64f619
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.demvideooverlaysettings.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: A3509BA700E8F4404027006BA574A400AD523C83
MD5: b8dbf9832cc9b44b259775be70ddba08
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.smartgart.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 3E70037700F662C370130096374EAD003D83F118
MD5: 3b1de6282b28eee77b635f033cdcc052
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.demvpurecoverinfo.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 68B6FCE60048675C4070002DDDE82A003847492D
MD5: ebd6ddb601476527ad19d5584f6a5656
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.workstationconfig.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 640912A000CE21B870A30048873E8200B8755366
MD5: 6902856ca5565580da7ea03bf8c18127
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.workstationsettings.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 77E0ED180036A19340A000DEEBB42500E32ADBDB
MD5: 3bfd00fe8d0e5b14ae3cf07180397edd
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.devicecrt.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: BA3FD5D300920BE1D0F100DE3D303F00FF90AB22
MD5: 1e13cbc901cf196892ebd7d74f35d716
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.deviceproperty.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 7C44A17000C6752340350076F4FAF200B652B980
MD5: ca2b983a7187e2b17a12c00a3e2b5d09
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.demdevicecrtsettings.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: E883CD9400E3868B402400C416236500BC5E828B
MD5: fea10a4a91c77fffdf21c8e181fc4210
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.demdevicecommonsettings.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 1FBBFB310033449A40F700DAFEDB2F00425878F6
MD5: 787b0b758d9e201292cdb1c3565f3232
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.devicecrt2.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 74E977370073324DD08B00910648C4008EE35D25
MD5: d9b46c3371c80c8c52ecd1085d57959a
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.deviceproperty2.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: DF6AEDF300651B3150270034CEF2A600906FA080
MD5: 9b0e0a514d566ebb597560a7050c67bd
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.demdevicecommon2settings.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: D24884E900E016ED40C400C5D03BD4005C05A0B6
MD5: 1e1c94549056d4130876ace2470ed120
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.deviceproperty2.graphics.runtime.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 57AAE4EC00D235CD507100BC9D602E0065461370
MD5: f083d66dd93d341dac42ed463aae392e
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.demdevicelcdsettings.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: FF096AEE0090A7D240480009804C8B004AF65BB8
MD5: a662be9b11173cb67d4368e1ce54e235
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.demdevicecomponentvideosettings.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: B1DE558800CB85445016002DDDE82A005095AAA4
MD5: 75f3f6a31cf4120bac0ad9c112afa5b1
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.devicetv2.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 66DB6EDA00F9506AE0CA00824CF38B001234B6DB
MD5: 9bc1ffb661bca4ee67c0368769050c7f
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.demdevicetv2settings.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: D22765A80090D983405A001A196D80005C50BCC0
MD5: abcbf724e29c4e6e1e37e9403e6eb5f4
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.devicetv.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 5982C42700D06B0CE06E0032050AD300F12C0CE8
MD5: c2c0f4998dfcf638c147ec9cc68cf418
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.demdevicetvsettings.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: BDA324DE002ADD80409700416EA10400CA2CA07F
MD5: 4e882f8d970867b19facd13550fb88ec
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.demdevicedfpsettings.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: A9218B73001F7F4240BC00C4C9D894004FFCA9BA
MD5: cea372f025c67a06ba376adf5380eea6
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.demdevicedfp2settings.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: A92D05BB006391B9405D001CE6A862001B782855
MD5: 73ff8b0a81566c97f337f7015d300c2e
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.demoverdrive3settings.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 9DEBD9FB0010FA66409100711890BE0096CC7169
MD5: 49d9f9c3b62f53cfa32f4be6729341be
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.overdrive2.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: D448C84300DB159D5082005ED034F000E544CD33
MD5: 52a0230594b15f97897677fbbee816f3
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.displaysoptions.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: B8540E8B00528C116069001A69AA1E00E27A16DC
MD5: b16a16de5daae19a25a7ebebd50f5da1
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.demdisplaysmanageroptionssettings.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 2239EEE400D050BD400900D0C3CE84005EF8C2F9
MD5: cbed54b8fe909172299fbc11a80108b2
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.integratedumaframebuffer.graphics.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 41204EC5007AEF8D504D002DDDE82A008A592A04
MD5: 65854b98f1f7bb846af0a03e299b96ad
Determination: GOOD

c:\programmi\ati technologies\ati.ace\dem.graphics.demumaframebuffersettings.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: F9AC77FF006B3B5840CE002A9F10D300815516FF
MD5: 7307b34d0c31cda8c6e0088a0506691f
Determination: GOOD

c:\programmi\ati technologies\ati.ace\apm.foundation.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: E211A7DB0008322D606400717B3B4F00B098B6C0
MD5: 8091791ff6e6b85ff72bbbdd41b0bef3
Determination: GOOD

D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\KRun D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\KRun D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
PX5: 04AFC21E00FD20192AB3121261C83E00E59162BC
MD5: e7962adc1c4ec882d90714908c81a690
Determination: GOOD

D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\rmfoldermenu.dll
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
PX5: B01EE73400D15392BCB4055827D0C600CCC7FB31
MD5: 6b31c2be0c3737b28696aa144b3b927b
Determination: GOOD

C:\WINDOWS\system32\DDraw.dll
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
PX5: 4E606A3E004BFD1E107104ECA94E4700B2873B8F
MD5: 613e66ace3fae6523e6f1a0183af7f2d
Determination: GOOD

C:\WINDOWS\system32\DCIMAN32.dll
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\VisualTooltip22\VisualToolTip.exe
PX5: 256E9CF3007B0060223C00722D6B1100E50006BD
MD5: b4135161fbdf6bf676bbfa8eb79cade8
Determination: GOOD

C:\WINDOWS\system32\msxml4.dll
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
PX5: 5B7D77330022FA86D4E21258EBD3470057A9FD1D
MD5: 44e45bd9327abc0540593e809b32f3ca
Determination: GOOD

C:\WINDOWS\system32\msadp32.acm
Loaded into: D:\Claudio\programmi\personalizzazione xp\menu laterale\runme0.8\RunMe.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.msadpcm msadp32.acm
PX5: 9896734D003A7B4A3AD6001B2D129300C6CAD27F
MD5: 147ba07670fa18d112d631b9eec2ca21
Determination: GOOD

D:\Claudio\programmi\personalizzazione xp\VisualTooltip22\VisualToolTip.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\VisualTooltip22\VisualToolTip.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\VisualTooltip D:\Claudio\programmi\personalizzazione xp\VisualTooltip22\VisualToolTip.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\VisualTooltip D:\Claudio\programmi\personalizzazione xp\VisualTooltip22\VisualToolTip.exe
PX5: 34D7E15B003716089A070EB35CA81D00318D6E6D
MD5: 769615ac4db67ee0db7629d79e5b7849
Determination: GOOD

D:\Claudio\programmi\Spyware Terminator\SpywareTerminatorShield.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\SpywareTerminatorShield.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\SpywareTerminator "D:\Claudio\programmi\Spyware Terminator\SpywareTerminatorShield.exe"
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\SpywareTerminator "D:\Claudio\programmi\Spyware Terminator\SpywareTerminatorShield.exe"
PX5: 1004D6560028A64B64452A678F4D08008AF90C91
MD5: de5552c171eb156f4ba9e0135e2fb53e
Determination: GOOD

D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Avg7Alrt\ImagePath D:\DOWNLO~1\AVG75F~1\avgamsvr.exe
PX5: 21DE92A5001AF2AB64A906625DE519006365E2D7
MD5: 3c7b93f947355e374a49564d0d017b7b
Determination: GOOD

D:\download firefox\avg75free_428a818\avgklib.dll
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
PX5: 0905B47E00DB8F4AF0C200D2E1793900305E89E0
MD5: d756dc41effaad294c858e94b4a11bd2
Determination: GOOD

C:\WINDOWS\system32\MSVCP71.dll
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
PX5: F133D4F000B92F08A0E107FD67B66E0015498C05
MD5: 561fa2abb31dfa8fab762145f81667c2
Determination: GOOD

C:\WINDOWS\system32\MSVCR71.dll
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
Loaded into: D:\download firefox\avg75free_428a818\avgupsvc.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 3FEE1145002F2EB8504E05ED76DA9100776D97E7
MD5: 86f1895ae8c5e8b17d99ece768a70732
Determination: GOOD

D:\download firefox\avg75free_428a818\avglog.dll
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
PX5: D7A89D52008854C89AC801A4B599270028FCA248
MD5: c935b33cb471db79a42b81276a8d0934
Determination: GOOD

D:\download firefox\avg75free_428a818\avgcfg.dll
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
PX5: 1BA856950092D620BEAB087C3D3A710071560AA1
MD5: a1d544864dded278aafb104fd9cd8f49
Determination: GOOD

D:\download firefox\avg75free_428a818\avglng.dll
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
PX5: 4ECED89B00CF9794E450009CD16D5500FFF988A8
MD5: 1c8526edbce5499eb5722bed0a14b97c
Determination: GOOD

D:\download firefox\avg75free_428a818\avgamint.dll
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
PX5: A536B0BE00B629273EE50492BB140A00FFE4E0D0
MD5: a487a2bdc8ef099cede6dafe7b5525ce
Determination: GOOD

D:\download firefox\avg75free_428a818\avgamsps.dll
Loaded into: D:\download firefox\avg75free_428a818\avgamsvr.exe
PX5: 1A773CF4006542552A8400BB017FF80037C5472C
MD5: bd30b82a0364670e95ddbee7902290c9
Determination: GOOD

D:\download firefox\avg75free_428a818\avgcc.exe
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\AVG7_CC D:\DOWNLO~1\AVG75F~1\avgcc.exe /STARTUP
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\AVG7_CC D:\DOWNLO~1\AVG75F~1\avgcc.exe /STARTUP
PX5: B2AE899700F85999D65508B44FC71F0080417258
MD5: 8b0a837f1d0af0621a29c9f3dbf45e9f
Determination: GOOD

D:\download firefox\avg75free_428a818\avgtmgr.dll
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
PX5: D6DA4E6300CB354548B9066D9731FC002544E9AA
MD5: 5bd5bd73e02c3d8b2ecbf204e3a67345
Determination: GOOD

D:\download firefox\avg75free_428a818\avgctrl.dll
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
PX5: B15CFB2A00607B59D2880DD1E9F00F00139BCF72
MD5: a760fd2e65382a9f3e4c1fb46c825b26
Determination: GOOD

C:\WINDOWS\system32\MFC71.DLL
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 6CC9C2640078308D309410C7EE8D9E0004FCAA75
MD5: f35a584e947a5b401feb0fe01db4a0d7
Determination: GOOD

C:\WINDOWS\system32\MSVFW32.dll
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
PX5: 4870710600DDCA90DC7001F6C351A000C502322F
MD5: 35de518c32e4d878a250301a8f2eee08
Determination: GOOD

D:\download firefox\avg75free_428a818\avgabout.dll
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
PX5: 55A3E134001449F8A64606D88ECC6B005BA5449C
MD5: ab073307a311e5892f21e31ada25053e
Determination: GOOD

D:\download firefox\avg75free_428a818\avgtest.dll
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
PX5: 3E1C7A4C009FF453389C091E5BC33F00AF4D935D
MD5: b2bc91f02f7447d3777937ca8e258ee9
Determination: GOOD

D:\download firefox\avg75free_428a818\avgtres.dll
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
PX5: D9465DA7000B3E55BE48031BC2C8C600A3BF6D08
MD5: a8e8ce4a172fd204f745d8c570d23549
Determination: GOOD

D:\download firefox\avg75free_428a818\avgset.dll
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
PX5: 6193AD4D00FCB5DB2246078BC33E8A00573C2BBC
MD5: b5c72753f357250b0d0c5a7b78081f21
Determination: GOOD

C:\WINDOWS\system32\MFC71ITA.DLL
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 8C47BF9900C00236F0DE00B45623C60074094F00
MD5: ba14d19b7c983c5863601d95ea473fd2
Determination: GOOD

D:\download firefox\avg75free_428a818\avgresf.dll
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
PX5: 293D201B00D6ACD0A04F04BD43093000F1763FC4
MD5: 13f2f1b20128580238312176b1a6cbce
Determination: GOOD

D:\download firefox\avg75free_428a818\AVGRES.DLL
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
PX5: 23E816BB007D3F24922513DDDD54080019D56CB3
MD5: 8222adb1a3068e7cc457d72e57339436
Determination: GOOD

D:\download firefox\avg75free_428a818\avgcckrn.dll
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
PX5: 6AD9301000C5EC72E23508EFDF900200AD4500BC
MD5: 7b4b7e5fb4a920473ea5a0577d3e2d0a
Determination: GOOD

D:\download firefox\avg75free_428a818\avgvault.dll
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
PX5: 9730B38800BDBCA9448E01B6BAEF3900B9CAF783
MD5: bb59c88cbf24f6d136e12cbb7d1f2b64
Determination: GOOD

D:\download firefox\avg75free_428a818\avgrep.dll
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
PX5: 570F223B00266A721067016EC8DFC50070955DEA
MD5: d1f3d118adf63b29be4f40871514e341
Determination: GOOD

D:\download firefox\avg75free_428a818\avgunarc.dll
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
PX5: 94CC112C000ECAA6EC0102379DE66800C3E8D4CB
MD5: e5d4edfbe5c6ec8b5ffe2cfcdc6da880
Determination: GOOD

D:\download firefox\avg75free_428a818\avgscan.dll
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
PX5: 9F98A5910034E47FFE310562123AEF009D040066
MD5: 3a68865b43c361a227b9bd8da49e71e4
Determination: GOOD

D:\download firefox\avg75free_428a818\avgcore.dll
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
PX5: 3494D1FC00A65857669C0902A16E8C00DE84CC0F
MD5: f79c3bea490826dafbded811ae1f01f0
Determination: GOOD

D:\download firefox\avg75free_428a818\avgf.dll
Loaded into: D:\download firefox\avg75free_428a818\avgcc.exe
PX5: EEF491AE008EA020BC4B0050A4621600816EE6D0
MD5: f1a871f63bae2b0cba9f8649ff4fb539
Determination: GOOD

C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded from: \REGISTRY\User\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\CTFMON.EXE C:\WINDOWS\system32\CTFMON.EXE
Loaded from: \REGISTRY\User\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\CTFMON.EXE C:\WINDOWS\system32\CTFMON.EXE
Loaded from: \REGISTRY\User\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\CTFMON.EXE C:\WINDOWS\system32\CTFMON.EXE
Loaded from: \REGISTRY\User\S-1-5-21-1957994488-813497703-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\CTFMON.EXE C:\WINDOWS\system32\ctfmon.exe
Loaded from: \REGISTRY\User\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\CTFMON.EXE C:\WINDOWS\system32\CTFMON.EXE
Loaded from: \REGISTRY\User\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\CTFMON.EXE C:\WINDOWS\system32\CTFMON.EXE
Loaded from: \REGISTRY\User\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\CTFMON.EXE C:\WINDOWS\system32\CTFMON.EXE
Loaded from: \REGISTRY\User\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\CTFMON.EXE C:\WINDOWS\system32\CTFMON.EXE
Loaded from: \REGISTRY\User\S-1-5-21-1957994488-813497703-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\CTFMON.EXE C:\WINDOWS\system32\ctfmon.exe
Loaded from: \REGISTRY\User\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\CTFMON.EXE C:\WINDOWS\system32\CTFMON.EXE
PX5: 7BE460C100E5509F3C0D00F14B5A510097B91217
MD5: 5b33b4265966ee063c7fbea28958d9c2
Determination: GOOD

C:\Programmi\Messenger\msmsgs.exe
Loaded into: C:\Programmi\Messenger\msmsgs.exe
Loaded from: \REGISTRY\User\S-1-5-21-1957994488-813497703-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\MSMSGS "C:\Programmi\Messenger\msmsgs.exe" /background
Loaded from: \REGISTRY\User\S-1-5-21-1957994488-813497703-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\MSMSGS "C:\Programmi\Messenger\msmsgs.exe" /background
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}\KeyFileName C:\Programmi\Messenger\msmsgs.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}\Exec C:\Programmi\Messenger\msmsgs.exe
PX5: 554BA09D003029747233190011D8C200C1DE9FBB
MD5: 53054740672e37bccc01b8fd8750d05c
Determination: GOOD

C:\WINDOWS\system32\XPOB2RES.DLL
Loaded into: C:\Programmi\Messenger\msmsgs.exe
PX5: 568E33B900B42AE1DA2706D1A31995008C705EE8
MD5: 74ec7ac3d06b6ea7b0a6f55e1f356c53
Determination: GOOD

D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded from: \REGISTRY\User\S-1-5-21-1957994488-813497703-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\Yodm3D D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded from: \REGISTRY\User\S-1-5-21-1957994488-813497703-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\Yodm3D D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
PX5: 185C139500082A4CC406236998780B004EAC7E19
MD5: 632dffad8ea7be33f0c9b9f31a5b1ddb
Determination: GOOD

C:\WINDOWS\system32\d3d9.dll
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
PX5: B0445E530030CB95C6E919F3F61E24000C07269E
MD5: cc954d05b696d408ea1a962651fc6f83
Determination: GOOD

C:\WINDOWS\system32\d3d8thk.dll
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 2FD8D0B1001F64E6206300360D52B20075F3C360
MD5: 7d43d0a8b1b36e640ce321311f78dced
Determination: GOOD

C:\WINDOWS\system32\d3dxof.dll
Loaded into: D:\Claudio\programmi\personalizzazione xp\cube 3d\3d\Yodm3D.exe
PX5: 13F18C7F00AA32C4BA5F00E79FE7D2000A893DE6
MD5: d040531bdaf7ce739c2bef3b1731de03
Determination: GOOD

D:\download firefox\avg75free_428a818\avgupsvc.exe
Loaded into: D:\download firefox\avg75free_428a818\avgupsvc.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Avg7UpdSvc\ImagePath D:\DOWNLO~1\AVG75F~1\avgupsvc.exe
PX5: FB2D0C8C0030CE48C28B00B9473117008F2553BE
MD5: 30a14f65db477dc00a64a5a24e96919c
Determination: GOOD

D:\Claudio\programmi\Rolltab\WinRoll\winroll.exe
Loaded into: D:\Claudio\programmi\Rolltab\WinRoll\winroll.exe
Loaded from: \REGISTRY\User\S-1-5-21-1957994488-813497703-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\WinRoll D:\Claudio\programmi\Rolltab\WinRoll\winroll.exe
Loaded from: \REGISTRY\User\S-1-5-21-1957994488-813497703-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\WinRoll D:\Claudio\programmi\Rolltab\WinRoll\winroll.exe
PX5: E4556391000AA1323C1100320EC7090016695E5F
MD5: 69275ae5b3a348abaa6aba962baf455d
Determination: GOOD

C:\Programmi\Belkin\Software Bluetooth\bin\btwdins.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\bin\btwdins.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\btwdins\ImagePath C:\Programmi\Belkin\Software Bluetooth\bin\btwdins.exe
PX5: 732E327737061977F095038C614193007F931BA3
MD5: 22462828cf5fabdee29cc6638b381377
Determination: GOOD

D:\Claudio\programmi\personalizzazione xp\mouse\cursorxp\CursorXP.exe
Loaded into: D:\Claudio\programmi\personalizzazione xp\mouse\cursorxp\CursorXP.exe
Loaded from: \REGISTRY\User\S-1-5-21-1957994488-813497703-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\CursorXP D:\Claudio\programmi\personalizzazione xp\mouse\cursorxp\CursorXP.exe
Loaded from: \REGISTRY\User\S-1-5-21-1957994488-813497703-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\CursorXP D:\Claudio\programmi\personalizzazione xp\mouse\cursorxp\CursorXP.exe
PX5: A7D3078400547045F4EB01491D8E6D00C65A7980
MD5: 7b70742882445f1269fc49708ab39751
Determination: GOOD

D:\download firefox\Nuova cartella\nod32krn.exe
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NOD32krn\ImagePath "D:\download firefox\Nuova cartella\nod32krn.exe"
PX5: E961C00D807C7CDA6CD5081D6CCA180092CFF3D0
MD5: 82f52e10a4df718ff4ca67d2dbde8d07
Determination: GOOD

D:\download firefox\Nuova cartella\nod32krr.dll
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
PX5: 2C2B552138FD2A55DC98002DDDE82A005BCDD510
MD5: 00deae3f6cccd2c4a2555d124ac5bb36
Determination: GOOD

D:\download firefox\Nuova cartella\ps_amon.dll
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
PX5: D5CE1E618052590C0CE30336E77523008DEBABC1
MD5: 5be3ed40ff6ae62f4d4f2d56b59a0a52
Determination: GOOD

D:\download firefox\Nuova cartella\pr_amon.dll
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
PX5: 2C2B552138FD2A558C98002DDDE82A00107BD502
MD5: e005e12564429664226bcab710664e1b
Determination: GOOD

D:\download firefox\Nuova cartella\ps_dmon.dll
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
PX5: D793B09538E10F6DCC5D02490024D40071233124
MD5: 5d7cb96df7f181d20f5fecb446fada83
Determination: GOOD

D:\download firefox\Nuova cartella\pr_dmon.dll
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
PX5: 2C2B552138FD2A555C98002DDDE82A0062C7FFA3
MD5: 28dc1555c3e3a1530e5c4792128bef66
Determination: GOOD

D:\download firefox\Nuova cartella\ps_emon.dll
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
PX5: 50C1035F78B808CB2CD103A48C4F25006BF3A5E4
MD5: 506d8f6af32d9b9601da2c2e46d72e1b
Determination: GOOD

D:\download firefox\Nuova cartella\pr_emon.dll
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
PX5: 2C2B552138FD2A55FC98002DDDE82A00F9D2ADED
MD5: f40dd1d219b461c529b989323465728c
Determination: GOOD

D:\download firefox\Nuova cartella\ps_nod32.dll
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
PX5: F08A8A1B38C25931EC2E0276AC4DB400B928A77D
MD5: 1a9daf7657768891b97b14f5e4e6c82d
Determination: GOOD

D:\download firefox\Nuova cartella\pr_nod32.dll
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
PX5: 2C2B552138FD2A555C98002DDDE82A0000EADBDE
MD5: f6eaf0871e4f6bc5e1a5c1760eae3121
Determination: GOOD

D:\download firefox\Nuova cartella\ps_upd.dll
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
PX5: 85B2910A7883A9FEDC4604064191A0000702F044
MD5: 8cc0e44fc5e08720cf0c08689b33b91c
Determination: GOOD

D:\download firefox\Nuova cartella\pr_upd.dll
Loaded into: D:\download firefox\Nuova cartella\nod32krn.exe
PX5: 2C2B552138FD2A55CC98002DDDE82A008865AECB
MD5: 55b524616d87344e02e514eaaf87e62f
Determination: GOOD

C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
Loaded from: FILE
PX5: 6E00318E3D84906BD054082898736F00A3E67469
MD5: 17a07494347abb2aed3e39048a96e7bd
Determination: GOOD

C:\WINDOWS\system32\btosif.dll
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
PX5: D91B01A2007C44E9D0A20132124D8500B1BC82D0
MD5: c6ce25c49870abd4cfcf79474ad14abe
Determination: GOOD

C:\WINDOWS\system32\btwhidcs.DLL
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
PX5: B3CB53A3000918F670350364E4EF73004CFFE8B0
MD5: b477e1f3b9024651c6ff3661eba1b816
Determination: GOOD

C:\Programmi\Belkin\Software Bluetooth\BtBalloon.dll
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
PX5: DCA8E0CD007BE6D2C0C100C603326A00F9F5A701
MD5: 9562391047d0e21915eb1671ed6d23d5
Determination: GOOD

C:\WINDOWS\system32\btrez.dll
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
PX5: 4AAE19B4001BE2FCB0EE2FC3C96C3B00FAB521DE
MD5: dfa67037a8510a3f8466c58b46718c19
Determination: GOOD

C:\WINDOWS\system32\CSH.dll
Loaded into: C:\Programmi\Belkin\Software Bluetooth\BTTray.exe
PX5: D420C6B30003F1F4C44C00DCCDBD83008BBDDB89
MD5: 26aa1984ec4e50e4d91c25ec46e11aa8
Determination: GOOD

C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded from: FILE
PX5: 7C0F63780083C0065049041A31CD6D00D5FCD070
MD5: 5597d0075861cb0a6e6087752d205c0d
Determination: GOOD

C:\Programmi\HP\Digital Imaging\bin\hpqcxm08.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
PX5: CB0A8ACF00A6D979304B02833A27CD004591F1A2
MD5: ea99b12613e5909526123eec64d6abdc
Determination: GOOD

C:\Programmi\HP\Digital Imaging\bin\hpquio08.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
PX5: 8A513FF8000210DB907A01F3066C99002E605DB7
MD5: 82e047ac9dcfa908f169ebb20c157198
Determination: GOOD

C:\Programmi\HP\Digital Imaging\bin\hpqtra08.rsc
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
PX5: 7D6555160016475A0030012DDDE82A0086999354
MD5: bd7e90c78cf0bc711cc9526acbca5a8a
Determination: GOOD

C:\Programmi\HP\Digital Imaging\bin\hpqtao08.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
PX5: F5BFFF1800210F5A006801216A0922006179DE83
MD5: 621d873625b55315d248204e6588ba2d
Determination: GOOD

C:\Programmi\HP\Digital Imaging\bin\hpotra08.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
PX5: FC8A16D80045660B20F703B9EFD26E001D4B308D
MD5: 748cad1a5b3db2daeba8744a97d0b14b
Determination: GOOD

C:\Programmi\HP\Digital Imaging\bin\hpotra08.rsc
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
PX5: F6E6D65D006AF82C705C002DDDE82A000314918B
MD5: 8c585819cd052f6d0050dbc7b1c44ac0
Determination: GOOD

C:\Programmi\HP\Digital Imaging\bin\hpodio08.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
PX5: EC55CA74000A7FF3A0840A840450B6005E171DBF
MD5: fc99dc360cfa2e32276151eb7b1d899d
Determination: GOOD

C:\Programmi\HP\Digital Imaging\bin\hpqcob08.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
PX5: DF7B50BB00ED994F5061015FE5DB1D00502D4EAB
MD5: b245e6716cf85bdc55d17030ca609a73
Determination: GOOD

C:\Programmi\HP\Digital Imaging\bin\hpotradd.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
PX5: 6D8DB946000A6845D0940063629E4600260E5679
MD5: aea0b0aa26e4ea377d6a12b3b5d6f90f
Determination: GOOD

C:\Programmi\HP\Digital Imaging\bin\hpqrif08.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
PX5: D2A23C8B00AF3F6F90640371DAAAB70059724FDB
MD5: 20a1de2d6a22dbca17f0e6445420be47
Determination: GOOD

C:\Programmi\HP\Digital Imaging\bin\hpqmif08.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
PX5: CDDB25C700AF2A01B0FB031D8CE8490089A41C9C
MD5: da74f6cb9b6badc53e72f49bda478ddf
Determination: GOOD

C:\Programmi\HP\Digital Imaging\bin\hpodvd09.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
PX5: 333CEEDA001871CE14D6013AC66975004545B47D
MD5: a490ede46a746e14ae6876021b6d4269
Determination: GOOD

C:\Programmi\HP\Digital Imaging\bin\hpoddcomm09.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
PX5: 51839C8000968F646E1401A906528F00BEEEEFB5
MD5: 6bda568a2aed0f84c717b5649f70c91c
Determination: GOOD

C:\WINDOWS\system32\hpzidr12.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
PX5: F95AC56B389A9EFA408404579E7D1F005A136DF1
MD5: 3a2030bbd08924970dcdb7abba4c4d92
Determination: GOOD

C:\WINDOWS\system32\hpzipr12.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
PX5: 0B73795500D7081320EF03C15C52DB0036F39EBA
MD5: d6d559b94671573a026ed47c5e75964b
Determination: GOOD

C:\Programmi\HP\Digital Imaging\bin\hpqusg.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
PX5: 0F880AA3001C1A72C05C04D02E60710039E9A332
MD5: 9ee09fd74d7d844f10a8450f0849b455
Determination: GOOD

C:\Programmi\HP\Digital Imaging\bin\hpocxi08.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
PX5: 550E374700B5146E3079041CCEC1C200CCDCCD19
MD5: 891736c55cef9d265f915bcc0737d8a8
Determination: GOOD

C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 635EF949000DE07D50E30751D8DDDE00D52EECCB
MD5: 1499435cdbdf07acc38bdb49470bca88
Determination: GOOD

c:\windows\assembly\gac\hpqiface\4.0.0.0__a53cf5803f4c3827\hpqiface.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 098504D80031E9EB50B0000D90FA7F008B2187A2
MD5: a0dcb32156bdf2eb4af72ee38141e7b7
Determination: GOOD

c:\windows\assembly\gac\hpqcc2\3.0.0.0__a53cf5803f4c3827\hpqcc2.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 590F3E0900D4677900B1093F7424C400470528F5
MD5: bb2be4ba77c0c84d1a3f135d418b4659
Determination: GOOD

c:\windows\assembly\gac\hpqutils\4.0.0.0__a53cf5803f4c3827\hpqutils.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 738B2D8100A0FAFC70E103B0C79EEB007FEBACA9
MD5: 17da38cb41189c545e84c4682f25a0f3
Determination: GOOD

c:\windows\assembly\gac\hpqfmrsc\4.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 2D18BEDC00AFC48C90DA002B5A23A200E94E3FD6
MD5: b22ba6939f9230cdd87ead85f3ecd1d9
Determination: GOOD

c:\windows\assembly\gac\hpqtray\4.0.0.0__a53cf5803f4c3827\hpqtray.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 2DBE6B5200F9977C908305CFF35CD10001BFCF47
MD5: 80a137e5fb9e9cc95c1dcc9300905343
Determination: GOOD

c:\windows\assembly\gac\hpqovskn\3.0.0.0__a53cf5803f4c3827\hpqovskn.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: A964994000593FA3D02D0065C8A3E00095DCE3CE
MD5: 33dfca90b4be8c62b20ce0beee4cac1d
Determination: GOOD

c:\windows\assembly\gac\hpqimvlt\3.0.0.0__a53cf5803f4c3827\hpqimvlt.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 8897089500D6F639D03807E73F7C4900B1E1A884
MD5: bc33c1a2e9107e290a4b4f12894e25bd
Determination: GOOD

c:\windows\assembly\gac\hpqimgrc\4.0.0.0__a53cf5803f4c3827\hpqimgrc.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: B40F36D600639F27E06D02E565145400B2829F30
MD5: 350750024696fd6496dda08ebe5a1ea4
Determination: GOOD

c:\programmi\hp\digital imaging\bin\it\hpqimzone.resources.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: A556272800F02EFD50670149AA874F005669F704
MD5: c31db04206b32fccba772ed1e0e4de99
Determination: GOOD

c:\windows\assembly\gac\hpqntrop\4.0.0.0__a53cf5803f4c3827\hpqntrop.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: CCA6B9C600A62B3710BD01283F520700C9AA82F3
MD5: 5bdb40c486291ca8af13a08232baa177
Determination: GOOD

c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\interop.hpqcxm08.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 606BF7720002242C90D900A34B0776009C8D0F7F
MD5: 659272675eabdccfda85cf5892ed244b
Determination: GOOD

c:\windows\assembly\gac\lead\13.0.0.113__9cf889f53ea9b907\lead.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: B9A264E200AE99473026017194517600F0CFE8C1
MD5: 648fe0d27734bb73ef04bc6789b20935
Determination: GOOD

c:\windows\assembly\gac\lead.wrapper\13.0.0.113__9cf889f53ea9b907\lead.wrapper.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 4CC5DAC800C63C8A90D9064D542EC4008BB56227
MD5: 335270904fed5f3629fe0d2fcab7bd4f
Determination: GOOD

C:\Programmi\HP\Digital Imaging\bin\ltkrn13n.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 39401A02001C306CEA2B06A091286A00F17D0AE9
MD5: e2cd12a09aab75b19123e4ab807b2d25
Determination: GOOD

c:\windows\assembly\gac\hpqtray.resources\4.0.0.0_it_a53cf5803f4c3827\hpqtray.resources.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 8C0ECF41004D352FE0270136E6EBD400FF306C9B
MD5: 8fcc5d290b4e1b0f31dfea0433703d0c
Determination: GOOD

c:\windows\assembly\gac\hpqfmrsc.resources\4.0.0.0_it_a53cf5803f4c3827\hpqfmrsc.resources.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: EC6CF3BC00B3B30832650006F526FB0042180D27
MD5: 19789490e6e48266f91eb3ac6acf619c
Determination: GOOD

c:\windows\assembly\gac\lead.windows.forms\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: A40E852200259458A0F000351E236800CCC22BA7
MD5: 4bbf2f7e4f0f21fdcf30f540e7331bd7
Determination: GOOD

c:\windows\assembly\gac\lead.drawing\13.0.0.113__9cf889f53ea9b907\lead.drawing.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 39D5C4F1004B3D60505D015AF686C90021BAE764
MD5: b8549829aabd31329cb20367f05630ea
Determination: GOOD

c:\windows\assembly\gac\interop.hpqimgr\3.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 32AFE2F0001F080A2A270030A420FA003C3B9C40
MD5: 5d9e5c12afa844efcc6763a29ba8a76c
Determination: GOOD

C:\Programmi\HP\Digital Imaging\Bin\hpqimgr.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 53E876B900E10D316026079A6C90E800204432C3
MD5: f11cebcee8ebd44650500e790f5bede9
Determination: GOOD

C:\WINDOWS\system32\ATL71.DLL
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: E909302D009C54105C6B0151449A85009FE0FD3B
MD5: 8f2097e8b174f38178570c611464935f
Determination: GOOD

C:\Programmi\HP\Digital Imaging\Bin\MSVCP71.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: F133D4F000B92F08A0E107FD67B66E0015498C05
MD5: 561fa2abb31dfa8fab762145f81667c2
Determination: GOOD

c:\windows\assembly\gac\hpqasset\4.0.0.0__a53cf5803f4c3827\hpqasset.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 5EDC5BEE001C3538608300C422212F000CEC5521
MD5: 6348fe0bb6230406e4401e94c3a660d8
Determination: GOOD

c:\programmi\hp\digital imaging\bin\hpqmirsc.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: D7242E010074C7CE007E01C4704557002D0F7681
MD5: 11dda07e408dcde39d4be4fd5ffef6d0
Determination: GOOD

c:\programmi\hp\digital imaging\bin\it\hpqmirsc.resources.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: C4C2999700E2DE40A08F003A9E20AB005B2C91C1
MD5: 7e0d7c61b12afcb620aa8c1304aa6518
Determination: GOOD

c:\windows\assembly\gac\hpqedit\3.0.0.0__a53cf5803f4c3827\hpqedit.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 20851AA4009B9281C0230FC2A1E1A50012AA7AC6
MD5: 32ddd519c87b37c8520d3b48c1a13f96
Determination: GOOD

c:\windows\assembly\gac\hpqvideo\3.0.0.0__a53cf5803f4c3827\hpqvideo.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 573181DF00CA5BE78005026B3BEF2000227100B4
MD5: aa50961d0889b2085c3a54b0a024643b
Determination: GOOD

c:\windows\assembly\gac\lead.windows.forms.drawingcontainer\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.drawingcontainer.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: BF8F498200C326C410A601795D9B0C0002DC2D06
MD5: d086d14ae3e163dd38230cbc804c6747
Determination: GOOD

c:\windows\assembly\gac\hpqmdmr\4.0.0.0__a53cf5803f4c3827\hpqmdmr.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 370096C4008D6047005D01855F919600D69190EF
MD5: 8f8a3958a3ad696172c8d19827319e7d
Determination: GOOD

c:\windows\assembly\gac\lead.drawing.imaging.imageprocessing\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.imageprocessing.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 8CBD93AD0099DED7601301C04E63F7001FBEB402
MD5: f5a621c69b659258e5164306a15c9caa
Determination: GOOD

c:\windows\assembly\gac\hpqimlib\3.0.0.0__a53cf5803f4c3827\hpqimlib.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 5FE9F9DB00F32666E058009A11522C006AB659F4
MD5: 268d22ad922cf3dc49962cd977b73a45
Determination: GOOD

c:\windows\assembly\gac\hpqedit.resources\3.0.0.0_it_a53cf5803f4c3827\hpqedit.resources.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 4BEAF26F00B38ADC005D05FC7B3BF90004F544BD
MD5: 33685c8f6b90fa6424671d0999a43d3d
Determination: GOOD

c:\windows\assembly\gac\hpqglutl\4.0.0.0__a53cf5803f4c3827\hpqglutl.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 10E34E0B00B4B0A2104201BF6979C80052508CC3
MD5: 603b55ea0e2a583d42133615c451bc5b
Determination: GOOD

c:\windows\assembly\gac\hpqcc2.resources\3.0.0.0_it_a53cf5803f4c3827\hpqcc2.resources.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 83E54C18005415AE10D002E05694DD00C2175B64
MD5: 0f631dd26ddbe66c5453d61e4c47431b
Determination: GOOD

c:\programmi\hp\digital imaging\bin\it\hpqvideo.resources.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 21D59D9900A6FCB1A08C00D7BC098A0078BA63EF
MD5: 7def17248f8b8ddedf52c2a776b7e9c7
Determination: GOOD

c:\windows\assembly\gac\interop.hpqvideo\3.0.0.0__a53cf5803f4c3827\interop.hpqvideo.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 191AF257001927353CF70060A64C3F004382F721
MD5: 67588302dfd1c8519311501db3582623
Determination: GOOD

C:\Programmi\HP\Digital Imaging\bin\hpqvdcom.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 6DD9D72800FCCAA6203A0313D6BB820072B54068
MD5: 175e8a8b8705fd9d8ec3f582930b07a9
Determination: GOOD

c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: C498A8200024C3231E4A003865AD07000660F252
MD5: a1b44c0a1ad71f86579a4521d5b1c024
Determination: GOOD

c:\windows\assembly\gac\hpqprrsc\4.0.0.0__a53cf5803f4c3827\hpqprrsc.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 9A5449D3005ED90FE074009C8510A800B3E95A6A
MD5: 66d547a0c6d70c23bd39aa6b1868a8e4
Determination: GOOD

c:\windows\assembly\gac\hpqprrsc.resources\4.0.0.0_it_a53cf5803f4c3827\hpqprrsc.resources.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 195C1B1000D7897E40BD0039D1D5B20084CC79A8
MD5: 79341cc4f7177cf74ed6820c84244d12
Determination: GOOD

c:\windows\assembly\gac\interop.hprblog\3.0.0.0__a53cf5803f4c3827\interop.hprblog.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 07DDC4BC0028766E1071003F59B31200B79BCD14
MD5: f89bdd4110a8f493ab2e4637f52eb1f4
Determination: GOOD

c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 9C67C6C700E5A941D0E2058FFFB6E80037BD7A3A
MD5: a7b5156e9d435bbde7f080556bf547b1
Determination: GOOD

c:\windows\assembly\gac\hpqcprsc.resources\3.0.0.0_it_a53cf5803f4c3827\hpqcprsc.resources.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: B5D9F10500FB27DC3069010F33EDB7002867C657
MD5: ac650a9b154799bcd7fb9ed1b845dd99
Determination: GOOD

c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: E0CC640F000F41330075011F83C07200B2FD4313
MD5: 4eb6946c795b0bef7a5cf0151347e379
Determination: GOOD

c:\windows\assembly\gac\hpqisrtb.resources\4.0.0.0_it_a53cf5803f4c3827\hpqisrtb.resources.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 5DC39406009E831EE02900BC742D6E009624A48F
MD5: 2685c151d3c020bb97d2c4b17b2006d4
Determination: GOOD

c:\windows\assembly\gac\hpqbakup\3.0.0.0__a53cf5803f4c3827\hpqbakup.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 423275D000F18C50D0330B374BF42E00AF34771F
MD5: f59d6cc822f6892635b8d6d2ccde9998
Determination: GOOD

c:\windows\assembly\gac\hpqbakup.resources\3.0.0.0_it_a53cf5803f4c3827\hpqbakup.resources.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: A75AC320003C531770EF047145EA14009AEBA425
MD5: ec0bda5207ac7241e64f7558bc7a9b5d
Determination: GOOD

c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqimzone.exe
PX5: 83262F9900677E04B0860039439CF500BC103F8F
MD5: 1924c6fb611923da4beec3de6d5dc1eb
Determination: GOOD

D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
PX5: 97200925009B03B9906C13251BBB24008BAF3272
MD5: b9c95b8108a7819f01809a918a2de5a2
Determination: GOOD

C:\WINDOWS\system32\RICHED20.dll
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
PX5: 78A77A26004A717596B506399B8D75004DB2AFC4
MD5: f52bd4c96501f8914264a181beec2bb0
Determination: GOOD

D:\Claudio\programmi\konfa\js32.dll
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
PX5: 5BCEECAD00C9279CC02C0564B4D08D0000D65E37
MD5: 9bd801dcd0b4d4cf755580326c4f4dfc
Determination: GOOD

D:\Claudio\programmi\konfa\MSVCR71.dll
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
PX5: 3FEE1145002F2EB8504E05ED76DA9100776D97E7
MD5: 86f1895ae8c5e8b17d99ece768a70732
Determination: GOOD

C:\WINDOWS\system32\RICHED32.DLL
Loaded into: D:\Claudio\programmi\konfa\Konfabulator.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
PX5: DC22E964004006F30EC300044BCB3C00B79BCD14
MD5: 0134d2722ec5c822a17bf66963b37231
Determination: GOOD

C:\WINDOWS\system32\PnkBstrA.exe
Loaded into: C:\WINDOWS\system32\PnkBstrA.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PnkBstrA\ImagePath C:\WINDOWS\system32\PnkBstrA.exe
PX5: 5CA8B3B738498FD505B701650387EB009DFCB9FE
MD5: 831883b107684301f48ace752c963984
Determination: GOOD

D:\Claudio\programmi\Spyware Terminator\sp_rsser.exe
Loaded into: D:\Claudio\programmi\Spyware Terminator\sp_rsser.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\sp_rssrv\ImagePath "D:\Claudio\programmi\Spyware Terminator\sp_rsser.exe"
PX5: 54B0B84D0036F06CC01F0E35C4804900F3E72D90
MD5: b1183fda9b1ee7bd61ee0615d6762565
Determination: GOOD

C:\Documents and Settings\Andrea\Impostazioni locali\Temp\{D6296426-9AA3-4FC5-B29F-EC233B0EE7BF}\SDPlugins\DXPerf4.dll
Loaded into: C:\WINDOWS\system32\ntdll.dll
PX5: 2163AA2800120FFD888D01F306BC75007CC51CC6
MD5: 99fb06429989b36706808db30fa42063
Determination: GOOD

C:\WINDOWS\system32\pdh.dll
Loaded into: C:\WINDOWS\system32\ntdll.dll
PX5: A85140DE00BA0AE95C7304D5FD174D00A3C4C06D
MD5: 4a8b4857835466514d6f0741cfeba35b
Determination: GOOD

C:\WINDOWS\system32\odbcbcp.dll
Loaded into: C:\WINDOWS\system32\ntdll.dll
PX5: 032593F2006840EC60920035AE24B90007BE0D15
MD5: a31c139e4ffed95f4476958ad39cde25
Determination: GOOD

c:\windows\system32\wiaservc.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 8513A5980082F62718F005D84CE75600A840A9D9
MD5: 2bb718bb4252909c389b3966492b0f30
Determination: GOOD

C:\WINDOWS\system32\wdfmgr.exe
Loaded into: C:\WINDOWS\system32\wdfmgr.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\UMWdf\ImagePath C:\WINDOWS\system32\wdfmgr.exe
PX5: 9FA38DDC00508FFA98BC0037D087BF0071EC7096
MD5: ab0a7ca90d9e3d6a193905dc1715ded0
Determination: GOOD

C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
PX5: CC5C1E1600ECA5AB20F403479B400500CEB96F87
MD5: 2db4d4386ac0f8cc367e1aa8ab1004ef
Determination: GOOD

C:\Programmi\HP\Digital Imaging\bin\hpqmfc09.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
PX5: 41D0E3D10086B0223026022146608200FBC4526B
MD5: 7bc9bbc3c0c756b69e3f152abad0b44f
Determination: GOOD

C:\Programmi\HP\Digital Imaging\bin\hpqtap08.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
PX5: 7A08D69E0049B3C6D0AD00D00C657200525B1F3E
MD5: 1bf96f094044e1a6debefc6fc7e1025f
Determination: GOOD

C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.rsc
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
PX5: 93DDF0160041380D706E022DDDE82A00B30CED38
MD5: 11be53e681f0b08d18268c9afe390f26
Determination: GOOD

C:\Programmi\HP\Digital Imaging\bin\hpqsti08.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
PX5: 858F450A009DFDFF40E9020AF7C4050016305B91
MD5: bcbec1b5fde429b2839410d22b5a0d15
Determination: GOOD

C:\Programmi\HP\Digital Imaging\bin\hpqstp08.dll
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
PX5: 7FB43CD4003AE3B0108202ED3683D0000E653009
MD5: adb83edd735eb87f4030e5a9e9ba3d5c
Determination: GOOD

C:\Programmi\HP\Digital Imaging\bin\hpqsem08.rsc
Loaded into: C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
PX5: 93DDF0160041380DC06E062DDDE82A002146C5CE
MD5: 5620af4790b35fa6bf93e874b9b1c0a4
Determination: GOOD

C:\WINDOWS\system32\wscntfy.exe
Loaded into: C:\WINDOWS\system32\wscntfy.exe
PX5: A36EE43900E6E09B3694008A88863A00DD6FF528
MD5: a49c11376727f7adc7e206e4c89b24e1
Determination: GOOD

C:\WINDOWS\System32\alg.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ALG\ImagePath %SystemRoot%\System32\alg.exe
PX5: A1E5D90F00A84BB2AEC200E087F3A200AB0BF90E
MD5: d4a42bf3c11302aa3ccd857034ef1e54
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.component.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 71459AE0007F3C3EA09D12753B7C83001E9260B3
MD5: b330d50d5687acdcc30645999fe0eaf0
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.foundation.clients.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 43A7C26500FA6FFEA07600DEE2B7B900D4A686F7
MD5: 2dac1e55a456c2c373180912aa0bdadb
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.component.dashboard.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 5AD9CC3400E4DA47608500298728BC00301A263D
MD5: f8a89c8b6f1d819ccc0b19a42c11135f
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.caste.local.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 43CBC05F00316D6C40DA007B918A330010673576
MD5: 6944e12c5b3f2e080d78f733089c8754
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.caste.graphics.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 9612CEDF00F96D8EF09900430CA3DB001F525AF6
MD5: ed1dcae56d9a4308332f086d285ce45e
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.caste.graphics.dashboard.shared.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: E59EBF0000D4199540690016D5DD6C0005D5BFB3
MD5: fc74295f7ac40b07c7aaddbd81c36216
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.welcome.local.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 3590BC7F0085EE2EA08C013DE444B800BABB0408
MD5: a8a7d0908db9835483f9bed88186014c
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.infocentre.graphics.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: A8B9CAE500963D3E50AF055C74A9F40033C9364F
MD5: 1cca8344abfce189ebcb514c92a23c2a
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.displaysmanager.graphics.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 05C579120024B64C80800ABE4598850029FE2BAF
MD5: 5baca4a33bbcf56268db9bdcfb55de44
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.verylargedesktop.graphics.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 111BB01F00A4DAD5A07D0489126584008BFB0E14
MD5: de2be50d44b9308fb130d602aeaccf27
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.displaysoptions.graphics.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 661289440026B4F7D09F02C2764D9800CFD9502A
MD5: d65c5d0caef4f88bc33049b282fea47c
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.devicecrt.graphics.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 703DFB1B002A853FA0A1089544EA3E00AAB33D1C
MD5: e71495ca34121db6af6719190078015a
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.devicecrt2.graphics.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 3801D62E003F2A28C0090833B0F0BD00E5A7A97F
MD5: 637261258e1fd3e43ec95e95656c1fb1
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.devicelcd.graphics.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: D81EE5220018DF49B0D1061B0C005800C0B44C4C
MD5: a225671a219d39c41e1e07192881f644
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.devicelcd2.graphics.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: A794A0F400A9CD40D0D106700C3BEC00EACFFA87
MD5: 06e832663775ed5dc879669c20c48c27
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.devicecv.graphics.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: B7BF0C1A006950C5C0350CD7EAA94100A21BDF07
MD5: 213f6232916f5185bf4eb42c6afea55f
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.devicecv2.graphics.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 3D19B6E4009615A250700B8B4B97D60009034E03
MD5: d36b14397bb6cf980128454781b1d353
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.devicetv2.graphics.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: C12A791300F58C42D0181120982C60002DCF8555
MD5: 45e8d0d6b395e7cd5ebf45534a463463
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.devicetv.graphics.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: B984DC31002BF6140026121CE7B0030006BE87E7
MD5: 781e17b35bc15d84a21b5be6627ae590
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.devicedfp.graphics.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 16F9740100032C9A208F06339A08A9005C1D839D
MD5: c9001517f2e879009360a2a2f4b864b0
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.devicedfp2.graphics.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 9C0DFE3F00EFE5C210AD0795D51BFD00E3D1FABA
MD5: ca631e13b889beb750b7383ac1ea3755
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.radeon3d.graphics.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 6786130200C9293F30D80C52AE04E600AA3542D9
MD5: c97e2093a460b46c5a99fa0b3ae493aa
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.radeon3dlegacy.graphics.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 1D1E3506008B1350C0F9065DF292F300905D327A
MD5: 827423f9bdc202752db1cb774c225ed9
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.displayscolour2.graphics.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 5EC06524009C7C1260EB0C8449EE7B0072E4F22B
MD5: 3ceefc9eb8877ccd58b86b25582dd0dd
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.displayscolour.graphics.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: C8567EB800AFED4F50A50D833CD3340069CD51D6
MD5: 25a40488d8d6f7175ba91951ea29d648
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.mmvideo.graphics.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: DD40F06D00E4D1D740900EE651C3DB00756D1BF3
MD5: 8a1c162918976e4e75b6121f1ccb792d
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.videooverlay.graphics.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: CB483CB2000E94ED900D2AC324641100FE710AC6
MD5: 7af998ff36fca3a72e9644bdc2a469da
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.powerplay3.graphics.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: A4510491002F13DD300B04960A28FB0005F0A7C4
MD5: 284823390c6309fe2035bf3600f0e1e0
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.smartgart.graphics.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: B2C5A3010011530780F405A632FBFD009D50876D
MD5: 0652e03f10c6a2e45f9fde29bcd13e5d
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.vpurecover.graphics.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 1F39EA3B0059DA7C30CA026322CC8D0095792A56
MD5: 556fc4b906d22bc577749a85f72123c4
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.workstationconfig.graphics.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 34A49C3300D2C7B810D502D17A6FD4007226E617
MD5: df35b24fa6b1a1125f13bb4ef8a23927
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.overdrive3.graphics.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: A33A240D00DDC726B0020DD6E91AE6003EC9B5FA
MD5: 9f7b8ed8a4511c594c54bd477aa8bef2
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.overdrive2.graphics.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 5BB0FF7E002A83C0B0EC0A87804AC10049710D29
MD5: 2eb3412bbd68194106af2727e2cf1e2a
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.integratedumaframebuffer.graphics.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: DA09CD8E00E9A18FB02E04736333A800A672DB7D
MD5: 9235f7ee4eb29fe13cd707fe27d9367d
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.multivpu2.graphics.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: 3F047A7F00AE97D4100E08161B93E8000503DC9F
MD5: 9f302612ca682af198fc22a941366934
Determination: GOOD

c:\programmi\ati technologies\ati.ace\cli.aspect.multivpu.graphics.dashboard.dll
Loaded into: C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
PX5: C6823A7200D6D7A1106408FC4DBF1200F923D06D
MD5: c503fb186e0089bce1d946d788500046
Determination: GOOD

C:\Programmi\MSN Messenger\usnsvc.exe
Loaded into: C:\Programmi\MSN Messenger\usnsvc.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\usnjsvc\ImagePath "C:\Programmi\MSN Messenger\usnsvc.exe"
PX5: 5ADE8CB4702068007B8E0103793683003D23EE98
MD5: c5b70a6aa947667ce0e5fc84a05ec8b6
Determination: GOOD

C:\Programmi\MSN Messenger\usnsvcps.dll
Loaded into: C:\Programmi\MSN Messenger\usnsvc.exe
PX5: 18B91F0570F6C519D5D7003B3C2E070091F08402
MD5: 1ba97455aa8ac4ee2bf407d4aad6f337
Determination: GOOD

D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
PX5: FFB0869B88A5886C085343EB2B5CCD0006B962A3
Determination: GOOD

D:\Claudio\test\anti\Spybot - Search & Destroy\Tools.dll
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
PX5: 6BE976FC505C39588100097EC8EA9D00050A59B8
MD5: 61113c2c69a447e43a7c0b9e94cb5f9f
Determination: GOOD

D:\Claudio\test\anti\Spybot - Search & Destroy\APORTS.DLL
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
PX5: 950BC56B00E9990B7084002DDDE82A00193A80A4
MD5: fd58daebc16e4ad13584f31ba6dfafc1
Determination: GOOD

C:\WINDOWS\system32\mapi32.dll
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
PX5: 77CE006E0094CBFAB6940177F1356D0035600D22
MD5: 511cd6a6cf17bb6db532a95162664d77
Determination: GOOD

C:\WINDOWS\system32\hhctrl.ocx
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
PX5: 536E66420094F1290AFC08CDABA689005F36ACA7
MD5: baef0fa3fdadd775961b60e7b467b447
Determination: GOOD

C:\WINDOWS\system32\mui\0010\hhctrlui.dll
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
PX5: BA28999700DF7F81607B01C7951F4A005B77C7B8
MD5: 126a1b4a38bdeeb1cdf0e06e5a547669
Determination: GOOD

C:\WINDOWS\system32\icm32.dll
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
PX5: 7A9366E100354AE0E0160396CBA65B006233C640
MD5: aabf523c983a5b950ef16f386d8b6490
Determination: GOOD

D:\Claudio\test\anti\Spybot - Search & Destroy\PlugIns\TCPIPAddress.dll
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
PX5: 1FA6DEACB81C6085EE0901A4B78277005EBEF6A1
MD5: b51fcea34d150125af530dbce0816ceb
Determination: GOOD

D:\Claudio\test\anti\Spybot - Search & Destroy\advcheck.dll
Loaded into: D:\Claudio\test\anti\Spybot - Search & Destroy\SpybotSD.exe
PX5: 955393B0585758D696F20A7B6BF5E800BEFFA6E7
MD5: 86926355648caad1b8b007ede4b213b5
Determination: GOOD

D:\Claudio\programmi\firefox\firefox.exe
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
Loaded from: \REGISTRY\Machine\Software\Classes\ftp\shell\open\command\(default) D:\CLAUDIO\PROGRA~1\FIREFOX\FIREFOX.EXE -requestPending -osint -url "%1"
PX5: 38C4B8AC684C692CB7F6748CE8E382001ED209FC
Determination: GOOD

D:\Claudio\programmi\firefox\js3250.dll
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: B105E9BD60A10EB3F5AA06E7AF7B4500F830E304
MD5: aac5a61b2a9131c8c99d3e339256b915
Determination: GOOD

D:\Claudio\programmi\firefox\nspr4.dll
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 5263A09E688D072175F602F4E50AA800152662B4
MD5: 882e00fd74a4d0a59e132671afc151a0
Determination: GOOD

D:\Claudio\programmi\firefox\xpcom_core.dll
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: D8E216336865C09F6FF00642121305007C931532
MD5: d69c0dcfcbc13b508aeda923494fd832
Determination: GOOD

D:\Claudio\programmi\firefox\plc4.dll
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 805ED1397029B78F85F6002DDDE82A00E695D41C
MD5: e93ca83eadd23880404439ebf4c7d323
Determination: GOOD

D:\Claudio\programmi\firefox\plds4.dll
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: D89FD48168A74E7D758A00A323AA330094685022
MD5: 51edaf25e67c20524ec8f436567684d0
Determination: GOOD

D:\Claudio\programmi\firefox\smime3.dll
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 89F2D56760AD0AA4B51B014C7B609900902F04B6
MD5: 421f8e063b53ba9809f53a98b55334f3
Determination: GOOD

D:\Claudio\programmi\firefox\nss3.dll
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: AA1EDE4560A6A7CAC5F105427FB01100855F0127
MD5: 3916c2d9c7326a5ced619a700297e720
Determination: GOOD

D:\Claudio\programmi\firefox\softokn3.dll
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 8542B9B86C54271FE0A2030F4DD1D900CF82173B
MD5: 49efa087a54eae2b91eec819ab94c125
Determination: GOOD

D:\Claudio\programmi\firefox\ssl3.dll
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: CD745CC160357AF9052E021B815ED000CB3E9F48
MD5: 62ce45cf27f3a96bd87814cf27e74522
Determination: GOOD

D:\Claudio\programmi\firefox\xpcom_compat.dll
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 5CA5D7C57080F7BB1FDF01B3C467780054F386D5
MD5: 63f9d7d5160399654ebae0bb3fc7f7ae
Determination: GOOD

D:\Claudio\programmi\firefox\components\myspell.dll
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 17BCE6718038929887B7000AF9F43C0041B33700
MD5: f0c591110262a727ba1f5615024cdd3b
Determination: GOOD

C:\Documents and Settings\Andrea\Dati applicazioni\Mozilla\Firefox\Profiles\jx8kwefb.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\ImageShackCom.dll
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 0947D2D300E5BD93405A06F0AAF0E3001AD3B36D
MD5: f6efcdd498d4f4245d70f1b041c395d1
Determination: GOOD

D:\Claudio\programmi\firefox\xpcom.dll
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 42320400600CFDD033450027D4F20200364358FF
MD5: 43fd8efaacf4ac27829ac638eb6eb845
Determination: GOOD

D:\Claudio\programmi\firefox\components\jar50.dll
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 20ED34CE68408210031801424FA4AB00486FFEEB
MD5: c70563a4ad34cc1ee59de7da33d5fdfd
Determination: GOOD

D:\Claudio\programmi\firefox\components\spellchk.dll
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 19A3215778980EB3B563002D24DAF1002F35CF70
MD5: 666410c292e216ce67fea3f371dc6249
Determination: GOOD

D:\Claudio\programmi\firefox\freebl3.dll
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 656849DF7D6F8DBF10880339B81361005F4DE71F
MD5: e594d88df4ee71765fb93b620a03ceae
Determination: GOOD

D:\Claudio\programmi\firefox\nssckbi.dll
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 48E2FA29681572B72517045B50510700406A09D2
MD5: f3890822aff28d985981c9ceb5a577b3
Determination: GOOD

D:\Claudio\programmi\firefox\plugins\npnul32.dll
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 3BECF5E6802C023A57C3005B75C99A0053D2081D
MD5: 2a48fd528ee26cc2e394823745935995
Determination: GOOD

C:\Documents and Settings\Andrea\Dati applicazioni\Mozilla\Firefox\Profiles\jx8kwefb.default\extensions\{0784CD66-62FE-4cef-ABF4-F8ED9B654ACC}\components\tab_effect_xpcom.dll
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 23B0DF7800E3100A70B601C657F44D005A19F49D
MD5: 7b2fb968d5edcf28d81cee995902e771
Determination: GOOD

C:\WINDOWS\system32\d3d8.dll
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: C2F1F730002C7C41007012940CFFBF00EF85BB15
MD5: 7e64132c5b4b1421e8234967cc236a83
Determination: GOOD

C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 69D999E8E8CACF414859205312D41600E63A01A6
MD5: 6028aee4e3c250ba4ce7ee89cddae463
Determination: GOOD

C:\WINDOWS\system32\Macromed\Common\SwSupport.dll
Loaded into: D:\Claudio\programmi\firefox\firefox.exe
PX5: 1396573400A9013BD09E005F42EA6A0056E121AE
MD5: 70baac100e76ef1a3139786c0ec46f10
Determination: GOOD

D:\download firefox\other\PREVXCSIFREE.EXE
Loaded into: D:\download firefox\other\PREVXCSIFREE.EXE
PX5: 42DBE72A384BD5E6DC0017501A861600E0491589
MD5: e59efb6cd8539ad47e3d2bb2ad93e682
Determination: GOOD

C:\WINDOWS\system32\mshta.exe
Loaded from: \REGISTRY\Machine\Software\Classes\htafile\shell\open\command\(default) C:\WINDOWS\system32\mshta.exe "%1" %*
PX5: 444E52CC00F22ED67278001B497EA1001707F225
MD5: 5f39ce997f477a43b4f5b569a4aee56e
Determination: GOOD

C:\WINDOWS\system32\shscrap.dll
Loaded from: \REGISTRY\Machine\Software\Classes\ShellScrap\shell\open\command\(default) rundll32 %SystemRoot%\system32\shscrap.dll OpenScrap_RunDLL %1
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{56117100-C0CD-101B-81E2-00AA004AE837} Gestore dati dei ritagli di shell
PX5: CEE438A6004ACC126CE400DA76EA3300F6FBD343
MD5: 886e25758e76f75b62955e031eaaa7e5
Determination: GOOD

C:\WINDOWS\system32\rundll32.exe
Loaded from: \REGISTRY\Machine\Software\Classes\ShellScrap\shell\open\command\(default) rundll32 %SystemRoot%\system32\shscrap.dll OpenScrap_RunDLL %1
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\VmApplet rundll32 shell32,Control_RunDLL "sysdm.cpl"
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS\StubPath RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}\StubPath C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} Autoplay for SlideShow
PX5: 797CA9E8007174E38209003396ABA600D9E79205
MD5: f88cdb0ccc416b3778736be74cdebb94
Determination: GOOD

C:\WINDOWS\System32\WScript.exe
Loaded from: \REGISTRY\Machine\Software\Classes\VBSFile\shell\open\command\(default) %SystemRoot%\System32\WScript.exe "%1" %*
Loaded from: \REGISTRY\Machine\Software\Classes\VBEFile\shell\open\command\(default) %SystemRoot%\System32\WScript.exe "%1" %*
Loaded from: \REGISTRY\Machine\Software\Classes\WSHFile\shell\open\command\(default) %SystemRoot%\System32\WScript.exe "%1" %*
Loaded from: \REGISTRY\Machine\Software\Classes\WSFFile\shell\open\command\(default) %SystemRoot%\System32\WScript.exe "%1" %*
Loaded from: \REGISTRY\Machine\Software\Classes\JSEFile\shell\open\command\(default) %SystemRoot%\System32\WScript.exe "%1" %*
Loaded from: \REGISTRY\Machine\Software\Classes\JSFile\shell\open\command\(default) %SystemRoot%\System32\WScript.exe "%1" %*
PX5: 4850A70600D60426C0410166FCF6E000B918B6A5
MD5: 58f5ac58d277f1c44e71295aafd403f8
Determination: GOOD

D:\Claudio\programmi\storm\Storm.exe
Loaded from: \REGISTRY\Machine\Software\Classes\stormplayer.pls\shell\open\command\(default) "D:\Claudio\programmi\storm\Storm.exe" /play "%1"
PX5: 9C320BEC00E5E9BF40B019DF51F60C00C9D21BC5
MD5: ae15c0c19a4eb9cf2f1eeaa5c0007260
Determination: GOOD

C:\WINDOWS\system32\mmc.exe
Loaded from: \REGISTRY\Machine\Software\Classes\MSCFile\shell\open\command\(default) %SystemRoot%\system32\mmc.exe "%1" %*
PX5: C6EB514E00915CDD74820CD0EB0CF8007694B8C8
MD5: b0b93de885f03974c12b6238d68a6f67
Determination: GOOD

C:\WINDOWS\System32\msiexec.exe
Loaded from: \REGISTRY\Machine\Software\Classes\Msi.Package\shell\open\command\(default) "%SystemRoot%\System32\msiexec.exe" /i "%1" %*
Loaded from: \REGISTRY\Machine\Software\Classes\Msi.Patch\shell\open\command\(default) "%SystemRoot%\System32\msiexec.exe" /p "%1" %*
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MSIServer\ImagePath C:\WINDOWS\system32\msiexec.exe /V
PX5: 2199A4A600D88009341401C8D9AE0A004C78202A
MD5: f5f0146580e7023adb963879840777f8
Determination: GOOD

C:\Programmi\Outlook Express\msimn.exe
Loaded from: \REGISTRY\Machine\Software\Classes\mailto\shell\open\command\(default) "%ProgramFiles%\Outlook Express\msimn.exe" /mailurl:%1
PX5: C590CE8500B66EAEEC1A000D7D657F00AB8E0704
MD5: 9a4b8a0d20b22e0e8bbc495cd0fc7eea
Determination: GOOD

D:\Claudio\programmi\personalizzazione xp\BootSkin\BootSkin.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\BootSkin Startup Jobs "D:\Claudio\programmi\personalizzazione xp\BootSkin\BootSkin.exe" /StartupJobs
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\BootSkin Startup Jobs "D:\Claudio\programmi\personalizzazione xp\BootSkin\BootSkin.exe" /StartupJobs
PX5: 0180F56600E2386A208604D8096E18003E8F1121
MD5: c5c3b78416340f3620c07ede3df75b3e
Determination: GOOD

D:\Claudio\programmi\Winamp\winampa.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\WinampAgent D:\Claudio\programmi\Winamp\winampa.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\WinampAgent D:\Claudio\programmi\Winamp\winampa.exe
PX5: 971BA49F008462AB8A4100F78AB54B0077BB413B
MD5: f0537722502644b590cc499ecf26fad1
Determination: GOOD

D:\download firefox\Nuova cartella\nod32kui.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\nod32kui "D:\download firefox\Nuova cartella\nod32kui.exe" /WAITSERVICE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\nod32kui "D:\download firefox\Nuova cartella\nod32kui.exe" /WAITSERVICE
PX5: D3934EB080AD39347C040E4DC674820009B93826
MD5: dd855a1e52c391f52400ca4162a3baff
Determination: GOOD

D:\download firefox\avg75free_428a818\avgw.exe
Loaded from: \REGISTRY\User\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\AVG7_Run D:\DOWNLO~1\AVG75F~1\avgw.exe /RUNONCE
Loaded from: \REGISTRY\User\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\AVG7_Run D:\DOWNLO~1\AVG75F~1\avgw.exe /RUNONCE
Loaded from: \REGISTRY\User\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\AVG7_Run D:\DOWNLO~1\AVG75F~1\avgw.exe /RUNONCE
Loaded from: \REGISTRY\User\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\AVG7_Run D:\DOWNLO~1\AVG75F~1\avgw.exe /RUNONCE
Loaded from: \REGISTRY\User\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\AVG7_Run D:\DOWNLO~1\AVG75F~1\avgw.exe /RUNONCE
Loaded from: \REGISTRY\User\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\AVG7_Run D:\DOWNLO~1\AVG75F~1\avgw.exe /RUNONCE
Loaded from: \REGISTRY\User\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\AVG7_Run D:\DOWNLO~1\AVG75F~1\avgw.exe /RUNONCE
Loaded from: \REGISTRY\User\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\AVG7_Run D:\DOWNLO~1\AVG75F~1\avgw.exe /RUNONCE
PX5: 75C2FBB50077C4CB589103ED9FC2A900DCA9D54E
MD5: b331ef4c7437f5093d703340678469eb
Determination: GOOD

D:\download firefox\voip\VoipRaider\VoipRaider.exe
Loaded from: \REGISTRY\User\S-1-5-21-1957994488-813497703-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\VoipRaider "D:\download firefox\voip\VoipRaider\VoipRaider.exe" -nosplash -minimized
Loaded from: \REGISTRY\User\S-1-5-21-1957994488-813497703-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\VoipRaider "D:\download firefox\voip\VoipRaider\VoipRaider.exe" -nosplash -minimized
PX5: 835C996830C09FEC1572777309B07E008601476D
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\ACPI.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ACPI\ImagePath system32\DRIVERS\ACPI.sys
PX5: 6EB7D724001F4D96E0A8029EF0BB700070C5BA93
MD5: ad825cb3397c837d1fb91d566d78de04
Determination: GOOD

C:\WINDOWS\system32\drivers\aec.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\aec\ImagePath system32\drivers\aec.sys
PX5: 0D5CE55C80399AC42C5E023AA9E661007F4C2597
MD5: 841f385c6cfaf66b58fbd898722bb4f0
Determination: GOOD

C:\WINDOWS\System32\drivers\afd.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\AFD\ImagePath \SystemRoot\System32\drivers\afd.sys
PX5: EE224F5C0089E9241DEF0273688B740025971F4C
MD5: 5ac495f4cb807b2b98ad2ad591e6d92e
Determination: GOOD

C:\WINDOWS\system32\drivers\ALCXWDM.SYS
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ALCXWDM\ImagePath system32\drivers\ALCXWDM.SYS
PX5: EB9A4A1500A3D3AA784A238044DE6C0099DE2C2F
MD5: 35045a23957a71ba649740741e69408c
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\AmdK8.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\AmdK8\ImagePath system32\DRIVERS\AmdK8.sys
PX5: 72C7DAA600940A36AA39009329BC2800B4FB53A4
MD5: 1928a2a6d7adc3623a43c21dac259f24
Determination: GOOD

C:\WINDOWS\system32\drivers\amon.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\AMON\ImagePath \SystemRoot\system32\drivers\amon.sys
PX5: 3827202E60DB5220D09707B9C273A300E853AAB7
MD5: 78ece71701d5d65cc42125a4ef2d76aa
Determination: GOOD

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\aspnet_state\ImagePath %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
PX5: BB434D07C8741D51745900F3E3CC0F00ED8F1C59
MD5: d33c507942299753868204cc7642fa27
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\asyncmac.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\AsyncMac\ImagePath system32\DRIVERS\asyncmac.sys
PX5: 8BD45D2B002F3B40389D007E91CC59004B62F8E9
MD5: 02000abf34af4c218c35d257024807d6
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\atapi.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\atapi\ImagePath system32\DRIVERS\atapi.sys
PX5: 9D6081B280209DE174C2011395153C00E47C5A8D
MD5: cdfe4411a69c224bd1d11b2da92dac51
Determination: GOOD

C:\WINDOWS\system32\ati2sgag.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ATI Smart\ImagePath C:\WINDOWS\system32\ati2sgag.exe
PX5: 62F413EC0088D610F0F3071F6D12ED009C739302
MD5: 98620ec4b86d651871c9dcc4ae0043cc
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ati2mtag\ImagePath system32\DRIVERS\ati2mtag.sys
PX5: 6BAE35E400DC6A3E90FF16D05AE24800B2D5C874
MD5: 9bbefce3d18cf3c6eaf4f13920f75200
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\atksgt.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\atksgt\ImagePath system32\DRIVERS\atksgt.sys
PX5: 0776E846003DCC3E241F048A30D77B000A08A3C4
MD5: 6e996cf8459a2594e0e9609d0e34d41f
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\atmarpc.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Atmarpc\ImagePath system32\DRIVERS\atmarpc.sys
PX5: C41A09F600246E0AEA81009B2DE4BF0073057136
MD5: ec88da854ab7d7752ec8be11a741bb7f
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\audstub.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\audstub\ImagePath system32\DRIVERS\audstub.sys
PX5: C910D030000E35B30CDC00441BDEF300B79BCD14
MD5: d9f724aa26c010a217c97606b160ed68
Determination: GOOD

C:\WINDOWS\System32\Drivers\avg7core.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Avg7Core\ImagePath \SystemRoot\System32\Drivers\avg7core.sys
PX5: 67739A3E605266738A910CA383908000FB63460D
MD5: 400e920d2e3f42bf6f1f75dd1b069ce3
Determination: GOOD

C:\WINDOWS\System32\Drivers\avg7rsw.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Avg7RsW\ImagePath \SystemRoot\System32\Drivers\avg7rsw.sys
PX5: D3752A4F8005D64C100000F6EA3191000922D830
MD5: 8a7e25876955e06142ef65b52c906cf1
Determination: GOOD

C:\WINDOWS\System32\Drivers\avg7rsxp.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Avg7RsXP\ImagePath \SystemRoot\System32\Drivers\avg7rsxp.sys
PX5: 587F629080BFBF736CAB001984B437005EE48C55
MD5: 04d823d681f0d53191a172c3e667fc33
Determination: GOOD

C:\WINDOWS\System32\DRIVERS\AvgAsCln.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\AvgAsCln\ImagePath System32\DRIVERS\AvgAsCln.sys
PX5: C2024E2C8007F8FC0FDA00B5CD8A7D00B79BCD14
MD5: 6d4a1da6e6d522b3ebbcbff4a3589ec5
Determination: GOOD

C:\WINDOWS\System32\Drivers\avgclean.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\AvgClean\ImagePath \SystemRoot\System32\Drivers\avgclean.sys
PX5: C2024E2C8007F8FC0FDA00B5CD8A7D00B79BCD14
MD5: 6d4a1da6e6d522b3ebbcbff4a3589ec5
Determination: GOOD

C:\WINDOWS\System32\drivers\vidstub.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\BootScreen\ImagePath \SystemRoot\System32\drivers\vidstub.sys
PX5: 386DE3CB801A4EEA7FDB02FC82285D0080411189
MD5: 9596adaee674284e3cdd3e51b8161e85
Determination: GOOD

C:\WINDOWS\system32\drivers\btaudio.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\btaudio\ImagePath system32\drivers\btaudio.sys
PX5: EBA1315300913D681F3B064ABF37E500DB576BD3
MD5: 656f5acd34a5d96f3fb2ae73d2da6523
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\BTCamDrv.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\BTCAMDRV\ImagePath system32\DRIVERS\BTCamDrv.sys
PX5: 436F197B00A883567CEE03251D84CB00346ADC91
MD5: 5120c2edb868649bfa5aae961ac4e380
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\btport.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\BTDriver\ImagePath system32\DRIVERS\btport.sys
PX5: F9F42C689B9A734076740093FCDF74006EE633FD
MD5: 5fe1b1466df91ce857428aef0ea993cf
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\btkrnl.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\BTKRNL\ImagePath system32\DRIVERS\btkrnl.sys
PX5: 0C45B6EF1ADC4C56788014679C10C300CE1DB2FF
MD5: 9f101ee381e5276dca92b5f1917fbe97
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\btwdndis.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\BTWDNDIS\ImagePath system32\DRIVERS\btwdndis.sys
PX5: EE62FCC248B56B2A427A024516328A00D232B5D2
MD5: b72727a91718e40f67c473b3cd7c1c48
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\btwmodem.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\btwmodem\ImagePath system32\DRIVERS\btwmodem.sys
PX5: 9490FFC5ED44318C7563004980E15C0060129FFC
MD5: 22dca858dcb49f3f83dc808ed12c76fc
Determination: GOOD

C:\WINDOWS\System32\Drivers\btwusb.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\BTWUSB\ImagePath System32\Drivers\btwusb.sys
PX5: 56FA71BA48015B7EDD7B009F3A1F24008679B37D
MD5: 358af42221b2f168805e52f5e4346870
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\CCDECODE\ImagePath system32\DRIVERS\CCDECODE.sys
PX5: 4E4CADF380552430426F00BC05FF9D0038FB5853
MD5: 6163ed60b684bab19d3352ab22fc48b2
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\cdrom.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Cdrom\ImagePath system32\DRIVERS\cdrom.sys
PX5: B3CE44DD80DABE80C1400031E25C450069663A5F
MD5: af9c19b3100fe010496b1a27181fbf72
Determination: GOOD

C:\WINDOWS\system32\cisvc.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\CiSvc\ImagePath %SystemRoot%\system32\cisvc.exe
PX5: B03833B20005A59D1629005665669D00201F0525
MD5: c4e84243292e37ca3b6faf4a1855b8a7
Determination: GOOD

C:\WINDOWS\system32\clipsrv.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ClipSrv\ImagePath %SystemRoot%\system32\clipsrv.exe
PX5: 50E35C41004F616D823700EBB15ECF008A4FA87F
MD5: 0a215e4bac9a1a9381d88c67517c850b
Determination: GOOD

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\clr_optimization_v2.0.50727_32\ImagePath C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
PX5: F17A6501C07AD2CE023301EE2109B000FDD5AFC3
MD5: 3c4d595e7f9b747325aef28b4adcaae5
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\CnxTrLan.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\CnxTrLan\ImagePath system32\DRIVERS\CnxTrLan.sys
PX5: F4800AD380C7836865E4008C85D09900207855F0
MD5: ab665e915bf4ee7a33b066de5758d81a
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\CnxTrUsb.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\CnxTrUsb\ImagePath system32\DRIVERS\CnxTrUsb.sys
PX5: 040B739180124078CEAF002B9E396A00D59A5D9E
MD5: ff5cc6016592817cf7ff53676f7da31a
Determination: GOOD

C:\WINDOWS\system32\dllhost.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\COMSysApp\ImagePath C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SwPrv\ImagePath C:\WINDOWS\system32\dllhost.exe /Processid:{749F2FBE-DAAF-4211-AF10-46B1EB5C66A7}
PX5: 6EA1D06F0041EB21141900B4A32FF2002F6B8881
MD5: f4b3c65e2a3406f32d220019deb522f8
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\disk.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Disk\ImagePath system32\DRIVERS\disk.sys
PX5: 61E4E34300C80A908E6D00C10934AF006F571071
MD5: 00ca44e4534865f8a3b64f7c0984bff0
Determination: GOOD

C:\WINDOWS\System32\dmadmin.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\dmadmin\ImagePath %SystemRoot%\System32\dmadmin.exe /com
PX5: CB8A3D6900018319702703238C5916001DF268F6
MD5: 6c9aaa1aa9bf1699d23dec4d4113226f
Determination: GOOD

C:\WINDOWS\System32\drivers\dmboot.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\dmboot\ImagePath System32\drivers\dmboot.sys
PX5: 917F152000320DE9366A0C362239380089D45879
MD5: 6570b4c952f0d8fee4c6ef2ff5e10c08
Determination: GOOD

C:\WINDOWS\System32\drivers\dmio.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\dmio\ImagePath System32\drivers\dmio.sys
PX5: 33A7916180B2EE7E5AC702A49AA6DC00E6795F14
MD5: c57d35621782c7f40770f3e5ca20a182
Determination: GOOD

C:\WINDOWS\System32\drivers\dmload.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\dmload\ImagePath System32\drivers\dmload.sys
PX5: FC216AA0003B46A9171D00359F9C1600E909FEB4
MD5: e9317282a63ca4d188c0df5e09c6ac5f
Determination: GOOD

C:\WINDOWS\system32\drivers\DMusic.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\DMusic\ImagePath system32\drivers\DMusic.sys
PX5: 64B493018066E6FACEE6008D21636D008F236B03
MD5: a6f881284ac1150e37d9ae47ff601267
Determination: GOOD

C:\WINDOWS\system32\drivers\drmkaud.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\drmkaud\ImagePath system32\drivers\drmkaud.sys
PX5: FA93CCC9802BA0DD0B8800D3A4C66500B79BCD14
MD5: 1ed4dbbae9f5d558dbba4cc450e3eb2e
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\fdc.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Fdc\ImagePath system32\DRIVERS\fdc.sys
PX5: 030113CC009ED3836B77000B64308F0030511E66
MD5: ced2e8396a8838e59d8fd529c680e02c
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\flpydisk.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Flpydisk\ImagePath system32\DRIVERS\flpydisk.sys
PX5: 60E1171000EEA79E50BF00391F7EE000F2860CEC
MD5: 0dd1de43115b93f4d85e889d7a86f548
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\fltMgr.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\FltMgr\ImagePath system32\DRIVERS\fltMgr.sys
PX5: C07EAE2780FF0E5FE76C019FEA2ECE0003150577
MD5: 157754f0df355a9e0a6f54721914f9c6
Determination: GOOD

C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\FontCache3.0.0.0\ImagePath C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
PX5: 548AEC7D00B95DFF9092004D1A93E6007304BC10
MD5: facecf3f75baf3775a879d1168402270
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\ftdisk.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Ftdisk\ImagePath system32\DRIVERS\ftdisk.sys
PX5: D543638280F1FAF5EBA30154BD3E7700D3ED2EEC
MD5: f3269a6ee547ea87b949a1cea4816b38
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\gagp30kx\ImagePath system32\DRIVERS\gagp30kx.sys
PX5: 642F878C801E7D44B50600016FDC9C003631E6FC
MD5: 4216cd545e5c30807b560c5dcaa812e6
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\gameenum.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\gameenum\ImagePath system32\DRIVERS\gameenum.sys
PX5: 8FEAEAED8011757229C5009524482300FB74C9AC
MD5: 5f92fd09e5610a5995da7d775eadcd12
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\msgpc.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Gpc\ImagePath system32\DRIVERS\msgpc.sys
PX5: A6DC8C520088C979894600B57B2B1A00363C4157
MD5: c0f1d4a21de5a415df8170616703debf
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\hamachi.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\hamachi\ImagePath system32\DRIVERS\hamachi.sys
PX5: 6322D80B48264FF64441003C2B7A840016D37A4B
MD5: d30b31375c40309425c21efe75db90bb
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\hidusb.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\HidUsb\ImagePath system32\DRIVERS\hidusb.sys
PX5: 1484F98A807906C3258400E49D6D650019C14BBC
MD5: 1de6783b918f540149aa69943bdfeba8
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\HPZid412.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\HPZid412\ImagePath system32\DRIVERS\HPZid412.sys
PX5: 9CC25A74B0C8C07FC7F700A36D282F001847E958
MD5: 9f1d80908658eb7f1bf70809e0b51470
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\HPZipr12\ImagePath system32\DRIVERS\HPZipr12.sys
PX5: AE6ACC0370C51706409F00F854115200D726416B
MD5: f7e3e9d50f9cd3de28085a8fdaa0a1c3
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\HPZius12.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\HPZius12\ImagePath system32\DRIVERS\HPZius12.sys
PX5: CB28CFFDF0153781545E00EFA723A800BAE5DBC7
MD5: cf1b7951b4ec8d13f3c93b74bb2b461b
Determination: GOOD

C:\WINDOWS\System32\Drivers\HTTP.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\HTTP\ImagePath System32\Drivers\HTTP.sys
PX5: 7D54A2AA80AC9B3F039704DAED61AB008C70BD34
MD5: c19b522a9ae0bbc3293397f3055e80a1
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\i8042prt.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\i8042prt\ImagePath system32\DRIVERS\i8042prt.sys
PX5: 5176B379805D75ECD1900002BF9BC2003FF0C0D5
MD5: 30e64dfa4efaacc8142ea07766181fb4
Determination: GOOD

C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\idsvc\ImagePath "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"
PX5: 4838B9E600808C3D501F0B1DED776600C9C62098
MD5: ea7267505149b3a10df32506a4e4e412
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\imapi.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Imapi\ImagePath system32\DRIVERS\imapi.sys
PX5: A6DE19768012C7FDA37F00B5535D7900050612BF
MD5: f8aa320c6a0409c0380e5d8a99d76ec6
Determination: GOOD

C:\WINDOWS\system32\imapi.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ImapiService\ImagePath C:\WINDOWS\system32\imapi.exe
PX5: 74CFCD09009BDDD14A8402202B1E530034B0D214
MD5: ed7abb35c81709fb41972d30fe15311e
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Ip6Fw\ImagePath system32\DRIVERS\Ip6Fw.sys
PX5: 554B18088049820E711F003BBA86E4005B660DCC
MD5: 4448006b6bc60e6c027932cfc38d6855
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\IpFilterDriver\ImagePath system32\DRIVERS\ipfltdrv.sys
PX5: E130718C809C039180F700DA0AC8EE00F2B31814
MD5: 731f22ba402ee4b62748adaf6363c182
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\ipinip.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\IpInIp\ImagePath system32\DRIVERS\ipinip.sys
PX5: 9655BFAF0030F62E523A00C352D248003081C413
MD5: e1ec7f5da720b640cd8fb8424f1b14bb
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\ipnat.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\IpNat\ImagePath system32\DRIVERS\ipnat.sys
PX5: 16BC903800541BF40F8E022F0693810084706928
MD5: b5a8e215ac29d24d60b4d1250ef05ace
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\ipsec.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\IPSec\ImagePath system32\DRIVERS\ipsec.sys
PX5: 84ED89D600412A2C245201A3F8A740006B772EC6
MD5: 64537aa5c003a6afeee1df819062d0d1
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\irenum.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\IRENUM\ImagePath system32\DRIVERS\irenum.sys
PX5: 42D7DCAC001BE9A12C7B00EF915041002AED16BC
MD5: 50708daa1b1cbb7d6ac1cf8f56a24410
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\isapnp.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\isapnp\ImagePath system32\DRIVERS\isapnp.sys
PX5: 8A87001A0002BFB48D1F0066402D8A00BD468997
MD5: ea3245a8e8758d6b84de189a5caaa75e
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\kbdclass.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Kbdclass\ImagePath system32\DRIVERS\kbdclass.sys
PX5: 11013D51001BA498620F00A282D06D00135D5A16
MD5: e883ae6ea0b313e659225aa32e449ce9
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\kbdhid.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\kbdhid\ImagePath system32\DRIVERS\kbdhid.sys
PX5: BFEF19AB007A27B83AD2001F22115F00DD6CF6D0
MD5: 24f4d51e89822c349044c28be255c8a5
Determination: GOOD

C:\WINDOWS\system32\drivers\kmixer.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\kmixer\ImagePath system32\drivers\kmixer.sys
PX5: 13330EA9009A68969FC70268A04877008F11DB17
MD5: d93cad07c5683db066b0b2d2d3790ead
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\lirsgt.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\lirsgt\ImagePath system32\DRIVERS\lirsgt.sys
PX5: 513E7238801EE966461D00D9EDB08F00F2941FFA
MD5: 975b6cf65f44e95883f3855bae8cecaf
Determination: GOOD

C:\WINDOWS\system32\mnmsrvc.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\mnmsrvc\ImagePath C:\WINDOWS\system32\mnmsrvc.exe
PX5: F2F6E69800D71BFC80AE00AF40E07800F93A911A
MD5: 940a4e02b7f03c2592a52e16dddb3e46
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\mouclass.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Mouclass\ImagePath system32\DRIVERS\mouclass.sys
PX5: 7E80CA6A0038C59C5C6F0047F0E35500920EB276
MD5: c458e314b8722253897c94a714c2e0c0
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\mouhid.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\mouhid\ImagePath system32\DRIVERS\mouhid.sys
PX5: 2301F35080287EAB2F80000FDBBFFD00349EAF96
MD5: d7662f0cf5b77bbbe3202716f5bd5318
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\mrxdav.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MRxDAV\ImagePath system32\DRIVERS\mrxdav.sys
PX5: 2A28D206005617C9C4F8026FCC47BD006A62BA75
MD5: 46edcc8f2db2f322c24f48785cb46366
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MRxSmb\ImagePath system32\DRIVERS\mrxsmb.sys
PX5: 65A2AA0080B21F17E300065044F4DC004CE9A2A9
MD5: 1fd607fc67f7f7c633c3da65bfc53d18
Determination: GOOD

C:\WINDOWS\system32\msdtc.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MSDTC\ImagePath C:\WINDOWS\system32\msdtc.exe
PX5: 3A5257C800292C38184B000639E3D800639539E0
MD5: 3124662b40761a3ef8f4254d2f32e3f4
Determination: GOOD

C:\WINDOWS\system32\drivers\MSKSSRV.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MSKSSRV\ImagePath system32\drivers\MSKSSRV.sys
PX5: 441E162B80A429811D1500CB9CEDF700CED69BEA
MD5: ae431a8dd3c1d0d0610cdbac16057ad0
Determination: GOOD

C:\WINDOWS\system32\drivers\MSPCLOCK.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MSPCLOCK\ImagePath system32\drivers\MSPCLOCK.sys
PX5: 3656535900693AA115D1001337247B009D5BCE4B
MD5: 13e75fef9dfeb08eeded9d0246e1f448
Determination: GOOD

C:\WINDOWS\system32\drivers\MSPQM.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MSPQM\ImagePath system32\drivers\MSPQM.sys
PX5: 5D7EA63E804A637C13CA0078C414AC000E912E93
MD5: 1988a33ff19242576c3d0ef9ce785da7
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\mssmbios.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\mssmbios\ImagePath system32\DRIVERS\mssmbios.sys
PX5: 5C75220680F731D03C3D001BD399CC00D7DBED29
MD5: 469541f8bfd2b32659d5d463a6714bce
Determination: GOOD

C:\WINDOWS\system32\drivers\MSTEE.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MSTEE\ImagePath system32\drivers\MSTEE.sys
PX5: EF9F4FE18003FE44154E00AC0DDE6800FF407119
MD5: bf13612142995096ab084f2db7f40f77
Determination: GOOD

C:\WINDOWS\system32\drivers\msmpu401.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ms_mpu401\ImagePath system32\drivers\msmpu401.sys
PX5: A3CEE000801BDB690B4A0070D0883A00B79BCD14
MD5: ca3e22598f411199adc2dfee76cd0ae0
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\ASACPI.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MTsensor\ImagePath system32\DRIVERS\ASACPI.sys
PX5: 7309133CB20421B216270097B9A4E300CE1E41B9
MD5: d48659bb24c48345d926ecb45c1ebdf5
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NABTSFEC\ImagePath system32\DRIVERS\NABTSFEC.sys
PX5: 37E661E8803A144B4DFD01732787D600D94FD14F
MD5: 5c8dc6429c43dc6177c1fa5b76290d1a
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\NdisIP.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NdisIP\ImagePath system32\DRIVERS\NdisIP.sys
PX5: 92D82929807F4CDE2A6000D7EF7E8C008BDE37E2
MD5: 520ce427a8b298f54112857bcf6bde15
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\ndistapi.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NdisTapi\ImagePath system32\DRIVERS\ndistapi.sys
PX5: 25AEC9EA809D4D4825A500A2A9E22F00CCB1FFC8
MD5: 08d43bbdacdf23f34d79e44ed35c1b4c
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\ndisuio.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Ndisuio\ImagePath system32\DRIVERS\ndisuio.sys
PX5: 0BF3AB388038D73732EB00A9A855ED006D3C0384
MD5: 34d6cd56409da9a7ed573e1c90a308bf
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\ndiswan.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NdisWan\ImagePath system32\DRIVERS\ndiswan.sys
PX5: 304E26E9803B344266FF0104DAA0B500E6B358BD
MD5: 0b90e255a9490166ab368cd55a529893
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\netbios.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NetBIOS\ImagePath system32\DRIVERS\netbios.sys
PX5: 6F5EDA40008AE18787EB007972CAB100F174D35C
MD5: 3a2aca8fc1d7786902ca434998d7ceb4
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\netbt.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NetBT\ImagePath system32\DRIVERS\netbt.sys
PX5: 7D3B6A2A0069D5737CDE020A47DE6F00F472D659
MD5: 0c80e410cd2f47134407ee7dd19cc86b
Determination: GOOD

C:\WINDOWS\system32\netdde.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NetDDE\ImagePath %SystemRoot%\system32\netdde.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NetDDEdsdm\ImagePath %SystemRoot%\system32\netdde.exe
PX5: AAA3C89900BB76ABBADC01BFB3AC1B00E2E8A55F
MD5: de62ee316fab09de3d7a5180f0775abf
Determination: GOOD

C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NetTcpPortSharing\ImagePath "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"
PX5: B944119800B9F07DE0F2019CA92A0B00CF3CFD26
MD5: 8070bb07fe06de8b9acb29b07016a273
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\NMnt.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\nm\ImagePath system32\DRIVERS\NMnt.sys
PX5: 4F6E51DE803D5E299DD30090E39024009FB3BD94
MD5: 60cf8c7192b3614f240838ddbaa4a245
Determination: GOOD

C:\WINDOWS\system32\drivers\nod32drv.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\nod32drv\ImagePath \SystemRoot\system32\drivers\nod32drv.sys
PX5: 5C3DDCAE40EB2B4D3CCE003E15910A0038849632
MD5: 0d91989c0c37fdc7f6ffbef238fe9dfb
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NwlnkFlt\ImagePath system32\DRIVERS\nwlnkflt.sys
PX5: A826BA3A803B83AE30C000488911C200DC3CA878
MD5: b305f3fad35083837ef46a0bbce2fc57
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NwlnkFwd\ImagePath system32\DRIVERS\nwlnkfwd.sys
PX5: B9B73139006979BB7FBC0031EA7E320032D237D0
MD5: c99b3415198d1aab7227f2c88fd664b9
Determination: GOOD

C:\WINDOWS\System32\Drivers\ov519vid.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ovt519\ImagePath System32\Drivers\ov519vid.sys
PX5: D6F268D4C268BB3BA9FA028BC87BAC00D1D951A3
MD5: 4cdadec3dc1300ee1d313ea5494e6472
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\parport.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Parport\ImagePath system32\DRIVERS\parport.sys
PX5: 4A82394D8019443A393C017F618C1500973C174B
MD5: 3490ead0612bfd0e7c1b864ee24e6a4a
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\pci.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PCI\ImagePath system32\DRIVERS\pci.sys
PX5: 9DA3602E807459480C5D01595A918400CA482387
MD5: 91fc1d483d900b1c0600a08b871c39d5
Determination: GOOD

C:\WINDOWS\system32\HPZipm12.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Pml Driver HPZ12\ImagePath C:\WINDOWS\system32\HPZipm12.exe
PX5: BF83C4550058BA02102801FD4139ED001FE1F2AF
MD5: 9d84376931440f3679beef2a414fa493
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\raspptp.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PptpMiniport\ImagePath system32\DRIVERS\raspptp.sys
PX5: F406FA260016D348BD2800EFDBDF52003203F53C
MD5: 1c5cc65aac0783c344f16353e60b72ac
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\processr.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Processor\ImagePath system32\DRIVERS\processr.sys
PX5: AF0FBDFA005416189A000040A9FF7600B2B78287
MD5: 2be7f01e46970e946aa18cba3de019eb
Determination: GOOD

C:\WINDOWS\System32\drivers\prodrv06.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\prodrv06\ImagePath \SystemRoot\System32\drivers\prodrv06.sys
PX5: D8634901808EA16F3B77011AE1D831003464683E
MD5: 47a6570dabbc458652852a77f1f758f2
Determination: GOOD

C:\WINDOWS\System32\drivers\prohlp02.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\prohlp02\ImagePath System32\drivers\prohlp02.sys
PX5: DE640517408FD5B22D24013073577000DC676471
MD5: f01f199fc352d6816b87b8225a89c8dd
Determination: GOOD

C:\WINDOWS\System32\drivers\prosync1.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\prosync1\ImagePath System32\drivers\prosync1.sys
PX5: 811D8FF5E02254411BC700220BB1350007B24FD4
MD5: 353499497510f2781d647c6db9226a70
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\psched.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PSched\ImagePath system32\DRIVERS\psched.sys
PX5: C7C1320E008655110E77011715C66E0009C5AE75
MD5: 48671f327553dcf1d27f6197f622a668
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\ptilink.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Ptilink\ImagePath system32\DRIVERS\ptilink.sys
PX5: F96F182D805891FA452B007EBD870E004C25BA07
MD5: 80d317bd1c3dbc5d4fe7b1678c60cadd
Determination: GOOD

C:\WINDOWS\System32\Drivers\PxHelp20.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PxHelp20\ImagePath System32\Drivers\PxHelp20.sys
PX5: CEED5A5408FE9DE2AA3300585AD0A300BEEAAC3B
MD5: d86b4a68565e444d76457f14172c875a
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\rasacd.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RasAcd\ImagePath system32\DRIVERS\rasacd.sys
PX5: EF519CA180B540A42200002C4F06E3005372DD33
MD5: fe0d99d6f31e4fad8159f690d68ded9c
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Rasl2tp\ImagePath system32\DRIVERS\rasl2tp.sys
PX5: C15C1546804EC8E6C8410037F34FAD00B1FBF6DF
MD5: 98faeb4a4dcf812ba1c6fca4aa3e115c
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\raspppoe.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RasPppoe\ImagePath system32\DRIVERS\raspppoe.sys
PX5: A8F2C94800B2E031A21A00F0EC682E009B5794D5
MD5: 7306eeed8895454cbed4669be9f79faa
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\raspti.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Raspti\ImagePath system32\DRIVERS\raspti.sys
PX5: 506F10F380FEE57C406900BE351741009F00F0DE
MD5: fdbb1d60066fcfbb7452fd8f9829b242
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\rdbss.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Rdbss\ImagePath system32\DRIVERS\rdbss.sys
PX5: 5F844D0780EA8079B1FB02785D7F63004D612A18
MD5: 29d66245adba878fff574cd66abd2884
Determination: GOOD

C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RDPCDD\ImagePath System32\DRIVERS\RDPCDD.sys
PX5: 14FCFAAE80A686EB103300CFAE183900CB624D74
MD5: 4912d5b403614ce99c28420f75353332
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\rdpdr.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\rdpdr\ImagePath system32\DRIVERS\rdpdr.sys
PX5: 02477783007980B5019E03607F7E03003B692115
MD5: a2cae2c60bc37e0751ef9dda7ceaf4ad
Determination: GOOD

C:\WINDOWS\system32\sessmgr.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RDSessMgr\ImagePath C:\WINDOWS\system32\sessmgr.exe
PX5: 2C67C68B0020C05D2C3E02893D0F09005D1CF7F5
MD5: cc0693c481502844a24ef71b90a7195e
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\redbook.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\redbook\ImagePath system32\DRIVERS\redbook.sys
PX5: AEF2FC7D804F986FE3C7004FF2D91D0029FD0FC2
MD5: a8eee004a16af1d583d9de9f6de250e0
Determination: GOOD

C:\WINDOWS\system32\locator.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RpcLocator\ImagePath %SystemRoot%\system32\locator.exe
PX5: C3C0A8550045DDC726E601EBB10B83000E4A4556
MD5: 33a8f0fe0005b2d79df53441679f5149
Determination: GOOD

C:\WINDOWS\system32\rsvp.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RSVP\ImagePath %SystemRoot%\system32\rsvp.exe
PX5: 2057508700E163D906880231F30F2D00E5519440
MD5: dce0d20f8fb66df41d53734bff9d66f0
Determination: GOOD

C:\WINDOWS\System32\SCardSvr.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SCardSvr\ImagePath %SystemRoot%\System32\SCardSvr.exe
PX5: FFC6D19800BAA7847E46014ECC3CD200949D4E12
MD5: 74b1e7fcfca9a3a23871aa014144013e
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\secdrv.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Secdrv\ImagePath system32\DRIVERS\secdrv.sys
PX5: 6C1F33AD30B48B8F6BBC0037A0F8A400F11BD786
MD5: d26e26ea516450af9d072635c60387f4
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\serenum.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\serenum\ImagePath system32\DRIVERS\serenum.sys
PX5: 4F3C7EAD801665B83CEF00E324D68C009966C2DD
MD5: a2d868aeeff612e70e213c451a70cafb
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\serial.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Serial\ImagePath system32\DRIVERS\serial.sys
PX5: 84269A0C80DA4AE9020E01315B99420097A96A32
MD5: dbab3260e7eb3398cb87267d1410fad4
Determination: GOOD

C:\WINDOWS\System32\drivers\sfdrv01.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\sfdrv01\ImagePath System32\drivers\sfdrv01.sys
PX5: 2A6DB41D78803F61E7F2003760F7F7007FD629A4
MD5: aad95fe3e005489c7156fa111f744eaf
Determination: GOOD

C:\WINDOWS\System32\drivers\sfhlp01.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\sfhlp01\ImagePath System32\drivers\sfhlp01.sys
PX5: C879F593E060C8331206003E22A1F300797724AB
MD5: 462aee0ea0481ea8bd45cac876a4ccc4
Determination: GOOD

C:\WINDOWS\System32\drivers\sfhlp02.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\sfhlp02\ImagePath System32\drivers\sfhlp02.sys
PX5: DC372FFC705529F635A2003B3C2E070002D562BB
MD5: daad4c099ebf5094d32c373ac1ac0f3c
Determination: GOOD

C:\WINDOWS\System32\drivers\sfvfs02.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\sfvfs02\ImagePath System32\drivers\sfvfs02.sys
PX5: 90ED807778FC19B8410A01BE98B720006765D6C4
MD5: 107b772690050d3b19cbc637ad8fd96e
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\si3112r.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Si3112r\ImagePath system32\DRIVERS\si3112r.sys
PX5: 76928C06319F427040FB01130333450047307B34
MD5: 1c92e0950e11b8624c012a47555ba230
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\SLIP.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SLIP\ImagePath system32\DRIVERS\SLIP.sys
PX5: C05453A580D50DE62B1A00E6C96F380022C2D117
MD5: 5caeed86821fa2c6139e32e9e05ccdc9
Determination: GOOD

C:\WINDOWS\system32\drivers\splitter.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\splitter\ImagePath system32\drivers\splitter.sys
PX5: 7680ED1C00E4BEB7199C001CC7BB00005C1626B5
MD5: 8e186b8f23295d1e42c573b82b80d548
Determination: GOOD

C:\Programmi\WinClamAVShield\sp_clamsrv.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\sp_clamsrv\ImagePath C:\Programmi\WinClamAVShield\sp_clamsrv.exe
PX5: 31700794002E9197E25E0489718C1B00AB499691
MD5: af24b3a3c5cd616ef3b6dca37143778c
Determination: GOOD

C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\sp_rsdrv2\ImagePath \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
PX5: C65DF566803763831D5702F9BCA8B200E8C30778
MD5: ae296342d24296403b9d869672f2dfba
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\sr.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\sr\ImagePath system32\DRIVERS\sr.sys
PX5: 4D90659E00D8A4771F1A013E6E421F00F36027A5
MD5: 896f566afc498077172eae8a50e8baf8
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\srv.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Srv\ImagePath system32\DRIVERS\srv.sys
PX5: 78EFCD908068AB1521EF0590A8538B00DBC84A4F
MD5: 20b7e396720353e4117d64d9dcb926ca
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\StreamIP.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\streamip\ImagePath system32\DRIVERS\StreamIP.sys
PX5: 37C869AE00A1D1423CD000F9D66948002AC47A8D
MD5: 284c57df5dc7abca656bc2b96a667afb
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\swenum.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\swenum\ImagePath system32\DRIVERS\swenum.sys
PX5: FDB253C8004ADC8E110200CB82EF3C003BACCEF1
MD5: 03c1bae4766e2450219d20b993d6e046
Determination: GOOD

C:\WINDOWS\system32\drivers\swmidi.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\swmidi\ImagePath system32\drivers\swmidi.sys
PX5: D73823E800EBA9D4D48400057CBBEE004EA1E5C8
MD5: 94abc808fc4b6d7d2bbf42b85e25bb4d
Determination: GOOD

C:\WINDOWS\system32\drivers\sysaudio.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\sysaudio\ImagePath system32\drivers\sysaudio.sys
PX5: 23CF2276806778A5EDCF00D9512FDE00BB195FEF
MD5: 650ad082d46bac0e64c9c0e0928492fd
Determination: GOOD

C:\WINDOWS\system32\smlogsvc.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SysmonLog\ImagePath %SystemRoot%\system32\smlogsvc.exe
PX5: C0E6801A0095AB606A660128541E440050C06325
MD5: bc8b8694def74b4e6c626322d4321a54
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\tcpip.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Tcpip\ImagePath system32\DRIVERS\tcpip.sys
PX5: 9B98417C80D576637AFA05B3DB10C5006F71EB6C
MD5: 6a2d53177c1eac531308708e65782304
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\termdd.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\TermDD\ImagePath system32\DRIVERS\termdd.sys
PX5: 3111E3EA882052CE9F39002D38F46900A7415306
MD5: a540a99c281d933f3d69d55e48727f47
Determination: GOOD

C:\WINDOWS\system32\tlntsvr.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\TlntSvr\ImagePath C:\WINDOWS\system32\tlntsvr.exe
PX5: F869AF89008EB51B24EC0113A0DCBB001FBDD7D2
MD5: 2a9daaef2cc0333db6f129f2f8b3d3fd
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\update.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Update\ImagePath system32\DRIVERS\update.sys
PX5: B35240AB00E3291D321603412D8E98007B007A17
MD5: aff2e5045961bbc0a602bb6f95eb1345
Determination: GOOD

C:\WINDOWS\System32\ups.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\UPS\ImagePath %SystemRoot%\System32\ups.exe
PX5: B1B748F7000750CB484000B4D1F04D00484BD2C2
MD5: e4896f38a3f8dacea6ea8d7ec9889d91
Determination: GOOD

C:\WINDOWS\system32\drivers\usbaudio.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\usbaudio\ImagePath system32\drivers\usbaudio.sys
PX5: FF94AD3180F83D9CE71F009B89049300D8E6B2BA
MD5: 45a0d14b26c35497ad93bce7e15c9941
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\usbccgp.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\usbccgp\ImagePath system32\DRIVERS\usbccgp.sys
PX5: 3051DD5F80B0E02D7BC400CFE2D7F10086CC5663
MD5: bffd9f120cc63bcbaa3d840f3eef9f79
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\usbehci.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\usbehci\ImagePath system32\DRIVERS\usbehci.sys
PX5: 42E57CAC00DC4FAF684000867EE93C003087E4F7
MD5: 15e993ba2f6946b2bfbbfcd30398621e
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\usbhub.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\usbhub\ImagePath system32\DRIVERS\usbhub.sys
PX5: 1972CD35009EF197E1E10053A918EE0090181966
MD5: c72f40947f92cea56a8fb532edf025f1
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\usbprint.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\usbprint\ImagePath system32\DRIVERS\usbprint.sys
PX5: C449F0710094064A6580004CDAAF0B00CAA1349A
MD5: a42369b7cd8886cd7c70f33da6fcbcf5
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\usbscan.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\usbscan\ImagePath system32\DRIVERS\usbscan.sys
PX5: A345B33E004758873B29000DE02C9B00A6455141
MD5: a6bc71402f4f7dd5b77fd7f4a8ddba85
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\USBSTOR\ImagePath system32\DRIVERS\USBSTOR.SYS
PX5: 6135CAAA80509344675C002A218295006093CEAA
MD5: 6cd7b22193718f1d17a47a1cd6d37e75
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\usbuhci.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\usbuhci\ImagePath system32\DRIVERS\usbuhci.sys
PX5: 4756F37D00016D8B5030004DF844F10054C11836
MD5: f8fd1400092e23c8f2f31406ef06167b
Determination: GOOD

C:\WINDOWS\System32\drivers\vga.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\VgaSave\ImagePath \SystemRoot\System32\drivers\vga.sys
PX5: 14B18202007EA0B752C8003693833D00BCED634F
MD5: 8a60edd72b4ea5aea8202daf0e427925
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\viaide.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ViaIde\ImagePath system32\DRIVERS\viaide.sys
PX5: 763F36E3001A65E115B100F2DCFD2A00D63490D3
MD5: 59cb1338ad3654417bea49636457f65d
Determination: GOOD

C:\WINDOWS\system32\drivers\viamraid.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\viamraid\ImagePath system32\drivers\viamraid.sys
PX5: BA6A99D5001EB41FEEBA00F4DA0A3D00C68306AC
MD5: 0363e216e4eb5052969c96608934dbde
Determination: GOOD

C:\WINDOWS\System32\vssvc.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\VSS\ImagePath %SystemRoot%\System32\vssvc.exe
PX5: F8FD01E1006746AE7C9C04ADE2180F00B254A617
MD5: 147c653ad61bd01556723b3c8c4fafc8
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\wanarp.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Wanarp\ImagePath system32\DRIVERS\wanarp.sys
PX5: D61BDDFF00BF41D487E5002B87E94900EE92AF43
MD5: 984ef0b9788abf89974cfed4bfbaacbc
Determination: GOOD

C:\WINDOWS\system32\drivers\wdmaud.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\wdmaud\ImagePath system32\drivers\wdmaud.sys
PX5: D07DA58400362D6244D2017E5C98E200FC9762AC
MD5: 2797f33ebf50466020c430ee4f037933
Determination: GOOD

C:\WINDOWS\system32\wbem\wmiapsrv.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\WmiApSrv\ImagePath C:\WINDOWS\system32\wbem\wmiapsrv.exe
PX5: A8EB9B0C007C19C1EE9501FD1D31580061EB57F5
MD5: 0ee2a2754039b13a632489726689dad0
Determination: GOOD

C:\WINDOWS\System32\drivers\ws2ifsl.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\WS2IFSL\ImagePath \SystemRoot\System32\drivers\ws2ifsl.sys
PX5: E3FE23AC0026FAFE2FF10052E88519002DA1A545
MD5: 6abe6e225adb5a751622a9cc3bc19ce8
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\WSTCODEC\ImagePath system32\DRIVERS\WSTCODEC.SYS
PX5: B2CFBF068074D4084BB4001A2B9A35007D8AF7A1
MD5: d5842484f05e12121c511aa93f6439ec
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\yk51x86.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\yukonwxp\ImagePath system32\DRIVERS\yk51x86.sys
PX5: 020CA21D0075D389C155024E29DF3B00DD29525D
MD5: 121805040c826638ceb541bf968e7c5b
Determination: GOOD

C:\WINDOWS\system32\userinit.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\UserInit C:\WINDOWS\system32\userinit.exe
PX5: 33A4BB2F001DA1EB620B00510674AE00F15A5361
MD5: c1e7fe19f98a877bf8f941bf48148695
Determination: GOOD

C:\WINDOWS\system32\logonuiX.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost C:\WINDOWS\system32\logonuiX.exe
PX5: 6B3184960083D65D820B6661A134100045463417
Determination: GOOD

C:\WINDOWS\system32\sysdm.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\VmApplet rundll32 shell32,Control_RunDLL "sysdm.cpl"
PX5: 77D613BF00DD23AB9A92044AE70A3A00F8BE273E
MD5: ab25117d8498730753b25bf32d7836d6
Determination: GOOD

C:\WINDOWS\system32\autochk.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Session Manager\BootExecute autocheck autochk * lsdelete
PX5: 38890F3300760B775A86096430A56A00DB68AE82
MD5: 779768a0a8091edb749dcb8fe60213e1
Determination: GOOD

C:\WINDOWS\system32\win32k.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Session Manager\SubSystems\Kmode %SystemRoot%\system32\win32k.sys
PX5: B61A5CF40006DE0604901CFDDD44000019AAB650
MD5: 152d48f5d41cb4aebdf187755d315a4a
Determination: GOOD

C:\Programmi\Java\jre1.6.0_03\bin\regutils.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}\KeyFileName C:\Programmi\Java\jre1.6.0_03\bin\regutils.dll
PX5: 18FDF0650029FF2F9067038B74E5FB00E6236711
MD5: 1fc79cf17eca1f4e0fc784abb8d72c31
Determination: GOOD

C:\WINDOWS\inf\unregmp2.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}\Stubpath C:\WINDOWS\inf\unregmp2.exe /ShowWMP
PX5: 25973B5F006F9C673084034E2CE1C90027DD3117
MD5: 0cee66443ca52a5ffec6b9fb1f8c9dd0
Determination: GOOD

C:\WINDOWS\system32\shmgrate.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}\StubPath %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}\StubPath %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
PX5: 20602ECB00AD0F89A6D6007CC62E8E00FE74C13B
MD5: f8cbcdaa8c509f6a424834fe51956e21
Determination: GOOD

C:\WINDOWS\system32\IEDKCS32.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS\StubPath RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3}\DllName iedkcs32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B}\DllName iedkcs32.dll
PX5: FE6CE44B003461A1F06E045F06C65A008605BA00
MD5: d99df44836fd20faa6b608a9cee60f5f
Determination: GOOD

C:\WINDOWS\system32\regsvr32.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}\StubPath %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}\StubPath regsvr32.exe /s /n /i:U shell32.dll
PX5: 9F2DE48F0086912530FD001A3E083800D58E0872
MD5: da9623d7e0ca24dd3e08523287e05a4c
Determination: GOOD

C:\Programmi\Outlook Express\setup50.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}\StubPath "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}\StubPath "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
PX5: 990052A900467F972069015D0AA93E00C6116D6B
MD5: 5565e7539564f955441de6fdcbe447a9
Determination: GOOD

C:\WINDOWS\INF\msnetmtg.inf
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
PX5: C04A779A5AE1A5526A2101886D50EC0079807252

C:\WINDOWS\INF\msmsgs.inf
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
PX5: 39BCAAC848A1DEE092870140F8129000930CF579

C:\WINDOWS\INF\wmp.inf
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
PX5: F0C9A7757E0F1F01E151000AA1BEFD006B219C19

C:\WINDOWS\system32\ie4uinit.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}\StubPath %SystemRoot%\system32\ie4uinit.exe
PX5: 77DF5E7B005FEC32864A001224995700729F5FAF
MD5: 452fa07dd74200ad8bdadd145487f653
Determination: GOOD

C:\WINDOWS\system32\mscories.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}\StubPath C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
PX5: 652959240095250822A60140F37F47001792531A
MD5: 46e55aea48bad9297df685c722619bd6
Determination: GOOD

C:\WINDOWS\system32\logon.scr
Loaded from: \REGISTRY\User\.DEFAULT\Control Panel\Desktop\SCRNSAVE.EXE logon.scr
Loaded from: \REGISTRY\User\S-1-5-19\Control Panel\Desktop\SCRNSAVE.EXE %SystemRoot%\System32\logon.scr
Loaded from: \REGISTRY\User\S-1-5-20\Control Panel\Desktop\SCRNSAVE.EXE %SystemRoot%\System32\logon.scr
Loaded from: \REGISTRY\User\S-1-5-18\Control Panel\Desktop\SCRNSAVE.EXE logon.scr
PX5: 509D0B6F00114C175E1803F3B4819D004996445C
MD5: 6fa8411d60c4faee5102eee1367ab34d
Determination: GOOD

C:\WINDOWS\system32\gptext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}\DllName gptext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{426031c0-0b47-4852-b0ca-ac3d37bfcb39}\DllName gptext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{42B5FAAE-6536-11d2-AE5A-0000F87571E3}\DllName gptext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{e437bc1c-aa7d-11d2-a382-00c04f991e27}\DllName gptext.dll
PX5: 3937BBDB001CF5150EDE03108010A6002700AFB6
MD5: f286c70f59f434b6ddbab5738b6b029b
Determination: GOOD

C:\WINDOWS\system32\fdeploy.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{25537BA6-77A8-11D2-9B6C-0000F8080861}\DllName fdeploy.dll
PX5: 4B245433003392E32A140131FF3EF30000999A70
MD5: b4767457d286ebb4767c5ec1df9a7424
Determination: GOOD

C:\WINDOWS\system32\dskquota.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{3610eda5-77ef-11d2-8dc5-00c04fa31a66}\DllName dskquota.dll
PX5: 67A29FF30003BFCF6E3801450DA1040095E8819B
MD5: 78b72d69ee065560a89b7ece65ed7e2c
Determination: GOOD

C:\WINDOWS\system32\appmgmts.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{c6dc5466-785a-11d2-84d0-00c04fb169f7}\DllName appmgmts.dll
PX5: D38F92810065B7EDAC840228F23E3C004E625C37
MD5: 00e50cd4d9247cb56efc1360c32ab755
Determination: GOOD

C:\WINDOWS\system32\cryptnet.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet\DllName cryptnet.dll
PX5: 7068F9AD00A507EDF8EF0072A0BBE3005197631B
MD5: f8dd2e38ecc275ae94edc7c0492416ef
Determination: GOOD

C:\WINDOWS\system32\sclgntfy.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy\DllName sclgntfy.dll
PX5: 164435B300B5B4E0548400AA1F6E0800C2CDD06A
MD5: 5ff2551a3d740476f06b20f59cd7f0be
Determination: GOOD

C:\WINDOWS\system32\comm.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\comm.drv comm.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 0D8B262B3068553F296F004B25B4F300F3172575
MD5: 01b656374912d7ccf7465a3893f18982
Determination: GOOD

C:\WINDOWS\system32\vga.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\display.drv vga.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 8D38D13480CC42FA089200F6F3895F00B79BCD14
MD5: 9c86bbb80450af95b6a4ea8ebda93d76
Determination: GOOD

C:\WINDOWS\system32\mmsystem.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\drivers mmsystem.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: B7018ADE208113FC103101C8EB6DD700B1D99765
MD5: 7b3633a771ffad1cfb8d999fb5fc2687
Determination: GOOD

C:\WINDOWS\system32\keyboard.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\keyboard.drv keyboard.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 159F7A82D0C5E0D3077700FE801B1000B79BCD14
MD5: ed4bf709aad8b665075de06a0945b030
Determination: GOOD

C:\WINDOWS\system32\mouse.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\mouse.drv mouse.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: D9EA0CB2F0FB384407BE00D28D0C0C00B79BCD14
MD5: 7d29780ac88bb7292cdcff71ba67433d
Determination: GOOD

C:\WINDOWS\system32\wfwnet.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\network.drv wfwnet.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: E9641F0220200734353000D28FC59A003BEC664C
MD5: 5302ada9b0793c84151fc463dd65d7bf
Determination: GOOD

C:\WINDOWS\system32\progman.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\shell progman.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: C0D0815600445D69AC3B01B2DAB067005DE0E11A
MD5: df0960f73f899d517ffe5a96f8715e0e
Determination: GOOD

C:\WINDOWS\system32\sound.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\sound.drv sound.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: E70CAE91D00DCE52067C00647C846400B79BCD14
MD5: 028a1f74926dc3df2d9629edc9aebafb
Determination: GOOD

C:\WINDOWS\system32\system.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\system.drv system.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: D4BD27742043BEDB0DB0000478EA5C00B79BCD14
MD5: 4a00d59ae6d75bdfc2c8e5182c4b1376
Determination: GOOD

C:\WINDOWS\system32\ntvdm.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\cmdline %SystemRoot%\system32\ntvdm.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\wowcmdline %SystemRoot%\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386
PX5: DFD881F400018F016A4F06473E7EAA001AE7779E
MD5: 0fea136cc628c6182e91598f7990229c
Determination: GOOD

C:\WINDOWS\system32\krnl386.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\wowcmdline %SystemRoot%\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386
PX5: 01F6A66B6040DCB569EA013E85A2EE004745F621
MD5: 5400c4565b1b7f811b7010a92134476b
Determination: GOOD

C:\WINDOWS\system32\commdlg.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: D41FE74160643BD6833B006BB7E5A9004410FDC1
MD5: 282c6a1e0565458ce162c907a84043f4
Determination: GOOD

C:\WINDOWS\system32\ctl3dv2.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: C84734B440655DC66A4D00304EF8AC0014627D07
MD5: 637d88e7a1bedc4457c80dbc8ba9f135
Determination: GOOD

C:\WINDOWS\system32\ddeml.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 87F926CB00F2CB349A1200182C7413003E6FB37C
MD5: bf6529de6619c4970e727f58e0ad48d1
Determination: GOOD

C:\WINDOWS\system32\lanman.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: A797EACD0BCFF4C3663403FC8369B500D2DCA4A2
MD5: e9d142feaa02e867c8dcddfe84e29e20
Determination: GOOD

C:\WINDOWS\system32\netapi.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 3B2621E2C04DF3B2A77E0156CAF52A0029A06ED9
MD5: 0f4ad2e828a6cb0f100cb36f3ac6faee
Determination: GOOD

C:\WINDOWS\system32\olecli.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: B5F4F24400858B0246DF0121D0BC320031CB25FD
MD5: ca0305757c0648715f6d92ba0c43992f
Determination: GOOD

C:\WINDOWS\system32\olesvr.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: CE221EF60049CF2B5E3B009B247C6A00F018477F
MD5: 16bf834a84a7dc0d24edc8e924c90637
Determination: GOOD

C:\WINDOWS\system32\pmspl.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 98CDEBDE0094268EB67200C1C6BF85009014DA93
MD5: 57f8a50513e43aaf6a7b23389e389bbc
Determination: GOOD

C:\WINDOWS\system32\shell.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: CE2E2C35000BF1E3147B0046192BB900FA35E49E
MD5: dc8a8c47542edd026ad8f4ac3d6c2292
Determination: GOOD

C:\WINDOWS\system32\toolhelp.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 87219368400265353643009B30E21C003936EBD7
MD5: c86363c599e5d6836c21a3a3fd21c388
Determination: GOOD

C:\WINDOWS\system32\win87em.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 22C03F9D0005E87A34B40075B0F00E00517D625F
MD5: c980c971ad4ff3ca5cefdef40932d3a1
Determination: GOOD

C:\WINDOWS\system32\winoldap.mod
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: E19A53B2202676D208C7002132DA8800B79BCD14
MD5: 0ddfd6315da4b29d09d09b6873ea460b
Determination: GOOD

C:\WINDOWS\system32\winsock.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: FCF9BBDC30E28D0D0BF200D9F4D9CD00B79BCD14
MD5: 68485c5ef0e2efcebf21bbb1042b823b
Determination: GOOD

C:\WINDOWS\system32\winspool.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: F5BB157440E5748C08D600021F9AD300B79BCD14
MD5: 0b4b94b78123e8035b84105bc024f9f8
Determination: GOOD

C:\WINDOWS\system32\wowdeb.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: C1613D5DB0A80A260ABB006471357400B79BCD14
MD5: a7b82d6b38a2acd3b2684e7371c6ce93
Determination: GOOD

C:\WINDOWS\system32\timer.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 01DC5380F09B29550F040024FDB8830045F6872C
MD5: 01dc53809b29550424fdb88345f6872c
Determination: GOOD

C:\WINDOWS\system32\compobj.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: DA21156DD0BCD8E77562007DCF26A600F4FFDA3F
MD5: 40f9fc896b2ba69fdc04d75e9d00dd01
Determination: GOOD

C:\WINDOWS\system32\storage.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 60BAD4D270E3252C10B800A49D4C780095AFB292
MD5: 3a5cd674ada85bcc1ff26b81b4cdefb5
Determination: GOOD

C:\WINDOWS\system32\ole2.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: F2FC4A2A40B7B6B59BDF00629364AB00A54AED31
MD5: 145aa8ecf0526c093f71117c181694ab
Determination: GOOD

C:\WINDOWS\system32\ole2disp.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 3E66404830EBCC7296B902E3361C6400BE12EFF7
MD5: eb38be7d7cf9ec15442a9d24cb39a2ac
Determination: GOOD

C:\WINDOWS\system32\ole2nls.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 09B13294B021FA9E558F026E08072F00900228B5
MD5: 32cfcc848a57f87638e31e8735515f80
Determination: GOOD

C:\WINDOWS\system32\typelib.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: C0620321C004C14EB60D020DCCE16200701F9AEA
MD5: 7161255dfa81e67b66b746d2504d2f2b
Determination: GOOD

C:\WINDOWS\system32\msvideo.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 790EE65FC0939660F0F4012F00509C00EF668BF3
MD5: 0fec57467004486cf202ed7bdfa5dcee
Determination: GOOD

C:\WINDOWS\system32\avifile.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 23078576D07C879BAB0E016052733100CC123BD6
MD5: 92fbb472d13a6cc283529301810922fb
Determination: GOOD

C:\WINDOWS\system32\msacm.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 9509859960B48961EF3C0048E192C7002EB67DBB
MD5: b3e0e6c925d333fdca47808ebf787cb2
Determination: GOOD

C:\WINDOWS\system32\mciavi.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 8B09E9FBC0AC80C41F5801300F1C5F00B1E6B4D8
MD5: e6a1bb6f039486bceb825b365aa5548d
Determination: GOOD

C:\WINDOWS\system32\mciseq.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 6F3561B8D089079262B000F61C353D001FC85F9C
MD5: 6f3561b8890792b0f61c353d1fc85f9c
Determination: GOOD

C:\WINDOWS\system32\mciwave.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 2D1A8D9600222A826E980084C50D45003B805765
MD5: 2d1a8d96222a829884c50d453b805765
Determination: GOOD

C:\WINDOWS\system32\avicap.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv commdlg.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mmsystem.dll mouse.drv netapi.dll olecli.dll olesvr.dll pmspl.dll shell.dll sound.drv system.drv toolhelp.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe timer.drv rasapi16.dll compobj.dll storage.dll ole2.dll ole2disp.dll ole2nls.dll typelib.dll msvideo.dll avifile.dll msacm.dll mciavi.drv mciseq.drv mciwave.drv progman.exe avicap.dll mapi.dll
PX5: 8D50F512B0D5AAB0126C01BC85534E00FA0EC9E8
MD5: 4a78d6c08d90bde538d5b538a082c1c9
Determination: GOOD

C:\Programmi\Crawler\Toolbar\ctbr.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\(default)
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\NoExplorer .
Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Toolbar\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Loaded from: \REGISTRY\User\S-1-5-21-1957994488-813497703-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} ..8K0R.M..3c.=5B
Loaded from: \REGISTRY\User\S-1-5-21-1957994488-813497703-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} ..8K0R.M..3c.=5B
PX5: 935CB37000A65AA6544D111DDBE7AD0013E5558A
MD5: caa591359b2d92336f7fd1ecded5c31d
Determination: GOOD

C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\NoExplorer .
Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ClsidExtension {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}
PX5: BEEC7CE7903A1989A51C07665627A3001B1EF486
MD5: d787e3123fad2bd58ab45b9a5c360acd
Determination: GOOD

C:\WINDOWS\system32\ntsd.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path\Debugger ntsd -d
PX5: 834FBBDD002D211C7C10004432E9BD00FC3D4F55
MD5: 3ecffb9259462acccaf0063841e85e9b
Determination: GOOD

C:\WINDOWS\system32\mmsys.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{00022613-0000-0000-C000-000000000046} Propriet. dei file Multimedia
PX5: 22BCF726009533B384CD093581FB0B00BBF55E93
MD5: b9e3764a67f8d272e88a74e0bdfa1bd0
Determination: GOOD

C:\WINDOWS\system32\icmui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{176d6597-26d3-11d1-b350-080036a75b03} Gestore scanner ICM
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5DB2625A-54DF-11D0-B6C4-0800091AA605} Gestore monitor ICM
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{675F097E-4C4D-11D0-B6C1-0800091AA605} Gestore stampante ICM
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{DBCE2480-C732-101B-BE72-BA78E9AD5B27} Profilo ICC
PX5: 79852F4F004FA70AD8870036A8B3F300BFB6CC72
MD5: cc61775dd0099c04c1c464d2e838e0a3
Determination: GOOD

C:\WINDOWS\system32\rshx32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1F2E5C40-9550-11CE-99D2-00AA006E086C} Pagina di protezione NTFS
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F37C5810-4D3F-11d0-B4BF-00AA00BBB723} Pagina di protezione della stampante
PX5: 8E3D69C300B1B3BBA05400C01998E00021B13B08
MD5: 96dbc8f1582fe95b299cd3d6cdba10a2
Determination: GOOD

C:\WINDOWS\system32\docprop.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3EA48300-8CF6-101B-84FB-666CCB9BCD32} Pagina di propriet. di Docfile OLE
PX5: 4D155A630014F006B8E7003E1F6CD600C0918C31
MD5: 33cf28feac3984edea3b8672a0d7f46a
Determination: GOOD

C:\WINDOWS\system32\deskadp.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{42071712-76d4-11d1-8b24-00a0c9068ff3} Estensione scheda video del Pannello di controllo
PX5: 1FEBC52C0075696A427B005EACC72200AF70D61C
MD5: 77dd733136353761750b2258ad368a7e
Determination: GOOD

C:\WINDOWS\system32\deskmon.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{42071713-76d4-11d1-8b24-00a0c9068ff3} Estensione monitor del Pannello di controllo
PX5: E6AC7E1B00B4347342D70033642CB1001FC78895
MD5: b4d9f35f49b9e5b03c45bebd96486fe4
Determination: GOOD

C:\WINDOWS\system32\dssec.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4E40F770-369C-11d0-8922-00A024AB2DBB} Pagina di protezione DS
PX5: BF365090005B6ECFCC56008F370997000EDC51ED
MD5: fba19f60318c5e62cc531f7265e64899
Determination: GOOD

C:\WINDOWS\system32\SlayerXP.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} Pagina compatibilit.
PX5: 071E70380069307964410011CDEF880004B79666
MD5: 92e3c0617dda6f19a7b0f680c94c9b6f
Determination: GOOD

C:\WINDOWS\system32\diskcopy.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{59099400-57FF-11CE-BD94-0020AF85B590} Estensione copia dischi
PX5: 74FF218D0092AEB8EC3016F62F9A37009BC24342
MD5: 18ac1727a4fdd1012974ad76580d0c74
Determination: GOOD

C:\WINDOWS\system32\ntlanui2.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{59be4990-f85c-11ce-aff7-00aa003ca9f6} Estensioni shell per oggetti Rete Microsoft Windows
PX5: 0FBD6225003D84B73AA5000A7557EF00532B5590
MD5: 75ac93bb0eda95a6b928c7949e60b98b
Determination: GOOD

C:\WINDOWS\system32\printui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{77597368-7b15-11d0-a0c2-080036af3f03} Estensione shell per la stampante Web
PX5: CFC465B500331E10BE8C08062B62D70065070AFA
MD5: ca104d6e9428ba00346cd615a1ee2e31
Determination: GOOD

C:\WINDOWS\system32\dskquoui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7988B573-EC89-11cf-9C00-00AA00A14F56} Disk Quota UI
PX5: 22C011F30068927142C902641380E9009CE9DCD6
MD5: beca74d3e444b46fa22300b26a46b67d
Determination: GOOD

C:\WINDOWS\system32\syncui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{85BBD920-42A0-1069-A2E4-08002B30309D} Sincronia file
PX5: 32CB8DAC001BF20AF6D60250E1D558008C7994BA
MD5: ad552fcc0582ea9d1a8f7ab38fb53393
Determination: GOOD

C:\WINDOWS\system32\fontext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BD84B380-8CA2-1069-AB1D-08000948F534} Tipi di carattere
PX5: A9B1E4F600762191E233053033E9D8001908E1DB
MD5: 71a69eee673b5d15ebc8479be12d65c7
Determination: GOOD

C:\WINDOWS\system32\deskperf.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{f92e8c40-3d33-11d2-b1aa-080036a75b03} Display TroubleShoot CPL Extension
PX5: DEBA621400871F794A8D0005514927006E3B795A
MD5: 584dac27268a6a1892062380b1582494
Determination: GOOD

C:\WINDOWS\system32\cryptext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7444C717-39BF-11D1-8CD9-00C04FC29D45} Estensione Crypto PKO
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7444C719-39BF-11D1-8CD9-00C04FC29D45} Estensione firma crittografata
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\PropertySheetHandlers\CryptoSignMenu\(default) {7444C719-39BF-11D1-8CD9-00C04FC29D45}
PX5: 144B846200DE013DD4E800E6AFBAF700F56839D9
MD5: d8340d897ad5cf76e359d3ebbabb5a03
Determination: GOOD

C:\WINDOWS\system32\wiashext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E211B736-43FD-11D1-9EFB-0000F8757FCD} Scanner e fotocamere digitali
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD} Scanner e fotocamere digitali
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{905667aa-acd6-11d2-8080-00805f6596d2} Scanner e fotocamere digitali
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3F953603-1008-4f6e-A73A-04AAC7A992F1} Scanner e fotocamere digitali
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{83bbcbf3-b28a-4919-a5aa-73027445d672} Scanner e fotocamere digitali
PX5: C96A74CF00663EB10AB209D765C2F9007A08BE3F
MD5: c1f811f1edc12130f9842b93b588957f
Determination: GOOD

C:\WINDOWS\system32\remotepg.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F0152790-D56E-4445-850E-4F3117DB740C} Remote Sessions CPL Extension
PX5: B276FC4B0072F7D1EE38004C043BDE00E8D7EAE4
MD5: 248afc0c31e60bbbfaceac5fd66b4f3d
Determination: GOOD

C:\WINDOWS\system32\wshext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{60254CA5-953B-11CF-8C96-00AA00B8708C} Estensione shell per Windows Script Host
PX5: 66026A8D0045E4F800BE0104F649E900B9F8B8B3
MD5: 2a7ce0d301ed72a88b5ede591ac7c51a
Determination: GOOD

C:\Programmi\File comuni\System\Ole DB\oledb32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2206CDB2-19C1-11D1-89E0-00C04FD7A829} Microsoft Data Link
PX5: 722A7F0200065713701D079CB9F9D70095D47802
MD5: a2033e5a2b7fc1874cacd6d70a7a7095
Determination: GOOD

C:\WINDOWS\system32\mstask.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF} Tasks Folder Icon Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF} Tasks Folder Shell Extension
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D6277990-4C6A-11CF-8D87-00AA0060F5BF} Operazioni pianificate
PX5: 28BAE091003DDB7248B2048CE9759F0060145387
MD5: ec25a03ff0624969d508c6f1e25cd664
Determination: GOOD

C:\WINDOWS\system32\wuaucpl.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5F327514-6C5E-4d60-8F16-D07FA08A78ED} Auto Update Property Sheet Extension
PX5: B717D614001665127CF602A9F30C1F00792CA187
MD5: 747373c80298359850901f5288faea3c
Determination: GOOD

C:\WINDOWS\system32\shmedia.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{875CB1A1-0F29-45de-A1AE-CFB4950D0B78} Audio Media Properties Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{40C3D757-D6E4-4b49-BB41-0E5BBEA28817} Video Media Properties Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E4B29F9D-D390-480b-92FD-7DDB47101D71} Wav Properties Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{87D62D94-71B3-4b9a-9489-5FE6850DC73E} Avi Properties Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A6FD9E45-6E44-43f9-8644-08598F5A74D9} Midi Properties Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{c5a40261-cd64-4ccf-84cb-c394da41d590} Video Thumbnail Extractor
PX5: 6F935BCA00698E3154450276A47BF4000FC59B48
MD5: bf30bb4d33afa9e7e33f82f7de84f18c
Determination: GOOD

C:\WINDOWS\system32\sendmail.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE} Sendmail service
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE} Sendmail service
PX5: 89815E52001B0148D88B0081AF133A006B487C42
MD5: 2e2cf126e0c68ee3954d4033035ca78e
Determination: GOOD

C:\WINDOWS\system32\occache.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88C6C381-2E85-11D0-94DE-444553540000} Cartella cache ActiveX
PX5: 214F9BB100EDD7C47CF8015D8AF0380096C50712
MD5: eaa6d95c930615b37d2846778480b3e7
Determination: GOOD

C:\WINDOWS\system32\appwiz.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{352EC2B7-8B9A-11D1-B8AE-006008059382} Gestione applicazioni shell
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0B124F8F-91F0-11D1-B8B5-006008059382} Enumeratore applicazioni installate
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CFCCC7A0-A282-11D1-9082-006008059382} Darwin App Publisher
PX5: 7BF23A6100E0F96772F20888CE0D3F00288DF318
MD5: 5811931252689335b915135f40af5ef1
Determination: GOOD

C:\WINDOWS\system32\netplwiz.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CC6EEFFB-43F6-46c5-9619-51D571967F7D} Pubblicazione guidata sul Web
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{add36aa8-751a-4579-a266-d66f5202ccbb} Ordinazione di stampe tramite Web
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6b33163c-76a5-4b6c-bf21-45de9cd503a1} Oggetto Pubblicazione guidata sul Web
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{58f1f272-9240-4f51-b6d4-fd63d1618591} Creazione guidata profilo Passport
PX5: C0B90A180022DF616EE40D61CC92200055AE5438
MD5: 497a6c557821b002c784437591ff731b
Determination: GOOD

C:\WINDOWS\system32\cdfview.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{f39a0dc0-9cc8-11d0-a599-00c04fd64433} File del canale
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{f3aa0dc0-9cc8-11d0-a599-00c04fd64434} Collegamento al canale
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{f3ba0dc0-9cc8-11d0-a599-00c04fd64435} Channel Handler Object
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{f3da0dc0-9cc8-11d0-a599-00c04fd64437} Channel Menu
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{f3ea0dc0-9cc8-11d0-a599-00c04fd64438} Channel Properties
PX5: 078C0056008184D44E1F02922B0F0300CF4E3686
MD5: e44a7ac9a918fe6d8b29c3223d563545
Determination: GOOD

C:\WINDOWS\system32\extmgr.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{692F0339-CBAA-47e6-B5B5-3B84DB604E87} Extensions Manager Folder
PX5: 29CD981900B2AB34DAC8005A8DC7D40002F9966B
MD5: 77989a1fc504e58f198a3990b4115c6d
Determination: GOOD

C:\WINDOWS\system32\docprop2.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{883373C3-BF89-11D1-BE35-080036B11A03} Microsoft DocProp Shell Ext
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A9CF0EAE-901A-4739-A481-E35B73E47F6D} Microsoft DocProp Inplace Edit Box Control
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8EE97210-FD1F-4B19-91DA-67914005F020} Microsoft DocProp Inplace ML Edit Box Control
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0EEA25CC-4362-4A12-850B-86EE61B0D3EB} Microsoft DocProp Inplace Droplist Combo Control
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6A205B57-2567-4A2C-B881-F787FAB579A3} Microsoft DocProp Inplace Calendar Control
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33} Microsoft DocProp Inplace Time Control
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\PropertySheetHandlers\{883373C3-BF89-11D1-BE35-080036B11A03}\(default) Summary Properties Page
PX5: BAD4E96E0064F346BC36008E2891DB0060D308D0
MD5: 886ba5db0a87b5a0d5f85c39424fc2ac
Determination: GOOD

C:\WINDOWS\system32\dsquery.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8A23E65E-31C2-11d0-891C-00A024AB2DBB} Directory Query UI
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9E51E0D0-6E0F-11d2-9601-00C04FA31A86} Shell properties for a DS object
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{163FDC20-2ABC-11d0-88F0-00A024AB2DBB} Directory Object Find
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F020E586-5264-11d1-A532-0000F8757D7E} Directory Start/Search Find
PX5: 97CEB5F9000C9E25AA2703A3E1CE88000E6ADB1E
MD5: 3241be7fa4e0191ae13d80b605ac980e
Determination: GOOD

C:\WINDOWS\system32\dsuiext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0D45D530-764B-11d0-A1CA-00AA00C16E65} Directory Property UI
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{62AE1F9A-126A-11D0-A14B-0800361B1103} Directory Context Menu Verbs
PX5: 6A192EC500170EFDBCEB0145A96D9300BCCCF2CE
MD5: ca33e221efa6c8bc9081f62fb81c4f46
Determination: GOOD

C:\WINDOWS\msagent\agentpsh.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{143A62C8-C33B-11D1-84FE-00C04FA34A14} Microsoft Agent Character Property Sheet Handler
PX5: 7469413C00931FFF5E8700E559045400C1A9DC6C
MD5: 43e7c7538d4fd053d19758dd758a2842
Determination: GOOD

C:\WINDOWS\system32\dfsshlex.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6} DfsShell
PX5: C56F8BCC000B5CE570B200C57894E100F757413D
MD5: 41f6a64eb0d0c8b6fdff7c376f4cec17
Determination: GOOD

C:\WINDOWS\system32\photowiz.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{60fd46de-f830-4894-a628-6fa81bc0190d} %DESC_PublishDropTarget%
PX5: B7418C4500E88487A00C02F731B52500E7F273D2
MD5: 06cfb5ce176f60aa715635a291960acc
Determination: GOOD

C:\WINDOWS\System32\mmcshext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7A80E4A8-8005-11D2-BCF8-00C04F72C717} MMC Icon Handler
PX5: 8A0ADE010092153AC6C80087DEA97400BEB13B83
MD5: d1c8ed56d0db39e432eddc5bfca6dbe5
Determination: GOOD

C:\WINDOWS\system32\cabview.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0CD7A5C0-9F37-11CE-AE65-08002B2E1262} .CAB file viewer
PX5: 3D37E41700A8F7F74C2701763FA52300CB1B48CD
MD5: b6bf125d2c37cd7df340b255a07134e8
Determination: GOOD

C:\Programmi\Outlook Express\wabfind.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{32714800-2E5F-11d0-8B85-00AA0044F941} &Contatti...
PX5: 4FBC213F00A9A845805300462EEB2700C79BF84F
MD5: 64ecedd4e261443874cad4d66fe9fe44
Determination: GOOD

C:\WINDOWS\system32\wmpshell.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8DD448E6-C188-4aed-AF92-44956194EB1F} Windows Media Player Play as Playlist Context Menu Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C} Windows Media Player Burn Audio CD Context Menu Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD} Windows Media Player Add to Playlist Context Menu Handler
PX5: 38347505000E6E3790E70134E584230099E5F235
MD5: 26ff66b17aa576421bc14742157871f2
Determination: GOOD

C:\Programmi\MSN Messenger\fsshext.8.1.0178.00.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} Messenger Sharing Folders
PX5: 8843DBEC703CE08BE7AC042B1C39BD0022FB3418
MD5: 9cb1085b64b2426a0640f2dc126a96b5
Determination: GOOD

C:\WINDOWS\system32\btneighborhood.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6af09ec9-b429-11d4-a1fb-0090960218cb} My Bluetooth Places
PX5: 1911F1824DA1C3A990DA0FE7663E4500E3F80F9E
MD5: 02c44f9f7e948cabf4226e1e365b8d83
Determination: GOOD

C:\WINDOWS\system32\dfshim.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{e82a2d71-5b2f-43a0-97b8-81be15854de8} ShellLink for Application References
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} Shell Icon Handler for Application References
PX5: 494A923700854E7646D901138F98BF001434DC1A
MD5: b3511383c8be3a8c5b88a78971fc1141
Determination: GOOD

C:\WINDOWS\System32\XPSSHHDR.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{45670FA8-ED97-4F44-BC93-305082590BFB} Microsoft.XPS.Shell.Metadata.1
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{44121072-A222-48f2-A58A-6D9AD51EBBE9} Microsoft.XPS.Shell.Thumbnail.1
PX5: 8D9A88CA001CEB35DB38088EB6A63200AB511E0D
MD5: 53a49a2bd3a27b433de7c1471a4d87f9
Determination: GOOD

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\MiniDumpAuxiliaryDlls\C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
PX5: EF54F26D0008E1F238C20CD47ED58E00B5718750
MD5: ab2895b99611a536b18b1ab8f8c55bbe
Determination: GOOD

C:\WINDOWS\system32\msapsspc.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\SecurityProviders\SecurityProviders msapsspc.dll schannel.dll, digest.dll, msnsspc.dll
PX5: 8C479BBA0065475850000105207F00002CA02E51
MD5: 9b6e96f4ec4104bcb180c5bea2787b3f
Determination: GOOD

C:\WINDOWS\system32\digest.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\SecurityProviders\SecurityProviders msapsspc.dll schannel.dll digest.dll msnsspc.dll
PX5: 2283761F0087EB020C9B01CC3CCBC600B4AB6B96
MD5: 9b4cd31081f2ce1d69d2580d015c82ea
Determination: GOOD

C:\WINDOWS\system32\msnsspc.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\SecurityProviders\SecurityProviders msapsspc.dll schannel.dll digest.dll msnsspc.dll
PX5: 5FC3C3D6008FE4D0702D042D3521CB003038EB19
MD5: a99939bae7757437683f4d6b1021a499
Determination: GOOD

C:\WINDOWS\Resources\themes\Luna\Luna.msstyles
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Themes\InstallVisualStyle %SystemRoot%\Resources\themes\Luna\Luna.msstyles
PX5: D4AC08E190E1815FF0763FFB772E82003759142D
Determination: GOOD

C:\WINDOWS\system32\rdpclip.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms rdpclip
PX5: 3129DB34009CADCFF4300018D68AB90013FA4372
MD5: 456e33d8a5b34b0b9b5de1270e13c7a3
Determination: GOOD

C:\WINDOWS\system32\rdpwsx.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\WsxDll rdpwsx
PX5: 2D4F90888862EA65546401DF11DAFF009FB4CACF
MD5: 98b543037e34c640622fa61e895326c4
Determination: GOOD

C:\WINDOWS\system32\RDPCFGEX.DLL
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\CfgDll RDPCFGEX.DLL
PX5: 648184F200AE0568123C00C1F661D900A8042FB8
MD5: 0f6f4433f47441c14f17d5348cf609b0
Determination: GOOD

C:\WINDOWS\system32\login.cmd
Loaded from: \REGISTRY\Machine\Software\Microsoft\TelnetServer\1.0\LoginScript C:\WINDOWS\system32\login.cmd
Loaded from: \REGISTRY\Machine\Software\Microsoft\TelnetServer\Defaults\LoginScript C:\WINDOWS\system32\login.cmd
PX5: E84E330F16249FCA02E40021B9B70B00A6A3E1F7

C:\WINDOWS\System32\cmd.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\TelnetServer\1.0\DefaultShell %SYSTEMROOT%\System32\cmd.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\TelnetServer\Defaults\DefaultShell %SYSTEMROOT%\System32\cmd.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\TelnetServer\1.0\DefaultShell %SYSTEMROOT%\System32\cmd.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\TelnetServer\Defaults\DefaultShell %SYSTEMROOT%\System32\cmd.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\SafeBoot\AlternateShell cmd.exe
PX5: 174F65020044C14C121406F23AA7F300C65DE81F
MD5: 94744851b6a9bdcefcd26cc61a6afd12
Determination: GOOD

C:\WINDOWS\system32\rdpsnd.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP\wave rdpsnd.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP\mixer rdpsnd.dll
PX5: 34FBA65500CFB6AF4EE7003742BB470065937B12
MD5: 1c5c414cc29d507b89e355e1733a7491
Determination: GOOD

C:\WINDOWS\system32\imaadp32.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.imaadpcm imaadp32.acm
PX5: 528D926A00EB3B4A408A0067B777E0007219DE4B
MD5: 316f81b3ec381c1c76e07ca43fc12bfc
Determination: GOOD

C:\WINDOWS\system32\msg711.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.msg711 msg711.acm
PX5: 98836843004ECD5624170012D62AF300ADA7FDE1
MD5: d609edecb9692217bca166c09a8aa6d0
Determination: GOOD

C:\WINDOWS\system32\msgsm32.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.msgsm610 msgsm32.acm
PX5: 7715C6930008610D4E5300A5AC1D5400348AB758
MD5: dbb6c6dba7c404bf266e064889c45907
Determination: GOOD

C:\WINDOWS\system32\tssoft32.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.trspch tssoft32.acm
PX5: 9DB260C30072F5C620530046E6B0DC000EF1898D
MD5: 49445261ffaab7f8b915c4d3041aa7f4
Determination: GOOD

C:\WINDOWS\system32\iccvid.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.cvid iccvid.dll
PX5: 0CEE20B80002FE623A80014E667E0900EDC97E34
MD5: be4de2539b3db9d31d75fe0d323c52ee
Determination: GOOD

C:\WINDOWS\system32\msh263.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\VIDC.I420 msh263.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.M263 msh263.drv
PX5: D1EBECF00092F1C390AB04548720B200A8771D55
MD5: b2e67e6045966c14a746627dccf3f67d
Determination: GOOD

C:\WINDOWS\system32\ir32_32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.iv31 ir32_32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.iv32 ir32_32.dll
PX5: 48C6FD2800CF7D770AB40340E9EE0B00336C0935
MD5: cde3aeaeeff57dbb43133f46e96ad8c5
Determination: GOOD

C:\WINDOWS\system32\ir41_32.ax
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.iv41 ir41_32.ax
PX5: 88C1844600D60C2BF2960C06110E8900D716354E
MD5: 757c7944eb0d518020bb59a1a3ae9826
Determination: GOOD

C:\WINDOWS\system32\iyuv_32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\VIDC.IYUV iyuv_32.dll
PX5: 8D2F485A000F6953BA8B00EF89F3AE0028DCEE98
MD5: 193315b73270bad33a3c2f527c8380f6
Determination: GOOD

C:\WINDOWS\system32\msrle32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.mrle msrle32.dll
PX5: 6AD29AC5008293D12C2D00B216F74700B26503F0
MD5: 7b999ca58c6276d885f17abc73982009
Determination: GOOD

C:\WINDOWS\system32\msvidc32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.msvc msvidc32.dll
PX5: CE4E524C0073A8EC64FF00E1300C68000D8D97A8
MD5: d648edba85278839e30979ce627e5c81
Determination: GOOD

C:\WINDOWS\system32\msyuv.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\VIDC.UYVY msyuv.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\VIDC.YUY2 msyuv.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\VIDC.YVYU msyuv.dll
PX5: 92EC75E800DB9BE5440C000A47ABC3009642377A
MD5: b35e1e08bf94e68daf5d9f52485ea368
Determination: GOOD

C:\WINDOWS\system32\tsbyuv.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\VIDC.YVU9 tsbyuv.dll
PX5: 86646A040019522320A100B4BB4D900094B11477
MD5: a892ec07dffc3d8bf879102982f08721
Determination: GOOD

C:\WINDOWS\system32\msg723.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.msg723 msg723.acm
PX5: 11020CC8008FB79ED00601EAD6C03900AA679A83
MD5: d53bde174ad076ae58c8245a524cfb85
Determination: GOOD

C:\WINDOWS\system32\msh261.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.M261 msh261.drv
PX5: A41AA5420008DA3EF0B402388EE55600B25D24F8
MD5: 35f5338123495c871c4c7cc9fce784f6
Determination: GOOD

C:\WINDOWS\system32\msaud32.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.msaudio1 msaud32.acm
PX5: C38F33CC0026C9E080B10460DFC46F004CE633B9
MD5: 9efca60a4bdcf77fc5e2337e3ab61b1e
Determination: GOOD

C:\WINDOWS\system32\sl_anet.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.sl_anet sl_anet.acm
PX5: 3DA8D952002B67BF508D01A57E615F00B2B2EA92
MD5: c2e1907dde505f02585e7c85f927333a
Determination: GOOD

C:\WINDOWS\system32\iac25_32.ax
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.iac2 C:\WINDOWS\system32\iac25_32.ax
PX5: D062C8E7003B5A390C1703C014BB9700CE1BED53
MD5: 60b88c336ef385eb0ed77b73852712f3
Determination: GOOD

C:\WINDOWS\system32\ir50_32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.iv50 ir50_32.dll
PX5: 8FA030FE0030B5D3865F0B4087D0420068F6854C
MD5: b11fb596034932dc55a7638911f482c2
Determination: GOOD

C:\WINDOWS\system32\l3codeca.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.l3acm C:\WINDOWS\system32\l3codeca.acm
PX5: 29088BE70099BF88700A0426A3266D008E350E66
MD5: 4b4fd61ebb404842eb5823a50a3a58a9
Determination: GOOD

C:\WINDOWS\system32\vp6vfw.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.VP60 C:\WINDOWS\system32\vp6vfw.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.VP61 C:\WINDOWS\system32\vp6vfw.dll
PX5: 5D138B0F00AF89B0B082068F89276C00B8B91ADA
MD5: fac0d5b16efa7376ca81047490187d0d
Determination: GOOD

C:\WINDOWS\system32\sirenacm.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.siren sirenacm.dll
PX5: 92D29F56708DC7D2C7BF005BB97C8A00D5F934F9
MD5: c2bde52e48e668fe6f95c40bba7aa310
Determination: GOOD

C:\WINDOWS\system32\LCODCCMP.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.LEAD LCODCCMP.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Userinstallable.drivers\vidc.LEAD LCODCCMP.DLL
PX5: 1C9CFC360040201D2ACD05F3FD5DE50047A231E4
MD5: 680dfb72688494d3bccd24079a0608c6
Determination: GOOD

C:\WINDOWS\system32\VfWWDM32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\MSVideo8 VfWWDM32.dll
PX5: 50A7CDEB00FEFE76D6A800E76B929700EFCC0032
MD5: 148b5330921c365fa4a2db6c431a9b2c
Determination: GOOD

D:\Claudio\programmi\storm\codec\xvidvfw.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.xivd D:\Claudio\programmi\storm\codec\xvidvfw.dll
PX5: F19D5357003B5178C06902D22571EC0058F02452
MD5: 1d7869e5f91ea37b8e03f2547e2a4f9b
Determination: GOOD

C:\WINDOWS\system32\ff_vfw.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.ffds ff_vfw.dll
PX5: CB70848300FFE47914FC00221DC74100152C3DCB
MD5: 5fa26c4a189fdbaf69f8485d61dfd845
Determination: GOOD

C:\WINDOWS\system32\wmv9vcm.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\VIDC.WMV3 wmv9vcm.dll
PX5: C4DDA01B0064BC149AC81571BE5FE000F8792E9C
MD5: 8c8981584b4db033bfead7acc34c27af
Determination: GOOD

C:\WINDOWS\system32\DivX.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.DIVX DivX.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.yv12 DivX.dll
PX5: 57BB3BBB5A85416A4C9A0B28305F1D00F7240935
MD5: 7d391aa5779f7a0d84e907911f0ae025
Determination: GOOD

C:\WINDOWS\system32\frapsvid.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\VIDC.FPS1 frapsvid.dll
PX5: F4280C1400D85AF3A0FB004D5CF3DF004E777663
MD5: 1be47b1bd046d26d41f6d93afb948fe1
Determination: GOOD

C:\WINDOWS\system32\rsvpsp.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009\PackedCatalogItem %SystemRoot%\system32\rsvpsp.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010\PackedCatalogItem %SystemRoot%\system32\rsvpsp.dll
PX5: 316FAA8C007F4493605401B98234D5008F685EE8
MD5: b4b4bc22821a8a0ac357297b784b996e
Determination: GOOD

C:\WINDOWS\system32\ipxrip.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ipx\IPXRIP\DllName ipxrip.dll
PX5: 859821B9009D40A9548200AD83A363008B36EF0D
MD5: 2dac54a61b837fac36ffd92b7e39b3ff
Determination: GOOD

C:\WINDOWS\system32\ipxsap.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ipx\IPXSAP\DllName ipxsap.dll
PX5: 85797B9500D099280499015DBB948C00AAAAF548
MD5: 3eea6d343b3d6fcf500db1837c07df06
Determination: GOOD

C:\WINDOWS\System32\iprtrmgr.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\DllPath %SystemRoot%\System32\iprtrmgr.dll
PX5: D40494A6008ED12A98FE023AAD1857000DD8C7B5
MD5: 30584106b1e3c4f836d35c92ba38b184
Determination: GOOD

C:\WINDOWS\System32\ipxrtmgr.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ipx\DllPath %SystemRoot%\System32\ipxrtmgr.dll
PX5: 4718448E00AA1CC09C1B00C6E262700012078A35
MD5: 7ff943a30ba413c3f43e8441a28b7aa7
Determination: GOOD

C:\WINDOWS\system32\Firewall.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\Internet Connection Firewall Firewall.cpl
PX5: C6AD4E5900619E5B3AA801566FFF65004318E0B5
MD5: 486c95d7867757ef75946cdc7fa547dd
Determination: GOOD

C:\WINDOWS\system32\NetSetup.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\NetSetupWizard NetSetup.cpl
PX5: 1727E2B500CA6EDF648A0091303FF7003D7EE312
MD5: 6c00e8b5734cd98456e36a1919393597
Determination: GOOD

C:\Programmi\File comuni\Microsoft Shared\Speech\sapi.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\Speech C:\Programmi\File comuni\Microsoft Shared\Speech\sapi.cpl
PX5: 4B95DF2F0028608F7026024663B5470081E40772
MD5: b281e4e0c7de6016f067191aa0b10047
Determination: GOOD

D:\Claudio\programmi\storm\Codec\QTSystem\QuickTime.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\QuickTime D:\Claudio\programmi\storm\Codec\QTSystem\QuickTime.cpl
PX5: 214050A5007C971B90751017ACA62A00756E64A5
MD5: c93207d97bb5787b7f148618a082385b
Determination: GOOD

C:\WINDOWS\system32\Magnify.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Accessibility\Utility Manager\Magnifier\Application path Magnify.exe
PX5: 8FD0DD1200F1CC211E520147693D72005CC20F83
MD5: b8485b1b335c0c00397dd7abc041475d
Determination: GOOD

C:\WINDOWS\system32\osk.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Accessibility\Utility Manager\On-Screen Keyboard\Application path osk.exe
PX5: 865A974F008F100B4EF6035F16FFB2007D13E899
MD5: 7d5b9dd2d397e5d323c5de2d0b4caeb6
Determination: GOOD

C:\Programmi\File comuni\Microsoft Shared\MSInfo\ieinfo5.ocx
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSInfo\Templates\ieinfo5\(default) C:\Programmi\File comuni\Microsoft Shared\MSInfo\ieinfo5.ocx
PX5: D9CCCE7600AE330472C5014263EDAE006E08A176
MD5: 7cfdd7f54c64bff62f64665a7e567896
Determination: GOOD

C:\Programmi\File comuni\Microsoft Shared\MSInfo\MSInfo32.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSInfo\Path C:\Programmi\File comuni\Microsoft Shared\MSInfo\MSInfo32.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSInfo\Path C:\Programmi\File comuni\Microsoft Shared\MSInfo\MSInfo32.exe
PX5: DCC20BBB0036A3BB9EFA00953DF8F200E6CDE36A
MD5: 12644a48270558aec35230e476534f48
Determination: GOOD

C:\Programmi\File comuni\Microsoft Shared\TextConv\html32.cnv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\HTML\Path C:\Programmi\File comuni\Microsoft Shared\TextConv\html32.cnv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\HTML\Path C:\Programmi\File comuni\Microsoft Shared\TextConv\html32.cnv
PX5: 4D9506A9385CE7D6C22D044B3348F800EABDC1BF
MD5: 20b2a413befa1b0d309416bf8228dc95
Determination: GOOD

C:\Programmi\File comuni\Microsoft Shared\TextConv\write32.wpc
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWinWrite.wpc\Path C:\Programmi\File comuni\Microsoft Shared\TextConv\write32.wpc
PX5: 71A6A3C449C4AC08B01A01656F55D100B9B2E691
MD5: afd63ca25e43793fd7c42c5f74961559
Determination: GOOD

C:\Programmi\File comuni\Microsoft Shared\TextConv\mswrd632.wpc
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWord6.wpc\Path C:\Programmi\File comuni\Microsoft Shared\TextConv\mswrd632.wpc
PX5: 255241CE4A8E0D0D40E903D813E15E00D95525A3
MD5: da91b90d37135534d061b7e3480fc11c
Determination: GOOD

C:\Programmi\File comuni\Microsoft Shared\TextConv\mswrd832.cnv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWord8\Path C:\Programmi\File comuni\Microsoft Shared\TextConv\mswrd832.cnv
PX5: E4DB25CE10AF0B4B41E904034C3FBD003A7F764C
MD5: 40a28e9cc57f760a213a71fce642cedd
Determination: GOOD

C:\Programmi\HP\Digital Imaging\bin\hpqthb08.exe
Loaded from: FILE
PX5: 4D0BCF1E001899F0204B01CB7B2ECD00EC26A969
MD5: 806ee198284d569253eb6a1d1180b37d
Determination: GOOD

C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\desktop.ini
Loaded from: FILE
PX5: D6A685675402E3F00095003E7246A900B4A9FE35

C:\Programmi\Apple Software Update\SoftwareUpdate.exe
Loaded from: TASKS
PX5: EB600B9D603EDB7066A90A6D6AA3C2008F2CBFC8
MD5: accf8babebb0eade39b372d0da330879
Determination: GOOD


Results::
Known malicious programs: 0



End of PrevxCSI Log - http://www.prevx.com


oggi prima di questi intervanti era ri uscito il pop-up dello spegnimeto automatico, alla 2' accensione xò niente, ora cmq spero.
ho letto qui:
http://www.hwupgrade.it/forum/showthread.php?t=1597177 che dovrei scaricare l'ennesimo antivirus... ma come faccio a capire se ho Worm sasser, Worm blaster o Rootkit Rustock?