[win XP] Spyware.Quake Non mi fa avviare windows

[borexino]

Salve a tutti credo di essere infetto da spyware.quake o almeno è quello che mi dicono i vari tool! Appena windows si avvia, rimane il desktop vuoto senza alcuna icona e senza barra della start.
Il file incriminato credo sia c:\windows\system32\pmnkhhf.dll che non riesco ad eliminare ne con avanger ne con killbox!
vi posto i vari log:


hjthis

Codice PHP:

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 15.12.29, on 13/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\ctfmon.exe
F:\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {192A5C60-4807-4EDB-AD0B-E7C7C968A452} - C:\WINDOWS\system32\sstqq.dll
O2 - BHO: (no name) - {838063B6-43F9-44D6-97CB-8A213AF54B27} - C:\WINDOWS\system32\pmnkhhf.dll
O4 - HKLM\..\Run: [AzMixerSel] C:\Programmi\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [VAIO Update 3] "C:\Programmi\Sony\VAIO Update 3\VAIOUpdt.exe"  /Stationary
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MemTurbo.lnk = C:\Programmi\Memturbo 4\MemTurbo.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programmi\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Crea preferiti portatile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programmi\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{855B9CF4-83CD-406E-BC7A-B9A6A9E89471}: NameServer = 192.168.1.1,208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\..\{FA40A5B5-65E5-48AA-ABE8-2ECEE1FB0F7C}: NameServer = 192.168.1.1,208.67.222.222
O20 - Winlogon Notify: pmnkhhf - C:\WINDOWS\SYSTEM32\pmnkhhf.dll
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Programmi\a-squared Free\a2service.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apache2.2 - Apache Software Foundation - C:\AppServ\Apache2.2\bin\httpd.exe
O23 - Service: Apache MS4W Web Server (ApacheMS4WWebServer) - Unknown owner - C:\Documents and Settings\Davide\Desktop\mapserver\ms4w\Apache\bin\httpd.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: mysql - Unknown owner - C:\AppServ\MySQL\bin\mysqld-nt.exe
O23 - Service: OKI OPHC DCS Loader - Oki Data Corporation - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHCLDCS.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Programmi\Sony\VAIO Event Service\VESMgr.exe

-- 


Prevx

Codice PHP:

Prevx CSI Build:  (v1.2.101.109)
Prevx Computer Security Investigator Output Log
System analyzed at: 01/13/08 at 15:28:59

C:\WINDOWS\system32\ntdll.dll
    Loaded into: C:\WINDOWS\System32\smss.exe
    Loaded into: C:\WINDOWS\system32\csrss.exe
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\WINDOWS\system32\ctfmon.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 98EF83350066C70122B20B444BEBEA00D217A1B2
MD5: 75a0aecc55a3f0b9e2d54119fa4aab6d
Determination: GOOD

C:\WINDOWS\system32\csrss.exe
    Loaded into: C:\WINDOWS\system32\csrss.exe
    Loaded into: C:\WINDOWS\system32\csrss.exe
PX5: 457E08CD00DE83E3183600665DD0AE001F0FA82A
MD5: 2b511a5438308a1ac8d48482279810e6
Determination: GOOD

C:\WINDOWS\system32\CSRSRV.dll
    Loaded into: C:\WINDOWS\system32\csrss.exe
PX5: 672F934100D50DA280D100335AB03A0006C3D206
MD5: 4ba2dbac6357b3b9d89c53823afe15c5
Determination: GOOD

C:\WINDOWS\system32\basesrv.dll
    Loaded into: C:\WINDOWS\system32\csrss.exe
PX5: CDE7154D0060E2E4CE1D00F8B4D58500AEAC4112
MD5: 7b37b598b55bf80415c15bffe7a992a2
Determination: GOOD

C:\WINDOWS\system32\winsrv.dll
    Loaded into: C:\WINDOWS\system32\csrss.exe
PX5: 8732376800C35F418ED80684B9A63B005F8CB7FF
MD5: bcc25ed342ee497ead316d0812e3a5ed
Determination: GOOD

C:\WINDOWS\system32\USER32.dll
    Loaded into: C:\WINDOWS\system32\csrss.exe
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\WINDOWS\system32\ctfmon.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 0F3EF70A0068B54FD2AC08079BAEE60002A2BAD2
MD5: 08447bdfce5d1b1956f962602381f5c1
Determination: GOOD

C:\WINDOWS\system32\KERNEL32.dll
    Loaded into: C:\WINDOWS\system32\csrss.exe
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\WINDOWS\system32\ctfmon.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: D52CD51B0060B5DEAEDC0F6CFC78C3000275A5DD
MD5: feb3cc200749ff119bb8b08224a1a594
Determination: GOOD

C:\WINDOWS\system32\GDI32.dll
    Loaded into: C:\WINDOWS\system32\csrss.exe
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\WINDOWS\system32\ctfmon.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 1F9CE28700B6BB683E2104A31AD9960012802DE9
MD5: 2262fe3b392bd2d4d6e59f6024dce576
Determination: GOOD

C:\WINDOWS\system32\sxs.dll
    Loaded into: C:\WINDOWS\system32\csrss.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 8DD4793200312BB2E8C40A6B35703B00EAC2F4EA
MD5: 2326b65e910186b39d4c58376c97622c
Determination: GOOD

C:\WINDOWS\system32\ADVAPI32.dll
    Loaded into: C:\WINDOWS\system32\csrss.exe
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\WINDOWS\system32\ctfmon.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: DA31EA390036C3916C5C0A395DA4E3007CA4EABA
MD5: 09bb0a2c325f7085e24fae6134de2d16
Determination: GOOD

C:\WINDOWS\system32\RPCRT4.dll
    Loaded into: C:\WINDOWS\system32\csrss.exe
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\WINDOWS\system32\ctfmon.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols\ncacn_np    rpcrt4.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols\ncacn_ip_tcp    rpcrt4.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols\ncadg_ip_udp    rpcrt4.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols\ncacn_http    rpcrt4.dll
PX5: 779FC6C5008166E0DEAA08874C150000A68771E2
MD5: e40a1024ef253382bd296a59625bd5f5
Determination: GOOD

C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\winlogon.exe
PX5: D0D54E6C00E89575B4CC07CFE43BE400C1F31A26
MD5: 4166454e2bcfcc20d1b8a5ac9feab243
Determination: GOOD

C:\WINDOWS\system32\AUTHZ.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: E9DDEB920002ADAADEA00048047B1D002E56DB1B
MD5: c0f8a404df967cacb7489c7d56f30674
Determination: GOOD

C:\WINDOWS\system32\msvcrt.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\WINDOWS\system32\ctfmon.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: EAD3CF360087D2AD3C120509FE506F008FB88290
MD5: 9e6cb81be111b9935f6a97c367cabd4e
Determination: GOOD

C:\WINDOWS\system32\CRYPT32.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain\DllName    crypt32.dll
PX5: DD3ED9060033BBFB2E83098709F8D4001E524429
MD5: 5588d8afd51d060f82315c50d7590323
Determination: GOOD

C:\WINDOWS\system32\MSASN1.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 09F301D4001F77D2E0150027945354004927323C
MD5: 0a75ac7d90bd8e6bc942dba004579d5b
Determination: GOOD

C:\WINDOWS\system32\NDdeApi.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
PX5: 8E19EB1100E774A0488300C192BED30080B1D3E4
MD5: 11be44f0c0978927aed7d69b75c24937
Determination: GOOD

C:\WINDOWS\system32\PROFMAP.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
PX5: 90AEB4A600D0EF596C4F00D134ACAA00BDFD0752
MD5: 0328058695d324d26528077f5b136636
Determination: GOOD

C:\WINDOWS\system32\NETAPI32.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: CC4BFB2E005E161C12BF0576C5EB94007AE54E90
MD5: a8db277fb7c964a2bae0159bc05c5621
Determination: GOOD

C:\WINDOWS\system32\USERENV.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\WINDOWS\system32\ctfmon.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 02BF46CD00DC848D207F0BA7D391AB00DCDEB32E
MD5: ac31ca2b251fe8057528fa937335b164
Determination: GOOD

C:\WINDOWS\system32\PSAPI.DLL
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 5DB1DF3A00AE978A5A1800B9B5A8C30041FF3076
MD5: 2baf81b8504d9c1600c51a498e5453b3
Determination: GOOD

C:\WINDOWS\system32\REGAPI.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: BDCF1CB600ACB6D2C2EE007361942C0007606048
MD5: bb756f78728c2d953574e8652b7e86a8
Determination: GOOD

C:\WINDOWS\system32\Secur32.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService    secur32.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService\10    secur32.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService\16    secur32.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService    secur32.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService\18    secur32.dll
PX5: 2226211D005B7868DA45009E23898E00149E78C6
MD5: 8285b8b146b42ff18ed08c558435011e
Determination: GOOD

C:\WINDOWS\system32\SETUPAPI.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 085443D800EAF0FA42960F6622B8E300CB4CB91D
MD5: 6f83a7ed3217d0e612445612d1991767
Determination: GOOD

C:\WINDOWS\system32\VERSION.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\WINDOWS\system32\ctfmon.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 17E09890009DDCC84AAD00E153CBBA0071FD3882
MD5: 9b5a59851d9a237c86210e07e2195a12
Determination: GOOD

C:\WINDOWS\system32\WINSTA.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
PX5: 1789B2A5005E39C8D2660086022E8500C3B9450D
MD5: de24ebecf7833a4de925d0832956f21a
Determination: GOOD

C:\WINDOWS\system32\WINTRUST.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 0D34C3E0002C3B32B2670226273B8500327F7603
MD5: 48bd2908fe77abb5ef42dd4a108600b5
Determination: GOOD

C:\WINDOWS\system32\IMAGEHLP.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 92D4CA5F00EA8A5C340F02F2506EE800E1319CFF
MD5: f309c34e0f66dac995053e91effc9002
Determination: GOOD

C:\WINDOWS\system32\WS2_32.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 42D0077300700B1344D7019D11CF0E00A225E294
MD5: 12ead983c875ed9bcc8b90e3f77f2e4a
Determination: GOOD

C:\WINDOWS\system32\WS2HELP.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 097C6291004A18B14EEC00B4A6264D00B84611B9
MD5: 0c1f495c1761c126bc820f4de4c8b967
Determination: GOOD

C:\WINDOWS\system32\IMM32.DLL
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\WINDOWS\system32\ctfmon.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: CDBF4DDD001A7574AE3A01510D252400AF18CE5E
MD5: ca38a6091ecac2668ec99afd4b6c0615
Determination: GOOD

C:\WINDOWS\system32\MSGINA.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
PX5: 0590994000D0A8B5D63917FB32187D00CFF1B8F8
MD5: d66fbb38ab0900e8b9254ae81e468124
Determination: GOOD

C:\WINDOWS\system32\SHELL32.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\WINDOWS\system32\ctfmon.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\VmApplet    rundll32 shell32,Control_RunDLL "sysdm.cpl"
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{AEB6717E-7E19-11d0-97EE-00C04FD91972}
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}\StubPath    regsvr32.exe /s /n /i:U shell32.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\PostBootReminder    {7849596a-48ea-486e-8937-a2a3009f31a9}
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\CDBurn    {fbeb8a05-beee-4442-804e-409d6c4515e9}
    Loaded from: \REGISTRY\User\S-1-5-21-602162358-1364589140-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{0E5CBF21-D15F-11D0-8301-00AA005B4383}    
    Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}\(default)
    Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}\(default)
    Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}\(default)
    Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}\(default)
    Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}\(default)
    Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}\(default)
    Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}\(default)
    Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}\(default)
    Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Open With\(default)    {09799AFB-AD67-11d1-ABCD-00C04FC30936}
    Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Open With\(default)    {09799AFB-AD67-11d1-ABCD-00C04FC30936}
    Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Open With EncryptionMenu\(default)    {A470F8CF-A1E8-4f65-8335-227475AA5C46}
    Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Open With EncryptionMenu\(default)    {A470F8CF-A1E8-4f65-8335-227475AA5C46}
    Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}\(default)    Blocco menu Start
    Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}\(default)    Blocco menu Start
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu\(default)    {A470F8CF-A1E8-4f65-8335-227475AA5C46}
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu\(default)    {A470F8CF-A1E8-4f65-8335-227475AA5C46}
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\PropertySheetHandlers\{ef43ecfe-2ab9-4632-bf21-58909dd177f0}\(default)
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\PropertySheetHandlers\{ef43ecfe-2ab9-4632-bf21-58909dd177f0}\(default)
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\FileSystem\(default)    {217FC9C0-3AEA-1069-A2DB-08002B30309D}
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\FileSystem\(default)    {217FC9C0-3AEA-1069-A2DB-08002B30309D}
PX5: EA00C46A00DF4A1A061FDBDDA7E370019F6664D3
Determination: GOOD

C:\WINDOWS\system32\SHLWAPI.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\WINDOWS\system32\ctfmon.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 7D1168D10076E74F3C1407B6331C07007C1C46D8
MD5: 085530e882e0e97d8842f9628fc637ac
Determination: GOOD

C:\WINDOWS\system32\COMCTL32.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 0FFEE7C7000006B05465090C27232C00D413C33C
MD5: 0fe5f5912c30795c455a9645970e6c7c
Determination: GOOD

C:\WINDOWS\system32\ODBC32.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
PX5: A52E0F9B00E1697FD015036BACB9C10078B33C67
MD5: 485b2381cf003dad79f1371fbeaacd5a
Determination: GOOD

C:\WINDOWS\system32\comdlg32.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: D1079ADC002DFDB3487D042258AF1F00F0FB72E4
MD5: c99fd691acafaeeefd03f1e4e6d3dd60
Determination: GOOD

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\WINDOWS\system32\ctfmon.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 9530DEA70023A05308671094FE66420057AEE923
MD5: d81759006d620d41f7fd1d2a4a10c7f3
Determination: GOOD

C:\WINDOWS\system32\odbcint.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
PX5: 17030F830012904980B601AEBBE29A00B94ABB0D
MD5: ea88a16da0d06069c0c06ab5a4669e26
Determination: GOOD

C:\WINDOWS\system32\SHSVCS.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
PX5: 29B6016000DA65A00EB502BB0FFC6D00E022C836
MD5: 500e8ef27757b1c463a4a263ed2c95d2
Determination: GOOD

C:\WINDOWS\system32\sfc.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
PX5: 16BA5AAF006AA18914FD002B882F7D0027109E10
MD5: e6f026dbc75b6eed7331ebf581afd4d8
Determination: GOOD

C:\WINDOWS\system32\sfc_os.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
PX5: 53B4176200566C3D2844029CE35AC3003149753E
MD5: 8fbf27ab56de71e2bdd5a2ccb7fb9023
Determination: GOOD

C:\WINDOWS\system32\ole32.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\WINDOWS\system32\ctfmon.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: E758784E007AB6358C70131F94722D006C415D83
MD5: 66364440c71911d07468f3791206fb87
Determination: GOOD

C:\WINDOWS\system32\Apphelp.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 2E534C590076A85BF05D01EC9E4FFB0089A4554F
MD5: 086da77c3c612759d4ef437f67532e2d
Determination: GOOD

C:\WINDOWS\system32\msctfime.ime
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\WINDOWS\system32\ctfmon.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: A0883E0F00146873B4BB0255156E8700B1387578
MD5: 29de0b3fb6dec623e2dc5e9c7c89cab8
Determination: GOOD

C:\WINDOWS\system32\WINSCARD.DLL
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 49E7BE4C00EA6409841F01CF112B5500E75D0DD5
MD5: 840535254edd74e79d059229c5a2f800
Determination: GOOD

C:\WINDOWS\system32\WTSAPI32.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 1CDB8610004CDD7F48CB007245065C0097B2DD61
MD5: e2703bb7beac36269482a8d32400ad38
Determination: GOOD

C:\WINDOWS\system32\WINMM.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\WINDOWS\system32\ctfmon.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 8B514EB5005BE141BAA3022C5AD8F400CAAEB534
MD5: 1dc87f8c450e295fb8cc5039d27292e5
Determination: GOOD

C:\WINDOWS\system32\cscdll.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll\DLLName    cscdll.dll
PX5: 36CC0D8B0009157E909D017F19231E0041E0A92E
MD5: 38c69b2bc3182a85f0b323c9d1eb7e26
Determination: GOOD

C:\WINDOWS\system32\WlNotify.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp\DLLName    wlnotify.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule\DllName    wlnotify.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn\DLLName    WlNotify.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv\DllName    wlnotify.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon\DLLName    wlnotify.dll
PX5: 3C08F14B008AD1456C990109A197100002605D8A
MD5: 72e4cad810a967449caab723e99c74b1
Determination: GOOD

C:\WINDOWS\system32\WINSPOOL.DRV
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: A35B6D1900D11F1D3E5102B97EFC0500E974203D
MD5: a357128eea84698dcf3ed33e521292cc
Determination: GOOD

C:\WINDOWS\system32\MPR.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
PX5: 4E92FBCC002BB291EAE5000F10C15F00A1E7AD21
MD5: 7013fc08075eef2d881d55f898f2d402
Determination: GOOD

C:\WINDOWS\system32\rsaenh.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 19B797A900BB112F5426027FDD39EC001D5760F1
MD5: 26acbd865f8cff730f1791c4d0854352
Determination: GOOD

C:\WINDOWS\system32\UxTheme.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\WINDOWS\system32\ctfmon.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: D88EDDB7006796175ABD030829F64C0039E51CA1
MD5: 00392689f8bf09f676381a54835b5ae8
Determination: GOOD

C:\WINDOWS\system32\SAMLIB.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 6D3509C200E203F6FAF00078D7EA35003D8429D0
MD5: f16c9cdb4a47969b1cf48e0620f6e217
Determination: GOOD

C:\WINDOWS\system32\msv1_0.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Authentication Packages    msv1_0
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Security Packages    kerberos
PX5: 7DDBB66E00F27A20FA0D01B81C65BB005752F1B9
MD5: affa7a2ecb1476f29641c90524f63e2e
Determination: GOOD

C:\WINDOWS\system32\iphlpapi.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 811D12860031DBC676BC0192323E8B00C52133AD
MD5: 494eb23ef42602f1622d515960a98074
Determination: GOOD

C:\WINDOWS\system32\pmnkhhf.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{838063B6-43F9-44D6-97CB-8A213AF54B27}
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\pmnkhhf\DllName    pmnkhhf.dll
    Loaded from: FILE
PX5: 381AAE7C0026103A947D00A629EA9700E282126A
MD5: deae0346bfb1d461f7b7942e0ec2e2c7
Determination: BAD
Malware Group: SpywareQuake

C:\WINDOWS\system32\urlmon.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: FACC0CD600C0CFD7BCCA112D32A7CB0082FB3FE1
MD5: 5f0510d33e1b173f9803ec5c287f7cda
Determination: GOOD

C:\WINDOWS\system32\OLEAUT32.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\WINDOWS\system32\ctfmon.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: B8AC5953001510F87226084B320E2F00FADEC04D
MD5: 6be31dd27f035ae0aff3fa764ddc8b4b
Determination: GOOD

C:\WINDOWS\system32\iertutil.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 2BEBD83B00990A2C12A804F7E3D9D90048DC88C9
MD5: 37b82f050378aba1fc6bf6664575f68b
Determination: GOOD

C:\WINDOWS\system32\WININET.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 439AFB1B00D026927EDD0C7F13C90D0080134ABF
MD5: a4a0fc92358f39538a6494c42ef99fe9
Determination: GOOD

C:\WINDOWS\system32\Normaliz.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: E3FC1A7000BA1C775C420052AC60C600F74EBAFC
MD5: 10753a3adc3e39a3b10cc3f08e98e6b4
Determination: GOOD

C:\WINDOWS\system32\NTMARTA.DLL
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 1D452FC300F103CCD4AF019C0B4A1000D0C05759
MD5: 3c1b1065c5bfca5190e7fa7efcb11b59
Determination: GOOD

C:\WINDOWS\system32\WLDAP32.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 9E81915C002CE532A4010226E6EC3100C992DBA0
MD5: a340dec6229f08d8b9644f2be00100fc
Determination: GOOD

C:\WINDOWS\system32\cscui.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{C631DF4C-088F-4156-B058-4375F0853CD8}\DllName    %SystemRoot%\System32\cscui.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{750fdf0e-2a26-11d1-a3ea-080036587f03}    Offline Files Menu
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{10CFC467-4392-11d2-8DB4-00C04FA31A66}    Offline Files Folder Options
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}    Cartella file non in linea
    Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Offline Files\(default)    {750fdf0e-2a26-11d1-a3ea-080036587f03}
    Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Offline Files\(default)    {750fdf0e-2a26-11d1-a3ea-080036587f03}
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\Offline Files\(default)    {750fdf0e-2a26-11d1-a3ea-080036587f03}
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\Offline Files\(default)    {750fdf0e-2a26-11d1-a3ea-080036587f03}
PX5: 8E7CD5F4006500C1188E05B6248B9200BAF8CA73
MD5: 53e5ab61ddcc0f057182bc1b5513b744
Determination: GOOD

C:\WINDOWS\system32\xpsp2res.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: CFAEC7750026979E025A2D0713586C0029D36D96
MD5: 324676aa65f0fac0a312da4cd05925c1
Determination: GOOD

C:\WINDOWS\system32\COMRes.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: D3FD3AB2006F991AE8A30C7CE8FD780095D6A640
MD5: b979bbba74f4f5db69c3a5dfdc52828c
Determination: GOOD

C:\WINDOWS\system32\CLBCATQ.DLL
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 7768E3ED00658AB9A66507AEECA75E0031A45A6F
MD5: 0189390cdbbfa0649898486ef5af4130
Determination: GOOD

C:\WINDOWS\system32\wbem\wbemprox.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
PX5: 118AA1B200D76A754A3B0017C7664600A1463C19
MD5: cece259d273771497d2c96c8121d9c58
Determination: GOOD

C:\WINDOWS\system32\wbem\wbemcomn.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 30B285D60040901346F3037FF72C08005C58C30E
MD5: 7db0054945c1c937553f97fa1f1eaffb
Determination: GOOD

C:\WINDOWS\system32\wbem\wbemsvc.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 25397BDF00757EBFAAF700E3ED2B7800B9284F1B
MD5: dd3e1e96ea769c31936d9b09f9137954
Determination: GOOD

C:\WINDOWS\system32\wbem\fastprox.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: AEBA61B800E4BC9A34F5075F66FDAB005D1447F9
MD5: fc9f0b7216d087f9502ece38439ae144
Determination: GOOD

C:\WINDOWS\system32\MSVCP60.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 2D7DD02900BE71EC5085060A796CD8005BF97344
MD5: b30c42dfa52a70037ab31a85057a5657
Determination: GOOD

C:\WINDOWS\system32\NTDSAPI.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: B049763B0042836806A701AA022FCD00F10A90B1
MD5: 6ae3588c5fea68cdfcd743af5fc95398
Determination: GOOD

C:\WINDOWS\system32\DNSAPI.dll
    Loaded into: C:\WINDOWS\system32\winlogon.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: E002A9EF00BB5FBB44CD027C35B0550058480101
MD5: 6e8ce9bb6332762f102a075a65194870
Determination: GOOD

C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Eventlog\ImagePath    %SystemRoot%\system32\services.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PlugPlay\ImagePath    %SystemRoot%\system32\services.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Eventlog\ImagePath    C:\WINDOWS\system32\services.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\PlugPlay\ImagePath    C:\WINDOWS\system32\services.exe
PX5: 55CFB3920083E585A8B8011373392400747D1070
MD5: e77f6fa2a15390f1727f4c1c55b69da6
Determination: GOOD

C:\WINDOWS\system32\SCESRV.dll
    Loaded into: C:\WINDOWS\system32\services.exe
PX5: 42090831009A7DEDFC25041A41C0A6009F850DB8
MD5: e84a4bfd34f64af3a9b2e4ff45c02dca
Determination: GOOD

C:\WINDOWS\system32\umpnpmgr.dll
    Loaded into: C:\WINDOWS\system32\services.exe
PX5: 26E71B8F007D3456D4BB016B5AFBC800D7F565BB
MD5: 232f47c76cd56683a1a329eccb277f83
Determination: GOOD

C:\WINDOWS\system32\NCObjAPI.DLL
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 7EA0BF3D001A18F58E38007796CD8000CD7F3FCC
MD5: 1fc06b22ba62ab448613461d06c328c9
Determination: GOOD

C:\WINDOWS\system32\ShimEng.dll
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\WINDOWS\system32\ctfmon.exe
PX5: 279F162200D45347000001BBAACC850063724C8D
MD5: dc7d49e0dec335b8e14c734ab1bade66
Determination: GOOD

C:\WINDOWS\AppPatch\AcGenral.DLL
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\WINDOWS\system32\ctfmon.exe
PX5: 5F6310EE002D3DBC446C1C5A826CF10048881669
MD5: 26caaee19627a49509a5faaf49e418a0
Determination: GOOD

C:\WINDOWS\system32\MSACM32.dll
    Loaded into: C:\WINDOWS\system32\services.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\WINDOWS\system32\ctfmon.exe
PX5: CD32AC5300D4DB3A183401A597817D009B477A6B
MD5: b088085d01b3e80e2be0e9cd1838ba9b
Determination: GOOD

C:\WINDOWS\system32\eventlog.dll
    Loaded into: C:\WINDOWS\system32\services.exe
PX5: D2B7D57A001E9CD9DA5600E2BE4F3C00079E4466
MD5: d1caa255f33c06c8302769a86ffb905e
Determination: GOOD

C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Netlogon\ImagePath    %SystemRoot%\system32\lsass.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NtLmSsp\ImagePath    %SystemRoot%\system32\lsass.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PolicyAgent\ImagePath    %SystemRoot%\system32\lsass.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ProtectedStorage\ImagePath    %SystemRoot%\system32\lsass.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SamSs\ImagePath    %SystemRoot%\system32\lsass.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Netlogon\ImagePath    C:\WINDOWS\system32\lsass.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NtLmSsp\ImagePath    C:\WINDOWS\system32\lsass.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\PolicyAgent\ImagePath    C:\WINDOWS\system32\lsass.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ProtectedStorage\ImagePath    C:\WINDOWS\system32\lsass.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\SamSs\ImagePath    C:\WINDOWS\system32\lsass.exe
PX5: CC1BA69F00AF6D2D3445003B3C2E0700B638080D
MD5: 0815e8da286775fa432c7c9ee5e10ba1
Determination: GOOD

C:\WINDOWS\system32\LSASRV.dll
    Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: DFF408A1009F902E1A360BCBB8D0DD00224FF50F
MD5: e0c3289e36894fb2348cb748cdb37516
Determination: GOOD

C:\WINDOWS\system32\SAMSRV.dll
    Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: E92EC68300CE21C68E4E06BCC0EDF6004268C49A
MD5: 12b717e63f23bdf3fd43b295542154d9
Determination: GOOD

C:\WINDOWS\system32\cryptdll.dll
    Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: 81B30DAB0078862F82C6000202049600DB968CD1
MD5: 4ac54687b901091378c512a6c56f6214
Determination: GOOD

C:\WINDOWS\system32\msprivs.dll
    Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: 0CA48DC3002C50B3BC750065E2B27800000C62EB
MD5: d7d64ff974b96816e1ae2c5b86de35ba
Determination: GOOD

C:\WINDOWS\system32\kerberos.dll
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Security Packages    kerberos
PX5: 5BA16E2800984E107E90042A99DCA400E3F73FD4
MD5: ccbd78ddfbddb5531a2b36684e1a2709
Determination: GOOD

C:\WINDOWS\system32\netlogon.dll
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService\68    netlogon.dll
PX5: 7826BE4E00B0693C362206A7BBB246000E968C98
MD5: 926bb51bb6de79dedb93e9c2b0811ccf
Determination: GOOD

C:\WINDOWS\system32\w32time.dll
    Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: B0DB78E90001F969B24A022F16FE9C007D6DCCBC
MD5: 8b97d00e5c6a593ebb605ce4b8a5caa5
Determination: GOOD

C:\WINDOWS\system32\schannel.dll
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\SecurityProviders\SecurityProviders    msapsspc.dll
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Security Packages    kerberos
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService\14    schannel.dll
PX5: 6875CD56004DB153365402E13E2E3800ECF2B58B
MD5: 8991aa4feccd0f90963aa68d120782eb
Determination: GOOD

C:\WINDOWS\system32\wdigest.dll
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Security Packages    kerberos
PX5: F311FBD900986B6DC09400C9FE9A9C00CD8F608E
MD5: bc6964976170dc87caf151a144be586c
Determination: GOOD

C:\WINDOWS\system32\sstqq.dll
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Authentication Packages    msv1_0
    Loaded from: FILE
PX5: C4D8E8B30056F914F8B304DA7EC7300067B0C219
MD5: 0beb3b5240093ef0a0e95ef2a78f8899
Determination: BAD
Malware Group: Trojan.Vundo

C:\WINDOWS\system32\SHFOLDER.dll
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 209DE55C009ABDE8627700E93AF07200F7058D40
MD5: 8b205eb92b49d10055427365065357e8
Determination: GOOD

C:\WINDOWS\system32\scecli.dll
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{827D319E-6EAC-11D2-A4EA-00C04F79F83A}\DllName    scecli.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}\DllName    scecli.dll
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Notification Packages    scecli
PX5: C91F3DA800B1BEBADA0C02480448D00054984981
MD5: 1446eb71adf0f54980cdd7e5a812e102
Determination: GOOD

C:\WINDOWS\system32\dssenh.dll
    Loaded into: C:\WINDOWS\system32\lsass.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 31E843BE00E2A81C18FA0265E10B6500232880A4
MD5: cacd2c63a79268d131ea37e85524cc44
Determination: GOOD

C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Alerter\ImagePath    %SystemRoot%\system32\svchost.exe -k LocalService
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\AppMgmt\ImagePath    %SystemRoot%\system32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\AudioSrv\ImagePath    %SystemRoot%\System32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\BITS\ImagePath    %SystemRoot%\system32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Browser\ImagePath    %SystemRoot%\system32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\BthServ\ImagePath    %SystemRoot%\system32\svchost.exe -k bthsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\CryptSvc\ImagePath    %SystemRoot%\system32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\DcomLaunch\ImagePath    %SystemRoot%\system32\svchost -k DcomLaunch
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Dhcp\ImagePath    %SystemRoot%\system32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\dmserver\ImagePath    %SystemRoot%\System32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Dnscache\ImagePath    %SystemRoot%\system32\svchost.exe -k NetworkService
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ERSvc\ImagePath    %SystemRoot%\System32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\EventSystem\ImagePath    C:\WINDOWS\system32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\FastUserSwitchingCompatibility\ImagePath    %SystemRoot%\System32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\helpsvc\ImagePath    %SystemRoot%\System32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\HidServ\ImagePath    %SystemRoot%\System32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\HTTPFilter\ImagePath    %SystemRoot%\System32\svchost.exe -k HTTPFilter
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\lanmanserver\ImagePath    %SystemRoot%\system32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\lanmanworkstation\ImagePath    %SystemRoot%\system32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\LmHosts\ImagePath    %SystemRoot%\system32\svchost.exe -k LocalService
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Messenger\ImagePath    %SystemRoot%\system32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Netman\ImagePath    %SystemRoot%\System32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Nla\ImagePath    %SystemRoot%\system32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NtmsSvc\ImagePath    %SystemRoot%\system32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RasAuto\ImagePath    %SystemRoot%\system32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RasMan\ImagePath    %SystemRoot%\system32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RemoteAccess\ImagePath    %SystemRoot%\system32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RemoteRegistry\ImagePath    %SystemRoot%\system32\svchost.exe -k LocalService
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RpcSs\ImagePath    %SystemRoot%\system32\svchost -k rpcss
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Schedule\ImagePath    %SystemRoot%\System32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\seclogon\ImagePath    %SystemRoot%\System32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SENS\ImagePath    %SystemRoot%\system32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SharedAccess\ImagePath    %SystemRoot%\system32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ShellHWDetection\ImagePath    %SystemRoot%\System32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\srservice\ImagePath    %SystemRoot%\system32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SSDPSRV\ImagePath    %SystemRoot%\system32\svchost.exe -k LocalService
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\stisvc\ImagePath    %SystemRoot%\system32\svchost.exe -k imgsvc
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\TapiSrv\ImagePath    %SystemRoot%\System32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\TermService\ImagePath    %SystemRoot%\System32\svchost -k DComLaunch
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Themes\ImagePath    %SystemRoot%\System32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\TrkWks\ImagePath    %SystemRoot%\system32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\upnphost\ImagePath    %SystemRoot%\system32\svchost.exe -k LocalService
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\W32Time\ImagePath    %SystemRoot%\System32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\WebClient\ImagePath    %SystemRoot%\system32\svchost.exe -k LocalService
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\winmgmt\ImagePath    %systemroot%\system32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\WmdmPmSN\ImagePath    %SystemRoot%\System32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Wmi\ImagePath    %SystemRoot%\System32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\wscsvc\ImagePath    %SystemRoot%\System32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\wuauserv\ImagePath    %systemroot%\system32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\WZCSVC\ImagePath    %SystemRoot%\System32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\xmlprov\ImagePath    %SystemRoot%\System32\svchost.exe -k netsvcs
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Alerter\ImagePath    C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\AppMgmt\ImagePath    C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\AudioSrv\ImagePath    C:\WINDOWS\System32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\BITS\ImagePath    C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Browser\ImagePath    C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\BthServ\ImagePath    C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\CryptSvc\ImagePath    C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\DcomLaunch\ImagePath    C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Dhcp\ImagePath    C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\dmserver\ImagePath    C:\WINDOWS\System32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Dnscache\ImagePath    C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ERSvc\ImagePath    C:\WINDOWS\System32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\EventSystem\ImagePath    C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\FastUserSwitchingCompatibility\ImagePath    C:\WINDOWS\System32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\helpsvc\ImagePath    C:\WINDOWS\System32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\HidServ\ImagePath    C:\WINDOWS\System32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\HTTPFilter\ImagePath    C:\WINDOWS\System32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\lanmanserver\ImagePath    C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\lanmanworkstation\ImagePath    C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\LmHosts\ImagePath    C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Messenger\ImagePath    C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Netman\ImagePath    C:\WINDOWS\System32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Nla\ImagePath    C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NtmsSvc\ImagePath    C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RasAuto\ImagePath    C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RasMan\ImagePath    C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RemoteAccess\ImagePath    C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RemoteRegistry\ImagePath    C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RpcSs\ImagePath    C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Schedule\ImagePath    C:\WINDOWS\System32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\seclogon\ImagePath    C:\WINDOWS\System32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\SENS\ImagePath    C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\SharedAccess\ImagePath    C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ShellHWDetection\ImagePath    C:\WINDOWS\System32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\srservice\ImagePath    C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\SSDPSRV\ImagePath    C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\stisvc\ImagePath    C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\TapiSrv\ImagePath    C:\WINDOWS\System32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\TermService\ImagePath    C:\WINDOWS\System32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Themes\ImagePath    C:\WINDOWS\System32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\TrkWks\ImagePath    C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\upnphost\ImagePath    C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\W32Time\ImagePath    C:\WINDOWS\System32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\WebClient\ImagePath    C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\winmgmt\ImagePath    C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\WmdmPmSN\ImagePath    C:\WINDOWS\System32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Wmi\ImagePath    C:\WINDOWS\System32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\wscsvc\ImagePath    C:\WINDOWS\System32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\wuauserv\ImagePath    C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\WZCSVC\ImagePath    C:\WINDOWS\System32\svchost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\xmlprov\ImagePath    C:\WINDOWS\System32\svchost.exe
PX5: 41467A9700616549387D0095555BE300B7CBF228
MD5: 73955b04f209d8a1c633867841267a96
Determination: GOOD

c:\windows\system32\rpcss.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RpcSs\ImagePath    %SystemRoot%\system32\svchost -k rpcss
PX5: D10B46960010CCB40A5406A32381BD005F5BEA56
MD5: 0c015ab735a4624c44cb5696e9208c4c
Determination: GOOD

c:\windows\system32\termsrv.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 15A4D5880058E23888C304BFF814830042F0D520
MD5: c06cd1890279603e15020757e02de56b
Determination: GOOD

c:\windows\system32\ICAAPI.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: BB3E4FC6005CCAE92CC10044E2AB07008B832EBD
MD5: 66da850192b87548374fe13f38a2a265
Determination: GOOD

c:\windows\system32\mstlsapi.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: F3CF001500470019C4F901369ADAFD00DF876B1F
MD5: 9e54d8528f9b4324ed20cfcdf3be6a76
Determination: GOOD

c:\windows\system32\ACTIVEDS.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
PX5: EFB02947002647C8F6250205FD9612006E9558F5
MD5: 25e4e36ced6b15df8d8c10460be834a2
Determination: GOOD

c:\windows\system32\adsldpc.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
PX5: 6D8B11FE00EF99F53026027F152EC40097EA0ACA
MD5: 15ce221ace929705ba7e4346d74e8a06
Determination: GOOD

c:\windows\system32\ATL.DLL
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
PX5: 90FBA32A008A4DC9E6A3004879775D009B9241D5
MD5: 32bd4cc64449ea2549be4a8efc54f4de
Determination: GOOD

C:\WINDOWS\system32\mswsock.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\LibraryPath    %SystemRoot%\System32\mswsock.dll
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\LibraryPath    %SystemRoot%\System32\mswsock.dll
PX5: 644C52BE00A05754C6240337B7759700C1FF12E3
MD5: 337cb52af1f7cf6c0f57ec8bd14dc6d1
Determination: GOOD

C:\WINDOWS\system32\hnetcfg.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 2CFD58C600B6F9414A810565679BD6001F42D5DE
MD5: 250d4f4e1e27543c121378268fe07208
Determination: GOOD

C:\WINDOWS\System32\wshtcpip.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 522AC66D001B6D5A4E8E00D8A0AEF000528059BA
MD5: 08b3a60a4dd7fae800b552f8f8d5deb0
Determination: GOOD

C:\WINDOWS\System32\winrnr.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\LibraryPath    %SystemRoot%\System32\winrnr.dll
PX5: DD7C6D7B00A7C2A842AB003098E8920063CE769A
MD5: bb78454c44a5b0f97295a6d66b217d65
Determination: GOOD

C:\WINDOWS\system32\wshbth.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004\LibraryPath    %SystemRoot%\system32\wshbth.dll
PX5: 80288AE0004A422FA6D1015DE110A0000E60677F
MD5: 00faaa0336b11ee00654dac09022d25a
Determination: GOOD

C:\WINDOWS\system32\rasadhlp.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: C442A786008A10AC207B003B3C2E0700E2EB90DB
MD5: 057393dff71e294edf6db3ad2a0cd0de
Determination: GOOD

c:\windows\system32\dhcpcsvc.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: F53436F60068CE64B23A01BCB3126A00C328DCF2
MD5: 3d6f9b5c5c396bfbc14dc565ce624cef
Determination: GOOD

c:\windows\system32\wzcsvc.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 3DF4750600996C8B7E470562CED514005814EDBA
MD5: 312913174d070ed81e9d78da7b648774
Determination: GOOD

c:\windows\system32\rtutils.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: BF0F14BA00130FA5ACFA00D907EAE70083958E2B
MD5: 204a7d354683a49c37505be1646c5d43
Determination: GOOD

c:\windows\system32\WMI.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 781B3D7300C600C41695006A26ACBD006AA9CB45
MD5: 7f9fd6e98cf1898f94d4a6246d4d639e
Determination: GOOD

c:\windows\system32\ESENT.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 2D3CBE9900CA56E1AA3A1013ABD8CF0050E8E49A
MD5: cf52cd81a61e6deff93ca40bba955f30
Determination: GOOD

C:\WINDOWS\System32\rastls.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: F64AC68A00F37A69B87E01DB8E696800CC9225D9
MD5: f90a2f77cb88f8201a3ad783d7edb19c
Determination: GOOD

C:\WINDOWS\system32\CRYPTUI.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
PX5: 5142AFD100A220AEFE57076D08D9310067F36935
MD5: 502a30e1a880124d7f71667e75be9688
Determination: GOOD

C:\WINDOWS\system32\MPRAPI.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
PX5: F40536E000846CE4547B017CD7ABC100D153D57A
MD5: b61978022a65fac95b8e3817d5029870
Determination: GOOD

C:\WINDOWS\system32\RASAPI32.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 7E18516500FFE5CC9C5B03564D831C0011FCFEEB
MD5: 7ece54a6785e6a07ed02018a32b246e6
Determination: GOOD

C:\WINDOWS\system32\rasman.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 7F1D9BFF002D89D3F04E005C98AFF900ECE9EEA3
MD5: 79d87679f6f13f7f18062c39a3c5b38a
Determination: GOOD

C:\WINDOWS\system32\TAPI32.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: ECB3A62200F5E5E3C61D0271F9934A0018AE4A00
MD5: 9b53ce123c15e95de40592cfecec5a09
Determination: GOOD

C:\WINDOWS\System32\raschap.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 6CBEE3D600A4FEB310F101DE8C083F003D6F721F
MD5: d7de6cd7a5f84909b12b7dbd7d93811d
Determination: GOOD

c:\windows\system32\wkssvc.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 7EE71DE000CB8C06046102E707BEAD00EAB7A0DE
MD5: b96429b547c29cfe65e0a31c53f4bb06
Determination: GOOD

c:\windows\system32\cryptsvc.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 4924777000FF363CECB300E8D69F7300112A6AF8
MD5: e0cc838265401128097d182fb583889a
Determination: GOOD

c:\windows\system32\certcli.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 925C7DF9003B9C1200C5031520AB850028BB5515
MD5: 5f24a58d40870f8fe6cf7e15e73de146
Determination: GOOD

c:\windows\system32\wbem\wmisvc.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: CEF9F3BC00C6E32738BF0260919AD800E787713F
MD5: a91acdd987dc3e0e1fcedda6f1ffef2a
Determination: GOOD

C:\WINDOWS\system32\VSSAPI.DLL
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: FAEC6BFB002AF8059230067AACCA280087EB5B02
MD5: b590f13f17409970a6994473eb98ef74
Determination: GOOD

c:\windows\system32\srsvc.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: F652BD0100BA7CC29C6202A16DDB5500C590261B
MD5: ba4e8ac9a60c4527c969d08f3abe9d36
Determination: GOOD

c:\windows\system32\POWRPROF.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 31AB7E9C00B2127E4485007208C03300950D28C1
MD5: 41ff9d663219a1dd0397fe2c5b09436c
Determination: GOOD

c:\windows\system32\msgsvc.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: EE2E50C400EA00498403000260463C00FE4F91F9
MD5: 3777ab9537d05bfd404b0fbc13a140a6
Determination: GOOD

c:\windows\system32\srvsvc.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 04962F40002073267A0D01D01873E300127D7D3E
MD5: 82a782a17aaf3ad92811f5023a94181f
Determination: GOOD

c:\windows\system32\dmserver.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: FABFF932000B9F155E610037E22ABC006B953D35
MD5: 499fff7bca07009a23447776286f0510
Determination: GOOD

c:\windows\system32\browser.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}\(default)    Browser Customizations
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS\(default)    Personalizzazione del browser
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}\(default)    Browser Customizations
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS\(default)    Personalizzazione del browser
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}\(default)    Browser Customizations
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS\(default)    Personalizzazione del browser
PX5: 9CDD0A4F005D0D9D2E6201C807EC76000E0D1CE8
MD5: 72fbf0322be8a0f25ae722fde36ab1e6
Determination: GOOD

C:\WINDOWS\system32\wbem\wbemcore.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: D34E2BC3004DE1451AED08DF0B2B620026599912
MD5: 2e9b41fdd71fddd9d596cf3fdf0a1fdd
Determination: GOOD

C:\WINDOWS\system32\wbem\esscli.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: DE687FC600BAAC77C8B4030B6F14AB0094AE7226
MD5: 20938c6d287b27ab3f1fde53ff3507de
Determination: GOOD

C:\WINDOWS\system32\wbem\wmiutils.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 0BDBA5A5000A6748803F0102F9279500D2C1C9B2
MD5: bc664c7546ef5c1a5712e7b48af24741
Determination: GOOD

C:\WINDOWS\system32\wbem\repdrvfs.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: DAAC922100087395B4C8026D60ACD300B870E129
MD5: 41b4ed9f8d444ce09b6a1fe76ae22040
Determination: GOOD

C:\WINDOWS\system32\wbem\wmiprvsd.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: DCBBBE7700F574BEAC5B06A359C30800D52199FA
MD5: d110a8cde08cc1d346814c814d32f2ed
Determination: GOOD

C:\WINDOWS\system32\wbem\wbemess.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 57BC20470030CEBC2E7C0420B5413100E2A61178
MD5: 1c4c78b5943ae143513dd1522e14926a
Determination: GOOD

C:\WINDOWS\system32\wbem\ncprov.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 28C2B58B00AC779DB8320092176FE400CB94678D
MD5: 1b8923492b022438764dcf6bd8b0efa9
Determination: GOOD

C:\WINDOWS\system32\mlang.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: A0FB8BA50045A9FEF20208062C04B3005F96B032
MD5: f036bc2525f8701628abb0a550c1c692
Determination: GOOD

C:\WINDOWS\System32\xmlprovi.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: F8AAB7ED00389F6FC419009F9AC92500C1676D16
MD5: 84c74999e0f8de9d0d96fc61de29ada1
Determination: GOOD

C:\WINDOWS\System32\WZCSAPI.DLL
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: EBF8733200CD9B7CCA4C0051E7642A0024707F2E
MD5: 28cddfdf8c30d886284f3549c4a8e284
Determination: GOOD

c:\windows\system32\dnsrslvr.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 3AB739DC00686EC6B26F00A3B54A4300F767B865
MD5: 1a4ccb390093d1a6f0eec063f44aff31
Determination: GOOD

c:\windows\system32\lmhsvc.dll
    Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 050B19680015AAE33629000A173BF5000631D061
MD5: 6e008b7eb9b67d555b5ee1c1091f3a7e
Determination: GOOD

C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
PX5: 1A9D56D40076F5DF6CD80525C1918B0093A9282B
MD5: fd8b444b1b591eae93b534da6f9a3afa
Determination: GOOD

C:\WINDOWS\system32\VDMDBG.dll
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
PX5: EBD628D800BE7F4B66FA00A2490C1200359A8A39
MD5: abbdc71c3812c622302b3bc87a929ce4
Determination: GOOD

C:\WINDOWS\system32\UTILDLL.dll
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
PX5: 1D523D80001DF1C066F30000C6A46100D1C3CF87
MD5: c42c6c2166de8248ce38e7fe76aa373e
Determination: GOOD

C:\WINDOWS\system32\browseui.dll
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5E6AB780-7743-11CF-A12B-00AA004AE837}    Barra degli strumenti Microsoft Internet
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{22BF0C20-6DA7-11D0-B373-00A0C9034938}    Stato del download
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{91EA3F8B-C99B-11d0-9815-00C04FD91972}    Shell Folder accresciuto
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6413BA2C-B461-11d1-A18A-080036B11A03}    Shell Folder 2 accresciuto
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F61FFEC1-754F-11d0-80CA-00AA005B4383}    BandProxy
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7BA4C742-9E81-11CF-99D3-00AA004AE837}    Microsoft BrowserBand
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{169A0691-8DF9-11d1-A1C4-00C04FD75D13}    Ricerca all'interno
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{07798131-AF23-11d1-9111-00A0C98BA67D}    Ricerca Web
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{AF4F6510-F982-11d0-8595-00AA004CD6D8}    Utilit. opzioni della struttura del Registro di sistema
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{01E04581-4EEE-11d0-BFE9-00AA005B4383}    &Indirizzo
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A08C11D2-A228-11d0-825B-00AA005B4383}    Address EditBox
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{00BB2763-6A77-11D0-A535-00C04FD7D062}    Completamento automatico Microsoft
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7376D660-C583-11d0-A3A5-00C04FD706EC}    TridentImageExtractor
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6756A641-DE71-11d0-831B-00AA005B4383}    Elenco di Completamento automatico MRU
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}    Elenco di Completamento automatico MRU personalizzato
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7e653215-fa25-46bd-a339-34a2790f3cb7}    Accessibile
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{acf35015-526e-4230-9596-becbe19f0ac9}    Indicatore di avanzamento popup
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{00BB2764-6A77-11D0-A535-00C04FD7D062}    Elenco di Completamento automatico della Cronologia di Microsoft
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{03C036F1-A186-11D0-824A-00AA005B4383}    Elenco di Completamento automatico di Shell Folder di Microsoft
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{00BB2765-6A77-11D0-A535-00C04FD7D062}    Contenitore dell'elenco di Completamento automatico multiplo Microsoft
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ECD4FC4E-521C-11D0-B792-00A0C90312E1}    Shell Band Site Menu
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}    Shell DeskBarApp
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ECD4FC4C-521C-11D0-B792-00A0C90312E1}    Shell DeskBar
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ECD4FC4D-521C-11D0-B792-00A0C90312E1}    Shell Rebar BandSite
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{DD313E04-FEFF-11d1-8ECD-0000F87A470C}    Assistenza utente
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}    Impostazioni cartella globale
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{438755C2-A8BA-11D1-B96B-00A0C90312E1}    Precaricatore Browseui
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{8C7461EF-2B13-11d2-BE35-3078302C2030}    Daemon di cache delle categorie di componenti
    Loaded from: \REGISTRY\User\S-1-5-21-602162358-1364589140-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{01E04581-4EEE-11D0-BFE9-00AA005B4383}    .......
    Loaded from: \REGISTRY\User\S-1-5-21-602162358-1364589140-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{01E04581-4EEE-11D0-BFE9-00AA005B4383}    .......
PX5: 5B4F21B60075B6029C7D0FA26EDE4900E3C87A86
MD5: b735bf10a26e707134b9fc7ebd8a2f1a
Determination: GOOD

C:\WINDOWS\system32\ntshrui.dll
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{40dd6e20-7c17-11ce-a804-00aa003ca9f6}    Estensioni shell per la condivisione
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}    Estensioni shell per la condivisione
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\Sharing\(default)    {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\Sharing\(default)    {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\PropertySheetHandlers\Sharing\(default)    {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\PropertySheetHandlers\Sharing\(default)    {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\Sharing\(default)    {40dd6e20-7c17-11ce-a804-00aa003ca9f6}
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\Sharing\(default)    {40dd6e20-7c17-11ce-a804-00aa003ca9f6}
PX5: 5EB8DF8A0005A80F7070045CC8B2C10063030599
MD5: 5d78db3857a0a9018b864bcd6e31c02f
Determination: GOOD

C:\WINDOWS\system32\shdocvw.dll
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}    Set Program Access and Defaults
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}    Cerca
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}    Guida in linea e supporto tecnico
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}    Guida in linea e supporto tecnico
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}    Esegui...
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}    Internet
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}    Posta elettronica
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D20EA4E1-3957-11d2-A40B-0C5020524152}    Tipi di carattere
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D20EA4E1-3957-11d2-A40B-0C5020524153}    Strumenti di amministrazione
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EFA24E61-B078-11d0-89E4-00C04FC9E26E}    Favorites Band
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0A89A860-D7B1-11CE-8350-444553540000}    Shell Automation Inproc Service
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}    Microsoft Browser Architecture
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}    Schermata iniziale applicazioni Internet Explorer 4
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{67EA19A0-CCEF-11d0-8024-00C04FD75D13}    CDF Extension Copy Hook
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{131A6951-7F78-11D0-A979-00C04FD705A2}    ISFBand OC
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9461b922-3c5a-11d2-bf8b-00c04fb93661}    Search Assistant OC
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EFA24E64-B078-11d0-89E4-00C04FC9E26E}    Explorer Band
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\CDF\(default)    {67EA19A0-CCEF-11d0-8024-00C04FD75D13}
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\CDF\(default)    {67EA19A0-CCEF-11d0-8024-00C04FD75D13}
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}\BarSize
    Loaded from: \REGISTRY\User\S-1-5-21-602162358-1364589140-839522115-1003\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E64-B078-11D0-89E4-00C04FC9E26E}\BarSize
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Extensions\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}\CLSID    {1FBA04EE-3024-11d2-8F1F-0000F87ABD16}
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}\CLSID    {E0DD6CAB-2D10-11D2-8F1A-0000F87ABD16}
PX5: 92CB89160084363DD894169EA521BF0033FB0418
MD5: 31fd436a6899880a1b010609f8e897eb
Determination: GOOD

C:\WINDOWS\System32\drprov.dll
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
PX5: BB8EDCE2008403A638800074FD083400905C26EC
MD5: 4f32c69e05ae35fc609218e94b0df5d9
Determination: GOOD

C:\WINDOWS\System32\ntlanman.dll
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
PX5: FCEBCD7A009905FEAA4200960455950080D2A1BD
MD5: d72c81e7f4986beb202813fc743af8d7
Determination: GOOD

C:\WINDOWS\System32\NETUI0.dll
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
PX5: 074187360063FEE5400A014D6C2C430053ABE349
MD5: 9fe57c0551c88667b8fbde49bd399144
Determination: GOOD

C:\WINDOWS\System32\NETUI1.dll
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
PX5: A4DAD8A200850E09C097034C744E770099F86FBA
MD5: a5ca0066df5a68d4a7403f2e32d620d8
Determination: GOOD

C:\WINDOWS\System32\NETRAP.dll
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
PX5: B3940B1900334CEB30F300847BE9340024D302E6
MD5: e7fc69c00bebc04daef86071822b2b89
Determination: GOOD

C:\WINDOWS\System32\davclnt.dll
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
PX5: 5E0DDE0C0099E131624800B42D603500DF9BC5AA
MD5: fa5791230a59dcc0f1bb0b0a193375a7
Determination: GOOD

C:\WINDOWS\system32\ieframe.dll
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{30D02401-6A81-11d0-8274-00C04FD5AE38}    IE Search Band
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}    Shell DocObject Viewer
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FBF23B40-E3F0-101B-8488-00AA003E56F8}    InternetShortcut
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3C374A40-BAE4-11CF-BF7D-00AA006946EE}    Microsoft Url History Service
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FF393560-C2A7-11CF-BFF4-444553540000}    History
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7BD29E00-76C1-11CF-9DD0-00A0C9034933}    Temporary Internet Files
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7BD29E01-76C1-11CF-9DD0-00A0C9034933}    Temporary Internet Files
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}    Microsoft Url Search Hook
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}    The Internet
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{871C5380-42A0-1069-A2EA-08002B30309D}    Internet Name Space
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{07C45BB1-4A8C-4642-A1F5-237E7215FF66}    IE Microsoft BrowserBand
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1C1EDB47-CE22-4bbb-B608-77B48F83C823}    IE Fade Task
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{205D7A97-F16D-4691-86EF-F3075DCCA57D}    IE Menu Desk Bar
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3028902F-6374-48b2-8DC6-9725E775B926}    IE AutoComplete
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{43886CD5-6529-41c4-A707-7B3C92C05E68}    IE Navigation Bar
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{44C76ECD-F7FA-411c-9929-1B77BA77F524}    IE Menu Site
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4B78D326-D922-44f9-AF2A-07805C2A3560}    IE Menu Band
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6038EF75-ABFC-4e59-AB6F-12D397F6568D}    IE Microsoft History AutoComplete List
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6B4ECC4F-16D1-4474-94AB-5A763F2A54AE}    IE Tracking Shell Menu
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6CF48EF8-44CD-45d2-8832-A16EA016311B}    IE IShellFolderBand
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{73CFD649-CD48-4fd8-A272-2070EA56526B}    IE BandProxy
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8}    IE MRU AutoComplete List
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E}    IE RSS Feeder Folder
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9D958C62-3954-4b44-8FAB-C4670C1DB4C2}    IE Microsoft Shell Folder AutoComplete List
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B31C5FAE-961F-415b-BAF0-E697A5178B94}    IE Microsoft Multiple AutoComplete List Container
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BC476F4C-D9D7-4100-8D4E-E043F6DEC409}    Microsoft Browser Architecture
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A}    IE Shell Rebar BandSite
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E6EE9AAC-F76B-4947-8260-A9F136138E11}    IE Shell Band Site Menu
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F2CF5485-4E02-4f68-819C-B92DE9277049}    &Links
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F83DAC1C-9BB9-4f2b-B619-09819DA81B0E}    IE Registry Tree Options Utility
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75}    IE User Assist
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FDE7673D-2E19-4145-8376-BBD58C4BC7BA}    IE Custom MRU AutoCompleted List
    Loaded from: \REGISTRY\User\.DEFAULT\Software\Microsoft\Internet Explorer\UrlSearchHooks\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}
    Loaded from: \REGISTRY\User\S-1-5-21-602162358-1364589140-839522115-1003\Software\Microsoft\Internet Explorer\UrlSearchHooks\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}
    Loaded from: \REGISTRY\User\S-1-5-18\Software\Microsoft\Internet Explorer\UrlSearchHooks\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}
PX5: 3044D5C80072E59A4EFA5CAA5F445A0051A4664E
Determination: GOOD

C:\WINDOWS\system32\MSCTF.dll
    Loaded into: C:\WINDOWS\system32\taskmgr.exe
    Loaded into: C:\WINDOWS\system32\ctfmon.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 64563C73008EB95E7EDD046B94EDCE00A3D588EB
MD5: 5d2f1beea828b4951f550bade794c1ef
Determination: GOOD

C:\WINDOWS\system32\ctfmon.exe
    Loaded into: C:\WINDOWS\system32\ctfmon.exe
    Loaded into: C:\WINDOWS\system32\ctfmon.exe
    Loaded from: \REGISTRY\User\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\CTFMON.EXE    C:\WINDOWS\system32\CTFMON.EXE
    Loaded from: \REGISTRY\User\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\CTFMON.EXE    C:\WINDOWS\system32\CTFMON.EXE
    Loaded from: \REGISTRY\User\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\CTFMON.EXE    C:\WINDOWS\system32\CTFMON.EXE
    Loaded from: \REGISTRY\User\S-1-5-21-602162358-1364589140-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\ctfmon.exe    C:\WINDOWS\system32\ctfmon.exe
    Loaded from: \REGISTRY\User\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\CTFMON.EXE    C:\WINDOWS\system32\CTFMON.EXE
PX5: 7BE460C100E5509F3C0D00F14B5A510097B91217
MD5: 5b33b4265966ee063c7fbea28958d9c2
Determination: GOOD

C:\WINDOWS\system32\MSUTB.dll
    Loaded into: C:\WINDOWS\system32\ctfmon.exe
PX5: 7A3AA486004261ECFC5902E8FBAFDA00B6B25BB1
MD5: fc6c38a1249d86fc62f72c8a5e3379db
Determination: GOOD

C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 4787BB200016A27E7E0909472E3BFD00144C8D8E
MD5: de49b348a18369b4626fba1d49b07fb4
Determination: GOOD

C:\WINDOWS\system32\IEUI.dll
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 41DF61E8001F9714C228023E0434CB00A40BCE0D
MD5: 4e89bf45219bb2cf4f931201e2f5755e
Determination: GOOD

C:\WINDOWS\system32\MSIMG32.dll
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: CB413D4600B070AF127100D0C427CA00FD59EFF9
MD5: 51f309aa675b5b77d19c573b7e0bb253
Determination: GOOD

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: EEECA2A200AE193420E61AFE5130B8009DDBAA0F
MD5: 100136f3c317b3fbffd33b9409aed1c3
Determination: GOOD

C:\WINDOWS\system32\xmllite.dll
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded from: FILE
PX5: DBDBF6F300FC6405DCA0019FAEEF2800153F1E93
MD5: 215422272bbadd7dda57d0372062d293
Determination: GOOD

C:\WINDOWS\system32\msimtf.dll
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 84310A0800BF02296E1202C6BE073C009D305F2B
MD5: e41d5bbed01edd653dfbe699c8b77fbf
Determination: GOOD

C:\Programmi\Microsoft Office\OFFICE11\msohev.dll
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{42042206-2D85-11D3-8CFF-005004838597}    Microsoft Office HTML Icon Handler
PX5: 9A454C88383E02BC06ED01134822DA00C01DA356
MD5: 165ae7a443f2139dd2c078ad87699f91
Determination: GOOD

C:\Programmi\Internet Explorer\ieproxy.dll
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: AA3D07A500ABABDC64EE04926ACC3900E730FE9A
MD5: fd0cba527032d2d3d00e17c0f24a99d3
Determination: GOOD

C:\WINDOWS\system32\msi.dll
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: E61CB2B900732EA71A202C11C29E1400D1F80F7A
MD5: 1cbc000ecd2de2e6fd2b19bc9aabcc52
Determination: GOOD

C:\WINDOWS\system32\actxprxy.dll
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 007947C1003133828EF901D865E09C00F6A66BF3
MD5: cac8ce72845461a8c6818071d923fc89
Determination: GOOD

C:\WINDOWS\system32\mshtml.dll
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 8CAE1390004138F59A3936D45E02F70007890903
Determination: GOOD

C:\WINDOWS\system32\msls31.dll
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: D440CACF00BE0A1C62E30254EFAD02005496CA69
MD5: 87b27e19dc5b4f8f3fef061a155977b9
Determination: GOOD

C:\WINDOWS\system32\ieapfltr.dll
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 970680C5002702BADA96054E7ED25900C8D5B051
MD5: f182d7d90db21a314569e4091510a2f4
Determination: GOOD

C:\WINDOWS\system32\jscript.dll
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: FA885F76001EB64C801707547A61D800FC7A7C56
MD5: c564a59c29b2386465b681cddb086dc1
Determination: GOOD

C:\WINDOWS\system32\iepeers.dll
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 203CA2AC00AC7A17EC8D02961B6FA4003EBECD4B
MD5: 95f2ce5be4bb23b457cd6b17528b34d7
Determination: GOOD

C:\WINDOWS\system32\mshtmled.dll
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 3059969200AA2D394207071678EFEE000B561C78
MD5: 0d324e83c84efcae8623ee588777ad88
Determination: GOOD

C:\WINDOWS\system32\ImgUtil.dll
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 82E6BE6700E00DD38E9300C212B30800D54B0621
MD5: 277a5f9eaf1c88f9ac760c46d259cd3f
Determination: GOOD

C:\WINDOWS\system32\pngfilt.dll
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 809FF1FA00B62F17AE70000FCD403E0078BA9920
MD5: 3b4cc750191421ffca6308604efb450e
Determination: GOOD

C:\WINDOWS\system32\msxml3.dll
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 58A2624500939316DE0712C7E1EE730028DA41A7
MD5: 410d428b92e82efc924fd9afaa640ca3
Determination: GOOD

C:\WINDOWS\system32\WINHTTP.dll
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 8A8FE9C3008B23F25C3905D494C02C00D181B661
MD5: 5b4ec6c0fbacc85430ce3d6ae8563a0d
Determination: GOOD

C:\WINDOWS\system32\mscoree.dll
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 36CE3DE9006AF1ED225D04AABCCEEE0051676249
MD5: 8256f0e39ad2b2d2c9a9db00242f594a
Determination: GOOD

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 3A12981E00DA462690BE00789C78B200517E73A9
MD5: ce1133f0efb66cad5b9f2d4b83ec1eb3
Determination: GOOD

C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 9A45456900EE9D7990C909755A3A5C00A6DAF154
MD5: e4fece18310e23b1d8fee993e35e7a6f
Determination: GOOD

C:\WINDOWS\system32\corpol.dll
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 6C00AC5F003F9DD144C800D456330D006F550657
MD5: 9b741f096fa9a49651080498920604fd
Determination: GOOD

C:\WINDOWS\system32\cryptnet.dll
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet\DllName    cryptnet.dll
PX5: 7068F9AD00A507EDF8EF0072A0BBE3005197631B
MD5: f8dd2e38ecc275ae94edc7c0492416ef
Determination: GOOD

C:\WINDOWS\system32\SensApi.dll
    Loaded into: C:\Programmi\Internet Explorer\iexplore.exe
PX5: 945479A500423FB71A9A004C020A3B0024ABF6B3
MD5: 344e594bb748d4f828211a7c9cea0829
Determination: GOOD

C:\Programmi\Mozilla Firefox\firefox.exe
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 896594CF702B6CFB782974F3D68A5000F3BAA8EB
Determination: GOOD

C:\Programmi\Mozilla Firefox\js3250.dll
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 0D0F35BA68CE9123F21506104B4BC50053ECC160
MD5: dd554a6c87ad58d35c00f21f02b36159
Determination: GOOD

C:\Programmi\Mozilla Firefox\nspr4.dll
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 7E20CE4E70EDCE5A760A021B5D119700D89896B5
MD5: 18fd6403fc229ab880993b297561f27a
Determination: GOOD

C:\WINDOWS\system32\WSOCK32.dll
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 2C097C2B007169C960BA0014DCE7CC0038229E38
MD5: 3bd93201e3afa5a0660c793a4bdae773
Determination: GOOD

C:\Programmi\Mozilla Firefox\xpcom_core.dll
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: E86A0BD4708EBE5D6E8D0649E03B6100EA4816EB
MD5: 05dc1e8395e9a00f9283518f05f0d471
Determination: GOOD

C:\Programmi\Mozilla Firefox\plc4.dll
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 78A0921D7872770F86B4002DDDE82A00FA32D8A4
MD5: 8766e1f5827c84cae1933132e74ceaa1
Determination: GOOD

C:\Programmi\Mozilla Firefox\plds4.dll
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 42F3261F7068473576CB00BE61BCCA00B3D6F97E
MD5: cc7a9116ba03568046ddbf1fb968d6c8
Determination: GOOD

C:\Programmi\Mozilla Firefox\smime3.dll
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 2BCF33E3687E4A19B67801F14D5F2700AB1DC6D1
MD5: 86fd24e48a50305a92a02d3c0679e574
Determination: GOOD

C:\Programmi\Mozilla Firefox\nss3.dll
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: AA1EDE4568A6A7CAC6F105427FB011003B91BA2A
MD5: 7a83b6b8c49fd677fc6c2cb7f513e839
Determination: GOOD

C:\Programmi\Mozilla Firefox\softokn3.dll
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: A7EECDBB6C552F62E0DA03C674CA420040DFA615
MD5: bf25ad1204a25cd88229cc343c878a88
Determination: GOOD

C:\Programmi\Mozilla Firefox\ssl3.dll
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 1939CB3668D7BB7F06220218A1964C005B712DF1
MD5: d738654b9c8add48fca82da4d6ffe618
Determination: GOOD

C:\Programmi\Mozilla Firefox\xpcom_compat.dll
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 9FB359F278DD97AE207001A6B1AE4D00C2E4FCFB
MD5: 29fe10b4bf8eced679042ef22cc4819b
Determination: GOOD

C:\Programmi\Mozilla Firefox\components\myspell.dll
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 17BCE6718838929888B7000AF9F43C00BB1DE9AF
MD5: 8f8af531aef88adfa9d0a6378d0c5949
Determination: GOOD

C:\Programmi\Mozilla Firefox\components\jar50.dll
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 20ED34CE70408210041801424FA4AB006727CAFB
MD5: 169f5184ac208d935dd7e5b42eeb3590
Determination: GOOD

C:\Programmi\Mozilla Firefox\freebl3.dll
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 656849DF7D6F8DBF10880339B8136100422C2D6B
MD5: 4b3db882913afe5c74d2145f225a46d6
Determination: GOOD

C:\Programmi\Mozilla Firefox\nssckbi.dll
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 51ED3350701572B7F617032928E532000C9434C5
MD5: 9ef74d72f2362ee73d49fefcc08ada68
Determination: GOOD

C:\Programmi\Mozilla Firefox\components\spellchk.dll
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 5F5BD86580591F96B68E00CD5296B0009330668B
MD5: 7871d75616cbe3545eacd775161c3036
Determination: GOOD

C:\Programmi\DAP\DAPFireFox\components\DAPFireFox.dll
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: D04539753B5ED85C10B801D72C1F1100CB393082
MD5: a31eb038e4d05f1e097f6866c3fff687
Determination: GOOD

C:\Programmi\Mozilla Firefox\xpcom.dll
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 877FFCD468FDDAA3341C00BBEDDEBC008CAA62C2
MD5: 0d2c0e5ceab892cd899134526af84239
Determination: GOOD

C:\Programmi\Mozilla Firefox\plugins\NPSWF32.dll
    Loaded into: C:\Programmi\Mozilla Firefox\firefox.exe
PX5: 2235794588787502B6D11F37E3AFC50095783C0E
MD5: 73dd5296e57633ed34bd52f86e276451
Determination: GOOD

C:\Programmi\Realtek\InstallShield\AzMixerSel.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\AzMixerSel    C:\Programmi\Realtek\InstallShield\AzMixerSel.exe
PX5: DCBDD37C00ACF4DBD085002ADD29850020CD9147
MD5: ae09a7fad521da4e5781cb93f594fd3c
Determination: GOOD

C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\avgnt    "C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe" /min
PX5: 6531FF2628CBABF3D063037C6653E4001102191E
MD5: 6e898f5959e7195d64594c30e9251938
Determination: GOOD

C:\Programmi\Sony\VAIO Update 3\VAIOUpdt.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\VAIO Update 3    "C:\Programmi\Sony\VAIO Update 3\VAIOUpdt.exe"  /Stationary
PX5: FCC0565A784C5AD55814081482AFE1003BF4DCEE
MD5: 6fb6057066e2ac3434afd6152c471840
Determination: GOOD

C:\WINDOWS\system32\bthprops.cpl
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\BluetoothAuthenticationAgent    rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
PX5: 920CECD7007DBB52B05F01F1031411000F57F72B
MD5: df379e88a286df75f0a89639b0df9d52
Determination: GOOD

C:\WINDOWS\system32\rundll32.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\BluetoothAuthenticationAgent    rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\VmApplet    rundll32 shell32,Control_RunDLL "sysdm.cpl"
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}\StubPath    RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS\StubPath    RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}\StubPath    rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}\StubPath    rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\StubPath    rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}\StubPath    C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{8b15971b-5355-4c82-8c07-7e181ea07608}\StubPath    rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{00E7B358-F65B-4dcf-83DF-CD026B94BFD4}    Autoplay for SlideShow
PX5: 797CA9E8007174E38209003396ABA600D9E79205
MD5: f88cdb0ccc416b3778736be74cdebb94
Determination: GOOD

C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
    Loaded from: \REGISTRY\User\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\Nokia.PCSync    "C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog
    Loaded from: \REGISTRY\User\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\Nokia.PCSync    "C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog
PX5: 7A3BC2A000D479B5C01F13CF79843B00F6D02D1A
MD5: 7e024cd0041cf4211fb1c0183744d548
Determination: GOOD

C:\Programmi\a-squared Free\a2service.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\a2free\ImagePath    "C:\Programmi\a-squared Free\a2service.exe"
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\a2free\ImagePath    C:\Programmi\a-squared Free\a2service.exe
PX5: 8D51B84F786C9CF4506D038859E64000E6E7DAA7
MD5: c0c09160883a964b1b6e6cf32643a394
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\ACPI.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ACPI\ImagePath    system32\DRIVERS\ACPI.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ACPI\ImagePath    C:\WINDOWS\system32\DRIVERS\ACPI.sys
    Loaded from: FILE
PX5: 6EB7D724001F4D96E0A8029EF0BB700070C5BA93
MD5: ad825cb3397c837d1fb91d566d78de04
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ACPIEC\ImagePath    system32\DRIVERS\ACPIEC.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ACPIEC\ImagePath    C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
    Loaded from: FILE
PX5: F21BE3DC800E8A0A2F3C009238A73C008905B399
MD5: 49ac5cd87fbdda62f3e25190019e7627
Determination: GOOD

C:\WINDOWS\system32\drivers\aec.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\aec\ImagePath    system32\drivers\aec.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\aec\ImagePath    C:\WINDOWS\system32\drivers\aec.sys
    Loaded from: FILE
PX5: 0D5CE55C80399AC42C5E023AA9E661007F4C2597
MD5: 841f385c6cfaf66b58fbd898722bb4f0
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\AegisP.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\AegisP\ImagePath    system32\DRIVERS\AegisP.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\AegisP\ImagePath    C:\WINDOWS\system32\DRIVERS\AegisP.sys
    Loaded from: FILE
PX5: 07386CF0AB284C0E53B300F223CB46008C82410D
MD5: 15e655baa989444f56787ef558823643
Determination: GOOD

C:\WINDOWS\System32\drivers\afd.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\AFD\ImagePath    \SystemRoot\System32\drivers\afd.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\AFD\ImagePath    C:\WINDOWS\System32\drivers\afd.sys
    Loaded from: FILE
PX5: EE224F5C0089E9241DEF0273688B740025971F4C
MD5: 5ac495f4cb807b2b98ad2ad591e6d92e
Determination: GOOD

C:\WINDOWS\System32\alg.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ALG\ImagePath    %SystemRoot%\System32\alg.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ALG\ImagePath    C:\WINDOWS\System32\alg.exe
PX5: A1E5D90F00A84BB2AEC200E087F3A200AB0BF90E
MD5: d4a42bf3c11302aa3ccd857034ef1e54
Determination: GOOD

C:\Programmi\AntiVir PersonalEdition Classic\sched.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\AntiVirScheduler\ImagePath    C:\Programmi\AntiVir PersonalEdition Classic\sched.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\AntiVirScheduler\ImagePath    C:\Programmi\AntiVir PersonalEdition Classic\sched.exe
PX5: 6CAA4D9428FF4181F652007A83AB0A00DA55705B
MD5: a6fa9c14e649b2f3de15390a1840774d
Determination: GOOD

C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\AntiVirService\ImagePath    C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\AntiVirService\ImagePath    C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe
PX5: 040D894228A9A34A44E403C487AA3900C738BCB4
MD5: f640ea98231d7b1db730385813bfce79
Determination: GOOD

C:\AppServ\Apache2.2\bin\httpd.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Apache2.2\ImagePath    "C:\AppServ\Apache2.2\bin\httpd.exe" -k runservice
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Apache2.2\ImagePath    C:\AppServ\Apache2.2\bin\httpd.exe
PX5: 39883B413BC47D6D50A60025231CA5003A39ED61
MD5: 70149a8b2a9b171d07c20d5595282550
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\arp1394.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Arp1394\ImagePath    system32\DRIVERS\arp1394.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Arp1394\ImagePath    C:\WINDOWS\system32\DRIVERS\arp1394.sys
    Loaded from: FILE
PX5: E79B803D809043E9ED9C00655C5EAE00E1E46E49
MD5: f0d692b0bffb46e30eb3cea168bbc49f
Determination: GOOD

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\aspnet_state\ImagePath    %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\aspnet_state\ImagePath    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
PX5: BB434D07C8741D51745900F3E3CC0F00ED8F1C59
MD5: d33c507942299753868204cc7642fa27
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\AsyncMac\ImagePath    system32\DRIVERS\asyncmac.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\AsyncMac\ImagePath    C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    Loaded from: FILE
PX5: 8BD45D2B002F3B40389D007E91CC59004B62F8E9
MD5: 02000abf34af4c218c35d257024807d6
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\atapi.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\atapi\ImagePath    system32\DRIVERS\atapi.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\atapi\ImagePath    C:\WINDOWS\system32\DRIVERS\atapi.sys
    Loaded from: FILE
PX5: 9D6081B280209DE174C2011395153C00E47C5A8D
MD5: cdfe4411a69c224bd1d11b2da92dac51
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Atmarpc\ImagePath    system32\DRIVERS\atmarpc.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Atmarpc\ImagePath    C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    Loaded from: FILE
PX5: C41A09F600246E0AEA81009B2DE4BF0073057136
MD5: ec88da854ab7d7752ec8be11a741bb7f
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\audstub.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\audstub\ImagePath    system32\DRIVERS\audstub.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\audstub\ImagePath    C:\WINDOWS\system32\DRIVERS\audstub.sys
    Loaded from: FILE
PX5: C910D030000E35B30CDC00441BDEF300B79BCD14
MD5: d9f724aa26c010a217c97606b160ed68
Determination: GOOD

C:\Programmi\AntiVir PersonalEdition Classic\avgio.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\avgio\ImagePath    \??\C:\Programmi\AntiVir PersonalEdition Classic\avgio.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\avgio\ImagePath    C:\Programmi\AntiVir PersonalEdition Classic\avgio.sys
PX5: 9E7183A14012359F2ECF00C7B7B630002CC224EB
MD5: 53d688e5f619edd01232b649a0c06008
Determination: GOOD

C:\Programmi\AntiVir PersonalEdition Classic\avgntflt.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\avgntflt\ImagePath    \??\C:\Programmi\AntiVir PersonalEdition Classic\avgntflt.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\avgntflt\ImagePath    C:\Programmi\AntiVir PersonalEdition Classic\avgntflt.sys
PX5: 08737A9540715B7BBDA900C5BAA5EC00E5296568
MD5: 0e33eff6f7c8e8ae38536489e5c9eaed
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\avipbb.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\avipbb\ImagePath    system32\DRIVERS\avipbb.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\avipbb\ImagePath    C:\WINDOWS\system32\DRIVERS\avipbb.sys
    Loaded from: FILE
PX5: 3D518CE0C0CB4665F0FB00D9D1E75300221910E3
MD5: f2842c754aa6c8c93f852636d1117813
Determination: GOOD

C:\WINDOWS\System32\Drivers\battc.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\BattC\MofImagePath    System32\Drivers\battc.sys
    Loaded from: FILE
PX5: EB6F1BAC00003DE437C500D2CB8267002617D2AD
MD5: ea22edadf90c0aba8319454b2a07b700
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\BthEnum.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\BthEnum\ImagePath    system32\DRIVERS\BthEnum.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\BthEnum\ImagePath    C:\WINDOWS\system32\DRIVERS\BthEnum.sys
    Loaded from: FILE
PX5: 67DA124780F37F2D4207001BE7C4FB0045C03AEB
MD5: d24b8d1784c68a25060fffbe8ed34b76
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\bthmodem.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\BTHMODEM\ImagePath    system32\DRIVERS\bthmodem.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\BTHMODEM\ImagePath    C:\WINDOWS\system32\DRIVERS\bthmodem.sys
    Loaded from: FILE
PX5: C7B3094980D7C27F94CD007E3580A600EA41E403
MD5: 9df0adf74ce1d6371ed60cf92eb1d9a6
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\bthpan.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\BthPan\ImagePath    system32\DRIVERS\bthpan.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\BthPan\ImagePath    C:\WINDOWS\system32\DRIVERS\bthpan.sys
    Loaded from: FILE
PX5: 1D47A64A80076E3A8ADF01F4925E2600FD8B4F37
MD5: 10355270be12641b9764235da39dcf0f
Determination: GOOD

C:\WINDOWS\System32\Drivers\BTHport.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\BTHPORT\ImagePath    System32\Drivers\BTHport.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\BTHPORT\ImagePath    C:\WINDOWS\System32\Drivers\BTHport.sys
    Loaded from: FILE
PX5: 6338AACF00FAD595326504F3A4496F00E0F5490A
MD5: 88513290116b4e9447b7ce800649b3fc
Determination: GOOD

C:\WINDOWS\System32\Drivers\BTHUSB.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\BTHUSB\ImagePath    System32\Drivers\BTHUSB.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\BTHUSB\ImagePath    C:\WINDOWS\System32\Drivers\BTHUSB.sys
    Loaded from: FILE
PX5: E7E73BF300F2E0284A6100A9DDF11900F96519D9
MD5: f06d4cb9918b462a84d9ac00027efc30
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\CCDECODE\ImagePath    system32\DRIVERS\CCDECODE.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\CCDECODE\ImagePath    C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
    Loaded from: FILE
PX5: 4E4CADF380552430426F00BC05FF9D0038FB5853
MD5: 6163ed60b684bab19d3352ab22fc48b2
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\cdrom.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Cdrom\ImagePath    system32\DRIVERS\cdrom.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Cdrom\ImagePath    C:\WINDOWS\system32\DRIVERS\cdrom.sys
    Loaded from: FILE
PX5: B3CE44DD80DABE80C1400031E25C450069663A5F
MD5: af9c19b3100fe010496b1a27181fbf72
Determination: GOOD

C:\WINDOWS\system32\cisvc.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\CiSvc\ImagePath    %SystemRoot%\system32\cisvc.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\CiSvc\ImagePath    C:\WINDOWS\system32\cisvc.exe
PX5: B03833B20005A59D1629005665669D00201F0525
MD5: c4e84243292e37ca3b6faf4a1855b8a7
Determination: GOOD

C:\WINDOWS\system32\clipsrv.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ClipSrv\ImagePath    %SystemRoot%\system32\clipsrv.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ClipSrv\ImagePath    C:\WINDOWS\system32\clipsrv.exe
PX5: 50E35C41004F616D823700EBB15ECF008A4FA87F
MD5: 0a215e4bac9a1a9381d88c67517c850b
Determination: GOOD

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\clr_optimization_v2.0.50727_32\ImagePath    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\clr_optimization_v2.0.50727_32\ImagePath    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
PX5: F17A6501C07AD2CE023301EE2109B000FDD5AFC3
MD5: 3c4d595e7f9b747325aef28b4adcaae5
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\CmBatt.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\CmBatt\ImagePath    system32\DRIVERS\CmBatt.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\CmBatt\ImagePath    C:\WINDOWS\system32\DRIVERS\CmBatt.sys
    Loaded from: FILE
PX5: 91BBA2540094CF733705005E75072E008A264A98
MD5: 4266be808f85826aedf3c64c1e240203
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\compbatt.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Compbatt\ImagePath    system32\DRIVERS\compbatt.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Compbatt\ImagePath    C:\WINDOWS\system32\DRIVERS\compbatt.sys
    Loaded from: FILE
PX5: E36FE59D80DA9ACD24410031217DCA008249322A
MD5: df1b1a24bf52d0ebc01ed4ece8979f50
Determination: GOOD

C:\WINDOWS\system32\dllhost.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\COMSysApp\ImagePath    C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SwPrv\ImagePath    C:\WINDOWS\system32\dllhost.exe /Processid:{7D053AC9-9F10-43E2-BBD4-10686210ED23}
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\COMSysApp\ImagePath    C:\WINDOWS\system32\dllhost.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\SwPrv\ImagePath    C:\WINDOWS\system32\dllhost.exe
PX5: 6EA1D06F0041EB21141900B4A32FF2002F6B8881
MD5: f4b3c65e2a3406f32d220019deb522f8
Determination: GOOD

C:\WINDOWS\System32\Drivers\DgiVecp.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\DgiVecp\ImagePath    System32\Drivers\DgiVecp.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\DgiVecp\ImagePath    C:\WINDOWS\System32\Drivers\DgiVecp.sys
    Loaded from: FILE
PX5: 2AA80CC500C5D813A49D00C17236DB001B4CE5FB
MD5: a5034f77b278f07e224fe07cf98a8b76
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\disk.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Disk\ImagePath    system32\DRIVERS\disk.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Disk\ImagePath    C:\WINDOWS\system32\DRIVERS\disk.sys
    Loaded from: FILE
PX5: 61E4E34300C80A908E6D00C10934AF006F571071
MD5: 00ca44e4534865f8a3b64f7c0984bff0
Determination: GOOD

C:\WINDOWS\system32\Drivers\dk2drv.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\dk2drv\ImagePath    \??\C:\WINDOWS\system32\Drivers\dk2drv.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\dk2drv\ImagePath    C:\WINDOWS\system32\Drivers\dk2drv.sys
    Loaded from: FILE
PX5: D5C4EF0A596D3648760400B5E3F0C80015A5CA12
MD5: c2762b6af8dc00548d16eac80f1c57bd
Determination: GOOD

C:\WINDOWS\System32\dmadmin.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\dmadmin\ImagePath    %SystemRoot%\System32\dmadmin.exe /com
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\dmadmin\ImagePath    C:\WINDOWS\System32\dmadmin.exe
PX5: CB8A3D6900018319702703238C5916001DF268F6
MD5: 6c9aaa1aa9bf1699d23dec4d4113226f
Determination: GOOD

C:\WINDOWS\System32\drivers\dmboot.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\dmboot\ImagePath    System32\drivers\dmboot.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\dmboot\ImagePath    C:\WINDOWS\System32\drivers\dmboot.sys
    Loaded from: FILE
PX5: 917F152000320DE9366A0C362239380089D45879
MD5: 6570b4c952f0d8fee4c6ef2ff5e10c08
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\DMICall.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\DMICall\ImagePath    system32\DRIVERS\DMICall.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\DMICall\ImagePath    C:\WINDOWS\system32\DRIVERS\DMICall.sys
    Loaded from: FILE
PX5: 1DA93051706B058D0F64007E04205E00B79BCD14
MD5: 526192bf7696f72e29777bf4a180513a
Determination: GOOD

C:\WINDOWS\System32\drivers\dmio.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\dmio\ImagePath    System32\drivers\dmio.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\dmio\ImagePath    C:\WINDOWS\System32\drivers\dmio.sys
    Loaded from: FILE
PX5: 33A7916180B2EE7E5AC702A49AA6DC00E6795F14
MD5: c57d35621782c7f40770f3e5ca20a182
Determination: GOOD

C:\WINDOWS\System32\drivers\dmload.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\dmload\ImagePath    System32\drivers\dmload.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\dmload\ImagePath    C:\WINDOWS\System32\drivers\dmload.sys
    Loaded from: FILE
PX5: FC216AA0003B46A9171D00359F9C1600E909FEB4
MD5: e9317282a63ca4d188c0df5e09c6ac5f
Determination: GOOD

C:\WINDOWS\system32\drivers\DMusic.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\DMusic\ImagePath    system32\drivers\DMusic.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\DMusic\ImagePath    C:\WINDOWS\system32\drivers\DMusic.sys
    Loaded from: FILE
PX5: 64B493018066E6FACEE6008D21636D008F236B03
MD5: a6f881284ac1150e37d9ae47ff601267
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\Dot4.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\dot4\ImagePath    system32\DRIVERS\Dot4.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\dot4\ImagePath    C:\WINDOWS\system32\DRIVERS\Dot4.sys
    Loaded from: FILE
PX5: 4AB29C6500AAD7302A6F031F0A739D00A9105712
MD5: ad7fc1963b152b3728e3c4f83554a576
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Dot4Print\ImagePath    system32\DRIVERS\Dot4Prt.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Dot4Print\ImagePath    C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
    Loaded from: FILE
PX5: E8A097D080826848324100EDF3C8D400B0FBAD84
MD5: 77ce63a8a34ae23d9fe4c7896d1debe7
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\dot4usb.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\dot4usb\ImagePath    system32\DRIVERS\dot4usb.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\dot4usb\ImagePath    C:\WINDOWS\system32\DRIVERS\dot4usb.sys
    Loaded from: FILE
PX5: F4438352802738B45DA300879A6CD200952ED2BE
MD5: 707e8402ecaf9c87a7dd15615f0cfea2
Determination: GOOD

C:\WINDOWS\system32\drivers\drmkaud.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\drmkaud\ImagePath    system32\drivers\drmkaud.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\drmkaud\ImagePath    C:\WINDOWS\system32\drivers\drmkaud.sys
    Loaded from: FILE
PX5: FA93CCC9802BA0DD0B8800D3A4C66500B79BCD14
MD5: 1ed4dbbae9f5d558dbba4cc450e3eb2e
Determination: GOOD

C:\WINDOWS\system32\mnmsrvc.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Eventlog\Application\(default)    mnmsrvc
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\mnmsrvc\ImagePath    C:\WINDOWS\system32\mnmsrvc.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\mnmsrvc\ImagePath    C:\WINDOWS\system32\mnmsrvc.exe
PX5: F2F6E69800D71BFC80AE00AF40E07800F93A911A
MD5: 940a4e02b7f03c2592a52e16dddb3e46
Determination: GOOD

C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\EvtEng\ImagePath    C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\EvtEng\ImagePath    C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
PX5: B4ED013A004F1A98A08106544008CA00F16FA80C
MD5: 6a197698a141ffe7651b962ae3172008
Determination: GOOD

C:\WINDOWS\system32\fxssvc.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Fax\ImagePath    %systemroot%\system32\fxssvc.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Fax\ImagePath    C:\WINDOWS\system32\fxssvc.exe
PX5: 6602748D00AECFA4184704CBFF06DC000839594C
MD5: 3ceba41f3e0ef013e4f7ae05a227fd8c
Determination: GOOD

C:\WINDOWS\System32\Drivers\fle5wnnt.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\FLE5WNNT\ImagePath    \??\C:\WINDOWS\System32\Drivers\fle5wnnt.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\FLE5WNNT\ImagePath    C:\WINDOWS\System32\Drivers\fle5wnnt.sys
    Loaded from: FILE
PX5: B3DCEE657CD2119F829C009D449F2200CB945282
MD5: ea7ed2075d7eed73dd5658835b61c558
Determination: GOOD

C:\WINDOWS\System32\Drivers\flsiface.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\FLSIFACE\ImagePath    \??\C:\WINDOWS\System32\Drivers\flsiface.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\FLSIFACE\ImagePath    C:\WINDOWS\System32\Drivers\flsiface.sys
    Loaded from: FILE
PX5: E0191F5EE004B5213153000F2B39D300BE2ADAC0
MD5: 74787ca9e6d9d3e1efd9d87f486852a3
Determination: GOOD

C:\WINDOWS\System32\Drivers\flspar.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\FLSPAR\ImagePath    \??\C:\WINDOWS\System32\Drivers\flspar.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\FLSPAR\ImagePath    C:\WINDOWS\System32\Drivers\flspar.sys
    Loaded from: FILE
PX5: E281D4C1BAF3C0CD3F4D00EA6A1403008972F0E8
MD5: f85ec1ad593b1f889cf664d68da27274
Determination: GOOD

C:\WINDOWS\System32\Drivers\flsser.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\FLSSER\ImagePath    \??\C:\WINDOWS\System32\Drivers\flsser.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\FLSSER\ImagePath    C:\WINDOWS\System32\Drivers\flsser.sys
    Loaded from: FILE
PX5: 8DE360D59813B1402071001B1F5A9A004A49B0D8
MD5: 84bf89b463893461c664880463e3eede
Determination: GOOD

C:\WINDOWS\System32\Drivers\flsvcom.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\FLSVCOM\ImagePath    \??\C:\WINDOWS\System32\Drivers\flsvcom.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\FLSVCOM\ImagePath    C:\WINDOWS\System32\Drivers\flsvcom.sys
    Loaded from: FILE
PX5: AB9012C99AC9B1D67F5C00BE6B0779008B80A466
MD5: 778ef111f805cc41180fc1a10e355f00
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\fltMgr.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\FltMgr\ImagePath    system32\DRIVERS\fltMgr.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\FltMgr\ImagePath    C:\WINDOWS\system32\DRIVERS\fltMgr.sys
    Loaded from: FILE
PX5: C07EAE2780FF0E5FE76C019FEA2ECE0003150577
MD5: 157754f0df355a9e0a6f54721914f9c6
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Ftdisk\ImagePath    system32\DRIVERS\ftdisk.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Ftdisk\ImagePath    C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    Loaded from: FILE
PX5: D543638280F1FAF5EBA30154BD3E7700D3ED2EEC
MD5: f3269a6ee547ea87b949a1cea4816b38
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\msgpc.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Gpc\ImagePath    system32\DRIVERS\msgpc.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Gpc\ImagePath    C:\WINDOWS\system32\DRIVERS\msgpc.sys
    Loaded from: FILE
PX5: A6DC8C520088C979894600B57B2B1A00363C4157
MD5: c0f1d4a21de5a415df8170616703debf
Determination: GOOD

C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\gusvc\ImagePath    "C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe"
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\gusvc\ImagePath    C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
PX5: 62CED423B81F5EB8131202E836055A00D95D1285
MD5: c1b577b2169900f4cf7190c39f085794
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\hamachi.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\hamachi\ImagePath    system32\DRIVERS\hamachi.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\hamachi\ImagePath    C:\WINDOWS\system32\DRIVERS\hamachi.sys
    Loaded from: FILE
PX5: 4E4BFFC1C04B538562CB008FE9C07400428DE43A
MD5: 7929a161f9951d173ca9900fe7067391
Determination: GOOD

C:\WINDOWS\system32\Drivers\hcmon.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\hcmon\ImagePath    \??\C:\WINDOWS\system32\Drivers\hcmon.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\hcmon\ImagePath    C:\WINDOWS\system32\Drivers\hcmon.sys
    Loaded from: FILE
PX5: 446B42983080181A87FB00864F45E3007A33D982
MD5: 613cd440ada584b301e37b726c013b26
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\HDAudBus\ImagePath    system32\DRIVERS\HDAudBus.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\HDAudBus\ImagePath    C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
    Loaded from: FILE
PX5: 71E6543E002B7EFB1A8302322A95BF007A522599
MD5: e31363d186b3e1d7c4e9117884a6aee5
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\hidusb.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\HidUsb\ImagePath    system32\DRIVERS\hidusb.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\HidUsb\ImagePath    C:\WINDOWS\system32\DRIVERS\hidusb.sys
    Loaded from: FILE
PX5: 1484F98A807906C3258400E49D6D650019C14BBC
MD5: 1de6783b918f540149aa69943bdfeba8
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\HSFHWAZL\ImagePath    system32\DRIVERS\HSFHWAZL.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\HSFHWAZL\ImagePath    C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
    Loaded from: FILE
PX5: B1A2A64180C96DE9B77C021850CD5A00DC05550C
MD5: 9bec5d4ac6efdaaf001d42c77811e3db
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\HSF_DPV\ImagePath    system32\DRIVERS\HSF_DPV.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\HSF_DPV\ImagePath    C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
    Loaded from: FILE
PX5: D262B21500007D28CA9D0F4814F68300376EFC0C
MD5: 6cad234becf58529879b6c303f02777f
Determination: GOOD

C:\WINDOWS\System32\Drivers\HTTP.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\HTTP\ImagePath    System32\Drivers\HTTP.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\HTTP\ImagePath    C:\WINDOWS\System32\Drivers\HTTP.sys
    Loaded from: FILE
PX5: 7D54A2AA80AC9B3F039704DAED61AB008C70BD34
MD5: c19b522a9ae0bbc3293397f3055e80a1
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\i8042prt\ImagePath    system32\DRIVERS\i8042prt.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\i8042prt\ImagePath    C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    Loaded from: FILE
PX5: 5176B379805D75ECD1900002BF9BC2003FF0C0D5
MD5: 30e64dfa4efaacc8142ea07766181fb4
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ialm\ImagePath    system32\DRIVERS\ialmnt5.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ialm\ImagePath    C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
    Loaded from: FILE
PX5: 72D85E8B5C1C206C026C1081794D1500EA686566
MD5: 240d0f5d7caafd87bd8d801a97bbe041
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\imapi.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Imapi\ImagePath    system32\DRIVERS\imapi.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Imapi\ImagePath    C:\WINDOWS\system32\DRIVERS\imapi.sys
    Loaded from: FILE
PX5: A6DE19768012C7FDA37F00B5535D7900050612BF
MD5: f8aa320c6a0409c0380e5d8a99d76ec6
Determination: GOOD

C:\WINDOWS\system32\imapi.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ImapiService\ImagePath    C:\WINDOWS\system32\imapi.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ImapiService\ImagePath    C:\WINDOWS\system32\imapi.exe
PX5: 74CFCD09009BDDD14A8402202B1E530034B0D214
MD5: ed7abb35c81709fb41972d30fe15311e
Determination: GOOD

C:\WINDOWS\system32\drivers\RtkHDAud.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\IntcAzAudAddService\ImagePath    system32\drivers\RtkHDAud.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\IntcAzAudAddService\ImagePath    C:\WINDOWS\system32\drivers\RtkHDAud.sys
    Loaded from: FILE
PX5: D3277A3200AB674FD4783AD8FBFB0F008AAA6437
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\intelide.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\IntelIde\ImagePath    system32\DRIVERS\intelide.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\IntelIde\ImagePath    C:\WINDOWS\system32\DRIVERS\intelide.sys
    Loaded from: FILE
PX5: 13577194803FCB8815F90068ABEFAF00861C758E
MD5: 7c15b34147134381421d7044479a1d73
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\intelppm.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\intelppm\ImagePath    system32\DRIVERS\intelppm.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\intelppm\ImagePath    C:\WINDOWS\system32\DRIVERS\intelppm.sys
    Loaded from: FILE
PX5: 308DA7E000DC5FE09D58006BABC91A0052CD17AF
MD5: ebc07787034bbe312020d30198a9f362
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Ip6Fw\ImagePath    system32\DRIVERS\Ip6Fw.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Ip6Fw\ImagePath    C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
    Loaded from: FILE
PX5: 554B18088049820E711F003BBA86E4005B660DCC
MD5: 4448006b6bc60e6c027932cfc38d6855
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\IpFilterDriver\ImagePath    system32\DRIVERS\ipfltdrv.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\IpFilterDriver\ImagePath    C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    Loaded from: FILE
PX5: E130718C809C039180F700DA0AC8EE00F2B31814
MD5: 731f22ba402ee4b62748adaf6363c182
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\ipinip.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\IpInIp\ImagePath    system32\DRIVERS\ipinip.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\IpInIp\ImagePath    C:\WINDOWS\system32\DRIVERS\ipinip.sys
    Loaded from: FILE
PX5: 9655BFAF0030F62E523A00C352D248003081C413
MD5: e1ec7f5da720b640cd8fb8424f1b14bb
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\ipnat.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\IpNat\ImagePath    system32\DRIVERS\ipnat.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\IpNat\ImagePath    C:\WINDOWS\system32\DRIVERS\ipnat.sys
    Loaded from: FILE
PX5: 16BC903800541BF40F8E022F0693810084706928
MD5: b5a8e215ac29d24d60b4d1250ef05ace
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\ipsec.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\IPSec\ImagePath    system32\DRIVERS\ipsec.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\IPSec\ImagePath    C:\WINDOWS\system32\DRIVERS\ipsec.sys
    Loaded from: FILE
PX5: 84ED89D600412A2C245201A3F8A740006B772EC6
MD5: 64537aa5c003a6afeee1df819062d0d1
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\irenum.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\IRENUM\ImagePath    system32\DRIVERS\irenum.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\IRENUM\ImagePath    C:\WINDOWS\system32\DRIVERS\irenum.sys
    Loaded from: FILE
PX5: 42D7DCAC001BE9A12C7B00EF915041002AED16BC
MD5: 50708daa1b1cbb7d6ac1cf8f56a24410
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\isapnp.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\isapnp\ImagePath    system32\DRIVERS\isapnp.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\isapnp\ImagePath    C:\WINDOWS\system32\DRIVERS\isapnp.sys
    Loaded from: FILE
PX5: 8A87001A0002BFB48D1F0066402D8A00BD468997
MD5: ea3245a8e8758d6b84de189a5caaa75e
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Kbdclass\ImagePath    system32\DRIVERS\kbdclass.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Kbdclass\ImagePath    C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    Loaded from: FILE
PX5: 11013D51001BA498620F00A282D06D00135D5A16
MD5: e883ae6ea0b313e659225aa32e449ce9
Determination: GOOD

C:\WINDOWS\system32\drivers\kmixer.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\kmixer\ImagePath    system32\drivers\kmixer.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\kmixer\ImagePath    C:\WINDOWS\system32\drivers\kmixer.sys
    Loaded from: FILE
PX5: 13330EA9009A68969FC70268A04877008F11DB17
MD5: d93cad07c5683db066b0b2d2d3790ead
Determination: GOOD

C:\WINDOWS\system32\drivers\lhkvnkcvfndk.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\lhkvnkcvfndk\ImagePath    system32\drivers\lhkvnkcvfndk.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\lhkvnkcvfndk\ImagePath    C:\WINDOWS\system32\drivers\lhkvnkcvfndk.sys
    Loaded from: FILE
PX5: A2DC801C8030AEE921960056BEFFA5009311229D
MD5: d7dbfbc453b645111e6d21142305e80b
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\mdmxsdk\ImagePath    system32\DRIVERS\mdmxsdk.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\mdmxsdk\ImagePath    C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
    Loaded from: FILE
PX5: F550CBF4034DEEBE33DE0064049C6200B3B9C3B3
MD5: 3c318b9cd391371bed62126581ee9961
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\mouclass.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Mouclass\ImagePath    system32\DRIVERS\mouclass.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Mouclass\ImagePath    C:\WINDOWS\system32\DRIVERS\mouclass.sys
    Loaded from: FILE
PX5: 7E80CA6A0038C59C5C6F0047F0E35500920EB276
MD5: c458e314b8722253897c94a714c2e0c0
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\mouhid.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\mouhid\ImagePath    system32\DRIVERS\mouhid.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\mouhid\ImagePath    C:\WINDOWS\system32\DRIVERS\mouhid.sys
    Loaded from: FILE
PX5: 2301F35080287EAB2F80000FDBBFFD00349EAF96
MD5: d7662f0cf5b77bbbe3202716f5bd5318
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MRxDAV\ImagePath    system32\DRIVERS\mrxdav.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\MRxDAV\ImagePath    C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    Loaded from: FILE
PX5: 2A28D206005617C9C4F8026FCC47BD006A62BA75
MD5: 46edcc8f2db2f322c24f48785cb46366
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MRxSmb\ImagePath    system32\DRIVERS\mrxsmb.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\MRxSmb\ImagePath    C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    Loaded from: FILE
PX5: 65A2AA0080B21F17E300065044F4DC004CE9A2A9
MD5: 1fd607fc67f7f7c633c3da65bfc53d18
Determination: GOOD

C:\WINDOWS\system32\msdtc.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MSDTC\ImagePath    C:\WINDOWS\system32\msdtc.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\MSDTC\ImagePath    C:\WINDOWS\system32\msdtc.exe
PX5: 3A5257C800292C38184B000639E3D800639539E0
MD5: 3124662b40761a3ef8f4254d2f32e3f4
Determination: GOOD

C:\WINDOWS\system32\msiexec.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MSIServer\ImagePath    C:\WINDOWS\system32\msiexec.exe /V
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\MSIServer\ImagePath    C:\WINDOWS\system32\msiexec.exe
PX5: 2199A4A600D88009341401C8D9AE0A004C78202A
MD5: f5f0146580e7023adb963879840777f8
Determination: GOOD

C:\WINDOWS\system32\drivers\MSKSSRV.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MSKSSRV\ImagePath    system32\drivers\MSKSSRV.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\MSKSSRV\ImagePath    C:\WINDOWS\system32\drivers\MSKSSRV.sys
    Loaded from: FILE
PX5: 441E162B80A429811D1500CB9CEDF700CED69BEA
MD5: ae431a8dd3c1d0d0610cdbac16057ad0
Determination: GOOD

C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MSPCLOCK\ImagePath    system32\drivers\MSPCLOCK.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\MSPCLOCK\ImagePath    C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    Loaded from: FILE
PX5: 3656535900693AA115D1001337247B009D5BCE4B
MD5: 13e75fef9dfeb08eeded9d0246e1f448
Determination: GOOD

C:\WINDOWS\system32\drivers\MSPQM.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MSPQM\ImagePath    system32\drivers\MSPQM.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\MSPQM\ImagePath    C:\WINDOWS\system32\drivers\MSPQM.sys
    Loaded from: FILE
PX5: 5D7EA63E804A637C13CA0078C414AC000E912E93
MD5: 1988a33ff19242576c3d0ef9ce785da7
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\mssmbios\ImagePath    system32\DRIVERS\mssmbios.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\mssmbios\ImagePath    C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    Loaded from: FILE
PX5: 5C75220680F731D03C3D001BD399CC00D7DBED29
MD5: 469541f8bfd2b32659d5d463a6714bce
Determination: GOOD

C:\WINDOWS\system32\drivers\MSTEE.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MSTEE\ImagePath    system32\drivers\MSTEE.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\MSTEE\ImagePath    C:\WINDOWS\system32\drivers\MSTEE.sys
    Loaded from: FILE
PX5: EF9F4FE18003FE44154E00AC0DDE6800FF407119
MD5: bf13612142995096ab084f2db7f40f77
Determination: GOOD

C:\AppServ\MySQL\bin\mysql.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\mysql\ImagePath    C:\AppServ\MySQL\bin\mysqld-nt --defaults-file=C:\AppServ\MySQL\my.ini mysql
PX5: C58D88800078E961C00A18CAFBCA4100A816EAE7
MD5: 747a0ec28bf9d94edae436e66b8355ea
Determination: GOOD

C:\AppServ\MySQL\bin\mysqld-nt.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\mysql\ImagePath    C:\AppServ\MySQL\bin\mysqld-nt --defaults-file=C:\AppServ\MySQL\my.ini mysql
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\mysql\ImagePath    C:\AppServ\MySQL\bin\mysqld-nt.exe
PX5: DCF1559A00FE9C3290204480B57512004C1B7E56
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NABTSFEC\ImagePath    system32\DRIVERS\NABTSFEC.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NABTSFEC\ImagePath    C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
    Loaded from: FILE
PX5: 37E661E8803A144B4DFD01732787D600D94FD14F
MD5: 5c8dc6429c43dc6177c1fa5b76290d1a
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\NdisIP.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NdisIP\ImagePath    system32\DRIVERS\NdisIP.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NdisIP\ImagePath    C:\WINDOWS\system32\DRIVERS\NdisIP.sys
    Loaded from: FILE
PX5: 92D82929807F4CDE2A6000D7EF7E8C008BDE37E2
MD5: 520ce427a8b298f54112857bcf6bde15
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NdisTapi\ImagePath    system32\DRIVERS\ndistapi.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NdisTapi\ImagePath    C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    Loaded from: FILE
PX5: 25AEC9EA809D4D4825A500A2A9E22F00CCB1FFC8
MD5: 08d43bbdacdf23f34d79e44ed35c1b4c
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Ndisuio\ImagePath    system32\DRIVERS\ndisuio.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Ndisuio\ImagePath    C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    Loaded from: FILE
PX5: 0BF3AB388038D73732EB00A9A855ED006D3C0384
MD5: 34d6cd56409da9a7ed573e1c90a308bf
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NdisWan\ImagePath    system32\DRIVERS\ndiswan.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NdisWan\ImagePath    C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    Loaded from: FILE
PX5: 304E26E9803B344266FF0104DAA0B500E6B358BD
MD5: 0b90e255a9490166ab368cd55a529893
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\netbios.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NetBIOS\ImagePath    system32\DRIVERS\netbios.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NetBIOS\ImagePath    C:\WINDOWS\system32\DRIVERS\netbios.sys
    Loaded from: FILE
PX5: 6F5EDA40008AE18787EB007972CAB100F174D35C
MD5: 3a2aca8fc1d7786902ca434998d7ceb4
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\netbt.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NetBT\ImagePath    system32\DRIVERS\netbt.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NetBT\ImagePath    C:\WINDOWS\system32\DRIVERS\netbt.sys
    Loaded from: FILE
PX5: 7D3B6A2A0069D5737CDE020A47DE6F00F472D659
MD5: 0c80e410cd2f47134407ee7dd19cc86b
Determination: GOOD

C:\WINDOWS\system32\netdde.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NetDDE\ImagePath    %SystemRoot%\system32\netdde.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NetDDEdsdm\ImagePath    %SystemRoot%\system32\netdde.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NetDDE\ImagePath    C:\WINDOWS\system32\netdde.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NetDDEdsdm\ImagePath    C:\WINDOWS\system32\netdde.exe
PX5: AAA3C89900BB76ABBADC01BFB3AC1B00E2E8A55F
MD5: de62ee316fab09de3d7a5180f0775abf
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\nic1394.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NIC1394\ImagePath    system32\DRIVERS\nic1394.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NIC1394\ImagePath    C:\WINDOWS\system32\DRIVERS\nic1394.sys
    Loaded from: FILE
PX5: 720917AF800A6EE8F12400F5E9C6E000F750E215
MD5: 5c5c53db4fef16cf87b9911c7e8c6fbc
Determination: GOOD

C:\WINDOWS\system32\drivers\nmwcd.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\nmwcd\ImagePath    system32\drivers\nmwcd.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\nmwcd\ImagePath    C:\WINDOWS\system32\drivers\nmwcd.sys
    Loaded from: FILE
PX5: 01E5F55E00B5EC1F18E902A53CBC6D008D784DAC
MD5: 696b37ea78f9d9767a2f18ba0304a51a
Determination: GOOD

C:\WINDOWS\system32\drivers\nmwcdc.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\nmwcdc\ImagePath    system32\drivers\nmwcdc.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\nmwcdc\ImagePath    C:\WINDOWS\system32\drivers\nmwcdc.sys
    Loaded from: FILE
PX5: 1200695E80C76BA420DC0093EE400500655EC61D
MD5: bbb6010fc01d9239d88fcdf133e03ff0
Determination: GOOD

C:\WINDOWS\system32\drivers\nmwcdcm.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\nmwcdcm\ImagePath    system32\drivers\nmwcdcm.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\nmwcdcm\ImagePath    C:\WINDOWS\system32\drivers\nmwcdcm.sys
    Loaded from: FILE
PX5: A78A4A5400169D09308900CFF28935002A920FB4
MD5: 4c3726467d67483f054c88f058e9c153
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NwlnkFlt\ImagePath    system32\DRIVERS\nwlnkflt.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NwlnkFlt\ImagePath    C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    Loaded from: FILE
PX5: A826BA3A803B83AE30C000488911C200DC3CA878
MD5: b305f3fad35083837ef46a0bbce2fc57
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NwlnkFwd\ImagePath    system32\DRIVERS\nwlnkfwd.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NwlnkFwd\ImagePath    C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    Loaded from: FILE
PX5: B9B73139006979BB7FBC0031EA7E320032D237D0
MD5: c99b3415198d1aab7227f2c88fd664b9
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\ohci1394.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ohci1394\ImagePath    system32\DRIVERS\ohci1394.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ohci1394\ImagePath    C:\WINDOWS\system32\DRIVERS\ohci1394.sys
    Loaded from: FILE
PX5: 4A6E8F7F8033FF34EE4200E871B4F300047CEC38
MD5: 0951db8e5823ea366b0e408d71e1ba2a
Determination: GOOD

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHCLDCS.EXE
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\OKI OPHC DCS Loader\ImagePath    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHCLDCS.EXE
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\OKI OPHC DCS Loader\ImagePath    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHCLDCS.EXE
PX5: 7112F102004F1D4660B1000635CF3500F8FAD216
MD5: 1c9f0ae9ba757239a6f9b0d652dbcec2
Determination: GOOD

C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ose\ImagePath    "C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE"
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ose\ImagePath    C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE
PX5: F61B8D0330B79FF65C6601A611B00C00EFE13B0C
MD5: 7a56cf3e3f12e8af599963b16f50fb6a
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\pci.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PCI\ImagePath    system32\DRIVERS\pci.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\PCI\ImagePath    C:\WINDOWS\system32\DRIVERS\pci.sys
    Loaded from: FILE
PX5: 9DA3602E807459480C5D01595A918400CA482387
MD5: 91fc1d483d900b1c0600a08b871c39d5
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\pciide.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PCIIde\ImagePath    system32\DRIVERS\pciide.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\PCIIde\ImagePath    C:\WINDOWS\system32\DRIVERS\pciide.sys
    Loaded from: FILE
PX5: 826808EE00CFD8500D55002AE8E7E200B79BCD14
MD5: b2df00d650fd6c4ee781740ed3c8e67f
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\pcmcia.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Pcmcia\ImagePath    system32\DRIVERS\pcmcia.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Pcmcia\ImagePath    C:\WINDOWS\system32\DRIVERS\pcmcia.sys
    Loaded from: FILE
PX5: 1E5E2DAE80A234A7D5E1011E8065A7000BABC19F
MD5: 28f3538a2091993a03506311a05053e8
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\raspptp.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PptpMiniport\ImagePath    system32\DRIVERS\raspptp.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\PptpMiniport\ImagePath    C:\WINDOWS\system32\DRIVERS\raspptp.sys
    Loaded from: FILE
PX5: F406FA260016D348BD2800EFDBDF52003203F53C
MD5: 1c5cc65aac0783c344f16353e60b72ac
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\psched.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PSched\ImagePath    system32\DRIVERS\psched.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\PSched\ImagePath    C:\WINDOWS\system32\DRIVERS\psched.sys
    Loaded from: FILE
PX5: C7C1320E008655110E77011715C66E0009C5AE75
MD5: 48671f327553dcf1d27f6197f622a668
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\ptilink.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Ptilink\ImagePath    system32\DRIVERS\ptilink.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Ptilink\ImagePath    C:\WINDOWS\system32\DRIVERS\ptilink.sys
    Loaded from: FILE
PX5: F96F182D805891FA452B007EBD870E004C25BA07
MD5: 80d317bd1c3dbc5d4fe7b1678c60cadd
Determination: GOOD

C:\WINDOWS\system32\drivers\pxark.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\pxark\ImagePath    \??\C:\WINDOWS\system32\drivers\pxark.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\pxark\ImagePath    C:\WINDOWS\system32\drivers\pxark.sys
    Loaded from: FILE
PX5: 87296EB280D7F1DA296B00CB462B950061E4FEFB
MD5: d2b5e899d78c0fb0dd290d62b36f333e
Determination: GOOD

C:\WINDOWS\System32\Drivers\PxHelp20.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PxHelp20\ImagePath    System32\Drivers\PxHelp20.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\PxHelp20\ImagePath    C:\WINDOWS\System32\Drivers\PxHelp20.sys
    Loaded from: FILE
PX5: CEED5A5408FE9DE2AA3300585AD0A300BEEAAC3B
MD5: d86b4a68565e444d76457f14172c875a
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\rasacd.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RasAcd\ImagePath    system32\DRIVERS\rasacd.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RasAcd\ImagePath    C:\WINDOWS\system32\DRIVERS\rasacd.sys
    Loaded from: FILE
PX5: EF519CA180B540A42200002C4F06E3005372DD33
MD5: fe0d99d6f31e4fad8159f690d68ded9c
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Rasl2tp\ImagePath    system32\DRIVERS\rasl2tp.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Rasl2tp\ImagePath    C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    Loaded from: FILE
PX5: C15C1546804EC8E6C8410037F34FAD00B1FBF6DF
MD5: 98faeb4a4dcf812ba1c6fca4aa3e115c
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RasPppoe\ImagePath    system32\DRIVERS\raspppoe.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RasPppoe\ImagePath    C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    Loaded from: FILE
PX5: A8F2C94800B2E031A21A00F0EC682E009B5794D5
MD5: 7306eeed8895454cbed4669be9f79faa
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\raspti.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Raspti\ImagePath    system32\DRIVERS\raspti.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Raspti\ImagePath    C:\WINDOWS\system32\DRIVERS\raspti.sys
    Loaded from: FILE
PX5: 506F10F380FEE57C406900BE351741009F00F0DE
MD5: fdbb1d60066fcfbb7452fd8f9829b242
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\rdbss.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Rdbss\ImagePath    system32\DRIVERS\rdbss.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Rdbss\ImagePath    C:\WINDOWS\system32\DRIVERS\rdbss.sys
    Loaded from: FILE
PX5: 5F844D0780EA8079B1FB02785D7F63004D612A18
MD5: 29d66245adba878fff574cd66abd2884
Determination: GOOD

C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RDPCDD\ImagePath    System32\DRIVERS\RDPCDD.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RDPCDD\ImagePath    C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
    Loaded from: FILE
PX5: 14FCFAAE80A686EB103300CFAE183900CB624D74
MD5: 4912d5b403614ce99c28420f75353332
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\rdpdr.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\rdpdr\ImagePath    system32\DRIVERS\rdpdr.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\rdpdr\ImagePath    C:\WINDOWS\system32\DRIVERS\rdpdr.sys
    Loaded from: FILE
PX5: 02477783007980B5019E03607F7E03003B692115
MD5: a2cae2c60bc37e0751ef9dda7ceaf4ad
Determination: GOOD

C:\WINDOWS\system32\sessmgr.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RDSessMgr\ImagePath    C:\WINDOWS\system32\sessmgr.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RDSessMgr\ImagePath    C:\WINDOWS\system32\sessmgr.exe
PX5: 2C67C68B0020C05D2C3E02893D0F09005D1CF7F5
MD5: cc0693c481502844a24ef71b90a7195e
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\redbook.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\redbook\ImagePath    system32\DRIVERS\redbook.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\redbook\ImagePath    C:\WINDOWS\system32\DRIVERS\redbook.sys
    Loaded from: FILE
PX5: AEF2FC7D804F986FE3C7004FF2D91D0029FD0FC2
MD5: a8eee004a16af1d583d9de9f6de250e0
Determination: GOOD

C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RegSrvc\ImagePath    C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RegSrvc\ImagePath    C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
PX5: 99A8F3E600E14E93009F05D5DA52C6007B69C669
MD5: d8f61aaae73a1fbde6f538becc891f2f
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\rfcomm.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RFCOMM\ImagePath    system32\DRIVERS\rfcomm.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RFCOMM\ImagePath    C:\WINDOWS\system32\DRIVERS\rfcomm.sys
    Loaded from: FILE
PX5: 86C754D3005DD90AE9C000A325CAFB008DE7ED1E
MD5: 99c4b74981a1413f142a3903130088cb
Determination: GOOD

C:\WINDOWS\system32\locator.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RpcLocator\ImagePath    %SystemRoot%\system32\locator.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RpcLocator\ImagePath    C:\WINDOWS\system32\locator.exe
PX5: C3C0A8550045DDC726E601EBB10B83000E4A4556
MD5: 33a8f0fe0005b2d79df53441679f5149
Determination: GOOD

C:\WINDOWS\system32\rsvp.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RSVP\ImagePath    %SystemRoot%\system32\rsvp.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RSVP\ImagePath    C:\WINDOWS\system32\rsvp.exe
PX5: 2057508700E163D906880231F30F2D00E5519440
MD5: dce0d20f8fb66df41d53734bff9d66f0
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RTL8023xp\ImagePath    system32\DRIVERS\Rtlnicxp.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RTL8023xp\ImagePath    C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
    Loaded from: FILE
PX5: 8907C337005BBCF523DF014BFD94F300641599A2
MD5: 7f0413bdd7d53eb4c7a371e7f6f84df1
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\rtl8139\ImagePath    system32\DRIVERS\RTL8139.SYS
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\rtl8139\ImagePath    C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
    Loaded from: FILE
PX5: 0D1CF5B000B2C8EA5211002E76778C00F4B2E39E
MD5: d507c1400284176573224903819ffda3
Determination: GOOD

C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\S24EventMonitor\ImagePath    C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\S24EventMonitor\ImagePath    C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
PX5: 6CD606F900BAA67150990EA6A2A098004ABB23F1
MD5: 25f697e3afa7b337bbcaddbce38e6934
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\s24trans.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\s24trans\ImagePath    system32\DRIVERS\s24trans.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\s24trans\ImagePath    C:\WINDOWS\system32\DRIVERS\s24trans.sys
    Loaded from: FILE
PX5: F64A1ED500D2BA703174002164AD5A001B6916DC
MD5: 2862adb14481ac28f98105ff33a99eb0
Determination: GOOD

C:\WINDOWS\System32\SCardSvr.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SCardSvr\ImagePath    %SystemRoot%\System32\SCardSvr.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\SCardSvr\ImagePath    C:\WINDOWS\System32\SCardSvr.exe
PX5: FFC6D19800BAA7847E46014ECC3CD200949D4E12
MD5: 74b1e7fcfca9a3a23871aa014144013e
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\secdrv.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Secdrv\ImagePath    system32\DRIVERS\secdrv.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Secdrv\ImagePath    C:\WINDOWS\system32\DRIVERS\secdrv.sys
    Loaded from: FILE
PX5: 6C1F33AD30B48B8F6BBC0037A0F8A400F11BD786
MD5: d26e26ea516450af9d072635c60387f4
Determination: GOOD

C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ServiceLayer\ImagePath    "C:\Programmi\PC Connectivity Solution\ServiceLayer.exe"
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ServiceLayer\ImagePath    C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
PX5: 9F31D59400AAD8DD6479058C05E4FC00BA6BBFF0
MD5: 56eb980da71b94b79a341615c3c256cf
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\sfloppy.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Sfloppy\ImagePath    system32\DRIVERS\sfloppy.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Sfloppy\ImagePath    C:\WINDOWS\system32\DRIVERS\sfloppy.sys
    Loaded from: FILE
PX5: 6884E1AE807AAB872CD300DC197E0C00B015D834
MD5: 0d13b6df6e9e101013a7afb0ce629fe0
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\SLIP.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SLIP\ImagePath    system32\DRIVERS\SLIP.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\SLIP\ImagePath    C:\WINDOWS\system32\DRIVERS\SLIP.sys
    Loaded from: FILE
PX5: C05453A580D50DE62B1A00E6C96F380022C2D117
MD5: 5caeed86821fa2c6139e32e9e05ccdc9
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\SonyNC.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SNC\ImagePath    system32\DRIVERS\SonyNC.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\SNC\ImagePath    C:\WINDOWS\system32\DRIVERS\SonyNC.sys
    Loaded from: FILE
PX5: 6AFB98D110457097510C00F1F8F329002E8CB05A
MD5: 1a992c8136c015453e82041c35b299da
Determination: GOOD

C:\WINDOWS\system32\drivers\splitter.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\splitter\ImagePath    system32\drivers\splitter.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\splitter\ImagePath    C:\WINDOWS\system32\drivers\splitter.sys
    Loaded from: FILE
PX5: 7680ED1C00E4BEB7199C001CC7BB00005C1626B5
MD5: 8e186b8f23295d1e42c573b82b80d548
Determination: GOOD

C:\WINDOWS\system32\spoolsv.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Spooler\ImagePath    %SystemRoot%\system32\spoolsv.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Spooler\ImagePath    C:\WINDOWS\system32\spoolsv.exe
PX5: 703F3D90006B0DE3E2430049B8FF4400BD40056F
MD5: 216f8454a9415dd3e451b169dc3121c4
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\sr.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\sr\ImagePath    system32\DRIVERS\sr.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\sr\ImagePath    C:\WINDOWS\system32\DRIVERS\sr.sys
    Loaded from: FILE
PX5: 4D90659E00D8A4771F1A013E6E421F00F36027A5
MD5: 896f566afc498077172eae8a50e8baf8
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\srv.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Srv\ImagePath    system32\DRIVERS\srv.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Srv\ImagePath    C:\WINDOWS\system32\DRIVERS\srv.sys
    Loaded from: FILE
PX5: 78EFCD908068AB1521EF0590A8538B00DBC84A4F
MD5: 20b7e396720353e4117d64d9dcb926ca
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ssmdrv\ImagePath    system32\DRIVERS\ssmdrv.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ssmdrv\ImagePath    C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
    Loaded from: FILE
PX5: 9DFE8017C052ACA56EB900980E18520079AEADB0
MD5: 3d2829fde1c52fc64da5413889ce4dee
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\StreamIP.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\streamip\ImagePath    system32\DRIVERS\StreamIP.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\streamip\ImagePath    C:\WINDOWS\system32\DRIVERS\StreamIP.sys
    Loaded from: FILE
PX5: 37C869AE00A1D1423CD000F9D66948002AC47A8D
MD5: 284c57df5dc7abca656bc2b96a667afb
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\swenum.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\swenum\ImagePath    system32\DRIVERS\swenum.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\swenum\ImagePath    C:\WINDOWS\system32\DRIVERS\swenum.sys
    Loaded from: FILE
PX5: FDB253C8004ADC8E110200CB82EF3C003BACCEF1
MD5: 03c1bae4766e2450219d20b993d6e046
Determination: GOOD

C:\WINDOWS\system32\drivers\swmidi.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\swmidi\ImagePath    system32\drivers\swmidi.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\swmidi\ImagePath    C:\WINDOWS\system32\drivers\swmidi.sys
    Loaded from: FILE
PX5: D73823E800EBA9D4D48400057CBBEE004EA1E5C8
MD5: 94abc808fc4b6d7d2bbf42b85e25bb4d
Determination: GOOD

C:\WINDOWS\system32\drivers\sysaudio.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\sysaudio\ImagePath    system32\drivers\sysaudio.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\sysaudio\ImagePath    C:\WINDOWS\system32\drivers\sysaudio.sys
    Loaded from: FILE
PX5: 23CF2276806778A5EDCF00D9512FDE00BB195FEF
MD5: 650ad082d46bac0e64c9c0e0928492fd
Determination: GOOD

C:\WINDOWS\system32\smlogsvc.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SysmonLog\ImagePath    %SystemRoot%\system32\smlogsvc.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\SysmonLog\ImagePath    C:\WINDOWS\system32\smlogsvc.exe
PX5: C0E6801A0095AB606A660128541E440050C06325
MD5: bc8b8694def74b4e6c626322d4321a54
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\tcpip.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Tcpip\ImagePath    system32\DRIVERS\tcpip.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Tcpip\ImagePath    C:\WINDOWS\system32\DRIVERS\tcpip.sys
    Loaded from: FILE
PX5: 9B98417C80D576637AFA05B3DB10C500915C3F16
MD5: 27a5959c94ee173a063ca06bd14f021a
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\termdd.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\TermDD\ImagePath    system32\DRIVERS\termdd.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\TermDD\ImagePath    C:\WINDOWS\system32\DRIVERS\termdd.sys
    Loaded from: FILE
PX5: 3111E3EA882052CE9F39002D38F46900A7415306
MD5: a540a99c281d933f3d69d55e48727f47
Determination: GOOD

C:\WINDOWS\system32\drivers\tifmsony.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\tifmsony\ImagePath    system32\drivers\tifmsony.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\tifmsony\ImagePath    C:\WINDOWS\system32\drivers\tifmsony.sys
    Loaded from: FILE
PX5: 59DC1718009C81C93CCA0158B6D7A400D36D1034
MD5: 2cfe4945e30455e5ad692ffa8593297f
Determination: GOOD

C:\WINDOWS\system32\tlntsvr.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\TlntSvr\ImagePath    C:\WINDOWS\system32\tlntsvr.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\TlntSvr\ImagePath    C:\WINDOWS\system32\tlntsvr.exe
PX5: F869AF89008EB51B24EC0113A0DCBB001FBDD7D2
MD5: 2a9daaef2cc0333db6f129f2f8b3d3fd
Determination: GOOD

C:\WINDOWS\system32\wdfmgr.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\UMWdf\ImagePath    C:\WINDOWS\system32\wdfmgr.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\UMWdf\ImagePath    C:\WINDOWS\system32\wdfmgr.exe
PX5: 9FA38DDC00508FFA98BC0037D087BF0071EC7096
MD5: ab0a7ca90d9e3d6a193905dc1715ded0
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\update.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Update\ImagePath    system32\DRIVERS\update.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Update\ImagePath    C:\WINDOWS\system32\DRIVERS\update.sys
    Loaded from: FILE
PX5: B35240AB00E3291D321603412D8E98007B007A17
MD5: aff2e5045961bbc0a602bb6f95eb1345
Determination: GOOD

C:\WINDOWS\System32\ups.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\UPS\ImagePath    %SystemRoot%\System32\ups.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\UPS\ImagePath    C:\WINDOWS\System32\ups.exe
PX5: B1B748F7000750CB484000B4D1F04D00484BD2C2
MD5: e4896f38a3f8dacea6ea8d7ec9889d91
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\usbccgp\ImagePath    system32\DRIVERS\usbccgp.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\usbccgp\ImagePath    C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    Loaded from: FILE
PX5: 3051DD5F80B0E02D7BC400CFE2D7F10086CC5663
MD5: bffd9f120cc63bcbaa3d840f3eef9f79
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\usbehci.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\usbehci\ImagePath    system32\DRIVERS\usbehci.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\usbehci\ImagePath    C:\WINDOWS\system32\DRIVERS\usbehci.sys
    Loaded from: FILE
PX5: 42E57CAC00DC4FAF684000867EE93C003087E4F7
MD5: 15e993ba2f6946b2bfbbfcd30398621e
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\usbhub.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\usbhub\ImagePath    system32\DRIVERS\usbhub.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\usbhub\ImagePath    C:\WINDOWS\system32\DRIVERS\usbhub.sys
    Loaded from: FILE
PX5: 1972CD35009EF197E1E10053A918EE0090181966
MD5: c72f40947f92cea56a8fb532edf025f1
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\usbprint.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\usbprint\ImagePath    system32\DRIVERS\usbprint.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\usbprint\ImagePath    C:\WINDOWS\system32\DRIVERS\usbprint.sys
    Loaded from: FILE
PX5: C449F0710094064A6580004CDAAF0B00CAA1349A
MD5: a42369b7cd8886cd7c70f33da6fcbcf5
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\usbscan.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\usbscan\ImagePath    system32\DRIVERS\usbscan.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\usbscan\ImagePath    C:\WINDOWS\system32\DRIVERS\usbscan.sys
    Loaded from: FILE
PX5: A345B33E004758873B29000DE02C9B00A6455141
MD5: a6bc71402f4f7dd5b77fd7f4a8ddba85
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\USBSTOR\ImagePath    system32\DRIVERS\USBSTOR.SYS
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\USBSTOR\ImagePath    C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    Loaded from: FILE
PX5: 6135CAAA80509344675C002A218295006093CEAA
MD5: 6cd7b22193718f1d17a47a1cd6d37e75
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\usbuhci\ImagePath    system32\DRIVERS\usbuhci.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\usbuhci\ImagePath    C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    Loaded from: FILE
PX5: 4756F37D00016D8B5030004DF844F10054C11836
MD5: f8fd1400092e23c8f2f31406ef06167b
Determination: GOOD

C:\WINDOWS\System32\Drivers\usbvm321.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\usbvm321\ImagePath    System32\Drivers\usbvm321.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\usbvm321\ImagePath    C:\WINDOWS\System32\Drivers\usbvm321.sys
    Loaded from: FILE
PX5: E7F5E5D800B3F9848ABF032AA3BB4900189C8C45
MD5: 45bec1a2ed39187853c0edade0502e82
Determination: GOOD

C:\Programmi\Sony\VAIO Event Service\VESMgr.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\VAIO Event Service\ImagePath    C:\Programmi\Sony\VAIO Event Service\VESMgr.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\VAIO Event Service\ImagePath    C:\Programmi\Sony\VAIO Event Service\VESMgr.exe
PX5: 1C8660ED008292B8B04002E79223BB009797D6A0
MD5: 1d5425783d92f34c63075fa0c4e2c3d5
Determination: GOOD

C:\WINDOWS\System32\drivers\vga.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\VgaSave\ImagePath    \SystemRoot\System32\drivers\vga.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\VgaSave\ImagePath    C:\WINDOWS\System32\drivers\vga.sys
    Loaded from: FILE
PX5: 14B18202007EA0B752C8003693833D00BCED634F
MD5: 8a60edd72b4ea5aea8202daf0e427925
Determination: GOOD

C:\Programmi\VMware\VMware Player\vmware-authd.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\VMAuthdService\ImagePath    C:\Programmi\VMware\VMware Player\vmware-authd.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\VMAuthdService\ImagePath    C:\Programmi\VMware\VMware Player\vmware-authd.exe
PX5: 21C3C428302D5D12ABAC015B2D76B200668095E0
MD5: 9b7e3d7cec1780009b83d506557ceb84
Determination: GOOD

C:\WINDOWS\system32\drivers\VMkbd.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\vmkbd\ImagePath    \??\C:\WINDOWS\system32\drivers\VMkbd.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\vmkbd\ImagePath    C:\WINDOWS\system32\drivers\VMkbd.sys
    Loaded from: FILE
PX5: 2FFFF02B30FE0DEE522000C7BD385500BBF4E2BF
MD5: 66281578101acee04b1d690d4e7dc39c
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\VMnetAdapter\ImagePath    system32\DRIVERS\vmnetadapter.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\VMnetAdapter\ImagePath    C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys
    Loaded from: FILE
PX5: EDE19E66B03E0907413D0092529B70004701B674
MD5: f68c99f41c3cf6e1c3c542fadd2e20cf
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\VMnetBridge\ImagePath    system32\DRIVERS\vmnetbridge.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\VMnetBridge\ImagePath    C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys
    Loaded from: FILE
PX5: 2CAB974BB06190A96F8000F686270C004E67B72E
MD5: 121fbda3a14f0744a8c213d3e9f14d63
Determination: GOOD

C:\WINDOWS\system32\vmnetdhcp.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\VMnetDHCP\ImagePath    C:\WINDOWS\system32\vmnetdhcp.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\VMnetDHCP\ImagePath    C:\WINDOWS\system32\vmnetdhcp.exe
PX5: B8F717323032CEEFDB7E013DBD091100C1EAB388
MD5: 80ee0ed6006c3ea18a8e77ec0dd8bb98
Determination: GOOD

C:\WINDOWS\system32\drivers\vmnetuserif.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\VMnetuserif\ImagePath    \??\C:\WINDOWS\system32\drivers\vmnetuserif.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\VMnetuserif\ImagePath    C:\WINDOWS\system32\drivers\vmnetuserif.sys
    Loaded from: FILE
PX5: DD69BFE3B08537D3628A00D93789E5009F7B686D
MD5: c326ba7f973076210da0abdf7b55541d
Determination: GOOD

C:\Programmi\File comuni\VMware\VMware Virtual Image Editing\vmount2.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\vmount2\ImagePath    "C:\Programmi\File comuni\VMware\VMware Virtual Image Editing\vmount2.exe"
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\vmount2\ImagePath    C:\Programmi\File comuni\VMware\VMware Virtual Image Editing\vmount2.exe
PX5: B91BBADC30303F541B78048957564C00FD60AC85
MD5: 7becf16932abbcd71627c500e31a8be6
Determination: GOOD

C:\WINDOWS\system32\vmnat.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\VMware NAT Service\ImagePath    C:\WINDOWS\system32\vmnat.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\VMware NAT Service\ImagePath    C:\WINDOWS\system32\vmnat.exe
PX5: AACAA0743007E1D84B540237934EDB006F981F8C
MD5: eba1552fa905c7af2ced135db854df4c
Determination: GOOD

C:\WINDOWS\system32\Drivers\vmx86.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\vmx86\ImagePath    \??\C:\WINDOWS\system32\Drivers\vmx86.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\vmx86\ImagePath    C:\WINDOWS\system32\Drivers\vmx86.sys
    Loaded from: FILE
PX5: 46802CD3307D900B90F1060E5968730070DA9DEF
MD5: 754308703ff7c06e0f60f6f4ed3610a7
Determination: GOOD

C:\WINDOWS\system32\Shadow.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\VSS\Providers\{b5946137-7b9f-4925-af80-51abd60b20d5}\(default)    MS Software Shadow Copy provider 1.0
PX5: 44E2E9FB00305E993C75009C1FBF8F00D582F681
MD5: f67f896ba60045fa0b5663a7f2003dce
Determination: GOOD

C:\WINDOWS\System32\vssvc.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\VSS\ImagePath    %SystemRoot%\System32\vssvc.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\VSS\ImagePath    C:\WINDOWS\System32\vssvc.exe
PX5: F8FD01E1006746AE7C9C04ADE2180F00B254A617
MD5: 147c653ad61bd01556723b3c8c4fafc8
Determination: GOOD

C:\Programmi\File comuni\VMware\VMware Virtual Image Editing\vstor2.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\vstor2\ImagePath    \??\C:\Programmi\File comuni\VMware\VMware Virtual Image Editing\vstor2.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\vstor2\ImagePath    C:\Programmi\File comuni\VMware\VMware Virtual Image Editing\vstor2.sys
PX5: 2E27C8093021A017488D00D59FA9C500FCEA7766
MD5: 9e4ff401725fe6a26d8fe492bf0ea2b1
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\w29n51.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\w29n51\ImagePath    system32\DRIVERS\w29n51.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\w29n51\ImagePath    C:\WINDOWS\system32\DRIVERS\w29n51.sys
    Loaded from: FILE
PX5: 8F0C5D0B00224055AC4E219B64CC9500285C32E0
MD5: 68eb5bc07781a36a63633541c11e1ad6
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\wanarp.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Wanarp\ImagePath    system32\DRIVERS\wanarp.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Wanarp\ImagePath    C:\WINDOWS\system32\DRIVERS\wanarp.sys
    Loaded from: FILE
PX5: D61BDDFF00BF41D487E5002B87E94900EE92AF43
MD5: 984ef0b9788abf89974cfed4bfbaacbc
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\wceusbsh\ImagePath    system32\DRIVERS\wceusbsh.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\wceusbsh\ImagePath    C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
    Loaded from: FILE
PX5: E6535FF68050EE6296E7012837A2D30057809BD8
MD5: dc7f91b2ed24a738c807ea07f298928c
Determination: GOOD

C:\WINDOWS\system32\drivers\wdmaud.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\wdmaud\ImagePath    system32\drivers\wdmaud.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\wdmaud\ImagePath    C:\WINDOWS\system32\drivers\wdmaud.sys
    Loaded from: FILE
PX5: D07DA58400362D6244D2017E5C98E200FC9762AC
MD5: 2797f33ebf50466020c430ee4f037933
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\winachsf\ImagePath    system32\DRIVERS\HSF_CNXT.sys
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\winachsf\ImagePath    C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
    Loaded from: FILE
PX5: E866E2CB005308A4EE0F0ABAAD9B500003F38B1F
MD5: ab7646d4cb9bb83d29d21ef7e00a0d15
Determination: GOOD

C:\WINDOWS\system32\wbem\wmiapsrv.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\WmiApSrv\ImagePath    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\WmiApSrv\ImagePath    C:\WINDOWS\system32\wbem\wmiapsrv.exe
PX5: A8EB9B0C007C19C1EE9501FD1D31580061EB57F5
MD5: 0ee2a2754039b13a632489726689dad0
Determination: GOOD

C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\WSTCODEC\ImagePath    system32\DRIVERS\WSTCODEC.SYS
    Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\WSTCODEC\ImagePath    C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
    Loaded from: FILE
PX5: B2CFBF068074D4084BB4001A2B9A35007D8AF7A1
MD5: d5842484f05e12121c511aa93f6439ec
Determination: GOOD

C:\WINDOWS\Explorer.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell    Explorer.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}\(default)    Internet Explorer
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}\(default)    Internet Explorer Help
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}\(default)    Internet Explorer Setup Tools
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}\(default)    Internet Explorer
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}\(default)    Internet Explorer Core Fonts
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}\(default)    Internet Explorer
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}\(default)    Internet Explorer Help
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}\(default)    Internet Explorer Setup Tools
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}\(default)    Internet Explorer
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}\(default)    Internet Explorer Core Fonts
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}\(default)    Internet Explorer
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}\(default)    Internet Explorer Help
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}\(default)    Internet Explorer Setup Tools
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}\(default)    Internet Explorer
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}\(default)    Internet Explorer Core Fonts
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3}\(default)    Internet Explorer Zonemapping
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B}\(default)    Internet Explorer Branding
PX5: 808EA479005E1672BCB71CD05C1DC900F175A50E
MD5: bdd34cf918b9133e03eea7633ba002b5
Determination: GOOD

C:\WINDOWS\system32\userinit.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\UserInit    C:\WINDOWS\system32\userinit.exe
PX5: 33A4BB2F001DA1EB620B00510674AE00F15A5361
MD5: c1e7fe19f98a877bf8f941bf48148695
Determination: GOOD

C:\WINDOWS\system32\logonui.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost    logonui.exe
PX5: 6B3184960083D65D9A0B1161A13410005D5E9A91
MD5: f1b0bd6559a249edaa51e4257f00bcb3
Determination: GOOD

C:\WINDOWS\system32\sysdm.cpl
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\VmApplet    rundll32 shell32,Control_RunDLL "sysdm.cpl"
PX5: 77D613BF00DD23AB3E92074AE70A3A002E06EFDD
MD5: 7d4dd0274910f560251d186d18137558
Determination: GOOD

C:\WINDOWS\system32\autochk.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Session Manager\BootExecute    autocheck
PX5: 38890F3300760B775A86096430A56A00DB68AE82
MD5: 779768a0a8091edb749dcb8fe60213e1
Determination: GOOD

C:\Programmi\Java\jre1.5.0_06\bin\regutils.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}\KeyFileName    C:\Programmi\Java\jre1.5.0_06\bin\regutils.dll
PX5: 84F20ECA71863EFEF07C01F34C35A7005DFE1C26
MD5: 5dec4c9084c49e0ad68bbf912071ec4d
Determination: GOOD

C:\Programmi\Messenger\msmsgs.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}\KeyFileName    C:\Programmi\Messenger\msmsgs.exe
PX5: 554BA09D003029747233190011D8C200C1DE9FBB
MD5: 53054740672e37bccc01b8fd8750d05c
Determination: GOOD

C:\WINDOWS\system32\msieftp.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}\KeyFileName    C:\WINDOWS\system32\msieftp.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{63da6ec0-2e98-11cf-8d82-444553540000}    FTP Folders Webview
PX5: 44133DFB00C5C1B9D64903B9EB9B6E00A95E5477
MD5: 9ba0424bf46a751e9f68829a9afbe680
Determination: GOOD

C:\WINDOWS\system32\ieudinit.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}\StubPath    C:\WINDOWS\system32\ieudinit.exe
PX5: 25A6EA730094E8C834CE0004F91E9900B769BFD1
MD5: d3d2009fd649aa5082da2f8cbd7d9f3d
Determination: GOOD

C:\WINDOWS\inf\unregmp2.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}\Stubpath    C:\WINDOWS\inf\unregmp2.exe /ShowWMP
PX5: 25973B5F006F9C673084034E2CE1C90027DD3117
MD5: 0cee66443ca52a5ffec6b9fb1f8c9dd0
Determination: GOOD

C:\WINDOWS\system32\ie4uinit.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}\StubPath    C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}\StubPath    C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
PX5: 8DD2E3F10073DB4ED61E00BB3773C000E209C533
MD5: b540fc036262b4b4499e49f582e9e3c3
Determination: GOOD

C:\WINDOWS\system32\IEDKCS32.DLL
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}\StubPath    RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS\StubPath    RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3}\DllName    iedkcs32.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B}\DllName    iedkcs32.dll
PX5: 1D5FE939007ED9DED84705F1DD553200AC095E79
MD5: a4f97fca5d861c9224ee2b5761a44b80
Determination: GOOD

C:\WINDOWS\system32\shmgrate.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}\StubPath    %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
PX5: 20602ECB00AD0F89A6D6007CC62E8E00FE74C13B
MD5: f8cbcdaa8c509f6a424834fe51956e21
Determination: GOOD

C:\WINDOWS\system32\themeui.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}\StubPath    %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{41E300E0-78B6-11ce-849B-444553540000}    PlusPack CPL Extension
PX5: BAC50787005D6D22169E08A57642CD00D0E1D3D1
MD5: cd4c48e748751c4fb51c7c1ff8f1ee3f
Determination: GOOD

C:\WINDOWS\system32\regsvr32.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}\StubPath    %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}\StubPath    regsvr32.exe /s /n /i:U shell32.dll
PX5: 9F2DE48F0086912530FD001A3E083800D58E0872
MD5: da9623d7e0ca24dd3e08523287e05a4c
Determination: GOOD

C:\Programmi\Outlook Express\setup50.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}\StubPath    "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}\StubPath    "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
PX5: 990052A900467F972069015D0AA93E00C6116D6B
MD5: 5565e7539564f955441de6fdcbe447a9
Determination: GOOD

C:\WINDOWS\system32\advpack.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}\StubPath    rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}\StubPath    rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\StubPath    rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{8b15971b-5355-4c82-8c07-7e181ea07608}\StubPath    rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
PX5: 3558ED8F0032F99DE48A010CA036B4006F426371
MD5: f9d975bd4e56b05795a56abb7829d3a3
Determination: GOOD

C:\WINDOWS\system32\mscories.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}\StubPath    C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
PX5: 652959240095250822A60140F37F47001792531A
MD5: 46e55aea48bad9297df685c722619bd6
Determination: GOOD

C:\WINDOWS\System32\logon.scr
    Loaded from: \REGISTRY\User\.DEFAULT\Control Panel\Desktop\SCRNSAVE.EXE    C:\WINDOWS\System32\logon.scr
    Loaded from: \REGISTRY\User\S-1-5-19\Control Panel\Desktop\SCRNSAVE.EXE    %SystemRoot%\System32\logon.scr
    Loaded from: \REGISTRY\User\S-1-5-20\Control Panel\Desktop\SCRNSAVE.EXE    %SystemRoot%\System32\logon.scr
    Loaded from: \REGISTRY\User\S-1-5-21-602162358-1364589140-839522115-1003\Control Panel\Desktop\SCRNSAVE.EXE    C:\WINDOWS\system32\logon.scr
    Loaded from: \REGISTRY\User\S-1-5-18\Control Panel\Desktop\SCRNSAVE.EXE    C:\WINDOWS\System32\logon.scr
PX5: 509D0B6F00114C17AC182FF3B4819D006DD9ED63
MD5: 87f656d858475f752756eef9b8999927
Determination: GOOD

C:\WINDOWS\system32\gptext.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}\DllName    gptext.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{426031c0-0b47-4852-b0ca-ac3d37bfcb39}\DllName    gptext.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{42B5FAAE-6536-11d2-AE5A-0000F87571E3}\DllName    gptext.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{e437bc1c-aa7d-11d2-a382-00c04f991e27}\DllName    gptext.dll
PX5: 3937BBDB001CF5150EDE03108010A6002700AFB6
MD5: f286c70f59f434b6ddbab5738b6b029b
Determination: GOOD

C:\WINDOWS\system32\fdeploy.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{25537BA6-77A8-11D2-9B6C-0000F8080861}\DllName    fdeploy.dll
PX5: 4B245433003392E32A140131FF3EF30000999A70
MD5: b4767457d286ebb4767c5ec1df9a7424
Determination: GOOD

C:\WINDOWS\system32\dskquota.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{3610eda5-77ef-11d2-8dc5-00c04fa31a66}\DllName    dskquota.dll
PX5: 67A29FF30003BFCF6E3801450DA1040095E8819B
MD5: 78b72d69ee065560a89b7ece65ed7e2c
Determination: GOOD

C:\WINDOWS\system32\appmgmts.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{c6dc5466-785a-11d2-84d0-00c04fb169f7}\DllName    appmgmts.dll
PX5: D38F92810065B7EDAC840228F23E3C004E625C37
MD5: 00e50cd4d9247cb56efc1360c32ab755
Determination: GOOD

C:\WINDOWS\system32\igfxdev.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui\DLLName    igfxdev.dll
PX5: 93CD09AB006C84C5105A02DBFA7EE8007C692EAA
MD5: bfc2a40fe739c453f5d02b7eef41ca28
Determination: GOOD

C:\WINDOWS\system32\sclgntfy.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy\DllName    sclgntfy.dll
PX5: 164435B300B5B4E0548400AA1F6E0800C2CDD06A
MD5: 5ff2551a3d740476f06b20f59cd7f0be
Determination: GOOD

C:\WINDOWS\system32\comm.drv
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\comm.drv    comm.drv
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: 0D8B262B3068553F296F004B25B4F300F3172575
MD5: 01b656374912d7ccf7465a3893f18982
Determination: GOOD

C:\WINDOWS\system32\vga.drv
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\display.drv    vga.drv
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: 8D38D13480CC42FA089200F6F3895F00B79BCD14
MD5: 9c86bbb80450af95b6a4ea8ebda93d76
Determination: GOOD

C:\WINDOWS\system32\mmsystem.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\drivers    mmsystem.dll
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: B7018ADE208113FC103101C8EB6DD700B1D99765
MD5: 7b3633a771ffad1cfb8d999fb5fc2687
Determination: GOOD

C:\WINDOWS\system32\keyboard.drv
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\keyboard.drv    keyboard.drv
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: 159F7A82D0C5E0D3077700FE801B1000B79BCD14
MD5: ed4bf709aad8b665075de06a0945b030
Determination: GOOD

C:\WINDOWS\system32\mouse.drv
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\mouse.drv    mouse.drv
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: D9EA0CB2F0FB384407BE00D28D0C0C00B79BCD14
MD5: 7d29780ac88bb7292cdcff71ba67433d
Determination: GOOD

C:\WINDOWS\system32\wfwnet.drv
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\network.drv    wfwnet.drv
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: E9641F0220200734353000D28FC59A003BEC664C
MD5: 5302ada9b0793c84151fc463dd65d7bf
Determination: GOOD

C:\WINDOWS\system32\progman.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\shell    progman.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: C0D0815600445D69AC3B01B2DAB067005DE0E11A
MD5: df0960f73f899d517ffe5a96f8715e0e
Determination: GOOD

C:\WINDOWS\system32\sound.drv
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\sound.drv    sound.drv
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: E70CAE91D00DCE52067C00647C846400B79BCD14
MD5: 028a1f74926dc3df2d9629edc9aebafb
Determination: GOOD

C:\WINDOWS\system32\system.drv
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\system.drv    system.drv
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: D4BD27742043BEDB0DB0000478EA5C00B79BCD14
MD5: 4a00d59ae6d75bdfc2c8e5182c4b1376
Determination: GOOD

C:\WINDOWS\system32\ntvdm.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\cmdline    %SystemRoot%\system32\ntvdm.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\wowcmdline    %SystemRoot%\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386
PX5: DFD881F400018F016A4F06473E7EAA001AE7779E
MD5: 0fea136cc628c6182e91598f7990229c
Determination: GOOD

C:\WINDOWS\system32\krnl386.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\wowcmdline    %SystemRoot%\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386
PX5: 01F6A66B6040DCB569EA013E85A2EE004745F621
MD5: 5400c4565b1b7f811b7010a92134476b
Determination: GOOD

C:\WINDOWS\system32\commdlg.dll
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: D41FE74160643BD6833B006BB7E5A9004410FDC1
MD5: 282c6a1e0565458ce162c907a84043f4
Determination: GOOD

C:\WINDOWS\system32\ctl3dv2.dll
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: C84734B440655DC66A4D00304EF8AC0014627D07
MD5: 637d88e7a1bedc4457c80dbc8ba9f135
Determination: GOOD

C:\WINDOWS\system32\ddeml.dll
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: 87F926CB00F2CB349A1200182C7413003E6FB37C
MD5: bf6529de6619c4970e727f58e0ad48d1
Determination: GOOD

C:\WINDOWS\system32\lanman.drv
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: A797EACD0BCFF4C3663403FC8369B500D2DCA4A2
MD5: e9d142feaa02e867c8dcddfe84e29e20
Determination: GOOD

C:\WINDOWS\system32\netapi.dll
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: 3B2621E2C04DF3B2A77E0156CAF52A0029A06ED9
MD5: 0f4ad2e828a6cb0f100cb36f3ac6faee
Determination: GOOD

C:\WINDOWS\system32\olecli.dll
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: B5F4F24400858B0246DF0121D0BC320031CB25FD
MD5: ca0305757c0648715f6d92ba0c43992f
Determination: GOOD

C:\WINDOWS\system32\olesvr.dll
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: CE221EF60049CF2B5E3B009B247C6A00F018477F
MD5: 16bf834a84a7dc0d24edc8e924c90637
Determination: GOOD

C:\WINDOWS\system32\pmspl.dll
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: 98CDEBDE0094268EB67200C1C6BF85009014DA93
MD5: 57f8a50513e43aaf6a7b23389e389bbc
Determination: GOOD

C:\WINDOWS\system32\shell.dll
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: CE2E2C35000BF1E3147B0046192BB900FA35E49E
MD5: dc8a8c47542edd026ad8f4ac3d6c2292
Determination: GOOD

C:\WINDOWS\system32\toolhelp.dll
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: 87219368400265353643009B30E21C003936EBD7
MD5: c86363c599e5d6836c21a3a3fd21c388
Determination: GOOD

C:\WINDOWS\system32\win87em.dll
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: 22C03F9D0005E87A34B40075B0F00E00517D625F
MD5: c980c971ad4ff3ca5cefdef40932d3a1
Determination: GOOD

C:\WINDOWS\system32\winoldap.mod
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: E19A53B2202676D208C7002132DA8800B79BCD14
MD5: 0ddfd6315da4b29d09d09b6873ea460b
Determination: GOOD

C:\WINDOWS\system32\winsock.dll
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: FCF9BBDC30E28D0D0BF200D9F4D9CD00B79BCD14
MD5: 68485c5ef0e2efcebf21bbb1042b823b
Determination: GOOD

C:\WINDOWS\system32\winspool.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: F5BB157440E5748C08D600021F9AD300B79BCD14
MD5: 0b4b94b78123e8035b84105bc024f9f8
Determination: GOOD

C:\WINDOWS\system32\wowdeb.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: C1613D5DB0A80A260ABB006471357400B79BCD14
MD5: a7b82d6b38a2acd3b2684e7371c6ce93
Determination: GOOD

C:\WINDOWS\system32\timer.drv
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: 01DC5380F09B29550F040024FDB8830045F6872C
MD5: 01dc53809b29550424fdb88345f6872c
Determination: GOOD

C:\WINDOWS\system32\compobj.dll
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: DA21156DD0BCD8E77562007DCF26A600F4FFDA3F
MD5: 40f9fc896b2ba69fdc04d75e9d00dd01
Determination: GOOD

C:\WINDOWS\system32\storage.dll
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: 60BAD4D270E3252C10B800A49D4C780095AFB292
MD5: 3a5cd674ada85bcc1ff26b81b4cdefb5
Determination: GOOD

C:\WINDOWS\system32\ole2.dll
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: F2FC4A2A40B7B6B59BDF00629364AB00A54AED31
MD5: 145aa8ecf0526c093f71117c181694ab
Determination: GOOD

C:\WINDOWS\system32\ole2disp.dll
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: 3E66404830EBCC7296B902E3361C6400BE12EFF7
MD5: eb38be7d7cf9ec15442a9d24cb39a2ac
Determination: GOOD

C:\WINDOWS\system32\ole2nls.dll
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: 09B13294B021FA9E558F026E08072F00900228B5
MD5: 32cfcc848a57f87638e31e8735515f80
Determination: GOOD

C:\WINDOWS\system32\typelib.dll
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: C0620321C004C14EB60D020DCCE16200701F9AEA
MD5: 7161255dfa81e67b66b746d2504d2f2b
Determination: GOOD

C:\WINDOWS\system32\msvideo.dll
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: 790EE65FC0939660F0F4012F00509C00EF668BF3
MD5: 0fec57467004486cf202ed7bdfa5dcee
Determination: GOOD

C:\WINDOWS\system32\avifile.dll
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: 23078576D07C879BAB0E016052733100CC123BD6
MD5: 92fbb472d13a6cc283529301810922fb
Determination: GOOD

C:\WINDOWS\system32\msacm.dll
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: 9509859960B48961EF3C0048E192C7002EB67DBB
MD5: b3e0e6c925d333fdca47808ebf787cb2
Determination: GOOD

C:\WINDOWS\system32\mciavi.drv
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: 8B09E9FBC0AC80C41F5801300F1C5F00B1E6B4D8
MD5: e6a1bb6f039486bceb825b365aa5548d
Determination: GOOD

C:\WINDOWS\system32\mciseq.drv
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: 6F3561B8D089079262B000F61C353D001FC85F9C
MD5: 6f3561b8890792b0f61c353d1fc85f9c
Determination: GOOD

C:\WINDOWS\system32\mciwave.drv
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: 2D1A8D9600222A826E980084C50D45003B805765
MD5: 2d1a8d96222a829884c50d453b805765
Determination: GOOD

C:\WINDOWS\system32\avicap.dll
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls    comm.drv
PX5: 8D50F512B0D5AAB0126C01BC85534E00FA0EC9E8
MD5: 4a78d6c08d90bde538d5b538a082c1c9
Determination: GOOD

C:\WINDOWS\system32\ntsd.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path\Debugger    ntsd -d
PX5: 834FBBDD002D211C7C10004432E9BD00FC3D4F55
MD5: 3ecffb9259462acccaf0063841e85e9b
Determination: GOOD

C:\WINDOWS\system32\mmsys.cpl
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{00022613-0000-0000-C000-000000000046}    Propriet. dei file Multimedia
PX5: 22BCF726009533B3DCCD0D3581FB0B00D4EC536C
MD5: 03887246be42b24c83ca077b00a0036e
Determination: GOOD

C:\WINDOWS\system32\icmui.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{176d6597-26d3-11d1-b350-080036a75b03}    Gestore scanner ICM
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5DB2625A-54DF-11D0-B6C4-0800091AA605}    Gestore monitor ICM
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{675F097E-4C4D-11D0-B6C1-0800091AA605}    Gestore stampante ICM
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{DBCE2480-C732-101B-BE72-BA78E9AD5B27}    Profilo ICC
PX5: 79852F4F004FA70AD8870036A8B3F300BFB6CC72
MD5: cc61775dd0099c04c1c464d2e838e0a3
Determination: GOOD

C:\WINDOWS\system32\rshx32.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1F2E5C40-9550-11CE-99D2-00AA006E086C}    Pagina di protezione NTFS
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}    Pagina di protezione della stampante
PX5: 8E3D69C300B1B3BBA05400C01998E00021B13B08
MD5: 96dbc8f1582fe95b299cd3d6cdba10a2
Determination: GOOD

C:\WINDOWS\system32\docprop.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3EA48300-8CF6-101B-84FB-666CCB9BCD32}    Pagina di propriet. di Docfile OLE
PX5: 4D155A630014F006B8E7003E1F6CD600C0918C31
MD5: 33cf28feac3984edea3b8672a0d7f46a
Determination: GOOD

C:\WINDOWS\system32\deskadp.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{42071712-76d4-11d1-8b24-00a0c9068ff3}    Estensione scheda video del Pannello di controllo
PX5: 1FEBC52C0075696A427B005EACC72200AF70D61C
MD5: 77dd733136353761750b2258ad368a7e
Determination: GOOD

C:\WINDOWS\system32\deskmon.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{42071713-76d4-11d1-8b24-00a0c9068ff3}    Estensione monitor del Pannello di controllo
PX5: E6AC7E1B00B4347342D70033642CB1001FC78895
MD5: b4d9f35f49b9e5b03c45bebd96486fe4
Determination: GOOD

C:\WINDOWS\system32\dssec.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4E40F770-369C-11d0-8922-00A024AB2DBB}    Pagina di protezione DS
PX5: BF365090005B6ECFCC56008F370997000EDC51ED
MD5: fba19f60318c5e62cc531f7265e64899
Determination: GOOD

C:\WINDOWS\system32\SlayerXP.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}    Pagina compatibilit.
PX5: 071E70380069307964410011CDEF880004B79666
MD5: 92e3c0617dda6f19a7b0f680c94c9b6f
Determination: GOOD

C:\WINDOWS\system32\shscrap.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{56117100-C0CD-101B-81E2-00AA004AE837}    Gestore dati dei ritagli di shell
PX5: CEE438A6004ACC126CE400DA76EA3300F6FBD343
MD5: 886e25758e76f75b62955e031eaaa7e5
Determination: GOOD

C:\WINDOWS\system32\diskcopy.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{59099400-57FF-11CE-BD94-0020AF85B590}    Estensione copia dischi
PX5: 74FF218D0092AEB8EC3016F62F9A37009BC24342
MD5: 18ac1727a4fdd1012974ad76580d0c74
Determination: GOOD

C:\WINDOWS\system32\ntlanui2.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{59be4990-f85c-11ce-aff7-00aa003ca9f6}    Estensioni shell per oggetti Rete Microsoft Windows
PX5: 0FBD6225003D84B73AA5000A7557EF00532B5590
MD5: 75ac93bb0eda95a6b928c7949e60b98b
Determination: GOOD

C:\WINDOWS\system32\printui.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{77597368-7b15-11d0-a0c2-080036af3f03}    Estensione shell per la stampante Web
PX5: CFC465B500331E10C08C10062B62D700CE6D524A
MD5: 663a9a9ee97a48c27c76186c985a16b3
Determination: GOOD

C:\WINDOWS\system32\dskquoui.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7988B573-EC89-11cf-9C00-00AA00A14F56}    Disk Quota UI
PX5: 22C011F30068927142C902641380E9009CE9DCD6
MD5: beca74d3e444b46fa22300b26a46b67d
Determination: GOOD

C:\WINDOWS\system32\syncui.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{85BBD920-42A0-1069-A2E4-08002B30309D}    Sincronia file
PX5: 32CB8DAC001BF20AF6D60250E1D558008C7994BA
MD5: ad552fcc0582ea9d1a8f7ab38fb53393
Determination: GOOD

C:\WINDOWS\system32\hticons.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88895560-9AA2-1069-930E-00AA0030EBC8}    Estensione di icona di HyperTerminal
PX5: FDDAAC340069DC70AEDE004813C9AE00464F204F
MD5: 487b70d88ae51825e90c98e067205e60
Determination: GOOD

C:\WINDOWS\system32\fontext.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BD84B380-8CA2-1069-AB1D-08000948F534}    Tipi di carattere
PX5: A9B1E4F6007621917C33293033E9D8001C46C325
MD5: df72f901011f2c7dfee0f7ae04867c19
Determination: GOOD

C:\WINDOWS\system32\deskperf.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{f92e8c40-3d33-11d2-b1aa-080036a75b03}    Display TroubleShoot CPL Extension
PX5: DEBA621400871F794A8D0005514927006E3B795A
MD5: 584dac27268a6a1892062380b1582494
Determination: GOOD

C:\WINDOWS\system32\cryptext.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7444C717-39BF-11D1-8CD9-00C04FC29D45}    Estensione Crypto PKO
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7444C719-39BF-11D1-8CD9-00C04FC29D45}    Estensione firma crittografata
    Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\PropertySheetHandlers\CryptoSignMenu\(default)    {7444C719-39BF-11D1-8CD9-00C04FC29D45}
    Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\PropertySheetHandlers\CryptoSignMenu\(default)    {7444C719-39BF-11D1-8CD9-00C04FC29D45}
PX5: 144B846200DE013DD4E800E6AFBAF700F56839D9
MD5: d8340d897ad5cf76e359d3ebbabb5a03
Determination: GOOD

C:\WINDOWS\system32\NETSHELL.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7007ACC7-3202-11D1-AAD2-00805FC1270E}    Connessioni di rete
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{992CFFA0-F557-101A-88EC-00DD010CCC48}    Connessioni di rete
PX5: F7F9A56A007CF701CA8C3EE01A3E1600C323B8E8
Determination: GOOD

C:\WINDOWS\system32\wiashext.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E211B736-43FD-11D1-9EFB-0000F8757FCD}    Scanner e fotocamere digitali
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}    Scanner e fotocamere digitali
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{905667aa-acd6-11d2-8080-00805f6596d2}    Scanner e fotocamere digitali
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3F953603-1008-4f6e-A73A-04AAC7A992F1}    Scanner e fotocamere digitali
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{83bbcbf3-b28a-4919-a5aa-73027445d672}    Scanner e fotocamere digitali
PX5: C96A74CF00663EB10AB209D765C2F9007A08BE3F
MD5: c1f811f1edc12130f9842b93b588957f
Determination: GOOD

C:\WINDOWS\system32\remotepg.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F0152790-D56E-4445-850E-4F3117DB740C}    Remote Sessions CPL Extension
PX5: B276FC4B0072F7D1EE38004C043BDE00E8D7EAE4
MD5: 248afc0c31e60bbbfaceac5fd66b4f3d
Determination: GOOD

C:\WINDOWS\system32\wshext.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{60254CA5-953B-11CF-8C96-00AA00B8708C}    Estensione shell per Windows Script Host
PX5: 66026A8D0045E4F800BE0104F649E900B9F8B8B3
MD5: 2a7ce0d301ed72a88b5ede591ac7c51a
Determination: GOOD

C:\Programmi\File comuni\System\Ole DB\oledb32.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2206CDB2-19C1-11D1-89E0-00C04FD7A829}    Microsoft Data Link
PX5: 722A7F0200065713701D079CB9F9D70095D47802
MD5: a2033e5a2b7fc1874cacd6d70a7a7095
Determination: GOOD

C:\WINDOWS\system32\mstask.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}    Tasks Folder Icon Handler
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}    Tasks Folder Shell Extension
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D6277990-4C6A-11CF-8D87-00AA0060F5BF}    Operazioni pianificate
PX5: 28BAE091003DDB725CB2048CE9759F0056FCEAAA
MD5: 0661f0fa4264d5d546ee1d7741c30f12
Determination: GOOD

C:\WINDOWS\system32\wuaucpl.cpl
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5F327514-6C5E-4d60-8F16-D07FA08A78ED}    Auto Update Property Sheet Extension
PX5: B717D614001665127CF602A9F30C1F00792CA187
MD5: 747373c80298359850901f5288faea3c
Determination: GOOD

C:\WINDOWS\system32\twext.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{596AB062-B4D2-4215-9F74-E9109B0A8153}    Pagina propriet. versioni precedenti
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9DB7A13C-F208-4981-8353-73CC61AE2783}    Versioni precedenti
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\PropertySheetHandlers\{596AB062-B4D2-4215-9F74-E9109B0A8153}\(default)
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\PropertySheetHandlers\{596AB062-B4D2-4215-9F74-E9109B0A8153}\(default)
PX5: 83D6D2D5007A7A78AC5A00555BE37F0060757F73
MD5: 9c0305df90319693b0b8025976de5c66
Determination: GOOD

C:\WINDOWS\system32\shmedia.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}    Audio Media Properties Handler
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}    Video Media Properties Handler
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E4B29F9D-D390-480b-92FD-7DDB47101D71}    Wav Properties Handler
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{87D62D94-71B3-4b9a-9489-5FE6850DC73E}    Avi Properties Handler
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A6FD9E45-6E44-43f9-8644-08598F5A74D9}    Midi Properties Handler
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{c5a40261-cd64-4ccf-84cb-c394da41d590}    Video Thumbnail Extractor
PX5: 6F935BCA00698E3154450276A47BF4000FC59B48
MD5: bf30bb4d33afa9e7e33f82f7de84f18c
Determination: GOOD

C:\WINDOWS\system32\sendmail.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}    Sendmail service
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}    Sendmail service
PX5: 89815E52001B0148D88B0081AF133A006B487C42
MD5: 2e2cf126e0c68ee3954d4033035ca78e
Determination: GOOD

C:\WINDOWS\system32\occache.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88C6C381-2E85-11D0-94DE-444553540000}    ActiveX Cache Folder
PX5: 343ECD8200E255DF8C0901D1520D220000BCACB7
MD5: 439533e95e5c55c5643da820826c4e5c
Determination: GOOD

C:\WINDOWS\system32\webcheck.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}    WebCheck
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}    Subscription Mgr
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F5175861-2688-11d0-9C5E-00AA00A45957}    Subscription Folder
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{08165EA0-E946-11CF-9C87-00AA005127ED}    WebCheckWebCrawler
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}    WebCheckChannelAgent
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}    TrayAgent
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7D559C10-9FE9-11d0-93F7-00AA0059CE02}    Code Download Agent
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}    ConnectionAgent
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D8BD2030-6FC9-11D0-864F-00AA006809D9}    PostAgent
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}    WebCheck SyncMgr Handler
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\WebCheck    {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
PX5: 31BA766300BB2F8188EB035D03A01A00EDDC5AAD
MD5: aa8b97c29460e5c09466045dec0d6a90
Determination: GOOD

C:\WINDOWS\system32\appwiz.cpl
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{352EC2B7-8B9A-11D1-B8AE-006008059382}    Gestione applicazioni shell
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0B124F8F-91F0-11D1-B8B5-006008059382}    Enumeratore applicazioni installate
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CFCCC7A0-A282-11D1-9082-006008059382}    Darwin App Publisher
PX5: 7BF23A6100E0F9670CF20A88CE0D3F00B022136C
MD5: caa6a887db48ea938912e331731168bd
Determination: GOOD

C:\WINDOWS\system32\shimgvw.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{e84fda7c-1d6a-45f6-b725-cb260c236066}    Shell Image Verbs
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}    Shell Image Data Factory
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3F30C968-480A-4C6C-862D-EFC0897BB84B}    GDI + programma di estrazione file in anteprima
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9DBD2C50-62AD-11d0-B806-00C04FD706EC}    Summary Info Thumbnail handler (DOCFILES)
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EAB841A0-9550-11cf-8C16-00805F1408F3}    Programma di estrazione pagine HTML in anteprima
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}    Shell Image Property Handler
PX5: BF42E4FC005BE16EBC6826F7E01C32006935269C
MD5: f47b5be2f80d94d37c4baab070ac75ae
Determination: GOOD

C:\WINDOWS\system32\netplwiz.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CC6EEFFB-43F6-46c5-9619-51D571967F7D}    Pubblicazione guidata sul Web
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{add36aa8-751a-4579-a266-d66f5202ccbb}    Ordinazione di stampe tramite Web
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6b33163c-76a5-4b6c-bf21-45de9cd503a1}    Oggetto Pubblicazione guidata sul Web
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{58f1f272-9240-4f51-b6d4-fd63d1618591}    Creazione guidata profilo Passport
PX5: C0B90A180022DF616EE40D61CC92200055AE5438
MD5: 497a6c557821b002c784437591ff731b
Determination: GOOD

C:\WINDOWS\system32\zipfldr.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31}    Cartella compressa
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BD472F60-27FA-11cf-B8B4-444553540000}    Compressed (zipped) Folder Right Drag Handler
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}    Compressed (zipped) Folder SendTo Target
PX5: ED969ADB00D5666D4CF81A69EB9E8700C2E3EFBE
MD5: ca6af30028a7099fcffa56d43fc112f5
Determination: GOOD

C:\WINDOWS\system32\extmgr.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{692F0339-CBAA-47e6-B5B5-3B84DB604E87}    Extensions Manager Folder
PX5: DC3276710069624F029302CAF1D5C800054052FE
MD5: 98b23dd98fadc58f3ea0a45e7a9a3fdb
Determination: GOOD

C:\WINDOWS\system32\docprop2.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{883373C3-BF89-11D1-BE35-080036B11A03}    Microsoft DocProp Shell Ext
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A9CF0EAE-901A-4739-A481-E35B73E47F6D}    Microsoft DocProp Inplace Edit Box Control
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8EE97210-FD1F-4B19-91DA-67914005F020}    Microsoft DocProp Inplace ML Edit Box Control
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}    Microsoft DocProp Inplace Droplist Combo Control
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6A205B57-2567-4A2C-B881-F787FAB579A3}    Microsoft DocProp Inplace Calendar Control
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}    Microsoft DocProp Inplace Time Control
    Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\PropertySheetHandlers\{883373C3-BF89-11D1-BE35-080036B11A03}\(default)    Summary Properties Page
    Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\PropertySheetHandlers\{883373C3-BF89-11D1-BE35-080036B11A03}\(default)    Summary Properties Page
PX5: BAD4E96E0064F346BC36008E2891DB0060D308D0
MD5: 886ba5db0a87b5a0d5f85c39424fc2ac
Determination: GOOD

C:\WINDOWS\system32\dsquery.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8A23E65E-31C2-11d0-891C-00A024AB2DBB}    Directory Query UI
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}    Shell properties for a DS object
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}    Directory Object Find
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F020E586-5264-11d1-A532-0000F8757D7E}    Directory Start/Search Find
PX5: 97CEB5F9000C9E25AA2703A3E1CE88000E6ADB1E
MD5: 3241be7fa4e0191ae13d80b605ac980e
Determination: GOOD

C:\WINDOWS\system32\dsuiext.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0D45D530-764B-11d0-A1CA-00AA00C16E65}    Directory Property UI
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{62AE1F9A-126A-11D0-A14B-0800361B1103}    Directory Context Menu Verbs
PX5: 6A192EC500170EFDBCEB0145A96D9300BCCCF2CE
MD5: ca33e221efa6c8bc9081f62fb81c4f46
Determination: GOOD

C:\WINDOWS\system32\mydocs.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ECF03A33-103D-11d2-854D-006008059367}    MyDocs Copy Hook
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ECF03A32-103D-11d2-854D-006008059367}    MyDocs Drop Target
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4a7ded0a-ad25-11d0-98a8-0800361b1103}    MyDocs Properties
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\MyDocuments\(default)    {ECF03A33-103D-11d2-854D-006008059367}
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\MyDocuments\(default)    {ECF03A33-103D-11d2-854D-006008059367}
PX5: 57E2829600BA664D563501A4D8468A00E381B739
MD5: a6b0964d8c897e230de789f515f73c15
Determination: GOOD

C:\WINDOWS\msagent\agentpsh.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{143A62C8-C33B-11D1-84FE-00C04FA34A14}    Microsoft Agent Character Property Sheet Handler
PX5: 7469413C00931FFF5E8700E559045400C1A9DC6C
MD5: 43e7c7538d4fd053d19758dd758a2842
Determination: GOOD

C:\WINDOWS\system32\dfsshlex.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}    DfsShell
PX5: C56F8BCC000B5CE570B200C57894E100F757413D
MD5: 41f6a64eb0d0c8b6fdff7c376f4cec17
Determination: GOOD

C:\WINDOWS\system32\photowiz.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{60fd46de-f830-4894-a628-6fa81bc0190d}    %DESC_PublishDropTarget%
PX5: B7418C4500E88487A00C02F731B52500E7F273D2
MD5: 06cfb5ce176f60aa715635a291960acc
Determination: GOOD

C:\WINDOWS\System32\mmcshext.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7A80E4A8-8005-11D2-BCF8-00C04F72C717}    MMC Icon Handler
PX5: 8A0ADE010092153AC6C80087DEA97400BEB13B83
MD5: d1c8ed56d0db39e432eddc5bfca6dbe5
Determination: GOOD

C:\WINDOWS\system32\cabview.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}    .CAB file viewer
PX5: 3D37E41700A8F7F7542703763FA52300581534FB
MD5: a41787e4706e76e09dff450740b1ba6b
Determination: GOOD

C:\Programmi\Outlook Express\wabfind.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{32714800-2E5F-11d0-8B85-00AA0044F941}    &Contatti...
PX5: 4FBC213F00A9A845805300462EEB2700C79BF84F
MD5: 64ecedd4e261443874cad4d66fe9fe44
Determination: GOOD

C:\WINDOWS\system32\wmpshell.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8DD448E6-C188-4aed-AF92-44956194EB1F}    Windows Media Player Play as Playlist Context Menu Handler
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}    Windows Media Player Burn Audio CD Context Menu Handler
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}    Windows Media Player Add to Playlist Context Menu Handler
PX5: 38347505000E6E3790E70134E584230099E5F235
MD5: 26ff66b17aa576421bc14742157871f2
Determination: GOOD

C:\Programmi\Sony\VAIO Power Management\SPMPanel.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ED58A35B-B554-42AF-A26C-6F3D424200D3}    Sony Power Management Extensiond
PX5: F748F67C006A183F90AA03E0EBAF110065FE67BD
MD5: 83d5b02e89bca69afb5fda0fb314e6b9
Determination: GOOD

C:\Programmi\WinRAR\rarext.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B41DB860-8EE4-11D2-9906-E49FADC173CA}    WinRAR shell extension
    Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\WinRAR\(default)    {B41DB860-8EE4-11D2-9906-E49FADC173CA}
    Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\WinRAR\(default)    {B41DB860-8EE4-11D2-9906-E49FADC173CA}
    Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\WinRAR\(default)    {B41DB860-8EE4-11D2-9906-E49FADC173CA}
    Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\WinRAR\(default)    {B41DB860-8EE4-11D2-9906-E49FADC173CA}
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\WinRAR\(default)    {B41DB860-8EE4-11D2-9906-E49FADC173CA}
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\WinRAR\(default)    {B41DB860-8EE4-11D2-9906-E49FADC173CA}
    Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\DragDropHandlers\WinRAR\(default)    {B41DB860-8EE4-11D2-9906-E49FADC173CA}
    Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\DragDropHandlers\WinRAR\(default)    {B41DB860-8EE4-11D2-9906-E49FADC173CA}
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\DragDropHandlers\WinRAR\(default)    {B41DB860-8EE4-11D2-9906-E49FADC173CA}
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\DragDropHandlers\WinRAR\(default)    {B41DB860-8EE4-11D2-9906-E49FADC173CA}
PX5: 5E34B8E500CF9999DC5301D711EC7C00B8E95433
MD5: ccb4a9503254a3d03f672d19c6cc3fbd
Determination: GOOD

C:\Programmi\File comuni\Microsoft Shared\Web Folders\MSONSEXT.DLL
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BDEADF00-C265-11D0-BCED-00A0C90AB50F}    Cartelle Web
PX5: 0F1AFB4348440729BAFF1329BEE4AB0046B37CB1
MD5: bdbf48d13c5343cced93e675effdb72c
Determination: GOOD

C:\Programmi\Microsoft Office\OFFICE11\MLSHEXT.DLL
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{00020D75-0000-0000-C000-000000000046}    Microsoft Office Outlook Desktop Icon Handler
PX5: 9B2D4CB3588A5EDB6A2600A1D5BF7900111D2336
MD5: 1b085e6b3ad4c110fbb9c6be353e913b
Determination: GOOD

C:\Programmi\Microsoft Office\OFFICE11\OLKFSTUB.DLL
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0006F045-0000-0000-C000-000000000046}    Microsoft Office Outlook Custom Icon Handler
PX5: 19E651CC58314F6F8A2003BC4AFAA0001C166509
MD5: 36daa15e14c55d2a2f1a7c7674e4deb3
Determination: GOOD

C:\Programmi\AntiVir PersonalEdition Classic\shlext.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{45AC2688-0253-4ED8-97DE-B5370FA7D48A}    Shell Extension for Malware scanning
    Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\Shell Extension for Malware scanning\(default)    {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
    Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\Shell Extension for Malware scanning\(default)    {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
    Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Shell Extension for Malware scanning\(default)    {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
    Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Shell Extension for Malware scanning\(default)    {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
PX5: DE02F87E281C3F96F031006E1FB7EE0030E78506
MD5: 985d428316105bae82b9c0eb4f91a191
Determination: GOOD

C:\Programmi\Microsoft Office\Visio11\VISSHE.DLL
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{506F4668-F13E-4AA1-BB04-B43203AB3CC0}    {506F4668-F13E-4AA1-BB04-B43203AB3CC0}
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D66DC78C-4F61-447F-942B-3FB6980118CF}    {D66DC78C-4F61-447F-942B-3FB6980118CF}
PX5: 3ABEA0EA384D1EC5FC840BC566695F00289A62B1
MD5: fa789ae5ceb84ab4946a618eccc55291
Determination: GOOD

C:\WINDOWS\system32\dfshim.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{e82a2d71-5b2f-43a0-97b8-81be15854de8}    ShellLink for Application References
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75}    Shell Icon Handler for Application References
PX5: 494A923700854E7646D901138F98BF001434DC1A
MD5: b3511383c8be3a8c5b88a78971fc1141
Determination: GOOD

C:\WINDOWS\BricoPacks\Vista Inspirat\iColorFolder\CMExt.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ABC70703-32AF-11d4-90C4-D483A70F4825}    CMenuExtender
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\CMenuExtender\(default)    {ABC70703-32AF-11d4-90C4-D483A70F4825}
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\CMenuExtender\(default)    {ABC70703-32AF-11d4-90C4-D483A70F4825}
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\CMenuExtender    {ABC70703-32AF-11d4-90C4-D483A70F4825}
PX5: D4B66485006F068EB67C00CC8821C5001F6DF5C4
MD5: 66cd17bec14ad29c957fc77b797723e8
Determination: GOOD

C:\WINDOWS\system32\erasext.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8BE13461-936F-11D1-A87D-444553540000}    Eraser Shell Extension
    Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\Erasext\(default)    {8BE13461-936F-11D1-A87D-444553540000}
    Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\Erasext\(default)    {8BE13461-936F-11D1-A87D-444553540000}
    Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Erasext\(default)    {8BE13461-936F-11D1-A87D-444553540000}
    Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Erasext\(default)    {8BE13461-936F-11D1-A87D-444553540000}
    Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\DragDropHandlers\Erasext\(default)    {8BE13461-936F-11D1-A87D-444553540000}
    Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\DragDropHandlers\Erasext\(default)    {8BE13461-936F-11D1-A87D-444553540000}
PX5: FE83A08150071F80756D045B10F0860016C5523F
MD5: 80c6402248677821086719522f274194
Determination: GOOD

C:\WINDOWS\system32\phototoys.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1530F7EE-5128-43BD-9977-84A4B0FAD7DF}    PhotoToys
PX5: 04D2593000EE1ADE5499003910B55900DF84DD56
MD5: 750858f1113c29738f7efa42b680041b
Determination: GOOD

C:\Programmi\Nokia\Nokia PC Suite 6\phonebrowser.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}    Nokia Phone Browser
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\Nokia\(default)    {416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\Nokia\(default)    {416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}
PX5: CC232BE000C7209D747E09DC489DB600F396254C
MD5: 015055be9cd9058778cb74d8739718f2
Determination: GOOD

C:\WINDOWS\system32\stobject.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\SysTray    {35CEC8A3-2BE6-11D2-8773-92E220524153}
PX5: 54D80CDC00F43E2D2026066C15CB85009FF5435F
MD5: 4a9f329ca2790e67fbd865d08a843207
Determination: GOOD

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\MiniDumpAuxiliaryDlls\C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
PX5: EF54F26D0008E1F238C20CD47ED58E00B5718750
MD5: ab2895b99611a536b18b1ab8f8c55bbe
Determination: GOOD

C:\WINDOWS\system32\msapsspc.dll
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\SecurityProviders\SecurityProviders    msapsspc.dll
PX5: 8C479BBA0065475850000105207F00002CA02E51
MD5: 9b6e96f4ec4104bcb180c5bea2787b3f
Determination: GOOD

C:\WINDOWS\system32\digest.dll
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\SecurityProviders\SecurityProviders    msapsspc.dll
PX5: 2283761F0087EB020C9B01CC3CCBC600B4AB6B96
MD5: 9b4cd31081f2ce1d69d2580d015c82ea
Determination: GOOD

C:\WINDOWS\system32\msnsspc.dll
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\SecurityProviders\SecurityProviders    msapsspc.dll
PX5: 5FC3C3D6008FE4D0702D042D3521CB003038EB19
MD5: a99939bae7757437683f4d6b1021a499
Determination: GOOD

C:\WINDOWS\Resources\themes\Luna\Luna.msstyles
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Themes\InstallVisualStyle    %SystemRoot%\Resources\themes\Luna\Luna.msstyles
PX5: D4AC08E190E1815FF0763FFB772E82003759142D
Determination: GOOD

C:\WINDOWS\system32\rdpclip.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms    rdpclip
PX5: 3129DB34009CADCFF4300018D68AB90013FA4372
MD5: 456e33d8a5b34b0b9b5de1270e13c7a3
Determination: GOOD

C:\WINDOWS\system32\rdpwsx.dll
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\WsxDll    rdpwsx
PX5: 2D4F90888862EA65546401DF11DAFF009FB4CACF
MD5: 98b543037e34c640622fa61e895326c4
Determination: GOOD

C:\WINDOWS\system32\RDPCFGEX.DLL
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\CfgDll    RDPCFGEX.DLL
PX5: 648184F200AE0568123C00C1F661D900A8042FB8
MD5: 0f6f4433f47441c14f17d5348cf609b0
Determination: GOOD

C:\WINDOWS\System32\cmd.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\TelnetServer\1.0\DefaultShell    %SYSTEMROOT%\System32\cmd.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\TelnetServer\Defaults\DefaultShell    %SYSTEMROOT%\System32\cmd.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\TelnetServer\1.0\DefaultShell    %SYSTEMROOT%\System32\cmd.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\TelnetServer\Defaults\DefaultShell    %SYSTEMROOT%\System32\cmd.exe
    Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\SafeBoot\AlternateShell    cmd.exe
PX5: 174F65020044C14C12140CF23AA7F30070B16498
MD5: c10ae54193e64775e43313a5d4fe054c
Determination: GOOD

C:\WINDOWS\system32\rdpsnd.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP\wave    rdpsnd.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP\mixer    rdpsnd.dll
PX5: 34FBA65500CFB6AF4EE7003742BB470065937B12
MD5: 1c5c414cc29d507b89e355e1733a7491
Determination: GOOD

C:\WINDOWS\system32\msacm32.drv
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP\wavemapper    msacm32.drv
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\wavemapper    msacm32.drv
PX5: F8EB7CDA00A2596F522700876A3BC9005F29A42B
MD5: 05e84eead6b27c958621a4e6d33859d1
Determination: GOOD

C:\WINDOWS\system32\midimap.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP\midimapper    midimap.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\midimapper    midimap.dll
PX5: 8C299C3E002D88084A0000F598A51000C8C9681D
MD5: eaaa11be5c162266e698f7658bd8a1da
Determination: GOOD

C:\WINDOWS\system32\imaadp32.acm
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.imaadpcm    imaadp32.acm
PX5: 528D926A00EB3B4A408A0067B777E0007219DE4B
MD5: 316f81b3ec381c1c76e07ca43fc12bfc
Determination: GOOD

C:\WINDOWS\system32\msadp32.acm
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.msadpcm    msadp32.acm
PX5: 9896734D003A7B4A3AD6001B2D129300C6CAD27F
MD5: 147ba07670fa18d112d631b9eec2ca21
Determination: GOOD

C:\WINDOWS\system32\msg711.acm
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.msg711    msg711.acm
PX5: 98836843004ECD5624170012D62AF300ADA7FDE1
MD5: d609edecb9692217bca166c09a8aa6d0
Determination: GOOD

C:\WINDOWS\system32\msgsm32.acm
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.msgsm610    msgsm32.acm
PX5: 7715C6930008610D4E5300A5AC1D5400348AB758
MD5: dbb6c6dba7c404bf266e064889c45907
Determination: GOOD

C:\WINDOWS\system32\tssoft32.acm
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.trspch    tssoft32.acm
PX5: 9DB260C30072F5C620530046E6B0DC000EF1898D
MD5: 49445261ffaab7f8b915c4d3041aa7f4
Determination: GOOD

C:\WINDOWS\system32\iccvid.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.cvid    iccvid.dll
PX5: 0CEE20B80002FE623A80014E667E0900EDC97E34
MD5: be4de2539b3db9d31d75fe0d323c52ee
Determination: GOOD

C:\WINDOWS\system32\msh263.drv
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\VIDC.I420    msh263.drv
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.M263    msh263.drv
PX5: D1EBECF00092F1C390AB04548720B200A8771D55
MD5: b2e67e6045966c14a746627dccf3f67d
Determination: GOOD

C:\WINDOWS\system32\ir32_32.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.iv31    ir32_32.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.iv32    ir32_32.dll
PX5: 48C6FD2800CF7D770AB40340E9EE0B00336C0935
MD5: cde3aeaeeff57dbb43133f46e96ad8c5
Determination: GOOD

C:\WINDOWS\system32\ir41_32.ax
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.iv41    ir41_32.ax
PX5: 88C1844600D60C2BF2960C06110E8900D716354E
MD5: 757c7944eb0d518020bb59a1a3ae9826
Determination: GOOD

C:\WINDOWS\system32\iyuv_32.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\VIDC.IYUV    iyuv_32.dll
PX5: 8D2F485A000F6953BA8B00EF89F3AE0028DCEE98
MD5: 193315b73270bad33a3c2f527c8380f6
Determination: GOOD

C:\WINDOWS\system32\msrle32.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.mrle    msrle32.dll
PX5: 6AD29AC5008293D12C2D00B216F74700B26503F0
MD5: 7b999ca58c6276d885f17abc73982009
Determination: GOOD

C:\WINDOWS\system32\msvidc32.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.msvc    msvidc32.dll
PX5: CE4E524C0073A8EC64FF00E1300C68000D8D97A8
MD5: d648edba85278839e30979ce627e5c81
Determination: GOOD

C:\WINDOWS\system32\msyuv.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\VIDC.UYVY    msyuv.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\VIDC.YUY2    msyuv.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\VIDC.YVYU    msyuv.dll
PX5: 92EC75E800DB9BE5440C000A47ABC3009642377A
MD5: b35e1e08bf94e68daf5d9f52485ea368
Determination: GOOD

C:\WINDOWS\system32\tsbyuv.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\VIDC.YVU9    tsbyuv.dll
PX5: 86646A040019522320A100B4BB4D900094B11477
MD5: a892ec07dffc3d8bf879102982f08721
Determination: GOOD

C:\WINDOWS\system32\msg723.acm
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.msg723    msg723.acm
PX5: 11020CC8008FB79ED00601EAD6C03900AA679A83
MD5: d53bde174ad076ae58c8245a524cfb85
Determination: GOOD

C:\WINDOWS\system32\msh261.drv
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.M261    msh261.drv
PX5: A41AA5420008DA3EF0B402388EE55600B25D24F8
MD5: 35f5338123495c871c4c7cc9fce784f6
Determination: GOOD

C:\WINDOWS\system32\msaud32.acm
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.msaudio1    msaud32.acm
PX5: C38F33CC0026C9E080B10460DFC46F004CE633B9
MD5: 9efca60a4bdcf77fc5e2337e3ab61b1e
Determination: GOOD

C:\WINDOWS\system32\sl_anet.acm
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.sl_anet    sl_anet.acm
PX5: 3DA8D952002B67BF508D01A57E615F00B2B2EA92
MD5: c2e1907dde505f02585e7c85f927333a
Determination: GOOD

C:\WINDOWS\system32\iac25_32.ax
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.iac2    C:\WINDOWS\system32\iac25_32.ax
PX5: D062C8E7003B5A390C1703C014BB9700CE1BED53
MD5: 60b88c336ef385eb0ed77b73852712f3
Determination: GOOD

C:\WINDOWS\system32\ir50_32.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.iv50    ir50_32.dll
PX5: 8FA030FE0030B5D3865F0B4087D0420068F6854C
MD5: b11fb596034932dc55a7638911f482c2
Determination: GOOD

C:\WINDOWS\system32\l3codeca.acm
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.l3acm    C:\WINDOWS\system32\l3codeca.acm
PX5: 29088BE70099BF88700A0426A3266D008E350E66
MD5: 4b4fd61ebb404842eb5823a50a3a58a9
Determination: GOOD

C:\WINDOWS\system32\wdmaud.drv
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\wave    wdmaud.drv
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\midi    wdmaud.drv
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\mixer    wdmaud.drv
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\aux    wdmaud.drv
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Userinstallable.drivers\wave    wdmaud.drv
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Userinstallable.drivers\wave1    wdmaud.drv
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Userinstallable.drivers\wave2    wdmaud.drv
PX5: E19B13CB00CFB9ED5C250033B033BB00A27F216F
MD5: 6deb9059000c34770192b78d85f6d387
Determination: GOOD

C:\WINDOWS\system32\VfWWDM32.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\MSVideo8    VfWWDM32.dll
PX5: 50A7CDEB00FEFE76D6A800E76B929700EFCC0032
MD5: 148b5330921c365fa4a2db6c431a9b2c
Determination: GOOD

C:\WINDOWS\system32\mobilev.acm
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\MSACM.CEGSM    mobilev.acm
PX5: D352C36A52103C5EE0B500BAF47031002761CD98
MD5: 2f2d08fa7e0ae68dbb2a836056b4618e
Determination: GOOD

C:\Programmi\File comuni\Sony Shared\VideoLib\sonydv.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\VIDC.dvsd    C:\PROGRA~1\FILECO~1\SONYSH~1\VideoLib\sonydv.dll
PX5: 26C1AE52006C2B1940110120856EB800353D890F
MD5: 6ebb71e4b60d3f5af8296c3d352131c1
Determination: GOOD

C:\WINDOWS\system32\DivX.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.DIVX    DivX.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.yv12    DivX.dll
PX5: 724935205A81D9D34CF60B56A8915100614C1406
MD5: cf27f9f4c488b9628080e0fc47f77f79
Determination: GOOD

C:\WINDOWS\system32\vmnc.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\VIDC.VMnc    vmnc.dll
PX5: 35F651F8300634D52B16034C73F89100FB7D0866
MD5: 57dc0098b7e0f482f5805d4ca8d855fe
Determination: GOOD

C:\WINDOWS\system32\ipnathlp.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\AUTODHCP\DllName    ipnathlp.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\DNSPROXY\DllName    ipnathlp.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\FTP\DllName    ipnathlp.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\H323\DllName    ipnathlp.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\IPNAT\DllName    ipnathlp.dll
PX5: 89882A6E0030CF0B12CE052A40AAE5009F9198F9
MD5: 1da364fa673e18bc1de8f5cdf3657dbd
Determination: GOOD

C:\WINDOWS\system32\ipxrip.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ipx\IPXRIP\DllName    ipxrip.dll
PX5: 859821B9009D40A9548200AD83A363008B36EF0D
MD5: 2dac54a61b837fac36ffd92b7e39b3ff
Determination: GOOD

C:\WINDOWS\system32\ipxsap.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ipx\IPXSAP\DllName    ipxsap.dll
PX5: 85797B9500D099280499015DBB948C00AAAAF548
MD5: 3eea6d343b3d6fcf500db1837c07df06
Determination: GOOD

C:\WINDOWS\System32\iprtrmgr.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\DllPath    %SystemRoot%\System32\iprtrmgr.dll
PX5: D40494A6008ED12A98FE023AAD1857000DD8C7B5
MD5: 30584106b1e3c4f836d35c92ba38b184
Determination: GOOD

C:\WINDOWS\System32\ipxrtmgr.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ipx\DllPath    %SystemRoot%\System32\ipxrtmgr.dll
PX5: 4718448E00AA1CC09C1B00C6E262700012078A35
MD5: 7ff943a30ba413c3f43e8441a28b7aa7
Determination: GOOD

C:\WINDOWS\system32\Firewall.cpl
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\Internet Connection Firewall    Firewall.cpl
PX5: C6AD4E5900619E5B3AA801566FFF65004318E0B5
MD5: 486c95d7867757ef75946cdc7fa547dd
Determination: GOOD

C:\WINDOWS\system32\NetSetup.cpl
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\NetSetupWizard    NetSetup.cpl
PX5: 1727E2B500CA6EDF648A0091303FF7003D7EE312
MD5: 6c00e8b5734cd98456e36a1919393597
Determination: GOOD

C:\Programmi\File comuni\Microsoft Shared\Speech\sapi.cpl
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\Speech    C:\Programmi\File comuni\Microsoft Shared\Speech\sapi.cpl
PX5: 4B95DF2F0028608F7026024663B5470081E40772
MD5: b281e4e0c7de6016f067191aa0b10047
Determination: GOOD

C:\Programmi\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\Nero BurnRights    C:\Programmi\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl
PX5: B5D6CF13005E234C405A0172B5D4E7002612F136
MD5: 73f32a322ca81102bd0e84c215d2a815
Determination: GOOD

C:\Programmi\AntiVir PersonalEdition Classic\avconfig.cpl
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\Avira AntiVir PersonalEdition Classic Configuration    C:\PROGRA~1\ANTIVI~1\avconfig.cpl
PX5: 1A59653128BA4FDE102E012AB3D61B007C08E6B9
MD5: d0feba1b5e4a52c24b258de203385e86
Determination: GOOD

C:\Programmi\Nokia\Nokia PC Suite 6\ConnectionManager.cpl
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\NokiaConnectionManager    C:\PROGRA~1\Nokia\NOKIAP~1\CONNEC~1.CPL
PX5: 97C7732900EE108868FD0073F410A200409DE2E5
MD5: fced18506ca26604a78dcb024336f9bd
Determination: GOOD

C:\WINDOWS\system32\Magnify.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Accessibility\Utility Manager\Magnifier\Application path    Magnify.exe
PX5: 8FD0DD1200F1CC211E520147693D72005CC20F83
MD5: b8485b1b335c0c00397dd7abc041475d
Determination: GOOD

C:\WINDOWS\system32\osk.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Accessibility\Utility Manager\On-Screen Keyboard\Application path    osk.exe
PX5: 865A974F008F100B4EF6035F16FFB2007D13E899
MD5: 7d5b9dd2d397e5d323c5de2d0b4caeb6
Determination: GOOD

C:\Programmi\File comuni\Microsoft Shared\GRPHFLT\GIFIMP32.FLT
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Export\GIF\Path    C:\PROGRA~1\FILECO~1\MICROS~1\GRPHFLT\GIFIMP32.FLT
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\GIF\Path    C:\PROGRA~1\FILECO~1\MICROS~1\GRPHFLT\GIFIMP32.FLT
PX5: 1AFC15B7586A5DF9BCF2022DB710D4008D512047
MD5: fbc40188cbc315f8a8dfacd0d2b90b59
Determination: GOOD

C:\Programmi\File comuni\Microsoft Shared\GRPHFLT\JPEGIM32.FLT
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Export\JPEG\Path    C:\PROGRA~1\FILECO~1\MICROS~1\GRPHFLT\JPEGIM32.FLT
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\JPEG\Path    C:\PROGRA~1\FILECO~1\MICROS~1\GRPHFLT\JPEGIM32.FLT
PX5: 561D8D31584B04827C1102EBE625B600DEC6EAF4
MD5: 60434b6daaaa5bf3813e2205b87ccbf8
Determination: GOOD

C:\Programmi\File comuni\Microsoft Shared\GRPHFLT\PNG32.FLT
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Export\PNG\Path    C:\PROGRA~1\FILECO~1\MICROS~1\GRPHFLT\PNG32.FLT
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\PNG\Path    C:\PROGRA~1\FILECO~1\MICROS~1\GRPHFLT\PNG32.FLT
PX5: 41F3277C587D0DCC802F02C1B6DDD100D7B2F136
MD5: 55ae5da2cace64e3077eb2bdc3da10eb
Determination: GOOD

C:\Programmi\File comuni\Microsoft Shared\GRPHFLT\EPSIMP32.FLT
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\EPS\Path    C:\PROGRA~1\FILECO~1\MICROS~1\GRPHFLT\EPSIMP32.FLT
PX5: 32EC21B05869C5577E1F0662DE1C0A0072491BA6
MD5: 304134597c6b01b7ad92992c19ca197e
Determination: GOOD

C:\Programmi\File comuni\Microsoft Shared\GRPHFLT\PICTIM32.FLT
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\PICT\Path    C:\PROGRA~1\FILECO~1\MICROS~1\GRPHFLT\PICTIM32.FLT
PX5: 2B3FBA5458C98F78F08400114D3B6600CE83D717
MD5: 176459a49103c6c3e21e0f0cc5de64c6
Determination: GOOD

C:\Programmi\File comuni\Microsoft Shared\MSInfo\ieinfo5.ocx
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSInfo\Templates\ieinfo5\(default)    C:\Programmi\File comuni\Microsoft Shared\MSInfo\ieinfo5.ocx
PX5: D9CCCE7600AE330472C5014263EDAE006E08A176
MD5: 7cfdd7f54c64bff62f64665a7e567896
Determination: GOOD

C:\Programmi\File comuni\Microsoft Shared\MSInfo\OINFO11.OCX
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSInfo\Templates\OInfo11\(default)    C:\PROGRA~1\FILECO~1\MICROS~1\MSINFO\OINFO11.OCX
PX5: FB9F0DC45862323C4A580BB65E7AC000AC09EC29
MD5: 79713a682824e689082d8cc4c0d1d6bd
Determination: GOOD

C:\Programmi\File comuni\Microsoft Shared\MSInfo\MSInfo32.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSInfo\Path    C:\Programmi\File comuni\Microsoft Shared\MSInfo\MSInfo32.exe
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSInfo\Path    C:\Programmi\File comuni\Microsoft Shared\MSInfo\MSInfo32.exe
PX5: DCC20BBB0036A3BB9EFA00953DF8F200E6CDE36A
MD5: 12644a48270558aec35230e476534f48
Determination: GOOD

C:\Programmi\File comuni\Microsoft Shared\TextConv\HTML32.CNV
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\HTML\Path    C:\PROGRA~1\FILECO~1\MICROS~1\TEXTCONV\HTML32.CNV
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\HTML\Path    C:\PROGRA~1\FILECO~1\MICROS~1\TEXTCONV\HTML32.CNV
PX5: 66466778586DAB96C483047DF729C400CC662630
MD5: 736d25f66058b3829749782fbdc62b6d
Determination: GOOD

C:\Programmi\Microsoft ActiveSync\pwiofcnv.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\MSInkWriter\Path    C:\Programmi\Microsoft ActiveSync\pwiofcnv.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\MSPocketInkWord\Path    C:\Programmi\Microsoft ActiveSync\pwiofcnv.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSInkWriter\Path    C:\Programmi\Microsoft ActiveSync\pwiofcnv.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSInkWriterTemplate\Path    C:\Programmi\Microsoft ActiveSync\pwiofcnv.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSPocketInkWord\Path    C:\Programmi\Microsoft ActiveSync\pwiofcnv.dll
PX5: 818AF32B53DB764F707E0006952B4A001A02475B
MD5: 226476a54c0b789d8ae151a6047f84de
Determination: GOOD

C:\Programmi\Microsoft ActiveSync\pwoffcnv.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\MSPocketWord\Path    C:\Programmi\Microsoft ActiveSync\pwoffcnv.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSPocketWord\Path    C:\Programmi\Microsoft ActiveSync\pwoffcnv.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSPocketWordTemplate\Path    C:\Programmi\Microsoft ActiveSync\pwoffcnv.dll
PX5: C2616EAA53565A8AA07B005656667200A7AC9112
MD5: 3d621cb42c1ed37f25e52c07730aece2
Determination: GOOD

C:\Programmi\File comuni\Microsoft Shared\TextConv\WRD6ER32.CNV
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\MSWord6RTFExp\Path    C:\PROGRA~1\FILECO~1\MICROS~1\TEXTCONV\WRD6ER32.CNV
PX5: C3C71C92400AE19A461E003B3C2E07005391A6FD
MD5: e53620bef06b224fe7a67388b0becff2
Determination: GOOD

C:\Programmi\File comuni\Microsoft Shared\TextConv\write32.wpc
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWinWrite.wpc\Path    C:\Programmi\File comuni\Microsoft Shared\TextConv\write32.wpc
PX5: 71A6A3C449C4AC08B01A01656F55D100B9B2E691
MD5: afd63ca25e43793fd7c42c5f74961559
Determination: GOOD

C:\Programmi\File comuni\Microsoft Shared\TextConv\mswrd632.wpc
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWord6.wpc\Path    C:\Programmi\File comuni\Microsoft Shared\TextConv\mswrd632.wpc
PX5: 255241CE4A8E0D0D40E903D813E15E00D95525A3
MD5: da91b90d37135534d061b7e3480fc11c
Determination: GOOD

C:\Programmi\File comuni\Microsoft Shared\TextConv\MSWRD832.CNV
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWord8\Path    C:\PROGRA~1\FILECO~1\MICROS~1\TEXTCONV\MSWRD832.CNV
PX5: 6C2F7F9458015FF64E040324CD763100F5986932
MD5: 8015f47e6d0e7eeef6f29bf3cb946638
Determination: GOOD

C:\Programmi\File comuni\Microsoft Shared\TextConv\RECOVR32.CNV
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\Recover\Path    C:\PROGRA~1\FILECO~1\MICROS~1\TEXTCONV\RECOVR32.CNV
PX5: A0E75DBF5869DD1778C700BCF0A48A00305991ED
MD5: da4e955d7542ba7b9cead34b48f6ae24
Determination: GOOD

C:\Programmi\ISOpen\ISOpenMenu.dll
    Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\ISOpenMenuHandler\(default)    {B92FD3C8-F5A5-4F3E-B299-D24A69E7EC41}
    Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\ISOpenMenuHandler\(default)    {B92FD3C8-F5A5-4F3E-B299-D24A69E7EC41}
    Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\ISOpenMenuHandler\(default)    {B92FD3C8-F5A5-4F3E-B299-D24A69E7EC41}
    Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\ISOpenMenuHandler\(default)    {B92FD3C8-F5A5-4F3E-B299-D24A69E7EC41}
PX5: E9311F1A003F42FA402101115632040091B34A70
MD5: f963f0e942e85d06e35fc557aee3fc5a
Determination: GOOD

C:\Programmi\GlobalSCAPE\CuteFTP 8 Professional\CuteShell.dll
    Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\CuteFTP 8 Professional\(default)    {8f7261d0-d2b9-11d2-9909-00605205b24c}
    Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\CuteFTP 8 Professional\(default)    {8f7261d0-d2b9-11d2-9909-00605205b24c}
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\CuteFTP 8 Professional\(default)    {8f7261d0-d2b9-11d2-9909-00605205b24c}
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\CuteFTP 8 Professional\(default)    {8f7261d0-d2b9-11d2-9909-00605205b24c}
PX5: E07083B6009A6EEA901502BFA5AC31000BA1B6BB
MD5: 4e7921afb03a8444a257a7e932b7331f
Determination: GOOD

C:\Programmi\DAP\Privacy Package\DAPCtxMenuShell.dll
    Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\DAP_ShredMenu\(default)    {BED4C38B-F765-45AC-8C56-613F76BBF43E}
    Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\DAP_ShredMenu\(default)    {BED4C38B-F765-45AC-8C56-613F76BBF43E}
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\DAP_ShredMenu\(default)    {BED4C38B-F765-45AC-8C56-613F76BBF43E}
    Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\DAP_ShredMenu\(default)    {BED4C38B-F765-45AC-8C56-613F76BBF43E}
PX5: EC1F69935BD8E9D2D01A001049095B001E5F833C
MD5: 11e20ae53e422da47bc5238657c5a834
Determination: GOOD

C:\Programmi\Microsoft ActiveSync\INetRepl.dll
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Extensions\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}\clsidExtension    {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F}
PX5: C2500743536A4BEE004A024E396B8F00B0A19DA6
MD5: 9d2538bdb2b5040fb15cdcb949ca4557
Determination: GOOD

C:\Programmi\Microsoft Office\OFFICE11\REFIEBAR.DLL
    Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}\BandCLSID    {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
PX5: A83FCF6640922AC79E180079D56A39000F46AC8A
MD5: 0fa0bdaa2ff4ed7e5a2fa2ec1b536712
Determination: GOOD

C:\Programmi\Memturbo 4\MemTurbo.exe
    Loaded from: FILE
PX5: AF638916009C3CF5BE072366DB345B0063FF056E
MD5: 064cc6545b42f7e89f1edd448d2909bc
Determination: GOOD

C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
    Loaded from: FILE
PX5: E030AAC2453A0FFAE0C31BCC940BE90092D952C6
MD5: ffed2f0c2e32579f2e07404b2ab7e6bf
Determination: GOOD

C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
    Loaded from: FILE
PX5: C344F5600080EF3A60BA0169D23BF500B7377B90
MD5: b63a4cfcef280f4cacf0a17e6c484d56
Determination: GOOD

C:\WINDOWS\system32\advpack.dll.mui
    Loaded from: FILE
PX5: A3C1EECA009173A9307900B3BCE3AD00B8C5D1AA
MD5: fc35907d12ca343991204222a683da06
Determination: GOOD

C:\WINDOWS\system32\advutil.dll
    Loaded from: FILE
PX5: AC3FE2D60047CFD4C0B60043B3F7F200A89F4E91
MD5: 9569949fb960c68c683d345ae2a51b77
Determination: GOOD

C:\WINDOWS\system32\apigid32.dll
    Loaded from: FILE
PX5: 904021B500F276EAFE1C0094999F6C003FD8185F
MD5: 3e5ae5118c7ee42abd03e25eb36d4315
Determination: GOOD

C:\WINDOWS\system32\FtpX.dll
    Loaded from: FILE
PX5: EE0F93FA004AC6BF00EC0410DF50BC00522F9B2D
MD5: 185b964a74595232f0fa1edae24684e0
Determination: GOOD

C:\WINDOWS\system32\iconv.dll.off
    Loaded from: FILE
PX5: 41D898E200AC2EFB905C0D193B08F400081CF294
MD5: ea2714c8a9ff6ca9e6556b4f41583991
Determination: GOOD

C:\WINDOWS\system32\ieframe.dll.mui
    Loaded from: FILE
PX5: 72FC1C0E00F078AAC0D20F16A598690059B69E76
MD5: fefbaf46c927b9e1d8c8adf2b963b740
Determination: GOOD

C:\WINDOWS\system32\libxml2.dll.off
    Loaded from: FILE
PX5: E9D90432007CE8DAB6150D16A12548007BF6736C
MD5: faee73c713efb4bce218c45a8488f934
Determination: GOOD

C:\WINDOWS\system32\nmwcdcocls.dll
    Loaded from: FILE
PX5: 1FB21A59005C2200006301F6DD0222007DF7D3A2
MD5: 44b04bb3542abc9c282d0b704e8c3e00
Determination: GOOD

C:\WINDOWS\system32\spupdsvc.exe
    Loaded from: FILE
PX5: 44E51C8FE088782E580500D8C96B8F00C1DE6E4D
MD5: 5bd42584f0c8dace32a72089600e08f7
Determination: GOOD

C:\WINDOWS\system32\watchdog.sys
    Loaded from: FILE
PX5: A5490EC7005C2AF84570001E79455E0011553B7B
MD5: c9bf2f12c4e6c12f8a85fba4b6bc6208
Determination: GOOD

C:\WINDOWS\system32\win32k.sys
    Loaded from: FILE
PX5: B61A5CF40006DE0604901CFDDD44000019AAB650
MD5: 152d48f5d41cb4aebdf187755d315a4a
Determination: GOOD

C:\WINDOWS\system32\zlib1.dll.off
    Loaded from: FILE
PX5: A240045700EB79FB2095015741AEFB00EE653EBE
MD5: 5006eaab6f921a1c44aab7c93ad0bd95
Determination: GOOD

C:\WINDOWS\drvr166
    Loaded from: FILE
PX5: 54C80DCF228F070F003B00AF5E0F5B0082029CD9

C:\WINDOWS\kds32
    Loaded from: FILE
PX5: 54C80DCF228F070F003B00AF5E0F5B0082029CD9

C:\WINDOWS\stmp622
    Loaded from: FILE
PX5: 54C80DCF228F070F003B00AF5E0F5B0082029CD9

C:\WINDOWS\sys2214
    Loaded from: FILE
PX5: 54C80DCF228F070F003B00AF5E0F5B0082029CD9

C:\WINDOWS\wiaservc.log
    Loaded from: FILE
PX5: DA409DFE323D11E40071008F81DDF000687BF708

C:\Documents and Settings\Davide\Impostazioni locali\Temporary Internet Files\Content.IE5\LNUDI1T1\PREVXCSIFREE[1].EXE
    Loaded from: FILE
PX5: 3043F13238834E375CDF093924CA3700BC43F30C
MD5: 6b49f60ffb733cd56766951954052f94
Determination: GOOD

C:\Documents and Settings\Davide\Impostazioni locali\Temp\removalfile.bat
    Loaded from: FILE
PX5: 9A7EF0912B67A6F40043003681B9430051509043

C:\WINDOWS\system32\drivers\1394bus.sys
    Loaded from: FILE
PX5: A01D29000095FDD3D05B00D74275E7003170E933
MD5: 009927db8019c54477dabf6f9d795053
Determination: GOOD

C:\WINDOWS\system32\drivers\acrusbxp.sys
    Loaded from: FILE
PX5: E8B6CBF4806D8E8D573900A5AFD9A10010556B38
MD5: 92cde5ae59d97a225a38494b1587f495
Determination: GOOD

C:\WINDOWS\system32\drivers\amdk6.sys
    Loaded from: FILE
PX5: 4242D904806C60F8A08300740C09B400A99A704A
MD5: 03bbca770830a6ffc5a57b697d150f2f
Determination: GOOD

C:\WINDOWS\system32\drivers\amdk7.sys
    Loaded from: FILE
PX5: EABF85AE00CF7D2BA2F600B95331A000E92CF98B
MD5: a4ff6cfcd83941b3628779cb32959c2b
Determination: GOOD

C:\WINDOWS\system32\drivers\atmepvc.sys
    Loaded from: FILE
PX5: 7363E81E80EDA4EC7A0200CE34E22400450A279B
MD5: 39a0a59180f19946374275745b21aeba
Determination: GOOD

C:\WINDOWS\system32\drivers\atmlane.sys
    Loaded from: FILE
PX5: 823332B380717184DAFD00B035ED9500F95C0458
MD5: 0128e78fe835f074e469f03db681ca9e
Determination: GOOD

C:\WINDOWS\system32\drivers\atmuni.sys
    Loaded from: FILE
PX5: 92E7BF650082565E607E05AD216E0900953642D5
MD5: e7ef69b38d17ba01f914ae8f66216a38
Determination: GOOD

C:\WINDOWS\system32\drivers\avgntdd.sys
    Loaded from: FILE
PX5: D19EF85900A6E90180C0008A7B9501002A0E323F
MD5: dbb742f7a678a071761648926a441672
Determination: GOOD

C:\WINDOWS\system32\drivers\avgntmgr.sys
    Loaded from: FILE
PX5: 286CF36B0047EB613AE00029F5BCB80087260A58
MD5: 05edf0e1482625bd6953760a77656673
Determination: GOOD

C:\WINDOWS\system32\drivers\beep.sys
    Loaded from: FILE
PX5: F62FA4F780D77A5110B2005CD7507900637E04C1
MD5: da1f27d85e0d1525f6621372e7b685e9
Determination: GOOD

C:\WINDOWS\system32\drivers\bridge.sys
    Loaded from: FILE
PX5: 69CABDC3803104ED17D001BEA902E2004A7836B0
MD5: e4e6a0922e3d983728c9ad4e8d466954
Determination: GOOD

C:\WINDOWS\system32\drivers\cbidf2k.sys
    Loaded from: FILE
PX5: 7B8DA5F780B7DA7536FE00ABA71B6C00B12776D7
MD5: 90a673fc8e12a79afbed2576f6a7aaf9
Determination: GOOD

C:\WINDOWS\system32\drivers\cdaudio.sys
    Loaded from: FILE
PX5: 7D0D30B9001A5352491B006D9C79D000079079B1
MD5: c1b486a7658353d33a10cc15211a873b
Determination: GOOD

C:\WINDOWS\system32\drivers\cdfs.sys
    Loaded from: FILE
PX5: 0225C13D004CC9CDF93000922132D000BA57D976
MD5: cd7d5152df32b47f4e36f710b35aae02
Determination: GOOD

C:\WINDOWS\system32\drivers\cdr4_xp.sys
    Loaded from: FILE
PX5: C8104DA1808A5DEE09FC008AD65C6900B79BCD14
MD5: bf79e659c506674c0497cc9c61f1a165
Determination: GOOD

C:\WINDOWS\system32\drivers\cdralw2k.sys
    Loaded from: FILE
PX5: 9824CFC900F05AAF0AF10058B4C7A500B79BCD14
MD5: 2c41cd49d82d5fd85c72d57b6ca25471
Determination: GOOD

C:\WINDOWS\system32\drivers\cinemst2.sys
    Loaded from: FILE
PX5: 7C4B5F6480542F0A010D0467679A3400F24D4424
MD5: 0cccbd6ef94910804921bf04a2107ef8
Determination: GOOD

C:\WINDOWS\system32\drivers\classpnp.sys
    Loaded from: FILE
PX5: 61280642007AE0BEC20400D8EC4D8200079FF3CE
MD5: d86173b401470f06d9810f7962969ddf
Determination: GOOD

C:\WINDOWS\system32\drivers\cpqdap01.sys
    Loaded from: FILE
PX5: C60D75F500CE16D02E4100D9B4337E008A228DE3
MD5: 9624293e55ad405415862b504ca95b73
Determination: GOOD

C:\WINDOWS\system32\drivers\crusoe.sys
    Loaded from: FILE
PX5: E4FE1A7080AF31429EBC00A2612936006E0D7B97
MD5: f8c288d89ad71bf1aff0f9e4db5d3a10
Determination: GOOD

C:\WINDOWS\system32\drivers\diskdump.sys
    Loaded from: FILE
PX5: 6D7A5F848072A37B37EB00C342763700264F9014
MD5: d16c81677a9be399c63cd2ea486472a5
Determination: GOOD

C:\WINDOWS\system32\drivers\DK2USB.sys
    Loaded from: FILE
PX5: B41501E96093FA0A76F20070B9CF7000DE2643AC
MD5: 2f6cd2d9739cbb0f69d17bc6a8506d18
Determination: GOOD

C:\WINDOWS\system32\drivers\dkpccard.sys
    Loaded from: FILE
PX5: 3D64539CD02EA6161EC2005655EA050028F3ADF2
MD5: b0f0ddd77b688a4a4a040be81a04a0c3
Determination: GOOD

C:\WINDOWS\system32\drivers\DKU5FLd.sys
    Loaded from: FILE
PX5: 688C75EF3600A933405C005B1448F100F3E62C8C
MD5: db913c87fe7397c190f8f6070e372ea3
Determination: GOOD

C:\WINDOWS\system32\drivers\drmk.sys
    Loaded from: FILE
PX5: 73B664558055CFD9EB9800CC44976A00031F37A9
MD5: ff86422268de771d571e123eb7092c6a
Determination: GOOD

C:\WINDOWS\system32\drivers\dxapi.sys
    Loaded from: FILE
PX5: D0E069F50027643C29470029619BD400B7B7054A
MD5: fe97d0343acfdebdd578fc67cc91fa87
Determination: GOOD

C:\WINDOWS\system32\drivers\dxg.sys
    Loaded from: FILE
PX5: 3F54B7A780F0ED98157C011AE18D4A00EE6485EB
MD5: d3dac8432110aad0b02a58b4459ab835
Determination: GOOD

C:\WINDOWS\system32\drivers\dxgthk.sys
    Loaded from: FILE
PX5: 0164AB8900598A330DE900E4FEF37900B79BCD14
MD5: a73f5d6705b1d820c19b18782e176efd
Determination: GOOD

C:\WINDOWS\system32\drivers\enum1394.sys
    Loaded from: FILE
PX5: 4E7FF71200A58CFF197100D1CCE6B600C8D9E0FF
MD5: 80d1b490b60e74e002dc116ec5d41748
Determination: GOOD

C:\WINDOWS\system32\drivers\fastfat.sys
    Loaded from: FILE
PX5: 1E68B78D00BA4E2F30E102605EF38B00BED2E67D
MD5: 3117f595e9615e04f05a54fc15a03b20
Determination: GOOD

C:\WINDOWS\system32\drivers\fdc.sys
    Loaded from: FILE
PX5: 030113CC009ED3836B77000B64308F0030511E66
MD5: ced2e8396a8838e59d8fd529c680e02c
Determination: GOOD

C:\WINDOWS\system32\drivers\fips.sys
    Loaded from: FILE
PX5: 1007D8C50089CEC889D600EFFDE6B800D02A5DA9
MD5: 333fbbc71bdcbb46c58a3b51b3d51184
Determination: GOOD

C:\WINDOWS\system32\drivers\FLC20Ld.sys
    Loaded from: FILE
PX5: 3EF92338964DF3B741200057B33A5C001BEC7AD8
MD5: 0714b67d152eb5c7acdbbc80705f6d33
Determination: GOOD

C:\WINDOWS\system32\drivers\flpydisk.sys
    Loaded from: FILE
PX5: 60E1171000EEA79E50BF00391F7EE000F2860CEC
MD5: 0dd1de43115b93f4d85e889d7a86f548
Determination: GOOD

C:\WINDOWS\system32\drivers\FlsFWLdr.sys
    Loaded from: FILE
PX5: DF304D03FF2B00C6C37B007DF7712400C94EFFCD
MD5: b1d099d50462df25229b9d14b3b0d567
Determination: GOOD

C:\WINDOWS\system32\drivers\FLSUSB.SYS
    Loaded from: FILE
PX5: 94540F8D56E70D83CA6B00365CD47400A3A1180A
MD5: 813443b79500e188e2c05fc1ed4c5446
Determination: GOOD

C:\WINDOWS\system32\drivers\FlsUsbLd.sys
    Loaded from: FILE
PX5: 4E04DB955896C974695D0063C85ADF00B029810E
MD5: a9a1064ac60f31a8e71a75f78b00435c
Determination: GOOD

C:\WINDOWS\system32\drivers\fps11sys.sys
    Loaded from: FILE
PX5: 458ABB80E0BBB44E16B801CA5260F800CA1EC797
MD5: 739d363cbcb148e8e4bdc8f92a84f71c
Determination: GOOD

C:\WINDOWS\system32\drivers\fsvga.sys
    Loaded from: FILE
PX5: 78ACD409008333CF30C90046F776F800BAB458CE
MD5: 25a7f5539209be062d4bb3f9cd84bd16
Determination: GOOD

C:\WINDOWS\system32\drivers\fs_rec.sys
    Loaded from: FILE
PX5: 2E3179C900CB71741FBA004F645EEB00865149D3
MD5: 3e1e2bd4f39b0e2b7dc4f4d2bcc2779a
Determination: GOOD

C:\WINDOWS\system32\drivers\Hdaudio.sys
    Loaded from: FILE
PX5: FED5214C00F8BBCCBC1101245310060066923237
MD5: 9131ede087af04a7d80f7ebadc164254
Determination: GOOD

C:\WINDOWS\system32\drivers\hhkusb.sys
    Loaded from: FILE
PX5: 0B427E62001E8B6C445300ABCC09EA002EF88263
MD5: 3dc08800625198edc648e05f0e909cfe
Determination: GOOD

C:\WINDOWS\system32\drivers\hidclass.sys
    Loaded from: FILE
PX5: 800EAA28801FAC928DC800F3F0296600134890AF
MD5: 378055ab8dda86228683c697c4e11685
Determination: GOOD

C:\WINDOWS\system32\drivers\hidparse.sys
    Loaded from: FILE
PX5: 202AE5AF805FDB4161470039E900C0009EB401B0
MD5: 5fff41cd5108e9051d255c37825af697
Determination: GOOD

C:\WINDOWS\system32\drivers\ks.sys
    Loaded from: FILE
PX5: 78D9F49380D52F3B2603022FFE8CE100B4CA1585
MD5: b9540e258f952650de8dec68719a5c97
Determination: GOOD

C:\WINDOWS\system32\drivers\ksecdd.sys
    Loaded from: FILE
PX5: 774C935980F76922670D01959D71E6009D9267E6
MD5: eb7ffe87fd367ea8fca0506f74a87fbb
Determination: GOOD

C:\WINDOWS\system32\drivers\mcd.sys
    Loaded from: FILE
PX5: 874B185900D5916B1EF900C2FE181D00136FAB22
MD5: d1f8be91ed4ddb671d42e473e3fe71ab
Determination: GOOD

C:\WINDOWS\system32\drivers\mf.sys
    Loaded from: FILE
PX5: F49C56310087ADB9F998009652109C00BB35FCB1
MD5: 729d83e56c29c510258a6e9e79ffddc3
Determination: GOOD

C:\WINDOWS\system32\drivers\mnmdd.sys
    Loaded from: FILE
PX5: 33A41DEC8064684210700001C4EA1400320E2D4F
MD5: 4ae068242760a1fb6e1a44bf4e16afa6
Determination: GOOD

C:\WINDOWS\system32\drivers\modem.sys
    Loaded from: FILE
PX5: F22F2ACE0067686F7617004AA04CD400DCD5102E
MD5: b30d2db351e3191bd71232036cfe711a
Determination: GOOD

C:\WINDOWS\system32\drivers\mountmgr.sys
    Loaded from: FILE
PX5: 7309084F00AE944FA5B9001585E15200FF872CDC
MD5: 65653f3b4477f3c63e68a9659f85ee2e
Determination: GOOD

C:\WINDOWS\system32\drivers\mqac.sys
    Loaded from: FILE
PX5: A4B93ADE00A3CC201DAC01B48E57ED0024CEA9D4
MD5: db07b0088cdfd20c2a22e675120ede34
Determination: GOOD

C:\WINDOWS\system32\drivers\msfs.sys
    Loaded from: FILE
PX5: 075BA4B3803111464A9700E6E20263008B5F85A4
MD5: 561b3a4333ca2dbdba28b5b956822519
Determination: GOOD

C:\WINDOWS\system32\drivers\mup.sys
    Loaded from: FILE
PX5: 488AE40380446D0EA57D014A890CCF00C681450A
MD5: 82035e0f41c2dd05ae41d27fe6cf7de1
Determination: GOOD

C:\WINDOWS\system32\drivers\ndis.sys
    Loaded from: FILE
PX5: D3D6286080F2E0F0CA7A02249DEC7F001D734284
MD5: 558635d3af1c7546d26067d5d9b6959e
Determination: GOOD

C:\WINDOWS\system32\drivers\ndproxy.sys
    Loaded from: FILE
PX5: FB8873A080F72F00942D005DFF5068001A60ED1C
MD5: 59fc3fb44d2669bc144fd87826bb571f
Determination: GOOD

C:\WINDOWS\system32\drivers\nikedrv.sys
    Loaded from: FILE
PX5: 31AFD82600B7B0E92F3400332F79D6008B90E2A9
MD5: be984d604d91c217355cdd3737aad25d
Determination: GOOD

C:\WINDOWS\system32\drivers\nmnt.sys
    Loaded from: FILE
PX5: 4F6E51DE803D5E299DD30090E39024009FB3BD94
MD5: 60cf8c7192b3614f240838ddbaa4a245
Determination: GOOD

C:\WINDOWS\system32\drivers\npfs.sys
    Loaded from: FILE
PX5: 20DA5FD280719B5A789A008E44C90300CCA72CD2
MD5: 4f601bcb8f64ea3ac0994f98fed03f8e
Determination: GOOD

C:\WINDOWS\system32\drivers\ntfs.sys
    Loaded from: FILE
PX5: 66DDEA8480FFB1BBC4F70843EE9A6E00F3167B2F
MD5: b78be402c3f63dd55521f73876951cdd
Determination: GOOD

C:\WINDOWS\system32\drivers\null.sys
    Loaded from: FILE
PX5: 7047032880E19D2B0B4300F23A496700B79BCD14
MD5: 73c1e1f395918bc2c6dd67af7591a3ad
Determination: GOOD

C:\WINDOWS\system32\drivers\nwlnkipx.sys
    Loaded from: FILE
PX5: B455E8AE80D2C31959AC01662F7EE7009B9C1B54
MD5: 79ea3fcda7067977625b3363a2657c80
Determination: GOOD

C:\WINDOWS\system32\drivers\nwlnknb.sys
    Loaded from: FILE
PX5: 04BB889700AAB944F73D0096D8122400A0912260
MD5: 56d34a67c05e94e16377c60609741ff8
Determination: GOOD

C:\WINDOWS\system32\drivers\nwlnkspx.sys
    Loaded from: FILE
PX5: 38D410228045AB3DDA820098A4E752008EA9780C
MD5: c0bb7d1615e1acbdc99757f6ceaf8cf0
Determination: GOOD

C:\WINDOWS\system32\drivers\nwrdr.sys
    Loaded from: FILE
PX5: B0D1753100E533537F3C02D47C98B30050AB7A8C
MD5: 03373a79440473062c6f3aedec6a49c8
Determination: GOOD

C:\WINDOWS\system32\drivers\oprghdlr.sys
    Loaded from: FILE
PX5: 691E96B980EF4DD30D2300DD63265E00B79BCD14
MD5: 4bb30ddc53ebc76895e38694580cdfe9
Determination: GOOD

C:\WINDOWS\system32\drivers\p3.sys
    Loaded from: FILE
PX5: BC6A682380C862C2B56A0022A0FE9B00ED93F9A1
MD5: acf18d9f903b29790b8f8e01535f37d4
Determination: GOOD

C:\WINDOWS\system32\drivers\parport.sys
    Loaded from: FILE
PX5: 4A82394D8019443A393C017F618C1500973C174B
MD5: 3490ead0612bfd0e7c1b864ee24e6a4a
Determination: GOOD

C:\WINDOWS\system32\drivers\partmgr.sys
    Loaded from: FILE
PX5: CD5C0D6C00BC0D35496D00DCA66DE800E5B26EF9
MD5: 3334430c29dc338092f79c38ef7b4cd0
Determination: GOOD

C:\WINDOWS\system32\drivers\parvdm.sys
    Loaded from: FILE
PX5: D78233F200E873FD1B40001BF0D2FD00501E1542
MD5: 0dabef655a444cb1e193626fb1d24b9f
Determination: GOOD

C:\WINDOWS\system32\drivers\pciidex.sys
    Loaded from: FILE
PX5: DD4713DB00668128625F00A6F0879B00FA781103
MD5: 520b91ab011456b940d9b05fc91108ff
Determination: GOOD

C:\WINDOWS\system32\drivers\portcls.sys
    Loaded from: FILE
PX5: 4C3FDB6000983D64179702C05212D30014AEE1A4
MD5: bc6b2bc69c1e009443e8b1fe2db96101
Determination: GOOD

C:\WINDOWS\system32\drivers\processr.sys
    Loaded from: FILE
PX5: AF0FBDFA005416189A000040A9FF7600B2B78287
MD5: 2be7f01e46970e946aa18cba3de019eb
Determination: GOOD

C:\WINDOWS\system32\drivers\rawwan.sys
    Loaded from: FILE
PX5: 3623B25780ED679386B1006F511AA700A8DBED63
MD5: 01524cd237223b18adbb48f70083f101
Determination: GOOD

C:\WINDOWS\system32\drivers\rdpwd.sys
    Loaded from: FILE
PX5: 58B1048788D70AE7203D02788FCE5900DFC3CF12
MD5: d4f5643d7714ef499ae9527fdcd50894
Determination: GOOD

C:\WINDOWS\system32\drivers\rio8drv.sys
    Loaded from: FILE
PX5: 689BF8B80051228F2F8000540597A5009049C8B5
MD5: a56fe08ec7473e8580a390bb1081cdd7
Determination: GOOD

C:\WINDOWS\system32\drivers\riodrv.sys
    Loaded from: FILE
PX5: 31AFD82600B7B0E92F3400332F79D600DA0E26E7
MD5: 0a854df84c77a0be205bfeab2ae4f0ec
Determination: GOOD

C:\WINDOWS\system32\drivers\RMCast.sys
    Loaded from: FILE
PX5: 3F78954280F868910DA803F8FC6F1400E3565A6B
MD5: 35e81b908ae4e97fc7bdf4607c516ff4
Determination: GOOD

C:\WINDOWS\system32\drivers\rndismp.sys
    Loaded from: FILE
PX5: F5E4CD0480C828137517005714D7F1002CA246EF
MD5: 7ce8b277f3207ea82d7d22ad348befc6
Determination: GOOD

C:\WINDOWS\system32\drivers\rootmdm.sys
    Loaded from: FILE
PX5: F3E7979300A8EEA3177100743639FF0080591A18
MD5: d8b0b4ade32574b2d9c5cc34dc0dbbe7
Determination: GOOD

C:\WINDOWS\system32\drivers\scsiport.sys
    Loaded from: FILE
PX5: BAEDAB6C00163F8D78C6012DFF6A240038CAB5E8
MD5: d7fd0ff761e28ac0ea35ad71e0cd67e9
Determination: GOOD

C:\WINDOWS\system32\drivers\sdbus.sys
    Loaded from: FILE
PX5: BA494C87000D7A4F08B4013D43118E00EBAF0531
MD5: 02fc71b020ec8700ee8a46c58bc6f276
Determination: GOOD

C:\WINDOWS\system32\drivers\serenum.sys
    Loaded from: FILE
PX5: 4F3C7EAD801665B83CEF00E324D68C009966C2DD
MD5: a2d868aeeff612e70e213c451a70cafb
Determination: GOOD

C:\WINDOWS\system32\drivers\serial.sys
    Loaded from: FILE
PX5: 84269A0C80DA4AE9020E01315B99420097A96A32
MD5: dbab3260e7eb3398cb87267d1410fad4
Determination: GOOD

C:\WINDOWS\system32\drivers\sffdisk.sys
    Loaded from: FILE
PX5: AF380F15808E7A972B3D001ABF251400652E930D
MD5: 1d9f1bec651815741f088a8fb88e17ee
Determination: GOOD

C:\WINDOWS\system32\drivers\sffp_sd.sys
    Loaded from: FILE
PX5: 35A841FC0030CAF028AD002AAB39F600184DF1C4
MD5: 586499fd312ffd7f78553f408e71682e
Determination: GOOD

C:\WINDOWS\system32\drivers\smclib.sys
    Loaded from: FILE
PX5: 8A9722BD003AC63939580092009AC20088FC78D8
MD5: 017daecf0ed3aa731313433601ec40fa
Determination: GOOD

C:\WINDOWS\system32\drivers\sonydcam.sys
    Loaded from: FILE
PX5: 0B9EAE4180F27A6F636900C11EF4E3002F2E7423
MD5: addc9e4757a68ab60562ad3cb9c288d6
Determination: GOOD

C:\WINDOWS\system32\drivers\stream.sys
    Loaded from: FILE
PX5: E9758E5F00F11219BE3300252F112F00F38A6C5B
MD5: c43356072eb3e88cd62958db10cead47
Determination: GOOD

C:\WINDOWS\system32\drivers\tape.sys
    Loaded from: FILE
PX5: 1278B1EF80B32A683A3F0096934CD200746C2998
MD5: a2a9ca0d1a9ac1ff54220aa0789fe5cf
Determination: GOOD

C:\WINDOWS\system32\drivers\TCPIP.SYS.ORIGINAL
    Loaded from: FILE
PX5: 9B98417C80D576637AFA05B3DB10C5007C1B8E5D
MD5: 9f4b36614a0fc234525ba224957de55c
Determination: GOOD

C:\WINDOWS\system32\drivers\tcpip6.sys
    Loaded from: FILE
PX5: 32CF71DE80C22838693903AC6683F600681C92FD
MD5: 4d58bb1ae8841aafd8790ad7e1e3b8ea
Determination: GOOD

C:\WINDOWS\system32\drivers\tdi.sys
    Loaded from: FILE
PX5: D2E197368059988748C500010EF1F2006AC8B3D9
MD5: 6891b74ab9a016064e82a419388d0601
Determination: GOOD

C:\WINDOWS\system32\drivers\tdpipe.sys
    Loaded from: FILE
PX5: 3FCBC6C1086354332FFD003DE3512D00CB438F2A
MD5: 38d437cf2d98965f239b0abcd66dcb0f
Determination: GOOD

C:\WINDOWS\system32\drivers\tdtcp.sys
    Loaded from: FILE
PX5: 8942980688A6EF76558200032BC6D800A375DA91
MD5: ed0580af02502d00ad8c4c066b156be9
Determination: GOOD

C:\WINDOWS\system32\drivers\tosdvd.sys
    Loaded from: FILE
PX5: 628D18D7002B7E40CAFC00177DE27100B717B0CE
MD5: 699450901c5ccfd82357cbc531cedd23
Determination: GOOD

C:\WINDOWS\system32\drivers\tsbvcap.sys
    Loaded from: FILE
PX5: 87882BA880A89CF8537500BE0BB03800CD0425CD
MD5: d74a8ec75305f1d3cfde7c7fc1bd62a9
Determination: GOOD

C:\WINDOWS\system32\drivers\tunmp.sys
    Loaded from: FILE
PX5: CBD0AEE38035D6A5300B00CF5C419100CB427E52
MD5: 87a0e9e18c10a9e454238e3330e2a26d
Determination: GOOD

C:\WINDOWS\system32\drivers\udfs.sys
    Loaded from: FILE
PX5: 5FD2643980FF4C93024701049FF5A900913F1B6B
MD5: 12f70256f140cd7d52c58c7048fde657
Determination: GOOD

C:\WINDOWS\system32\drivers\usb8023.sys
    Loaded from: FILE
PX5: 6C38C2AE8005B13A31EC001CD2E193004FD5788A
MD5: af090265ec388bab320f1ff7e7a7d5ea
Determination: GOOD

C:\WINDOWS\system32\drivers\usbcamd.sys
    Loaded from: FILE
PX5: D11C923000C0476E5DDA002FC1E34E00BC32EEBC
MD5: 2654eecc6fb13603ebddcd5c8ea943d1
Determination: GOOD

C:\WINDOWS\system32\drivers\usbcamd2.sys
    Loaded from: FILE
PX5: D11C923080C0476E5DDA002FC1E34E002B3DC035
MD5: 61018ba9df6b63e51d9753c980e73ec2
Determination: GOOD

C:\WINDOWS\system32\drivers\usbd.sys
    Loaded from: FILE
PX5: F328D8568037A02F12FA00A0B0E095005A1BACA9
MD5: 596eb39b50d6ebd9b734dc4ae0544693
Determination: GOOD

C:\WINDOWS\system32\drivers\usbintel.sys
    Loaded from: FILE
PX5: 46A2709480A8B9863E99007B5ED70B000E5AFC3D
MD5: 2853fd4c4489e0f8bfcf78efcdb7e998
Determination: GOOD

C:\WINDOWS\system32\drivers\usbport.sys
    Loaded from: FILE
PX5: A1EF174180FC34972E3902AA15903200854523B2
MD5: 2034ca78f9c6e787b4b76d81ac888351
Determination: GOOD

C:\WINDOWS\system32\drivers\vdmindvd.sys
    Loaded from: FILE
PX5: 5DFBB3300012B79DE3E300778EC928004FCDB2AF
MD5: 55e01061c74a8cefff58dc36114a8d3f
Determination: GOOD

C:\WINDOWS\system32\drivers\verfile.tic
    Loaded from: FILE
PX5: D5BA8EE40D4544F500DA00431B791A007E213BE2

C:\WINDOWS\system32\drivers\videoprt.sys
    Loaded from: FILE
PX5: BBE87C52808D55E2379801ACFA738900C0632DEC
MD5: d5a9d123f5ed7c9965a481bd20cf66d8
Determination: GOOD

C:\WINDOWS\system32\drivers\vmnet.sys
    Loaded from: FILE
PX5: 8DAC7CD9306CFFB7453700F04A77EE003A3950AE
MD5: 9c4735e966810ab27edb086b8d213d16
Determination: GOOD

C:\WINDOWS\system32\drivers\volsnap.sys
    Loaded from: FILE
PX5: AC3AFD0E80294768D03200EE1153E40098EF3DD1
MD5: 698869e82c57169f2140c04a272bf12b
Determination: GOOD

C:\WINDOWS\system32\drivers\wmilib.sys
    Loaded from: FILE
PX5: 7A1B707D0098974111DB00C8E2E10C00FCC422B3
MD5: 2f31b7f954bed437f2c75026c65caf7b
Determination: GOOD

C:\WINDOWS\system32\drivers\wpdusb.sys
    Loaded from: FILE
PX5: A638B0C8000D268C4AED005D8693620025555564
MD5: 1385e5aa9c9821790d33a9563b8d2dd0
Determination: GOOD

C:\WINDOWS\system32\drivers\ws2ifsl.sys
    Loaded from: FILE
PX5: E3FE23AC0026FAFE2FF10052E88519002DA1A545
MD5: 6abe6e225adb5a751622a9cc3bc19ce8
Determination: GOOD

C:\Documents and Settings\All Users\Dati applicazioni\desktop.ini
    Loaded from: FILE
PX5: 88CF0FF93E2A4A9F00A700BD9B751300B2E9E22B

C:\Documents and Settings\Davide\Dati applicazioni\desktop.ini
    Loaded from: FILE
PX5: 88CF0FF93E2A4A9F00A700BD9B751300B2E9E22B

C:\Documents and Settings\Davide\Desktop\putty.exe
    Loaded from: FILE
PX5: 7FABB216008DE56AF0A806137EB056005E5B5D87
MD5: 9bb6826905965c13be1c84cc0ff83f42
Determination: GOOD


Results::
Known malicious programs: 2



End of PrevxCSI Log - http://www.prevx.com 


avscan

Codice PHP:

AntiVir PersonalEdition Classic
Report file date: domenica 13 gennaio 2008  12:39

Scanning for 1027920 virus strains and unwanted programs.

Licensed to:      Avira AntiVir PersonalEdition Classic
Serial number:    0000149996-ADJIE-0001
Platform:         Windows XP
Windows version:  (Service Pack 2)  [5.1.2600]
Username:         Davide
Computer name:    VAIO

Version information:
BUILD.DAT    : 270           15603 Bytes  19/09/2007 13:32:00
AVSCAN.EXE   : 7.0.6.1      290856 Bytes  10/09/2007 22:43:50
AVSCAN.DLL   : 7.0.6.0       49192 Bytes  10/09/2007 22:43:50
LUKE.DLL     : 7.0.5.3      147496 Bytes  10/09/2007 22:43:52
LUKERES.DLL  : 7.0.6.1       10280 Bytes  10/09/2007 22:43:52
ANTIVIR0.VDF : 6.40.0.0    11030528 Bytes  18/07/2007 23:25:53
ANTIVIR1.VDF : 7.0.1.95    3367424 Bytes  14/12/2007 08:32:52
ANTIVIR2.VDF : 7.0.1.205    620544 Bytes  08/01/2008 15:53:48
ANTIVIR3.VDF : 7.0.1.227    161280 Bytes  11/01/2008 16:26:57
AVEWIN32.DLL : 7.6.0.46    3084800 Bytes  22/12/2007 06:27:10
AVWINLL.DLL  : 1.0.0.7       14376 Bytes  21/04/2007 19:00:22
AVPREF.DLL   : 7.0.2.2       25640 Bytes  10/09/2007 22:43:50
AVREP.DLL    : 7.0.0.1      155688 Bytes  21/04/2007 19:00:26
AVPACK32.DLL : 7.6.0.2      360488 Bytes  22/12/2007 06:27:10
AVREG.DLL    : 7.0.1.6       30760 Bytes  10/09/2007 22:43:50
AVARKT.DLL   : 1.0.0.20     278568 Bytes  10/09/2007 22:43:47
AVEVTLOG.DLL : 7.0.0.20      86056 Bytes  10/09/2007 22:43:50
NETNT.DLL    : 7.0.0.0        7720 Bytes  21/04/2007 19:00:24
RCIMAGE.DLL  : 7.0.1.30    2342952 Bytes  10/09/2007 22:43:41
RCTEXT.DLL   : 7.0.62.0      86056 Bytes  10/09/2007 22:43:41
SQLITE3.DLL  : 3.3.17.1     339968 Bytes  10/09/2007 22:43:53

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\programmi\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:, 
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: domenica 13 gennaio 2008  12:39

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'taskmgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
13 processes with 13 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
      [NOTE]      No virus was found!
Boot sector 'D:\'
      [NOTE]      No virus was found!

Starting to scan the registry.
The registry was scanned ( '31' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
      [WARNING]   The file could not be opened!
C:\Documents and Settings\Davide\Impostazioni locali\Dati applicazioni\Mozilla\Firefox\Profiles\tnoqnfjt.default\Cache\5A6F1C4Bd01
  [0] Archive type: RAR SFX (self extracting)
  --> patch.exe
      [DETECTION] Is the Trojan horse TR/Crypt.PEC2X.Gen
  --> crack.exe
      [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
      [INFO]      The file was moved to '47bffb6d.qua'!
Begin scan in 'D:\' <VAIO>


End of the scan: domenica 13 gennaio 2008  13:13
Used time: 33:52 min

The scan has been done completely.

   8248 Scanning directories
 216010 Files were scanned
      2 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
      0 files were deleted
      0 files were repaired
      1 files were moved to quarantine
      0 files were renamed
      1 Files cannot be scanned
 216008 Files not concerned
   1305 Archives were scanned
      1 Warnings
      0 Notes 


grazie

[murack83pa]

ciao borexino
purtroppo sei infetto da vundo
vai in questo 3d: guida x la rimozione del trojan vundo

segui quella guida e posta tutti i log li
se hai dubbi, postali li d'ora in avanti
questa discussione sarà piu tardi chiusa dal mod

riguardo il problema desktop sparito, prova questa breve guida:
http://www.hwupgrade.it/forum/showth...light=explorer

dopo che explorer sarà ricomparso, segui la guida x vundo, postando li,ok?

ciao

[borexino]

Ok Grazie mille!

seguirò l'altro 3d grazie

[xcdegasp]

chiudo essendo un doppione