allora__ intanto grazie mille per i consigli.... ho eseguito tutti gli step della guida e ora posto i relativi log... unica eccezzione per il pèrogrammino GMER che su il 64bit a quanto pare nn gira !!!...
allora
a-squared Free - Version 3.1
Last update: 04/01/2008 13.34.48
Impostazioni scansione:
Oggetti: Memoria, Tracce, Cookies, C:\, D:\, E:\
Archivio scansioni: On
Scientifico: On
ADS Scan: On
Scansione avviata: 04/01/2008 13.35.26
C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[1].txt rilevati: Trace.TrackingCookie
C:\Documents and Settings\Administrator\Cookies\
[email protected][2].txt rilevati: Trace.TrackingCookie
C:\Documents and Settings\Administrator\Cookies\administrator@serving-sys[1].txt rilevati: Trace.TrackingCookie
C:\WINDOWS\system32\Indt2.sys rilevati: Trojan-Clicker.Win32.VB.xo
C:\WINDOWS\SysWOW64\Indt2.sys rilevati: Trojan-Clicker.Win32.VB.xo
E:\Download\Nero 8 Ultra Edition 8.1.1.4+KeyMaker\keymaker.exe rilevati: Trojan-Downloader.Win32.Delf.def
E:\System Volume Information\_restore{DC74F947-17F1-443C-AE61-24B894579C66}\RP178\A0034717.exe rilevati: Trojan-Dropper.Win32.Agent.cik
E:\System Volume Information\_restore{DC74F947-17F1-443C-AE61-24B894579C66}\RP241\A0046772.exe rilevati: Trojan-Dropper.Win32.Agent.cik
E:\System Volume Information\_restore{DC74F947-17F1-443C-AE61-24B894579C66}\RP241\A0048938.exe rilevati: Trojan-Dropper.Win32.Agent.cik
Scansionati
Files: 260805
Tracce: 352090
Cookies: 76
Processi: 25
Rilevato
Files: 6
Tracce: 0
Cookies: 3
Processi: 0
Chiavi registro: 0
Fine scansione: 04/01/2008 14.31.30
Tempo scansione: 0:56:04
E:\System Volume Information\_restore{DC74F947-17F1-443C-AE61-24B894579C66}\RP178\A0034717.exe Cancellato Trojan-Dropper.Win32.Agent.cik
E:\System Volume Information\_restore{DC74F947-17F1-443C-AE61-24B894579C66}\RP241\A0046772.exe Cancellato Trojan-Dropper.Win32.Agent.cik
E:\System Volume Information\_restore{DC74F947-17F1-443C-AE61-24B894579C66}\RP241\A0048938.exe Cancellato Trojan-Dropper.Win32.Agent.cik
E:\Download\Nero 8 Ultra Edition 8.1.1.4+KeyMaker\keymaker.exe Cancellato Trojan-Downloader.Win32.Delf.def
C:\WINDOWS\system32\Indt2.sys Cancellato Trojan-Clicker.Win32.VB.xo
C:\WINDOWS\SysWOW64\Indt2.sys Cancellato Trojan-Clicker.Win32.VB.xo
C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[1].txt Cancellato Trace.TrackingCookie
C:\Documents and Settings\Administrator\Cookies\
[email protected][2].txt Cancellato Trace.TrackingCookie
C:\Documents and Settings\Administrator\Cookies\administrator@serving-sys[1].txt Cancellato Trace.TrackingCookie
Cancellato
Files: 6
Tracce: 0
Cookies: 3
Prevx CSI Build: (v1.2.101.109)
Prevx Computer Security Investigator Output Log
System analyzed at: 01/04/08 at 14:39:52
C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
Loaded into: C:\Program Files (x86)\cebas\IP-Clamp\ipclamp.exe
Loaded into: C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
Loaded into: C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
Loaded into: C:\WINDOWS\SysWOW64\routing.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\WINDOWS\SysWOW64\ctfmon.exe
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
Loaded into: C:\Program Files (x86)\a-squared Free\a2service.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: BF3F722100902725B2CA0BD37E70F900D65A0F9D
MD5: e8efc4babf3f057ea1160e4d22bd9496
Determination: GOOD
C:\WINDOWS\syswow64\kernel32.dll
Loaded into: C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
Loaded into: C:\Program Files (x86)\cebas\IP-Clamp\ipclamp.exe
Loaded into: C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
Loaded into: C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
Loaded into: C:\WINDOWS\SysWOW64\routing.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\WINDOWS\SysWOW64\ctfmon.exe
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
Loaded into: C:\Program Files (x86)\a-squared Free\a2service.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: D96F67E80031959568BC0F0789A87B00DC8AA864
MD5: 6be19d6d9daee20cd590fe87aa533f20
Determination: GOOD
C:\WINDOWS\syswow64\USER32.dll
Loaded into: C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
Loaded into: C:\Program Files (x86)\cebas\IP-Clamp\ipclamp.exe
Loaded into: C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
Loaded into: C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
Loaded into: C:\WINDOWS\SysWOW64\routing.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\WINDOWS\SysWOW64\ctfmon.exe
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
Loaded into: C:\Program Files (x86)\a-squared Free\a2service.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 4D0207CC00488A053281092CABDF3C0095BAAB83
MD5: 8be4e29da25073bf7894e2a61c9525de
Determination: GOOD
C:\WINDOWS\syswow64\GDI32.dll
Loaded into: C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
Loaded into: C:\Program Files (x86)\cebas\IP-Clamp\ipclamp.exe
Loaded into: C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
Loaded into: C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
Loaded into: C:\WINDOWS\SysWOW64\routing.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\WINDOWS\SysWOW64\ctfmon.exe
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
Loaded into: C:\Program Files (x86)\a-squared Free\a2service.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 2B39CE6D009F99BD708C0449EB94D500CB194AB8
MD5: 110c4ace842bea9ec0a43dcf4a1e336a
Determination: GOOD
C:\WINDOWS\syswow64\ADVAPI32.dll
Loaded into: C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
Loaded into: C:\Program Files (x86)\cebas\IP-Clamp\ipclamp.exe
Loaded into: C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
Loaded into: C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
Loaded into: C:\WINDOWS\SysWOW64\routing.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\WINDOWS\SysWOW64\ctfmon.exe
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
Loaded into: C:\Program Files (x86)\a-squared Free\a2service.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: BAC54FBF00A3091F70C10959F6A86400DFA7B0DE
MD5: fdac8b8f5b7ffbd7e8b70ec9e1a52cda
Determination: GOOD
C:\WINDOWS\syswow64\RPCRT4.dll
Loaded into: C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
Loaded into: C:\Program Files (x86)\cebas\IP-Clamp\ipclamp.exe
Loaded into: C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
Loaded into: C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
Loaded into: C:\WINDOWS\SysWOW64\routing.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\WINDOWS\SysWOW64\ctfmon.exe
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
Loaded into: C:\Program Files (x86)\a-squared Free\a2service.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 3DB7068E00357FD79AAA09D4569C0A00F09C3091
MD5: 37b220096eeb92bcf20dccc17dfcd819
Determination: GOOD
C:\WINDOWS\syswow64\Secur32.dll
Loaded into: C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
Loaded into: C:\Program Files (x86)\cebas\IP-Clamp\ipclamp.exe
Loaded into: C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
Loaded into: C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
Loaded into: C:\WINDOWS\SysWOW64\routing.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\WINDOWS\SysWOW64\ctfmon.exe
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
Loaded into: C:\Program Files (x86)\a-squared Free\a2service.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: DB2C818A0086AAFB041201D4AA98E000ACBBF78D
MD5: a4383422c69cf3bec53a939c84f92b60
Determination: GOOD
C:\WINDOWS\system32\IMM32.DLL
Loaded into: C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
Loaded into: C:\Program Files (x86)\cebas\IP-Clamp\ipclamp.exe
Loaded into: C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
Loaded into: C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
Loaded into: C:\WINDOWS\SysWOW64\routing.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\WINDOWS\SysWOW64\ctfmon.exe
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
Loaded into: C:\Program Files (x86)\a-squared Free\a2service.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 3BD1469B00123D97B8A801276F4F2000047B1B5D
MD5: 27046c93a8dae93a784989c2c283af67
Determination: GOOD
C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\IAANTMON\ImagePath C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\IAANTMON\ImagePath C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
PX5: BC25D171006F1A1660C3013A516E45002C0EADDC
MD5: f133ce1b628669e3a085fc786180fe78
Determination: GOOD
C:\WINDOWS\syswow64\ole32.dll
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
Loaded into: C:\Program Files (x86)\cebas\IP-Clamp\ipclamp.exe
Loaded into: C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
Loaded into: C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
Loaded into: C:\WINDOWS\SysWOW64\routing.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
Loaded into: C:\Program Files (x86)\a-squared Free\a2service.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 7532D0400015A78B560A1307D2086C0025617973
MD5: 61ed4063cbd966dc98783e6b3832bd1a
Determination: GOOD
C:\WINDOWS\syswow64\msvcrt.dll
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
Loaded into: C:\Program Files (x86)\cebas\IP-Clamp\ipclamp.exe
Loaded into: C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
Loaded into: C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
Loaded into: C:\WINDOWS\SysWOW64\routing.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\WINDOWS\SysWOW64\ctfmon.exe
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
Loaded into: C:\Program Files (x86)\a-squared Free\a2service.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: BF8D161A0071B52D524E05C44E4C5F0094BFC447
MD5: 1511446a6a7cd453299815575c92e5c6
Determination: GOOD
C:\WINDOWS\syswow64\OLEAUT32.dll
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
Loaded into: C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
Loaded into: C:\WINDOWS\SysWOW64\routing.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\a-squared Free\a2service.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 26C0841700DBB2C7701108E7DF1CD7002D1A5425
MD5: 75f1d27178aa7350028e0ed995392f67
Determination: GOOD
C:\Program Files (x86)\cebas\IP-Clamp\ipclamp.exe
Loaded into: C:\Program Files (x86)\cebas\IP-Clamp\ipclamp.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\IPClampService\ImagePath C:\PROGRA~2\cebas\ip-clamp\ipclamp.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\IPClampService\ImagePath C:\Program Files (x86)\cebas\IP-Clamp\ipclamp.exe
PX5: 0D83840B842E1B3FB06300018015B7003D2E916E
MD5: 64c485395e0c51413463d4290b188bf7
Determination: GOOD
C:\WINDOWS\system32\iphlpapi.dll
Loaded into: C:\Program Files (x86)\cebas\IP-Clamp\ipclamp.exe
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 57D02F1E00EAF6E9746401A873F34300D9A4BCDF
MD5: 697982224feec30a85844b0048ae80a8
Determination: GOOD
C:\WINDOWS\system32\PSAPI.DLL
Loaded into: C:\Program Files (x86)\cebas\IP-Clamp\ipclamp.exe
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
Loaded into: C:\Program Files (x86)\a-squared Free\a2service.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 47F0717F0090E0615031002462F52A00C784E194
MD5: cdc5d1e1631183ed34a273a713446325
Determination: GOOD
C:\WINDOWS\system32\WS2_32.dll
Loaded into: C:\Program Files (x86)\cebas\IP-Clamp\ipclamp.exe
Loaded into: C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\a-squared Free\a2service.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: F95BDF0E00BE9D9146CE014336E3C6006581AF46
MD5: 5c34f97d87b2a8c9cb4422e67f2dab61
Determination: GOOD
C:\WINDOWS\system32\WS2HELP.dll
Loaded into: C:\Program Files (x86)\cebas\IP-Clamp\ipclamp.exe
Loaded into: C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\a-squared Free\a2service.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 93A6046500F8CBBB4EDB004CF2CD7F007B7F47EE
MD5: db98252452c69c675ed53cd25f590f4b
Determination: GOOD
C:\WINDOWS\system32\imon.dll
Loaded into: C:\Program Files (x86)\cebas\IP-Clamp\ipclamp.exe
Loaded into: C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 078755D200479FF220280405F415660082F557C1
MD5: 53f61d4fe326bc4c2d624bd21a364572
Determination: GOOD
C:\WINDOWS\system32\WSOCK32.dll
Loaded into: C:\Program Files (x86)\cebas\IP-Clamp\ipclamp.exe
Loaded into: C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 0A7F639F00CFA9AB58BC00B2D0149600DABB481B
MD5: b4c9644244a88b82a5466e5d11851b20
Determination: GOOD
C:\WINDOWS\system32\NTMARTA.DLL
Loaded into: C:\Program Files (x86)\cebas\IP-Clamp\ipclamp.exe
Loaded into: C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 3B0ABB6600DCF3C8DC8F01ABF8D4D90084E5F667
MD5: dd496ec3de4c1c741391cd5367e84ac3
Determination: GOOD
C:\WINDOWS\syswow64\WLDAP32.dll
Loaded into: C:\Program Files (x86)\cebas\IP-Clamp\ipclamp.exe
Loaded into: C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: FE305A0400F9C641BEBD020C91BB2E007334520C
MD5: 384c93bebaca1336e930ef713ede2511
Determination: GOOD
C:\WINDOWS\system32\SAMLIB.dll
Loaded into: C:\Program Files (x86)\cebas\IP-Clamp\ipclamp.exe
Loaded into: C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 2251552D00F9FD78B807005DF4E7DD00DEC6F6C4
MD5: c67f484c82858d9dfe6d9ef471706289
Determination: GOOD
C:\WINDOWS\system32\mswsock.dll
Loaded into: C:\Program Files (x86)\cebas\IP-Clamp\ipclamp.exe
Loaded into: C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\LibraryPath %SystemRoot%\System32\mswsock.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\LibraryPath %SystemRoot%\System32\mswsock.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000001\LibraryPath %SystemRoot%\System32\mswsock.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000003\LibraryPath %SystemRoot%\System32\mswsock.dll
PX5: 7C6E3FC1007CEB1B906903E6B7C09D001EB26480
MD5: 0e4a17ae4c5208fbdc3d707c4db7a57b
Determination: GOOD
C:\WINDOWS\system32\hnetcfg.dll
Loaded into: C:\Program Files (x86)\cebas\IP-Clamp\ipclamp.exe
Loaded into: C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: B68D7C9E0095E7756CF2059368AB690082F52585
MD5: ca233ecfadd51241acace76003a88649
Determination: GOOD
C:\WINDOWS\System32\wshtcpip.dll
Loaded into: C:\Program Files (x86)\cebas\IP-Clamp\ipclamp.exe
Loaded into: C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: A4F2493100E6898F4AD2004F919A1900DC903445
MD5: 6ca76a0dfc08819f617e312f32411a4f
Determination: GOOD
C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe
Loaded into: C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\mi-raysat_3dsmax9_64\ImagePath "C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe"
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\mi-raysat_3dsmax9_64\ImagePath C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe
PX5: 3C9A2E0C00033CD7007E017873A62000DD647171
MD5: aa0c4a2c33ce075df2c272d678734991
Determination: GOOD
C:\WINDOWS\system32\DNSAPI.dll
Loaded into: C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: D0ABF586009ADD4172220252B63C3400352CCC2C
MD5: 79806bd93c5a1b8ebf22c9464b34c02f
Determination: GOOD
C:\WINDOWS\System32\winrnr.dll
Loaded into: C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\LibraryPath %SystemRoot%\System32\winrnr.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000002\LibraryPath %SystemRoot%\System32\winrnr.dll
PX5: D75DB74400009340445A007893902B0042F96D49
MD5: 372097347142b42a6dd0db68e20c37b2
Determination: GOOD
C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Nero BackItUp Scheduler 3\ImagePath C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Nero BackItUp Scheduler 3\ImagePath C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
PX5: DB8579ED28EE78D145F40D798D9CF300CC0FAD1D
MD5: c5052fb77aa42ed440f9f6b4e37145a9
Determination: GOOD
C:\WINDOWS\syswow64\SHELL32.dll
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
Loaded into: C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
Loaded into: C:\WINDOWS\SysWOW64\routing.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\a-squared Free\a2service.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\PostBootReminder {7849596a-48ea-486e-8937-a2a3009f31a9}
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\CDBurn {fbeb8a05-beee-4442-804e-409d6c4515e9}
Loaded from: \REGISTRY\User\S-1-5-21-749556108-4191305144-3801562001-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{0E5CBF21-D15F-11D0-8301-00AA005B4383}
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Open With\(default) {09799AFB-AD67-11d1-ABCD-00C04FC30936}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Open With\(default) {09799AFB-AD67-11d1-ABCD-00C04FC30936}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Open With EncryptionMenu\(default) {A470F8CF-A1E8-4f65-8335-227475AA5C46}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Open With EncryptionMenu\(default) {A470F8CF-A1E8-4f65-8335-227475AA5C46}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}\(default) Start Menu Pin
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}\(default) Start Menu Pin
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu\(default) {A470F8CF-A1E8-4f65-8335-227475AA5C46}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu\(default) {A470F8CF-A1E8-4f65-8335-227475AA5C46}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\PropertySheetHandlers\{ef43ecfe-2ab9-4632-bf21-58909dd177f0}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\PropertySheetHandlers\{ef43ecfe-2ab9-4632-bf21-58909dd177f0}\(default)
PX5: 06D3CE7A001FB1DC92927F46DC2A500048B178B6
Determination: GOOD
C:\WINDOWS\syswow64\SHLWAPI.dll
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
Loaded into: C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
Loaded into: C:\WINDOWS\SysWOW64\routing.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\a-squared Free\a2service.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 27F3D44E004023D6E29104E50755170061CB357C
MD5: c018a76bc2e494a3a603f6a5de3ce3e5
Determination: GOOD
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCP80.dll
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
PX5: 1CD79A6B00ACCCBD60660869F17C0900CE4B6B7D
MD5: 4c8a880eabc0b4d462cc4b2472116ea1
Determination: GOOD
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCR80.dll
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 9A45456900EE9D7990C909755A3A5C00A6DAF154
MD5: e4fece18310e23b1d8fee993e35e7a6f
Determination: GOOD
C:\WINDOWS\system32\WINMM.dll
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 2ABF8B3500BB732DA8DD02AB4944F500367E43FE
MD5: 0efad57ea08c1b4407484f760ef842ec
Determination: GOOD
C:\WINDOWS\syswow64\NETAPI32.dll
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: A4DF552900483DB744D00544C44E750093CB4091
MD5: 5c019a3213220d7d8d22d63f483df48e
Determination: GOOD
C:\WINDOWS\syswow64\VERSION.dll
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
Loaded into: C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
Loaded into: C:\WINDOWS\SysWOW64\routing.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\a-squared Free\a2service.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 3CD5F3C200AD9CCF484D00564F515600731B0FF0
MD5: 2ef50d05479882a65ad198c8a0512024
Determination: GOOD
C:\WINDOWS\WinSxS\WOW64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.3959_x-ww_5FA17F4E\comctl32.dll
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
Loaded into: C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
Loaded into: C:\WINDOWS\SysWOW64\routing.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\a-squared Free\a2service.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 8935ABD100BED11F0CCA10D747A75D0074B1C10E
MD5: 221a52cd5f2b0eb04bc2953fbe0c09c0
Determination: GOOD
C:\WINDOWS\system32\uxtheme.dll
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\a-squared Free\a2service.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: CBF7FA0D009FFB194825037745189D008940A2DF
MD5: 8d8b949c77d28702cc2aa1fcc26a942b
Determination: GOOD
C:\WINDOWS\system32\SETUPAPI.dll
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: FF36715500661F3F52B910EC07A2BD001925B45A
MD5: 41f85badf2d6ae56c380efc9eab609b4
Determination: GOOD
C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NB.dll
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
PX5: 241D14F0287AA74A95870FA8E30E3B0074B2500C
MD5: c5f6df715b407d2560ddcfef8a3ed5a8
Determination: GOOD
C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NeroAPIGlueLayerUnicode.dll
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
PX5: 3690EDF62844D6CF255802D992C9830071041157
MD5: c9b5d5d99514c50e3cb4bbfec11bf09a
Determination: GOOD
C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\LBFC.dll
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
PX5: C5855CB428B891C14500067B10F84300899CA19A
MD5: a3e29f73ce5945081cfe41051b545b16
Determination: GOOD
C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBHDMgr.dll
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
PX5: 8FA5D7BF28C2FFDEB556084B08E95800FB9CE9BD
MD5: caf772eed3b61cb87609679acdaaa22d
Determination: GOOD
C:\WINDOWS\system32\xpsp2res.dll
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 326B43AA0048E41738402CE13B3040009D725DD2
MD5: b73cf0297b596a4e4fed2014f8799e0a
Determination: GOOD
C:\WINDOWS\system32\CLBCatQ.DLL
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: D01942D200DDB724CCCF079C2FEBBB000AF48DF2
MD5: 3ff89b57af2ced2dd4e6049da16a5157
Determination: GOOD
C:\WINDOWS\system32\COMRes.dll
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 9381509500ACCFC52A570C5ED8BC6D00C089FEF3
MD5: 4e7911db570813c1aaf64a9f0d92a94b
Determination: GOOD
C:\WINDOWS\SysWOW64\mstask.dll
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF} Tasks Folder Icon Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF} Tasks Folder Shell Extension
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D6277990-4C6A-11CF-8D87-00AA0060F5BF} Scheduled Tasks
PX5: 24AC0166006E591A96D504B20E5A370065F32BC8
MD5: 170503cb1422cf998c1e940964ea6330
Determination: GOOD
C:\WINDOWS\SysWOW64\NTDSAPI.dll
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
PX5: 67A30D3600337194184801F9E150190058E6EDF7
MD5: a831d21416f830db8541b55dbd3d628b
Determination: GOOD
C:\WINDOWS\SysWOW64\DNSAPI.dll
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
PX5: D0ABF586009ADD4172220252B63C3400352CCC2C
MD5: 79806bd93c5a1b8ebf22c9464b34c02f
Determination: GOOD
C:\WINDOWS\SysWOW64\WS2_32.dll
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
Loaded into: C:\WINDOWS\SysWOW64\routing.exe
PX5: F95BDF0E00BE9D9146CE014336E3C6006581AF46
MD5: 5c34f97d87b2a8c9cb4422e67f2dab61
Determination: GOOD
C:\WINDOWS\SysWOW64\WS2HELP.dll
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
Loaded into: C:\WINDOWS\SysWOW64\routing.exe
PX5: 93A6046500F8CBBB4EDB004CF2CD7F007B7F47EE
MD5: db98252452c69c675ed53cd25f590f4b
Determination: GOOD
C:\WINDOWS\syswow64\comdlg32.dll
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: B60186EF00C3D0872C6104EDBAC74C00E7136DBA
MD5: 0dd9dee0121096ca239285d49c71207d
Determination: GOOD
C:\WINDOWS\syswow64\MPR.dll
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\WINDOWS\SysWOW64\routing.exe
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
PX5: 72866CA4001EE797E29B003C11300B00F3ACC077
MD5: 835fdd56050347a0ea39ca3627d51afc
Determination: GOOD
C:\WINDOWS\SysWOW64\USERENV.dll
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
PX5: FBD9BF71007D6AD6EA740BEA83E5EF00B17A1E3F
MD5: 13c5f34c2dbecea629afd37169c32e90
Determination: GOOD
C:\WINDOWS\system32\ws03res.dll
Loaded into: C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
PX5: 324F415400B49B7A662D0C25F47A51001903744C
MD5: 133fb1bf6ed7f29e4182708f597dcaa3
Determination: GOOD
C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NOD32krn\ImagePath "C:\Program Files (x86)\Eset\nod32krn.exe"
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NOD32krn\ImagePath C:\Program Files (x86)\Eset\nod32krn.exe
PX5: C2FF154500E16C98C00A079972737500A58DFA29
MD5: 274e10527a505addebb79054757bf8bf
Determination: GOOD
C:\Program Files (x86)\Eset\ps_amon64.dll
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
PX5: BC65783300A7D9A2E00302C1C9A63300C4D3DA7A
MD5: c9428d7b237947b357e41471bc262854
Determination: GOOD
C:\Program Files (x86)\Eset\ps_dmon.dll
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
PX5: 08CA5B5000AE7B6A400902251627CD0067951FAF
MD5: e724fbdb06638a785be52dc6f548f7c7
Determination: GOOD
C:\Program Files (x86)\Eset\ps_emon.dll
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
PX5: 6C4CD8E900631564D058027B4D22AC002FA59471
MD5: af88e004beee6c719f5a688ff939498b
Determination: GOOD
C:\Program Files (x86)\Eset\ps_nod32.dll
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
PX5: 7BB5166D00ACB3E2807102CD08874300F5181250
MD5: c7e8e1308993d8b85971d3565a574d04
Determination: GOOD
C:\Program Files (x86)\Eset\ps_upd.dll
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
PX5: 470D6A42006FC555C0870448E281B80080E032A1
MD5: 0a2306dd782c01cf11d3d30dbf19a155
Determination: GOOD
C:\WINDOWS\system32\apphelp.dll
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: E9038DA9003E0807466502D1F382620059EB32A4
MD5: 090e3b6c7e32edb0390cdeef24ccbf56
Determination: GOOD
C:\WINDOWS\system32\msctfime.ime
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\WINDOWS\SysWOW64\ctfmon.exe
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 22849C8200BCF707B47B02F5C3E258004CA5231C
MD5: cf9fd4d848945951a2468bd85ebfbe23
Determination: GOOD
C:\WINDOWS\SysWOW64\wbem\wbemprox.dll
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
PX5: FCAF029000774D7D52D40067F49E080091196EA7
MD5: 3b3e5d9ec505acbd2553367ebee7fa16
Determination: GOOD
C:\WINDOWS\SysWOW64\wbem\wbemcomn.dll
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
PX5: B15F084B00223D6572D103748B2C310022642198
MD5: 59cc44ab97c3992e228faef4e2ce06a7
Determination: GOOD
C:\WINDOWS\SysWOW64\wbem\wbemsvc.dll
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
PX5: C93031D20043C473AADC00CBC6D3F8001B453BBA
MD5: aed3c8448a6c4f12981dcccc1f818285
Determination: GOOD
C:\WINDOWS\SysWOW64\wbem\fastprox.dll
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
PX5: 1E528D5700214A085EAD07381DA53500EC8AA6B1
MD5: 352a2af0b7e9b3ae0fa72362ae902544
Determination: GOOD
C:\WINDOWS\system32\msvcp60.dll
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
PX5: 83CA0203004CA43C2CE00674528A2600FB49A19D
MD5: de7b4cfdc2028f09225b653d0d4e6513
Determination: GOOD
C:\WINDOWS\system32\NTDSAPI.dll
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
PX5: 67A30D3600337194184801F9E150190058E6EDF7
MD5: a831d21416f830db8541b55dbd3d628b
Determination: GOOD
C:\WINDOWS\system32\rasadhlp.dll
Loaded into: C:\Program Files (x86)\Eset\nod32krn.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: E85CAEDB00D765C71E7F000532B905005079BBD8
MD5: 3043ea582498db11fba475b511917902
Determination: GOOD
C:\WINDOWS\system32\perfs.exe
Loaded into: C:\WINDOWS\system32\perfs.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\perfmons\ImagePath C:\WINDOWS\system32\perfs.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\perfmons\ImagePath C:\WINDOWS\system32\perfs.exe
PX5: EDB1E15D00D166ECDA4902E09CE4AD00B41729DB
MD5: a7e97a28d2bb0681b06e675e3933fc2d
Determination: BAD
Malware Group: Generic.Rootkit
C:\WINDOWS\SysWOW64\perfs.exe
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
PX5: EDB1E15D00D166ECDA4902E09CE4AD00B41729DB
MD5: a7e97a28d2bb0681b06e675e3933fc2d
Determination: BAD
Malware Group: Generic.Rootkit
C:\WINDOWS\syswow64\urlmon.dll
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
Loaded into: C:\WINDOWS\SysWOW64\routing.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 70979E2A00FEE641B271118FE1617400AE96388B
MD5: 6c1538242a4e6f33643932c2e3632330
Determination: GOOD
C:\WINDOWS\syswow64\iertutil.dll
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
Loaded into: C:\WINDOWS\SysWOW64\routing.exe
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 21B3F06C008EE34616E504E31A792F00106F011D
MD5: 373613270c7e61c6ceee30aef8164ea7
Determination: GOOD
C:\WINDOWS\SysWOW64\wsock32.dll
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
Loaded into: C:\WINDOWS\SysWOW64\routing.exe
PX5: 0A7F639F00CFA9AB58BC00B2D0149600DABB481B
MD5: b4c9644244a88b82a5466e5d11851b20
Determination: GOOD
C:\WINDOWS\SysWOW64\imon.dll
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
PX5: 078755D200479FF220280405F415660082F557C1
MD5: 53f61d4fe326bc4c2d624bd21a364572
Determination: GOOD
C:\WINDOWS\SysWOW64\NTMARTA.DLL
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
PX5: 3B0ABB6600DCF3C8DC8F01ABF8D4D90084E5F667
MD5: dd496ec3de4c1c741391cd5367e84ac3
Determination: GOOD
C:\WINDOWS\SysWOW64\SAMLIB.dll
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
PX5: 2251552D00F9FD78B807005DF4E7DD00DEC6F6C4
MD5: c67f484c82858d9dfe6d9ef471706289
Determination: GOOD
C:\WINDOWS\SysWOW64\hnetcfg.dll
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
PX5: B68D7C9E0095E7756CF2059368AB690082F52585
MD5: ca233ecfadd51241acace76003a88649
Determination: GOOD
C:\WINDOWS\SysWOW64\rasadhlp.dll
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
PX5: E85CAEDB00D765C71E7F000532B905005079BBD8
MD5: 3043ea582498db11fba475b511917902
Determination: GOOD
C:\WINDOWS\SysWOW64\uxtheme.dll
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
Loaded into: C:\WINDOWS\SysWOW64\ctfmon.exe
PX5: CBF7FA0D009FFB194825037745189D008940A2DF
MD5: 8d8b949c77d28702cc2aa1fcc26a942b
Determination: GOOD
C:\WINDOWS\syswow64\WININET.dll
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 0EEEA32F00E8B8B196760C57E129A0009AC7AAA8
MD5: 63a49b6d5037a1953fe3f1a9fdd0472a
Determination: GOOD
C:\WINDOWS\syswow64\Normaliz.dll
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: E3FC1A7000BA1C775C420052AC60C600F74EBAFC
MD5: 10753a3adc3e39a3b10cc3f08e98e6b4
Determination: GOOD
C:\WINDOWS\SysWOW64\RASAPI32.dll
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
PX5: B995FF4200D033D7C2E90365811F6E00934FE927
MD5: 296d342fc053114958ec0147a210e4a0
Determination: GOOD
C:\WINDOWS\SysWOW64\rasman.dll
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
PX5: FDCBBD9200E696D3F6CE00C1DF38AC0075DFCC07
MD5: a37808260417c047fc6c64f7939550c3
Determination: GOOD
C:\WINDOWS\SysWOW64\TAPI32.dll
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
PX5: 26346A6B0018F518CE98020EA8E5EA004D73B00E
MD5: d2fd21334cecd8d98566643fbd9e8dda
Determination: GOOD
C:\WINDOWS\SysWOW64\rtutils.dll
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
PX5: 6E7D4DA4001315528AC900A2725DF200341041FF
MD5: 8fd89ea6714afa9d03a71d9ce0265350
Determination: GOOD
C:\WINDOWS\SysWOW64\WINMM.dll
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
PX5: 2ABF8B3500BB732DA8DD02AB4944F500367E43FE
MD5: 0efad57ea08c1b4407484f760ef842ec
Determination: GOOD
C:\WINDOWS\syswow64\CRYPT32.dll
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 4EEFEBC60072C2E7162309C28F95E900C372FA1B
MD5: 067579392241e24810284e9a44601baf
Determination: GOOD
C:\WINDOWS\syswow64\MSASN1.dll
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 15343D3200666CEBE02600776B0A65000582683D
MD5: 9f74dae6a5f024d4c54144f7dfa906c8
Determination: GOOD
C:\WINDOWS\SysWOW64\sensapi.dll
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
PX5: D1CBEF5800246ADD1AB0009B5E4035005EB5A0E8
MD5: cfae18c5c50b53aa63f0434d27efe0ec
Determination: GOOD
C:\WINDOWS\SysWOW64\msapsspc.dll
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
PX5: 189A380D00763693392101E55D54220052863CF8
MD5: 220703a02446760973c0c96cc250edca
Determination: GOOD
C:\WINDOWS\SysWOW64\MSVCRT40.dll
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
PX5: 6077BC6B00B06ED9F0C7001C46423000D436D239
MD5: 3ee7a96cc9d56c54e85e772b3e40c562
Determination: GOOD
C:\WINDOWS\SysWOW64\msnsspc.dll
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
PX5: DED3D7CC10E42C0EE10F043F4861F900745BD897
MD5: e55dbe91ec018297b4998965cbdf1f6b
Determination: GOOD
C:\WINDOWS\SysWOW64\msv1_0.DLL
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
PX5: 26523A0900AE4E77309B02C2AD6D2800A933CC28
MD5: 03eae83c49d581619f821d19f714acf8
Determination: GOOD
C:\WINDOWS\SysWOW64\iphlpapi.dll
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
PX5: 57D02F1E00EAF6E9746401A873F34300D9A4BCDF
MD5: 697982224feec30a85844b0048ae80a8
Determination: GOOD
C:\WINDOWS\SysWOW64\PSAPI.DLL
Loaded into: C:\WINDOWS\SysWOW64\perfs.exe
PX5: 47F0717F0090E0615031002462F52A00C784E194
MD5: cdc5d1e1631183ed34a273a713446325
Determination: GOOD
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
Loaded into: C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RichVideo\ImagePath "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RichVideo\ImagePath C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
PX5: 7879B9EC30792AF9A69A02CAF3799F003D8E4A79
MD5: 1d4061cc5bc8e823d05e1e6e6c1224e3
Determination: GOOD
C:\WINDOWS\system32\routing.exe
Loaded into: C:\WINDOWS\system32\routing.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Routing\ImagePath C:\WINDOWS\system32\routing.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Routing\ImagePath C:\WINDOWS\system32\routing.exe
Loaded from: FILE
PX5: 245C4AA1002F7D4280B800AFE800D3004A88E7C4
MD5: 7c86a455da6baeeed8e5fcec8e7913a8
Determination: BAD
Malware Group: Rootkit.Gen
C:\WINDOWS\SysWOW64\routing.exe
Loaded into: C:\WINDOWS\SysWOW64\routing.exe
PX5: 245C4AA1002F7D4280B800AFE800D3004A88E7C4
MD5: 7c86a455da6baeeed8e5fcec8e7913a8
Determination: BAD
Malware Group: Rootkit.Gen
C:\WINDOWS\SysWOW64\rtl60.bpl
Loaded into: C:\WINDOWS\SysWOW64\routing.exe
PX5: 45ECF43800F5768052AD0A006B640C00E9818A71
MD5: f3483104c7dc5c1a25801268aabbdedd
Determination: GOOD
C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
PX5: 852B4973006283BA504002BBFCB1B2009C3885F7
MD5: 34c3a7316f4125a7bc6fca1879651c30
Determination: GOOD
C:\WINDOWS\system32\WINSPOOL.DRV
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: DBF0CF6100A2D99C4C13024FE6330F005CE473C3
MD5: 9cf0558b41cab02e7d6f81bc59cd21a7
Determination: GOOD
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.3959_x-ww_78FCF8D0\COMCTL32.dll
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\a-squared Free\a2service.exe
PX5: 5A8D43C500E8F4A9248D0915CE080D00E736A497
MD5: 374a258f1ace884221f6d29e9407a617
Determination: GOOD
C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\ISDI.dll
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
PX5: DBB74DE8002E9C09F02F0372ADBDDF00CC91C46D
MD5: b4521c5cd14e2afce2cd073a5a63aa33
Determination: GOOD
C:\WINDOWS\system32\OLEACC.dll
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
PX5: 4FBF4A49003BDECCC0490224AEC4070099ED1432
MD5: 8c0e012d4f221fe1aa46574af650d2ca
Determination: GOOD
C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\IAAMon_ENU.dll
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
PX5: 1A5F17BB0031DF4EF0C8004AAA3012009CB461CB
MD5: 59ad53d78b5f4e7d7e6234a0a6bd3279
Determination: GOOD
C:\WINDOWS\SysWOW64\MSCTF.dll
Loaded into: C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\WINDOWS\SysWOW64\ctfmon.exe
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: D4ED2F5C008C35A5D478040603F46800D60E553B
MD5: 449cee6ed95b047c5e115e3594fe0c61
Determination: GOOD
C:\WINDOWS\RTHDCPL.exe
Loaded into: C:\WINDOWS\RTHDCPL.exe
Loaded into: C:\WINDOWS\RTHDCPL.EXE
PX5: BAD2C3CF0090D27456D8F63468FA4000AF366DC7
Determination: GOOD
C:\WINDOWS\system32\HHCTRL.OCX
Loaded into: C:\WINDOWS\RTHDCPL.EXE
PX5: 9602815100DEDB5E56BB08F2297DEE0086933D78
MD5: 3e6cfdb025fdd061a63de4fa809f4dbe
Determination: GOOD
C:\WINDOWS\system32\DSOUND.DLL
Loaded into: C:\WINDOWS\RTHDCPL.EXE
PX5: A9E9AA6100EBA237829F05E0EF74CD00A6C0DCAE
MD5: 749b7691d0b53f40460161c93cfe39cd
Determination: GOOD
C:\WINDOWS\syswow64\WINTRUST.dll
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 1F2CF8A100A77AD28834027F028A760089388B72
MD5: bb2951fb7ea6cdec3638ccef26b7b510
Determination: GOOD
C:\WINDOWS\syswow64\imagehlp.dll
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 768A5BFA00C3B157424802C8E59F4300573833C5
MD5: fe0b9cefd16ebfa4dda5855bce6b3889
Determination: GOOD
C:\WINDOWS\system32\wdmaud.drv
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 760A2006008274845CE40099D701DF00CAE73C4A
MD5: b6efe177b162127f3404cf56c27e9338
Determination: GOOD
C:\WINDOWS\system32\msacm32.drv
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP\wavemapper msacm32.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\wavemapper msacm32.drv
PX5: D3B5EA8E0024E143588300FF62CDC9000CB485A4
MD5: 0c05b038be32dffefdbefbab0ae3048f
Determination: GOOD
C:\WINDOWS\system32\MSACM32.dll
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: C60BC14D00297B3E166601BB048E8900DDC9C70F
MD5: b85db25323eb9b99fe1f4fe6a5263fe6
Determination: GOOD
C:\WINDOWS\system32\midimap.dll
Loaded into: C:\WINDOWS\RTHDCPL.EXE
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP\midimapper midimap.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\midimapper midimap.dll
PX5: 7942A8400010807A4A4F00D8F37712001B75095B
MD5: abd53b03bca169734823dfd2b08a506c
Determination: GOOD
C:\WINDOWS\system32\KsUser.dll
Loaded into: C:\WINDOWS\RTHDCPL.EXE
PX5: 621E987B008BD6E610460064D6732800B79BCD14
MD5: d855ee3571fb396bac14c8ec2c52131c
Determination: GOOD
C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded from: \REGISTRY\User\S-1-5-21-749556108-4191305144-3801562001-500\Software\Microsoft\Windows\CurrentVersion\Run\MSMSGS "C:\Program Files\Messenger\msmsgs.exe" /background
Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}\Exec C:\Program Files\Messenger\msmsgs.exe
PX5: CDC252F10083C58FAA1E196109FAD500E849DC13
MD5: 4c2f0cbcb62f7c601c350e9b3228eb22
Determination: GOOD
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.3790.3959_x-ww_8251BDDE\gdiplus.dll
Loaded into: C:\Program Files\Messenger\msmsgs.exe
PX5: 6E3E473A009A799460351AD53A34470053DD32EF
MD5: 309e6124ab8a6981a0a8b04e288c911c
Determination: GOOD
C:\WINDOWS\system32\MSIMG32.dll
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: FF4BD268009692EC12B3007EB50CF70029B4CE51
MD5: 48e734a088cba995dced4557e2dd3111
Determination: GOOD
C:\WINDOWS\system32\cryptdll.dll
Loaded into: C:\Program Files\Messenger\msmsgs.exe
PX5: CD97C971003316D3829300D58D5B7C0018BBAD95
MD5: 1bc7938a46b1133678401edbc35c7548
Determination: GOOD
C:\WINDOWS\system32\XPOB2RES.DLL
Loaded into: C:\Program Files\Messenger\msmsgs.exe
PX5: E8E2DF9100236A1AB2320676F4D066009DE71707
MD5: 6d59f4dabc2eaee5814f7f28d052539d
Determination: GOOD
C:\WINDOWS\system32\SXS.DLL
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PX5: 4A62853F005A50F4A2080B31E5D61000086299A5
MD5: a123192c4f65b9b1846f502255244916
Determination: GOOD
C:\WINDOWS\SysWOW64\es.dll
Loaded into: C:\Program Files\Messenger\msmsgs.exe
PX5: A17F157900341C19A4FC0323E5D83B008B35DCBC
MD5: 60c1e7bc33900a5e2fb8081b2516f2ff
Determination: GOOD
C:\WINDOWS\system32\wtsapi32.dll
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PX5: 4AD3AD6C001BD0E84C6000815BA317001736AF3A
MD5: d93593b1df820339f0fbd291d533169d
Determination: GOOD
C:\WINDOWS\system32\WINSTA.dll
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PX5: 8F07C60C006FD78CDCA8008080C4D80065B0D2B9
MD5: c26f09825053405920fe2852e47be3ec
Determination: GOOD
C:\WINDOWS\system32\credui.dll
Loaded into: C:\Program Files\Messenger\msmsgs.exe
PX5: 9CEFBA6D00D8CAB288F402E574B54300A920BC56
MD5: 84be46947a039241dcbf3363e0bf6ee5
Determination: GOOD
C:\WINDOWS\system32\msi.dll
Loaded into: C:\Program Files\Messenger\msmsgs.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PX5: 5E14CBDC00BC82798E792BDEAC774B00B2F4E571
MD5: dd1bfd0bd09de03ddfb6b6323744976e
Determination: GOOD
C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded from: \REGISTRY\User\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\ctfmon.exe C:\WINDOWS\system32\CTFMON.EXE
Loaded from: \REGISTRY\User\S-1-5-21-749556108-4191305144-3801562001-500\Software\Microsoft\Windows\CurrentVersion\Run\ctfmon.exe C:\WINDOWS\system32\ctfmon.exe
Loaded from: \REGISTRY\User\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\ctfmon.exe C:\WINDOWS\system32\CTFMON.EXE
PX5: 4A7D396D0040D3DF3C8100EEFA65C0003CBE09BA
MD5: 07c627121e84c7ebf7e38e3a1dbcdec3
Determination: GOOD
C:\WINDOWS\SysWOW64\ctfmon.exe
Loaded into: C:\WINDOWS\SysWOW64\ctfmon.exe
PX5: 4A7D396D0040D3DF3C8100EEFA65C0003CBE09BA
MD5: 07c627121e84c7ebf7e38e3a1dbcdec3
Determination: GOOD
C:\WINDOWS\SysWOW64\MSUTB.dll
Loaded into: C:\WINDOWS\SysWOW64\ctfmon.exe
PX5: FDD59BEB0088E96DFAEF02812DC62F00B51CEDD9
MD5: e5b9005532437ba6ab73de1642d3ca4d
Determination: GOOD
C:\WINDOWS\SysWOW64\apphelp.dll
Loaded into: C:\WINDOWS\SysWOW64\ctfmon.exe
PX5: E9038DA9003E0807466502D1F382620059EB32A4
MD5: 090e3b6c7e32edb0390cdeef24ccbf56
Determination: GOOD
C:\WINDOWS\system32\ole32.dll
Loaded into: C:\WINDOWS\SysWOW64\ctfmon.exe
PX5: 7532D0400015A78B560A1307D2086C0025617973
MD5: 61ed4063cbd966dc98783e6b3832bd1a
Determination: GOOD
C:\Program Files (x86)\Eset\nod32kui.exe
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\nod32kui "C:\Program Files (x86)\Eset\nod32kui.exe" /WAITSERVICE
PX5: 6D89CE4E00615A0900900EC7D44FD8008837ABF0
MD5: 79bc2731c22df0a02f8cb9a79dd208e1
Determination: GOOD
C:\WINDOWS\system32\MFC42u.DLL
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
PX5: 65AC225500165028C2981196B1169F004F65B420
MD5: d1b6013ca63526ada185fedb64e4896f
Determination: GOOD
C:\WINDOWS\system32\ODBC32.dll
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
PX5: E0D93FB900CE0E05C0FF03DC1E4690009D9E5F83
MD5: 621ff058a4bddd70fc62ed95cf9811c1
Determination: GOOD
C:\WINDOWS\system32\odbcint.dll
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
PX5: 3D07955900084B0A701801074E483A00354C9947
MD5: 670d2801e91f0546be9cf88779b313f4
Determination: GOOD
C:\Program Files (x86)\Eset\pu_amon.dll
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
PX5: 26283AFE00DA3BC5008C02E42256E900AC98D00C
MD5: 48c7e1ca922492d3c155e54af4970835
Determination: GOOD
C:\Program Files (x86)\Eset\pu_dmon.dll
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
PX5: 2BA7028300076A1E90820279730A6D00D28A7848
MD5: 2e5f6e345dbf3b1f2f30f835b7cb1713
Determination: GOOD
C:\Program Files (x86)\Eset\pu_emon.dll
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
PX5: A9317B11003ADC4330D102223F4E9900E04018FD
MD5: 5fc08b00d7c45a2b670bb99a526aa9f1
Determination: GOOD
C:\Program Files (x86)\Eset\pu_imon.dll
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
PX5: 13BB79130017C888D08D02494A62E500C194907E
MD5: dcca30b0ebcaf1e8e8914f2d4aa7ac11
Determination: GOOD
C:\Program Files (x86)\Eset\pu_nod32.dll
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
PX5: 40F40D60002C71C1602D01971163D800F1BF8174
MD5: bdb42b43e8599645a4b593431b8d00e5
Determination: GOOD
C:\Program Files (x86)\Eset\pu_upd.dll
Loaded into: C:\Program Files (x86)\Eset\nod32kui.exe
PX5: 0957500C00D28256C0ED021B56E52E00013336F0
MD5: 3909fac6092f9c06c1d83f542320e4da
Determination: GOOD
C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\Ai Quicker Help "C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe"
PX5: DE754A30000B83EF56F43059491970005ED8C747
Determination: GOOD
C:\WINDOWS\system32\olepro32.dll
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
PX5: 89CCEFC4004B782B4AFA015EAE7149008ECAC2F4
MD5: 10d1a5221d062dc9d87a5d3200669937
Determination: GOOD
C:\WINDOWS\system32\ieframe.dll
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{30D02401-6A81-11d0-8274-00C04FD5AE38} IE Search Band
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} Shell DocObject Viewer
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FBF23B40-E3F0-101B-8488-00AA003E56F8} InternetShortcut
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3C374A40-BAE4-11CF-BF7D-00AA006946EE} Microsoft Url History Service
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FF393560-C2A7-11CF-BFF4-444553540000} History
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7BD29E00-76C1-11CF-9DD0-00A0C9034933} Temporary Internet Files
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7BD29E01-76C1-11CF-9DD0-00A0C9034933} Temporary Internet Files
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CFBFAE00-17A6-11D0-99CB-00C04FD64497} Microsoft Url Search Hook
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3DC7A020-0ACD-11CF-A9BB-00AA004AE837} The Internet
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{07C45BB1-4A8C-4642-A1F5-237E7215FF66} IE Microsoft BrowserBand
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1C1EDB47-CE22-4bbb-B608-77B48F83C823} IE Fade Task
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{205D7A97-F16D-4691-86EF-F3075DCCA57D} IE Menu Desk Bar
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3028902F-6374-48b2-8DC6-9725E775B926} IE AutoComplete
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{43886CD5-6529-41c4-A707-7B3C92C05E68} IE Navigation Bar
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{44C76ECD-F7FA-411c-9929-1B77BA77F524} IE Menu Site
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4B78D326-D922-44f9-AF2A-07805C2A3560} IE Menu Band
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6038EF75-ABFC-4e59-AB6F-12D397F6568D} IE Microsoft History AutoComplete List
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} IE Tracking Shell Menu
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6CF48EF8-44CD-45d2-8832-A16EA016311B} IE IShellFolderBand
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{73CFD649-CD48-4fd8-A272-2070EA56526B} IE BandProxy
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} IE MRU AutoComplete List
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} IE RSS Feeder Folder
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9D958C62-3954-4b44-8FAB-C4670C1DB4C2} IE Microsoft Shell Folder AutoComplete List
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B31C5FAE-961F-415b-BAF0-E697A5178B94} IE Microsoft Multiple AutoComplete List Container
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BC476F4C-D9D7-4100-8D4E-E043F6DEC409} Microsoft Browser Architecture
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} IE Shell Rebar BandSite
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E6EE9AAC-F76B-4947-8260-A9F136138E11} IE Shell Band Site Menu
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F2CF5485-4E02-4f68-819C-B92DE9277049} &Links
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} IE Registry Tree Options Utility
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} IE User Assist
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FDE7673D-2E19-4145-8376-BBD58C4BC7BA} IE Custom MRU AutoCompleted List
Loaded from: \REGISTRY\User\S-1-5-21-749556108-4191305144-3801562001-500\Software\Microsoft\Internet Explorer\UrlSearchHooks\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}
PX5: ED11511100A6B0428EC95C8F624DB90051A3880F
Determination: GOOD
C:\Program Files\ASUS\ASUS DH Remote\AiNap.dll
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
PX5: 05A6A84B00373EA6702000B18A02C10043DD797A
MD5: 26dec9adb02b38910dd86d2d23c0a8d2
Determination: GOOD
C:\WINDOWS\system32\POWRPROF.dll
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
PX5: 4E468D3100FB43B342060044F9E10400137B620E
MD5: 822e29f011433a145147254a91a9f3b3
Determination: GOOD
C:\WINDOWS\system32\MFC42.DLL
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
PX5: 8324069200419E35B695112D867A50003DCAD307
MD5: 20599f5228c3c6de47f315d1e25f5269
Determination: GOOD
C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
Loaded into: C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\RemoteControl "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"
PX5: 8F86F3963043C135165401560AE330008FDC51C4
MD5: 459ba26605d6721ddef0922a59c2fa29
Determination: GOOD
C:\Program Files (x86)\Cyberlink\PowerDVD\CLRCEngine3.dll
Loaded into: C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
PX5: 3BFAFDFE30B570C226120118D45A4D00F02504A9
MD5: dc9ccfa9616f88192900ceddaec65b74
Determination: GOOD
C:\Program Files (x86)\Cyberlink\PowerDVD\MSVCR71.dll
Loaded into: C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
PX5: 3FEE1145302F2EB8664E05ED76DA9100006D5253
MD5: 13d9d86f82e6f2b20ea9262a3bef5dd0
Determination: GOOD
C:\Program Files (x86)\Cyberlink\PowerDVD\FileSystemMgr.dll
Loaded into: C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
PX5: 6E2B259E30F972CD462E01256A49EE003827660D
MD5: fa42c17de6ddc3a91d3ca5ac681cab75
Determination: GOOD
C:\Program Files (x86)\CyberLink\PowerDVD\MSVCP71.dll
Loaded into: C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
PX5: F133D4F030B92F08B6E107FD67B66E007DE40D84
MD5: 72b8aad823f4cee4bfe39d1554df51e8
Determination: GOOD
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\Acrobat Assistant 8.0 "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
PX5: 31394AB3780B73F0861D093185A2890089574AA5
MD5: 4d042b1f1375cf371afbe0e0276ba627
Determination: GOOD
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\FNP_Act_Installer.dll
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
PX5: 3622C3DB0027182442140E1F04F53D0016F5A06B
MD5: 6f2e09108202e5eb008c69488fafd27c
Determination: GOOD
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\asneu.dll
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
PX5: EA7E835D00E41096F06501921A6C3600293FC6DB
MD5: 4b88bd98983a2cd9be90f368b4f59f0a
Determination: GOOD
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\adobe_personalization.dll
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
PX5: A8B8BBB0004C49F7488605C045AD3400284F93F2
MD5: 3fb0f47b4c0c048ee97b0e2b4ff9c67d
Determination: GOOD
C:\WINDOWS\system32\oledlg.dll
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
PX5: DF0DEA01006F53F1E67501319F77360064022CAD
MD5: a34657245f923ceb90edf3270483185c
Determination: GOOD
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\adobe_epic.dll
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
PX5: 2032D5200001C4C0401803B70E434500E8CCCEEE
MD5: de519c164f3300d83f4efb4a23dad2ac
Determination: GOOD
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\adobe_pcd.dll
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
PX5: C62082F90094DF97300F03709E385B0016DC20C6
MD5: 4970cda5fc955a8a0b6eaee92bbd22ab
Determination: GOOD
C:\WINDOWS\system32\rsaenh.dll
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
Loaded into: C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: F540432D5884FB41415403D8BA2D4900CFB5F848
MD5: c0a3b93f68cc359d783c35c674958b92
Determination: GOOD
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroTray.DEU
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
PX5: 3BF2482800576AD64E2000FB3CD46A00DF091AEE
MD5: 2ca81bee71573e5534ba8be515bad404
Determination: GOOD
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroTray.FRA
Loaded into: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
PX5: 88413E9700F68ECF4E2400DC2D007400C8A920B7
MD5: fd0ad7ecc485d10f66824a92f16d46c0
Determination: GOOD
C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\SunJavaUpdateSched "C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe"
PX5: 658E1F1B905B4E3D05360276C335CD0058FB5A32
MD5: d4f0f7437327dbaa264338baafb5e5af
Determination: GOOD
C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
PX5: 26DE4D2D006E8CAB30D0034CC6AB760005DEB720
MD5: a189659828fa2e20357a8a38e69512ce
Determination: GOOD
C:\WINDOWS\system32\HID.DLL
Loaded into: C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
PX5: CEED059B00672ADA4AA2002E89FA0D002C9524D1
MD5: f13ae44717386d8018b95357e9700d05
Determination: GOOD
C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\PCSuiteTrayApplication C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
PX5: A724AB8600CE3D6A24C304F9E2D18500035275E6
MD5: bc41ef142d76f423cf1cf261201d5623
Determination: GOOD
C:\Program Files (x86)\Nokia\Nokia PC Suite 6\PCSCM.dll
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
PX5: ABA7BB7200052B8D10530A68ACAB8E00BC29112A
MD5: 0e51263ea765f9ab45aa8f04cadb22b9
Determination: GOOD
C:\WINDOWS\system32\MSVCP71.dll
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded from: FILE
PX5: F133D4F000B92F08A0E107FD67B66E0015498C05
MD5: 561fa2abb31dfa8fab762145f81667c2
Determination: GOOD
C:\WINDOWS\system32\MSVCR71.dll
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded from: FILE
PX5: 3FEE1145002F2EB8504E05ED76DA9100776D97E7
MD5: 86f1895ae8c5e8b17d99ece768a70732
Determination: GOOD
C:\Program Files (x86)\Nokia\Nokia PC Suite 6\PCSSupportSetup.DLL
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
PX5: 36F5D9E600C5DECB30CD01B5F40ED600AC68B6B1
MD5: f7c6d906ce4cf1ebe64dce92da54a7a9
Determination: GOOD
C:\Program Files (x86)\PC Connectivity Solution\ConnAPI.DLL
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
PX5: 560F486B00DD41068C04068B2CAD22004D0DD7CD
MD5: 6edb0b1e5ce652cb7261cd1b96cb25fd
Determination: GOOD
C:\WINDOWS\system32\MFC71U.DLL
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded from: FILE
PX5: 037598C700D68B82FC2F0F8DECC9D10082E94C28
MD5: 7b93c623333f121dc9e689ccb1b7a733
Determination: GOOD
C:\WINDOWS\system32\MFC71ENU.DLL
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded from: FILE
PX5: 54BFB26A00BC1407E09D0097B52AC40032F2553C
MD5: baf751e7061ff626aa60f56d1d5d1fdc
Determination: GOOD
C:\Program Files (x86)\PC Connectivity Solution\ConfServer.dll
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
PX5: F6C3BE5C002F4147E0B0029F47E44600F7206007
MD5: 20cc8683720c80e4412aaa0f16dd0082
Determination: GOOD
C:\WINDOWS\SysWOW64\msxml3.dll
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 62E3612C00C13164144F1184CEE2CF00919FF477
MD5: 695b52abcd718b4c8fddcd7395f1650b
Determination: GOOD
C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
PX5: 3B770A383890C92EAD5900C98DFB020005D680A9
MD5: 1264f787e46dc572fa274ca09b446e01
Determination: GOOD
C:\Program Files (x86)\Nokia\Nokia PC Suite 6\Lang\LaunchApplication_ita.NLR
Loaded into: C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
PX5: 5A41645900CA5E8838600055100F12009EAA78D7
MD5: b8590c8614b9a852bed463cf3416d6ff
Determination: GOOD
C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ServiceLayer\ImagePath "C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ServiceLayer\ImagePath C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PX5: B5994D6E0065BB8796F304CE0A911000AFA4AE5D
MD5: 019ab047b932ad277a4da2673e5cc19c
Determination: GOOD
C:\Program Files (x86)\PC Connectivity Solution\NclTools.dll
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PX5: B6BF5BC700197A271020021DAEA94A0098A0DDE3
MD5: a8ac6ebc90eef4d3af15d9b98f23a8ef
Determination: GOOD
C:\WINDOWS\system32\USERENV.dll
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: FBD9BF71007D6AD6EA740BEA83E5EF00B17A1E3F
MD5: 13c5f34c2dbecea629afd37169c32e90
Determination: GOOD
C:\Program Files (x86)\PC Connectivity Solution\Transports\NCLIrDAMM.dll
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PX5: BCD8AE5100C6352CF2C4011E65C70900C07C5A0C
MD5: 01ee6fdc94168d5f06efc758470c3f7b
Determination: GOOD
C:\Program Files (x86)\PC Connectivity Solution\Transports\NCLRSMM.dll
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PX5: 72FD2AE7009BB897643C02F1394BED005ED0F536
MD5: 02b1b5469314ad2a14e1f9635b677f30
Determination: GOOD
C:\Program Files (x86)\PC Connectivity Solution\Transports\NCLUSBMM.dll
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PX5: A8E0DEF100A6178C8E87021A3FD2AE00D18C2639
MD5: c1ddf1c948242f935b283bc8ed1ddb45
Determination: GOOD
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTMM.dll
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PX5: 322BA30A008223768AE70258B4570B00BA7EE3B7
MD5: 56e1439feb2bedb986f9045c140f9ade
Determination: GOOD
C:\WINDOWS\system32\irprops.cpl
Loaded into: C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PX5: 9FC09E9D0073C221D242053A33DDFE00BFA56F6B
MD5: b6569c5c22d791e57a6ac4c37be12c84
Determination: GOOD
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
Loaded into: C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\FLEXnet Licensing Service\ImagePath "C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\FLEXnet Licensing Service\ImagePath C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PX5: 1DF0F05C001C564AFEAD09E72969BB0036C2AF88
MD5: 227846995afeefa70d328bf5334a86a5
Determination: GOOD
C:\Program Files (x86)\a-squared Free\a2service.exe
Loaded into: C:\Program Files (x86)\a-squared Free\a2service.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\a2free\ImagePath "C:\Program Files (x86)\a-squared Free\a2service.exe"
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\a2free\ImagePath C:\Program Files (x86)\a-squared Free\a2service.exe
PX5: 261F85B07012BE24983C05D5921854007AC7A1F6
MD5: ba5e0d7b806c94ec73456754f96263af
Determination: GOOD
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 74432CAC70EB96A0BC50745EE4728B00F8FAE799
Determination: GOOD
C:\Program Files (x86)\Mozilla Firefox\js3250.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: B105E9BD68A10EB3F6AA06E7AF7B45008426D782
MD5: f0446a6350a104e8610f2783433d41ed
Determination: GOOD
C:\Program Files (x86)\Mozilla Firefox\nspr4.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 5263A09E708D072176F602F4E50AA800734584AF
MD5: c0f92c1b333cc74cb1fca6b488ae696d
Determination: GOOD
C:\Program Files (x86)\Mozilla Firefox\xpcom_core.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 56A0AA4970779FF870220668872C2300011DB2B0
MD5: efd06b7f9cc2110dce925eb1e461ed22
Determination: GOOD
C:\Program Files (x86)\Mozilla Firefox\plc4.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 805ED1397829B78F86F6002DDDE82A006AA03B38
MD5: 9ecf553a8c2fd1be219c83e0547552c6
Determination: GOOD
C:\Program Files (x86)\Mozilla Firefox\plds4.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: D89FD48170A74E7D768A00A323AA3300F37DA722
MD5: c20abdcabd0acc690106db5fb6e645e3
Determination: GOOD
C:\Program Files (x86)\Mozilla Firefox\smime3.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 89F2D56768AD0AA4B61B014C7B6099008BEC17EF
MD5: 60c4ead6f501fd2e00fe35c0866ba3f2
Determination: GOOD
C:\Program Files (x86)\Mozilla Firefox\nss3.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: AA1EDE4568A6A7CAC6F105427FB01100336E7F07
MD5: f3be2a5387e6d3fa52bdb38d67c8e706
Determination: GOOD
C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 8542B9B86C54271FE0A2030F4DD1D900F862BBAB
MD5: 97290c004317f20f160b38cc9a95c7de
Determination: GOOD
C:\Program Files (x86)\Mozilla Firefox\ssl3.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: CD745CC168357AF9062E021B815ED000D6F224BD
MD5: 320d538153c55542ee8503e614f2e420
Determination: GOOD
C:\Program Files (x86)\Mozilla Firefox\xpcom_compat.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 5CA5D7C57880F7BB20DF01B3C467780096264167
MD5: ade544222ab3e1cf6b3d8691adce97d5
Determination: GOOD
C:\Program Files (x86)\Mozilla Firefox\components\myspell.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 17BCE6718838929888B7000AF9F43C002806CA27
MD5: 129a1488a99936e0bd1e4f38fdc4b561
Determination: GOOD
C:\Program Files (x86)\Mozilla Firefox\components\jar50.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 06BDA4A17082363308290105538FE40039D39FB3
MD5: 0445d627eeb9279509bc546bc5c906c2
Determination: GOOD
C:\WINDOWS\SysWOW64\msimtf.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 6D74298600AD20BE7C5402CA75650700A27FF61B
MD5: 96976a57ca09defd08d6f3aac4688b31
Determination: GOOD
C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 656849DF7D6F8DBF10880339B8136100F30602B9
MD5: f29c455e465e129f30dc21a1960b201f
Determination: GOOD
C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 48E2FA29701572B72617045B5051070012CD2532
MD5: 69e4eadfd29783481f939d4ad02b67e5
Determination: GOOD
C:\Program Files (x86)\Mozilla Firefox\components\spellchk.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 19A3215780980EB3B663002D24DAF100D83FF695
MD5: d9719ad74a6427df3e56ae93daa501b8
Determination: GOOD
C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: DA1D0368E8AEB5E2481D205164562800AFCE5AB8
MD5: 671bbe7b3ef31f5a989e8398465f365b
Determination: GOOD
C:\WINDOWS\SysWOW64\mlang.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 433D830500FE319B0008095B4EB95E000931B9B2
MD5: 0f7d55845789ca25066b1e6c1b36287e
Determination: GOOD
C:\WINDOWS\system32\msapsspc.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\SecurityProviders\SecurityProviders msapsspc.dll
PX5: 189A380D00763693392101E55D54220052863CF8
MD5: 220703a02446760973c0c96cc250edca
Determination: GOOD
C:\WINDOWS\system32\MSVCRT40.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 6077BC6B00B06ED9F0C7001C46423000D436D239
MD5: 3ee7a96cc9d56c54e85e772b3e40c562
Determination: GOOD
C:\WINDOWS\system32\msnsspc.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\SecurityProviders\SecurityProviders msapsspc.dll
PX5: DED3D7CC10E42C0EE10F043F4861F900745BD897
MD5: e55dbe91ec018297b4998965cbdf1f6b
Determination: GOOD
C:\WINDOWS\SysWOW64\schannel.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 76E5B2EF0037C50F3E4802B0166F440045BF1FCA
MD5: 80296dba3a86f9b7b5ed89ef3f1cda41
Determination: GOOD
C:\WINDOWS\SysWOW64\AcSignIcon.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{36A21736-36C2-4C11-8ACB-D4136F2B57BD} AutoCAD Digital Signatures Icon Overlay Handler
PX5: 68A31447780E1CE1141E0207E865FB0023A56F1D
MD5: a392d73e0282b2ee31c2b58ec063bca4
Determination: GOOD
C:\WINDOWS\SysWOW64\OLEACC.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 4FBF4A49003BDECCC0490224AEC4070099ED1432
MD5: 8c0e012d4f221fe1aa46574af650d2ca
Determination: GOOD
C:\WINDOWS\SysWOW64\msvcp60.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 83CA0203004CA43C2CE00674528A2600FB49A19D
MD5: de7b4cfdc2028f09225b653d0d4e6513
Determination: GOOD
C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} Groove GFS Stub Execution Hook
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\(default)
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\(default)
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} Groove GFS Browser Helper
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} Groove GFS Explorer Bar
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A449600E-1DC6-4232-B948-9BD794D62056} Groove GFS Stub Icon Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} Groove GFS Stub Execution Hook
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6C467336-8281-4E60-8204-430CED96822D} Groove GFS Context Menu Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{387E725D-DC16-4D76-B310-2C93ED4752A0} Groove XML Icon Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{16F3DD56-1AF5-4347-846D-7C10C4192619} Groove Explorer Icon Overlay 3 (GFS Folder)
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} Groove Explorer Icon Overlay 2 (GFS Stub)
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} Groove Explorer Icon Overlay 4 (GFS Unread Mark)
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{99FD978C-D287-4F50-827F-B2C658EDA8E7} Groove Explorer Icon Overlay 1 (GFS Unread Stub)
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{920E6DB1-9907-4370-B3A0-BAFC03D81399} Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX\(default) {6C467336-8281-4E60-8204-430CED96822D}
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX\(default) {6C467336-8281-4E60-8204-430CED96822D}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX\(default) {6C467336-8281-4E60-8204-430CED96822D}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX\(default) {6C467336-8281-4E60-8204-430CED96822D}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX\(default) {6C467336-8281-4E60-8204-430CED96822D}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX\(default) {6C467336-8281-4E60-8204-430CED96822D}
PX5: 074EAFCB30C31F06BB08215C5868C500D04DAD28
MD5: 786dd1892b553efe5a004ac39775c851
Determination: GOOD
C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.DLL
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 5548099D20627F5495B80EEEC2C4F3004F95A3DD
MD5: 6814b25c2b339b9f509063feca36601a
Determination: GOOD
C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.DLL
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 76EA5B8318588010596000BECF18C000050E6CA1
MD5: ebfc4d631d9da54caa2deb6808e196ad
Determination: GOOD
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_CBB27474\ATL80.DLL
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: EEA0ABF1009B0E5C781C0186AB2A510079B716A2
MD5: 3c7def3cbbca6284867aa4621d5d8a54
Determination: GOOD
C:\WINDOWS\System32\cscui.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{C631DF4C-088F-4156-B058-4375F0853CD8}\DllName %SystemRoot%\System32\cscui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{750fdf0e-2a26-11d1-a3ea-080036587f03} Offline Files Menu
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{10CFC467-4392-11d2-8DB4-00C04FA31A66} Offline Files Folder Options
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E} Offline Files Folder
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Offline Files\(default) {750fdf0e-2a26-11d1-a3ea-080036587f03}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Offline Files\(default) {750fdf0e-2a26-11d1-a3ea-080036587f03}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\Offline Files\(default) {750fdf0e-2a26-11d1-a3ea-080036587f03}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\Offline Files\(default) {750fdf0e-2a26-11d1-a3ea-080036587f03}
PX5: 346253D600C12459FC1A04D6DC7A1A0015C1D44A
MD5: a45a8ab7baf598fd4261ee46e98e22aa
Determination: GOOD
C:\WINDOWS\System32\CSCDLL.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll\DLLName cscdll.dll
PX5: 5A44ADEE00425DD48E6A01CCF0CCC600E45EFC9C
MD5: 574b057513a55c3fc32b4e651f59f84d
Determination: GOOD
C:\WINDOWS\SysWOW64\browseui.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5E6AB780-7743-11CF-A12B-00AA004AE837} Microsoft Internet Toolbar
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{22BF0C20-6DA7-11D0-B373-00A0C9034938} Download Status
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{91EA3F8B-C99B-11d0-9815-00C04FD91972} Augmented Shell Folder
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6413BA2C-B461-11d1-A18A-080036B11A03} Augmented Shell Folder 2
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F61FFEC1-754F-11d0-80CA-00AA005B4383} BandProxy
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7BA4C742-9E81-11CF-99D3-00AA004AE837} Microsoft BrowserBand
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{169A0691-8DF9-11d1-A1C4-00C04FD75D13} In-pane search
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{07798131-AF23-11d1-9111-00A0C98BA67D} Web Search
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{AF4F6510-F982-11d0-8595-00AA004CD6D8} Registry Tree Options Utility
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{01E04581-4EEE-11d0-BFE9-00AA005B4383} &Address
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A08C11D2-A228-11d0-825B-00AA005B4383} Address EditBox
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{00BB2763-6A77-11D0-A535-00C04FD7D062} Microsoft AutoComplete
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7376D660-C583-11d0-A3A5-00C04FD706EC} TridentImageExtractor
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6756A641-DE71-11d0-831B-00AA005B4383} MRU AutoComplete List
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A} Custom MRU AutoCompleted List
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7e653215-fa25-46bd-a339-34a2790f3cb7} Accessible
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{acf35015-526e-4230-9596-becbe19f0ac9} Track Popup Bar
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{00BB2764-6A77-11D0-A535-00C04FD7D062} Microsoft History AutoComplete List
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{03C036F1-A186-11D0-824A-00AA005B4383} Microsoft Shell Folder AutoComplete List
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{00BB2765-6A77-11D0-A535-00C04FD7D062} Microsoft Multiple AutoComplete List Container
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ECD4FC4E-521C-11D0-B792-00A0C90312E1} Shell Band Site Menu
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3CCF8A41-5C85-11d0-9796-00AA00B90ADF} Shell DeskBarApp
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ECD4FC4C-521C-11D0-B792-00A0C90312E1} Shell DeskBar
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ECD4FC4D-521C-11D0-B792-00A0C90312E1} Shell Rebar BandSite
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{DD313E04-FEFF-11d1-8ECD-0000F87A470C} User Assist
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} Global Folder Settings
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{438755C2-A8BA-11D1-B96B-00A0C90312E1} Browseui preloader
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{8C7461EF-2B13-11d2-BE35-3078302C2030} Component Categories cache daemon
Loaded from: \REGISTRY\User\S-1-5-21-749556108-4191305144-3801562001-500\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{01E04581-4EEE-11D0-BFE9-00AA005B4383} .......
Loaded from: \REGISTRY\User\S-1-5-21-749556108-4191305144-3801562001-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{01E04581-4EEE-11D0-BFE9-00AA005B4383} .......
PX5: 344F668400F54DD2C4020FA480DC8200B4FC71B5
MD5: eda3d567cc189c5eeabd380e5c911052
Determination: GOOD
C:\WINDOWS\system32\ntshrui.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{40dd6e20-7c17-11ce-a804-00aa003ca9f6} Shell extensions for sharing
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} Shell extensions for sharing
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\Sharing\(default) {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\Sharing\(default) {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\PropertySheetHandlers\Sharing\(default) {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\PropertySheetHandlers\Sharing\(default) {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\Sharing\(default) {40dd6e20-7c17-11ce-a804-00aa003ca9f6}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\Sharing\(default) {40dd6e20-7c17-11ce-a804-00aa003ca9f6}
PX5: 3898C54000879A552E00022D092F7200513DD1ED
MD5: 8abad57604371e5975d631242173d947
Determination: GOOD
C:\WINDOWS\SysWOW64\shdocvw.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EFA24E61-B078-11d0-89E4-00C04FC9E26E} Favorites Band
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0A89A860-D7B1-11CE-8350-444553540000} Shell Automation Inproc Service
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A5E46E3A-8849-11D1-9D8C-00C04FC99D61} Microsoft Browser Architecture
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC} IE4 Suite Splash Screen
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{67EA19A0-CCEF-11d0-8024-00C04FD75D13} CDF Extension Copy Hook
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{131A6951-7F78-11D0-A979-00C04FD705A2} ISFBand OC
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9461b922-3c5a-11d2-bf8b-00c04fb93661} Search Assistant OC
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EFA24E64-B078-11d0-89E4-00C04FC9E26E} Explorer Band
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\CDF\(default) {67EA19A0-CCEF-11d0-8024-00C04FD75D13}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\CDF\(default) {67EA19A0-CCEF-11d0-8024-00C04FD75D13}
Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}\BarSize
Loaded from: \REGISTRY\User\S-1-5-21-749556108-4191305144-3801562001-500\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E64-B078-11D0-89E4-00C04FC9E26E}\BarSize
Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\CLSID {1FBA04EE-3024-11d2-8F1F-0000F87ABD16}
Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}\CLSID {1FBA04EE-3024-11d2-8F1F-0000F87ABD16}
Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}\CLSID {E0DD6CAB-2D10-11D2-8F1A-0000F87ABD16}
Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}\CLSID {1FBA04EE-3024-11D2-8F1F-0000F87ABD16}
PX5: 62A509CC00E7B3B4040F177E6D294A009EE4D69A
MD5: 9b0ebdc34687e89ab4d92cca37af4296
Determination: GOOD
C:\WINDOWS\syswow64\CRYPTUI.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 610BA23B00C6C0B1BCB507762F291900B5946D01
MD5: 7228e6963af8558251fe977d03fb20f9
Determination: GOOD
C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Loaded into: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PX5: 2151C22430370CCF65A0036F4CCD5E0031B9A689
MD5: bd25e3537b54c1bff40335992b3686fd
Determination: GOOD
C:\WINDOWS\SysWOW64\JMRaidTool.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\JMB36X Configure C:\WINDOWS\SysWOW64\JMRaidTool.exe boot
PX5: 68F07AE1008A2C6B607505F28E4D2100D651D283
MD5: 407c49a0058b6190440ab7bc3c357e30
Determination: GOOD
C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\Adobe Reader Speed Launcher "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
PX5: 7034BACB703B560C9BC900BFAF1E1000A084BCE4
MD5: e28d00ec675f5f5a5a0555e7a4523a6e
Determination: GOOD
C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\LanguageShortcut "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe"
PX5: 07D9602E30EA12ECD60B00CADA650600EC6ACC31
MD5: 2798313dbb6ae778207eb1b1c68a1988
Determination: GOOD
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\GrooveMonitor "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
PX5: 6E98331E287F6FB9797C005F224802000F206178
MD5: 38d198a2dd54a67120040566a38103ba
Determination: GOOD
C:\Program Files (x86)\QuickTime\QTTask.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\QuickTime Task "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
PX5: A174D4A600E43695609A043E8DAA88008158E623
MD5: c41fe114d9d7710eda1189d304d85088
Determination: GOOD
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\PWRISOVM.EXE "C:\Program Files (x86)\PowerISO\PWRISOVM.EXE"
PX5: ADF6D80300A83DEF1085036EB8ADA400175BDADB
MD5: a3b1e19c5ad2f5ff2a666ccc6d79a4c8
Determination: GOOD
C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\NBKeyScan "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
PX5: 7868FC2C285638D4C56E211995E550009F37FC7A
MD5: d18bd766746b7be0abefa20dc36fd1c8
Determination: GOOD
C:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded from: \REGISTRY\User\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\Nokia.PCSync C:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
Loaded from: \REGISTRY\User\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\Nokia.PCSync C:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
PX5: 946201B200D3FA32F0B4124B0A8FDC00E00B4EA4
MD5: 9d7eee677b52a04a536481ad2cbeaa61
Determination: GOOD
C:\Program Files (x86)\Picasa2\PicasaMediaDetector.exe
Loaded from: \REGISTRY\User\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\Picasa Media Detector C:\Program Files (x86)\Picasa2\PicasaMediaDetector.exe
Loaded from: \REGISTRY\User\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\Picasa Media Detector C:\Program Files (x86)\Picasa2\PicasaMediaDetector.exe
PX5: F469375640977A1CC65D06CE0BBB9100EBAC2B80
MD5: 429c00e25afa42015311c092e49bfd07
Determination: GOOD
C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Adobe LM Service\ImagePath "C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Adobe LM Service\ImagePath C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
PX5: B40B5B27001158621CAC01740744FC008277A805
MD5: c1eb9968ec89fba5f3a264e2e57923ab
Determination: GOOD
C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\AeLookupSvc\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Alerter\ImagePath %SystemRoot%\system32\svchost.exe -k LocalService
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\AppMgmt\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\AudioSrv\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\BITS\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Browser\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\CryptSvc\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\DcomLaunch\ImagePath %SystemRoot%\system32\svchost.exe -k DcomLaunch
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Dhcp\ImagePath %SystemRoot%\system32\svchost.exe -k NetworkService
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\dmserver\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Dnscache\ImagePath %SystemRoot%\system32\svchost.exe -k NetworkService
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ERSvc\ImagePath %SystemRoot%\System32\svchost.exe -k WinErr
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\EventSystem\ImagePath C:\WINDOWS\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\helpsvc\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\HidServ\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\lanmanserver\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\lanmanworkstation\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\LmHosts\ImagePath %SystemRoot%\system32\svchost.exe -k LocalService
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Messenger\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Netman\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Nla\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NtmsSvc\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RasAuto\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RasMan\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RemoteAccess\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RemoteRegistry\ImagePath %SystemRoot%\system32\svchost.exe -k LocalService
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RpcSs\ImagePath %SystemRoot%\system32\svchost.exe -k rpcss
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Schedule\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\seclogon\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SENS\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SharedAccess\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ShellHWDetection\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\srservice\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SSDPSRV\ImagePath %SystemRoot%\system32\svchost.exe -k LocalService
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\stisvc\ImagePath %SystemRoot%\system32\svchost.exe -k imgsvc
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\swprv\ImagePath %SystemRoot%\System32\svchost.exe -k swprv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\TapiSrv\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\TermService\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Themes\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\TrkWks\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\upnphost\ImagePath %SystemRoot%\system32\svchost.exe -k LocalService
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\W32Time\ImagePath %SystemRoot%\system32\svchost.exe -k LocalService
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\WebClient\ImagePath %SystemRoot%\system32\svchost.exe -k LocalService
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\WinHttpAutoProxySvc\ImagePath %SystemRoot%\system32\svchost.exe -k LocalService
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\winmgmt\ImagePath %systemroot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\WmdmPmSN\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Wmi\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\wscsvc\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\wuauserv\ImagePath %systemroot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\WudfSvc\ImagePath %SystemRoot%\system32\svchost.exe -k WudfServiceGroup
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\WZCSVC\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\xmlprov\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\AeLookupSvc\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Alerter\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\AppMgmt\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\AudioSrv\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\BITS\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Browser\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\CryptSvc\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\DcomLaunch\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Dhcp\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\dmserver\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Dnscache\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ERSvc\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\EventSystem\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\helpsvc\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\HidServ\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\lanmanserver\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\lanmanworkstation\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\LmHosts\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Messenger\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Netman\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Nla\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NtmsSvc\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RasAuto\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RasMan\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RemoteAccess\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RemoteRegistry\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RpcSs\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Schedule\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\seclogon\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\SENS\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\SharedAccess\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ShellHWDetection\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\srservice\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\SSDPSRV\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\stisvc\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\swprv\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\TapiSrv\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\TermService\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Themes\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\TrkWks\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\upnphost\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\W32Time\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\WebClient\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\WinHttpAutoProxySvc\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\winmgmt\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\WmdmPmSN\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Wmi\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\wscsvc\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\wuauserv\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\WudfSvc\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\WZCSVC\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\xmlprov\ImagePath C:\WINDOWS\System32\svchost.exe
PX5: 6DB4F9DA0059EF903ADB0062846665005CC5B954
MD5: c09ccfe81dec9b162533d7184d705682
Determination: GOOD
C:\WINDOWS\System32\alg.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ALG\ImagePath %SystemRoot%\System32\alg.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ALG\ImagePath C:\WINDOWS\System32\alg.exe
PX5: BE61423A00857330B0ED00005FEAAF000DA50985
MD5: fd79afa46b60d32557cb62f6050c2b69
Determination: GOOD
C:\WINDOWS\SysWow64\drivers\AsIO.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\AsIO\ImagePath SysWow64\drivers\AsIO.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\AsIO\ImagePath C:\WINDOWS\SysWow64\drivers\AsIO.sys
PX5: D21C1DF60048D13C1A4D0089F6288F00355CE5D8
MD5: 0fe2b4ca72323261be16ed9b3fe694ff
Determination: GOOD
C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\aspnet_state.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\aspnet_state\ImagePath %SystemRoot%\Microsoft.NET\Framework64\v2.0.50727\aspnet_state.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\aspnet_state\ImagePath C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\aspnet_state.exe
PX5: 0CB03803602AF706B3C7003575A8A000BFB85A84
MD5: cc8a78315cea4a54f3f7aa7b67820a89
Determination: GOOD
C:\WINDOWS\system32\cisvc.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\CiSvc\ImagePath %SystemRoot%\system32\cisvc.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\CiSvc\ImagePath C:\WINDOWS\system32\cisvc.exe
PX5: 07B3A3D100BA4E5E1AA500438C7DCC00ABDDC66F
MD5: ebc34382d0b069aeba6e9168a9826baa
Determination: GOOD
C:\WINDOWS\system32\clipsrv.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ClipSrv\ImagePath %SystemRoot%\system32\clipsrv.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ClipSrv\ImagePath C:\WINDOWS\system32\clipsrv.exe
PX5: 849B9D8100B9A5817EAE00B421B3B800D5E5E19D
MD5: e53196ba56081f154e2d7a9e50a1d33f
Determination: GOOD
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\clr_optimization_v2.0.50727_32\ImagePath C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\clr_optimization_v2.0.50727_32\ImagePath C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
PX5: 639D7FDD58E813780DE701C08A718E00AD3C3A7E
MD5: 3d560af01bdc50b4a1e1bfb5cdc06d63
Determination: GOOD
C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\clr_optimization_v2.0.50727_64\ImagePath C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\clr_optimization_v2.0.50727_64\ImagePath C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
PX5: 1D22CDBF58A7BAF56B9001D550EE0C00755DD95F
MD5: 373e06b48575fbc32acaad0e21c18eba
Determination: GOOD
C:\WINDOWS\system32\dllhost.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\COMSysApp\ImagePath C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\COMSysApp\ImagePath C:\WINDOWS\system32\dllhost.exe
PX5: 9F3F786900FE189A16F900159E20EC00E9A3B04C
MD5: 5437813752863e1201e353fcad8cae37
Determination: GOOD
C:\WINDOWS\system32\mnmsrvc.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Eventlog\Application\(default) mnmsrvc
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\mnmsrvc\ImagePath C:\WINDOWS\system32\mnmsrvc.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\mnmsrvc\ImagePath C:\WINDOWS\system32\mnmsrvc.exe
PX5: 77299F6F005C7FBA80C1009B5322F900EC3D34C3
MD5: 135d539beff49d25574436a822f2820f
Determination: GOOD
c:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\FontCache3.0.0.0\ImagePath c:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\FontCache3.0.0.0\ImagePath c:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
PX5: E689D3BC009F064490A40057ED67FF0035C742EC
MD5: b5049013a3aea4c8c082a8ce340705a8
Determination: GOOD
C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\gusvc\ImagePath "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe"
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\gusvc\ImagePath C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
PX5: 62CED423B81F5EB8131202E836055A00D95D1285
MD5: c1b577b2169900f4cf7190c39f085794
Determination: GOOD
C:\WINDOWS\SysWOW64\svchost.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\IASJet\ImagePath %SystemRoot%\SysWOW64\svchost.exe -k iasjet
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\IASJet\ImagePath C:\WINDOWS\SysWOW64\svchost.exe
PX5: 6DB4F9DA0059EF903ADB0062846665005CC5B954
MD5: c09ccfe81dec9b162533d7184d705682
Determination: GOOD
C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\idsvc\ImagePath "C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe"
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\idsvc\ImagePath C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
PX5: C18AA53200DF7928EC620B5E3F151900099C42AB
MD5: d10e926744031823faa47809c21491d1
Determination: GOOD
C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Microsoft Office Groove Audit Service\ImagePath "C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe"
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Microsoft Office Groove Audit Service\ImagePath C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
PX5: 13B6B25A20EA2BBB016B01B3C31BC4007E9EE529
MD5: fafe367d032ed82e9332b4c741a20216
Determination: GOOD
C:\WINDOWS\system32\msiexec.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MSIServer\ImagePath C:\WINDOWS\system32\msiexec.exe /V
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\MSIServer\ImagePath C:\WINDOWS\system32\msiexec.exe
PX5: 3DB66B7300BC9A49349001EEA4848600BCFA32EC
MD5: ec72e009bd1fa3e5e6d237638561797a
Determination: GOOD
C:\WINDOWS\system32\netdde.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NetDDE\ImagePath %SystemRoot%\system32\netdde.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NetDDEdsdm\ImagePath %SystemRoot%\system32\netdde.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NetDDE\ImagePath C:\WINDOWS\system32\netdde.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NetDDEdsdm\ImagePath C:\WINDOWS\system32\netdde.exe
PX5: C41A96670002A65CAE2C0130D88453000CA2536B
MD5: 13d9a8b63a2a99a88339c0e00b702c92
Determination: GOOD
C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NetTcpPortSharing\ImagePath "C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe"
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NetTcpPortSharing\ImagePath C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
PX5: B944119800B9F07DE0F2019CA92A0B00CF3CFD26
MD5: 8070bb07fe06de8b9acb29b07016a273
Determination: GOOD
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NMIndexingService\ImagePath "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe"
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NMIndexingService\ImagePath C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
PX5: F71F389E288400CDD56806C0503F0200CE27BB5F
MD5: 74149bcf0307bb76d68c0f8912df731c
Determination: SUSPICIOUS
C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\odserv\ImagePath "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE"
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\odserv\ImagePath C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
PX5: 9E1C411030EE9E99BB230668C6A11D008AAAD5CB
MD5: 84de1dd996b48b05ace31ad015fa108a
Determination: SUSPICIOUS
C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ose\ImagePath "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ose\ImagePath C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
PX5: 70BFBB612075A40537DB02A8E0C1B70069455692
MD5: 5a432a042dae460abe7199b758e8606c
Determination: GOOD
C:\WINDOWS\SysWOW64\drivers\pclepci.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PCLEPCI\ImagePath C:\WINDOWS\SysWOW64\drivers\pclepci.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\PCLEPCI\ImagePath C:\WINDOWS\SysWOW64\drivers\pclepci.sys
PX5: 804316EA5562C049376400E921DDE200F7E0A52A
MD5: 1bebe7de8508a02650cdce45c664c2a2
Determination: GOOD
C:\WINDOWS\system32\drivers\pxark.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\pxark\ImagePath \??\C:\WINDOWS\system32\drivers\pxark.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\pxark\ImagePath C:\WINDOWS\system32\drivers\pxark.sys
Loaded from: FILE
PX5: 87296EB280D7F1DA296B00CB462B950061E4FEFB
MD5: d2b5e899d78c0fb0dd290d62b36f333e
Determination: GOOD
C:\WINDOWS\system32\locator.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RpcLocator\ImagePath %SystemRoot%\system32\locator.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RpcLocator\ImagePath C:\WINDOWS\system32\locator.exe
PX5: FD98250700AEA39318BA01942580A900F250D913
MD5: a83414d7a45555274e99793aa22d54ab
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\RTL8187.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RTLWUSB\ImagePath system32\DRIVERS\RTL8187.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RTLWUSB\ImagePath C:\WINDOWS\system32\DRIVERS\RTL8187.sys
Loaded from: FILE
PX5: 4605C7BD00E798DF020B04911C05C80098188346
MD5: 87ecd5fa02a885724f3593cbe5a93c00
Determination: GOOD
C:\WINDOWS\System32\SCardSvr.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SCardSvr\ImagePath %SystemRoot%\System32\SCardSvr.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\SCardSvr\ImagePath C:\WINDOWS\System32\SCardSvr.exe
PX5: 73D8E9F100B1C10960CD010349B7FB0064A93116
MD5: edf6b1852a55581ecc6ba18b4e2c6e8e
Determination: GOOD
C:\WINDOWS\System32\Drivers\SENTINEL.SYS
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Sentinel\ImagePath \SystemRoot\System32\Drivers\SENTINEL.SYS
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Sentinel\ImagePath C:\WINDOWS\System32\Drivers\SENTINEL.SYS
Loaded from: FILE
PX5: 4E211DDB00DB92162AD8015F47929300535DA284
MD5: cd8f847a75a974d7aa723a23dfb7d004
Determination: SUSPICIOUS
C:\WINDOWS\system32\spoolsv.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Spooler\ImagePath %SystemRoot%\system32\spoolsv.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Spooler\ImagePath C:\WINDOWS\system32\spoolsv.exe
PX5: AEA007160091AD15AEEA011A291BA60033145DA6
MD5: 5918677301e62a935a837ec22ba7088c
Determination: GOOD
C:\WINDOWS\system32\smlogsvc.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SysmonLog\ImagePath %SystemRoot%\system32\smlogsvc.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\SysmonLog\ImagePath C:\WINDOWS\system32\smlogsvc.exe
PX5: BB4ECADC00B73CF878680156835C2C00EE395305
MD5: cc8610d2ffaff19d5c9cf8ce9ffad71a
Determination: GOOD
C:\WINDOWS\System32\ups.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\UPS\ImagePath %SystemRoot%\System32\ups.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\UPS\ImagePath C:\WINDOWS\System32\ups.exe
PX5: 94B4E695002F779242070060A8AE750015FAD1F8
MD5: 92c3a632e963a8224fe62aa37c9508f6
Determination: GOOD
C:\Program Files (x86)\MSN Messenger\usnsvc.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\usnjsvc\ImagePath "C:\Program Files (x86)\MSN Messenger\usnsvc.exe"
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\usnjsvc\ImagePath C:\Program Files (x86)\MSN Messenger\usnsvc.exe
PX5: 5ADE8CB4702068007B8E0103793683003D23EE98
MD5: c5b70a6aa947667ce0e5fc84a05ec8b6
Determination: SUSPICIOUS
C:\Program Files (x86)\Windows Media Player\WMPNetwk.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\WMPNetworkSvc\ImagePath "C:\Program Files (x86)\Windows Media Player\WMPNetwk.exe"
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\WMPNetworkSvc\ImagePath C:\Program Files (x86)\Windows Media Player\WMPNetwk.exe
PX5: AF2881470070FC52F0AF0DFACB168500E27064AB
MD5: f74e3d9a7fa9556c3bbb14d4e5e63d3b
Determination: GOOD
C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}\ImagePath \??\C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\{95808DC4-FA4A-4c74-92FE-5B863F82066B}\ImagePath C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl
PX5: 730DBBE6F852750C347F00498C48B900E6846F56
MD5: b8d9be4059fdbf868b4009b5449f33cb
Determination: GOOD
C:\WINDOWS\system32\Explorer.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell Explorer.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}\(default) Internet Explorer
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}\(default) Internet Explorer Help
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}\(default) Internet Explorer Setup Tools
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}\(default) Internet Explorer
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}\(default) Internet Explorer Core Fonts
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}\(default) Internet Explorer
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}\(default) Internet Explorer Help
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}\(default) Internet Explorer Setup Tools
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}\(default) Internet Explorer
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}\(default) Internet Explorer Core Fonts
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}\(default) Internet Explorer
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}\(default) Internet Explorer Help
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}\(default) Internet Explorer Setup Tools
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}\(default) Internet Explorer
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}\(default) Internet Explorer Core Fonts
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3}\(default) Internet Explorer Zonemapping
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B}\(default) Internet Explorer Branding
PX5: FF4D989B0084819412FC10D0AB69CD0097B0100C
MD5: a26c39540f8be3729846e360e2c57344
Determination: GOOD
C:\WINDOWS\system32\userinit.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\UserInit userinit
PX5: 33D3AA5800B0A7C766F1001F99A943000F7D8C30
MD5: b5feb3b971a8b8c81ce9de65031a87e5
Determination: GOOD
C:\WINDOWS\system32\logonui.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost %SystemRoot%\system32\logonui.exe
PX5: 2474332A005B351EE01B07C17CAB8F00C392BC2F
MD5: 49796a6f553f5d9873d28e2751d73902
Determination: GOOD
C:\WINDOWS\system32\shell32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\VmApplet rundll32 shell32,Control_RunDLL "sysdm.cpl"
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{AEB6717E-7E19-11d0-97EE-00C04FD91972}
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}\StubPath regsvr32.exe /s /n /i:U shell32.dll
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\FileSystem\(default) {217FC9C0-3AEA-1069-A2DB-08002B30309D}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\FileSystem\(default) {217FC9C0-3AEA-1069-A2DB-08002B30309D}
PX5: 06D3CE7A001FB1DC92927F46DC2A500048B178B6
Determination: GOOD
C:\WINDOWS\system32\sysdm.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\VmApplet rundll32 shell32,Control_RunDLL "sysdm.cpl"
PX5: AB2DE30E0027CA659A550472953C2F00A4CE4631
MD5: 5c60c389510ea8097704cf9813b2fe68
Determination: GOOD
C:\WINDOWS\system32\rundll32.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\VmApplet rundll32 shell32,Control_RunDLL "sysdm.cpl"
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}\StubPath RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS\StubPath RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\mplayer2.inf,PerUserStub.NT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} Autoplay for SlideShow
PX5: 1443A7660029CF26888900A3763CC7003A46BB50
MD5: 75139c5e6b968e39a5a35e7003fa7049
Determination: GOOD
C:\WINDOWS\system32\autochk.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Session Manager\BootExecute autocheck
PX5: 9AB6231100FFFBA1142709BD15477E00A748EAC2
MD5: 39ecc326d3f5531a13a1c0f0b43a8edd
Determination: GOOD
C:\WINDOWS\system32\Browser.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}\(default) Browser Customizations
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS\(default) Browser Customizations
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{20963F1A-68DA-74FC-EDC1-C7B2B8CC8508}\(default) Browser Customizations
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{235FB7DD-2387-6864-90E3-2D1DD5811356}\(default) Browser Customizations
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{3BF21E53-9674-A945-66E0-533911CA574B}\(default) Browser Customizations
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{D7A8360E-0664-5D1C-B12B-2FC552D1ACD6}\(default) Browser Customizations
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}\(default) Browser Customizations
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS\(default) Browser Customizations
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{20963F1A-68DA-74FC-EDC1-C7B2B8CC8508}\(default) Browser Customizations
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{235FB7DD-2387-6864-90E3-2D1DD5811356}\(default) Browser Customizations
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{3BF21E53-9674-A945-66E0-533911CA574B}\(default) Browser Customizations
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{D7A8360E-0664-5D1C-B12B-2FC552D1ACD6}\(default) Browser Customizations
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}\(default) Browser Customizations
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS\(default) Browser Customizations
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{20963F1A-68DA-74FC-EDC1-C7B2B8CC8508}\(default) Browser Customizations
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{235FB7DD-2387-6864-90E3-2D1DD5811356}\(default) Browser Customizations
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{3BF21E53-9674-A945-66E0-533911CA574B}\(default) Browser Customizations
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{D7A8360E-0664-5D1C-B12B-2FC552D1ACD6}\(default) Browser Customizations
PX5: A8A344E5009DC88B32D901A77BA133009B3E4873
MD5: f750a96d7478d435f5ac9ece6698f81e
Determination: GOOD
C:\Program Files (x86)\Java\jre1.6.0_03\bin\regutils.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}\KeyFileName C:\Program Files (x86)\Java\jre1.6.0_03\bin\regutils.dll
PX5: 18FDF0650029FF2F9067038B74E5FB00E6236711
MD5: 1fc79cf17eca1f4e0fc784abb8d72c31
Determination: GOOD
C:\WINDOWS\system32\Setup.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}\(default) Themes Setup
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}\(default) Internet Explorer Setup Tools
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}\(default) Themes Setup
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}\(default) Internet Explorer Setup Tools
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}\(default) Themes Setup
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}\(default) Internet Explorer Setup Tools
Loaded from: \REGISTRY\Machine\System\Setup\Cmdline setup -newsetup
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSInfo\Categories\Applications12\Word12\PageSetup\(default) Page Setup
PX5: 423D582800FD5D7BA28B005065812B0069F40C90
MD5: d777eda66cb15b0e0fafd1686db73f0f
Determination: GOOD
C:\WINDOWS\SysWOW64\msieftp.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}\KeyFileName C:\WINDOWS\SysWOW64\msieftp.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{63da6ec0-2e98-11cf-8d82-444553540000} FTP Folders Webview
PX5: 9E78B55D00416543CECE03EE2FA81300122D2C76
MD5: 4b78d2b021b09fb06a436f5385b1e6e8
Determination: GOOD
C:\WINDOWS\system32\ieudinit.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}\StubPath C:\WINDOWS\system32\ieudinit.exe
PX5: 73CA61DA00728720360A0021165ED300383A334D
MD5: 324ecd19db11ebdba37e1f69d887b565
Determination: GOOD
C:\WINDOWS\inf\unregmp2.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}\Stubpath C:\WINDOWS\inf\unregmp2.exe /ShowWMP
PX5: 62D1ABBC006680A4D83104F3FD5F660098F6E1C9
MD5: d0cb8deaf008d7cdc794ef6a37ec8134
Determination: GOOD
C:\WINDOWS\system32\ie4uinit.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}\StubPath C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}\StubPath C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
PX5: 4744B054003C4032144001425FEA5D00DFFD0625
MD5: 5082eb7cebc228028e5326d1cb05b925
Determination: GOOD
C:\WINDOWS\system32\IEDKCS32.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}\StubPath RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS\StubPath RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3}\DllName iedkcs32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B}\DllName iedkcs32.dll
PX5: DCA77B3F00C9C618DE1105072176720033C492FE
MD5: fa70884f3a7061b03f7b00f774e83aee
Determination: GOOD
C:\WINDOWS\system32\shmgrate.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}\StubPath %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
PX5: 0038667000E55D1796A400BCF8C5FD00258FE753
MD5: a9fbec45f5614ac72244067d069324cb
Determination: GOOD
C:\WINDOWS\system32\advpack.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\mplayer2.inf,PerUserStub.NT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub
PX5: D713FC9B00809CCEE8C0014A880C64003F9C0153
MD5: 79ba4956650d2bcf76ca9fc15dcc79d9
Determination: GOOD
C:\WINDOWS\system32\themeui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}\StubPath %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
PX5: 5EA4804500F03829E6EF056505D576000388B47A
MD5: 9b8f165ae086346fdde6ec85643a5c13
Determination: GOOD
C:\WINDOWS\system32\regsvr32.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}\StubPath %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}\StubPath regsvr32.exe /s /n /i:U shell32.dll
PX5: 6E075E71007E86F632D40023EE69E000BA124E36
MD5: 0b3c26358e84f5fcbc692f9b045f7262
Determination: GOOD
C:\Program Files (x86)\Outlook Express\setup50.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}\StubPath "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}\StubPath "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
PX5: 9B0FB96800EFE57B2434018D9040AC00A7DCF261
MD5: 98f139f6f4d39c34f38d9d2faade270e
Determination: GOOD
C:\WINDOWS\SysWOW64\mscories.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}\StubPath C:\WINDOWS\SysWOW64\Rundll32.exe C:\WINDOWS\SysWOW64\mscories.dll,Install
PX5: 652959240095250822A60140F37F47001792531A
MD5: 46e55aea48bad9297df685c722619bd6
Determination: GOOD
C:\WINDOWS\SysWOW64\Rundll32.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}\StubPath C:\WINDOWS\SysWOW64\Rundll32.exe C:\WINDOWS\SysWOW64\mscories.dll,Install
PX5: 1443A7660029CF26888900A3763CC7003A46BB50
MD5: 75139c5e6b968e39a5a35e7003fa7049
Determination: GOOD
C:\WINDOWS\system32\gptext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}\DllName gptext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{426031c0-0b47-4852-b0ca-ac3d37bfcb39}\DllName gptext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{42B5FAAE-6536-11d2-AE5A-0000F87571E3}\DllName gptext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{e437bc1c-aa7d-11d2-a382-00c04f991e27}\DllName gptext.dll
PX5: 0F7A6CE20075160396F00388A70F6800CFB389B0
MD5: 7edeb081b2e6dcaba738150375fa6e1f
Determination: GOOD
C:\WINDOWS\system32\fdeploy.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{25537BA6-77A8-11D2-9B6C-0000F8080861}\DllName fdeploy.dll
PX5: 4CBD79040050961E36A2018CFFDA7F003C245CF3
MD5: 25a48f55cd8353fc6760de208982e718
Determination: GOOD
C:\WINDOWS\system32\dskquota.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{3610eda5-77ef-11d2-8dc5-00c04fa31a66}\DllName dskquota.dll
PX5: D04316DD001DDDD26CD60158CF9A0C0039961B2C
MD5: 0ac867ca76df294390fa4c1f1b04b376
Determination: GOOD
C:\WINDOWS\system32\scecli.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{827D319E-6EAC-11D2-A4EA-00C04F79F83A}\DllName scecli.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}\DllName scecli.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Notification Packages scecli
PX5: 9B875168002191C1E2C302D0778C470017086656
MD5: e7b7fd7d8907daded4928e922608887f
Determination: GOOD
C:\WINDOWS\system32\appmgmts.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{c6dc5466-785a-11d2-84d0-00c04fb169f7}\DllName appmgmts.dll
PX5: 28D2475A00C3561EACBE02021D557A002A999141
MD5: 8a5ad4cfe2d84371abadfcf9e21954f6
Determination: GOOD
C:\WINDOWS\system32\crypt32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain\DllName crypt32.dll
PX5: 4EEFEBC60072C2E7162309C28F95E900C372FA1B
MD5: 067579392241e24810284e9a44601baf
Determination: GOOD
C:\WINDOWS\system32\cryptnet.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet\DllName cryptnet.dll
PX5: 515DB95100003C02F4E7002F9FD7C2007D390932
MD5: ba76e4878ddd1fd3802949177028e18d
Determination: GOOD
C:\WINDOWS\system32\dimsntfy.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy\DllName dimsntfy.dll
PX5: B52B7A2B00EE76544C8900043B465E001CFFD22C
MD5: b47d57f756c1e03cfd0807a0151b9d7f
Determination: GOOD
C:\WINDOWS\system32\sclgntfy.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\EFS\DllName sclgntfy.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy\DllName sclgntfy.dll
PX5: 832F8AD50026DDD54E1400C6F21099001D81B794
MD5: 406e893e56faabf07a212cc8634d7236
Determination: GOOD
C:\WINDOWS\system32\mmsystem.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\drivers mmsystem.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 52A2AABFA0F6A1DF0C8101C8EB6DD70084C065E1
MD5: 2e040867a0084a407b807043b545c530
Determination: GOOD
C:\WINDOWS\system32\keyboard.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\keyboard.drv keyboard.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 159F7A82D0C5E0D3077700FE801B1000B79BCD14
MD5: ed4bf709aad8b665075de06a0945b030
Determination: GOOD
C:\WINDOWS\system32\progman.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\shell progman.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 5F6E0BBF0063F935ACE201ED2D04C4002E783147
MD5: a3066208aba6db421d2252a3958833f3
Determination: GOOD
C:\WINDOWS\system32\sound.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\sound.drv sound.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: E70CAE91D00DCE52067C00647C846400B79BCD14
MD5: 028a1f74926dc3df2d9629edc9aebafb
Determination: GOOD
C:\WINDOWS\system32\commdlg.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 48741A4830643BD6803B0098DCFB870026A76E97
MD5: 3cfc3ba7bdfafacd3b4a81a8cae76668
Determination: GOOD
C:\WINDOWS\system32\ctl3dv2.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: C84734B440655DC66A4D00304EF8AC0014627D07
MD5: 637d88e7a1bedc4457c80dbc8ba9f135
Determination: GOOD
C:\WINDOWS\system32\ddeml.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 87F926CB00F2CB349A1200182C741300499075CD
MD5: cc91779ed74fae851cd3ea7541dde488
Determination: GOOD
C:\WINDOWS\system32\lanman.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: E2D10F72A09F8F89619803C59F91BE00E3FF0BD2
MD5: 774d60cb0ad198f493cefc9057755a05
Determination: GOOD
C:\WINDOWS\system32\netapi.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 3C3683AEB04DF3B2A77E0156CAF52A00C051813D
MD5: d8f01ab82d5699a6a278651777d00b67
Determination: GOOD
C:\WINDOWS\system32\pmspl.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 98CDEBDE0094268EB67200C1C6BF85009014DA93
MD5: 57f8a50513e43aaf6a7b23389e389bbc
Determination: GOOD
C:\WINDOWS\system32\winsock.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: FCF9BBDC30E28D0D0BF200D9F4D9CD00B79BCD14
MD5: 68485c5ef0e2efcebf21bbb1042b823b
Determination: GOOD
C:\WINDOWS\system32\winspool.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: F5BB157440E5748C08D600021F9AD300B79BCD14
MD5: 0b4b94b78123e8035b84105bc024f9f8
Determination: GOOD
C:\WINDOWS\system32\timer.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 9E742523D04ADDED0FAB00C7BF7ADD00AFD72FD9
MD5: 9e7425234addedabc7bf7addafd72fd9
Determination: GOOD
C:\WINDOWS\system32\compobj.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 9DFA3F409074CAF56CBC008C9442C300BC2C78BF
MD5: 3ad9c8aad58f4e9d02796f2aa5716909
Determination: GOOD
C:\WINDOWS\system32\storage.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 60BAD4D270E3252C10B800A49D4C780095AFB292
MD5: 3a5cd674ada85bcc1ff26b81b4cdefb5
Determination: GOOD
C:\WINDOWS\system32\ole2.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 0F3EF39660ED825FA6AF004503C1A600544588A7
MD5: 7f3c91751ebeb8c80f36cb0344482967
Determination: GOOD
C:\WINDOWS\system32\ole2nls.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 345F073B00FEB5C20A8F0059C8FEE100B79BCD14
MD5: 86ae2e139b39e328e46297f306e737b9
Determination: GOOD
C:\WINDOWS\system32\msvideo.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 166B9821C065DB11EF6E012F00509C0078575A4E
MD5: ad060cfce701410d7fa4b3461ab83ef5
Determination: GOOD
C:\WINDOWS\system32\avifile.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 673C9E5390EC39E0AB99016052733100D94C108E
MD5: 1131cc48b374fbf92ebaf0821c228aca
Determination: GOOD
C:\WINDOWS\system32\msacm.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: B7D763E3F0AFD481EEC10048E192C7001FF6064C
MD5: 8ee0b6edcd5fe63bdeeeb82351b110ee
Determination: GOOD
C:\WINDOWS\system32\mciavi.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 589C957DA0B4EE8D1E4C01116F791800B1691AE9
MD5: 174bd475d798303df480416f4bedb58e
Determination: GOOD
C:\WINDOWS\system32\mciseq.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 26C7F2EFB0BC9496624C00DE27EBE900CB5395A3
MD5: 26c7f2efbc94964cde27ebe9cb5395a3
Determination: GOOD
C:\WINDOWS\system32\mciwave.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: E05EE706009DE3CC6ED500B984CFF500AC82858F
MD5: e05ee7069de3ccd5b984cff5ac82858f
Determination: GOOD
C:\WINDOWS\system32\avicap.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: D5345CD4D06C42C90F7C0131EBCF0000CCBFD345
MD5: d05d2c408bbdd201e145f1202b2f13bd
Determination: GOOD
C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(default)
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(default)
PX5: 43FC1F718034B0CAF2E7007A2CAFD0009BF22C42
MD5: c11f6a1f61481e24be3fdc06ea6f7d2a
Determination: GOOD
C:\Program Files (x86)\Java\jre1.6.0_03\bin\ssv.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\NoExplorer
Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ClsidExtension {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}
PX5: BEEC7CE7903A1989A51C07665627A3001B1EF486
MD5: d787e3123fad2bd58ab45b9a5c360acd
Determination: GOOD
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}\(default)
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}\(default)
Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Toolbar\{47833539-D0C5-4125-9FA8-0819E2EAAC93}
Loaded from: \REGISTRY\User\S-1-5-21-749556108-4191305144-3801562001-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{47833539-D0C5-4125-9FA8-0819E2EAAC93}
Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Explorer Bars\{182EC0BE-5110-49C8-A062-BEB1D02A220B}\(default)
Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Explorer Bars\{182EC0BE-5110-49C8-A062-BEB1D02A220B}\(default)
PX5: 1A0DE83160F1F208E6C904EF8C523C0035D5116D
MD5: ff29e3fb75e7726ee002b65a9f2d4a6e
Determination: GOOD
C:\WINDOWS\system32\ntsd.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path\Debugger ntsd -d
PX5: 0C6E2C78000D35ECA0D50085F0F1BB00A4AA42A3
MD5: e65c01a1b3fb80c4eaecf9b61086df2f
Determination: GOOD
C:\WINDOWS\system32\mmsys.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{00022613-0000-0000-C000-000000000046} Multimedia File Property Sheet
PX5: 1CE361700072F6E604430A8CEFA4CF00D189E020
MD5: c5347fe86a9f194b7cfaa65690047404
Determination: GOOD
C:\WINDOWS\system32\icmui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{176d6597-26d3-11d1-b350-080036a75b03} ICM Scanner Management
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5DB2625A-54DF-11D0-B6C4-0800091AA605} ICM Monitor Management
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{675F097E-4C4D-11D0-B6C1-0800091AA605} ICM Printer Management
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{DBCE2480-C732-101B-BE72-BA78E9AD5B27} ICC Profile
PX5: DE2420490081CBC6E8FF00EABB05930063C7C56B
MD5: ed406ffd84cea18e0b1b29f41d7f0ca4
Determination: GOOD
C:\WINDOWS\system32\rshx32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1F2E5C40-9550-11CE-99D2-00AA006E086C} NTFS Security Page
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F37C5810-4D3F-11d0-B4BF-00AA00BBB723} Printers Security Page
PX5: C720615400AC7240AA740017AAE2C2005873D450
MD5: b35a3d502943812907c791c8dc75fa47
Determination: GOOD
C:\WINDOWS\system32\docprop.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3EA48300-8CF6-101B-84FB-666CCB9BCD32} OLE Docfile Property Page
PX5: AD409972000ADDD2B62500AFE7D0DE007F2BCE35
MD5: cfa9f83d85c0f4a648e914c4e15a03de
Determination: GOOD
C:\WINDOWS\SysWOW64\themeui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{41E300E0-78B6-11ce-849B-444553540000} PlusPack CPL Extension
PX5: 5EA4804500F03829E6EF056505D576000388B47A
MD5: 9b8f165ae086346fdde6ec85643a5c13
Determination: GOOD
C:\WINDOWS\system32\deskadp.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{42071712-76d4-11d1-8b24-00a0c9068ff3} Display Adapter CPL Extension
PX5: 7A1D3E4000E7E4CE3E600060BCB3960064A03F18
MD5: 9461a8ee0aa5cbc2149a02f42ea49464
Determination: GOOD
C:\WINDOWS\system32\deskmon.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{42071713-76d4-11d1-8b24-00a0c9068ff3} Display Monitor CPL Extension
PX5: A9766737003A3F9146160028BFE59B00A0839453
MD5: af3072c1e8d5964a59c5aac91a269693
Determination: GOOD
C:\WINDOWS\system32\dssec.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4E40F770-369C-11d0-8922-00A024AB2DBB} DS Security Page
PX5: 63C1854C00771844ACD500753BE39F00EC8E075F
MD5: 1fae93a2ab07e6e0d44458a39619cca0
Determination: GOOD
C:\WINDOWS\system32\SlayerXP.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} Compatibility Page
PX5: C54C41AC0039A59564DF007CBE8B2200E16EDE04
MD5: 15e533288241fe47a6c7b811d3e46ef2
Determination: GOOD
C:\WINDOWS\system32\shscrap.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{56117100-C0CD-101B-81E2-00AA004AE837} Shell Scrap DataHandler
PX5: 5703535E00827CE26CEA005D69593500AC397B2F
MD5: 70bf5c921c6ebf8a312c98a9a0cd3f11
Determination: GOOD
C:\WINDOWS\system32\diskcopy.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{59099400-57FF-11CE-BD94-0020AF85B590} Disk Copy Extension
PX5: 5C067DC0006A5E0CF87E16B2E510FA00A63D4663
MD5: 1b3a2aeeeba6491ae12279c135152cad
Determination: GOOD
C:\WINDOWS\system32\ntlanui2.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{59be4990-f85c-11ce-aff7-00aa003ca9f6} Shell extensions for Microsoft Windows Network objects
PX5: 7D03A0AF00C7898D3C3400E8BAE04300D7CBE6E7
MD5: 00488e7c60ed47b48d23ee6f9993c909
Determination: GOOD
C:\WINDOWS\system32\printui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{77597368-7b15-11d0-a0c2-080036af3f03} Web Printer Shell Extension
PX5: 621D237800334115AC42081B92A08F00FF33A1FC
MD5: 991405153bda4f9fc14709ee7422d3ee
Determination: GOOD
C:\WINDOWS\system32\dskquoui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7988B573-EC89-11cf-9C00-00AA00A14F56} Disk Quota UI
PX5: 6B204B6400C9B3C6623902F8B1D0BE008387EFEB
MD5: a6c04cf47f8252ed51330a519dc3f7e5
Determination: GOOD
C:\WINDOWS\system32\syncui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{85BBD920-42A0-1069-A2E4-08002B30309D} Briefcase
PX5: DF93263A0046DC5AEE9502102D16D6007350CEDB
MD5: 553c1e24c0458e947fb070d816061bd7
Determination: GOOD
C:\WINDOWS\system32\fontext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BD84B380-8CA2-1069-AB1D-08000948F534} Fonts
PX5: FD8A1DC100D7CD5FD80B05B379636400ACD05F09
MD5: 90859209c4a77deb8c4e2f74a69aa059
Determination: GOOD
C:\WINDOWS\system32\deskperf.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{f92e8c40-3d33-11d2-b1aa-080036a75b03} Display TroubleShoot CPL Extension
PX5: 70491D4000FDD495549000D715E43F009F13F7B1
MD5: baff058fe14bae785658529cca4da7e8
Determination: GOOD
C:\WINDOWS\syswow64\cryptext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7444C717-39BF-11D1-8CD9-00C04FC29D45} Crypto PKO Extension
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7444C719-39BF-11D1-8CD9-00C04FC29D45} Crypto Sign Extension
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\PropertySheetHandlers\CryptoSignMenu\(default) {7444C719-39BF-11D1-8CD9-00C04FC29D45}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\PropertySheetHandlers\CryptoSignMenu\(default) {7444C719-39BF-11D1-8CD9-00C04FC29D45}
PX5: 461D1D3E00E01A4BDC3C00B825A1450079430965
MD5: c153136c2e26558cfa39453c68d0e9ef
Determination: GOOD
C:\WINDOWS\SysWOW64\netshell.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7007ACC7-3202-11D1-AAD2-00805FC1270E} Network Connections
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{992CFFA0-F557-101A-88EC-00DD010CCC48} Network Connections
PX5: BE7A7A8300A71D829EED1B74F0FCB700473A1C27
MD5: 03fed5f5bca1605f76517e8a485cf360
Determination: GOOD
C:\WINDOWS\SysWOW64\wshext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{60254CA5-953B-11CF-8C96-00AA00B8708C} Shell extensions for Windows Script Host
PX5: 154BC78900DC206000F1010AE6F7990010C06A15
MD5: e8df8a19cea4fed4286814c90d0a45d4
Determination: GOOD
C:\Program Files (x86)\Common Files\System\Ole DB\oledb32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2206CDB2-19C1-11D1-89E0-00C04FD7A829} Microsoft Data Link
PX5: 579FDF6400B09504807507DCEB269A0027E638D1
MD5: 43fbb28a6c7cd72d15dcb5aa5f80b0eb
Determination: GOOD
C:\WINDOWS\system32\shdocvw.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0} Search
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0} Help and Support
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0} Help and Support
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} Run...
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0} Internet
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0} E-mail
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D20EA4E1-3957-11d2-A40B-0C5020524152} Fonts
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D20EA4E1-3957-11d2-A40B-0C5020524153} Administrative Tools
PX5: 62A509CC00E7B3B4040F177E6D294A009EE4D69A
MD5: 9b0ebdc34687e89ab4d92cca37af4296
Determination: GOOD
C:\WINDOWS\SysWOW64\shmedia.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{875CB1A1-0F29-45de-A1AE-CFB4950D0B78} Audio Media Properties Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{40C3D757-D6E4-4b49-BB41-0E5BBEA28817} Video Media Properties Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E4B29F9D-D390-480b-92FD-7DDB47101D71} Wav Properties Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{87D62D94-71B3-4b9a-9489-5FE6850DC73E} Avi Properties Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A6FD9E45-6E44-43f9-8644-08598F5A74D9} Midi Properties Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{c5a40261-cd64-4ccf-84cb-c394da41d590} Video Thumbnail Extractor
PX5: DBBA349A006E9E7D52BE02F1C65C4000A9A31CDB
MD5: df3c7a4953bb3876b1002200dbbfe31f
Determination: GOOD
C:\WINDOWS\SysWow64\ieframe.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{871C5380-42A0-1069-A2EA-08002B30309D} Internet Name Space
PX5: ED11511100A6B0428EC95C8F624DB90051A3880F
Determination: GOOD
C:\WINDOWS\SysWOW64\sendmail.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE} Sendmail service
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE} Sendmail service
PX5: 8B6FC0BE0082BA9CDEE40028E464A70015BD38F4
MD5: 65cba366b61048498a0b1e21ae18468a
Determination: GOOD
C:\WINDOWS\system32\occache.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88C6C381-2E85-11D0-94DE-444553540000} ActiveX Cache Folder
PX5: 3BFACE7B004CE40F9029018D4E655600D6F50397
MD5: 508e33c8779d3350b1502166ceb42c3b
Determination: GOOD
C:\WINDOWS\system32\webcheck.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E6FB5E20-DE35-11CF-9C87-00AA005127ED} WebCheck
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE} Subscription Mgr
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F5175861-2688-11d0-9C5E-00AA00A45957} Subscription Folder
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{08165EA0-E946-11CF-9C87-00AA005127ED} WebCheckWebCrawler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7D559C10-9FE9-11d0-93F7-00AA0059CE02} Code Download Agent
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB} WebCheck SyncMgr Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\WebCheck {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
PX5: 11D8C0840058ABF18E4A03C596B0FD0083CB3FA6
MD5: 3276ff5a5ebd31671882c548e9dc4e87
Determination: GOOD
C:\WINDOWS\SysWOW64\webcheck.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB} WebCheckChannelAgent
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7} TrayAgent
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E6CC6978-6B6E-11D0-BECA-00C04FD940BE} ConnectionAgent
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D8BD2030-6FC9-11D0-864F-00AA006809D9} PostAgent
PX5: 11D8C0840058ABF18E4A03C596B0FD0083CB3FA6
MD5: 3276ff5a5ebd31671882c548e9dc4e87
Determination: GOOD
C:\WINDOWS\SysWOW64\appwiz.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{352EC2B7-8B9A-11D1-B8AE-006008059382} Shell Application Manager
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0B124F8F-91F0-11D1-B8B5-006008059382} Installed Apps Enumerator
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CFCCC7A0-A282-11D1-9082-006008059382} Darwin App Publisher
PX5: 47624D9A00446FB552A207A65EBBB5006D621997
MD5: 7b0d17d59d178c6537b7e98d37082b5c
Determination: GOOD
C:\WINDOWS\SysWOW64\shimgvw.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{e84fda7c-1d6a-45f6-b725-cb260c236066} Shell Image Verbs
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178} Shell Image Data Factory
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3F30C968-480A-4C6C-862D-EFC0897BB84B} GDI+ file thumbnail extractor
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9DBD2C50-62AD-11d0-B806-00C04FD706EC} Summary Info Thumbnail handler (DOCFILES)
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EAB841A0-9550-11cf-8C16-00805F1408F3} HTML Thumbnail Extractor
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{eb9b1153-3b57-4e68-959a-a3266bc3d7fe} Shell Image Property Handler
PX5: C25C172E004FA43E74E10731688C55009EEBEBB3
MD5: fbb015a023f0cb13da7c48eb02348231
Determination: GOOD
C:\WINDOWS\SysWOW64\netplwiz.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CC6EEFFB-43F6-46c5-9619-51D571967F7D} Web Publishing Wizard
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{add36aa8-751a-4579-a266-d66f5202ccbb} Print Ordering via the Web
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6b33163c-76a5-4b6c-bf21-45de9cd503a1} Shell Publishing Wizard Object
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{58f1f272-9240-4f51-b6d4-fd63d1618591} Get a Passport Wizard
PX5: FD107F3E002663A45C870DC768EC5500D619D5AB
MD5: ca7a1943b6636e195caea8fde2d187b6
Determination: GOOD
C:\WINDOWS\SysWOW64\zipfldr.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31} Compressed (zipped) Folder
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BD472F60-27FA-11cf-B8B4-444553540000} Compressed (zipped) Folder Right Drag Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{888DCA60-FC0A-11CF-8F0F-00C04FD7D062} Compressed (zipped) Folder SendTo Target
PX5: 33AADB7A007C31713685055B4FC995001DF6B6D0
MD5: c3f59fd4073176aad11004b8f55157c7
Determination: GOOD
C:\WINDOWS\system32\extmgr.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{692F0339-CBAA-47e6-B5B5-3B84DB604E87} Extensions Manager Folder
PX5: 9A1A274E0057D00A06770211FC74210094416D21
MD5: 09394cfe9073aca91c0bf31ef48f51a4
Determination: GOOD
C:\WINDOWS\SysWOW64\twext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{596AB062-B4D2-4215-9F74-E9109B0A8153} Previous Versions Property Page
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9DB7A13C-F208-4981-8353-73CC61AE2783} Previous Versions
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\PropertySheetHandlers\{596AB062-B4D2-4215-9F74-E9109B0A8153}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\PropertySheetHandlers\{596AB062-B4D2-4215-9F74-E9109B0A8153}\(default)
PX5: 5244F8A1005089C244A701CDA9608900766A069C
MD5: 512d3f6d6200da5f58a9d5e15d3e5b27
Determination: GOOD
C:\WINDOWS\SysWOW64\docprop2.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{883373C3-BF89-11D1-BE35-080036B11A03} Microsoft DocProp Shell Ext
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A9CF0EAE-901A-4739-A481-E35B73E47F6D} Microsoft DocProp Inplace Edit Box Control
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8EE97210-FD1F-4B19-91DA-67914005F020} Microsoft DocProp Inplace ML Edit Box Control
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0EEA25CC-4362-4A12-850B-86EE61B0D3EB} Microsoft DocProp Inplace Droplist Combo Control
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6A205B57-2567-4A2C-B881-F787FAB579A3} Microsoft DocProp Inplace Calendar Control
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33} Microsoft DocProp Inplace Time Control
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\PropertySheetHandlers\{883373C3-BF89-11D1-BE35-080036B11A03}\(default) Summary Properties Page
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\PropertySheetHandlers\{883373C3-BF89-11D1-BE35-080036B11A03}\(default) Summary Properties Page
PX5: B07E4B4A00D1E4F5C0DA001EE0252800FBBD47B9
MD5: bdb6bb2b992f83c2d7584415467be8f6
Determination: GOOD
C:\WINDOWS\SysWOW64\dsquery.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8A23E65E-31C2-11d0-891C-00A024AB2DBB} Directory Query UI
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9E51E0D0-6E0F-11d2-9601-00C04FA31A86} Shell properties for a DS object
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{163FDC20-2ABC-11d0-88F0-00A024AB2DBB} Directory Object Find
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F020E586-5264-11d1-A532-0000F8757D7E} Directory Start/Search Find
PX5: C0CA63BB00F8B045CC72031A036BED00B621C5C7
MD5: 063d38bbabc28761d4a84ee56371d398
Determination: GOOD
C:\WINDOWS\SysWOW64\dsuiext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0D45D530-764B-11d0-A1CA-00AA00C16E65} Directory Property UI
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{62AE1F9A-126A-11D0-A14B-0800361B1103} Directory Context Menu Verbs
PX5: 42A84BE8001E8087D4DA01D9634AF400F90508A6
MD5: b2b7a07413d3ad9408bfb12be9e917ce
Determination: GOOD
C:\WINDOWS\SysWOW64\mydocs.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ECF03A33-103D-11d2-854D-006008059367} MyDocs Copy Hook
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ECF03A32-103D-11d2-854D-006008059367} MyDocs Drop Target
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4a7ded0a-ad25-11d0-98a8-0800361b1103} MyDocs Properties
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\MyDocuments\(default) {ECF03A33-103D-11d2-854D-006008059367}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\MyDocuments\(default) {ECF03A33-103D-11d2-854D-006008059367}
PX5: DE901DE700A0A44F68F1011B66D73600E85E2311
MD5: bc18b458f2d7ecb9a3f8f259ed069808
Determination: GOOD
C:\WINDOWS\msagent\agentpsh.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{143A62C8-C33B-11D1-84FE-00C04FA34A14} Microsoft Agent Character Property Sheet Handler
PX5: B6BE0272001372CC66C50056A342A5006BA013D7
MD5: 7fdd8fec87d3b1300a9522c6840e9160
Determination: GOOD
C:\WINDOWS\SysWOW64\dfsshlex.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6} DfsShell
PX5: 4B8E0D0300921067725F000D5BABF00075EC7C31
MD5: 8cccee3849e691b9daa8231dc2c893d3
Determination: GOOD
C:\WINDOWS\system32\wiashext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E211B736-43FD-11D1-9EFB-0000F8757FCD} Scanners & Cameras
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD} Scanners & Cameras
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{905667aa-acd6-11d2-8080-00805f6596d2} Scanners & Cameras
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3F953603-1008-4f6e-A73A-04AAC7A992F1} Scanners & Cameras
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{83bbcbf3-b28a-4919-a5aa-73027445d672} Scanners & Cameras
PX5: 8C2A5D7D00E9B078828008D13823B300D507521F
MD5: 65876c66702ef08ab12843c201f8a4d2
Determination: GOOD
C:\WINDOWS\SysWOW64\photowiz.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{60fd46de-f830-4894-a628-6fa81bc0190d} %DESC_PublishDropTarget%
PX5: 2C01152C009D1EAFB20502EB0E3E6500A84E7530
MD5: 94ea343f7552c76e390b3de8f40968b9
Determination: GOOD
C:\WINDOWS\SysWOW64\mmcshext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7A80E4A8-8005-11D2-BCF8-00C04F72C717} MMC Icon Handler
PX5: 2C6CC1030077AB30F0D000F12772D30070887C1C
MD5: e1092c30cda2b0532ebab2285379b9a5
Determination: GOOD
C:\WINDOWS\system32\cabview.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0CD7A5C0-9F37-11CE-AE65-08002B2E1262} .CAB file viewer
PX5: A16F120C0025D6A54A5201DFBB8EC700FF8BD8EE
MD5: c593d46580b947c2e41a62df0aaa03dd
Determination: GOOD
C:\Program Files (x86)\Outlook Express\wabfind.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{32714800-2E5F-11d0-8B85-00AA0044F941} For &People...
PX5: F220AF2200D64DF2827C00F978D8C000EB0A316C
MD5: 3dcc9b6e18498057ccd86a179cd914dd
Determination: GOOD
C:\WINDOWS\SysWOW64\wmpshell.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8DD448E6-C188-4aed-AF92-44956194EB1F} Windows Media Player Burn Audio CD Context Menu Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C} Windows Media Player Play as Playlist Context Menu Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD} Windows Media Player Add to Playlist Context Menu Handler
PX5: A257F2F40064E0C786EE01FC6369D9005D6B5CD4
MD5: ec4857574f466cb8e8d7af92d7830a56
Determination: GOOD
C:\Program Files (x86)\Eset\nodshex.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B089FE88-FB52-11D3-BDF1-0050DA34150D} NOD32 Context Menu Shell Extension
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\NOD32 Context Menu Shell Extension\(default) {B089FE88-FB52-11D3-BDF1-0050DA34150D}
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\NOD32 Context Menu Shell Extension\(default) {B089FE88-FB52-11D3-BDF1-0050DA34150D}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\NOD32 Context Menu Shell Extension\(default) {B089FE88-FB52-11D3-BDF1-0050DA34150D}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\NOD32 Context Menu Shell Extension\(default) {B089FE88-FB52-11D3-BDF1-0050DA34150D}
PX5: 61D881D60036EEB6E012003364DBB100C78DD908
MD5: 5d64886847e11be8aabbc322ec2cefa4
Determination: GOOD
C:\WINDOWS\system32\browseui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{21569614-B795-46b1-85F4-E737A8DC09AD} Shell Search Band
PX5: 344F668400F54DD2C4020FA480DC8200B4FC71B5
MD5: eda3d567cc189c5eeabd380e5c911052
Determination: GOOD
C:\WINDOWS\syswow64\Audiodev.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{640167b4-59b0-47a6-b335-a6b3c0695aea} Portable Media Devices
PX5: 4BE217500087C5F13A360430E7958900806DA483
MD5: 4c48f1b30a82583caee0da02dd7259ee
Determination: GOOD
C:\Program Files (x86)\MSN Messenger\fsshext.8.1.0178.00.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} Messenger Sharing Folders
PX5: 8843DBEC703CE08BE7AC042B1C39BD0022FB3418
MD5: 9cb1085b64b2426a0640f2dc126a96b5
Determination: GOOD
C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\MSONSEXT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} Web Folders
PX5: D675DB1D2060CBE5CFB50EB8C6C8FA00477529A2
MD5: 43ce38570294fff605161343e6c334c2
Determination: GOOD
C:\WINDOWS\SysWOW64\dfshim.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{e82a2d71-5b2f-43a0-97b8-81be15854de8} ShellLink for Application References
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} Shell Icon Handler for Application References
PX5: 494A923700854E7646D901138F98BF001434DC1A
MD5: b3511383c8be3a8c5b88a78971fc1141
Determination: GOOD
C:\Program Files (x86)\WinRAR\rarext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B41DB860-8EE4-11D2-9906-E49FADC173CA} WinRAR shell extension
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\WinRAR32\(default) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\WinRAR32\(default) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\WinRAR32\(default) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\WinRAR32\(default) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\WinRAR32\(default) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\WinRAR32\(default) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\DragDropHandlers\WinRAR32\(default) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\DragDropHandlers\WinRAR32\(default) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\DragDropHandlers\WinRAR32\(default) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\DragDropHandlers\WinRAR32\(default) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
PX5: 3D78E7C200E17F46F8670128E3FBB80096A203A3
MD5: 2f636c9ddbc4b1b31285505f8cc7b8b5
Determination: GOOD
C:\Program Files (x86)\WinZip\WZSHLSTB.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E0D79304-84BE-11CE-9641-444553540000} WinZip
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E0D79305-84BE-11CE-9641-444553540000} WinZip
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E0D79306-84BE-11CE-9641-444553540000} WinZip
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E0D79307-84BE-11CE-9641-444553540000} WinZip
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\WinZip\(default) {E0D79304-84BE-11CE-9641-444553540000}
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\WinZip\(default) {E0D79304-84BE-11CE-9641-444553540000}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\WinZip\(default) {E0D79304-84BE-11CE-9641-444553540000}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\WinZip\(default) {E0D79304-84BE-11CE-9641-444553540000}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\WinZip\(default) {E0D79304-84BE-11CE-9641-444553540000}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\WinZip\(default) {E0D79304-84BE-11CE-9641-444553540000}
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\DragDropHandlers\WinZip\(default) {E0D79305-84BE-11CE-9641-444553540000}
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\DragDropHandlers\WinZip\(default) {E0D79305-84BE-11CE-9641-444553540000}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\DragDropHandlers\WinZip\(default) {E0D79305-84BE-11CE-9641-444553540000}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\DragDropHandlers\WinZip\(default) {E0D79305-84BE-11CE-9641-444553540000}
PX5: F62C43B200CC9E3F14DE0035690D4C001C59B4B1
MD5: e819e2d346b943f9562436e1abb50eae
Determination: GOOD
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} Adobe.Acrobat.ContextMenu
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\Adobe.Acrobat.ContextMenu\(default) {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802}
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\Adobe.Acrobat.ContextMenu\(default) {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Adobe.Acrobat.ContextMenu\(default) {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Adobe.Acrobat.ContextMenu\(default) {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802}
PX5: F71266A98080A2AC769A0A0F646F4C00DB6E34DA
MD5: 127195c3ccb0b8a884bd14afb6ec3f48
Determination: GOOD
C:\Program Files (x86)\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A} Nokia Phone Browser
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\Nokia\(default) {416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\Nokia\(default) {416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}
PX5: 955D6D9400F44D159694089F7513D900A232EE2E
MD5: 600d719d720715b28c3234c624e95bab
Determination: GOOD
C:\Program Files (x86)\Common Files\Autodesk Shared\Thumbnail\AcDwfThmbPrxy16.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6DEA92E9-8682-4b6a-97DE-354772FE5727} Autodesk DWF Preview
PX5: C6FA699C7822E9CE9803009C9A04CA003A045FCB
MD5: eaac64645a6162ee9ce5ad870f958d17
Determination: GOOD
C:\Program Files (x86)\Common Files\Autodesk Shared\Thumbnail\AcThumbnail16.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{AC1DB655-4F9A-4c39-8AD2-A65324A4C446} Autodesk Drawing Preview
PX5: 89362F0D788726D4D2C400E8A6DBC1008CDBF432
MD5: bf16d55b3175f708a11539cea66a9045
Determination: GOOD
C:\Program Files (x86)\Microsoft Office\Office12\OLKFSTUB.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0006F045-0000-0000-C000-000000000046} Microsoft Office Outlook Custom Icon Handler
PX5: 242AD663381F7392E38F033485E3F9004920B95E
MD5: 29553bcb3f0709ce3d5069566d67e41e
Determination: GOOD
C:\Program Files (x86)\Microsoft Office\Office12\MLSHEXT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{00020D75-0000-0000-C000-000000000046} Microsoft Office Outlook Desktop Icon Handler
PX5: 19A2588F40431CEB5346002E99A3FA000AC32B1C
MD5: dbe2a68730f058cd5ca454415b02dfc7
Determination: GOOD
C:\Program Files (x86)\Microsoft Office\Office12\ONFILTER.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} Microsoft Office OneNote Namespace Extension for Windows Desktop Search
PX5: 1481FA5D3869204D1B4E01C564D6CD000B2874D6
MD5: 7b952e19fe5fcb2f2a8737544564631d
Determination: GOOD
C:\Program Files (x86)\Microsoft Office\Office12\msohevi.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{42042206-2D85-11D3-8CFF-005004838597} Microsoft Office HTML Icon Handler
PX5: B76A153A384B2B52EFCF00A97222A400AACDE5E5
MD5: 63368d3e65aace7d26f69d8b29384243
Determination: GOOD
C:\Program Files (x86)\a-squared Free\a2freecontmenu.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A155339D-CCCD-4714-85EB-3754B804C9DF} a-squared Free Shell Extension
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\a-squared Free Shell Extension\(default) {A155339D-CCCD-4714-85EB-3754B804C9DF}
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\a-squared Free Shell Extension\(default) {A155339D-CCCD-4714-85EB-3754B804C9DF}
PX5: 2DC32EDD909DF5714C2B03139648A400FFC160C8
MD5: 80bef750167f69aeeeebc229e37fdcc3
Determination: GOOD
C:\WINDOWS\SysWOW64\stobject.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\SysTray {35CEC8A3-2BE6-11D2-8773-92E220524153}
PX5: BB974B5D007E611CE01601717748AD0094CD2456
MD5: 52688140113d976a131ee616caef59af
Determination: GOOD
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\MiniDumpAuxiliaryDlls\C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
PX5: B885D7570011A1C33E580C3C0EDB9F0028F9BD5D
MD5: 233ce7c252d3ac7de4a793c45b6f4cc3
Determination: GOOD
C:\WINDOWS\system32\schannel.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\SecurityProviders\SecurityProviders msapsspc.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Security Packages kerberos
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService\14 schannel.dll
PX5: 76E5B2EF0037C50F3E4802B0166F440045BF1FCA
MD5: 80296dba3a86f9b7b5ed89ef3f1cda41
Determination: GOOD
C:\WINDOWS\system32\digest.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\SecurityProviders\SecurityProviders msapsspc.dll
PX5: 1EA99B820034C2E3187D018D811D5B00198A6F4F
MD5: 4e8825943c1fca374c5d8aa5e56b4493
Determination: GOOD
C:\Program Files (x86)\Adobe\Reader 8.0\Reader\pdfprevhndlrshim.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\PreviewHandlers\{49400A7C-81A8-4F52-8CCE-D54739EE87EC} Adobe PDF Preview Handler
PX5: 623D7460882DBAFD90910060B8205E0036350873
MD5: 54caaebac648af1ba1f943046a824356
Determination: GOOD
C:\Program Files (x86)\Adobe\Reader 8.0\Reader\pdfprevhndlr.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\PreviewHandlers\{DC6EFB56-9CFA-464D-8880-44885D7DC193} Adobe PDF Preview Handler for Vista
PX5: 3BD592F470063CF846ED01556DDA8700DCEF7EC5
MD5: ea24a77157a310f434144a9d71ba05aa
Determination: GOOD
C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\PreviewHandlers\{00020827-0000-0000-C000-000000000046} Microsoft Office Excel previewer
PX5: C3DED0B028E8D570FFCD104BDB4E24019A811550
Determination: GOOD
C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\PreviewHandlers\{65235197-874B-4A07-BDC5-E65EA825B718} Microsoft Office PowerPoint previewer
PX5: 2780A5FD30368E40193B0721B9231F0016EC6751
MD5: dc53ba349c9284775893b5377e860f2e
Determination: GOOD
C:\Program Files (x86)\Microsoft Office\Office12\VPREVIEW.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\PreviewHandlers\{21E17C2F-AD3A-4b89-841F-09CFE02D16B7} Microsoft Office Visio previewer
PX5: 44B1B17B38486A4481F200B577E1290001CF1B7F
MD5: 16110cc8422078f4707895caab470bfe
Determination: GOOD
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\PreviewHandlers\{84F66100-FF7C-4fb4-B0C0-02CD7FB668FE} Microsoft Office Word previewer
PX5: E0D9B1D328959E3A4DDA05E45E7F6C00DD4DF8BA
MD5: ceaa5817a65e914aa178b28f12359a46
Determination: GOOD
C:\Program Files (x86)\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\PreviewHandlers\{97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} NeroCoverEd Live Icons
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Cover Designer\(default) {73FCA462-9BD5-4065-A73F-A8E5F6904EF7}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Cover Designer\(default) {73FCA462-9BD5-4065-A73F-A8E5F6904EF7}
PX5: D68266E928087EB7256620B1AFFFB7003331FE52
MD5: 3bb0e9c6db4aa1fbaaff1ae08fb2bc7a
Determination: GOOD
C:\WINDOWS\Resources\themes\Luna\Luna.msstyles
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Themes\InstallVisualStyle %SystemRoot%\Resources\themes\Luna\Luna.msstyles
PX5: 1A212FC6906DC29DF0DF3F7D42FFFF0057C10F44
Determination: GOOD
C:\WINDOWS\system32\msv1_0.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Authentication Packages msv1_0
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Security Packages kerberos
PX5: 26523A0900AE4E77309B02C2AD6D2800A933CC28
MD5: 03eae83c49d581619f821d19f714acf8
Determination: GOOD
C:\WINDOWS\system32\kerberos.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Security Packages kerberos
PX5: 88769CFF0017CF465AC4053D6A7E7300EF426517
MD5: 74d85e6c5323a9b7c41136e8f96c9d0d
Determination: GOOD
C:\WINDOWS\system32\wdigest.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Security Packages kerberos
PX5: DF2D5F6E0010C5C62A0D016BEA12C3003A5FD800
MD5: 154eab9387b9d7bdf60a72fb80563df8
Determination: GOOD
C:\WINDOWS\system32\rdpsnd.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP\mixer rdpsnd.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP\wave rdpsnd.dll
PX5: B66ADE260077C7A248560051FE0DEC0031C83D75
MD5: 43849ba31d8a939685a05f37104da3a3
Determination: GOOD
C:\WINDOWS\system32\imaadp32.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.imaadpcm imaadp32.acm
PX5: 3F1A1F5A00E997B13E4C00503DDE90002055B16E
MD5: 62aec4de4b78771d0c2daac8f42d4a22
Determination: GOOD
C:\WINDOWS\system32\msadp32.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.msadpcm msadp32.acm
PX5: 98A217290067EB133A8500C82D342B00C4CCEE66
MD5: e5cc3a78f0646c52825f7ac6c114850a
Determination: GOOD
C:\WINDOWS\system32\msg711.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.msg711 msg711.acm
PX5: 824222F500FF2D0728E6008FAC771100A4EE0471
MD5: 5bba317ff7ae77737642d86375834806
Determination: GOOD
C:\WINDOWS\system32\msgsm32.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.msgsm610 msgsm32.acm
PX5: 81153C8B0023F11E52AA0021B85A6800AFBD06CE
MD5: 0b491d2832d23404ade6d1d8e20690f5
Determination: GOOD
C:\WINDOWS\system32\tssoft32.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.trspch tssoft32.acm
PX5: 618422C500D4BF622667003B3C2E0700E6BA9C2C
MD5: 80c27169fcc4d200a04fc311e8d395c3
Determination: GOOD
C:\WINDOWS\system32\iccvid.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.cvid iccvid.dll
PX5: 0C1BB90900954A1232D201DD5EBA1500D6B27663
MD5: d3767ac398490c74aef02c31c41cc80c
Determination: GOOD
C:\WINDOWS\system32\ir32_32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.iv31 ir32_32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.iv32 ir32_32.dll
PX5: B100F45000BD896D0ADE030FBB68A700D1073558
MD5: b11a44127ae203ca08f9bd40f7c94bc7
Determination: GOOD
C:\WINDOWS\system32\ir41_32.ax
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.iv41 ir41_32.ax
PX5: 781891F800E2EF87F2C00CE416973B008C56FBC1
MD5: e324301465d215ca4b76c76c80c57dec
Determination: GOOD
C:\WINDOWS\SysWOW64\ir50_32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.iv50 C:\WINDOWS\SysWOW64\ir50_32.dll
PX5: F47B062400E0313586120B2D775CCD00834589A5
MD5: ad6e79e0d5c9eea7bdf3fcd236267900
Determination: GOOD
C:\WINDOWS\system32\iyuv_32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.iyuv iyuv_32.dll
PX5: 49E7395B0043794FBA3500F578D93700E5C2550F
MD5: 40683b7c8f90e4a2f418e9c3192e7667
Determination: GOOD
C:\WINDOWS\system32\msrle32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.mrle msrle32.dll
PX5: 217BA8DA00A850E32A9D005976EEBA00DDF8A029
MD5: 3a51430d6b7afcb782bdcac185a8c8e6
Determination: GOOD
C:\WINDOWS\system32\msvidc32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.msvc msvidc32.dll
PX5: DE2BEDC20004A09E6A840039E71DE80036CF6790
MD5: 7de852ad67b28c58997a415372396d7b
Determination: GOOD
C:\WINDOWS\system32\msyuv.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.uyvy msyuv.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.yuy2 msyuv.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.yvyu msyuv.dll
PX5: 4B004A3700D86BC7424F0023BD4E3B0089288D95
MD5: 9ae9c41ae4ee555023d4e31f0c50f01c
Determination: GOOD
C:\WINDOWS\system32\tsbyuv.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.yvu9 tsbyuv.dll
PX5: DEE5047D00A533CB200600C11992ED001589F6C7
MD5: 746a4786d93971361423b7e413ca107e
Determination: GOOD
C:\WINDOWS\system32\msaud32.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.msaudio1 msaud32.acm
PX5: 50EA9348008C1B9480F704F04333E500E3F07EFC
MD5: 3b699eb5737ca1538360e65841fff78a
Determination: GOOD
C:\WINDOWS\system32\sl_anet.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.sl_anet sl_anet.acm
PX5: 3CC6F85000EC1B705008017602D8D300DA52EC8B
MD5: a778dd12b344dbe55d2b80707485e9c7
Determination: GOOD
C:\WINDOWS\system32\msg723.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.msg723 msg723.acm
PX5: 315780C500B61CC8E0D50196459A6A00E382244A
MD5: a470a4a81ae30f29ef26d746c35d926c
Determination: GOOD
C:\WINDOWS\system32\msh263.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.M263 msh263.drv
PX5: 4D53C14F00C3B2EF804F04B8E04C1400A909B1CA
MD5: 26d60ab3d2f861b39081c3e1ae4f23c2
Determination: GOOD
C:\WINDOWS\system32\msh261.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.M261 msh261.drv
PX5: 7959625400BF8E76E0A302DF7D9F8200E424817B
MD5: f9f192ae1a5917e0264e08bd8a243947
Determination: GOOD
C:\WINDOWS\SysWOW64\l3codeca.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.l3acm C:\WINDOWS\SysWOW64\l3codeca.acm
PX5: 929B2B8E005EC8F670E404F598BBD3001446844D
MD5: d67821468716fd34290dd39e4ba7ab84
Determination: GOOD
C:\WINDOWS\system32\DivX.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.DIVX DivX.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.yv12 DivX.dll
PX5: 724935205A81D9D34CF60B56A8915100614C1406
MD5: cf27f9f4c488b9628080e0fc47f77f79
Determination: GOOD
C:\WINDOWS\system32\sirenacm.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.siren sirenacm.dll
PX5: 92D29F56708DC7D2C7BF005BB97C8A00D5F934F9
MD5: c2bde52e48e668fe6f95c40bba7aa310
Determination: GOOD
C:\WINDOWS\system32\cmd.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\SafeBoot\AlternateShell cmd.exe
PX5: 29BD5EF800093548F03305D9712BE7001E648512
MD5: 49a5f0a9a539780ba5a1a202416915a0
Determination: GOOD
C:\WINDOWS\SysWOW64\input.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\Input %SystemRoot%\SysWOW64\input.dll
PX5: 483D66AE003FDBE1029A0232E79511007AB7762B
MD5: 45ba22ec2abbcc15f02c89fadef967ff
Determination: GOOD
C:\Program Files (x86)\Common Files\Microsoft Shared\Speech\sapi.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\Speech C:\Program Files (x86)\Common Files\Microsoft Shared\Speech\sapi.cpl
PX5: 3809969300306BD87053026B9580A900762CF292
MD5: 16ccabfa54632927f28e4b8fa8fa465c
Determination: GOOD
C:\Program Files (x86)\Nokia\Nokia PC Suite 6\ConnectionManager.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\NokiaConnectionManager C:\PROGRA~2\Nokia\NOKIAP~1\CONNEC~1.CPL
PX5: 31DFEC5200A5B5EC802600953A1DFE00D58F12A6
MD5: 51df47d00331fe3dc14ccf9686a305ed
Determination: GOOD
C:\Program Files (x86)\Microsoft Office\Office12\MLCFG32.CPL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\mlcfg32.cpl C:\PROGRA~2\MICROS~2\Office12\MLCFG32.CPL
PX5: 7C810CE440F34A90451701C7F0577100E02E8640
MD5: cd2e930e206f5d6647c12c0bcb614101
Determination: GOOD
C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\QuickTime C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.cpl
PX5: 004E1EBD00D799B9F05D154123E1C300687B8B77
MD5: ad9e7b018c0dbb949aba79940f80e708
Determination: GOOD
C:\Program Files (x86)\Nero\Nero8\Nero Toolkit\NeroBurnRights.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\Nero BurnRights C:\Program Files (x86)\Nero\Nero8\Nero Toolkit\NeroBurnRights.cpl
PX5: 3CB215F628EA39ECE5570A4D9DD9240061583EB9
MD5: a222dcec2f1ca2f832eb9837fb538d17
Determination: GOOD
C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\Adobe Gamma C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma.cpl
PX5: 5A3F558C0007D094104A0406613681009301CDED
MD5: 130de5bd97bac6d112b395cf82caa34a
Determination: GOOD
C:\WINDOWS\system32\Magnify.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Accessibility\Utility Manager\Magnifier\Application path Magnify.exe
PX5: 9915D702003C437D1CF00166988080001193E06F
MD5: 8517a01b18528a1038051564a7116f9c
Determination: GOOD
C:\WINDOWS\system32\Narrator.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Accessibility\Utility Manager\Narrator\Application path Narrator.exe
PX5: 7C86AA13000E5556D60200ED6D41BE008E4D5966
MD5: e0d9804502d989f7e58a87c62a078aa6
Determination: GOOD
C:\WINDOWS\system32\osk.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Accessibility\Utility Manager\On-Screen Keyboard\Application path osk.exe
PX5: 767773330075D09E48DB038C4E5DE0002B2C2232
MD5: 69d031e5da86c96efdbb223cd7e658eb
Determination: GOOD
C:\WINDOWS\system32\secur32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService secur32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService\10 secur32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService\16 secur32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService secur32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService\18 secur32.dll
PX5: DB2C818A0086AAFB041201D4AA98E000ACBBF78D
MD5: a4383422c69cf3bec53a939c84f92b60
Determination: GOOD
C:\WINDOWS\system32\netlogon.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService\68 netlogon.dll
PX5: D63719AB00FDCAE292AC0633CB953E0003D29AAE
MD5: 451564b8f22461d90cf8ed3945637845
Determination: GOOD
C:\WINDOWS\system32\rpcrt4.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols\ncacn_np rpcrt4.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols\ncacn_ip_tcp rpcrt4.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols\ncadg_ip_udp rpcrt4.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols\ncacn_http rpcrt4.dll
PX5: 3DB7068E00357FD79AAA09D4569C0A00F09C3091
MD5: 37b220096eeb92bcf20dccc17dfcd819
Determination: GOOD
C:\Program Files (x86)\Common Files\Microsoft Shared\GRPHFLT\GIFIMP32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Export\GIF\Path C:\PROGRA~2\COMMON~1\MICROS~1\GRPHFLT\GIFIMP32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\GIF\Path C:\PROGRA~2\COMMON~1\MICROS~1\GRPHFLT\GIFIMP32.FLT
PX5: 84D2B872388981F9BD570329B226A900A8152FCD
MD5: 60393cff519afdad18982da92bace3ab
Determination: GOOD
C:\Program Files (x86)\Common Files\Microsoft Shared\GRPHFLT\JPEGIM32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Export\JPEG\Path C:\PROGRA~2\COMMON~1\MICROS~1\GRPHFLT\JPEGIM32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\JPEG\Path C:\PROGRA~2\COMMON~1\MICROS~1\GRPHFLT\JPEGIM32.FLT
PX5: 01E5873538811227C15E021F73B8120084D63B31
MD5: 5a23f9fcf1f172a674097a973c1abd7a
Determination: GOOD
C:\Program Files (x86)\Common Files\Microsoft Shared\GRPHFLT\PNG32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Export\PNG\Path C:\PROGRA~2\COMMON~1\MICROS~1\GRPHFLT\PNG32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\PNG\Path C:\PROGRA~2\COMMON~1\MICROS~1\GRPHFLT\PNG32.FLT
PX5: 3DC90F9B380731FB899903BA4067C600393AB42F
MD5: deb4afadfe51967a6121398049325364
Determination: GOOD
C:\Program Files (x86)\Common Files\Microsoft Shared\GRPHFLT\CGMIMP32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\CGM\Path C:\PROGRA~2\COMMON~1\MICROS~1\GRPHFLT\CGMIMP32.FLT
PX5: 26C2B8042076260C05B7049773A9E200D60DDEF4
MD5: da4f5552e2ae7eb472fb00b1a2467d9d
Determination: GOOD
C:\Program Files (x86)\Common Files\Microsoft Shared\GRPHFLT\EPSIMP32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\EPS\Path C:\PROGRA~2\COMMON~1\MICROS~1\GRPHFLT\EPSIMP32.FLT
PX5: 0459F1B8487E1E81CD7806AE91D486001F6FEA5A
MD5: b8e114bf915b74e9e64aba6888c46cb6
Determination: GOOD
C:\Program Files (x86)\Common Files\Microsoft Shared\GRPHFLT\PICTIM32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\PICT\Path C:\PROGRA~2\COMMON~1\MICROS~1\GRPHFLT\PICTIM32.FLT
PX5: CA1A9E5C30DCADAFF36D000C1B333A001F7FA9AB
MD5: 331b82cffb198fc29b005bebdebdc352
Determination: GOOD
C:\Program Files (x86)\Common Files\Microsoft Shared\GRPHFLT\WPGIMP32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\WPG\Path C:\PROGRA~2\COMMON~1\MICROS~1\GRPHFLT\WPGIMP32.FLT
PX5: 61FB3A4140D1E8CFB92E02968B03DB00348C36FD
MD5: 9a9269eb5bc5b36b0d8e106cf088277c
Determination: GOOD
C:\Program Files (x86)\Autodesk\Backburner\Server.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSInfo\Categories\Applications12\Environment\ServerExtensions\(default) Local Web Server Extensions
PX5: 7CDC344100E6C162B0310109F36C4C001655EE91
MD5: 1295c48458c76304ef5172609897fe6b
Determination: GOOD
C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\OINFO12.OCX
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSInfo\Templates\OInfo12\(default) C:\PROGRA~2\COMMON~1\MICROS~1\MSINFO\OINFO12.OCX
PX5: B45475B3587EA55E71680852EEE514004E4B4AFB
MD5: d081d5532d4de8432b584d9e74b6e70b
Determination: GOOD
C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\MSInfo32.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSInfo\Path C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\MSInfo32.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSInfo\Path C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\MSInfo32.exe
PX5: 561A56F70081C39AA8CA0068E773D70059FC9D4A
MD5: 80ef38b8260eb210dd0d3f3832090557
Determination: GOOD
C:\Program Files (x86)\Microsoft Office\Office12\MSQRY32.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSQuery\Path C:\PROGRA~2\MICROS~2\Office12\MSQRY32.EXE
PX5: 74830D4F1878708741130A804B9A780043C66B06
MD5: 9b652187d92be2c3852d622a30b02069
Determination: GOOD
C:\Program Files (x86)\Common Files\Microsoft Shared\TextConv\html32.cnv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\HTML\Path C:\Program Files (x86)\Common Files\Microsoft Shared\TextConv\html32.cnv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\HTML\Path C:\Program Files (x86)\Common Files\Microsoft Shared\TextConv\html32.cnv
PX5: 4D9506A9385CE7D6C22D044B3348F800EABDC1BF
MD5: 20b2a413befa1b0d309416bf8228dc95
Determination: GOOD
C:\Program Files (x86)\Microsoft Office\Office12\Wordcnvpxy.cnv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\MEWord12\Path C:\Program Files (x86)\Microsoft Office\Office12\Wordcnvpxy.cnv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\Word12\Path C:\Program Files (x86)\Microsoft Office\Office12\Wordcnvpxy.cnv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\Word97\Path C:\Program Files (x86)\Microsoft Office\Office12\Wordcnvpxy.cnv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MEWord12\Path C:\Program Files (x86)\Microsoft Office\Office12\Wordcnvpxy.cnv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\Word12\Path C:\Program Files (x86)\Microsoft Office\Office12\Wordcnvpxy.cnv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\Word97\Path C:\Program Files (x86)\Microsoft Office\Office12\Wordcnvpxy.cnv
PX5: 866A893D1893730D69BA00B5F7B862005D0684E8
MD5: c396093cf40fc44d54390b6de5b5a975
Determination: GOOD
C:\Program Files (x86)\Common Files\Microsoft Shared\Textconv\works632.cnv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\MSWorksWin6\Path C:\Program Files (x86)\Common Files\Microsoft Shared\Textconv\works632.cnv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWorksWin6\Path C:\Program Files (x86)\Common Files\Microsoft Shared\Textconv\works632.cnv
PX5: 5B8862FF082FB0E34BA60152692FD400F277144C
MD5: cc9698cb84ac18df14e70580fc4028f1
Determination: GOOD
C:\Program Files (x86)\Common Files\Microsoft Shared\TextConv\write32.wpc
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWinWrite.wpc\Path C:\Program Files (x86)\Common Files\Microsoft Shared\TextConv\write32.wpc
PX5: 71A6A3C449C4AC08B01A01656F55D1006E95F572
MD5: 418a4911e0631e173fcc4ad7c5176a06
Determination: GOOD
C:\Program Files (x86)\Common Files\Microsoft Shared\TextConv\mswrd632.wpc
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWord6.wpc\Path C:\Program Files (x86)\Common Files\Microsoft Shared\TextConv\mswrd632.wpc
PX5: 255241CE4A8E0D0D40E903D813E15E00D292DDE5
MD5: 686155de39425dac10b7a6abc3b20157
Determination: GOOD
C:\Program Files (x86)\Common Files\Microsoft Shared\TextConv\MSWRD832.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWord8\Path C:\PROGRA~2\COMMON~1\MICROS~1\TEXTCONV\MSWRD832.CNV
PX5: FFD049CEE8B5A59C5034037431BA7D000D434F86
MD5: 54eb377c95c64b5a1278f33bd57e6b81
Determination: GOOD
C:\Program Files (x86)\Common Files\Microsoft Shared\TextConv\RECOVR32.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\Recover\Path C:\PROGRA~2\COMMON~1\MICROS~1\TEXTCONV\RECOVR32.CNV
PX5: D0F5F460284668FE7BBD00FA98D0DA004FD51DB0
MD5: 7ce29c1345deca41dc37eb641a32c11a
Determination: GOOD
C:\Program Files (x86)\Common Files\Microsoft Shared\TextConv\WPFT632.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\WordPerfect6x\Path C:\PROGRA~2\COMMON~1\MICROS~1\TEXTCONV\WPFT632.CNV
PX5: 93C03FC128E7A57B752F03C8E85F32002C8CB93D
MD5: c27dc4e12acf1a3271159ac1b3bbaa36
Determination: GOOD
C:\Program Files (x86)\Common Files\Microsoft Shared\TextConv\WPFT532.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\WrdPrfctDos\Path C:\PROGRA~2\COMMON~1\MICROS~1\TEXTCONV\WPFT532.CNV
PX5: B1947D83283E3624B51A02E0157C22005B75F841
MD5: cff3ad11873cbf254aba6e30472e4958
Determination: GOOD
C:\Program Files (x86)\Common Files\ESRI\esriShellExt.dll
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{4A681BEC-7727-49BD-B695-79F8354CD2E5}\(default) PMF Custom Columns
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{4A681BEC-7727-49BD-B695-79F8354CD2E5}\(default) PMF Custom Columns
PX5: 566D1AC42F27CCCB100F0DE45EF88C000E9DD9EF
MD5: 43a6377cbfe65cbc9c97dbbe0d051a1d
Determination: GOOD
C:\Program Files (x86)\Common Files\Nero\Lib\NeroDigitalExt.dll
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{7D4D6379-F301-4311-BEBA-E26EB0561882}\(default) NeroDigitalExt.NeroDigitalColumnHandler
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{7D4D6379-F301-4311-BEBA-E26EB0561882}\(default) NeroDigitalExt.NeroDigitalColumnHandler
PX5: 2DDDD9052838B40185001BA22A69C30059E02F6B
MD5: 1a4fb5689e61c3d871abee900c8a0a2b
Determination: GOOD
C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{F9DB5320-233E-11D1-9F84-707F02C10627}\(default) PDF Column Info
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{F9DB5320-233E-11D1-9F84-707F02C10627}\(default) PDF Column Info
PX5: 8C22B1270080452CB0520538F9A2700042807472
MD5: 2094bc9a0fc9c0e15eea5f4a9581dd14
Determination: GOOD
C:\Program Files (x86)\MagicISO\misosh.dll
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\MagicISO\(default) {DB85C504-C730-49DD-BEC1-7B39C6103B7A}
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\MagicISO\(default) {DB85C504-C730-49DD-BEC1-7B39C6103B7A}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\MagicISO\(default) {DB85C504-C730-49DD-BEC1-7B39C6103B7A}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\MagicISO\(default) {DB85C504-C730-49DD-BEC1-7B39C6103B7A}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\MagicISO\(default) {DB85C504-C730-49DD-BEC1-7B39C6103B7A}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\MagicISO\(default) {DB85C504-C730-49DD-BEC1-7B39C6103B7A}
PX5: 91352729005BFDA9520D000148A3DE009763B600
MD5: f2f7b5173ba494fa23cd17e3e3027aa4
Determination: GOOD
C:\Program Files (x86)\Common Files\Autodesk Shared\dwf Common\DWFShellExtension.dll
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Autodesk.DWF.ContextMenu\(default) {6C18531F-CA85-45F7-8278-FF33CF0A5964}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Autodesk.DWF.ContextMenu\(default) {6C18531F-CA85-45F7-8278-FF33CF0A5964}
PX5: D64EA1977030815F768F2CFAC70B4C00598385E8
MD5: 236d1a0f010675a8c7a9e3aa140aa8bd
Determination: GOOD
C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBShell.dll
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\DragDropHandlers\NBShellHook\(default) {100BD527-7304-4b7f-BEE2-26D97B04EBA4}
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\DragDropHandlers\NBShellHook\(default) {100BD527-7304-4b7f-BEE2-26D97B04EBA4}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\DragDropHandlers\NBShellHook\(default) {100BD527-7304-4b7f-BEE2-26D97B04EBA4}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\DragDropHandlers\NBShellHook\(default) {100BD527-7304-4b7f-BEE2-26D97B04EBA4}
PX5: AE428927283A8C3CE51403FB259D7700BC34ACDB
MD5: 59f1588005de7d57ce7a859002c10863
Determination: GOOD
C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ClsidExtension {48E73304-E1D6-4330-914C-F5F514E3486C}
PX5: 4E9AF23F60CA00EB37CB097300C767005185D0CA
MD5: 80c412b3e7304fe87c9cdb1836f0160a
Determination: GOOD
C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}\BandCLSID {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
PX5: 5A156D0CE89832909DBD009F2C4436007A78B38A
MD5: 7fc19da1dc70c78d2fbd7a1d10942051
Determination: GOOD
C:\Program Files (x86)\Common Files\Autodesk Shared\acstart16.exe
Loaded from: FILE
PX5: D26FB66F784CDF512A3100E1A8F5D400A4613170
MD5: 573fbdcc2704016e8f7b0ce435092ca1
Determination: GOOD
C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Loaded from: FILE
PX5: 2239093A00DFACBBBCB7015C24E82F009061170A
MD5: c2ff17734176cd15221c10044ef0ba1a
Determination: GOOD
C:\WINDOWS\system32\advpack.dll.mui
Loaded from: FILE
PX5: F9A4BD3D002F02DE287800CBF7A4B300336C1EE2
MD5: 31b73835d6bf0712c51f014119c7d005
Determination: GOOD
C:\WINDOWS\system32\ATL70.DLL
Loaded from: FILE
PX5: E285C84E0075DD944C7B01F60653B8000CC031C6
MD5: 48b5f0b89c1f354e366ca716d763b9a7
Determination: GOOD
C:\WINDOWS\system32\CmdLineExt_x64.dll
Loaded from: FILE
PX5: D90A50B6708D88D9BA260277ECFB2A0058F6D421
MD5: 38718c4e864dc8f8e1db0ef3b5566fa7
Determination: GOOD
C:\WINDOWS\system32\comsa32.sys
Loaded from: FILE
PX5: DF2E3E860860F4B1008D0034EB8FE80038C1A13B
C:\WINDOWS\system32\d3dx9_33.dll
Loaded from: FILE
PX5: 2EEE6ACF68AB2F14571735C68DF4AC00BB187797
Determination: GOOD
C:\WINDOWS\system32\drmgs.sys
Loaded from: FILE
PX5: 1FAA3D01286BF88A00E900D5CEB992007142E81B
C:\WINDOWS\system32\icardres.dll.mui
Loaded from: FILE
PX5: 09F861BA10DC82ECBB9D08EE88E2700061935D58
MD5: 24ec66c478e2bd8d117f5ab9f68883d7
Determination: GOOD
C:\WINDOWS\system32\ieframe.dll.mui
Loaded from: FILE
PX5: 9CD6813500FD1D1020170FDB40B84C005F91026A
MD5: 6c82f7c677455c45b8f54bdf98e49663
Determination: GOOD
C:\WINDOWS\system32\MFC70.DLL
Loaded from: FILE
PX5: 9261F223004F40B8E0460E9DBB8B1100EBA4234E
MD5: 09aef167eb1531e965053d0dcf6cc573
Determination: GOOD
C:\WINDOWS\system32\MFC70U.DLL
Loaded from: FILE
PX5: 83E0723100A88198B83A0E1ABA42EC00115854DA
MD5: c39dec838a5628de50d477e40359b5b7
Determination: GOOD
C:\WINDOWS\system32\microsoft.managementconsole.dll
Loaded from: FILE
PX5: 2D408CD700E23444D070025FCDAD2700C196AAA9
MD5: 8c3cdf57988f5ca09dc25bc26204f613
Determination: GOOD
C:\WINDOWS\system32\Mpeg2Decoder.ax
Loaded from: FILE
PX5: 796E572A0092CE22203D02F0A5067F00F522F74D
MD5: 83b6c4aa4797ed52871829e4d112f11c
Determination: GOOD
C:\WINDOWS\system32\Mpeg2Parser.ax
Loaded from: FILE
PX5: F592934000FE068D7093014A90008600517EF473
MD5: 0c2b204b1d1c43b834c0bc3e7016f2b0
Determination: GOOD
C:\WINDOWS\system32\MSVCI70.DLL
Loaded from: FILE
PX5: CB5F78EB009603A0D675009DE322D60079224884
MD5: ca3a59d92f479a17e5ca6a0e13896846
Determination: GOOD
C:\WINDOWS\system32\MSVCP70.DLL
Loaded from: FILE
PX5: 97FD0832003018F270F607F09DF447007EAD100A
MD5: d04f7aaca2319a3bcdb2c5d5dd6f6026
Determination: GOOD
C:\WINDOWS\system32\MSVCR70.DLL
Loaded from: FILE
PX5: 557F46BF00B8F62240C40522AB7B720047DFA04B
MD5: 9972a6ed4f2388dbfa8e0a96f6f3fdf1
Determination: GOOD
C:\WINDOWS\system32\ndt2.sys
Loaded from: FILE
PX5: 8C6A7A7200C81987DE190396B62AB500A7D21C47
MD5: 17c7ceb0e8bc20e14a75083677b08a27
Determination: BAD
Malware Group: Generic.Malware
C:\WINDOWS\system32\NeroCo.dll
Loaded from: FILE
PX5: 5F8BA3A9708438D175150150BCCCE50010D37698
MD5: 1bf254e8549db8fc57b1479cf8fd677c
Determination: GOOD
C:\WINDOWS\system32\pxhpinst.exe
Loaded from: FILE
PX5: 116C8F6600C94186D01C006BCB7C5C007BDBD9D5
MD5: 19b71e7a58963d6804bc09a2521236ad
Determination: GOOD
C:\WINDOWS\system32\python21.dll
Loaded from: FILE
PX5: B1F51C813D92C455D0480A20365EC800AA65FB81
MD5: 012c399b95003b14d2044c73784a6c08
Determination: GOOD
C:\WINDOWS\system32\PythonCOM21.dll
Loaded from: FILE
PX5: E377FDFA41626DAD9045041D0B4894003388173B
MD5: 24f9179cbf10185a7edec959d1593da2
Determination: GOOD
C:\WINDOWS\system32\PyWinTypes21.dll
Loaded from: FILE
PX5: 644C6566009ACC3B00850166A36C7A0035C10EB5
MD5: 05d555e85d4680b950fafbfbca5d69fa
Determination: GOOD
C:\WINDOWS\system32\QuickTime.qts
Loaded from: FILE
PX5: D526A824006A9631C0A100A1C398EC002FF308C8
MD5: d6b33f14e459d3a5e009e4ac81557a82
Determination: GOOD
C:\WINDOWS\system32\QuickTimeVR.qtx
Loaded from: FILE
PX5: E768070200C9E1E1005F013E2F2AC3005D53D40B
MD5: b181636df3f505f4991035e403373b44
Determination: GOOD
C:\WINDOWS\system32\unwise32.exe
Loaded from: FILE
PX5: 0DE66C4400B68B0E229F040FFF728B006FD73DA1
MD5: 88fb589bc5d4586877c8489eacb38c5f
Determination: GOOD
C:\WINDOWS\system32\wuapi.dll.mui
Loaded from: FILE
PX5: 15B24FB75881688B65B8003BBBFEF7008A2D6E08
MD5: 1aa9dce407877e18447c8f8faba9f888
Determination: GOOD
C:\WINDOWS\system32\wuaucpl.cpl.mui
Loaded from: FILE
PX5: BE2B42EB58F0D1FC65D500F3F222F300A624A989
MD5: 13f9012d1b9a2b09d6c59935fbc80781
Determination: GOOD
C:\WINDOWS\system32\wuaueng.dll.mui
Loaded from: FILE
PX5: 0D2E73A658AF67784F4800C6B823B10039A3C882
MD5: 7685d52bd413085c9d5ce2e698e34ea1
Determination: GOOD
C:\WINDOWS\system32\xinput1_3.dll
Loaded from: FILE
PX5: 2A439681683593613FBE01AEB0499F0029022233
MD5: 77f595dee5ffacea72b135b1fce1312e
Determination: GOOD
C:\WINDOWS\CDEALCX11Euro.ini
Loaded from: FILE
PX5: 2B30ED7519CF6159005A00A60A059400CEA1FBD0
C:\WINDOWS\Install_Studio11.log
Loaded from: FILE
PX5: 7817B11B13E5F6570017009656A1D800B82EBB63
C:\WINDOWS\Irremote.ini
Loaded from: FILE
PX5: 0D4CA7071AE69DC300B900F7449F7100718A2827
C:\WINDOWS\QTFont.for
Loaded from: FILE
PX5: E1034D75817709F3057F002D1EBD9600D5EAD02B
MD5: e1034d757709f37f2d1ebd96d5ead02b
Determination: GOOD
C:\WINDOWS\SA24C9F9D.tmp
Loaded from: FILE
PX5: EE23CB53181012A0007300D19EB7BA00C1B23374
C:\WINDOWS\UNNeroMediaHome.exe
Loaded from: FILE
PX5: F09F9A5228676CEAD55F0E8F51A7870033CAF165
MD5: bdb21aaf95c0a0c8a17415dfcca5d3c1
Determination: GOOD
C:\WINDOWS\UNRecode.exe
Loaded from: FILE
PX5: F09F9A5228676CEAD55F0E8F51A78700399D43D9
MD5: 4d0df409f77193219e377cf250e71bc5
Determination: GOOD
C:\WINDOWS\WindowsUpdate.log
Loaded from: FILE
PX5: CFF3917E430E6D701E281CB0291A96006F82DC5D
C:\WINDOWS\wpd99.drv
Loaded from: FILE
PX5: 21198A0D3B071AE900AD002174427500429AC4C3
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\L4SZT3SR\epson317770eu[1].exe
Loaded from: FILE
PX5: 630526A800CD52F2C067A0648830AA00383138B5
Determination: GOOD
C:\Documents and Settings\Administrator\Local Settings\Temp\Adobelm_Cleanup.0001
Loaded from: FILE
PX5: 74981AF93C281D87EA9000FD70E9140062F47848
MD5: 9fef04a50f79295c036cf000b0366ef8
Determination: GOOD
C:\Documents and Settings\Administrator\Local Settings\Temp\Twain001.Mtx
Loaded from: FILE
PX5: 309FC7D302BC53BB006300AC42E35900260AC740
C:\WINDOWS\Temp\478A3C00-F65D-444c-B0E9-6B75FCA1631F.txt
Loaded from: FILE
PX5: 06F2A791116A9F0C0049006DC8D9EA0018F673D1
C:\WINDOWS\system32\drivers\AsInsHelp32.sys
Loaded from: FILE
PX5: 41398BC000AC666D0DCC00229C6F2C00B79BCD14
MD5: 33c171de483ee145f31234d93b078919
Determination: GOOD
C:\WINDOWS\system32\drivers\AsInsHelp64.sys
Loaded from: FILE
PX5: 25EDB0A800C4CE131450001E6C189300578D7037
MD5: 52a611253f104fd00d65826e2dc833ba
Determination: GOOD
C:\WINDOWS\system32\drivers\AsIO.sys
Loaded from: FILE
PX5: D21C1DF60048D13C1A4D0089F6288F00355CE5D8
MD5: 0fe2b4ca72323261be16ed9b3fe694ff
Determination: GOOD
C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
Loaded from: FILE
PX5: A73AAFA5C01706ED1657005184698A000DFF3991
MD5: de91d0d73c3e61e6826d98fac2fac729
Determination: GOOD
C:\WINDOWS\system32\drivers\Pclepci.sys
Loaded from: FILE
PX5: 804316EA5562C049376400E921DDE200F7E0A52A
MD5: 1bebe7de8508a02650cdce45c664c2a2
Determination: GOOD
C:\WINDOWS\system32\drivers\pxhelp20.sys
Loaded from: FILE
PX5: 9902F30FD0EA401C8E5B006B877D110065A66291
MD5: f7bb4e7a7c02ab4a2672937e124e306e
Determination: GOOD
C:\WINDOWS\system32\drivers\SjyPkt.sys
Loaded from: FILE
PX5: A6D07FDEDC13E7BD347F009E014E7A001E983F34
MD5: 3d7ef286e806f9bd9339aa52e28dcd67
Determination: GOOD
C:\Program Files (x86)\desktop.ini
Loaded from: FILE
PX5: 81051BCC022CF1BE00DF00378224B000A93E2877
C:\Documents and Settings\All Users\Application Data\.zreglib
Loaded from: FILE
PX5: D1331E1A28EA89D4002C009CB5D6F500405BBAF7
C:\Documents and Settings\All Users\Application Data\desktop.ini
Loaded from: FILE
PX5: 88CF0FF93E2A4A9F00A700BD9B751300B2E9E22B
C:\Documents and Settings\All Users\Application Data\__FileUploader.log
Loaded from: FILE
PX5: 69B7022A18D974D9007B002490FFEF0044785B05
C:\Documents and Settings\Administrator\Application Data\desktop.ini
Loaded from: FILE
PX5: 88CF0FF93E2A4A9F00A700BD9B751300B2E9E22B
C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\Photoshop.exe
Loaded from: FILE
PX5: D21F9E6E00299B32404A2AFD3D410E01D2D81AD6
Determination: GOOD
C:\Program Files (x86)\Adobe\Adobe Premiere Pro 2.0\Adobe Premiere Pro.exe
Loaded from: FILE
PX5: AE9F5E94002EAA5470940761E07E1700FAD657B5
MD5: c40c01a960007e2e46e4e6384292f7a4
Determination: GOOD
C:\Documents and Settings\Administrator\Desktop\link.txt
Loaded from: FILE
PX5: 8448C101368D340700C300DA68A2A900049AA382
C:\Program Files (x86)\MagicISO\MagicISO.exe
Loaded from: FILE
PX5: D090BEFA0050B8415E391A3F71443700D495794C
MD5: 6d747f7483e2d9382725d69e4068b396
Determination: GOOD
C:\Program Files (x86)\THQ\MotoGP 2007\launcher.exe
Loaded from: FILE
PX5: 511610CF0028FDDDC0640AA780B58D0056401824
MD5: a65644cfe9e7e228e531019fc74abf18
Determination: GOOD
C:\Program Files (x86)\PowerISO\PowerISO.exe
Loaded from: FILE
PX5: AC49FBD200CBCA8620DF0E5664B12A009856C900
MD5: 2ad07d340691efc955b6280cae5bae97
Determination: GOOD
C:\Program Files (x86)\uTorrent\uTorrent.exe
Loaded from: FILE
PX5: 95C193443093E3E85B81039173367A0033984A81
MD5: 8df7f16f3da69893cef9f74dddb767fd
Determination: GOOD
Results::
Known malicious programs: 5
End of PrevxCSI Log - http://www.prevx.com
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14.43.22, on 04/01/2008
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\PROGRA~2\cebas\ip-clamp\ipclamp.exe
C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe
C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files (x86)\Eset\nod32krn.exe
C:\WINDOWS\SysWOW64\perfs.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\SysWOW64\routing.exe
C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Eset\nod32kui.exe
C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files (x86)\a-squared Free\a2service.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\PrevxCSI\prevxcsi.exe
C:\Documents and Settings\Administrator\Desktop\vir\hijack\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://update.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F2 - REG:system.ini: UserInit=userinit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files (x86)\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\SysWOW64\JMRaidTool.exe boot
O4 - HKLM\..\Run: [Ai Quicker Help] "C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PWRISOVM.EXE] "C:\Program Files (x86)\PowerISO\PWRISOVM.EXE"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [PrevxCSI] "C:\Program Files (x86)\PrevxCSI\prevxcsi.exe" -boot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LaunchList] C:\Program Files (x86)\Pinnacle\Studio 11\LaunchList2.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - S-1-5-18 Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files (x86)\Common Files\Autodesk Shared\acstart16.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - ESC Trusted Zone: http://runonce.msn.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1183909508468
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{144806F2-BAF3-4489-907B-4FC8323F1248}: NameServer = 212.216.112.112,212.216.112.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{7ADF5A06-5C0A-4F56-88B8-F9F378EE1C53}: NameServer = 212.216.112.112,212.216.112.222
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files (x86)\a-squared Free\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing)
O23 - Service: Event Log (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe (file missing)
O23 - Service: IPCLAMP by cebas Computer GmbH (IPClampService) - Unknown owner - C:\PROGRA~2\cebas\ip-clamp\ipclamp.exe
O23 - Service: mental ray 3.5 Satellite (64-bit) (mi-raysat_3dsmax9_64) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files (x86)\Eset\nod32krn.exe
O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\system32\nvsvc64.exe (file missing)
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\WINDOWS\SysWOW64\drivers\pclepci.sys
O23 - Service: perfmons Service (perfmons) - Unknown owner - C:\WINDOWS\system32\perfs.exe
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: Routing Service (Routing) - Unknown owner - C:\WINDOWS\system32\routing.exe
O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing)
O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)
--
End of file - 13098 bytes
aspetto con ansia un vostro parere__
ancora grassie
A.