|
|||||||
|
|
|
 |
|
|
Strumenti |
10-06-2008, 16:44
|
#1 |
|
Junior Member
Iscritto dal: Jun 2008
Messaggi: 3
|
[WinXP] Virus, AdvancedCleaner & Bastioneantivirus
Ciao, ho un virus nel pc che mi chiede sempre di aprire Internet Explorer e mi apre da solo Firefox. Mi mostra un messaggio di avviso che mi porta a siti penso anch'essi contenenti virus "bastioneantivirus" e "advancedcleaner". Ho fatto disattivato il ripristino configurazione di sistema, ho fatto una scansione con Avast! e non trova niente, ho fatto un'altra scansione con SpyBot S&D, ho cancellato i file corrotti ma il virus c'è ancora. Ho continuato a fare una scansione sempre con SpyBot ma non ha trovato più nulla. Ho quindi fatto una scansione con PrevxCSI e mi ha trovato dei file infatti che non posso cancellare perchè non ho la versione registrata. Come cancellarli senza dover registrare prevxCSI??? Il file LOG di prevxCSI è allegato... Vi prego aiutatemi.. è da almeno una settimana che va avanti così e il pc apre processi a non finire occupandomi tutta la banda di ram..
|
|
|
|
10-06-2008, 16:52
|
#2 |
|
Junior Member
Iscritto dal: Jun 2008
Messaggi: 3
|
non so perchè ma nn mi ha allegato il log... cmq è questo qui
Codice:
Prevx CSI Log - Version v1.9.112.135
Log Generated: 10/6/2008 16:33, Type: 0
Some non-malicious files are not included in this log.
C:\WINDOWS\System32\smss.exe InMem: 1 Det [G] PX5: EAEF384300B86E2BC60900AD18ED0300B6B454BF
C:\WINDOWS\system32\ntdll.dll InMem: 1 Det [G] PX5: 98EF83350066C70122B20B444BEBEA00D217A1B2
C:\WINDOWS\system32\csrss.exe InMem: 1 Det [G] PX5: 457E08CD00DE83E3183600665DD0AE001F0FA82A
C:\WINDOWS\system32\CSRSRV.dll InMem: 1 Det [G] PX5: 672F934100D50DA280D100335AB03A0006C3D206
C:\WINDOWS\system32\basesrv.dll InMem: 1 Det [G] PX5: CDE7154D0060E2E4CE1D00F8B4D58500AEAC4112
C:\WINDOWS\system32\winsrv.dll InMem: 1 Det [G] PX5: EA125ACC0017E3527A0804FB6E773E00D0D2275E
C:\WINDOWS\system32\GDI32.dll InMem: 1 Det [G] PX5: 9BE1D864000DF42650DF042E09425000C248761A
C:\WINDOWS\system32\KERNEL32.dll InMem: 1 Det [G] PX5: 0AD652AA00FC1D0CB2930F5593CD84005E517D9A
C:\WINDOWS\system32\USER32.dll InMem: 1 Det [G] PX5: D423C40D007DC87CD48F089CF302B800036F5CB9
C:\WINDOWS\system32\sxs.dll InMem: 1 Det [G] PX5: F6867B260073AE3BE8420A9D4CB88200ED96EA53
C:\WINDOWS\system32\ADVAPI32.dll InMem: 1 Det [G] PX5: DA31EA390036C3916C5C0A395DA4E3007CA4EABA
C:\WINDOWS\system32\RPCRT4.dll InMem: 1 Det [G] PX5: 64FF7BDB00B8F512E4E10855030F0C0078D17B4A
REGRPC - \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols - ncacn_np [rpcrt4.dll]
REGRPC - \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols - ncacn_ip_tcp [rpcrt4.dll]
REGRPC - \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols - ncadg_ip_udp [rpcrt4.dll]
REGRPC - \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols - ncacn_http [rpcrt4.dll]
C:\WINDOWS\system32\Apphelp.dll InMem: 1 Det [G] PX5: 2E534C590076A85BF05D01EC9E4FFB0089A4554F
C:\WINDOWS\system32\VERSION.dll InMem: 1 Det [G] PX5: 17E09890009DDCC84AAD00E153CBBA0071FD3882
C:\WINDOWS\system32\winlogon.exe InMem: 1 Det [G] PX5: D0D54E6C00E89575B4CC07CFE43BE400C1F31A26
C:\WINDOWS\system32\AUTHZ.dll InMem: 1 Det [G] PX5: 869C1EE500523D0FDE60003D7F38BD0038C5A93D
C:\WINDOWS\system32\msvcrt.dll InMem: 1 Det [G] PX5: EAD3CF360087D2AD3C120509FE506F008FB88290
C:\WINDOWS\system32\CRYPT32.dll InMem: 1 Det [G] PX5: DD3ED9060033BBFB2E83098709F8D4001E524429
REGWINLOG - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain - DllName [crypt32.dll]
C:\WINDOWS\system32\MSASN1.dll InMem: 1 Det [G] PX5: 09F301D4001F77D2E0150027945354004927323C
C:\WINDOWS\system32\NDdeApi.dll InMem: 1 Det [G] PX5: 8E19EB1100E774A0488300C192BED30080B1D3E4
C:\WINDOWS\system32\PROFMAP.dll InMem: 1 Det [G] PX5: 90AEB4A600D0EF596C4F00D134ACAA00BDFD0752
C:\WINDOWS\system32\NETAPI32.dll InMem: 1 Det [G] PX5: 0919F94300F3C16412B605F0CC86050045AA2AE7
C:\WINDOWS\system32\USERENV.dll InMem: 1 Det [G] PX5: 02BF46CD00DC848D207F0BA7D391AB00DCDEB32E
C:\WINDOWS\system32\PSAPI.DLL InMem: 1 Det [G] PX5: 5DB1DF3A00AE978A5A1800B9B5A8C30041FF3076
C:\WINDOWS\system32\REGAPI.dll InMem: 1 Det [G] PX5: BDCF1CB600ACB6D2C2EE007361942C0007606048
C:\WINDOWS\system32\Secur32.dll InMem: 1 Det [G] PX5: 2226211D005B7868DA45009E23898E00149E78C6
REGRPC - \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService - 9 [secur32.dll]
REGRPC - \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService - 10 [secur32.dll]
REGRPC - \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService - 16 [secur32.dll]
REGRPC - \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService - 18 [secur32.dll]
C:\WINDOWS\system32\SETUPAPI.dll InMem: 1 Det [G] PX5: 085443D800EAF0FA42960F6622B8E300CB4CB91D
C:\WINDOWS\system32\WINSTA.dll InMem: 1 Det [G] PX5: 1789B2A5005E39C8D2660086022E8500C3B9450D
C:\WINDOWS\system32\WINTRUST.dll InMem: 1 Det [G] PX5: 0D34C3E0002C3B32B2670226273B8500327F7603
C:\WINDOWS\system32\IMAGEHLP.dll InMem: 1 Det [G] PX5: 92D4CA5F00EA8A5C340F02F2506EE800E1319CFF
C:\WINDOWS\system32\WS2_32.dll InMem: 1 Det [G] PX5: 42D0077300700B1344D7019D11CF0E00A225E294
C:\WINDOWS\system32\WS2HELP.dll InMem: 1 Det [G] PX5: 097C6291004A18B14EEC00B4A6264D00B84611B9
C:\WINDOWS\system32\IMM32.DLL InMem: 1 Det [G] PX5: CDBF4DDD001A7574AE3A01510D252400AF18CE5E
C:\WINDOWS\system32\MSGINA.dll InMem: 1 Det [G] PX5: 0590994000D0A8B53A390FFB32187D003143117B
C:\WINDOWS\system32\SHELL32.dll InMem: 1 Det [G] PX5: C74DB9F400A749A98AD181C3816D18006A78E9E8
REGWINLOG - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon - VmApplet [rundll32 shell32,Control_RunDLL "sysdm.cpl"]
REGSHLEXHOOK - \REGISTRY\Machine\Software\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\InprocServer32 - {AEB6717E-7E19-11d0-97EE-00C04FD91972} [shell32.dll]
REGDELAY - \REGISTRY\Machine\Software\Classes\CLSID\{7849596a-48ea-486e-8937-a2a3009f31a9}\InprocServer32 - PostBootReminder [%SystemRoot%\system32\SHELL32.dll]
REGDELAY - \REGISTRY\Machine\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 - CDBurn [%SystemRoot%\system32\SHELL32.dll]
REGTOOLBAR - \REGISTRY\Machine\Software\Classes\CLSID\{0E5CBF21-D15F-11D0-8301-00AA005B4383}\InprocServer32 - {0E5CBF21-D15F-11D0-8301-00AA005B4383} [%SystemRoot%\system32\SHELL32.dll]
REGEXPSHELL - \REGISTRY\Machine\Software\Classes\CLSID\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}\InprocServer32 - [%SystemRoot%\system32\SHELL32.dll]
REGEXPSHELL - \REGISTRY\Machine\Software\Classes\CLSID\{24F14F01-7B1C-11d1-838f-0000F80461CF}\InprocServer32 - [%SystemRoot%\system32\SHELL32.dll]
REGEXPSHELL - \REGISTRY\Machine\Software\Classes\CLSID\{24F14F02-7B1C-11d1-838f-0000F80461CF}\InprocServer32 - [%SystemRoot%\system32\SHELL32.dll]
REGEXPSHELL - \REGISTRY\Machine\Software\Classes\CLSID\{66742402-F9B9-11D1-A202-0000F81FEDEE}\InprocServer32 - [%SystemRoot%\system32\SHELL32.dll]
REGEXPSHELL - \REGISTRY\Machine\Software\Classes\CLSID\{09799AFB-AD67-11d1-ABCD-00C04FC30936}\InprocServer32 - [%SystemRoot%\system32\SHELL32.dll]
REGEXPSHELL - \REGISTRY\Machine\Software\Classes\CLSID\{A470F8CF-A1E8-4f65-8335-227475AA5C46}\InprocServer32 - [%SystemRoot%\system32\SHELL32.dll]
REGEXPSHELL - \REGISTRY\Machine\Software\Classes\CLSID\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}\InprocServer32 - [%SystemRoot%\system32\SHELL32.dll]
REGEXPSHELL - \REGISTRY\Machine\Software\Classes\CLSID\{ef43ecfe-2ab9-4632-bf21-58909dd177f0}\InprocServer32 - [%SystemRoot%\system32\SHELL32.dll]
REGEXPSHELL - \REGISTRY\Machine\Software\Classes\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InprocServer32 - [shell32.dll]
C:\WINDOWS\system32\SHLWAPI.dll InMem: 1 Det [GP] PX5: 7D1168D10076E74F3C1407B6331C07007C1C46D8
C:\WINDOWS\system32\COMCTL32.dll InMem: 1 Det [G] PX5: 58711F2E00E7D4E26C3A0946506D1B008DF24393
C:\WINDOWS\system32\ODBC32.dll InMem: 1 Det [G] PX5: A52E0F9B00E1697FD015036BACB9C10078B33C67
C:\WINDOWS\system32\comdlg32.dll InMem: 1 Det [G] PX5: D1079ADC002DFDB3487D042258AF1F00F0FB72E4
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll InMem: 1 Det [G] PX5: 6C2DA8F700C891F6167D107D5B6FFD004BDE3FD7
C:\WINDOWS\system32\odbcint.dll InMem: 1 Det [G] PX5: 17030F830012904980B601AEBBE29A00B94ABB0D
C:\WINDOWS\system32\SHSVCS.dll InMem: 1 Det [G] PX5: 593617FD0028BAC30E8502553039DB005AE5DAA4
C:\WINDOWS\system32\sfc.dll InMem: 1 Det [G] PX5: 16BA5AAF006AA18914FD002B882F7D0027109E10
C:\WINDOWS\system32\sfc_os.dll InMem: 1 Det [G] PX5: 53B4176200566C3D2844029CE35AC3003149753E
C:\WINDOWS\system32\ole32.dll InMem: 1 Det [G] PX5: 85434D2700A77E169AF713D8C3B0DC00CF7A5885
C:\WINDOWS\system32\msctfime.ime InMem: 1 Det [G] PX5: A0883E0F00146873B4BB0255156E8700B1387578
C:\WINDOWS\system32\WINSCARD.DLL InMem: 1 Det [G] PX5: 49E7BE4C00EA6409841F01CF112B5500E75D0DD5
C:\WINDOWS\system32\WTSAPI32.dll InMem: 1 Det [G] PX5: 1CDB8610004CDD7F48CB007245065C0097B2DD61
C:\WINDOWS\system32\WINMM.dll InMem: 1 Det [G] PX5: 8B514EB5005BE141BAA3022C5AD8F400CAAEB534
C:\WINDOWS\system32\uxtheme.dll InMem: 1 Det [G] PX5: D88EDDB7006796175ABD03E85DCCE30039E51CA1
C:\WINDOWS\system32\Ati2evxx.dll InMem: 1 Det [G] PX5: DEFAAE8900D46D6BF0AC006C95262800E5AFE8D4
REGWINLOG - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent - DLLName [Ati2evxx.dll]
C:\WINDOWS\system32\cscdll.dll InMem: 1 Det [G] PX5: 36CC0D8B0009157E909D017F19231E0041E0A92E
REGWINLOG - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll - DLLName [cscdll.dll]
C:\WINDOWS\system32\rsaenh.dll InMem: 1 Det [G] PX5: 19B797A900BB112F5426027FDD39EC001D5760F1
C:\WINDOWS\system32\WlNotify.dll InMem: 1 Det [G] PX5: 3C08F14B008AD1456C990109A197100002605D8A
REGWINLOG - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp - DLLName [wlnotify.dll]
REGWINLOG - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule - DllName [wlnotify.dll]
REGWINLOG - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn - DLLName [WlNotify.dll]
REGWINLOG - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv - DllName [wlnotify.dll]
REGWINLOG - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon - DLLName [wlnotify.dll]
C:\WINDOWS\system32\WINSPOOL.DRV InMem: 1 Det [G] PX5: A35B6D1900D11F1D3E5102B97EFC0500E974203D
C:\WINDOWS\system32\MPR.dll InMem: 1 Det [G] PX5: 4E92FBCC002BB291EAE5000F10C15F00A1E7AD21
C:\WINDOWS\system32\WgaLogon.dll InMem: 1 Det [G] PX5: 89BDBABD808784849D2F03E53DB2B60038D1784F
REGWINLOG - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon - DllName [WgaLogon.dll]
C:\WINDOWS\system32\OLEAUT32.dll InMem: 1 Det [G] PX5: D947C0320023C1EC686E08689A597900A28F94EE
C:\WINDOWS\system32\NTMARTA.DLL InMem: 1 Det [G] PX5: 1D452FC300F103CCD4AF019C0B4A1000D0C05759
REGLSA - \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider - ProviderPath [%SystemRoot%\system32\ntmarta.dll]
C:\WINDOWS\system32\WLDAP32.dll InMem: 1 Det [G] PX5: 9E81915C002CE532A4010226E6EC3100C992DBA0
C:\WINDOWS\system32\SAMLIB.dll InMem: 1 Det [G] PX5: 6D3509C200E203F6FAF00078D7EA35003D8429D0
C:\WINDOWS\system32\CLBCATQ.DLL InMem: 1 Det [G] PX5: DDDD061C00DDD1C99CCC07876975D5003DF223DA
C:\WINDOWS\system32\COMRes.dll InMem: 1 Det [G] PX5: D3FD3AB2006F991AE8A30C7CE8FD780095D6A640
C:\WINDOWS\system32\cscui.dll InMem: 1 Det [G] PX5: 8E7CD5F4006500C1188E05B6248B9200BAF8CA73
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{750fdf0e-2a26-11d1-a3ea-080036587f03}\InprocServer32 - {750fdf0e-2a26-11d1-a3ea-080036587f03} [%SystemRoot%\System32\cscui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{10CFC467-4392-11d2-8DB4-00C04FA31A66}\InprocServer32 - {10CFC467-4392-11d2-8DB4-00C04FA31A66} [%SystemRoot%\System32\cscui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}\InprocServer32 - {AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E} [%SystemRoot%\System32\cscui.dll]
C:\WINDOWS\system32\ryavjsx.dll InMem: 1 Det [BP] PX5: 9746C1EC000809F23E4D01166482FA002EA35D4C Malware Group: Malicious Software
REGWINLOG - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\zmcuiyzr - DLLName [ryavjsx.dll]
C:\WINDOWS\system32\iphlpapi.dll InMem: 1 Det [G] PX5: 352A2D920078A26F766401FF71F80300DA785AEF
C:\WINDOWS\system32\srclient.dll InMem: 1 Det [G] PX5: B81A1AC100CB8448087701697E088400D5013702
C:\WINDOWS\System32\Wbem\framedyn.dll InMem: 1 Det [G] PX5: 277AC8E500749021D640021DA8B978008E053355
C:\WINDOWS\system32\wininet.dll InMem: 1 Det [G] PX5: ABCD278A00291EAB9CB10C6C5066FA00EA95AA8C
C:\WINDOWS\system32\Normaliz.dll InMem: 1 Det [G] PX5: E3FC1A7000BA1C775C420052AC60C600F74EBAFC
C:\WINDOWS\system32\iertutil.dll InMem: 1 Det [G] PX5: 815282E10009ACA216050420859FE100589FF13B
C:\WINDOWS\system32\dnsapi.dll InMem: 1 Det [G] PX5: 11CECDE200D9BD6D464302AEA92F7D00710DA59A
C:\WINDOWS\system32\msv1_0.dll InMem: 1 Det [G] PX5: 7DDBB66E00F27A20FA0D01B81C65BB005752F1B9
REGLSA - \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa - Authentication Packages [msv1_0]
REGLSA - \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa - Security Packages [kerberos]
C:\WINDOWS\system32\xpsp2res.dll InMem: 1 Det [G] PX5: DD9EAB9A00D5F12036192D6118710400ADB6810C
C:\WINDOWS\system32\wdmaud.drv InMem: 1 Det [G] PX5: E19B13CB00CFB9ED5C250033B033BB00A27F216F
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - wave [wdmaud.drv]
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - midi [wdmaud.drv]
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - mixer [wdmaud.drv]
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Userinstallable.drivers - wave [wdmaud.drv]
C:\WINDOWS\system32\msacm32.drv InMem: 1 Det [G] PX5: F8EB7CDA00A2596F522700876A3BC9005F29A42B
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP - wavemapper [msacm32.drv]
C:\WINDOWS\system32\MSACM32.dll InMem: 1 Det [G] PX5: CD32AC5300D4DB3A183401A597817D009B477A6B
C:\WINDOWS\system32\midimap.dll InMem: 1 Det [G] PX5: 8C299C3E002D88084A0000F598A51000C8C9681D
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP - midimapper [midimap.dll]
C:\WINDOWS\system32\libssl32.dll InMem: 1 Det [G] PX5: 7D95E1E90038DB7100260308F44EAE008E52194B
C:\WINDOWS\system32\LIBEAY32.dll InMem: 1 Det [G] PX5: AB5F42BE007EA5FD806F0F0A7D9A0300CC5E07C7
C:\WINDOWS\system32\WSOCK32.dll InMem: 1 Det [G] PX5: 2C097C2B007169C960BA0014DCE7CC0038229E38
C:\WINDOWS\system32\MSVCR71.dll InMem: 1 Det [G] PX5: 3FEE1145002F2EB8504E05ED76DA9100776D97E7
C:\WINDOWS\system32\RASAPI32.dll InMem: 1 Det [G] PX5: 7E18516500FFE5CC9C5B03564D831C0011FCFEEB
C:\WINDOWS\system32\rasman.dll InMem: 1 Det [G] PX5: 7F1D9BFF002D89D3F04E005C98AFF900ECE9EEA3
C:\WINDOWS\system32\TAPI32.dll InMem: 1 Det [G] PX5: ECB3A62200F5E5E3C61D0271F9934A0018AE4A00
C:\WINDOWS\system32\rtutils.dll InMem: 1 Det [G] PX5: BF0F14BA00130FA5ACFA00D907EAE70083958E2B
C:\WINDOWS\system32\sensapi.dll InMem: 1 Det [G] PX5: 945479A500423FB71A9A004C020A3B0024ABF6B3
C:\WINDOWS\System32\mswsock.dll InMem: 1 Det [G] PX5: 644C52BE00A05754C6240337B7759700C1FF12E3
REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000014 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000015 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000016 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000017 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000018 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000019 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000020 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000021 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000022 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001 - LibraryPath [%SystemRoot%\System32\mswsock.dll]
REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003 - LibraryPath [%SystemRoot%\System32\mswsock.dll]
C:\WINDOWS\system32\rasadhlp.dll InMem: 1 Det [G] PX5: 44992DD300BD805F2027003B3C2E0700008DD7C4
C:\WINDOWS\system32\urlmon.dll InMem: 1 Det [G] PX5: AD1565010018D8DFB2521160625AA500CD9E80A5
C:\WINDOWS\system32\hnetcfg.dll InMem: 1 Det [G] PX5: 2CFD58C600B6F9414A810565679BD6001F42D5DE
C:\WINDOWS\System32\wship6.dll InMem: 1 Det [G] PX5: 71346A8900739CB63800009B5C3ADC00C45ECF37
C:\WINDOWS\System32\wshtcpip.dll InMem: 1 Det [G] PX5: 522AC66D001B6D5A4E8E00D8A0AEF000528059BA
C:\WINDOWS\System32\wbem\wbemprox.dll InMem: 1 Det [G] PX5: 118AA1B200D76A754A3B0017C7664600A1463C19
C:\WINDOWS\System32\wbem\wbemcomn.dll InMem: 1 Det [G] PX5: 30B285D60040901346F3037FF72C08005C58C30E
C:\WINDOWS\System32\wbem\wbemsvc.dll InMem: 1 Det [G] PX5: 25397BDF00757EBFAAF700E3ED2B7800B9284F1B
C:\WINDOWS\System32\wbem\fastprox.dll InMem: 1 Det [G] PX5: AEBA61B800E4BC9A34F5075F66FDAB005D1447F9
C:\WINDOWS\system32\MSVCP60.dll InMem: 1 Det [G] PX5: 2D7DD02900BE71EC5085060A796CD8005BF97344
C:\WINDOWS\system32\NTDSAPI.dll InMem: 1 Det [G] PX5: B049763B0042836806A701AA022FCD00F10A90B1
C:\WINDOWS\system32\services.exe InMem: 1 Det [G] PX5: 55CFB3920083E585A8B8011373392400747D1070
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Eventlog - ImagePath [C:\WINDOWS\system32\services.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\PlugPlay - ImagePath [C:\WINDOWS\system32\services.exe]
C:\WINDOWS\system32\SCESRV.dll InMem: 1 Det [G] PX5: 42090831009A7DEDFC25041A41C0A6009F850DB8
C:\WINDOWS\system32\umpnpmgr.dll InMem: 1 Det [G] PX5: A0722C41001DFC8BE8A7011B43DD8300C52FA704
C:\WINDOWS\system32\NCObjAPI.DLL InMem: 1 Det [G] PX5: 7EA0BF3D001A18F58E38007796CD8000CD7F3FCC
C:\WINDOWS\system32\ShimEng.dll InMem: 1 Det [G] PX5: 279F162200D45347000001BBAACC850063724C8D
C:\WINDOWS\AppPatch\AcAdProc.dll InMem: 1 Det [G] PX5: 4481FDAC006BDDB69ABC00D7D79D140035AF8893
C:\WINDOWS\system32\eventlog.dll InMem: 1 Det [G] PX5: D2B7D57A001E9CD9DA5600E2BE4F3C00079E4466
C:\WINDOWS\system32\lsass.exe InMem: 1 Det [G] PX5: CC1BA69F00AF6D2D3445003B3C2E0700B638080D
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Netlogon - ImagePath [C:\WINDOWS\System32\lsass.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\NtLmSsp - ImagePath [C:\WINDOWS\System32\lsass.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\PolicyAgent - ImagePath [C:\WINDOWS\System32\lsass.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ProtectedStorage - ImagePath [C:\WINDOWS\system32\lsass.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\SamSs - ImagePath [C:\WINDOWS\system32\lsass.exe]
C:\WINDOWS\system32\LSASRV.dll InMem: 1 Det [G] PX5: 4A2D1F9A00EE2E841A4F0B1A2FFB0900A3181BF3
C:\WINDOWS\system32\SAMSRV.dll InMem: 1 Det [G] PX5: E92EC68300CE21C68E4E06BCC0EDF6004268C49A
C:\WINDOWS\system32\cryptdll.dll InMem: 1 Det [G] PX5: 81B30DAB0078862F82C6000202049600DB968CD1
C:\WINDOWS\AppPatch\AcGenral.DLL InMem: 1 Det [G] PX5: 5F6310EE002D3DBC446C1C5A826CF10048881669
C:\WINDOWS\system32\msprivs.dll InMem: 1 Det [G] PX5: 0CA48DC3002C50B3BC750065E2B27800000C62EB
C:\WINDOWS\system32\kerberos.dll InMem: 1 Det [G] PX5: 6F259D99008DE085843504BA6E05F400BD1351EF
REGLSA - \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa - Security Packages [kerberos]
C:\WINDOWS\system32\netlogon.dll InMem: 1 Det [G] PX5: 7826BE4E00B0693C362206A7BBB246000E968C98
REGRPC - \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService - 68 [netlogon.dll]
C:\WINDOWS\system32\w32time.dll InMem: 1 Det [G] PX5: B0DB78E90001F969B24A022F16FE9C007D6DCCBC
C:\WINDOWS\system32\schannel.dll InMem: 1 Det [G] PX5: 978AEDC000D16F92363B021213F745004B5CD31C
REGRUNGEN - \REGISTRY\Machine\System\CurrentControlSet\Control\SecurityProviders - SecurityProviders [msapsspc.dll]
REGLSA - \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa - Security Packages [kerberos]
REGRPC - \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService - 14 [schannel.dll]
C:\WINDOWS\system32\wdigest.dll InMem: 1 Det [G] PX5: A77EB4BD0001DCA2C0B500785ACD4E00DCC55D5B
REGLSA - \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa - Security Packages [kerberos]
C:\WINDOWS\system32\scecli.dll InMem: 1 Det [G] PX5: C91F3DA800B1BEBADA0C02480448D00054984981
REGGPOLICY - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{827D319E-6EAC-11D2-A4EA-00C04F79F83A} - DllName [scecli.dll]
REGGPOLICY - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A} - DllName [scecli.dll]
REGLSA - \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa - Notification Packages [scecli]
C:\WINDOWS\system32\ipsecsvc.dll InMem: 1 Det [G] PX5: B05D914900808F8FCED102E7A46D080020A33905
C:\WINDOWS\system32\oakley.DLL InMem: 1 Det [G] PX5: A4E8D0C400046CE116C204B93C6D3F0003672778
C:\WINDOWS\system32\WINIPSEC.DLL InMem: 1 Det [G] PX5: 5E3F044E00E5E84280510004471F8A00BD7E5854
C:\WINDOWS\system32\pstorsvc.dll InMem: 1 Det [G] PX5: DCF79E3E001DA16F86F70051A83A8600579ADC98
C:\WINDOWS\system32\psbase.dll InMem: 1 Det [G] PX5: E242805400420CE08090017E79023900E657FC90
C:\WINDOWS\system32\dssenh.dll InMem: 1 Det [G] PX5: 31E843BE00E2A81C18FA0265E10B6500232880A4
C:\WINDOWS\system32\Ati2evxx.exe InMem: 1 Det [G] PX5: FBAE6CF300382DE5300006D2ACC53E0047BD01AC
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Ati HotKey Poller - ImagePath [C:\WINDOWS\system32\Ati2evxx.exe]
C:\WINDOWS\system32\Ati2edxx.dll InMem: 1 Det [G] PX5: FA80D2D300627D89A0D600024F9A0E00590E66F0
C:\WINDOWS\system32\svchost.exe InMem: 1 Det [G] PX5: 41467A9700616549387D0095555BE300B7CBF228
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\6to4 - ImagePath [C:\WINDOWS\system32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Alerter - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\AppMgmt - ImagePath [C:\WINDOWS\system32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\AudioSrv - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\BITS - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Browser - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\CryptSvc - ImagePath [C:\WINDOWS\system32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\DcomLaunch - ImagePath [C:\WINDOWS\system32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Dhcp - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\dmserver - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Dnscache - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ERSvc - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\EventSystem - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\FastUserSwitchingCompatibility - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\helpsvc - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\HidServ - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\HTTPFilter - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\lanmanserver - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\lanmanworkstation - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\LmHosts - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Messenger - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Netman - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Nla - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\NtmsSvc - ImagePath [C:\WINDOWS\system32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\RasAuto - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\RasMan - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\RemoteAccess - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\RemoteRegistry - ImagePath [C:\WINDOWS\system32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\RpcSs - ImagePath [C:\WINDOWS\system32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Schedule - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\seclogon - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\SENS - ImagePath [C:\WINDOWS\system32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\SharedAccess - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ShellHWDetection - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\srservice - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\SSDPSRV - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\stisvc - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\TapiSrv - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\TermService - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Themes - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\TrkWks - ImagePath [C:\WINDOWS\system32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\upnphost - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\W32Time - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\WebClient - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\winmgmt - ImagePath [C:\WINDOWS\system32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\WmdmPmSN - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Wmi - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\wscsvc - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\wuauserv - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\WudfSvc - ImagePath [C:\WINDOWS\system32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\WZCSVC - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\xmlprov - ImagePath [C:\WINDOWS\System32\svchost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\zowxkyhn - ImagePath [C:\WINDOWS\System32\svchost.exe]
c:\windows\system32\rpcss.dll InMem: 1 Det [G] PX5: 27F0519E00F08DE512070643B0627F006598C78A
C:\WINDOWS\system32\msi.dll InMem: 1 Det [G] PX5: B09678EF00F05CBD8EB12B2266AE240024089B64
c:\windows\system32\termsrv.dll InMem: 1 Det [G] PX5: 15A4D5880058E23888C304BFF814830042F0D520
c:\windows\system32\ICAAPI.dll InMem: 1 Det [G] PX5: BB3E4FC6005CCAE92CC10044E2AB07008B832EBD
c:\windows\system32\mstlsapi.dll InMem: 1 Det [G] PX5: F3CF001500470019C4F901369ADAFD00DF876B1F
c:\windows\system32\ACTIVEDS.dll InMem: 1 Det [G] PX5: EFB02947002647C8F6250205FD9612006E9558F5
c:\windows\system32\adsldpc.dll InMem: 1 Det [G] PX5: 6D8B11FE00EF99F53026027F152EC40097EA0ACA
c:\windows\system32\ATL.DLL InMem: 1 Det [G] PX5: 90FBA32A008A4DC9E6A3004879775D009B9241D5
C:\WINDOWS\System32\winrnr.dll InMem: 1 Det [G] PX5: DD7C6D7B00A7C2A842AB003098E8920063CE769A
REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002 - LibraryPath [%SystemRoot%\System32\winrnr.dll]
C:\Programmi\Windows Defender\MsMpEng.exe InMem: 1 Det [G] PX5: 818ED7B818B0629C353D00F6EA637200C8FA397F
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\WinDefend - ImagePath [C:\Programmi\Windows Defender\MsMpEng.exe]
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCR80.dll InMem: 1 Det [G] PX5: 4B6AF860005E2DB6B4260971351F230010BD1760
C:\Programmi\Windows Defender\MpSvc.dll InMem: 1 Det [G] PX5: 3AAA49721817C9D3230304D159F57C00AF94AF37
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCP80.dll InMem: 1 Det [G] PX5: 5705CBCE00CDFB7384FA08D41193B300A8C4800C
C:\Programmi\Windows Defender\MpClient.dll InMem: 1 Det [G] PX5: 0C46F1DC18E1E2FEE3EB0422987574004FAFC496
C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Windows Defender\Definition Updates\{485C55BF-E865-443C-8126-58F1770E522A}\mpengine.dll InMem: 1 Det [G] PX5: D287FA1E509CA18CF2E931B9395A8C0047DDE3DB
C:\WINDOWS\system32\DBGHELP.DLL InMem: 1 Det [G] PX5: CA15549600DD8409C430096381351D009D50E233
C:\Programmi\Windows Defender\mprtplug.dll InMem: 1 Det [G] PX5: 5F2D8CB91860FBEBCDAD00FC68F6E10085CCA0B9
c:\windows\system32\dhcpcsvc.dll InMem: 1 Det [G] PX5: 6B31A5B6003DEA2AB413012609A16300F9086E97
c:\windows\system32\wzcsvc.dll InMem: 1 Det [G] PX5: 3DF4750600996C8B7E470562CED514005814EDBA
c:\windows\system32\WMI.dll InMem: 1 Det [G] PX5: 781B3D7300C600C41695006A26ACBD006AA9CB45
c:\windows\system32\ESENT.dll InMem: 1 Det [G] PX5: 44A1D0F1009656EFAA4210CE1D5F1E00AAA3CF3A
C:\WINDOWS\System32\rastls.dll InMem: 1 Det [G] PX5: F64AC68A00F37A69B87E01DB8E696800CC9225D9
C:\WINDOWS\system32\CRYPTUI.dll InMem: 1 Det [G] PX5: 5142AFD100A220AEFE57076D08D9310067F36935
C:\WINDOWS\System32\MPRAPI.dll InMem: 1 Det [G] PX5: F40536E000846CE4547B017CD7ABC100D153D57A
C:\WINDOWS\System32\raschap.dll InMem: 1 Det [G] PX5: 6CBEE3D600A4FEB310F101DE8C083F003D6F721F
c:\windows\system32\schedsvc.dll InMem: 1 Det [G] PX5: 5DDC4A3800A53317F204023D51875A00711FF5B5
C:\WINDOWS\System32\MSIDLE.DLL InMem: 1 Det [G] PX5: 892E25230047BFE41A2700448F955F00DB3FDA3D
c:\windows\system32\audiosrv.dll InMem: 1 Det [G] PX5: 97A7792B000122A1A6A80092373D18006EB85382
c:\windows\system32\wkssvc.dll InMem: 1 Det [G] PX5: F785B0520050629F0457028102F0DA00CD162C70
c:\windows\system32\qmgr.dll InMem: 1 Det [G] PX5: A628078700D0FC00D60105464D1E6100132AFD53
c:\windows\system32\SHFOLDER.dll InMem: 1 Det [G] PX5: 209DE55C009ABDE8627700E93AF07200F7058D40
c:\windows\system32\WINHTTP.dll InMem: 1 Det [G] PX5: 8A8FE9C3008B23F25C3905D494C02C00D181B661
c:\windows\system32\cryptsvc.dll InMem: 1 Det [G] PX5: 4924777000FF363CECB300E8D69F7300112A6AF8
c:\windows\system32\certcli.dll InMem: 1 Det [G] PX5: 925C7DF9003B9C1200C5031520AB850028BB5515
c:\windows\system32\dmserver.dll InMem: 1 Det [G] PX5: FABFF932000B9F155E610037E22ABC006B953D35
c:\windows\system32\ersvc.dll InMem: 1 Det [G] PX5: 1075AE7B006257925A3B00E01F4D2400B15FB39E
c:\windows\system32\es.dll InMem: 1 Det [G] PX5: 79EA0C1C007DD384B6CC033ACA71FA00F62D9D5F
c:\windows\pchealth\helpctr\binaries\pchsvc.dll InMem: 1 Det [G] PX5: 5BE772A20028818F98B300E973AA5500998EE021
c:\windows\system32\hidserv.dll InMem: 1 Det [G] PX5: 96C7C37F003251D454A000B31B11EF0040F22E18
c:\windows\system32\HID.DLL InMem: 1 Det [G] PX5: 551CD37300F70F6C527C0010EC920400B756D4FA
c:\windows\system32\srvsvc.dll InMem: 1 Det [G] PX5: 0BFF5A6200F821CA7A0401E40DD655008D70866B
c:\windows\system32\netman.dll InMem: 1 Det [G] PX5: 65612A5600E1886F042503516394BA0003C1C8BE
c:\windows\system32\netshell.dll InMem: 1 Det [G] PX5: F7F9A56A007CF701368C1AE01A3E1600E0C02A68
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{7007ACC7-3202-11D1-AAD2-00805FC1270E}\InprocServer32 - {7007ACC7-3202-11D1-AAD2-00805FC1270E} [C:\WINDOWS\system32\NETSHELL.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{992CFFA0-F557-101A-88EC-00DD010CCC48}\InprocServer32 - {992CFFA0-F557-101A-88EC-00DD010CCC48} [C:\WINDOWS\system32\NETSHELL.dll]
c:\windows\system32\credui.dll InMem: 1 Det [G] PX5: E886FD9F0056D4F18254029213832F003DEFF647
c:\windows\system32\WZCSAPI.DLL InMem: 1 Det [G] PX5: EBF8733200CD9B7CCA4C0051E7642A0024707F2E
c:\windows\system32\mprdim.dll InMem: 1 Det [G] PX5: 5517FD34000A04B5C0F700E3D49AF000669EA126
c:\windows\system32\seclogon.dll InMem: 1 Det [G] PX5: 5B80E36F00AA396B4A8300B7E7951D00D7AA4B2D
c:\windows\system32\sens.dll InMem: 1 Det [G] PX5: 00AF89660086F69E989700E590F03600F597A8F5
c:\windows\system32\srsvc.dll InMem: 1 Det [G] PX5: F652BD0100BA7CC29C6202A16DDB5500C590261B
c:\windows\system32\POWRPROF.dll InMem: 1 Det [G] PX5: 31AB7E9C00B2127E4485007208C03300950D28C1
c:\windows\system32\trkwks.dll InMem: 1 Det [G] PX5: 906F8E37007C9B5A621D011F493B83005C29CC43
c:\windows\system32\wbem\wmisvc.dll InMem: 1 Det [G] PX5: CEF9F3BC00C6E32738BF0260919AD800E787713F
C:\WINDOWS\system32\VSSAPI.DLL InMem: 1 Det [G] PX5: FAEC6BFB002AF8059230067AACCA280087EB5B02
C:\WINDOWS\System32\rasppp.dll InMem: 1 Det [G] PX5: 69B8011C006A35C426B80310309570000552A536
C:\WINDOWS\System32\ntlsapi.dll InMem: 1 Det [G] PX5: 182944C0006C52E520B8003B3C2E0700820D2E78
C:\WINDOWS\System32\rasmans.dll InMem: 1 Det [G] PX5: 6AC5343500463BCBC43C0233B0575500AE7EBADF
C:\WINDOWS\System32\netcfgx.dll InMem: 1 Det [G] PX5: 4F8DF8B4009990EE9C82091CBF6CD600CD59067D
C:\WINDOWS\System32\CLUSAPI.dll InMem: 1 Det [G] PX5: F4F4A6AD001EC8C1E2C500B4FE61840054C0DDE3
c:\windows\system32\wuauserv.dll InMem: 1 Det [G] PX5: 0799809A00702BD41AB400068A66AC0043C84727
C:\WINDOWS\system32\wuaueng.dll InMem: 1 Det [G] PX5: 26C07DF358FF2BE623151A8BD3FD64005FC70733
C:\WINDOWS\System32\Cabinet.dll InMem: 1 Det [G] PX5: 60605FEC005AB19AEA050033F1225300422702FD
C:\WINDOWS\System32\mspatcha.dll InMem: 1 Det [G] PX5: 192CF4F3003C31E4769D0029DA080500F7D037E4
C:\WINDOWS\System32\Wbem\wbemcore.dll InMem: 1 Det [G] PX5: D34E2BC3004DE1451AED08DF0B2B620026599912
C:\WINDOWS\System32\Wbem\esscli.dll InMem: 1 Det [G] PX5: DE687FC600BAAC77C8B4030B6F14AB0094AE7226
c:\windows\system32\6to4svc.dll InMem: 1 Det [G] PX5: 24C0F0FD00CE071B882D01C1683F53008006C400
c:\windows\system32\ipnathlp.dll InMem: 1 Det [G] PX5: 89882A6E0030CF0B12CE052A40AAE5009F9198F9
REGROUTER - \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\AUTODHCP - DllName [ipnathlp.dll]
REGROUTER - \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\DNSPROXY - DllName [ipnathlp.dll]
REGROUTER - \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\FTP - DllName [ipnathlp.dll]
REGROUTER - \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\H323 - DllName [ipnathlp.dll]
REGROUTER - \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\IPNAT - DllName [ipnathlp.dll]
REGROUTER - \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\PAST - DllName [ipnathlp.dll]
c:\windows\system32\wscsvc.dll InMem: 1 Det [G] PX5: B11BC224000C550D3E4B01F1618F6300676DF706
c:\windows\system32\browser.dll InMem: 1 Det [G] PX5: 9CDD0A4F005D0D9D2E6201C807EC76000E0D1CE8
REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF} - [Browser Customizations]
C:\WINDOWS\System32\wbem\wmiutils.dll InMem: 1 Det [G] PX5: 0BDBA5A5000A6748803F0102F9279500D2C1C9B2
C:\WINDOWS\system32\comsvcs.dll InMem: 1 Det [G] PX5: ED0A598E00540BAB56A9139D5AFF60002DA225EE
C:\WINDOWS\system32\colbact.DLL InMem: 1 Det [G] PX5: A0B0F9B500ACD436ECA70034F32E2C001398A8B7
C:\WINDOWS\system32\MTXCLU.DLL InMem: 1 Det [G] PX5: 66978F8E0092BC0304EB01E29B925900A2E75CFB
C:\WINDOWS\System32\RESUTILS.DLL InMem: 1 Det [G] PX5: 6DFA47A500DAF26FE68800D61F5B31009BB0B65D
C:\WINDOWS\System32\wbem\repdrvfs.dll InMem: 1 Det [G] PX5: DAAC922100087395B4C8026D60ACD300B870E129
C:\WINDOWS\System32\wbem\wmiprvsd.dll InMem: 1 Det [G] PX5: DCBBBE7700F574BEAC5B06A359C30800D52199FA
C:\WINDOWS\System32\wbem\wbemess.dll InMem: 1 Det [G] PX5: 57BC20470030CEBC2E7C0420B5413100E2A61178
C:\WINDOWS\System32\wbem\ncprov.dll InMem: 1 Det [G] PX5: 28C2B58B00AC779DB8320092176FE400CB94678D
C:\WINDOWS\system32\msxml3.dll InMem: 1 Det [G] PX5: 60B20BB200F84299DCAB10FF374BBC00797C1A91
c:\windows\system32\tapisrv.dll InMem: 1 Det [G] PX5: 77B7DE3500985E80CE7503E2DF55BE00B03FFDDD
C:\WINDOWS\System32\rastapi.dll InMem: 1 Det [G] PX5: 699D459D008C3BC6E634009735DEBF004B936485
C:\WINDOWS\System32\upnp.dll InMem: 1 Det [G] PX5: 5CC09E6000F77B62063F026310FD670014E0CF2C
C:\WINDOWS\System32\SSDPAPI.dll InMem: 1 Det [G] PX5: B458C80C0094BE55886700FEA91CE300F0D01D10
C:\WINDOWS\System32\unimdm.tsp InMem: 1 Det [G] PX5: BFCEE8FF0036A1F42CB803103A63E10078271DF9
C:\WINDOWS\System32\uniplat.dll InMem: 1 Det [G] PX5: D4A3FA58003A460436E500FC8F082200CAF4CCCF
C:\WINDOWS\System32\kmddsp.tsp InMem: 1 Det [G] PX5: C200FF390086F832824F0082C924C70039E73BB5
C:\WINDOWS\System32\ndptsp.tsp InMem: 1 Det [G] PX5: 9787C23000D76D69E07F0030C6CACA005BA7ED34
C:\WINDOWS\System32\ipconf.tsp InMem: 1 Det [G] PX5: BB9887B4006414FA44B900C28BC43200412916D4
C:\WINDOWS\System32\h323.tsp InMem: 1 Det [G] PX5: 72FD790F00B8268510FF046EA54C6E0080B1B5D1
C:\WINDOWS\System32\hidphone.tsp InMem: 1 Det [G] PX5: 578102E800C1441976DD00BD8619300083827C0B
C:\WINDOWS\System32\RASDLG.dll InMem: 1 Det [G] PX5: 289AD96400BB9C934C7F0AD56A0D5500E683D618
C:\Programmi\File comuni\System\Ole DB\oledb32.dll InMem: 1 Det [G] PX5: 722A7F0200065713701D079CB9F9D70095D47802
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{2206CDB2-19C1-11D1-89E0-00C04FD7A829}\InprocServer32 - {2206CDB2-19C1-11D1-89E0-00C04FD7A829} [C:\Programmi\File comuni\System\Ole DB\oledb32.dll]
C:\WINDOWS\system32\MSDART.DLL InMem: 1 Det [G] PX5: DE584F8600430EA6504E027C6AA1F4002664D3C8
C:\Programmi\File comuni\System\Ole DB\OLEDB32R.DLL InMem: 1 Det [G] PX5: 67B6489E0098E89B20BA012DDDE82A004115021E
c:\windows\system32\rasauto.dll InMem: 1 Det [G] PX5: 48FCC9CC006739715C0F0164494E4F00F92E081C
C:\WINDOWS\System32\icmp.dll InMem: 1 Det [G] PX5: 0B30E5BF00DA4A2E0E4B007E40893D00B79BCD14
C:\WINDOWS\system32\upnphost.dll InMem: 1 Det [G] PX5: AE0305F4005F2B75D47602DCB48A86002D8BF361
C:\WINDOWS\system32\advpack.dll InMem: 1 Det [G] PX5: 6AFB0846001811DCE8EF01542DA23300EF60F0AE
REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B} - StubPath [rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmt]
REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be} - StubPath [rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.]
REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6} - StubPath [rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.i]
C:\WINDOWS\system32\wups2.dll InMem: 1 Det [G] PX5: 8F8648A158D15CF4A9FE004434B05300230EE2A8
C:\WINDOWS\System32\wbem\wbemcons.dll InMem: 1 Det [G] PX5: FEC4B3B500CE633918000143FDB47200CD210469
C:\Programmi\Ahead\InCD\InCDsrv.exe InMem: 1 Det [G] PX5: 1EC96DE9005E67994CEA0D81C6351600B220DC24
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\InCDsrv - ImagePath [C:\Programmi\Ahead\InCD\InCDsrv.exe]
C:\Programmi\File comuni\Ahead\Lib\DriveLocker.dll InMem: 1 Det [G] PX5: AC7802DE00ED769720DE02EEA6DF2400A77FCB50
C:\Programmi\Ahead\InCD\incdshx.dll InMem: 1 Det [G] PX5: 61F2742700FF6DEB9473011764B08F0052A4C5AE
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{950FF917-7A57-46BC-8017-59D9BF474000}\InprocServer32 - {950FF917-7A57-46BC-8017-59D9BF474000} [C:\Programmi\Ahead\InCD\incdshx.dll]
c:\windows\system32\wudfsvc.dll InMem: 1 Det [G] PX5: F6C5D2F000898E23D88C0044042EE500DEB7148F
c:\windows\system32\WUDFPlatform.dll InMem: 1 Det [G] PX5: 68EBF21300004703807D023B513C9C00752717BA
c:\windows\system32\dnsrslvr.dll InMem: 1 Det [G] PX5: 77439A66003F67F5B20B001603CC7D0008CCE66A
c:\windows\system32\lmhsvc.dll InMem: 1 Det [G] PX5: 050B19680015AAE33629000A173BF5000631D061
c:\windows\system32\webclnt.dll InMem: 1 Det [G] PX5: F49C6F7000D3BB7B0AFE01B9E6A55A009E654432
c:\windows\system32\regsvc.dll InMem: 1 Det [G] PX5: 0038ECD50092146CEAE600DC41696F006EFFA138
c:\windows\system32\ssdpsrv.dll InMem: 1 Det [G] PX5: EFEEB4A70072CCE218E201A90823060000AE77FB
C:\WINDOWS\System32\httpapi.dll InMem: 1 Det [G] PX5: 94ABF9F30077024C6088002F3D561C00380DFCD1
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe InMem: 1 Det [G] PX5: 26D578FC78352FC143BC00E4E777CD006B23B65D
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\aswUpdSv - ImagePath [C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe]
C:\Programmi\Alwil Software\Avast4\aswCmnS.dll InMem: 1 Det [G] PX5: 0E7C1CC4000F8005F03602244D17E20087942833
C:\Programmi\Alwil Software\Avast4\aswCmnOS.dll InMem: 1 Det [G] PX5: DC089454000BC8DB50E701EAF2496E00E94938DB
C:\WINDOWS\system32\MSVCP71.dll InMem: 1 Det [G] PX5: ECD4D63500CEF392B07B0763A30232007858E0CD
C:\Programmi\Alwil Software\Avast4\aswCmnB.dll InMem: 1 Det [G] PX5: 9555673F003B4175F08701FEA5ABFB00A1381C81
C:\Programmi\Alwil Software\Avast4\ashServ.exe InMem: 1 Det [G] PX5: 6DB9775A78DA620E354E02AC11B398005310DD2D
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\avast! Antivirus - ImagePath [C:\Programmi\Alwil Software\Avast4\ashServ.exe]
C:\Programmi\Alwil Software\Avast4\aswAux.dll InMem: 1 Det [G] PX5: 686F0808003E43CC10180A167C18F5002EA976C8
C:\Programmi\Alwil Software\Avast4\aswEngin.dll InMem: 1 Det [G] PX5: 0B2AEF710012259BC0841237BFB290005BD26BD2
C:\Programmi\Alwil Software\Avast4\aswScan.dll InMem: 1 Det [G] PX5: BE8D4696006B5B5740A2015C4E65DB0099FB1A78
C:\Programmi\Alwil Software\Avast4\ashBase.dll InMem: 1 Det [G] PX5: 4926E4F100A94D82705A03EA5EB0DF0051CCD937
C:\Programmi\Alwil Software\Avast4\ashTask.dll InMem: 1 Det [G] PX5: F663DB8100FBD19DC07001A61D77B70008993A3C
C:\Programmi\Alwil Software\Avast4\aswInteg.dll InMem: 1 Det [G] PX5: 01CE67490058CE5E580800A68673DF006C2E5B46
C:\Programmi\Alwil Software\Avast4\aswIdle.dll InMem: 1 Det [G] PX5: C178E3E7787088E0272A00761D831A0096803CF4
C:\Programmi\Alwil Software\Avast4\Aavm4h.dll InMem: 1 Det [G] PX5: 40829A7C00F2B9526050038C510474004AD21EEF
C:\Programmi\Alwil Software\Avast4\Italian\Base.dll InMem: 1 Det [G] PX5: DB87B691006E4D33004A01635818EB00E0D7DA83
C:\Programmi\Alwil Software\Avast4\AhResMai.dll InMem: 1 Det [G] PX5: EA12E570009EFD7C8C0100FABBF9D2007616FD5F
C:\Programmi\Alwil Software\Avast4\ahResMes.dll InMem: 1 Det [G] PX5: A11DEF3100CE4299807A00A972C399000101112B
C:\Programmi\Alwil Software\Avast4\AhResNS.dll InMem: 1 Det [G] PX5: 10AA42BB0051A2FF7C2100181FCC04000D3CAC2F
C:\Programmi\Alwil Software\Avast4\AhResOut.dll InMem: 1 Det [G] PX5: B151518B001811F974F100BF7CACC10023901D1A
C:\Programmi\Alwil Software\Avast4\ahResP2P.dll InMem: 1 Det [G] PX5: 38FF22A00019E628827A00BE0805E50058F12384
C:\Programmi\Alwil Software\Avast4\AhResStd.dll InMem: 1 Det [G] PX5: 65910B6500C32B92A86E0005B9EB38005CB9D8BF
C:\Programmi\Alwil Software\Avast4\AhResWS.dll InMem: 1 Det [G] PX5: AB08B440004B4F0FD061002DDDE82A007A14C566
C:\Programmi\Alwil Software\Avast4\ashSSqlt.dll InMem: 1 Det [G] PX5: B85052A700AB4CEE90670390BBF3960099324AB8
C:\WINDOWS\system32\perfos.dll InMem: 1 Det [G] PX5: F2B273BD00DF14CC689F0003CC87FB0024F4B4BB
C:\Programmi\Alwil Software\Avast4\aswRes.dll InMem: 1 Det [G] PX5: E0620205007865EE40BE02414F6F7C0060289611
C:\WINDOWS\system32\spoolsv.exe InMem: 1 Det [G] PX5: 1DCDB07A00179F65E28700A02CD4BA00B29C7A8B
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Spooler - ImagePath [C:\WINDOWS\system32\spoolsv.exe]
C:\WINDOWS\system32\SPOOLSS.DLL InMem: 1 Det [G] PX5: EEC4C153008FC3AA248101F4B2E71800601A2E7A
C:\WINDOWS\system32\localspl.dll InMem: 1 Det [G] PX5: 4416D740002AA3683E4E05C1EF102900643A9BD8
C:\WINDOWS\system32\cnbjmon.dll InMem: 1 Det [G] PX5: ADFEA2D500C13C76C238009F710B75002AA8B844
C:\WINDOWS\system32\CAPMONK.DLL InMem: 1 Det [G] PX5: 282C5F88009F704036CD00DD5D9FFC0075FF7870
C:\WINDOWS\system32\CAPSMK.DLL InMem: 1 Det [G] PX5: D9B2FD250006C78AA0EF006519DBC1008F745CC6
C:\WINDOWS\system32\CAPPTMN.DLL InMem: 1 Det [G] PX5: 573D64BC00E5F16C5CCB00B030BF8500EF187F1D
C:\WINDOWS\system32\pjlmon.dll InMem: 1 Det [G] PX5: 84CFC62400E584133C01005DDEFEF70074DE7C99
C:\WINDOWS\system32\tcpmon.dll InMem: 1 Det [G] PX5: 4DB1307F00B38383B4DE0091A261F900D73B20B9
C:\WINDOWS\system32\usbmon.dll InMem: 1 Det [G] PX5: 355B55CF00434C1C429F0037D7A64900612AB6C2
C:\WINDOWS\system32\win32spl.dll InMem: 1 Det [G] PX5: 3EE5A7330005B84D903F019D6D465800D7DE2821
C:\WINDOWS\system32\NETRAP.dll InMem: 1 Det [G] PX5: B3940B1900334CEB30F300847BE9340024D302E6
C:\WINDOWS\system32\inetpp.dll InMem: 1 Det [G] PX5: 84746D7B00F17DE826600104529E590058DFB441
C:\WINDOWS\system32\CAP1EMN.DLL InMem: 1 Det [G] PX5: 4FDA86070043524FD4E200461BD65C00B13EA550
C:\Programmi\Alwil Software\Avast4\ashDisp.exe InMem: 1 Det [G] PX5: AC45644478C2E6F8359201BFF46741003A4EDA7D
REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - avast! [C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe]
C:\Programmi\Alwil Software\Avast4\Italian\Lang.dll InMem: 1 Det [G] PX5: D7237C6D0044E629F0EB262DDDE82A0068E7BA30
C:\WINDOWS\system32\MFC71.DLL InMem: 1 Det [G] PX5: 279CF76400D736F4301910CC6759CA00DBE457A6
C:\Programmi\Alwil Software\Avast4\AavmRpch.dll InMem: 1 Det [G] PX5: 4938DACC00D6F0E650750018A780CD006215E268
c:\programmi\alwil software\avast4\ahruimai.dll InMem: 1 Det [G] PX5: 76541FD20091FB0A0023011066EEF9008230EE22
C:\Programmi\Alwil Software\Avast4\ashUInt.dll InMem: 1 Det [G] PX5: 52CE52D0003FA531D0180472F3F9C7005EEF90EA
C:\Programmi\Alwil Software\Avast4\XT1922.dll InMem: 1 Det [G] PX5: B164441B00767E9B00F70EAB25126800914281F6
c:\programmi\alwil software\avast4\ahruimes.dll InMem: 1 Det [G] PX5: 147D3E81007F6F8790B300880DBA200085E8D2F8
c:\programmi\alwil software\avast4\ahruins.dll InMem: 1 Det [G] PX5: 9CDDF911002AA354908D00801A141B00EFD73D2E
c:\programmi\alwil software\avast4\ahruiout.dll InMem: 1 Det [G] PX5: 2F9B99E70099969E601B01BE072763006901A93C
C:\WINDOWS\system32\MAPI32.dll InMem: 1 Det [G] PX5: 77CE006E0094CBFAB6940177F1356D0035600D22
c:\programmi\alwil software\avast4\ahruip2p.dll InMem: 1 Det [G] PX5: C0BA031B00905F14582200D280398400DD791F49
c:\programmi\alwil software\avast4\ahruistd.dll InMem: 1 Det [G] PX5: 81FA13F90079BF3CE0ED00840059E20026858C8C
c:\programmi\alwil software\avast4\ahruiws.dll InMem: 1 Det [G] PX5: C10E7ED700114FD4C0F6006C31E2A80069B5CA3C
C:\WINDOWS\system32\MSCTF.dll InMem: 1 Det [G] PX5: 99BE7CFE008D202D80AA04B06FA73C00B2309252
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe InMem: 1 Det [G] PX5: 2E5BA9D3480CBAE9EA2A04C9F6D7FB00F945EC88
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\MDM - ImagePath [C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe]
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\1040\mdmui.dll InMem: 1 Det [G] PX5: 2998F71B0054707760E1002DBABFEB007BD15900
c:\windows\system32\wiaservc.dll InMem: 1 Det [G] PX5: B69A81C6002918EE1A4705E2549FBB00ED5C7BBD
c:\windows\system32\CFGMGR32.dll InMem: 1 Det [G] PX5: 74C69D7C00EDC85142F6003C4DC9A1006D7B8195
c:\windows\system32\mscms.dll InMem: 1 Det [G] PX5: DF52A2B9002BAEF722FE01B4E2E8B900D4427BF9
C:\WINDOWS\system32\actxprxy.dll InMem: 1 Det [G] PX5: 007947C1003133828EF901D865E09C00F6A66BF3
C:\WINDOWS\System32\sti.dll InMem: 1 Det [G] PX5: D0C61BDE00B5681C0CA40120655A6E00CC4935F5
C:\WINDOWS\system32\CAPRPCSK.EXE InMem: 1 Det [G] PX5: D929C4C600500F906EB600B2FE35E00065F3EF14
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE InMem: 1 Det [G] PX5: C9B413E700303A35C0B5015A3C8B0F00A4B6D17D
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP1PMN.DLL InMem: 1 Det [G] PX5: 0EE4A4A200EE52E9E8AF0129D246CC007F6D215F
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPSMK.DLL InMem: 1 Det [G] PX5: D9B2FD250006C78AA0EF006519DBC1008F745CC6
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe InMem: 1 Det [G] PX5: EED9E8EF781958CD55100520DEF3FA000E7DEC14
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\avast! Web Scanner - ImagePath [C:\Programmi\Alwil Software\Avast4\ashWebSv.exe]
C:\WINDOWS\system32\security.dll InMem: 1 Det [G] PX5: 6E962CC0006BCF2D162C007F8D738E00DB8BC691
REGGPOLICY - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{827D319E-6EAC-11D2-A4EA-00C04F79F83A} - [Security]
C:\Programmi\Alwil Software\Avast4\ashWsFtr.dll InMem: 1 Det [G] PX5: 42D9030D00457F2DF0B7003862FF3800AF27749B
C:\Programmi\PC Connectivity Solution\ServiceLayer.exe InMem: 1 Det [GP] PX5: F9330FD30038DE7492DA06FE0968E700DE536FB9
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ServiceLayer - ImagePath [C:\Programmi\PC Connectivity Solution\ServiceLayer.exe]
C:\Programmi\PC Connectivity Solution\NclDS.dll InMem: 1 Det [G] PX5: 5C5B5F46009D28CEF0580165A0656000997473B8
C:\Programmi\PC Connectivity Solution\NclTools.dll InMem: 1 Det [G] PX5: 42263A54002CA1F7EEBE011F81039A0040DA5343
C:\Programmi\PC Connectivity Solution\Transports\NclUSBSrv.exe InMem: 1 Det [GP] PX5: C478807400890C30FEA201A04855C100A95BD402
C:\Programmi\PC Connectivity Solution\Transports\NclRSSrv.exe InMem: 1 Det [GP] PX5: B3D32E1C00581560D61D0183344D56006A24C20D
C:\WINDOWS\System32\alg.exe InMem: 1 Det [G] PX5: A1E5D90F00A84BB2AEC200E087F3A200AB0BF90E
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ALG - ImagePath [C:\WINDOWS\System32\alg.exe]
c:\windows\system32\w3ssl.dll InMem: 1 Det [G] PX5: A6B700D7003E7B103E9200F3DAA15600D1CE535A
C:\WINDOWS\System32\strmfilt.dll InMem: 1 Det [G] PX5: 066E28230096601228B701DD5C8350004BCC7182
C:\WINDOWS\explorer.exe InMem: 1 Det [G] PX5: 5F224AD100F73BC6CEBA0FDC56B8E400769BB8AE
REGWINLOG - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon - Shell [Explorer.exe]
C:\WINDOWS\system32\BROWSEUI.dll InMem: 1 Det [G] PX5: 5B4F21B60075B6029C7D0FA26EDE4900E3C87A86
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{5E6AB780-7743-11CF-A12B-00AA004AE837}\InprocServer32 - {5E6AB780-7743-11CF-A12B-00AA004AE837} [%SystemRoot%\System32\browseui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{22BF0C20-6DA7-11D0-B373-00A0C9034938}\InprocServer32 - {22BF0C20-6DA7-11D0-B373-00A0C9034938} [%SystemRoot%\System32\browseui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{91EA3F8B-C99B-11d0-9815-00C04FD91972}\InprocServer32 - {91EA3F8B-C99B-11d0-9815-00C04FD91972} [%SystemRoot%\System32\browseui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{6413BA2C-B461-11d1-A18A-080036B11A03}\InprocServer32 - {6413BA2C-B461-11d1-A18A-080036B11A03} [%SystemRoot%\System32\browseui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{F61FFEC1-754F-11d0-80CA-00AA005B4383}\InprocServer32 - {F61FFEC1-754F-11d0-80CA-00AA005B4383} [%SystemRoot%\System32\browseui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{7BA4C742-9E81-11CF-99D3-00AA004AE837}\InprocServer32 - {7BA4C742-9E81-11CF-99D3-00AA004AE837} [%SystemRoot%\System32\browseui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{169A0691-8DF9-11d1-A1C4-00C04FD75D13}\InprocServer32 - {169A0691-8DF9-11d1-A1C4-00C04FD75D13} [%SystemRoot%\System32\browseui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{07798131-AF23-11d1-9111-00A0C98BA67D}\InprocServer32 - {07798131-AF23-11d1-9111-00A0C98BA67D} [%SystemRoot%\System32\browseui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{AF4F6510-F982-11d0-8595-00AA004CD6D8}\InprocServer32 - {AF4F6510-F982-11d0-8595-00AA004CD6D8} [%SystemRoot%\System32\browseui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{01E04581-4EEE-11d0-BFE9-00AA005B4383}\InprocServer32 - {01E04581-4EEE-11d0-BFE9-00AA005B4383} [%SystemRoot%\System32\browseui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{A08C11D2-A228-11d0-825B-00AA005B4383}\InprocServer32 - {A08C11D2-A228-11d0-825B-00AA005B4383} [%SystemRoot%\System32\browseui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 - {00BB2763-6A77-11D0-A535-00C04FD7D062} [%SystemRoot%\System32\browseui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{7376D660-C583-11d0-A3A5-00C04FD706EC}\InprocServer32 - {7376D660-C583-11d0-A3A5-00C04FD706EC} [%SystemRoot%\System32\browseui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{6756A641-DE71-11d0-831B-00AA005B4383}\InprocServer32 - {6756A641-DE71-11d0-831B-00AA005B4383} [%SystemRoot%\System32\browseui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}\InprocServer32 - {6935DB93-21E8-4ccc-BEB9-9FE3C77A297A} [%SystemRoot%\System32\browseui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{7e653215-fa25-46bd-a339-34a2790f3cb7}\InprocServer32 - {7e653215-fa25-46bd-a339-34a2790f3cb7} [%SystemRoot%\System32\browseui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{acf35015-526e-4230-9596-becbe19f0ac9}\InprocServer32 - {acf35015-526e-4230-9596-becbe19f0ac9} [%SystemRoot%\System32\browseui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{E0E11A09-5CB8-4B6C-8332-E00720A168F2}\InprocServer32 - {E0E11A09-5CB8-4B6C-8332-E00720A168F2} [%SystemRoot%\System32\browseui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{00BB2764-6A77-11D0-A535-00C04FD7D062}\InprocServer32 - {00BB2764-6A77-11D0-A535-00C04FD7D062} [%SystemRoot%\System32\browseui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 - {03C036F1-A186-11D0-824A-00AA005B4383} [%SystemRoot%\System32\browseui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{00BB2765-6A77-11D0-A535-00C04FD7D062}\InprocServer32 - {00BB2765-6A77-11D0-A535-00C04FD7D062} [%SystemRoot%\System32\browseui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{ECD4FC4E-521C-11D0-B792-00A0C90312E1}\InprocServer32 - {ECD4FC4E-521C-11D0-B792-00A0C90312E1} [%SystemRoot%\System32\browseui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}\InprocServer32 - {3CCF8A41-5C85-11d0-9796-00AA00B90ADF} [%SystemRoot%\System32\browseui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{ECD4FC4C-521C-11D0-B792-00A0C90312E1}\InprocServer32 - {ECD4FC4C-521C-11D0-B792-00A0C90312E1} [%SystemRoot%\System32\browseui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{ECD4FC4D-521C-11D0-B792-00A0C90312E1}\InprocServer32 - {ECD4FC4D-521C-11D0-B792-00A0C90312E1} [%SystemRoot%\System32\browseui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{DD313E04-FEFF-11d1-8ECD-0000F87A470C}\InprocServer32 - {DD313E04-FEFF-11d1-8ECD-0000F87A470C} [%SystemRoot%\System32\browseui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}\InprocServer32 - {EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} [%SystemRoot%\System32\browseui.dll]
REGTASKSCHED - \REGISTRY\Machine\Software\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InprocServer32 - {438755C2-A8BA-11D1-B96B-00A0C90312E1} [%SystemRoot%\System32\browseui.dll]
REGTASKSCHED - \REGISTRY\Machine\Software\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InprocServer32 - {8C7461EF-2B13-11d2-BE35-3078302C2030} [%SystemRoot%\System32\browseui.dll]
REGTOOLBAR - \REGISTRY\Machine\Software\Classes\CLSID\{01E04581-4EEE-11D0-BFE9-00AA005B4383}\InprocServer32 - {01E04581-4EEE-11D0-BFE9-00AA005B4383} [%SystemRoot%\System32\browseui.dll]
C:\WINDOWS\system32\SHDOCVW.dll InMem: 1 Det [G] PX5: 92CB89160084363DD894169EA521BF0033FB0418
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}\InprocServer32 - {2559a1f0-21d7-11d4-bdaf-00c04f60b9f0} [%SystemRoot%\system32\shdocvw.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}\InprocServer32 - {2559a1f1-21d7-11d4-bdaf-00c04f60b9f0} [%SystemRoot%\system32\shdocvw.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}\InprocServer32 - {2559a1f2-21d7-11d4-bdaf-00c04f60b9f0} [%SystemRoot%\system32\shdocvw.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}\InprocServer32 - {2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} [%SystemRoot%\system32\shdocvw.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}\InprocServer32 - {2559a1f4-21d7-11d4-bdaf-00c04f60b9f0} [%SystemRoot%\system32\shdocvw.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}\InprocServer32 - {2559a1f5-21d7-11d4-bdaf-00c04f60b9f0} [%SystemRoot%\system32\shdocvw.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{D20EA4E1-3957-11d2-A40B-0C5020524152}\InprocServer32 - {D20EA4E1-3957-11d2-A40B-0C5020524152} [%SystemRoot%\system32\shdocvw.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{D20EA4E1-3957-11d2-A40B-0C5020524153}\InprocServer32 - {D20EA4E1-3957-11d2-A40B-0C5020524153} [%SystemRoot%\system32\shdocvw.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{EFA24E61-B078-11d0-89E4-00C04FC9E26E}\InprocServer32 - {EFA24E61-B078-11d0-89E4-00C04FC9E26E} [%SystemRoot%\System32\shdocvw.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{0A89A860-D7B1-11CE-8350-444553540000}\InprocServer32 - {0A89A860-D7B1-11CE-8350-444553540000} [%SystemRoot%\System32\shdocvw.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}\InprocServer32 - {A5E46E3A-8849-11D1-9D8C-00C04FC99D61} [%SystemRoot%\System32\shdocvw.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}\InprocServer32 - {A2B0DD40-CC59-11d0-A3A5-00C04FD706EC} [%SystemRoot%\System32\shdocvw.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{67EA19A0-CCEF-11d0-8024-00C04FD75D13}\InprocServer32 - {67EA19A0-CCEF-11d0-8024-00C04FD75D13} [%SystemRoot%\System32\shdocvw.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{131A6951-7F78-11D0-A979-00C04FD705A2}\InprocServer32 - {131A6951-7F78-11D0-A979-00C04FD705A2} [%SystemRoot%\System32\shdocvw.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{9461b922-3c5a-11d2-bf8b-00c04fb93661}\InprocServer32 - {9461b922-3c5a-11d2-bf8b-00c04fb93661} [%SystemRoot%\System32\shdocvw.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{EFA24E64-B078-11d0-89E4-00C04FC9E26E}\InprocServer32 - {EFA24E64-B078-11d0-89E4-00C04FC9E26E} [%SystemRoot%\System32\shdocvw.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}\InprocServer32 - {2559a1f7-21d7-11d4-bdaf-00c04f60b9f0} [%SystemRoot%\system32\shdocvw.dll]
REGEXPSHELL - \REGISTRY\Machine\Software\Classes\CLSID\{4D5C8C25-D075-11d0-B416-00C04FB90376}\InprocServer32 - BarSize [%SystemRoot%\System32\shdocvw.dll]
REGEXPSHELL - \REGISTRY\Machine\Software\Classes\CLSID\{1FBA04EE-3024-11d2-8F1F-0000F87ABD16}\InprocServer32 - CLSID [%SystemRoot%\System32\shdocvw.dll]
REGEXPSHELL - \REGISTRY\Machine\Software\Classes\CLSID\{1FBA04EE-3024-11D2-8F1F-0000F87ABD16}\InprocServer32 - CLSID [%SystemRoot%\System32\shdocvw.dll]
C:\WINDOWS\System32\themeui.dll InMem: 1 Det [G] PX5: BAC50787005D6D22F49E05A57642CD002A91E075
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{41E300E0-78B6-11ce-849B-444553540000}\InprocServer32 - {41E300E0-78B6-11ce-849B-444553540000} [%SystemRoot%\System32\themeui.dll]
C:\WINDOWS\System32\MSIMG32.dll InMem: 1 Det [G] PX5: CB413D4600B070AF127100D0C427CA00FD59EFF9
C:\WINDOWS\System32\msutb.dll InMem: 1 Det [G] PX5: 7A3AA486004261ECFC5902E8FBAFDA00B6B25BB1
C:\WINDOWS\system32\LINKINFO.dll InMem: 1 Det [G] PX5: 87EB2C9D005DD1A14E450046E4D6CC0014CFCDB6
C:\WINDOWS\system32\ntshrui.dll InMem: 1 Det [G] PX5: 5EB8DF8A0005A80F3870025CC8B2C100D6ECC82F
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{40dd6e20-7c17-11ce-a804-00aa003ca9f6}\InprocServer32 - {40dd6e20-7c17-11ce-a804-00aa003ca9f6} [ntshrui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}\InprocServer32 - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} [ntshrui.dll]
C:\WINDOWS\system32\ieframe.dll InMem: 1 Det [G] PX5: 665C649900DFBCB990145C23529F7E00EB134B1C
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{30D02401-6A81-11d0-8274-00C04FD5AE38}\InprocServer32 - {30D02401-6A81-11d0-8274-00C04FD5AE38} [C:\WINDOWS\system32\ieframe.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}\InprocServer32 - {E7E4BC40-E76A-11CE-A9BB-00AA004AE837} [C:\WINDOWS\system32\ieframe.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}\InprocServer32 - {FBF23B40-E3F0-101B-8488-00AA003E56F8} [C:\WINDOWS\system32\ieframe.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{3C374A40-BAE4-11CF-BF7D-00AA006946EE}\InprocServer32 - {3C374A40-BAE4-11CF-BF7D-00AA006946EE} [C:\WINDOWS\system32\ieframe.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InprocServer32 - {FF393560-C2A7-11CF-BFF4-444553540000} [C:\WINDOWS\system32\ieframe.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{7BD29E00-76C1-11CF-9DD0-00A0C9034933}\InprocServer32 - {7BD29E00-76C1-11CF-9DD0-00A0C9034933} [C:\WINDOWS\system32\ieframe.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{7BD29E01-76C1-11CF-9DD0-00A0C9034933}\InprocServer32 - {7BD29E01-76C1-11CF-9DD0-00A0C9034933} [C:\WINDOWS\system32\ieframe.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}\InprocServer32 - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} [C:\WINDOWS\system32\ieframe.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}\InprocServer32 - {3DC7A020-0ACD-11CF-A9BB-00AA004AE837} [C:\WINDOWS\system32\ieframe.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 - {871C5380-42A0-1069-A2EA-08002B30309D} [C:\WINDOWS\system32\ieframe.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{07C45BB1-4A8C-4642-A1F5-237E7215FF66}\InprocServer32 - {07C45BB1-4A8C-4642-A1F5-237E7215FF66} [C:\WINDOWS\system32\ieframe.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{1C1EDB47-CE22-4bbb-B608-77B48F83C823}\InprocServer32 - {1C1EDB47-CE22-4bbb-B608-77B48F83C823} [C:\WINDOWS\system32\ieframe.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{205D7A97-F16D-4691-86EF-F3075DCCA57D}\InprocServer32 - {205D7A97-F16D-4691-86EF-F3075DCCA57D} [C:\WINDOWS\system32\ieframe.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{3028902F-6374-48b2-8DC6-9725E775B926}\InprocServer32 - {3028902F-6374-48b2-8DC6-9725E775B926} [C:\WINDOWS\system32\ieframe.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{43886CD5-6529-41c4-A707-7B3C92C05E68}\InprocServer32 - {43886CD5-6529-41c4-A707-7B3C92C05E68} [C:\WINDOWS\system32\ieframe.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{44C76ECD-F7FA-411c-9929-1B77BA77F524}\InprocServer32 - {44C76ECD-F7FA-411c-9929-1B77BA77F524} [C:\WINDOWS\system32\ieframe.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{4B78D326-D922-44f9-AF2A-07805C2A3560}\InprocServer32 - {4B78D326-D922-44f9-AF2A-07805C2A3560} [C:\WINDOWS\system32\ieframe.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{6038EF75-ABFC-4e59-AB6F-12D397F6568D}\InprocServer32 - {6038EF75-ABFC-4e59-AB6F-12D397F6568D} [C:\WINDOWS\system32\ieframe.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{6B4ECC4F-16D1-4474-94AB-5A763F2A54AE}\InprocServer32 - {6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} [C:\WINDOWS\system32\ieframe.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{6CF48EF8-44CD-45d2-8832-A16EA016311B}\InprocServer32 - {6CF48EF8-44CD-45d2-8832-A16EA016311B} [C:\WINDOWS\system32\ieframe.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{73CFD649-CD48-4fd8-A272-2070EA56526B}\InprocServer32 - {73CFD649-CD48-4fd8-A272-2070EA56526B} [C:\WINDOWS\system32\ieframe.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8}\InprocServer32 - {98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} [C:\WINDOWS\system32\ieframe.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E}\InprocServer32 - {9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} [C:\WINDOWS\system32\ieframe.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{9D958C62-3954-4b44-8FAB-C4670C1DB4C2}\InprocServer32 - {9D958C62-3954-4b44-8FAB-C4670C1DB4C2} [C:\WINDOWS\system32\ieframe.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{B31C5FAE-961F-415b-BAF0-E697A5178B94}\InprocServer32 - {B31C5FAE-961F-415b-BAF0-E697A5178B94} [C:\WINDOWS\system32\ieframe.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{BC476F4C-D9D7-4100-8D4E-E043F6DEC409}\InprocServer32 - {BC476F4C-D9D7-4100-8D4E-E043F6DEC409} [C:\WINDOWS\system32\ieframe.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A}\InprocServer32 - {BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} [C:\WINDOWS\system32\ieframe.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{E6EE9AAC-F76B-4947-8260-A9F136138E11}\InprocServer32 - {E6EE9AAC-F76B-4947-8260-A9F136138E11} [C:\WINDOWS\system32\ieframe.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{F2CF5485-4E02-4f68-819C-B92DE9277049}\InprocServer32 - {F2CF5485-4E02-4f68-819C-B92DE9277049} [C:\WINDOWS\system32\ieframe.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{F83DAC1C-9BB9-4f2b-B619-09819DA81B0E}\InprocServer32 - {F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} [C:\WINDOWS\system32\ieframe.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75}\InprocServer32 - {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} [C:\WINDOWS\system32\ieframe.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{FDE7673D-2E19-4145-8376-BBD58C4BC7BA}\InprocServer32 - {FDE7673D-2E19-4145-8376-BBD58C4BC7BA} [C:\WINDOWS\system32\ieframe.dll]
C:\WINDOWS\system32\MLANG.dll InMem: 1 Det [G] PX5: A0FB8BA50045A9FEF20208062C04B3005F96B032
C:\WINDOWS\system32\webcheck.dll InMem: 1 Det [G] PX5: C0B970A600AFC4C590FE03C622CD1C003CFAAE1F
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\InprocServer32 - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [C:\WINDOWS\system32\webcheck.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}\InprocServer32 - {ABBE31D0-6DAE-11D0-BECA-00C04FD940BE} [C:\WINDOWS\system32\webcheck.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{F5175861-2688-11d0-9C5E-00AA00A45957}\InprocServer32 - {F5175861-2688-11d0-9C5E-00AA00A45957} [C:\WINDOWS\system32\webcheck.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{08165EA0-E946-11CF-9C87-00AA005127ED}\InprocServer32 - {08165EA0-E946-11CF-9C87-00AA005127ED} [C:\WINDOWS\system32\webcheck.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}\InprocServer32 - {E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB} [%SystemRoot%\System32\webcheck.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}\InprocServer32 - {E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7} [%SystemRoot%\System32\webcheck.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{7D559C10-9FE9-11d0-93F7-00AA0059CE02}\InprocServer32 - {7D559C10-9FE9-11d0-93F7-00AA0059CE02} [C:\WINDOWS\system32\webcheck.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}\InprocServer32 - {E6CC6978-6B6E-11D0-BECA-00C04FD940BE} [%SystemRoot%\System32\webcheck.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{D8BD2030-6FC9-11D0-864F-00AA006809D9}\InprocServer32 - {D8BD2030-6FC9-11D0-864F-00AA006809D9} [%SystemRoot%\System32\webcheck.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}\InprocServer32 - {7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB} [C:\WINDOWS\system32\webcheck.dll]
REGDELAY - \REGISTRY\Machine\Software\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\InprocServer32 - WebCheck [C:\WINDOWS\system32\webcheck.dll]
C:\WINDOWS\System32\stobject.dll InMem: 1 Det [G] PX5: 54D80CDC00F43E2DDE26016C15CB850052548DBB
REGDELAY - \REGISTRY\Machine\Software\Classes\CLSID\{35CEC8A3-2BE6-11D2-8773-92E220524153}\InprocServer32 - SysTray [C:\WINDOWS\System32\stobject.dll]
C:\WINDOWS\System32\BatMeter.dll InMem: 1 Det [G] PX5: 73074F1200F9F02570C400FC5F48D3002E4325D8
C:\WINDOWS\system32\WPDShServiceObj.dll InMem: 1 Det [G] PX5: 7176B495005E12B50A520234E7E1AF00FB8DD268
REGDELAY - \REGISTRY\Machine\Software\Classes\CLSID\{AAA288BA-9A4C-45B0-95D7-94D524869DB5}\InprocServer32 - WPDShServiceObj [C:\WINDOWS\system32\WPDShServiceObj.dll]
C:\WINDOWS\System32\mydocs.dll InMem: 1 Det [G] PX5: 57E2829600BA664D643501A4D8468A0095362A02
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{ECF03A33-103D-11d2-854D-006008059367}\InprocServer32 - {ECF03A33-103D-11d2-854D-006008059367} [%SystemRoot%\System32\mydocs.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{ECF03A32-103D-11d2-854D-006008059367}\InprocServer32 - {ECF03A32-103D-11d2-854D-006008059367} [%SystemRoot%\System32\mydocs.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{4a7ded0a-ad25-11d0-98a8-0800361b1103}\InprocServer32 - {4a7ded0a-ad25-11d0-98a8-0800361b1103} [%SystemRoot%\System32\mydocs.dll]
C:\Programmi\Nokia\Nokia PC Suite 6\phonebrowser.dll InMem: 1 Det [G] PX5: D695EA7100B0FBDF6A530916EB10F5003D9FED17
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}\InprocServer32 - {416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A} [C:\Programmi\Nokia\Nokia PC Suite 6\phonebrowser.dll]
C:\Programmi\Nokia\Nokia PC Suite 6\NGSCM.DLL InMem: 1 Det [G] PX5: D7223103005A350B70870C93740CA6001F472BEE
C:\WINDOWS\system32\OLEPRO32.DLL InMem: 1 Det [G] PX5: 4451C5BD00B67BC2466601954AF9C000130A3600
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll InMem: 1 Det [G] PX5: EEECA2A200AE193420E61AFE5130B8009DDBAA0F
C:\Programmi\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_ita.nlr InMem: 1 Det [G] PX5: 310234E4008915F6728100E51A1F4400BEAB4421
C:\Programmi\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr InMem: 1 Det [G] PX5: 2D3D56D200BECADFC0A408C7391F08005D1AA854
C:\WINDOWS\system32\PortableDeviceTypes.dll InMem: 1 Det [G] PX5: 79585FF4007031758CF802904E46EE00DF2F75D4
C:\WINDOWS\system32\PortableDeviceApi.dll InMem: 1 Det [G] PX5: 413BE4C6002C530256CD0467F46CFA0079ACDAE6
C:\WINDOWS\System32\drprov.dll InMem: 1 Det [G] PX5: BB8EDCE2008403A638800074FD083400905C26EC
C:\WINDOWS\System32\ntlanman.dll InMem: 1 Det [G] PX5: FCEBCD7A009905FEAA4200960455950080D2A1BD
C:\WINDOWS\System32\NETUI0.dll InMem: 1 Det [G] PX5: 074187360063FEE5400A014D6C2C430053ABE349
C:\WINDOWS\System32\NETUI1.dll InMem: 1 Det [G] PX5: A4DAD8A200850E09C097034C744E770099F86FBA
C:\WINDOWS\System32\davclnt.dll InMem: 1 Det [G] PX5: 5E0DDE0C0099E131624800B42D603500DF9BC5AA
C:\Programmi\Windows Defender\MpShHook.dll InMem: 1 Det [G] PX5: 5A31977E183F1430450E019C1D23F3001DC1510A
REGSHLEXHOOK - \REGISTRY\Machine\Software\Classes\CLSID\{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}\InprocServer32 - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} [C:\PROGRA~1\WIFD1F~1\MpShHook.dll]
C:\WINDOWS\system32\browselc.dll InMem: 1 Det [G] PX5: EA63F88500B471270C9A01309A4A800054BE305C
C:\Programmi\Spybot - Search & Destroy\SDHelper.dll InMem: 1 Det [G] PX5: 419AFD08503A86B0B74D170DC07D2B00426765F1
REGEXPSHELL - \REGISTRY\Machine\Software\Classes\CLSID\{53707962-6F74-2D53-2644-206D7942484F}\InprocServer32 - ClsidExtension [C:\PROGRA~1\SPYBOT~1\SDHelper.dll]
C:\WINDOWS\system32\faultrep.dll InMem: 1 Det [G] PX5: 8881272500607D363C8201F4E6BB3A00D79C24A3
C:\WINDOWS\system32\jsproxy.dll InMem: 1 Det [G] PX5: B1EBA9B500237A326CEA005B8C9BBF009D71D23E
C:\WINDOWS\system32\DUSER.dll InMem: 1 Det [G] PX5: 576588D800DB533AA46504C81FA1F900F6700574
C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\PDFShell.ITA InMem: 1 Det [G] PX5: D581665A000C981EC0E1044D188D40005CCA75A7
C:\WINDOWS\system32\l3codecx.acm InMem: 1 Det [G] PX5: 060F10FB00362DABFA0D01B4E6764C004C7A1CB0
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - msacm.l3acm [l3codecx.acm]
C:\Programmi\WinRAR\rarext.dll InMem: 1 Det [G] PX5: 2623C54200105084D206014FEE000600888C6F88
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}\InprocServer32 - {B41DB860-8EE4-11D2-9906-E49FADC173CA} [C:\Programmi\WinRAR\rarext.dll]
C:\WINDOWS\system32\wmvcore.dll InMem: 1 Det [G] PX5: 21E5EED200E4BAA9664525EF6856730017F9BD30
C:\WINDOWS\system32\WMASF.DLL InMem: 1 Det [G] PX5: 3D36799C0034542F6690031EC75D2100FDEBB35E
C:\Programmi\Alwil Software\Avast4\ashShell.dll InMem: 1 Det [G] PX5: 5C06B4A478A7E67E25A60193674B8800EC3DA1E5
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}\InprocServer32 - {472083B0-C522-11CF-8763-00608CC02F24} [C:\Programmi\Alwil Software\Avast4\ashShell.dll]
C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\PDFShell.dll InMem: 1 Det [G] PX5: 8C22B1270080452CB0520538F9A2700042807472
REGEXPSHELL - \REGISTRY\Machine\Software\Classes\CLSID\{F9DB5320-233E-11D1-9F84-707F02C10627}\InprocServer32 - [C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\PDFShell.dll]
C:\WINDOWS\system32\shdoclc.dll InMem: 1 Det [G] PX5: 552F282A005B9932A4DA08FB1D53CE00D5EAFBF4
C:\WINDOWS\system32\DDRAW.dll InMem: 1 Det [G] PX5: 4E606A3E004BFD1E107104ECA94E4700B2873B8F
C:\WINDOWS\system32\DCIMAN32.dll InMem: 1 Det [G] PX5: 256E9CF3007B0060223C00722D6B1100E50006BD
C:\WINDOWS\system32\D3DIM700.DLL InMem: 1 Det [G] PX5: 79FBA49800AC119098850C1D3F038D00BC563F74
C:\Programmi\File comuni\Ahead\Lib\AdvrCntr.dll InMem: 1 Det [G] PX5: 1F923C5042100973503A269E144C6D00AABEFD59
C:\WINDOWS\system32\dxmasf.dll InMem: 1 Det [G] PX5: 453F96F736AB97CE9E7407822E959300CB4EE23B
C:\WINDOWS\system32\DRMClien.DLL InMem: 1 Det [G] PX5: 7E0202E800A817ED928204A480969C00E97ED883
C:\WINDOWS\system32\mshtml.dll InMem: 1 Det [G] PX5: 421B6A82003EB6A5CEEC36FB7BEDA0008CDB81E6
C:\WINDOWS\system32\msls31.dll InMem: 1 Det [G] PX5: 06578F3600BE0A1C62E3026806CB9A00A1DAF899
C:\WINDOWS\system32\ctfmon.exe InMem: 1 Det [G] PX5: 7BE460C100E5509F3C0D00F14B5A510097B91217
REGRUNKEY - \REGISTRY\User\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run - CTFMON.EXE [C:\WINDOWS\System32\CTFMON.EXE]
REGRUNKEY - \REGISTRY\User\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run - CTFMON.EXE [C:\WINDOWS\System32\CTFMON.EXE]
REGRUNKEY - \REGISTRY\User\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run - CTFMON.EXE [C:\WINDOWS\System32\CTFMON.EXE]
REGRUNKEY - \REGISTRY\User\S-1-5-21-1202660629-1220945662-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Run - CTFMON.EXE [C:\WINDOWS\system32\ctfmon.exe]
REGRUNKEY - \REGISTRY\User\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run - CTFMON.EXE [C:\WINDOWS\System32\CTFMON.EXE]
C:\Programmi\Internet Explorer\iexplore.exe InMem: 1 Det [G] PX5: E3889D8200C3C6678C93098238BFB2004046AC6E
REGEXTNMAP - \REGISTRY\Machine\Software\Classes\ftp\shell\open\command - ["C:\Programmi\Internet Explorer\IEXPLORE.EXE" %1]
C:\WINDOWS\system32\IEUI.dll InMem: 1 Det [G] PX5: D0F6CF36001F9714C22802861E743B00CD0093F8
C:\WINDOWS\system32\xmllite.dll InMem: 1 Det [G] PX5: DBDBF6F300FC6405DCA0019FAEEF2800153F1E93
C:\WINDOWS\System32\msimtf.dll InMem: 1 Det [G] PX5: 84310A0800BF02296E1202C6BE073C009D305F2B
C:\Programmi\Microsoft Office\Office10\msohev.dll InMem: 1 Det [G] PX5: 131D104EA043137C350C01DA7538A900EA1A19DB
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\InprocServer32 - {42042206-2D85-11D3-8CFF-005004838597} [C:\Programmi\Microsoft Office\Office10\msohev.dll]
C:\Programmi\Internet Explorer\ieproxy.dll InMem: 1 Det [G] PX5: 34FDA5BC00E33FFA64210444AC259B00288399D3
c:\programmi\google\googletoolbar1.dll InMem: 1 Det [G] PX5: 76EAE7AE402335AAFCF424C90E424C00FDB68273
REGTOOLBAR - \REGISTRY\Machine\Software\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\InprocServer32 - {2318C2B1-4965-11d4-9B18-009027A5CD4F} [c:\programmi\google\googletoolbar1.dll]
REGTOOLBAR - \REGISTRY\Machine\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\InprocServer32 - {2318C2B1-4965-11D4-9B18-009027A5CD4F} [c:\programmi\google\googletoolbar1.dll]
C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll InMem: 1 Det [G] PX5: 43FC1F718034B0CAF2E7007A2CAFD0009BF22C42
REGBHO - \REGISTRY\Machine\Software\Classes\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\InprocServer32 - [C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll]
C:\WINDOWS\system32\avicapr.dll InMem: 1 Det [BP] PX5: BF7FFA10007ED1E458C201E81E3853008A08B762 Malware Group: Fraudulent Security Program
C:\WINDOWS\system32\ieapfltr.dll InMem: 1 Det [G] PX5: 2AA8E66700D45015DA0405BA0AC2BD00E951D2C7
C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll InMem: 1 Det [G] PX5: 31BE11BC3084CC2A04B5050F380CDA00A420D1AB
C:\Programmi\File comuni\Microsoft Shared\Windows Live\msidcrl40.dll InMem: 1 Det [G] PX5: 45489C0D489AC2AEE84D0D659A31BB007AEB3BFF
C:\WINDOWS\system32\OLEACC.dll InMem: 1 Det [G] PX5: 81D38A4800E8D21B7EF202F4F2585B00DE902D48
C:\Programmi\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll InMem: 1 Det [G] PX5: 222C3743F0051A1EFDA309F91E4ABB0095E35C9A
C:\WINDOWS\system32\cryptnet.dll InMem: 1 Det [G] PX5: 7068F9AD00A507EDF8EF0072A0BBE3005197631B
REGWINLOG - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet - DllName [cryptnet.dll]
C:\WINDOWS\System32\jscript.dll InMem: 1 Det [G] PX5: FA885F76005A710A80BB072BB1453100D393DD16
C:\WINDOWS\system32\mshtmled.dll InMem: 1 Det [G] PX5: 016EB3FF00CF38734C9807C87D9609003AA3890A
C:\WINDOWS\system32\ImgUtil.dll InMem: 1 Det [G] PX5: CAF7E19500E00DD38E9300C38F63CD008472484B
C:\WINDOWS\system32\pngfilt.dll InMem: 1 Det [G] PX5: 8957C71300FB99D2AE01003F56465700A75B3A0B
C:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnfps.dll InMem: 1 Det [G] PX5: 1ABDC5A200C4575060A6002DDDE82A006EA38A54
C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx InMem: 1 Det [G] PX5: AA50605E8053E5C995BF2DADCB08AB00B373231F
C:\WINDOWS\system32\USP10.dll InMem: 1 Det [G] PX5: 6CE757A3000138D5346106B2255A2400746F4EDC
C:\WINDOWS\System32\ddrawex.dll InMem: 1 Det [G] PX5: 21C24AAB00CCE7946A9500C9FC9A0600C816EBD1
C:\WINDOWS\system32\Dxtrans.dll InMem: 1 Det [G] PX5: 017FF8F700424733464C032A9D0386007E856603
C:\WINDOWS\system32\Dxtmsft.dll InMem: 1 Det [G] PX5: EAAB0A34005FF2EB4C4A054123086E0017FFCA2D
C:\WINDOWS\System32\vbscript.dll InMem: 1 Det [G] PX5: 701EA96400A441615057067848F52A0073789F12
C:\WINDOWS\system32\mscoree.dll InMem: 1 Det [G] PX5: 2FF012BA00BB752D4E8504215026F6009A6054D1
c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll InMem: 1 Det [G] PX5: 9A71F9FA00D56126B84A009A02920A00100FF6CA
C:\WINDOWS\system32\corpol.dll InMem: 1 Det [G] PX5: 6C00AC5F003F9DD144C800DE3B0970002877CDE4
C:\Programmi\Windows Defender\MpOAv.dll InMem: 1 Det [G] PX5: 5F2239F81817152F4DBE01FF6C02A800EBFDEA5A
C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLLoginProxy.exe InMem: 1 Det [G] PX5: 264B67C3400942F3CEDB018315E7D10004EA8E2B
C:\Programmi\Windows Live\Messenger\usnsvc.exe InMem: 1 Det [GP] PX5: 7170895518C60F1580F401FC8E681B0060998565
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\usnjsvc - ImagePath [C:\Programmi\Windows Live\Messenger\usnsvc.exe]
C:\Programmi\Windows Live\Messenger\usnsvcps.dll InMem: 1 Det [G] PX5: 4CBDE8291836B5FED853003B3C2E0700C2F01FC8
C:\WINDOWS\system32\wuauclt.exe InMem: 1 Det [G] PX5: 8FEE32AE58BBA23ACF080068F5F6DC003A478EA6
C:\Programmi\PrevxCSI\prevxcsi.exe InMem: 1 Det [GP] PX5: 9EFC5BC53810EC7A827809ED24C2D600ABDD5DDD
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\CSIScanner - ImagePath [C:\Programmi\PrevxCSI\prevxcsi.exe]
C:\WINDOWS\System32\DRIVERS\ACPI.sys InMem: 0 Det [G] PX5: 6EB7D724001F4D96E0A8029EF0BB700070C5BA93
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ACPI - ImagePath [C:\WINDOWS\System32\DRIVERS\ACPI.sys]
C:\WINDOWS\system32\drivers\aec.sys InMem: 0 Det [G] PX5: E884BE24808C5EEB2C92028B464629005484ED65
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\aec - ImagePath [C:\WINDOWS\system32\drivers\aec.sys]
C:\WINDOWS\System32\drivers\afd.sys InMem: 0 Det [G] PX5: EE224F5C0089E9241DEF0273688B740025971F4C
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\AFD - ImagePath [C:\WINDOWS\System32\drivers\afd.sys]
C:\WINDOWS\system32\DRIVERS\alcan5wn.sys InMem: 0 Det [G] PX5: 608646FD60133EF6D11900F567A391003D70C796
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\alcan5wn - ImagePath [C:\WINDOWS\system32\DRIVERS\alcan5wn.sys]
C:\WINDOWS\system32\DRIVERS\alcaudsl.sys InMem: 0 Det [G] PX5: 0B835377E017E5C713A201BADFA1AD0020A9DD2F
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\alcaudsl - ImagePath [C:\WINDOWS\system32\DRIVERS\alcaudsl.sys]
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe InMem: 0 Det [G] PX5: 700BB9B808038308846600EF74731100EEABDE2B
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\aspnet_state - ImagePath [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe]
C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys InMem: 0 Det [G] PX5: C2C4EC245082F8C550ED0080D8E5FF008C0AA31F
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\aswFsBlk - ImagePath [C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys]
C:\WINDOWS\System32\DRIVERS\asyncmac.sys InMem: 0 Det [G] PX5: 8BD45D2B002F3B40389D007E91CC59004B62F8E9
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\AsyncMac - ImagePath [C:\WINDOWS\System32\DRIVERS\asyncmac.sys]
C:\WINDOWS\System32\DRIVERS\atapi.sys InMem: 0 Det [G] PX5: 9D6081B280209DE174C2011395153C00E47C5A8D
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\atapi - ImagePath [C:\WINDOWS\System32\DRIVERS\atapi.sys]
C:\WINDOWS\system32\ati2sgag.exe InMem: 0 Det [G] PX5: 7CE1A00A004ACA50E04F078867B2C300F45BB5EE
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ATI Smart - ImagePath [C:\WINDOWS\system32\ati2sgag.exe]
C:\WINDOWS\System32\DRIVERS\ati2mtag.sys InMem: 0 Det [G] PX5: AB61D92B006DA3D0FA5116155FF7DD000AFC7F28
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ati2mtag - ImagePath [C:\WINDOWS\System32\DRIVERS\ati2mtag.sys]
C:\WINDOWS\System32\DRIVERS\atmarpc.sys InMem: 0 Det [G] PX5: C41A09F600246E0AEA81009B2DE4BF0073057136
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Atmarpc - ImagePath [C:\WINDOWS\System32\DRIVERS\atmarpc.sys]
C:\WINDOWS\System32\DRIVERS\audstub.sys InMem: 0 Det [G] PX5: C910D030000E35B30CDC00441BDEF300B79BCD14
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\audstub - ImagePath [C:\WINDOWS\System32\DRIVERS\audstub.sys]
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe InMem: 0 Det [G] PX5: 7F20A3D5789AF324C5BF034ACD04F000023AAE65
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\avast! Mail Scanner - ImagePath [C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe]
C:\WINDOWS\System32\Drivers\BRGSp50.sys InMem: 0 Det [G] PX5: 4F0D5BC28005A61B50BF0070C8A461000E4A22BA
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\BRGSp50 - ImagePath [C:\WINDOWS\System32\Drivers\BRGSp50.sys]
C:\WINDOWS\system32\DRIVERS\bridge.sys InMem: 0 Det [G] PX5: 69CABDC3803104ED17D001BEA902E2004A7836B0
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Bridge - ImagePath [C:\WINDOWS\system32\DRIVERS\bridge.sys]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\BridgeMP - ImagePath [C:\WINDOWS\system32\DRIVERS\bridge.sys]
C:\WINDOWS\System32\DRIVERS\cdrom.sys InMem: 0 Det [G] PX5: B3CE44DD80DABE80C1400031E25C450069663A5F
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Cdrom - ImagePath [C:\WINDOWS\System32\DRIVERS\cdrom.sys]
C:\WINDOWS\System32\cisvc.exe InMem: 0 Det [G] PX5: B03833B20005A59D1629005665669D00201F0525
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\cisvc - ImagePath [C:\WINDOWS\System32\cisvc.exe]
C:\WINDOWS\system32\clipsrv.exe InMem: 0 Det [G] PX5: 50E35C41004F616D823700EBB15ECF008A4FA87F
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ClipSrv - ImagePath [C:\WINDOWS\system32\clipsrv.exe]
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe InMem: 0 Det [G] PX5: 6EFAD9B8005FFA1B128A0113E3634300FEFA54C7
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\clr_optimization_v2.0.50727_32 - ImagePath [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe]
C:\WINDOWS\System32\dllhost.exe InMem: 0 Det [G] PX5: 6EA1D06F0041EB21141900B4A32FF2002F6B8881
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\COMSysApp - ImagePath [C:\WINDOWS\System32\dllhost.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\SwPrv - ImagePath [C:\WINDOWS\System32\dllhost.exe]
C:\WINDOWS\System32\drivers\ctac32k.sys InMem: 0 Det [G] PX5: 7E7587EACCD8A704F3230168D9E09B0058ACC6EA
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ctac32k - ImagePath [C:\WINDOWS\System32\drivers\ctac32k.sys]
C:\WINDOWS\system32\drivers\ctaud2k.sys InMem: 0 Det [G] PX5: E43EAE54AC8810A7C7940C639CC6F4006C3653D9
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ctaud2k - ImagePath [C:\WINDOWS\system32\drivers\ctaud2k.sys]
C:\WINDOWS\System32\DRIVERS\ctljystk.sys InMem: 0 Det [G] PX5: CAD164E58051BBA20E6800737266DC00B79BCD14
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ctljystk - ImagePath [C:\WINDOWS\System32\DRIVERS\ctljystk.sys]
C:\WINDOWS\System32\drivers\ctprxy2k.sys InMem: 0 Det [G] PX5: 90AD43CC3CB93FDA2B5500E5750B1800E6E74B4D
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ctprxy2k - ImagePath [C:\WINDOWS\System32\drivers\ctprxy2k.sys]
C:\WINDOWS\System32\drivers\ctsfm2k.sys InMem: 0 Det [G] PX5: EFE948AC6421795B434C038F7281A200C74F25C0
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ctsfm2k - ImagePath [C:\WINDOWS\System32\drivers\ctsfm2k.sys]
C:\WINDOWS\System32\DRIVERS\disk.sys InMem: 0 Det [G] PX5: 61E4E34300C80A908E6D00C10934AF006F571071
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Disk - ImagePath [C:\WINDOWS\System32\DRIVERS\disk.sys]
C:\WINDOWS\System32\dmadmin.exe InMem: 0 Det [G] PX5: CB8A3D6900018319702703238C5916001DF268F6
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\dmadmin - ImagePath [C:\WINDOWS\System32\dmadmin.exe]
C:\WINDOWS\System32\drivers\dmboot.sys InMem: 0 Det [G] PX5: 917F152000320DE9366A0C362239380089D45879
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\dmboot - ImagePath [C:\WINDOWS\System32\drivers\dmboot.sys]
C:\WINDOWS\System32\drivers\dmio.sys InMem: 0 Det [G] PX5: 33A7916180B2EE7E5AC702A49AA6DC00E6795F14
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\dmio - ImagePath [C:\WINDOWS\System32\drivers\dmio.sys]
C:\WINDOWS\System32\drivers\dmload.sys InMem: 0 Det [G] PX5: FC216AA0003B46A9171D00359F9C1600E909FEB4
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\dmload - ImagePath [C:\WINDOWS\System32\drivers\dmload.sys]
C:\WINDOWS\system32\drivers\DMusic.sys InMem: 0 Det [G] PX5: 64B493018066E6FACEE6008D21636D008F236B03
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\DMusic - ImagePath [C:\WINDOWS\system32\drivers\DMusic.sys]
C:\WINDOWS\system32\drivers\drmkaud.sys InMem: 0 Det [G] PX5: FA93CCC9802BA0DD0B8800D3A4C66500B79BCD14
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\drmkaud - ImagePath [C:\WINDOWS\system32\drivers\drmkaud.sys]
C:\WINDOWS\System32\drivers\emupia2k.sys InMem: 0 Det [G] PX5: 47127FA3BC9E371B639602573AD91000862A0BD0
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\emupia - ImagePath [C:\WINDOWS\System32\drivers\emupia2k.sys]
C:\WINDOWS\System32\DRIVERS\fdc.sys InMem: 0 Det [G] PX5: 030113CC009ED3836B77000B64308F0030511E66
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Fdc - ImagePath [C:\WINDOWS\System32\DRIVERS\fdc.sys]
C:\WINDOWS\System32\DRIVERS\fetnd5.sys InMem: 0 Det [G] PX5: 4B57B0D91D5A5B626A8C00CAAAFD7500124B8C34
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\FETNDIS - ImagePath [C:\WINDOWS\System32\DRIVERS\fetnd5.sys]
C:\WINDOWS\System32\DRIVERS\fetnd5b.sys InMem: 0 Det [G] PX5: D442166A008E4DC4A4C8001AFEB0F10061457851
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\FETNDISB - ImagePath [C:\WINDOWS\System32\DRIVERS\fetnd5b.sys]
C:\WINDOWS\System32\DRIVERS\flpydisk.sys InMem: 0 Det [G] PX5: 60E1171000EEA79E50BF00391F7EE000F2860CEC
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Flpydisk - ImagePath [C:\WINDOWS\System32\DRIVERS\flpydisk.sys]
C:\WINDOWS\system32\drivers\fltmgr.sys InMem: 0 Det [G] PX5: DD494D2180C4BB98F7F901405AA62900817D3A94
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\FltMgr - ImagePath [C:\WINDOWS\system32\drivers\fltmgr.sys]
C:\WINDOWS\System32\DRIVERS\ftdisk.sys InMem: 0 Det [G] PX5: D543638280F1FAF5EBA30154BD3E7700D3ED2EEC
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Ftdisk - ImagePath [C:\WINDOWS\System32\DRIVERS\ftdisk.sys]
C:\WINDOWS\System32\DRIVERS\gameenum.sys InMem: 0 Det [G] PX5: 8FEAEAED8011757229C5009524482300FB74C9AC
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\gameenum - ImagePath [C:\WINDOWS\System32\DRIVERS\gameenum.sys]
C:\WINDOWS\system32\drivers\ghbvgufz.sys InMem: 0 Det [u] PX5: C552815900F2F1DB56A40073AB52D6007C69C405
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ghbvgufz - ImagePath [C:\WINDOWS\system32\drivers\ghbvgufz.sys]
C:\WINDOWS\System32\DRIVERS\msgpc.sys InMem: 0 Det [G] PX5: A6DC8C520088C979894600B57B2B1A00363C4157
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Gpc - ImagePath [C:\WINDOWS\System32\DRIVERS\msgpc.sys]
C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe InMem: 0 Det [G] PX5: 641B43D6B8F5F4DE1D3A02C2BF59190066CE65A9
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\gusvc - ImagePath [C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.e]
C:\WINDOWS\system32\drivers\ha10kx2k.sys InMem: 0 Det [G] PX5: 87EF31597406FD563AB00F3972EB960000197B53
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ha10kx2k - ImagePath [C:\WINDOWS\system32\drivers\ha10kx2k.sys]
C:\WINDOWS\system32\DRIVERS\hidusb.sys InMem: 0 Det [G] PX5: 1484F98A807906C3258400E49D6D650019C14BBC
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\HidUsb - ImagePath [C:\WINDOWS\system32\DRIVERS\hidusb.sys]
C:\WINDOWS\System32\Drivers\HTTP.sys InMem: 0 Det [G] PX5: 1A572A9180D9F92E022704747529EC0016C1652C
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\HTTP - ImagePath [C:\WINDOWS\System32\Drivers\HTTP.sys]
C:\WINDOWS\System32\DRIVERS\i8042prt.sys InMem: 0 Det [G] PX5: 5176B379805D75ECD1900002BF9BC2003FF0C0D5
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\i8042prt - ImagePath [C:\WINDOWS\System32\DRIVERS\i8042prt.sys]
C:\WINDOWS\system32\DRIVERS\imapi.sys InMem: 0 Det [G] PX5: A6DE19768012C7FDA37F00B5535D7900050612BF
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Imapi - ImagePath [C:\WINDOWS\system32\DRIVERS\imapi.sys]
C:\WINDOWS\System32\imapi.exe InMem: 0 Det [G] PX5: 74CFCD09009BDDD14A8402202B1E530034B0D214
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ImapiService - ImagePath [C:\WINDOWS\System32\imapi.exe]
C:\WINDOWS\System32\DRIVERS\InCDPass.sys InMem: 0 Det [G] PX5: 188D8C1E00442BCF74310093F66DA900F54BD795
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\InCDPass - ImagePath [C:\WINDOWS\System32\DRIVERS\InCDPass.sys]
C:\WINDOWS\System32\DRIVERS\intelppm.sys InMem: 0 Det [G] PX5: 308DA7E000DC5FE09D58006BABC91A0052CD17AF
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\intelppm - ImagePath [C:\WINDOWS\System32\DRIVERS\intelppm.sys]
C:\WINDOWS\system32\drivers\ip6fw.sys InMem: 0 Det [G] PX5: 554B18088049820E711F003BBA86E4005B660DCC
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ip6fw - ImagePath [C:\WINDOWS\system32\drivers\ip6fw.sys]
C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys InMem: 0 Det [G] PX5: E130718C809C039180F700DA0AC8EE00F2B31814
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\IpFilterDriver - ImagePath [C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys]
C:\WINDOWS\System32\DRIVERS\ipinip.sys InMem: 0 Det [G] PX5: 9655BFAF0030F62E523A00C352D248003081C413
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\IpInIp - ImagePath [C:\WINDOWS\System32\DRIVERS\ipinip.sys]
C:\WINDOWS\System32\DRIVERS\ipnat.sys InMem: 0 Det [G] PX5: 16BC903800541BF40F8E02F0609797000CA3B3FE
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\IpNat - ImagePath [C:\WINDOWS\System32\DRIVERS\ipnat.sys]
C:\WINDOWS\System32\DRIVERS\ipsec.sys InMem: 0 Det [G] PX5: 84ED89D600412A2C245201A3F8A740006B772EC6
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\IPSec - ImagePath [C:\WINDOWS\System32\DRIVERS\ipsec.sys]
C:\WINDOWS\System32\DRIVERS\irenum.sys InMem: 0 Det [G] PX5: 42D7DCAC001BE9A12C7B00EF915041002AED16BC
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\IRENUM - ImagePath [C:\WINDOWS\System32\DRIVERS\irenum.sys]
C:\WINDOWS\System32\DRIVERS\isapnp.sys InMem: 0 Det [G] PX5: 8A87001A0002BFB48D1F0066402D8A00BD468997
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\isapnp - ImagePath [C:\WINDOWS\System32\DRIVERS\isapnp.sys]
C:\WINDOWS\System32\DRIVERS\kbdclass.sys InMem: 0 Det [G] PX5: 11013D51001BA498620F00A282D06D00135D5A16
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Kbdclass - ImagePath [C:\WINDOWS\System32\DRIVERS\kbdclass.sys]
C:\WINDOWS\system32\DRIVERS\kbdhid.sys InMem: 0 Det [G] PX5: BFEF19AB007A27B83AD2001F22115F00DD6CF6D0
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\kbdhid - ImagePath [C:\WINDOWS\system32\DRIVERS\kbdhid.sys]
C:\WINDOWS\system32\drivers\kmixer.sys InMem: 0 Det [G] PX5: 1C3250A68067C4B7A11302D8512D99006E8A628F
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\kmixer - ImagePath [C:\WINDOWS\system32\drivers\kmixer.sys]
C:\WINDOWS\System32\mnmsrvc.exe InMem: 0 Det [G] PX5: F2F6E69800D71BFC80AE00AF40E07800F93A911A
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\mnmsrvc - ImagePath [C:\WINDOWS\System32\mnmsrvc.exe]
C:\WINDOWS\system32\DRIVERS\motmodem.sys InMem: 0 Det [G] PX5: EB4835B880E6198F5C8300B9362F1700083B1C70
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\motmodem - ImagePath [C:\WINDOWS\system32\DRIVERS\motmodem.sys]
C:\WINDOWS\System32\DRIVERS\mouclass.sys InMem: 0 Det [G] PX5: 7E80CA6A0038C59C5C6F0047F0E35500920EB276
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Mouclass - ImagePath [C:\WINDOWS\System32\DRIVERS\mouclass.sys]
C:\WINDOWS\System32\DRIVERS\mouhid.sys InMem: 0 Det [G] PX5: 2301F35080287EAB2F80000FDBBFFD00349EAF96
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\mouhid - ImagePath [C:\WINDOWS\System32\DRIVERS\mouhid.sys]
C:\WINDOWS\System32\DRIVERS\mrxdav.sys InMem: 0 Det [G] PX5: 614867E18023D003BDFE0234E558A700F3D6C8CF
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\MRxDAV - ImagePath [C:\WINDOWS\System32\DRIVERS\mrxdav.sys]
C:\WINDOWS\System32\DRIVERS\mrxsmb.sys InMem: 0 Det [G] PX5: 3A6FDF2E00838449EA5E06BDEF52FE0062D6AA8B
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\MRxSmb - ImagePath [C:\WINDOWS\System32\DRIVERS\mrxsmb.sys]
C:\WINDOWS\System32\msdtc.exe InMem: 0 Det [G] PX5: 3A5257C800292C38184B000639E3D800639539E0
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\MSDTC - ImagePath [C:\WINDOWS\System32\msdtc.exe]
C:\WINDOWS\system32\msiexec.exe InMem: 0 Det [G] PX5: 2199A4A600D88009341401C8D9AE0A004C78202A
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\MSIServer - ImagePath [C:\WINDOWS\system32\msiexec.exe]
REGEXTNMAP - \REGISTRY\Machine\Software\Classes\Msi.Package\shell\open\command - ["%SystemRoot%\System32\msiexec.exe" /i "%1" %*]
REGEXTNMAP - \REGISTRY\Machine\Software\Classes\Msi.Patch\shell\open\command - ["%SystemRoot%\System32\msiexec.exe" /p "%1" %*]
C:\WINDOWS\system32\drivers\MSKSSRV.sys InMem: 0 Det [G] PX5: 441E162B80A429811D1500CB9CEDF700CED69BEA
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\MSKSSRV - ImagePath [C:\WINDOWS\system32\drivers\MSKSSRV.sys]
C:\WINDOWS\system32\drivers\MSPCLOCK.sys InMem: 0 Det [G] PX5: 3656535900693AA115D1001337247B009D5BCE4B
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\MSPCLOCK - ImagePath [C:\WINDOWS\system32\drivers\MSPCLOCK.sys]
C:\WINDOWS\system32\drivers\MSPQM.sys InMem: 0 Det [G] PX5: 5D7EA63E804A637C13CA0078C414AC000E912E93
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\MSPQM - ImagePath [C:\WINDOWS\system32\drivers\MSPQM.sys]
C:\WINDOWS\System32\DRIVERS\mssmbios.sys InMem: 0 Det [G] PX5: 5C75220680F731D03C3D001BD399CC00D7DBED29
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\mssmbios - ImagePath [C:\WINDOWS\System32\DRIVERS\mssmbios.sys]
C:\WINDOWS\System32\DRIVERS\ndistapi.sys InMem: 0 Det [G] PX5: 25AEC9EA809D4D4825A500A2A9E22F00CCB1FFC8
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\NdisTapi - ImagePath [C:\WINDOWS\System32\DRIVERS\ndistapi.sys]
C:\WINDOWS\System32\DRIVERS\ndisuio.sys InMem: 0 Det [G] PX5: 0BF3AB388038D73732EB00A9A855ED006D3C0384
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Ndisuio - ImagePath [C:\WINDOWS\System32\DRIVERS\ndisuio.sys]
C:\WINDOWS\System32\DRIVERS\ndiswan.sys InMem: 0 Det [G] PX5: 304E26E9803B344266FF0104DAA0B500E6B358BD
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\NdisWan - ImagePath [C:\WINDOWS\System32\DRIVERS\ndiswan.sys]
C:\WINDOWS\System32\DRIVERS\netbios.sys InMem: 0 Det [G] PX5: 6F5EDA40008AE18787EB007972CAB100F174D35C
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\NetBIOS - ImagePath [C:\WINDOWS\System32\DRIVERS\netbios.sys]
C:\WINDOWS\System32\DRIVERS\netbt.sys InMem: 0 Det [G] PX5: 7D3B6A2A0069D5737CDE020A47DE6F00F472D659
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\NetBT - ImagePath [C:\WINDOWS\System32\DRIVERS\netbt.sys]
C:\WINDOWS\system32\netdde.exe InMem: 0 Det [G] PX5: AAA3C89900BB76ABBADC01BFB3AC1B00E2E8A55F
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\NetDDE - ImagePath [C:\WINDOWS\system32\netdde.exe]
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\NetDDEdsdm - ImagePath [C:\WINDOWS\system32\netdde.exe]
C:\WINDOWS\system32\drivers\ccdcmb.sys InMem: 0 Det [G] PX5: 9D731B7A0007B86842270042330946009F45E9B3
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\nmwcd - ImagePath [C:\WINDOWS\system32\drivers\ccdcmb.sys]
C:\WINDOWS\system32\drivers\ccdcmbo.sys InMem: 0 Det [G] PX5: 9C0E744680D506F24BFB00D4057737008D6A8767
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\nmwcdc - ImagePath [C:\WINDOWS\system32\drivers\ccdcmbo.sys]
C:\WINDOWS\System32\ntsim.sys InMem: 0 Det [G] PX5: 6D19B4E980F1E5791B4900ABAD3CAC00B56BB904
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\NTSIM - ImagePath [C:\WINDOWS\System32\ntsim.sys]
C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys InMem: 0 Det [G] PX5: A826BA3A803B83AE30C000488911C200DC3CA878
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\NwlnkFlt - ImagePath [C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys]
C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys InMem: 0 Det [G] PX5: B9B73139006979BB7FBC0031EA7E320032D237D0
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\NwlnkFwd - ImagePath [C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys]
C:\WINDOWS\system32\drivers\ctoss2k.sys InMem: 0 Det [G] PX5: 0F8F1EBE68C3747FFBAA025650CDBD00257111CC
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ossrv - ImagePath [C:\WINDOWS\system32\drivers\ctoss2k.sys]
C:\WINDOWS\System32\DRIVERS\parport.sys InMem: 0 Det [G] PX5: 4A82394D8019443A393C017F618C1500973C174B
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Parport - ImagePath [C:\WINDOWS\System32\DRIVERS\parport.sys]
C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys InMem: 0 Det [G] PX5: FD7B63C880E3B98D54CD0050D8CD5400C903E93E
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\pccsmcfd - ImagePath [C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys]
C:\WINDOWS\System32\DRIVERS\pci.sys InMem: 0 Det [G] PX5: 9DA3602E807459480C5D01595A918400CA482387
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\PCI - ImagePath [C:\WINDOWS\System32\DRIVERS\pci.sys]
C:\WINDOWS\system32\drivers\pfc.sys InMem: 0 Det [G] PX5: C401258F80BB392B284A0008425E6B007546C3CF
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\pfc - ImagePath [C:\WINDOWS\system32\drivers\pfc.sys]
C:\WINDOWS\system32\PfModNT.sys InMem: 0 Det [G] PX5: 6681159960308A8F1AB7002CBB76990019AB3E7A
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\PfModNT - ImagePath [C:\WINDOWS\system32\PfModNT.sys]
C:\WINDOWS\System32\DRIVERS\raspptp.sys InMem: 0 Det [G] PX5: F406FA260016D348BD2800EFDBDF52003203F53C
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\PptpMiniport - ImagePath [C:\WINDOWS\System32\DRIVERS\raspptp.sys]
C:\WINDOWS\System32\DRIVERS\processr.sys InMem: 0 Det [G] PX5: AF0FBDFA005416189A000040A9FF7600B2B78287
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Processor - ImagePath [C:\WINDOWS\System32\DRIVERS\processr.sys]
C:\WINDOWS\System32\DRIVERS\psched.sys InMem: 0 Det [G] PX5: C7C1320E008655110E77011715C66E0009C5AE75
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\PSched - ImagePath [C:\WINDOWS\System32\DRIVERS\psched.sys]
C:\WINDOWS\System32\DRIVERS\ptilink.sys InMem: 0 Det [G] PX5: F96F182D805891FA452B007EBD870E004C25BA07
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Ptilink - ImagePath [C:\WINDOWS\System32\DRIVERS\ptilink.sys]
C:\WINDOWS\System32\drivers\pxark.sys InMem: 0 Det [G] PX5: 5CDD1DE100048C0C445100F1E451270063DE9893
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\pxark - ImagePath [C:\WINDOWS\System32\drivers\pxark.sys]
C:\WINDOWS\System32\Drivers\PxHelp20.sys InMem: 0 Det [G] PX5: CEED5A5408FE9DE2AA3300585AD0A300BEEAAC3B
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\PxHelp20 - ImagePath [C:\WINDOWS\System32\Drivers\PxHelp20.sys]
C:\WINDOWS\system32\Drivers\CAPLPTN.SYS InMem: 0 Det [G] PX5: 44764FA88044E9F9596D008C92DDA90013755E04
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\RapidPort - ImagePath [C:\WINDOWS\system32\Drivers\CAPLPTN.SYS]
C:\WINDOWS\System32\DRIVERS\rasacd.sys InMem: 0 Det [G] PX5: EF519CA180B540A42200002C4F06E3005372DD33
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\RasAcd - ImagePath [C:\WINDOWS\System32\DRIVERS\rasacd.sys]
C:\WINDOWS\System32\DRIVERS\rasl2tp.sys InMem: 0 Det [G] PX5: C15C1546804EC8E6C8410037F34FAD00B1FBF6DF
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Rasl2tp - ImagePath [C:\WINDOWS\System32\DRIVERS\rasl2tp.sys]
C:\WINDOWS\System32\DRIVERS\raspppoe.sys InMem: 0 Det [G] PX5: A8F2C94800B2E031A21A00F0EC682E009B5794D5
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\RasPppoe - ImagePath [C:\WINDOWS\System32\DRIVERS\raspppoe.sys]
C:\WINDOWS\System32\DRIVERS\raspti.sys InMem: 0 Det [G] PX5: 506F10F380FEE57C406900BE351741009F00F0DE
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Raspti - ImagePath [C:\WINDOWS\System32\DRIVERS\raspti.sys]
C:\WINDOWS\System32\DRIVERS\rdbss.sys InMem: 0 Det [G] PX5: EE21D17900972EBEAA93023D87A14E0013D2E867
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Rdbss - ImagePath [C:\WINDOWS\System32\DRIVERS\rdbss.sys]
C:\WINDOWS\System32\DRIVERS\RDPCDD.sys InMem: 0 Det [G] PX5: 14FCFAAE80A686EB103300CFAE183900CB624D74
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\RDPCDD - ImagePath [C:\WINDOWS\System32\DRIVERS\RDPCDD.sys]
C:\WINDOWS\System32\DRIVERS\rdpdr.sys InMem: 0 Det [G] PX5: 02477783007980B5019E03607F7E03003B692115
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\rdpdr - ImagePath [C:\WINDOWS\System32\DRIVERS\rdpdr.sys]
C:\WINDOWS\system32\sessmgr.exe InMem: 0 Det [G] PX5: 2C67C68B0020C05D2C3E02893D0F09005D1CF7F5
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\RDSessMgr - ImagePath [C:\WINDOWS\system32\sessmgr.exe]
C:\WINDOWS\System32\DRIVERS\redbook.sys InMem: 0 Det [G] PX5: AEF2FC7D804F986FE3C7004FF2D91D0029FD0FC2
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\redbook - ImagePath [C:\WINDOWS\System32\DRIVERS\redbook.sys]
C:\WINDOWS\System32\locator.exe InMem: 0 Det [G] PX5: C3C0A8550045DDC726E601EBB10B83000E4A4556
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\RpcLocator - ImagePath [C:\WINDOWS\System32\locator.exe]
C:\WINDOWS\System32\rsvp.exe InMem: 0 Det [G] PX5: 2057508700E163D906880231F30F2D00E5519440
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\RSVP - ImagePath [C:\WINDOWS\System32\rsvp.exe]
C:\WINDOWS\System32\SCardSvr.exe InMem: 0 Det [G] PX5: FFC6D19800BAA7847E46014ECC3CD200949D4E12
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\SCardSvr - ImagePath [C:\WINDOWS\System32\SCardSvr.exe]
C:\WINDOWS\system32\drivers\scsiport.sys InMem: 0 Det [G] PX5: BAEDAB6C00163F8D78C6012DFF6A240038CAB5E8
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ScsiPort - ImagePath [C:\WINDOWS\system32\drivers\scsiport.sys]
C:\WINDOWS\System32\DRIVERS\secdrv.sys InMem: 0 Det [G] PX5: 84A9A7CB006F9ECC508100883E7135006D51A95C
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Secdrv - ImagePath [C:\WINDOWS\System32\DRIVERS\secdrv.sys]
C:\WINDOWS\System32\DRIVERS\serenum.sys InMem: 0 Det [G] PX5: 4F3C7EAD801665B83CEF00E324D68C009966C2DD
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\serenum - ImagePath [C:\WINDOWS\System32\DRIVERS\serenum.sys]
C:\WINDOWS\System32\DRIVERS\serial.sys InMem: 0 Det [G] PX5: 84269A0C80DA4AE9020E01315B99420097A96A32
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Serial - ImagePath [C:\WINDOWS\System32\DRIVERS\serial.sys]
C:\WINDOWS\system32\drivers\splitter.sys InMem: 0 Det [G] PX5: 249A00630095166C194E008C6AC35800063B57CE
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\splitter - ImagePath [C:\WINDOWS\system32\drivers\splitter.sys]
C:\WINDOWS\System32\DRIVERS\sr.sys InMem: 0 Det [G] PX5: 4D90659E00D8A4771F1A013E6E421F00F36027A5
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\sr - ImagePath [C:\WINDOWS\System32\DRIVERS\sr.sys]
C:\WINDOWS\System32\DRIVERS\srv.sys InMem: 0 Det [G] PX5: 75BFBC608040FEEB14BC05A8A20D28000AA8481B
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Srv - ImagePath [C:\WINDOWS\System32\DRIVERS\srv.sys]
C:\WINDOWS\System32\DRIVERS\swenum.sys InMem: 0 Det [G] PX5: FDB253C8004ADC8E110200CB82EF3C003BACCEF1
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\swenum - ImagePath [C:\WINDOWS\System32\DRIVERS\swenum.sys]
C:\WINDOWS\system32\drivers\swmidi.sys InMem: 0 Det [G] PX5: D73823E800EBA9D4D48400057CBBEE004EA1E5C8
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\swmidi - ImagePath [C:\WINDOWS\system32\drivers\swmidi.sys]
C:\WINDOWS\system32\drivers\sysaudio.sys InMem: 0 Det [G] PX5: 23CF2276806778A5EDCF00D9512FDE00BB195FEF
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\sysaudio - ImagePath [C:\WINDOWS\system32\drivers\sysaudio.sys]
C:\WINDOWS\system32\smlogsvc.exe InMem: 0 Det [G] PX5: C0E6801A0095AB606A660128541E440050C06325
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\SysmonLog - ImagePath [C:\WINDOWS\system32\smlogsvc.exe]
C:\WINDOWS\System32\DRIVERS\tcpip.sys InMem: 0 Det [G] PX5: 9F6EEC1C80D7CCB57E0F0545DD505C004B15302D
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Tcpip - ImagePath [C:\WINDOWS\System32\DRIVERS\tcpip.sys]
C:\WINDOWS\system32\DRIVERS\tcpip6.sys InMem: 0 Det [G] PX5: 5D79645C800A9DEE710003BFD457ED00F0D2E94E
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Tcpip6 - ImagePath [C:\WINDOWS\system32\DRIVERS\tcpip6.sys]
C:\WINDOWS\System32\DRIVERS\termdd.sys InMem: 0 Det [G] PX5: 3111E3EA882052CE9F39002D38F46900A7415306
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\TermDD - ImagePath [C:\WINDOWS\System32\DRIVERS\termdd.sys]
C:\WINDOWS\System32\tlntsvr.exe InMem: 0 Det [G] PX5: F869AF89008EB51B24EC0113A0DCBB001FBDD7D2
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\TlntSvr - ImagePath [C:\WINDOWS\System32\tlntsvr.exe]
C:\WINDOWS\system32\DRIVERS\tunmp.sys InMem: 0 Det [G] PX5: CBD0AEE38035D6A5300B00CF5C419100CB427E52
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\tunmp - ImagePath [C:\WINDOWS\system32\DRIVERS\tunmp.sys]
C:\WINDOWS\System32\DRIVERS\update.sys InMem: 0 Det [G] PX5: DB815C1080BD5D598E3605C672D6A20096A59C7E
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Update - ImagePath [C:\WINDOWS\System32\DRIVERS\update.sys]
C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys InMem: 0 Det [G] PX5: FCBE0FDA807CD1F01F430084CE29920091F95548
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\upperdev - ImagePath [C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys]
C:\WINDOWS\System32\ups.exe InMem: 0 Det [G] PX5: B1B748F7000750CB484000B4D1F04D00484BD2C2
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\UPS - ImagePath [C:\WINDOWS\System32\ups.exe]
C:\WINDOWS\system32\DRIVERS\usbccgp.sys InMem: 0 Det [G] PX5: 3051DD5F80B0E02D7BC400CFE2D7F10086CC5663
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\usbccgp - ImagePath [C:\WINDOWS\system32\DRIVERS\usbccgp.sys]
C:\WINDOWS\system32\DRIVERS\usbehci.sys InMem: 0 Det [G] PX5: 42E57CAC00DC4FAF684000867EE93C003087E4F7
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\usbehci - ImagePath [C:\WINDOWS\system32\DRIVERS\usbehci.sys]
C:\WINDOWS\System32\DRIVERS\usbhub.sys InMem: 0 Det [G] PX5: 1972CD35009EF197E1E10053A918EE0090181966
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\usbhub - ImagePath [C:\WINDOWS\System32\DRIVERS\usbhub.sys]
C:\WINDOWS\system32\DRIVERS\usbprint.sys InMem: 0 Det [G] PX5: C449F0710094064A6580004CDAAF0B00CAA1349A
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\usbprint - ImagePath [C:\WINDOWS\system32\DRIVERS\usbprint.sys]
C:\WINDOWS\system32\DRIVERS\usbscan.sys InMem: 0 Det [G] PX5: A345B33E004758873B29000DE02C9B00A6455141
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\usbscan - ImagePath [C:\WINDOWS\system32\DRIVERS\usbscan.sys]
C:\WINDOWS\system32\DRIVERS\usbser.sys InMem: 0 Det [G] PX5: FAA01DEA00C3822D64C200E9D9D51700173A783C
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\usbser - ImagePath [C:\WINDOWS\system32\DRIVERS\usbser.sys]
C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys InMem: 0 Det [G] PX5: 2584D9FD8006CB751FF200193C863E0027438E92
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\UsbserFilt - ImagePath [C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys]
C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS InMem: 0 Det [G] PX5: 6135CAAA80509344675C002A218295006093CEAA
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\USBSTOR - ImagePath [C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS]
C:\WINDOWS\System32\DRIVERS\usbuhci.sys InMem: 0 Det [G] PX5: 4756F37D00016D8B5030004DF844F10054C11836
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\usbuhci - ImagePath [C:\WINDOWS\System32\DRIVERS\usbuhci.sys]
C:\WINDOWS\System32\drivers\vga.sys InMem: 0 Det [G] PX5: 14B18202007EA0B752C8003693833D00BCED634F
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\VgaSave - ImagePath [C:\WINDOWS\System32\drivers\vga.sys]
C:\WINDOWS\System32\DRIVERS\viaagp1.sys InMem: 0 Det [G] PX5: FB65CF7E0060BAEE6D4900568EACBB0044965E55
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\viaagp1 - ImagePath [C:\WINDOWS\System32\DRIVERS\viaagp1.sys]
C:\WINDOWS\System32\DRIVERS\viaidexp.sys InMem: 0 Det [G] PX5: 687AA9E0001A2AF2180500C75AA31D0092612EE4
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ViaIde - ImagePath [C:\WINDOWS\System32\DRIVERS\viaidexp.sys]
C:\WINDOWS\System32\vssvc.exe InMem: 0 Det [G] PX5: F8FD01E1006746AE7C9C04ADE2180F00B254A617
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\VSS - ImagePath [C:\WINDOWS\System32\vssvc.exe]
C:\WINDOWS\System32\DRIVERS\wanarp.sys InMem: 0 Det [G] PX5: D61BDDFF00BF41D487E5002B87E94900EE92AF43
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Wanarp - ImagePath [C:\WINDOWS\System32\DRIVERS\wanarp.sys]
C:\WINDOWS\system32\DRIVERS\Wdf01000.sys InMem: 0 Det [G] PX5: 3F2CEB17E015BE6B81170798A6F9CE00B2E12A31
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Wdf01000 - ImagePath [C:\WINDOWS\system32\DRIVERS\Wdf01000.sys]
C:\WINDOWS\system32\drivers\wdmaud.sys InMem: 0 Det [G] PX5: 1A706C8200C406CF446E0184AD924B00FE330A09
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\wdmaud - ImagePath [C:\WINDOWS\system32\drivers\wdmaud.sys]
C:\Programmi\Windows Live\installer\WLSetupSvc.exe InMem: 0 Det [G] PX5: 2D572DB3008F010D10110431BDE6C6002A62A0E0
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\WLSetupSvc - ImagePath [C:\Programmi\Windows Live\installer\WLSetupSvc.exe]
C:\WINDOWS\System32\wbem\wmiapsrv.exe InMem: 0 Det [G] PX5: A8EB9B0C007C19C1EE9501FD1D31580061EB57F5
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\WmiApSrv - ImagePath [C:\WINDOWS\System32\wbem\wmiapsrv.exe]
C:\Programmi\Windows Media Player\WMPNetwk.exe InMem: 0 Det [G] PX5: AF2881470070FC5204AF0EFACB168500F7ECD6E8
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\WMPNetworkSvc - ImagePath [C:\Programmi\Windows Media Player\WMPNetwk.exe]
C:\WINDOWS\System32\drivers\ws2ifsl.sys InMem: 0 Det [G] PX5: E3FE23AC0026FAFE2FF10052E88519002DA1A545
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\WS2IFSL - ImagePath [C:\WINDOWS\System32\drivers\ws2ifsl.sys]
C:\WINDOWS\system32\DRIVERS\WudfPf.sys InMem: 0 Det [G] PX5: 36AA88DB0089F0502B3E0152E1D2DD00614F0BA1
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\WudfPf - ImagePath [C:\WINDOWS\system32\DRIVERS\WudfPf.sys]
C:\WINDOWS\system32\DRIVERS\wudfrd.sys InMem: 0 Det [G] PX5: 8A8F30350082CC51434301D0F97D39008AC35FC3
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\WudfRd - ImagePath [C:\WINDOWS\system32\DRIVERS\wudfrd.sys]
C:\WINDOWS\system32\DRIVERS\zd1211u.sys InMem: 0 Det [G] PX5: B32E0D7D005FA33B46A604086C191300D32DBCB3
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ZD1211U(ZyDAS) - ImagePath [C:\WINDOWS\system32\DRIVERS\zd1211u.sys]
C:\WINDOWS\System32\Drivers\ZDPSp50.sys InMem: 0 Det [G] PX5: 96C517B3007D3EBE45890009D868B700E2F509DD
REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ZDPSp50 - ImagePath [C:\WINDOWS\System32\Drivers\ZDPSp50.sys]
C:\WINDOWS\system32\DRIVERS\UMDF\PCCSWpdDriver.dll InMem: 0 Det [G] PX5: 29AFE11F009BCED626A908DB6367C50061447952
REGSERVICE - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WUDF\Services\PCCSWpdDriver - ImagePath [C:\WINDOWS\system32\DRIVERS\UMDF\PCCSWpdDriver.dll]
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe InMem: 0 Det [G] PX5: 1F29B7EC002EB700205A05262730C2002B09526D
REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - ATIPTA [C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe]
C:\WINDOWS\system32\CTHELPER.EXE InMem: 0 Det [G] PX5: 5DFFD2DB0078282060EA00A07CD02400092A15A2
REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - WINDVDPatch [CTHELPER.EXE]
C:\WINDOWS\UpdReg.EXE InMem: 0 Det [G] PX5: 1F24BC4600299AC56032017CCB790F00755FCB4E
REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - UpdReg [C:\WINDOWS\UpdReg.EXE]
C:\Programmi\Creative\SBLive\PROGRAM\ADGJDet.exe InMem: 0 Det [G] PX5: F18063DE00E3083370D70083A33FAD00CADF8AD6
REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - Jet Detection [C:\Programmi\Creative\SBLive\PROGRAM\ADGJDet.exe]
C:\WINDOWS\system32\Spool\Drivers\w32x86\3\CAPONN.EXE InMem: 0 Det [G] PX5: 8FFE6FCD007B0CA558E3002847C110009B103247
REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - CAPON [C:\WINDOWS\system32\Spool\Drivers\w32x86\3\CAPONN.EXE]
C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe InMem: 0 Det [G] PX5: 7034BACB703B560C9BC900BFAF1E1000A084BCE4
REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - Adobe Reader Speed Launcher ["C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"]
C:\Programmi\Ahead\InCD\InCD.exe InMem: 0 Det [G] PX5: A0CC7F1C00BE00425486154007AB5300D73348DA
REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - InCD [C:\Programmi\Ahead\InCD\InCD.exe]
C:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe InMem: 0 Det [G] PX5: B830E9CB001D55A9104901E91E532A008479AFD0
REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - Share-to-Web Namespace Daemon [C:\Programmi\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe]
C:\Programmi\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe InMem: 0 Det [G] PX5: F4F91A95E026C52EF8C7002DDDE82A00D74E3653
REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - Adobe Photo Downloader ["C:\Programmi\Adobe\Photoshop Album Starter Edition\3.2\Apps\apd]
C:\Programmi\DAEMON Tools\daemon.exe InMem: 0 Det [G] PX5: 6521054E98B0EDD0F76C01D76D86DF00DD5CFC48
REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - DAEMON Tools ["C:\Programmi\DAEMON Tools\daemon.exe" -lang 1033]
C:\WINDOWS\system32\NeroCheck.exe InMem: 0 Det [G] PX5: 0A1755890076B4FC600C028A81C92900BA5A263E
REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - NeroFilterCheck [C:\WINDOWS\system32\NeroCheck.exe]
C:\Programmi\QuickTime\qttask.exe InMem: 0 Det [G] PX5: 37A987B80032E8C9802301B975AE1C0086C15344
REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - QuickTime Task ["C:\Programmi\QuickTime\qttask.exe" -atboottime]
C:\Programmi\File comuni\Real\Update_OB\realsched.exe InMem: 0 Det [G] PX5: A67AB29D284A1E55D6D90282BDCACF00FA95DCA6
REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - TkBellExe ["C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot]
C:\Programmi\Windows Defender\MSASCui.exe InMem: 0 Det [G] PX5: B5F3878E18FD3B3839DE0DED2238D9003F2AD31E
REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - Windows Defender ["C:\Programmi\Windows Defender\MSASCui.exe" -hide]
C:\Programmi\File comuni\Microsoft Shared\DW\DWTRIG20.EXE InMem: 0 Det [G] PX5: 557AD59760821403993000D277F522007EFA78FC
REGRUNKEY - \REGISTRY\User\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run - DWQueuedReporting ["C:\PROGRA~1\FILECO~1\MICROS~1\DW\dwtrig20.exe" -t]
REGRUNKEY - \REGISTRY\User\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run - DWQueuedReporting ["C:\PROGRA~1\FILECO~1\MICROS~1\DW\dwtrig20.exe" -t]
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe InMem: 0 Det [G] PX5: E63AEB0AF802D21F0C5B015CDCEDA80008569A7F
REGRUNKEY - \REGISTRY\User\S-1-5-21-1202660629-1220945662-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Run - swg [C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.]
C:\Programmi\Nokia\Nokia PC Suite 6\PCSync2.exe InMem: 0 Det [G] PX5: 150C6620004F7B72D094122A6EA8CE004D2800B3
REGRUNKEY - \REGISTRY\User\S-1-5-21-1202660629-1220945662-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Run - Nokia.PCSync ["C:\Programmi\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog]
C:\Programmi\Nokia\Nokia PC Suite 6\PCSuite.exe InMem: 0 Det [GP] PX5: 4CA2F5B90013B41F78141050D3994900A5824CC9
REGRUNKEY - \REGISTRY\User\S-1-5-21-1202660629-1220945662-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Run - PC Suite Tray ["C:\Programmi\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray]
C:\WINDOWS\system32\userinit.exe InMem: 0 Det [G] PX5: 33A4BB2F001DA1EB620B00510674AE00F15A5361
REGWINLOG - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon - UserInit [C:\WINDOWS\system32\userinit.exe]
C:\WINDOWS\system32\logonui.exe InMem: 0 Det [G] PX5: 6B3184960083D65DDE0B0761A134100078FE806C
REGWINLOG - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon - UIHost [logonui.exe]
C:\WINDOWS\system32\rundll32.exe InMem: 0 Det [G] PX5: 797CA9E8007174E38209003396ABA600D9E79205
REGWINLOG - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon - VmApplet [rundll32 shell32,Control_RunDLL "sysdm.cpl"]
REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF} - StubPath [RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP]
REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - StubPath [RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP]
REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B} - StubPath [rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmt]
REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be} - StubPath [rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.]
REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6} - StubPath [rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.i]
REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820} - StubPath [c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dl]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C}\LocalServer32 - {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} [C:\WINDOWS\system32\rundll32.exe "C:\Programmi\Windows Live\Phot]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C}\LocalServer32 - {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} [C:\WINDOWS\system32\rundll32.exe "C:\Programmi\Windows Live\Phot]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{00F374B7-B390-4884-B372-2FC349F2172B}\LocalServer32 - {00F374B7-B390-4884-B372-2FC349F2172B} [C:\WINDOWS\system32\rundll32.exe "C:\Programmi\Windows Live\Phot]
REGEXTNMAP - \REGISTRY\Machine\Software\Classes\ShellScrap\shell\open\command - [rundll32 %SystemRoot%\system32\shscrap.dll,OpenScrap_RunDLL %1]
C:\WINDOWS\system32\autochk.exe InMem: 0 Det [G] PX5: 38890F3300760B775A86096430A56A00DB68AE82
REGSESSMGR - \REGISTRY\Machine\System\CurrentControlSet\Control\Session Manager - BootExecute [autocheck]
C:\Documents and Settings\Dani\Impostazioni locali\Temp\_iu14D2N.tmp InMem: 0 Det [G] PX5: 24A26A1F2C4FC0F11CB101CB63E8EC00C5540360
REGSESSMGR - \REGISTRY\Machine\System\CurrentControlSet\Control\Session Manager - PendingFileRenameOperations [\??\C:\Programmi\InstallShield]
C:\Documents and Settings\Dani\Impostazioni locali\Temp\GLB1A2B.EXE InMem: 0 Det [G] PX5: 51DA821800A70AF386CA02A49F01F0004A6F27FB
REGSESSMGR - \REGISTRY\Machine\System\CurrentControlSet\Control\Session Manager - PendingFileRenameOperations [\??\C:\Programmi\InstallShield]
C:\WINDOWS\system32\msjava.dll InMem: 0 Det [G] PX5: 01A2D955103896C5756F0E58E5337C005E03C8EE
REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500} - KeyFileName [C:\WINDOWS\system32\msjava.dll]
C:\Programmi\Messenger\msmsgs.exe InMem: 0 Det [G] PX5: 937DB9BC008B29B4DA13198C306CAF00327E8384
REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be} - KeyFileName [C:\Programmi\Messenger\msmsgs.exe]
REGEXPSHELL - \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683} - Exec [C:\Programmi\Messenger\msmsgs.exe]
C:\WINDOWS\System32\msieftp.dll InMem: 0 Det [G] PX5: 44133DFB00C5C1B9D64903B9EB9B6E00A95E5477
REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9} - KeyFileName [C:\WINDOWS\System32\msieftp.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{63da6ec0-2e98-11cf-8d82-444553540000}\InprocServer32 - {63da6ec0-2e98-11cf-8d82-444553540000} [C:\WINDOWS\System32\msieftp.dll]
C:\WINDOWS\system32\ieudinit.exe InMem: 0 Det [G] PX5: 65B8277E00728720360A0021165ED3001AD7DB4D
REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - StubPath [C:\WINDOWS\system32\ieudinit.exe]
C:\WINDOWS\inf\unregmp2.exe InMem: 0 Det [G] PX5: 62D1ABBC006680A4DC3104F3FD5F6600BA9B55C1
REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - StubPath [C:\WINDOWS\inf\unregmp2.exe /ShowWMP]
C:\WINDOWS\system32\ie4uinit.exe InMem: 0 Det [G] PX5: 9A1C3E60007CDE2C142401425FEA5D00032D0296
REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c} - StubPath [C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig]
REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383} - StubPath [C:\WINDOWS\system32\ie4uinit.exe -BaseSettings]
REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c} - LocalizedName [@C:\WINDOWS\system32\ie4uinit.exe,-21]
REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383} - LocalizedName [@C:\WINDOWS\system32\ie4uinit.exe,-20]
C:\WINDOWS\system32\IEDKCS32.DLL InMem: 0 Det [G] PX5: 3263DCFC00A76C9BDE4E05E4625BFB00FDC91604
REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF} - StubPath [RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP]
REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - StubPath [RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP]
REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF} - LocalizedName [@C:\WINDOWS\system32\iedkcs32.dll,-3052]
REGGPOLICY - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3} - DllName [iedkcs32.dll]
REGGPOLICY - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B} - DllName [iedkcs32.dll]
C:\WINDOWS\system32\shmgrate.exe InMem: 0 Det [G] PX5: 20602ECB00AD0F89A6D6007CC62E8E00FE74C13B
REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - StubPath [%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE]
C:\WINDOWS\system32\regsvr32.exe InMem: 0 Det [G] PX5: 9F2DE48F0086912530FD001A3E083800D58E0872
REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED} - StubPath [%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %System]
REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340} - StubPath [regsvr32.exe /s /n /i:U shell32.dll]
C:\Programmi\Outlook Express\setup50.exe InMem: 0 Det [G] PX5: 990052A900467F972069015D0AA93E00C6116D6B
REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C} - StubPath ["%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WIN]
REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02} - StubPath ["%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WI]
c:\WINDOWS\system32\mscories.dll InMem: 0 Det [G] PX5: A1E5D46000077E234AFE018627387200E6C886DB
REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820} - StubPath [c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dl]
C:\WINDOWS\system32\logon.scr InMem: 0 Det [G] PX5: 509D0B6F00114C175E1803F3B4819D004996445C
REGSCRNSAVE - \REGISTRY\User\.DEFAULT\Control Panel\Desktop - SCRNSAVE.EXE [logon.scr]
REGSCRNSAVE - \REGISTRY\User\S-1-5-19\Control Panel\Desktop - SCRNSAVE.EXE [%SystemRoot%\System32\logon.scr]
REGSCRNSAVE - \REGISTRY\User\S-1-5-20\Control Panel\Desktop - SCRNSAVE.EXE [%SystemRoot%\System32\logon.scr]
REGSCRNSAVE - \REGISTRY\User\S-1-5-21-1202660629-1220945662-1417001333-1003\Control Panel\Desktop - SCRNSAVE.EXE [C:\WINDOWS\System32\logon.scr]
REGSCRNSAVE - \REGISTRY\User\S-1-5-18\Control Panel\Desktop - SCRNSAVE.EXE [logon.scr]
C:\WINDOWS\system32\gptext.dll InMem: 0 Det [G] PX5: 3937BBDB001CF5150EDE03108010A6002700AFB6
REGGPOLICY - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63} - DllName [gptext.dll]
REGGPOLICY - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{426031c0-0b47-4852-b0ca-ac3d37bfcb39} - DllName [gptext.dll]
REGGPOLICY - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{42B5FAAE-6536-11d2-AE5A-0000F87571E3} - DllName [gptext.dll]
REGGPOLICY - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{e437bc1c-aa7d-11d2-a382-00c04f991e27} - DllName [gptext.dll]
C:\WINDOWS\system32\fdeploy.dll InMem: 0 Det [G] PX5: 4B245433003392E32A140131FF3EF30000999A70
REGGPOLICY - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{25537BA6-77A8-11D2-9B6C-0000F8080861} - DllName [fdeploy.dll]
C:\WINDOWS\system32\dskquota.dll InMem: 0 Det [G] PX5: 67A29FF30003BFCF6E3801450DA1040095E8819B
REGGPOLICY - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{3610eda5-77ef-11d2-8dc5-00c04fa31a66} - DllName [dskquota.dll]
C:\WINDOWS\system32\appmgmts.dll InMem: 0 Det [G] PX5: D38F92810065B7EDAC840228F23E3C004E625C37
REGGPOLICY - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{c6dc5466-785a-11d2-84d0-00c04fb169f7} - DllName [appmgmts.dll]
C:\WINDOWS\system32\sclgntfy.dll InMem: 0 Det [G] PX5: 164435B300B5B4E0548400AA1F6E0800C2CDD06A
REGWINLOG - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy - DllName [sclgntfy.dll]
C:\WINDOWS\system32\comm.drv InMem: 0 Det [G] PX5: 0D8B262B3068553F296F004B25B4F300F3172575
REG16BITRUN - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot - comm.drv [comm.drv]
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\vga.drv InMem: 0 Det [G] PX5: 8D38D13480CC42FA089200F6F3895F00B79BCD14
REG16BITRUN - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot - display.drv [vga.drv]
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\mmsystem.dll InMem: 0 Det [G] PX5: B7018ADE208113FC103101C8EB6DD700B1D99765
REG16BITRUN - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot - drivers [mmsystem.dll]
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\keyboard.drv InMem: 0 Det [G] PX5: 159F7A82D0C5E0D3077700FE801B1000B79BCD14
REG16BITRUN - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot - keyboard.drv [keyboard.drv]
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\mouse.drv InMem: 0 Det [G] PX5: D9EA0CB2F0FB384407BE00D28D0C0C00B79BCD14
REG16BITRUN - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot - mouse.drv [mouse.drv]
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\wfwnet.drv InMem: 0 Det [G] PX5: E9641F0220200734353000D28FC59A003BEC664C
REG16BITRUN - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot - network.drv [wfwnet.drv]
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\progman.exe InMem: 0 Det [G] PX5: C0D0815600445D69AC3B01B2DAB067005DE0E11A
REG16BITRUN - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot - shell [progman.exe]
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\sound.drv InMem: 0 Det [G] PX5: E70CAE91D00DCE52067C00647C846400B79BCD14
REG16BITRUN - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot - sound.drv [sound.drv]
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\system.drv InMem: 0 Det [G] PX5: D4BD27742043BEDB0DB0000478EA5C00B79BCD14
REG16BITRUN - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot - system.drv [system.drv]
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\ntvdm.exe InMem: 0 Det [G] PX5: DFD881F400018F016A4F06473E7EAA001AE7779E
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - cmdline [%SystemRoot%\system32\ntvdm.exe]
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - wowcmdline [%SystemRoot%\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386]
C:\WINDOWS\system32\krnl386.exe InMem: 0 Det [G] PX5: 01F6A66B6040DCB569EA013E85A2EE004745F621
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - wowcmdline [%SystemRoot%\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386]
C:\WINDOWS\system32\commdlg.dll InMem: 0 Det [G] PX5: D41FE74160643BD6833B006BB7E5A9004410FDC1
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\ctl3dv2.dll InMem: 0 Det [G] PX5: C84734B440655DC66A4D00304EF8AC0014627D07
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\ddeml.dll InMem: 0 Det [G] PX5: 87F926CB00F2CB349A1200182C7413003E6FB37C
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\lanman.drv InMem: 0 Det [G] PX5: A797EACD0BCFF4C3663403FC8369B500D2DCA4A2
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\netapi.dll InMem: 0 Det [G] PX5: 3B2621E2C04DF3B2A77E0156CAF52A0029A06ED9
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\olecli.dll InMem: 0 Det [G] PX5: B5F4F24400858B0246DF0121D0BC320031CB25FD
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\olesvr.dll InMem: 0 Det [G] PX5: CE221EF60049CF2B5E3B009B247C6A00F018477F
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\pmspl.dll InMem: 0 Det [G] PX5: 98CDEBDE0094268EB67200C1C6BF85009014DA93
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\shell.dll InMem: 0 Det [G] PX5: CE2E2C35000BF1E3147B0046192BB900FA35E49E
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\toolhelp.dll InMem: 0 Det [G] PX5: 87219368400265353643009B30E21C003936EBD7
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\win87em.dll InMem: 0 Det [G] PX5: 22C03F9D0005E87A34B40075B0F00E00517D625F
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\winoldap.mod InMem: 0 Det [G] PX5: E19A53B2202676D208C7002132DA8800B79BCD14
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\winsock.dll InMem: 0 Det [G] PX5: FCF9BBDC30E28D0D0BF200D9F4D9CD00B79BCD14
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\winspool.exe InMem: 0 Det [G] PX5: F5BB157440E5748C08D600021F9AD300B79BCD14
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\wowdeb.exe InMem: 0 Det [G] PX5: C1613D5DB0A80A260ABB006471357400B79BCD14
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\timer.drv InMem: 0 Det [G] PX5: 01DC5380F09B29550F040024FDB8830045F6872C
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\compobj.dll InMem: 0 Det [G] PX5: DA21156DD0BCD8E77562007DCF26A600F4FFDA3F
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\storage.dll InMem: 0 Det [G] PX5: 60BAD4D270E3252C10B800A49D4C780095AFB292
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\ole2.dll InMem: 0 Det [G] PX5: F2FC4A2A40B7B6B59BDF00629364AB00A54AED31
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\ole2disp.dll InMem: 0 Det [G] PX5: 3E66404830EBCC7296B902E3361C6400BE12EFF7
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\ole2nls.dll InMem: 0 Det [G] PX5: 09B13294B021FA9E558F026E08072F00900228B5
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\typelib.dll InMem: 0 Det [G] PX5: C0620321C004C14EB60D020DCCE16200701F9AEA
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\msvideo.dll InMem: 0 Det [G] PX5: 790EE65FC0939660F0F4012F00509C00EF668BF3
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\avifile.dll InMem: 0 Det [G] PX5: 23078576D07C879BAB0E016052733100CC123BD6
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\msacm.dll InMem: 0 Det [G] PX5: 9509859960B48961EF3C0048E192C7002EB67DBB
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\mciavi.drv InMem: 0 Det [G] PX5: 8B09E9FBC0AC80C41F5801300F1C5F00B1E6B4D8
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\mciseq.drv InMem: 0 Det [G] PX5: 6F3561B8D089079262B000F61C353D001FC85F9C
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\mciwave.drv InMem: 0 Det [G] PX5: 2D1A8D9600222A826E980084C50D45003B805765
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\avicap.dll InMem: 0 Det [G] PX5: 8D50F512B0D5AAB0126C01BC85534E00FA0EC9E8
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\mapi.dll InMem: 0 Det [G] PX5: 26070C10A0AAA3E5F53707B6FD82F000CE7ADC57
REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\ntsd.exe InMem: 0 Det [G] PX5: 834FBBDD002D211C7C10004432E9BD00FC3D4F55
REGIFEO - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a - Debugger [ntsd -d]
C:\WINDOWS\system32\mmsys.cpl InMem: 0 Det [G] PX5: 22BCF726009533B384CD093581FB0B00BBF55E93
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{00022613-0000-0000-C000-000000000046}\InprocServer32 - {00022613-0000-0000-C000-000000000046} [mmsys.cpl]
C:\WINDOWS\system32\icmui.dll InMem: 0 Det [G] PX5: 79852F4F004FA70AD8870036A8B3F300BFB6CC72
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{176d6597-26d3-11d1-b350-080036a75b03}\InprocServer32 - {176d6597-26d3-11d1-b350-080036a75b03} [icmui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{5DB2625A-54DF-11D0-B6C4-0800091AA605}\InprocServer32 - {5DB2625A-54DF-11D0-B6C4-0800091AA605} [%SystemRoot%\System32\icmui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{675F097E-4C4D-11D0-B6C1-0800091AA605}\InprocServer32 - {675F097E-4C4D-11D0-B6C1-0800091AA605} [%SystemRoot%\system32\icmui.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{DBCE2480-C732-101B-BE72-BA78E9AD5B27}\InprocServer32 - {DBCE2480-C732-101B-BE72-BA78E9AD5B27} [%SystemRoot%\system32\icmui.dll]
C:\WINDOWS\system32\rshx32.dll InMem: 0 Det [G] PX5: 8E3D69C300B1B3BBA05400C01998E00021B13B08
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{1F2E5C40-9550-11CE-99D2-00AA006E086C}\InprocServer32 - {1F2E5C40-9550-11CE-99D2-00AA006E086C} [rshx32.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}\InprocServer32 - {F37C5810-4D3F-11d0-B4BF-00AA00BBB723} [rshx32.dll]
C:\WINDOWS\system32\docprop.dll InMem: 0 Det [G] PX5: 4D155A630014F006B8E7003E1F6CD600C0918C31
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{3EA48300-8CF6-101B-84FB-666CCB9BCD32}\InprocServer32 - {3EA48300-8CF6-101B-84FB-666CCB9BCD32} [docprop.dll]
C:\WINDOWS\system32\deskadp.dll InMem: 0 Det [G] PX5: 1FEBC52C0075696A427B005EACC72200AF70D61C
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{42071712-76d4-11d1-8b24-00a0c9068ff3}\InprocServer32 - {42071712-76d4-11d1-8b24-00a0c9068ff3} [deskadp.dll]
C:\WINDOWS\system32\deskmon.dll InMem: 0 Det [G] PX5: E6AC7E1B00B4347342D70033642CB1001FC78895
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{42071713-76d4-11d1-8b24-00a0c9068ff3}\InprocServer32 - {42071713-76d4-11d1-8b24-00a0c9068ff3} [deskmon.dll]
C:\WINDOWS\system32\dssec.dll InMem: 0 Det [G] PX5: BF365090005B6ECFCC56008F370997000EDC51ED
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{4E40F770-369C-11d0-8922-00A024AB2DBB}\InprocServer32 - {4E40F770-369C-11d0-8922-00A024AB2DBB} [dssec.dll]
C:\WINDOWS\system32\SlayerXP.dll InMem: 0 Det [G] PX5: 071E70380069307964410011CDEF880004B79666
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}\InprocServer32 - {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} [SlayerXP.dll]
C:\WINDOWS\system32\shscrap.dll InMem: 0 Det [G] PX5: CEE438A6004ACC126CE400DA76EA3300F6FBD343
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{56117100-C0CD-101B-81E2-00AA004AE837}\InprocServer32 - {56117100-C0CD-101B-81E2-00AA004AE837} [shscrap.dll]
REGEXTNMAP - \REGISTRY\Machine\Software\Classes\ShellScrap\shell\open\command - [rundll32 %SystemRoot%\system32\shscrap.dll,OpenScrap_RunDLL %1]
C:\WINDOWS\system32\diskcopy.dll InMem: 0 Det [G] PX5: 74FF218D0092AEB8EC3016F62F9A37009BC24342
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{59099400-57FF-11CE-BD94-0020AF85B590}\InprocServer32 - {59099400-57FF-11CE-BD94-0020AF85B590} [diskcopy.dll]
C:\WINDOWS\system32\ntlanui2.dll InMem: 0 Det [G] PX5: 0FBD6225003D84B73AA5000A7557EF00532B5590
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{59be4990-f85c-11ce-aff7-00aa003ca9f6}\InprocServer32 - {59be4990-f85c-11ce-aff7-00aa003ca9f6} [ntlanui2.dll]
C:\WINDOWS\system32\printui.dll InMem: 0 Det [G] PX5: CFC465B500331E10BE8C08062B62D70065070AFA
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{77597368-7b15-11d0-a0c2-080036af3f03}\InprocServer32 - {77597368-7b15-11d0-a0c2-080036af3f03} [printui.dll]
C:\WINDOWS\system32\dskquoui.dll InMem: 0 Det [G] PX5: 22C011F30068927142C902641380E9009CE9DCD6
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{7988B573-EC89-11cf-9C00-00AA00A14F56}\InprocServer32 - {7988B573-EC89-11cf-9C00-00AA00A14F56} [dskquoui.dll]
C:\WINDOWS\system32\syncui.dll InMem: 0 Det [G] PX5: 32CB8DAC001BF20AF6D60250E1D558008C7994BA
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}\InprocServer32 - {85BBD920-42A0-1069-A2E4-08002B30309D} [syncui.dll]
C:\WINDOWS\System32\hticons.dll InMem: 0 Det [G] PX5: FDDAAC340069DC70AEDE004813C9AE00464F204F
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{88895560-9AA2-1069-930E-00AA0030EBC8}\InprocServer32 - {88895560-9AA2-1069-930E-00AA0030EBC8} [C:\WINDOWS\System32\hticons.dll]
C:\WINDOWS\system32\fontext.dll InMem: 0 Det [G] PX5: A9B1E4F600762191E233053033E9D8001908E1DB
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{BD84B380-8CA2-1069-AB1D-08000948F534}\InprocServer32 - {BD84B380-8CA2-1069-AB1D-08000948F534} [fontext.dll]
C:\WINDOWS\system32\deskperf.dll InMem: 0 Det [G] PX5: DEBA621400871F794A8D0005514927006E3B795A
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{f92e8c40-3d33-11d2-b1aa-080036a75b03}\InprocServer32 - {f92e8c40-3d33-11d2-b1aa-080036a75b03} [deskperf.dll]
C:\WINDOWS\system32\cryptext.dll InMem: 0 Det [G] PX5: 144B846200DE013DD4E800E6AFBAF700F56839D9
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{7444C717-39BF-11D1-8CD9-00C04FC29D45}\InprocServer32 - {7444C717-39BF-11D1-8CD9-00C04FC29D45} [C:\WINDOWS\system32\cryptext.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{7444C719-39BF-11D1-8CD9-00C04FC29D45}\InprocServer32 - {7444C719-39BF-11D1-8CD9-00C04FC29D45} [C:\WINDOWS\system32\cryptext.dll]
C:\WINDOWS\system32\wiashext.dll InMem: 0 Det [G] PX5: C96A74CF00663EB10AB209D765C2F9007A08BE3F
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{E211B736-43FD-11D1-9EFB-0000F8757FCD}\InprocServer32 - {E211B736-43FD-11D1-9EFB-0000F8757FCD} [wiashext.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}\InprocServer32 - {FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD} [wiashext.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{905667aa-acd6-11d2-8080-00805f6596d2}\InprocServer32 - {905667aa-acd6-11d2-8080-00805f6596d2} [wiashext.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{3F953603-1008-4f6e-A73A-04AAC7A992F1}\InprocServer32 - {3F953603-1008-4f6e-A73A-04AAC7A992F1} [wiashext.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{83bbcbf3-b28a-4919-a5aa-73027445d672}\InprocServer32 - {83bbcbf3-b28a-4919-a5aa-73027445d672} [wiashext.dll]
C:\WINDOWS\System32\remotepg.dll InMem: 0 Det [G] PX5: B276FC4B0072F7D1EE38004C043BDE00E8D7EAE4
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{F0152790-D56E-4445-850E-4F3117DB740C}\InprocServer32 - {F0152790-D56E-4445-850E-4F3117DB740C} [C:\WINDOWS\System32\remotepg.dll]
C:\WINDOWS\system32\wuaucpl.cpl InMem: 0 Det [G] PX5: DEC1D60858D0AD974D1603850E3A98002B746A2D
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{5F327514-6C5E-4d60-8F16-D07FA08A78ED}\InprocServer32 - {5F327514-6C5E-4d60-8F16-D07FA08A78ED} [C:\WINDOWS\system32\wuaucpl.cpl]
C:\WINDOWS\System32\wshext.dll InMem: 0 Det [G] PX5: 66026A8D0045E4F800BE0104F649E900B9F8B8B3
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{60254CA5-953B-11CF-8C96-00AA00B8708C}\InprocServer32 - {60254CA5-953B-11CF-8C96-00AA00B8708C} [C:\WINDOWS\System32\wshext.dll]
C:\WINDOWS\System32\mstask.dll InMem: 0 Det [G] PX5: 28BAE091003DDB7248B2048CE9759F0060145387
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}\InprocServer32 - {DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF} [C:\WINDOWS\System32\mstask.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}\InprocServer32 - {797F1E90-9EDD-11cf-8D8E-00AA0060F5BF} [C:\WINDOWS\System32\mstask.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{D6277990-4C6A-11CF-8D87-00AA0060F5BF}\InprocServer32 - {D6277990-4C6A-11CF-8D87-00AA0060F5BF} [C:\WINDOWS\System32\mstask.dll]
C:\WINDOWS\System32\shmedia.dll InMem: 0 Det [G] PX5: 6F935BCA00698E3154450276A47BF4000FC59B48
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}\InprocServer32 - {875CB1A1-0F29-45de-A1AE-CFB4950D0B78} [%SystemRoot%\System32\shmedia.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}\InprocServer32 - {40C3D757-D6E4-4b49-BB41-0E5BBEA28817} [%SystemRoot%\System32\shmedia.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{E4B29F9D-D390-480b-92FD-7DDB47101D71}\InprocServer32 - {E4B29F9D-D390-480b-92FD-7DDB47101D71} [%SystemRoot%\System32\shmedia.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{87D62D94-71B3-4b9a-9489-5FE6850DC73E}\InprocServer32 - {87D62D94-71B3-4b9a-9489-5FE6850DC73E} [%SystemRoot%\System32\shmedia.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{A6FD9E45-6E44-43f9-8644-08598F5A74D9}\InprocServer32 - {A6FD9E45-6E44-43f9-8644-08598F5A74D9} [%SystemRoot%\System32\shmedia.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{c5a40261-cd64-4ccf-84cb-c394da41d590}\InprocServer32 - {c5a40261-cd64-4ccf-84cb-c394da41d590} [%SystemRoot%\System32\shmedia.dll]
C:\WINDOWS\System32\sendmail.dll InMem: 0 Det [G] PX5: 89815E52001B0148D88B0081AF133A006B487C42
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}\InprocServer32 - {9E56BE60-C50F-11CF-9A2C-00A0C90A90CE} [C:\WINDOWS\System32\sendmail.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}\InprocServer32 - {9E56BE61-C50F-11CF-9A2C-00A0C90A90CE} [C:\WINDOWS\System32\sendmail.dll]
C:\WINDOWS\system32\occache.dll InMem: 0 Det [G] PX5: F10821C1000CBE9F925701EC3188C200036A2AD5
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{88C6C381-2E85-11D0-94DE-444553540000}\InprocServer32 - {88C6C381-2E85-11D0-94DE-444553540000} [C:\WINDOWS\system32\occache.dll]
C:\WINDOWS\System32\appwiz.cpl InMem: 0 Det [G] PX5: 7BF23A6100E0F96772F20888CE0D3F00288DF318
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{352EC2B7-8B9A-11D1-B8AE-006008059382}\InprocServer32 - {352EC2B7-8B9A-11D1-B8AE-006008059382} [%SystemRoot%\System32\appwiz.cpl]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{0B124F8F-91F0-11D1-B8B5-006008059382}\InprocServer32 - {0B124F8F-91F0-11D1-B8B5-006008059382} [%SystemRoot%\System32\appwiz.cpl]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{CFCCC7A0-A282-11D1-9082-006008059382}\InprocServer32 - {CFCCC7A0-A282-11D1-9082-006008059382} [%SystemRoot%\System32\appwiz.cpl]
C:\WINDOWS\System32\shimgvw.dll InMem: 0 Det [G] PX5: BF42E4FC005BE16EB66806F7E01C32002F436309
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{e84fda7c-1d6a-45f6-b725-cb260c236066}\InprocServer32 - {e84fda7c-1d6a-45f6-b725-cb260c236066} [%SystemRoot%\System32\shimgvw.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}\InprocServer32 - {66e4e4fb-f385-4dd0-8d74-a2efd1bc6178} [%SystemRoot%\System32\shimgvw.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{3F30C968-480A-4C6C-862D-EFC0897BB84B}\InprocServer32 - {3F30C968-480A-4C6C-862D-EFC0897BB84B} [C:\WINDOWS\System32\shimgvw.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{9DBD2C50-62AD-11d0-B806-00C04FD706EC}\InprocServer32 - {9DBD2C50-62AD-11d0-B806-00C04FD706EC} [C:\WINDOWS\System32\shimgvw.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{EAB841A0-9550-11cf-8C16-00805F1408F3}\InprocServer32 - {EAB841A0-9550-11cf-8C16-00805F1408F3} [C:\WINDOWS\System32\shimgvw.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}\InprocServer32 - {eb9b1153-3b57-4e68-959a-a3266bc3d7fe} [%SystemRoot%\System32\shimgvw.dll]
C:\WINDOWS\System32\netplwiz.dll InMem: 0 Det [G] PX5: C0B90A180022DF616EE40D61CC92200055AE5438
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{CC6EEFFB-43F6-46c5-9619-51D571967F7D}\InprocServer32 - {CC6EEFFB-43F6-46c5-9619-51D571967F7D} [%SystemRoot%\System32\netplwiz.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{add36aa8-751a-4579-a266-d66f5202ccbb}\InprocServer32 - {add36aa8-751a-4579-a266-d66f5202ccbb} [%SystemRoot%\System32\netplwiz.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{6b33163c-76a5-4b6c-bf21-45de9cd503a1}\InprocServer32 - {6b33163c-76a5-4b6c-bf21-45de9cd503a1} [%SystemRoot%\System32\netplwiz.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{58f1f272-9240-4f51-b6d4-fd63d1618591}\InprocServer32 - {58f1f272-9240-4f51-b6d4-fd63d1618591} [%SystemRoot%\System32\netplwiz.dll]
C:\WINDOWS\System32\zipfldr.dll InMem: 0 Det [G] PX5: ED969ADB00D5666D2CF80569EB9E87007A803837
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31}\InprocServer32 - {E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31} [%SystemRoot%\System32\zipfldr.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{BD472F60-27FA-11cf-B8B4-444553540000}\InprocServer32 - {BD472F60-27FA-11cf-B8B4-444553540000} [%SystemRoot%\System32\zipfldr.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}\InprocServer32 - {888DCA60-FC0A-11CF-8F0F-00C04FD7D062} [%SystemRoot%\System32\zipfldr.dll]
C:\WINDOWS\System32\docprop2.dll InMem: 0 Det [G] PX5: BAD4E96E0064F346BC36008E2891DB0060D308D0
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{883373C3-BF89-11D1-BE35-080036B11A03}\InprocServer32 - {883373C3-BF89-11D1-BE35-080036B11A03} [C:\WINDOWS\System32\docprop2.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{A9CF0EAE-901A-4739-A481-E35B73E47F6D}\InprocServer32 - {A9CF0EAE-901A-4739-A481-E35B73E47F6D} [C:\WINDOWS\System32\docprop2.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{8EE97210-FD1F-4B19-91DA-67914005F020}\InprocServer32 - {8EE97210-FD1F-4B19-91DA-67914005F020} [C:\WINDOWS\System32\docprop2.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}\InprocServer32 - {0EEA25CC-4362-4A12-850B-86EE61B0D3EB} [C:\WINDOWS\System32\docprop2.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{6A205B57-2567-4A2C-B881-F787FAB579A3}\InprocServer32 - {6A205B57-2567-4A2C-B881-F787FAB579A3} [C:\WINDOWS\System32\docprop2.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}\InprocServer32 - {28F8A4AC-BBB3-4D9B-B177-82BFC914FA33} [C:\WINDOWS\System32\docprop2.dll]
C:\WINDOWS\System32\dsquery.dll InMem: 0 Det [G] PX5: 97CEB5F9000C9E25AA2703A3E1CE88000E6ADB1E
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{8A23E65E-31C2-11d0-891C-00A024AB2DBB}\InprocServer32 - {8A23E65E-31C2-11d0-891C-00A024AB2DBB} [%SystemRoot%\System32\dsquery.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}\InprocServer32 - {9E51E0D0-6E0F-11d2-9601-00C04FA31A86} [%SystemRoot%\System32\dsquery.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}\InprocServer32 - {163FDC20-2ABC-11d0-88F0-00A024AB2DBB} [%SystemRoot%\System32\dsquery.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{F020E586-5264-11d1-A532-0000F8757D7E}\InprocServer32 - {F020E586-5264-11d1-A532-0000F8757D7E} [%SystemRoot%\System32\dsquery.dll]
C:\WINDOWS\System32\dsuiext.dll InMem: 0 Det [G] PX5: 6A192EC500170EFDBCEB0145A96D9300BCCCF2CE
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{0D45D530-764B-11d0-A1CA-00AA00C16E65}\InprocServer32 - {0D45D530-764B-11d0-A1CA-00AA00C16E65} [%SystemRoot%\System32\dsuiext.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{62AE1F9A-126A-11D0-A14B-0800361B1103}\InprocServer32 - {62AE1F9A-126A-11D0-A14B-0800361B1103} [%SystemRoot%\System32\dsuiext.dll]
C:\WINDOWS\msagent\agentpsh.dll InMem: 0 Det [G] PX5: 7469413C00931FFF5E8700E559045400C1A9DC6C
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{143A62C8-C33B-11D1-84FE-00C04FA34A14}\InprocServer32 - {143A62C8-C33B-11D1-84FE-00C04FA34A14} [C:\WINDOWS\msagent\agentpsh.dll]
C:\WINDOWS\System32\dfsshlex.dll InMem: 0 Det [G] PX5: C56F8BCC000B5CE570B200C57894E100F757413D
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}\InprocServer32 - {ECCDF543-45CC-11CE-B9BF-0080C87CDBA6} [C:\WINDOWS\System32\dfsshlex.dll]
C:\WINDOWS\System32\photowiz.dll InMem: 0 Det [G] PX5: B7418C4500E88487A00C02F731B52500E7F273D2
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{60fd46de-f830-4894-a628-6fa81bc0190d}\InprocServer32 - {60fd46de-f830-4894-a628-6fa81bc0190d} [%SystemRoot%\System32\photowiz.dll]
C:\WINDOWS\System32\mmcshext.dll InMem: 0 Det [G] PX5: 8A0ADE010092153AC6C80087DEA97400BEB13B83
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{7A80E4A8-8005-11D2-BCF8-00C04F72C717}\InprocServer32 - {7A80E4A8-8005-11D2-BCF8-00C04F72C717} [%SystemRoot%\System32\mmcshext.dll]
C:\WINDOWS\system32\cabview.dll InMem: 0 Det [G] PX5: 3D37E41700A8F7F74C2701763FA52300CB1B48CD
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}\InprocServer32 - {0CD7A5C0-9F37-11CE-AE65-08002B2E1262} [cabview.dll]
C:\Programmi\Outlook Express\wabfind.dll InMem: 0 Det [G] PX5: 4FBC213F00A9A845805300462EEB2700C79BF84F
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{32714800-2E5F-11d0-8B85-00AA0044F941}\InprocServer32 - {32714800-2E5F-11d0-8B85-00AA0044F941} [C:\Programmi\Outlook Express\wabfind.dll]
C:\WINDOWS\system32\wmpshell.dll InMem: 0 Det [G] PX5: A257F2F40064E0C786EE01FC6369D9002CF4EA3F
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{8DD448E6-C188-4aed-AF92-44956194EB1F}\InprocServer32 - {8DD448E6-C188-4aed-AF92-44956194EB1F} [C:\WINDOWS\system32\wmpshell.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}\InprocServer32 - {CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C} [C:\WINDOWS\system32\wmpshell.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}\InprocServer32 - {F1B9284F-E9DC-4e68-9D7E-42362A59F0FD} [C:\WINDOWS\system32\wmpshell.dll]
C:\WINDOWS\System32\twext.dll InMem: 0 Det [G] PX5: 83D6D2D5007A7A78AC5A00555BE37F0060757F73
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{596AB062-B4D2-4215-9F74-E9109B0A8153}\InprocServer32 - {596AB062-B4D2-4215-9F74-E9109B0A8153} [C:\WINDOWS\System32\twext.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{9DB7A13C-F208-4981-8353-73CC61AE2783}\InprocServer32 - {9DB7A13C-F208-4981-8353-73CC61AE2783} [C:\WINDOWS\System32\twext.dll]
C:\WINDOWS\system32\extmgr.dll InMem: 0 Det [G] PX5: D95335C800F763A908F2023BD2C33B00B858632A
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{692F0339-CBAA-47e6-B5B5-3B84DB604E87}\InprocServer32 - {692F0339-CBAA-47e6-B5B5-3B84DB604E87} [C:\WINDOWS\system32\extmgr.dll]
C:\Programmi\Windows Live\Messenger\fsshext.8.5.1302.1018.dll InMem: 0 Det [G] PX5: C50DF20B18DE433E0699056FA6DBAF006DF279E3
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}\InprocServer32 - {FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} [C:\Programmi\Windows Live\Messenger\fsshext.8.5.1302.1018.dll]
C:\WINDOWS\system32\Audiodev.dll InMem: 0 Det [G] PX5: 4BE217500087C5F13A360430E7958900806DA483
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{640167b4-59b0-47a6-b335-a6b3c0695aea}\InprocServer32 - {640167b4-59b0-47a6-b335-a6b3c0695aea} [%SystemRoot%\system32\Audiodev.dll]
C:\WINDOWS\system32\wpdshext.dll InMem: 0 Det [G] PX5: 260936F700D6CD55B83A276215529800C0FDB145
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{35786D3C-B075-49b9-88DD-029876E11C01}\InprocServer32 - {35786D3C-B075-49b9-88DD-029876E11C01} [%SystemRoot%\system32\wpdshext.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{D6791A63-E7E2-4fee-BF52-5DED8E86E9B8}\InprocServer32 - {D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} [%SystemRoot%\system32\wpdshext.dll]
C:\Programmi\File comuni\Microsoft Shared\Web Folders\MSONSEXT.DLL InMem: 0 Det [G] PX5: 4C7C6E6900057CA880F9136E5CFE40002052808A
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{BDEADF00-C265-11D0-BCED-00A0C90AB50F}\InprocServer32 - {BDEADF00-C265-11D0-BCED-00A0C90AB50F} [C:\PROGRA~1\FILECO~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL]
C:\Programmi\Microsoft Office\Office10\OLKFSTUB.DLL InMem: 0 Det [G] PX5: FC227FF6E0A3DD81DAA400D74264DD00C1DC0D52
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{0006F045-0000-0000-C000-000000000046}\InprocServer32 - {0006F045-0000-0000-C000-000000000046} [C:\Programmi\Microsoft Office\Office10\OLKFSTUB.DLL]
c:\WINDOWS\system32\dfshim.dll InMem: 0 Det [G] PX5: 5D816A89F88B3539795201C0903C31004ADCA8C6
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{e82a2d71-5b2f-43a0-97b8-81be15854de8}\InprocServer32 - {e82a2d71-5b2f-43a0-97b8-81be15854de8} [c:\WINDOWS\system32\dfshim.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75}\InprocServer32 - {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} [c:\WINDOWS\system32\dfshim.dll]
C:\Programmi\Hewlett-Packard\HP Share-to-Web\HPGS2WNS.DLL InMem: 0 Det [G] PX5: 088DF74300F4427440ED02E7681A1C00AB62E153
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{A4DF5659-0801-4A60-9607-1C48695EFDA9}\InprocServer32 - {A4DF5659-0801-4A60-9607-1C48695EFDA9} [C:\Programmi\Hewlett-Packard\HP Share-to-Web\HPGS2WNS.DLL]
C:\Programmi\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe InMem: 0 Det [G] PX5: 9E02619E80804CCE788C038096962F00585F306B
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{06A2568A-CED6-4187-BB20-400B8C02BE5A}\LocalServer32 - {06A2568A-CED6-4187-BB20-400B8C02BE5A} [C:\Programmi\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.ex]
C:\Programmi\Windows Live\Photo Gallery\PhotoViewerShim.dll InMem: 0 Det [G] PX5: 1E9BAA2A205A5A26B4B400556FDFE500DF716824
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{00F33137-EE26-412F-8D71-F84E4C2C6625}\InprocServer32 - {00F33137-EE26-412F-8D71-F84E4C2C6625} [C:\Programmi\Windows Live\Photo Gallery\PhotoViewerShim.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{00F346CB-35A4-465B-8B8F-65A29DBAB1F6}\InprocServer32 - {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} [C:\Programmi\Windows Live\Photo Gallery\PhotoViewerShim.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D}\InprocServer32 - {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} [C:\Programmi\Windows Live\Photo Gallery\PhotoViewerShim.dll]
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{00F30F90-3E96-453B-AFCD-D71989ECC2C7}\InprocServer32 - {00F30F90-3E96-453B-AFCD-D71989ECC2C7} [C:\Programmi\Windows Live\Photo Gallery\PhotoViewerShim.dll]
C:\Programmi\Real\RealOne Player\rpshell.dll InMem: 0 Det [G] PX5: CA799796409C6919F69B0065638DCA00ED2DCB6B
REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}\InprocServer32 - {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} [C:\Programmi\Real\RealOne Player\rpshell.dll]
C:\WINDOWS\System32\oobe\msoobe.exe InMem: 0 Det [GP] PX5: 5E2280790084241A6EFF001DD3F130005E74F200
REGSESSMGR - \REGISTRY\Machine\System\Setup - Cmdline [C:\WINDOWS\System32\oobe\msoobe.exe]
c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll InMem: 0 Det [G] PX5: E2013C5B089BFF1A8CEF0C4A6B2DEC00D18DCB05
REGRUNGEN - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\MiniDumpAuxiliaryDlls - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll [c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll]
C:\WINDOWS\system32\msapsspc.dll InMem: 0 Det [G] PX5: 8C479BBA0065475850000105207F00002CA02E51
REGRUNGEN - \REGISTRY\Machine\System\CurrentControlSet\Control\SecurityProviders - SecurityProviders [msapsspc.dll]
C:\WINDOWS\system32\digest.dll InMem: 0 Det [G] PX5: 2283761F0087EB020C9B01CC3CCBC600B4AB6B96
REGRUNGEN - \REGISTRY\Machine\System\CurrentControlSet\Control\SecurityProviders - SecurityProviders [msapsspc.dll]
C:\WINDOWS\system32\msnsspc.dll InMem: 0 Det [G] PX5: 5FC3C3D6008FE4D0702D042D3521CB003038EB19
REGRUNGEN - \REGISTRY\Machine\System\CurrentControlSet\Control\SecurityProviders - SecurityProviders [msapsspc.dll]
C:\Programmi\Adobe\Reader 8.0\Reader\pdfprevhndlrshim.exe InMem: 0 Det [G] PX5: 623D7460882DBAFD90910060B8205E0036350873
REGRUNGEN - \REGISTRY\Machine\Software\Classes\CLSID\{49400A7C-81A8-4F52-8CCE-D54739EE87EC}\LocalServer32 - {49400A7C-81A8-4F52-8CCE-D54739EE87EC} ["C:\Programmi\Adobe\Reader 8.0\Reader\pdfprevhndlrshim.exe"]
C:\Programmi\Adobe\Reader 8.0\Reader\pdfprevhndlr.dll InMem: 0 Det [G] PX5: 3BD592F470063CF846ED01556DDA8700DCEF7EC5
REGRUNGEN - \REGISTRY\Machine\Software\Classes\CLSID\{DC6EFB56-9CFA-464D-8880-44885D7DC193}\InprocServer32 - {DC6EFB56-9CFA-464D-8880-44885D7DC193} [C:\Programmi\Adobe\Reader 8.0\Reader\pdfprevhndlr.dll]
C:\WINDOWS\Resources\themes\Luna\Luna.msstyles InMem: 0 Det [G] PX5: D4AC08E190E1815FF0763FFB772E82003759142D
REGRUNGEN - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Themes - InstallVisualStyle [%SystemRoot%\Resources\themes\Luna\Luna.msstyles]
C:\WINDOWS\system32\rdpclip.exe InMem: 0 Det [G] PX5: 3129DB34009CADCFF4300018D68AB90013FA4372
REGTERM - \REGISTRY\Machine\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd - StartupPrograms [rdpclip]
C:\WINDOWS\system32\rdpwsx.dll InMem: 0 Det [G] PX5: 2D4F90888862EA65546401DF11DAFF009FB4CACF
REGTERM - \REGISTRY\Machine\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd - WsxDll [rdpwsx]
C:\WINDOWS\system32\RDPCFGEX.DLL InMem: 0 Det [G] PX5: 648184F200AE0568123C00C1F661D900A8042FB8
REGTERM - \REGISTRY\Machine\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd - CfgDll [RDPCFGEX.DLL]
C:\WINDOWS\system32\cmd.exe InMem: 0 Det [G] PX5: 174F65020044C14C121406F23AA7F300C65DE81F
REGTELNET - \REGISTRY\Machine\Software\Microsoft\TelnetServer\1.0 - DefaultShell [cmd.exe]
REGTELNET - \REGISTRY\Machine\Software\Microsoft\TelnetServer\Defaults - DefaultShell [cmd.exe]
REGSAFESEC - \REGISTRY\Machine\System\CurrentControlSet\Control\SafeBoot - AlternateShell [cmd.exe]
C:\WINDOWS\system32\rdpsnd.dll InMem: 0 Det [G] PX5: 34FBA65500CFB6AF4EE7003742BB470065937B12
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP - wave [rdpsnd.dll]
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP - mixer [rdpsnd.dll]
C:\WINDOWS\system32\imaadp32.acm InMem: 0 Det [G] PX5: 528D926A00EB3B4A408A0067B777E0007219DE4B
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - msacm.imaadpcm [imaadp32.acm]
C:\WINDOWS\system32\msadp32.acm InMem: 0 Det [G] PX5: 9896734D003A7B4A3AD6001B2D129300C6CAD27F
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - msacm.msadpcm [msadp32.acm]
C:\WINDOWS\system32\msg711.acm InMem: 0 Det [G] PX5: 98836843004ECD5624170012D62AF300ADA7FDE1
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - msacm.msg711 [msg711.acm]
C:\WINDOWS\system32\msgsm32.acm InMem: 0 Det [G] PX5: 7715C6930008610D4E5300A5AC1D5400348AB758
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - msacm.msgsm610 [msgsm32.acm]
C:\WINDOWS\system32\tssoft32.acm InMem: 0 Det [G] PX5: 9DB260C30072F5C620530046E6B0DC000EF1898D
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - msacm.trspch [tssoft32.acm]
C:\WINDOWS\system32\iccvid.dll InMem: 0 Det [G] PX5: 0CEE20B80002FE623A80014E667E0900EDC97E34
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - vidc.cvid [iccvid.dll]
C:\WINDOWS\system32\msh263.drv InMem: 0 Det [G] PX5: D1EBECF00092F1C390AB04548720B200A8771D55
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - vidc.I420 [msh263.drv]
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - vidc.M263 [msh263.drv]
C:\WINDOWS\system32\ir32_32.dll InMem: 0 Det [G] PX5: 48C6FD2800CF7D770AB40340E9EE0B00336C0935
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - vidc.iv31 [ir32_32.dll]
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - vidc.iv32 [ir32_32.dll]
C:\WINDOWS\system32\ir41_32.dll InMem: 0 Det [G] PX5: 53016E6C008B4CFD8CEC0BD2DE1C9F0008946B18
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - vidc.iv41 [ir41_32.dll]
C:\WINDOWS\system32\iyuv_32.dll InMem: 0 Det [G] PX5: 8D2F485A000F6953BA8B00EF89F3AE0028DCEE98
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - vidc.iyuv [iyuv_32.dll]
C:\WINDOWS\system32\msrle32.dll InMem: 0 Det [G] PX5: 6AD29AC5008293D12C2D00B216F74700B26503F0
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - vidc.mrle [msrle32.dll]
C:\WINDOWS\system32\msvidc32.dll InMem: 0 Det [G] PX5: CE4E524C0073A8EC64FF00E1300C68000D8D97A8
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - vidc.msvc [msvidc32.dll]
C:\WINDOWS\system32\msyuv.dll InMem: 0 Det [G] PX5: 92EC75E800DB9BE5440C000A47ABC3009642377A
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - vidc.uyvy [msyuv.dll]
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - vidc.yuy2 [msyuv.dll]
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - vidc.yvyu [msyuv.dll]
C:\WINDOWS\system32\tsbyuv.dll InMem: 0 Det [G] PX5: 86646A040019522320A100B4BB4D900094B11477
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - vidc.yvu9 [tsbyuv.dll]
C:\WINDOWS\system32\msg723.acm InMem: 0 Det [G] PX5: 11020CC8008FB79ED00601EAD6C03900AA679A83
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - msacm.msg723 [msg723.acm]
C:\WINDOWS\system32\msh261.drv InMem: 0 Det [G] PX5: A41AA5420008DA3EF0B402388EE55600B25D24F8
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - vidc.M261 [msh261.drv]
C:\WINDOWS\system32\msaud32.acm InMem: 0 Det [G] PX5: C38F33CC0026C9E080B10460DFC46F004CE633B9
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - msacm.msaudio1 [msaud32.acm]
C:\WINDOWS\system32\sl_anet.acm InMem: 0 Det [G] PX5: 3DA8D952002B67BF508D01A57E615F00B2B2EA92
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - msacm.sl_anet [sl_anet.acm]
C:\WINDOWS\System32\iac25_32.ax InMem: 0 Det [G] PX5: D062C8E7003B5A390C1703C014BB9700CE1BED53
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - msacm.iac2 [C:\WINDOWS\System32\iac25_32.ax]
C:\WINDOWS\system32\ir50_32.dll InMem: 0 Det [G] PX5: 8FA030FE0030B5D3865F0B4087D0420068F6854C
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - vidc.iv50 [ir50_32.dll]
C:\WINDOWS\system32\sirenacm.dll InMem: 0 Det [G] PX5: D01DBF2E18E92E5EC8BB00E30F80AB0018A4C148
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - msacm.siren [sirenacm.dll]
C:\WINDOWS\system32\mpg4c32.dll InMem: 0 Det [G] PX5: 05FD8AD84072E10450C106E8D49CCF005E072D5B
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - VIDC.MPG4 [mpg4c32.dll]
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - VIDC.MP42 [mpg4c32.dll]
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - vidc.mp43 [mpg4c32.dll]
C:\WINDOWS\system32\xvidvfw.dll InMem: 0 Det [G] PX5: EEC1C1CF006B507E205902D35DF7EA00DF04A594
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - vidc.XVID [xvidvfw.dll]
C:\WINDOWS\system32\ac3filter.acm InMem: 0 Det [G] PX5: 1A29433400DBB250D0DF059C6345480048BA896B
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - msacm.ac3filter [ac3filter.acm]
C:\WINDOWS\system32\vct3216.acm InMem: 0 Det [G] PX5: A8B5CFD700A70B57440E012658B30500CBDE42E1
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - msacm.voxacm160 [vct3216.acm]
C:\WINDOWS\system32\scg726.acm InMem: 0 Det [G] PX5: 5F44D1F8B7CE296F337E00A5C951FE007B5C9F1A
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - msacm.scg726 [scg726.acm]
C:\WINDOWS\system32\alf2cd.acm InMem: 0 Det [G] PX5: CC3B55D5003C64F0984800E0ABECCF009D0F31C1
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - msacm.alf2cd [alf2cd.acm]
C:\WINDOWS\system32\AC3ACM.acm InMem: 0 Det [G] PX5: 6732A8410031C4E5408A010540795E00978E7D0E
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - msacm.ac3acm [AC3ACM.acm]
C:\WINDOWS\system32\mcdvd_32.dll InMem: 0 Det [G] PX5: 8A83029A009C0AD6FE2403290B03B700D71B25C4
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - vidc.dvsd [mcdvd_32.dll]
C:\WINDOWS\system32\wmv9vcm.dll InMem: 0 Det [G] PX5: C4DDA01B0064BC149AC81571BE5FE000F8792E9C
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - VIDC.WMV3 [wmv9vcm.dll]
C:\WINDOWS\system32\DivX.dll InMem: 0 Det [GP] PX5: 1D264D35003C5DF76A2F0A75806D1D009624F62B
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - vidc.DIVX [DivX.dll]
REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - vidc.yv12 [DivX.dll]
C:\WINDOWS\system32\JAVASUP.VXD InMem: 0 Det [G] PX5: 99B75F2393917E501C450098C8A2BA0043E75EB1
REGDRIVER - \REGISTRY\Machine\System\CurrentControlSet\Services\VXD\JAVASUP - StaticVxD [JAVASUP.VXD]
C:\WINDOWS\system32\rsvpsp.dll InMem: 0 Det [G] PX5: 316FAA8C007F4493605401B98234D5008F685EE8
REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004 - PackedCatalogItem [%SystemRoot%\system32\rsvpsp.dll]
REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005 - PackedCatalogItem [%SystemRoot%\system32\rsvpsp.dll]
C:\WINDOWS\system32\ipxrip.dll InMem: 0 Det [G] PX5: 859821B9009D40A9548200AD83A363008B36EF0D
REGROUTER - \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ipx\IPXRIP - DllName [ipxrip.dll]
C:\WINDOWS\system32\ipxsap.dll InMem: 0 Det [G] PX5: 85797B9500D099280499015DBB948C00AAAAF548
REGROUTER - \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ipx\IPXSAP - DllName [ipxsap.dll]
C:\WINDOWS\System32\iprtrmgr.dll InMem: 0 Det [G] PX5: D40494A6008ED12A98FE023AAD1857000DD8C7B5
REGROUTER - \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip - DllPath [%SystemRoot%\System32\iprtrmgr.dll]
C:\WINDOWS\System32\ipxrtmgr.dll InMem: 0 Det [G] PX5: 4718448E00AA1CC09C1B00C6E262700012078A35
REGROUTER - \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ipx - DllPath [%SystemRoot%\System32\ipxrtmgr.dll]
C:\Programmi\File comuni\Microsoft Shared\Speech\sapi.cpl InMem: 0 Det [G] PX5: 4B95DF2F0028608F7026024663B5470081E40772
REGCPL - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls - Speech [C:\Programmi\File comuni\Microsoft Shared\Speech\sapi.cpl]
C:\WINDOWS\system32\Firewall.cpl InMem: 0 Det [G] PX5: C6AD4E5900619E5B3AA801566FFF65004318E0B5
REGCPL - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls - Internet Connection Firewall [Firewall.cpl]
C:\WINDOWS\system32\NetSetup.cpl InMem: 0 Det [G] PX5: 1727E2B500CA6EDF648A0091303FF7003D7EE312
REGCPL - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls - NetSetupWizard [NetSetup.cpl]
C:\Programmi\Nokia\Nokia PC Suite 6\ConnectionManager.cpl InMem: 0 Det [G] PX5: BC3935B600233B6468D10075EAAF3600D3A273B1
REGCPL - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls - NokiaConnectionManager [C:\PROGRA~1\Nokia\NOKIAP~1\CONNEC~1.CPL]
C:\WINDOWS\system32\Magnify.exe InMem: 0 Det [G] PX5: 8FD0DD1200F1CC211E520147693D72005CC20F83
REGUTIL - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Accessibility\Utility Manager\Magnifier - Application path [Magnify.exe]
C:\WINDOWS\system32\osk.exe InMem: 0 Det [G] PX5: 865A974F008F100B4EF6035F16FFB2007D13E899
REGUTIL - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Accessibility\Utility Manager\On-Screen Keyboard - Application path [osk.exe]
C:\Programmi\File comuni\Microsoft Shared\Grphflt\GIFIMP32.FLT InMem: 0 Det [G] PX5: 3DEC54433074811FBFA9022B18119700DEA3DE06
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Export\GIF - Path [C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\GIFIMP32.FLT]
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\GIF - Path [C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\GIFIMP32.FLT]
C:\Programmi\File comuni\Microsoft Shared\Grphflt\JPEGIM32.FLT InMem: 0 Det [G] PX5: 561D8D31584B04827C1102EBE625B600DEC6EAF4
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Export\JPEG - Path [C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\JPEGIM32.FLT]
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\JPEG - Path [C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\JPEGIM32.FLT]
C:\Programmi\File comuni\Microsoft Shared\Grphflt\PNG32.FLT InMem: 0 Det [G] PX5: 2A800F6C30ACB42F2197032C1B620D001AFB5E37
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Export\PNG - Path [C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\PNG32.FLT]
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\PNG - Path [C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\PNG32.FLT]
C:\Programmi\File comuni\Microsoft Shared\Grphflt\TIFFIM32.FLT InMem: 0 Det [G] PX5: 6A65288600710C5E10250304BA3E68002583ACD3
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Export\TIFF - Path [C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\TIFFIM32.FLT]
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\TIFF - Path [C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\TIFFIM32.FLT]
C:\Programmi\File comuni\Microsoft Shared\Grphflt\WPGEXP32.FLT InMem: 0 Det [G] PX5: AD28D8EA00A2E2DE50320171DF11DA000A8ED846
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Export\WPG - Path [C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\WPGEXP32.FLT]
C:\Programmi\File comuni\Microsoft Shared\Grphflt\BMPIMP32.FLT InMem: 0 Det [G] PX5: 93747641008297F45017019294DF89004BA0EA98
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\BMP - Path [C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\BMPIMP32.FLT]
C:\Programmi\File comuni\Microsoft Shared\Grphflt\CDRIMP32.FLT InMem: 0 Det [G] PX5: 08219BE2581A9C48DAA4068E99590D00DEE0B657
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\CDR - Path [C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\CDRIMP32.FLT]
C:\Programmi\File comuni\Microsoft Shared\Grphflt\CGMIMP32.FLT InMem: 0 Det [G] PX5: 2EA2961858E8E56258270406A6CCE000ADE48AAF
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\CGM - Path [C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\CGMIMP32.FLT]
C:\Programmi\File comuni\Microsoft Shared\Grphflt\EPSIMP32.FLT InMem: 0 Det [G] PX5: 32EC21B05869C5577E1F0662DE1C0A0072491BA6
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\EPS - Path [C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\EPSIMP32.FLT]
C:\Programmi\File comuni\Microsoft Shared\Grphflt\FPX32.FLT InMem: 0 Det [G] PX5: C5889C0C0054E9ECC0AF17A09E00EE00C55F9AFC
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\FPX - Path [C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\FPX32.FLT]
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\MIX - Path [C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\FPX32.FLT]
C:\Programmi\File comuni\Microsoft Shared\Grphflt\PCDIMP32.FLT InMem: 0 Det [G] PX5: 81D40021C0550913EA7C00520E003800EE4B74D9
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\PCD - Path [C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\PCDIMP32.FLT]
C:\Programmi\File comuni\Microsoft Shared\Grphflt\PCXIMP32.FLT InMem: 0 Det [G] PX5: 786B79BE0043616D4033013060AF85003F0FC68D
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\PCX - Path [C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\PCXIMP32.FLT]
C:\Programmi\File comuni\Microsoft Shared\Grphflt\PICTIM32.FLT InMem: 0 Det [G] PX5: 2B3FBA5458C98F78F08400114D3B6600CE83D717
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\PICT - Path [C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\PICTIM32.FLT]
C:\Programmi\File comuni\Microsoft Shared\Grphflt\WMFIMP32.FLT InMem: 0 Det [G] PX5: 971F6A2B00A27CEF908B002DDDE82A00B908A952
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\WMF - Path [C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\WMFIMP32.FLT]
C:\Programmi\File comuni\Microsoft Shared\Grphflt\WPGIMP32.FLT InMem: 0 Det [G] PX5: 5772631F58B5A2FFB88401F208DE130083E2EA0D
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\WPG - Path [C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\WPGIMP32.FLT]
C:\Programmi\File comuni\Microsoft Shared\MSInfo\ieinfo5.ocx InMem: 0 Det [G] PX5: D9CCCE7600AE330472C5014263EDAE006E08A176
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSInfo\Templates\ieinfo5 - [C:\Programmi\File comuni\Microsoft Shared\MSInfo\ieinfo5.ocx]
C:\Programmi\File comuni\Microsoft Shared\MSInfo\MSIOFF10.OCX InMem: 0 Det [G] PX5: 594282EE0058D082A094069985DDC9007700217D
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSInfo\Templates\msioff10 - [C:\PROGRA~1\FILECO~1\MICROS~1\Msinfo\MSIOFF10.OCX]
C:\Programmi\File comuni\Microsoft Shared\MSInfo\MSInfo32.exe InMem: 0 Det [G] PX5: DCC20BBB0036A3BB9EFA00953DF8F200E6CDE36A
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSInfo - Path [C:\Programmi\File comuni\Microsoft Shared\MSInfo\MSInfo32.exe]
C:\Programmi\Microsoft Office\Office10\MSQRY32.EXE InMem: 0 Det [G] PX5: D8DDCED138F5C45B4A0D0B34170ADD006DE9CF26
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSQuery - Path [C:\PROGRA~1\MICROS~2\Office10\MSQRY32.EXE]
C:\Programmi\File comuni\Microsoft Shared\TextConv\html32.cnv InMem: 0 Det [G] PX5: 4D9506A9385CE7D6C22D044B3348F800EABDC1BF
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\HTML - Path [C:\Programmi\File comuni\Microsoft Shared\TextConv\html32.cnv]
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\HTML - Path [C:\Programmi\File comuni\Microsoft Shared\TextConv\html32.cnv]
C:\Programmi\File comuni\Microsoft Shared\TextConv\WRD6EX32.CNV InMem: 0 Det [G] PX5: 9EF728AE00C58DD2B08410F920658800EA5D0276
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\MSWord6Exp - Path [C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\WRD6EX32.CNV]
C:\Programmi\File comuni\Microsoft Shared\TextConv\WRD6ER32.CNV InMem: 0 Det [G] PX5: C22C201100EFB7579AD700F939686B00B4A10B83
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\MSWord6RTFExp - Path [C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\WRD6ER32.CNV]
C:\Programmi\File comuni\Microsoft Shared\TextConv\MACWRD32.CNV InMem: 0 Det [G] PX5: 87D8F47F00C3BB7728E003635229F400D4781807
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\MSWordMac4 - Path [C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\MACWRD32.CNV]
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\MSWordMac5 - Path [C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\MACWRD32.CNV]
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\MSWordMac51 - Path [C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\MACWRD32.CNV]
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWordMac - Path [C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\MACWRD32.CNV]
C:\Programmi\File comuni\Microsoft Shared\TextConv\WNWRD232.CNV InMem: 0 Det [G] PX5: 2BDF980F00193A16302F03FA6F2D9900E57E9ED2
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\MSWordWin2 - Path [C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\WNWRD232.CNV]
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWordWin2 - Path [C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\WNWRD232.CNV]
C:\Programmi\File comuni\Microsoft Shared\TextConv\WORKS432.CNV InMem: 0 Det [G] PX5: 6FFFA7710000B9E8201804DD699F370088265D70
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\MSWorksWin4 - Path [C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\WORKS432.CNV]
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWorksWin4 - Path [C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\WORKS432.CNV]
C:\Programmi\File comuni\Microsoft Shared\TextConv\WORKS532.CNV InMem: 0 Det [G] PX5: 4981BE5640FD4C23D0A000D8B66B290098B37F7B
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\MSWorksWin5 - Path [C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\WORKS532.CNV]
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWorksWin5 - Path [C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\WORKS532.CNV]
C:\Programmi\File comuni\Microsoft Shared\TextConv\WPFT532.CNV InMem: 0 Det [G] PX5: 02F0535EE07EA7409A43028557AD6800DEE2BFB2
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\WrdPrfctDat - Path [C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\WPFT532.CNV]
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\WrdPrfctDat50 - Path [C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\WPFT532.CNV]
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\WrdPrfctDOS50 - Path [C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\WPFT532.CNV]
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\WrdPrfctDOS51 - Path [C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\WPFT532.CNV]
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\WrdPrfctWin - Path [C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\WPFT532.CNV]
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\WrdPrfctDos - Path [C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\WPFT532.CNV]
C:\Programmi\File comuni\Microsoft Shared\TextConv\LOTUS32.CNV InMem: 0 Det [G] PX5: 9E6FBAEB007F0979C8A60102158E26004800BC2C
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\Lotus123 - Path [C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\LOTUS32.CNV]
C:\Programmi\File comuni\Microsoft Shared\TextConv\EXCEL32.CNV InMem: 0 Det [G] PX5: 704A8728007B1BFD60FA029E8725FD00F40319BC
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSBiff - Path [C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\EXCEL32.CNV]
C:\Programmi\File comuni\Microsoft Shared\TextConv\write32.wpc InMem: 0 Det [G] PX5: 71A6A3C449C4AC08B01A01656F55D100B9B2E691
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWinWrite.wpc - Path [C:\Programmi\File comuni\Microsoft Shared\TextConv\write32.wpc]
C:\Programmi\File comuni\Microsoft Shared\TextConv\MSWRD632.CNV InMem: 0 Det [G] PX5: 417C23C900BA5AE0485702F2E91DAA00C9EA8DFC
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWord6 - Path [C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\MSWRD632.CNV]
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWordJ6 - Path [C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\MSWRD632.CNV]
C:\Programmi\File comuni\Microsoft Shared\TextConv\mswrd632.wpc InMem: 0 Det [G] PX5: 255241CE4A8E0D0D40E903D813E15E00D95525A3
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWord6.wpc - Path [C:\Programmi\File comuni\Microsoft Shared\TextConv\mswrd632.wpc]
C:\Programmi\File comuni\Microsoft Shared\TextConv\MSWRD832.CNV InMem: 0 Det [G] PX5: 6C2F7F9458015FF64E040324CD763100F5986932
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWord8 - Path [C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\MSWRD832.CNV]
C:\Programmi\File comuni\Microsoft Shared\TextConv\RECOVR32.CNV InMem: 0 Det [G] PX5: A0E75DBF5869DD1778C700BCF0A48A00305991ED
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\Recover - Path [C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\RECOVR32.CNV]
C:\Programmi\File comuni\Microsoft Shared\TextConv\WPFT632.CNV InMem: 0 Det [G] PX5: A8FF1A5B002A6FA52680035F63D0EE0083607E95
REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\WordPerfect6x - Path [C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\WPFT632.CNV]
C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll InMem: 0 Det [G] PX5: E976291210AB89335C4C02A35457A4000E35BD6B
REGEXPSHELL - \REGISTRY\Machine\Software\Classes\CLSID\{5F7B1267-94A9-47F5-98DB-E99415F33AEC}\InprocServer32 - ClsidExtension [C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll]
C:\WINDOWS\Network Diagnostic\xpnetdiag.exe InMem: 0 Det [G] PX5: 6E52CD7800F62BCA82480884AE41CB00F32ECB92
REGEXPSHELL - \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - Exec [%windir%\Network Diagnostic\xpnetdiag.exe]
C:\WINDOWS\system32\mshta.exe InMem: 0 Det [G] PX5: 718367AA002A4EB4B2EB00A2C177ED00FAF63606
REGEXTNMAP - \REGISTRY\Machine\Software\Classes\htafile\shell\open\command - [C:\WINDOWS\system32\mshta.exe "%1" %*]
C:\WINDOWS\System32\WScript.exe InMem: 0 Det [G] PX5: 4850A70600D60426C0410166FCF6E000B918B6A5
REGEXTNMAP - \REGISTRY\Machine\Software\Classes\VBSFile\shell\open\command - [%SystemRoot%\System32\WScript.exe "%1" %*]
REGEXTNMAP - \REGISTRY\Machine\Software\Classes\VBEFile\shell\open\command - [%SystemRoot%\System32\WScript.exe "%1" %*]
REGEXTNMAP - \REGISTRY\Machine\Software\Classes\WSHFile\shell\open\command - [%SystemRoot%\System32\WScript.exe "%1" %*]
REGEXTNMAP - \REGISTRY\Machine\Software\Classes\WSFFile\shell\open\command - [%SystemRoot%\System32\WScript.exe "%1" %*]
REGEXTNMAP - \REGISTRY\Machine\Software\Classes\JSEFile\shell\open\command - [%SystemRoot%\System32\WScript.exe "%1" %*]
REGEXTNMAP - \REGISTRY\Machine\Software\Classes\JSFile\shell\open\command - [%SystemRoot%\System32\WScript.exe "%1" %*]
C:\WINDOWS\system32\mmc.exe InMem: 0 Det [G] PX5: C6EB514E00915CDD74820CD0EB0CF8007694B8C8
REGEXTNMAP - \REGISTRY\Machine\Software\Classes\MSCFile\shell\open\command - [%SystemRoot%\system32\mmc.exe "%1" %*]
C:\Programmi\Outlook Express\msimn.exe InMem: 0 Det [G] PX5: C590CE8500B66EAEEC1A000D7D657F00AB8E0704
REGEXTNMAP - \REGISTRY\Machine\Software\Classes\mailto\shell\open\command - ["%ProgramFiles%\Outlook Express\msimn.exe" /mailurl:%1]
C:\Programmi\Adobe\Photoshop Album Starter Edition\3.2\Apps\Photoshop Album Starter Edition.exe InMem: 0 Det [G] PX5: C27E2495E0E96C77C8BD25E50F2249005682EBF2
C:\Programmi\Adobe\Reader 8.0\Reader\AcroRd32.exe InMem: 0 Det [G] PX5: 14B1D57F70D4C970368E05E929733300A0A3AB98
C:\Programmi\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe InMem: 0 Det [G] PX5: C36A6703002A6087503F016F70E93F00065301A8
C:\Programmi\DivX\DivX Player\DivX Player.exe InMem: 0 Det [GP] PX5: 173AC4B60004E78B10EA1840D8CDF900843B7143
C:\Programmi\eMule\emule.exe InMem: 0 Det [G] PX5: F4CAA4D10000FC69C0615223DB21F700D35B1873
C:\Programmi\Hewlett-Packard\Digital Imaging\bin\Hpqdirec.exe InMem: 0 Det [G] PX5: C65F41950052605590C1014E5A98DA00B155AE92
C:\Programmi\PIXELA\ImageMixer for HDD Camcorder\IMx3Launcher.exe InMem: 0 Det [G] PX5: 93C78338001B2E1E90391C2225908600DD75BBC0
C:\Programmi\Ahead\Nero StartSmart\NeroStartSmart.exe InMem: 0 Det [G] PX5: ABFD06F056B7B25DD0D148C46C5AB5009E06E562
C:\Programmi\PC Inspector File Recovery\Filerecovery.exe InMem: 0 Det [G] PX5: 0C94ABBC0059733F1AC43DFAB640AC001D4A246A
C:\Programmi\QuickTime\QuickTimePlayer.exe InMem: 0 Det [G] PX5: 55BC3596001740AD20811039783E6C0028BE40E4
C:\Programmi\Real\RealOne Player\realplay.exe InMem: 0 Det [G] PX5: 0C1E369E20398A13461A03766D1003003D985C71
C:\Programmi\Winamp\winamp.exe InMem: 0 Det [G] PX5: 9F70A1CC007668E1429614DF02CAD200DCFD97F9
C:\Programmi\Windows Live\Messenger\msnmsgr.exe InMem: 0 Det [G] PX5: 9F7BD34318B93D125835572E81D4C6007F71C9FD
C:\WINDOWS\system32\drivers\aavmker4.sys InMem: 0 Det [G] PX5: 8E3B352F402BDBFD692F008515D39500921A702A
C:\WINDOWS\system32\drivers\acpiec.sys InMem: 0 Det [G] PX5: F21BE3DC800E8A0A2F3C009238A73C008905B399
C:\WINDOWS\system32\drivers\adv01nt5.dll InMem: 0 Det [G] PX5: F9F8AA129FE59D6310B9000675F470005B49B243
C:\WINDOWS\system32\drivers\adv02nt5.dll InMem: 0 Det [G] PX5: 8EB38BE07FDDC0120F9E000AA4799100B79BCD14
C:\WINDOWS\system32\drivers\adv05nt5.dll InMem: 0 Det [G] PX5: 832FB9491F5FAE6F0E850064C747A300B79BCD14
C:\WINDOWS\system32\drivers\adv07nt5.dll InMem: 0 Det [G] PX5: 543580EE3FE9D8490E62007237BC3800B79BCD14
C:\WINDOWS\system32\drivers\adv08nt5.dll InMem: 0 Det [G] PX5: 3401CA303F43096C0C4D007CEFDEDA00B79BCD14
C:\WINDOWS\system32\drivers\adv09nt5.dll InMem: 0 Det [G] PX5: 9AD87CF17F15D57C0E24009CF6F77300B79BCD14
C:\WINDOWS\system32\drivers\adv11nt5.dll InMem: 0 Det [G] PX5: 58C143E4BF59236B0E0B00C59499E000B79BCD14
C:\WINDOWS\system32\drivers\AFS2K.SYS InMem: 0 Det [G] PX5: 8B5C05DACCA101F54121013838FCF600FB3DA469
C:\WINDOWS\system32\drivers\agp440.sys InMem: 0 Det [G] PX5: 92796BB0806349F8A56F00F55D76CD00994ACF2C
C:\WINDOWS\system32\drivers\agpcpq.sys InMem: 0 Det [G] PX5: 3C2A452B80CBBE67AF240060110ED700A72F812A
C:\WINDOWS\system32\drivers\alcacr.sys InMem: 0 Det [G] PX5: BD33A0F1806E54170F470079663BC200B79BCD14
C:\WINDOWS\system32\drivers\alcawh.sys InMem: 0 Det [G] PX5: 9ED4534DA0E723E5149B002E5C431300499E3B47
C:\WINDOWS\system32\drivers\alim1541.sys InMem: 0 Det [G] PX5: 9F57E1E200726D99A7A3005976AF050033F652A1
C:\WINDOWS\system32\drivers\amdagp.sys InMem: 0 Det [G] PX5: E6EB08360057179FA86C00430CC3010056444678
C:\WINDOWS\system32\drivers\amdk6.sys InMem: 0 Det [G] PX5: 4242D904806C60F8A08300740C09B400A99A704A
C:\WINDOWS\system32\drivers\amdk7.sys InMem: 0 Det [G] PX5: EABF85AE00CF7D2BA2F600B95331A000E92CF98B
C:\WINDOWS\system32\drivers\arp1394.sys InMem: 0 Det [G] PX5: E79B803D809043E9ED9C00655C5EAE00E1E46E49
C:\WINDOWS\system32\drivers\ASUSHWIO.SYS InMem: 0 Det [G] PX5: A73AAFA5C01706ED1657005184698A000DFF3991
C:\WINDOWS\system32\drivers\aswmon.sys InMem: 0 Det [G] PX5: A3ED5EA1501872D26C00012D259518007EAC2B55
C:\WINDOWS\system32\drivers\aswmon2.sys InMem: 0 Det [G] PX5: EC15B441D0A0A46B70E001794EEA5100B745D47B
C:\WINDOWS\system32\drivers\aswRdr.sys InMem: 0 Det [G] PX5: 48D9ACAE70B2FC9A5A5300E19F6A9200D7D363C0
C:\WINDOWS\system32\drivers\aswSP.sys InMem: 0 Det [G] PX5: DDC45B8A503427CF32F201267D013F00A88F18F9
C:\WINDOWS\system32\drivers\aswTdi.sys InMem: 0 Det [G] PX5: DC15AC11A0115A59A71900A9DB1EAC0003EE48AC
C:\WINDOWS\system32\drivers\ati1btxx.sys InMem: 0 Det [G] PX5: 9CA86B132F837EAADD9A003E210F24004C5E2C40
C:\WINDOWS\system32\drivers\ati1mdxx.sys InMem: 0 Det [G] PX5: 9A0348305FAB82F42D270060B8503E0045CF641B
C:\WINDOWS\system32\drivers\ati1pdxx.sys InMem: 0 Det [G] PX5: E991404B0FFD6FF82F7000461A312B002816CEC0
C:\WINDOWS\system32\drivers\ati1raxx.sys InMem: 0 Det [G] PX5: D7E83838CFFBCC21778E006C6ECA69008610B277
C:\WINDOWS\system32\drivers\ati1rvxx.sys InMem: 0 Det [G] PX5: 791DC4AAAF43CE30F814008CD5B52900B5EE141F
C:\WINDOWS\system32\drivers\ati1snxx.sys InMem: 0 Det [G] PX5: B555A9DCFFB1FA6F666D00BC1653D600EE3B9E3F
C:\WINDOWS\system32\drivers\ati1ttxx.sys InMem: 0 Det [G] PX5: 9031E7695FDBA0F15365004FF9F694004110881D
C:\WINDOWS\system32\drivers\ati1tuxx.sys InMem: 0 Det [G] PX5: 6F56F7AF6FA57A868E0B00B0DBF03B006604A40C
C:\WINDOWS\system32\drivers\ati1xbxx.sys InMem: 0 Det [G] PX5: 50BEFAA40FC66AE3731C0014DEE71F00327B8872
C:\WINDOWS\system32\drivers\ati1xsxx.sys InMem: 0 Det [G] PX5: 725DA013AF89D09387CF00DFF7253B006BDDF179
C:\WINDOWS\system32\drivers\ati2erec.dll InMem: 0 Det [G] PX5: 98D8EE9500976BBBA0710014BADC76000F88E260
C:\WINDOWS\system32\drivers\ati2mtaa.sys InMem: 0 Det [G] PX5: 0FF8649100F26F76FEF504C73380B900C47D5F6A
C:\WINDOWS\system32\drivers\atinbtxx.sys InMem: 0 Det [G] PX5: 734A4454007FFA55E29F00FF52B7680047F5F3B1
C:\WINDOWS\system32\drivers\atinmdxx.sys InMem: 0 Det [G] PX5: F01147EA00BE7AB736CC00E44C302A00BEEA352D
C:\WINDOWS\system32\drivers\atinpdxx.sys InMem: 0 Det [G] PX5: 56DABC9E00199F9D38D000631CEE050045090A25
C:\WINDOWS\system32\drivers\atinraxx.sys InMem: 0 Det [G] PX5: FEA5AA1600EC2AE1CC0900185C854A00422223CC
C:\WINDOWS\system32\drivers\atinrvxx.sys InMem: 0 Det [G] PX5: B2CFA5AF0036DB7A9A1C01285BA8AA00C6DEC091
C:\WINDOWS\system32\drivers\atinsnxx.sys InMem: 0 Det [G] PX5: B12DD4A0005F1C4B7090009378B5920090FEE997
C:\WINDOWS\system32\drivers\atinttxx.sys InMem: 0 Det [G] PX5: 4D021E9A00CC1BA9364D00987AB05B00A6802140
C:\WINDOWS\system32\drivers\atintuxx.sys InMem: 0 Det [G] PX5: 9CDDA52F00E9E7A81E4101F1C5DBF60019525D37
C:\WINDOWS\system32\drivers\atinxbxx.sys InMem: 0 Det [G] PX5: D3D6841600E9C8A17C9D00EE54392C008BFD8C61
C:\WINDOWS\system32\drivers\atinxsxx.sys InMem: 0 Det [G] PX5: CEDD5F03008A5FA5F8E5006BA33674000902F33E
C:\WINDOWS\system32\drivers\atmepvc.sys InMem: 0 Det [G] PX5: 7363E81E80EDA4EC7A0200CE34E22400450A279B
C:\WINDOWS\system32\drivers\atmlane.sys InMem: 0 Det [G] PX5: 823332B380717184DAFD00B035ED9500F95C0458
C:\WINDOWS\system32\drivers\atmuni.sys InMem: 0 Det [G] PX5: 92E7BF650082565E607E05AD216E0900953642D5
C:\WINDOWS\system32\drivers\atv01nt5.dll InMem: 0 Det [G] PX5: B74263E9BFCD367D524B004543B0620051593916
C:\WINDOWS\system32\drivers\atv02nt5.dll InMem: 0 Det [G] PX5: 5BD533455F4160A82CFF00A4A8007800311EE64B
C:\WINDOWS\system32\drivers\atv04nt5.dll InMem: 0 Det [G] PX5: 07D448377F87BC2B63B200F2C6320A002A4A2743
C:\WINDOWS\system32\drivers\atv06nt5.dll InMem: 0 Det [G] PX5: 888D1ADB3FC69D2E37A100D692E2AF006C2D1732
C:\WINDOWS\system32\drivers\atv10nt5.dll InMem: 0 Det [G] PX5: 6457C5C27FB7E99A43C90031A6140C0087CB4A7F
C:\WINDOWS\system32\drivers\bdasup.sys InMem: 0 Det [G] PX5: 63B9884C00EA74E02EFF00FA516F7D00FACC5E14
C:\WINDOWS\system32\drivers\beep.sys InMem: 0 Det [G] PX5: F62FA4F780D77A5110B2005CD7507900637E04C1
C:\WINDOWS\system32\drivers\BRGSp50a64.sys InMem: 0 Det [G] PX5: BEAAACD30039A21972A50031523CDE0011AC7CC8
C:\WINDOWS\system32\drivers\bthenum.sys InMem: 0 Det [G] PX5: 67DA124780F37F2D4207001BE7C4FB0045C03AEB
C:\WINDOWS\system32\drivers\bthmodem.sys InMem: 0 Det [G] PX5: C7B3094980D7C27F94CD007E3580A600EA41E403
C:\WINDOWS\system32\drivers\bthpan.sys InMem: 0 Det [G] PX5: 1D47A64A80076E3A8ADF01F4925E2600FD8B4F37
C:\WINDOWS\system32\drivers\bthport.sys InMem: 0 Det [G] PX5: 6338AACF00FAD595326504F3A4496F00E0F5490A
C:\WINDOWS\system32\drivers\bthprint.sys InMem: 0 Det [G] PX5: BB9A60998032A4E78A5300A9DC88D600C54F085D
C:\WINDOWS\system32\drivers\bthusb.sys InMem: 0 Det [G] PX5: E7E73BF300F2E0284A6100A9DDF11900F96519D9
C:\WINDOWS\system32\drivers\cbidf2k.sys InMem: 0 Det [G] PX5: 7B8DA5F780B7DA7536FE00ABA71B6C00B12776D7
C:\WINDOWS\system32\drivers\ccdecode.sys InMem: 0 Det [G] PX5: 4E4CADF380552430426F00BC05FF9D0038FB5853
C:\WINDOWS\system32\drivers\cdaudio.sys InMem: 0 Det [G] PX5: 7D0D30B9001A5352491B006D9C79D000079079B1
C:\WINDOWS\system32\drivers\cdfs.sys InMem: 0 Det [G] PX5: 0225C13D004CC9CDF93000922132D000BA57D976
C:\WINDOWS\system32\drivers\cdr4_xp.sys InMem: 0 Det [G] PX5: AA25D71B78C8E829247500E1DF1CD700586B4A7B
C:\WINDOWS\system32\drivers\cdralw2k.sys InMem: 0 Det [G] PX5: 4518F26FF8DED74324DE0027365E6D0072F3B365
C:\WINDOWS\system32\drivers\ch7xxnt5.dll InMem: 0 Det [G] PX5: 1877C3E83F7739BB3CA900D071619200F51930FF
C:\WINDOWS\system32\drivers\cinemst2.sys InMem: 0 Det [G] PX5: 7C4B5F6480542F0A010D0467679A3400F24D4424
C:\WINDOWS\system32\drivers\classpnp.sys InMem: 0 Det [G] PX5: 61280642007AE0BEC20400D8EC4D8200079FF3CE
C:\WINDOWS\system32\drivers\cpqdap01.sys InMem: 0 Det [G] PX5: C60D75F500CE16D02E4100D9B4337E008A228DE3
C:\WINDOWS\system32\drivers\crusoe.sys InMem: 0 Det [G] PX5: E4FE1A7080AF31429EBC00A2612936006E0D7B97
C:\WINDOWS\system32\drivers\diskdump.sys InMem: 0 Det [G] PX5: 6D7A5F848072A37B37EB00C342763700264F9014
C:\WINDOWS\system32\drivers\drmk.sys InMem: 0 Det [G] PX5: 73B664558055CFD9EB9800CC44976A00031F37A9
C:\WINDOWS\system32\drivers\dxapi.sys InMem: 0 Det [G] PX5: D0E069F50027643C29470029619BD400B7B7054A
C:\WINDOWS\system32\drivers\dxg.sys InMem: 0 Det [G] PX5: 3F54B7A780F0ED98157C011AE18D4A00EE6485EB
C:\WINDOWS\system32\drivers\dxgthk.sys InMem: 0 Det [G] PX5: 0164AB8900598A330DE900E4FEF37900B79BCD14
C:\WINDOWS\system32\drivers\fastfat.sys InMem: 0 Det [G] PX5: 1E68B78D00BA4E2F30E102605EF38B00BED2E67D
C:\WINDOWS\system32\drivers\fips.sys InMem: 0 Det [G] PX5: 1007D8C50089CEC889D600EFFDE6B800D02A5DA9
C:\WINDOWS\system32\drivers\fsvga.sys InMem: 0 Det [G] PX5: 78ACD409008333CF30C90046F776F800BAB458CE
C:\WINDOWS\system32\drivers\fs_rec.sys InMem: 0 Det [G] PX5: 2E3179C900CB71741FBA004F645EEB00865149D3
C:\WINDOWS\system32\drivers\gagp30kx.sys InMem: 0 Det [G] PX5: 642F878C801E7D44B50600016FDC9C003631E6FC
C:\WINDOWS\system32\drivers\hidbth.sys InMem: 0 Det [G] PX5: C468F04A80AB923164CD0019D9EDE700BDCDA16F
C:\WINDOWS\system32\drivers\hidclass.sys InMem: 0 Det [G] PX5: 800EAA28801FAC928DC800F3F0296600134890AF
C:\WINDOWS\system32\drivers\hidir.sys InMem: 0 Det [G] PX5: A16DCB3D00AF3CB33B8B0007C2A393009E98F478
C:\WINDOWS\system32\drivers\hidparse.sys InMem: 0 Det [G] PX5: 202AE5AF805FDB4161470039E900C0009EB401B0
C:\WINDOWS\system32\drivers\hsfbs2s2.sys InMem: 0 Det [G] PX5: AF892C8C80AD05195B84032B43A9B8008B0F4B6A
C:\WINDOWS\system32\drivers\hsfcxts2.sys InMem: 0 Det [G] PX5: B01E5EF200315B7474880AC61620FE005A82CE5F
C:\WINDOWS\system32\drivers\hsfdpsp2.sys InMem: 0 Det [G] PX5: 8779C2C980FAE868E48B0FB35EB4640037393C0C
C:\WINDOWS\system32\drivers\InCDfs.sys InMem: 0 Det [G] PX5: 0F1EF38C006B4D6C85C401D13FD4B5004D8CDBCA
C:\WINDOWS\system32\drivers\InCDrec.sys InMem: 0 Det [G] PX5: B2F6F3BF009F1D65229D009CEE1E1700B36A4B87
C:\WINDOWS\system32\drivers\InCDrm.sys InMem: 0 Det [G] PX5: AC5A0D9600205E13702F0073AD7FB400F515FD67
C:\WINDOWS\system32\drivers\irbus.sys InMem: 0 Det [G] PX5: DE2B147C80E8B4069FD200104F1524007F7E57DE
C:\WINDOWS\system32\drivers\ks.sys InMem: 0 Det [G] PX5: 78D9F49380D52F3B2603022FFE8CE100B4CA1585
C:\WINDOWS\system32\drivers\ksecdd.sys InMem: 0 Det [G] PX5: 774C935980F76922670D01959D71E6009D9267E6
C:\WINDOWS\system32\drivers\mcd.sys InMem: 0 Det [G] PX5: 874B185900D5916B1EF900C2FE181D00136FAB22
C:\WINDOWS\system32\drivers\mdmxsdk.sys InMem: 0 Det [G] PX5: F550CBF45C4DEEBE2EDE0064049C6200A1C01EF8
C:\WINDOWS\system32\drivers\mf.sys InMem: 0 Det [G] PX5: F49C56310087ADB9F998009652109C00BB35FCB1
C:\WINDOWS\system32\drivers\mnmdd.sys InMem: 0 Det [G] PX5: 33A41DEC8064684210700001C4EA1400320E2D4F
C:\WINDOWS\system32\drivers\modem.sys InMem: 0 Det [G] PX5: F22F2ACE0067686F7617004AA04CD400DCD5102E
C:\WINDOWS\system32\drivers\mountmgr.sys InMem: 0 Det [G] PX5: 7309084F00AE944FA5B9001585E15200FF872CDC
C:\WINDOWS\system32\drivers\mpe.sys InMem: 0 Det [G] PX5: 7EACBCC10047DD0A3CE300370E7DD900AE871374
C:\WINDOWS\system32\drivers\mqac.sys InMem: 0 Det [G] PX5: A4B93ADE00A3CC201DAC01B48E57ED00D6108E71
C:\WINDOWS\system32\drivers\msdv.sys InMem: 0 Det [G] PX5: 27AF0F97805D5630C8C30079E369470031F71039
C:\WINDOWS\system32\drivers\msfs.sys InMem: 0 Det [G] PX5: 075BA4B3803111464A9700E6E20263008B5F85A4
C:\WINDOWS\system32\drivers\mstee.sys InMem: 0 Det [G] PX5: EF9F4FE18003FE44154E00AC0DDE6800FF407119
C:\WINDOWS\system32\drivers\mtlmnt5.sys InMem: 0 Det [G] PX5: FE91AA0DDE37188CEE5701B0C30E4C00F5593D00
C:\WINDOWS\system32\drivers\mtlstrm.sys InMem: 0 Det [G] PX5: 5C03650C006804A7FAD51340E559B800B2F2DF69
C:\WINDOWS\system32\drivers\mtxparhm.sys InMem: 0 Det [G] PX5: 58EEB961806700F0E8150672FF705700E15F3A2C
C:\WINDOWS\system32\drivers\mup.sys InMem: 0 Det [G] PX5: 488AE40380446D0EA57D014A890CCF00C681450A
C:\WINDOWS\system32\drivers\mutohpen.sys InMem: 0 Det [G] PX5: 99AA0498804B428D314500E20CBAD6004DAB82AC
C:\WINDOWS\system32\drivers\nabtsfec.sys InMem: 0 Det [G] PX5: 37E661E8803A144B4DFD01732787D600D94FD14F
C:\WINDOWS\system32\drivers\ndis.sys InMem: 0 Det [G] PX5: D3D6286080F2E0F0CA7A02249DEC7F001D734284
C:\WINDOWS\system32\drivers\ndisip.sys InMem: 0 Det [G] PX5: 92D82929807F4CDE2A6000D7EF7E8C008BDE37E2
C:\WINDOWS\system32\drivers\ndproxy.sys InMem: 0 Det [G] PX5: FB8873A080F72F00942D005DFF5068001A60ED1C
C:\WINDOWS\system32\drivers\nic1394.sys InMem: 0 Det [G] PX5: 720917AF800A6EE8F12400F5E9C6E000F750E215
C:\WINDOWS\system32\drivers\nikedrv.sys InMem: 0 Det [G] PX5: 31AFD82600B7B0E92F3400332F79D6008B90E2A9
C:\WINDOWS\system32\drivers\nmnt.sys InMem: 0 Det [G] PX5: 4F6E51DE803D5E299DD30090E39024009FB3BD94
C:\WINDOWS\system32\drivers\npfs.sys InMem: 0 Det [G] PX5: 20DA5FD280719B5A789A008E44C90300CCA72CD2
C:\WINDOWS\system32\drivers\ntfs.sys InMem: 0 Det [G] PX5: F6D2D4BD008F0B21C44F08EC65529C002F16FA15
C:\WINDOWS\system32\drivers\ntmtlfax.sys InMem: 0 Det [G] PX5: F44616B18898348BC05502B7489AC100042E0B8E
C:\WINDOWS\system32\drivers\null.sys InMem: 0 Det [G] PX5: 7047032880E19D2B0B4300F23A496700B79BCD14
C:\WINDOWS\system32\drivers\nv4_mini.sys InMem: 0 Det [G] PX5: 917F7FE8C02DB936F3411C8AC739AB0032E68CB2
C:\WINDOWS\system32\drivers\nwlnkipx.sys InMem: 0 Det [G] PX5: B455E8AE80D2C31959AC01662F7EE7009B9C1B54
C:\WINDOWS\system32\drivers\nwlnknb.sys InMem: 0 Det [G] PX5: 04BB889700AAB944F73D0096D8122400A0912260
C:\WINDOWS\system32\drivers\nwlnkspx.sys InMem: 0 Det [G] PX5: 38D410228045AB3DDA820098A4E752008EA9780C
C:\WINDOWS\system32\drivers\nwrdr.sys InMem: 0 Det [G] PX5: 83E10CED0073D0907FCD02CE4498B500A105309E
C:\WINDOWS\system32\drivers\oprghdlr.sys InMem: 0 Det [G] PX5: 691E96B980EF4DD30D2300DD63265E00B79BCD14
C:\WINDOWS\system32\drivers\p3.sys InMem: 0 Det [G] PX5: BC6A682380C862C2B56A0022A0FE9B00ED93F9A1
C:\WINDOWS\system32\drivers\partmgr.sys InMem: 0 Det [G] PX5: CD5C0D6C00BC0D35496D00DCA66DE800E5B26EF9
C:\WINDOWS\system32\drivers\parvdm.sys InMem: 0 Det [G] PX5: D78233F200E873FD1B40001BF0D2FD00501E1542
C:\WINDOWS\system32\drivers\pciidex.sys InMem: 0 Det [G] PX5: DD4713DB00668128625F00A6F0879B00FA781103
C:\WINDOWS\system32\drivers\pcmcia.sys InMem: 0 Det [G] PX5: 1E5E2DAE80A234A7D5E1011E8065A7000BABC19F
C:\WINDOWS\system32\drivers\portcls.sys InMem: 0 Det [G] PX5: AD607B188079CDEF39B802DAB6A7B200F599BD35
C:\WINDOWS\system32\drivers\prB23.sys InMem: 0 Det [b] PX5: 366A66E4000B23DF73F7001267E33400B9614872 Malware Group: Rootkit
C:\WINDOWS\system32\drivers\rawwan.sys InMem: 0 Det [G] PX5: 3623B25780ED679386B1006F511AA700A8DBED63
C:\WINDOWS\system32\drivers\rdpwd.sys InMem: 0 Det [G] PX5: F059F0E3086A11EC2111023C258C8900CFC29C24
C:\WINDOWS\system32\drivers\recagent.sys InMem: 0 Det [G] PX5: 8230DA32D0FF3CCB359200458A49D1005077BCC7
C:\WINDOWS\system32\drivers\rfcomm.sys InMem: 0 Det [G] PX5: 86C754D3005DD90AE9C000A325CAFB008DE7ED1E
C:\WINDOWS\system32\drivers\rio8drv.sys InMem: 0 Det [G] PX5: 689BF8B80051228F2F8000540597A5009049C8B5
C:\WINDOWS\system32\drivers\riodrv.sys InMem: 0 Det [G] PX5: 31AFD82600B7B0E92F3400332F79D600DA0E26E7
C:\WINDOWS\system32\drivers\rmcast.sys InMem: 0 Det [G] PX5: 51F889B700FC9166166A03256E7AAC00D3C16FD6
C:\WINDOWS\system32\drivers\rndismp.sys InMem: 0 Det [G] PX5: F5E4CD0480C828137517005714D7F1002CA246EF
C:\WINDOWS\system32\drivers\rndismpx.sys InMem: 0 Det [G] PX5: F5E4CD0480C828137517005714D7F1004825A207
C:\WINDOWS\system32\drivers\rootmdm.sys InMem: 0 Det [G] PX5: F3E7979300A8EEA3177100743639FF0080591A18
C:\WINDOWS\system32\drivers\s3gnbm.sys InMem: 0 Det [G] PX5: 61E69E1D00FCADE18C3D02DB5DBD000075CEE0EF
C:\WINDOWS\system32\drivers\sdbus.sys InMem: 0 Det [G] PX5: BA494C87000D7A4F08B4013D43118E00EBAF0531
C:\WINDOWS\system32\drivers\sffdisk.sys InMem: 0 Det [G] PX5: AF380F15808E7A972B3D001ABF251400652E930D
C:\WINDOWS\system32\drivers\sffp_sd.sys InMem: 0 Det [G] PX5: 35A841FC0030CAF028AD002AAB39F600184DF1C4
C:\WINDOWS\system32\drivers\sfloppy.sys InMem: 0 Det [G] PX5: 6884E1AE807AAB872CD300DC197E0C00B015D834
C:\WINDOWS\system32\drivers\siint5.dll InMem: 0 Det [G] PX5: AF524B003D8D42390F6200ED41EA3400B79BCD14
C:\WINDOWS\system32\drivers\sisagp.sys InMem: 0 Det [G] PX5: 67D98FA680CA352AA02400A357FF2400C53F77F4
C:\WINDOWS\system32\drivers\slip.sys InMem: 0 Det [G] PX5: C05453A580D50DE62B1A00E6C96F380022C2D117
C:\WINDOWS\system32\drivers\slnt7554.sys InMem: 0 Det [G] PX5: 7E3AB854FF177A8EF97F01B5C9799B0044CD1C46
C:\WINDOWS\system32\drivers\slntamr.sys InMem: 0 Det [G] PX5: 2D73A613FED6C4502D2F0603BB1BA000441F5C5B
C:\WINDOWS\system32\drivers\slnthal.sys InMem: 0 Det [G] PX5: 4125157DC0CA9DDC747D01DF9E13BE000301B563
C:\WINDOWS\system32\drivers\slwdmsup.sys InMem: 0 Det [G] PX5: 16863D5CB8EACC283314005DED01E500658864AF
C:\WINDOWS\system32\drivers\smbali.sys InMem: 0 Det [G] PX5: 12482C94800568C617170054DB39780049EFF146
C:\WINDOWS\system32\drivers\smclib.sys InMem: 0 Det [G] PX5: 8A9722BD003AC63939580092009AC20088FC78D8
C:\WINDOWS\system32\drivers\sonydcam.sys InMem: 0 Det [G] PX5: 0B9EAE4180F27A6F636900C11EF4E3002F2E7423
C:\WINDOWS\system32\drivers\stream.sys InMem: 0 Det [G] PX5: E9758E5F00F11219BE3300252F112F00F38A6C5B
C:\WINDOWS\system32\drivers\streamip.sys InMem: 0 Det [G] PX5: 37C869AE00A1D1423CD000F9D66948002AC47A8D
C:\WINDOWS\system32\drivers\tafmggso.sys InMem: 0 Det [u] PX5: C552815900F2F1DB56A40073AB52D6007C69C405
C:\WINDOWS\system32\drivers\tape.sys InMem: 0 Det [G] PX5: 1278B1EF80B32A683A3F0096934CD200746C2998
C:\WINDOWS\system32\drivers\tdi.sys InMem: 0 Det [G] PX5: D2E197368059988748C500010EF1F2006AC8B3D9
C:\WINDOWS\system32\drivers\tdpipe.sys InMem: 0 Det [G] PX5: 3FCBC6C1086354332FFD003DE3512D00CB438F2A
C:\WINDOWS\system32\drivers\tdtcp.sys InMem: 0 Det [G] PX5: 8942980688A6EF76558200032BC6D800A375DA91
C:\WINDOWS\system32\drivers\tosdvd.sys InMem: 0 Det [G] PX5: 628D18D7002B7E40CAFC00177DE27100B717B0CE
C:\WINDOWS\system32\drivers\tsbvcap.sys InMem: 0 Det [G] PX5: 87882BA880A89CF8537500BE0BB03800CD0425CD
C:\WINDOWS\system32\drivers\uagp35.sys InMem: 0 Det [G] PX5: 9D095C07801C22E3AE6600D63D61E600F240BE62
C:\WINDOWS\system32\drivers\udfs.sys InMem: 0 Det [G] PX5: 5FD2643980FF4C93024701049FF5A900913F1B6B
C:\WINDOWS\system32\drivers\usb8023.sys InMem: 0 Det [G] PX5: 6C38C2AE8005B13A31EC001CD2E193004FD5788A
C:\WINDOWS\system32\drivers\usb8023x.sys InMem: 0 Det [G] PX5: 6C38C2AE8005B13A31EC001CD2E193002F68BAFC
C:\WINDOWS\system32\drivers\usbcamd.sys InMem: 0 Det [G] PX5: D11C923000C0476E5DDA002FC1E34E00BC32EEBC
C:\WINDOWS\system32\drivers\usbcamd2.sys InMem: 0 Det [G] PX5: D11C923080C0476E5DDA002FC1E34E002B3DC035
C:\WINDOWS\system32\drivers\usbd.sys InMem: 0 Det [G] PX5: F328D8568037A02F12FA00A0B0E095005A1BACA9
C:\WINDOWS\system32\drivers\usbintel.sys InMem: 0 Det [G] PX5: 46A2709480A8B9863E99007B5ED70B000E5AFC3D
C:\WINDOWS\system32\drivers\usbport.sys InMem: 0 Det [G] PX5: A1EF174180FC34972E3902AA15903200854523B2
C:\WINDOWS\system32\drivers\usbvideo.sys InMem: 0 Det [G] PX5: 865C9DB9801BE3CC320C012527936E006B940059
C:\WINDOWS\system32\drivers\vchnt5.dll InMem: 0 Det [G] PX5: 03C121663D6461E42CC400D8205B69002D8BBFF6
C:\WINDOWS\system32\drivers\vdmindvd.sys InMem: 0 Det [G] PX5: 5DFBB3300012B79DE3E300778EC928004FCDB2AF
C:\WINDOWS\system32\drivers\viaagp.sys InMem: 0 Det [G] PX5: D6E79603001AC593A55800BA66876F0054482AF4
C:\WINDOWS\system32\drivers\viaide.sys InMem: 0 Det [G] PX5: 763F36E3001A65E115B100F2DCFD2A00D63490D3
C:\WINDOWS\system32\drivers\videoprt.sys InMem: 0 Det [G] PX5: BBE87C52808D55E2379801ACFA738900C0632DEC
C:\WINDOWS\system32\drivers\volsnap.sys InMem: 0 Det [G] PX5: AC3AFD0E80294768D03200EE1153E40098EF3DD1
C:\WINDOWS\system32\drivers\wacompen.sys InMem: 0 Det [G] PX5: ECD6A8780093567635F300A75D1FDA00773E3F7A
C:\WINDOWS\system32\drivers\wadv07nt.sys InMem: 0 Det [G] PX5: 1E0FE3D21FE339D22E2B008596227200617F8D26
C:\WINDOWS\system32\drivers\wadv08nt.sys InMem: 0 Det [G] PX5: 4CF103A01F6123B62CFA0037B0C1FD00836A25AA
C:\WINDOWS\system32\drivers\wadv09nt.sys InMem: 0 Det [G] PX5: 5DB73A5C5FAB7A1D2EB000A4DD02C800BA660E95
C:\WINDOWS\system32\drivers\wadv11nt.sys InMem: 0 Det [G] PX5: 3270838B9F1CA4BC2ECD00F52065DC007F926E55
C:\WINDOWS\system32\drivers\watv06nt.sys InMem: 0 Det [G] PX5: D04CA646FF640CF256F2007383ABD9003A191E15
C:\WINDOWS\system32\drivers\watv10nt.sys InMem: 0 Det [G] PX5: BC7A9CF57F55E4C36384008A4A3A0700A414BF9F
C:\WINDOWS\system32\drivers\wdfldr.sys InMem: 0 Det [G] PX5: 3BAF46DFE0FEFF7D7D93004FA882B400CC532E98
C:\WINDOWS\system32\drivers\wmilib.sys InMem: 0 Det [G] PX5: 7A1B707D0098974111DB00C8E2E10C00FCC422B3
C:\WINDOWS\system32\drivers\wpdusb.sys InMem: 0 Det [G] PX5: E04E67C68020394F960F004FBC02B000DC6FED3C
C:\WINDOWS\system32\drivers\wstcodec.sys InMem: 0 Det [G] PX5: B2CFBF068074D4084BB4001A2B9A35007D8AF7A1
C:\WINDOWS\system32\drivers\ZDPSp50a64.sys InMem: 0 Det [G] PX5: 072BAA21001CCCDC7CB2003AC02BA1001F518533
C:\Programmi\Microsoft Office\Office10\OSA.EXE InMem: 0 Det [GP] PX5: 8210284EA0B722E4453301D7A215060004970604
C:\Programmi\Uninstall_CDS.exe InMem: 0 Det [G] PX5: 642F45CE00C0948FA0FB00F356B45800026915A0
C:\WINDOWS\system32\advpack.dll.mui InMem: 0 Det [G] PX5: 5A12196A005E7A2E30A3009A60D51200ACCB3580
C:\WINDOWS\system32\aswBoot.exe InMem: 0 Det [G] PX5: 05BAE12578C6E32397891139E6C4DE00B9FD12F0
C:\WINDOWS\system32\devenuma.dll InMem: 0 Det [BP] PX5: 01C156E40040B6E1E4CE016C1D0E28007F623215 Malware Group: Fraudulent Security Program
C:\WINDOWS\system32\ieframe.dll.mui InMem: 0 Det [G] PX5: 7CFF633600E0BA21C0580FB2DDEACF0049B43F2E
C:\WINDOWS\system32\MRT.exe InMem: 0 Det [G] PX5: 48A77EE87823B976525D01FCD203D2015171B0C6
C:\WINDOWS\system32\mucltui.dll.mui InMem: 0 Det [G] PX5: A5CEE5C07828FA91754700AE8244D0004ACFFC69
C:\WINDOWS\system32\watchdog.sys InMem: 0 Det [G] PX5: A5490EC7005C2AF84570001E79455E0011553B7B
C:\WINDOWS\system32\win32k.sys InMem: 0 Det [G] PX5: BDD18AD4007B2FC7283D1C22055DF2008FCE352A
C:\WINDOWS\system32\wuapi.dll.mui InMem: 0 Det [G] PX5: 92E0CC095853C0C1753300650DDDAD00C0399BC2
C:\WINDOWS\system32\wuaueng.dll.mui InMem: 0 Det [G] PX5: 8F87ECF5583D62C253DE00AB7F3D51002C1F4DC0
C:\WINDOWS\system32\wucltui.dll.mui InMem: 0 Det [G] PX5: 70241DA158CC4AF1959400D2361A37006066AE07
C:\WINDOWS\system32\ZDPNDIS5.SYS InMem: 0 Det [G] PX5: F0BAD93FFF5A8C06426000C701068E00D4F6F96D
C:\Programmi\CCleaner\CCleaner.exe InMem: 0 Det [GP] PX5: BC335134F09251C2241B12835B05100071CC695F
D:\Piero\SOFTWARE\fotocal100\calendario.exe InMem: 0 Det [G] PX5: 4DD0308700F6F5013A070A4C0DE94D001D27E28A
C:\Programmi\FaiDaTe Pro Ed. 2005 B\FaiDaTePro.exe InMem: 0 Det [G] PX5: 495F3B21009F743418B2D0E2C0717E006D477D7E
C:\GESTIONE\GESTIONE.EXE InMem: 0 Det [u] PX5: F5AFFA1A006F198C90000BFE2BADBE00207D68E3
C:\Programmi\Guitar Pro 5\GP5.exe InMem: 0 Det [G] PX5: E38C6CDB004C5825F6E75E67D5747700EC3E96CE
C:\Programmi\HijackThis\HijackThis.exe InMem: 0 Det [GP] PX5: 3DF7D3A40061C4A70C8E069553313F002B40F674
C:\WINDOWS\Installer\{90190410-6000-11D3-8CFE-0050048383C9}\pubs.exe InMem: 0 Det [GP] PX5: 596308E9002398903289003B3C2E07005EBF4959
C:\Programmi\MP3 WAV WMA Converter\converter.exe InMem: 0 Det [u] PX5: FE6EECDB00F929EF50F1067E08C58000D2B7237A
C:\Documents and Settings\Dani\Desktop\pci_filerecovery.exe InMem: 0 Det [T] PX5: B529FF059F82075E48385DC308ED6200641FEAE7
C:\Programmi\Spybot - Search & Destroy\SpybotSD.exe InMem: 0 Det [G] PX5: 6C700EEC508DBDDC87544EADE68961007E2DEC5A
D:\Programmi, Aggiornamenti e Giochi\Programmi\P2P e File Sharing\utorrent.exe InMem: 0 Det [GP] PX5: B1F693AA30196BE45B0D032546DD930051E6D38F
C:\Documents and Settings\Dani\Impostazioni locali\Temporary Internet Files\Content.IE5\3CGE1L06\PREVXCSIFREE[1].EXE InMem: 0 Det [GP] PX5: 9EFC5BC53810EC7A827809ED24C2D600ABDD5DDD
C:\Documents and Settings\Dani\Impostazioni locali\Temporary Internet Files\Content.IE5\JJ0H5SUB\video2mp3[1].exe InMem: 0 Det [u] PX5: 5EC3B948E06A8DD05ACF26B655DDC500E628095C
C:\Programmi\Windows Defender\MpCmdRun.exe InMem: 0 Det [G] PX5: F203119218C1A3D979CA04150F79A200EDB166AD
Summary:
C:\WINDOWS\system32\ryavjsx.dll - [b] >> Malicious Software
C:\WINDOWS\system32\avicapr.dll - [b] >> Fraudulent Security Program
C:\WINDOWS\system32\drivers\prB23.sys - [b] >> Rootkit
C:\WINDOWS\system32\devenuma.dll - [b] >> Fraudulent Security Program
End of PrevxCSI Log - http://www.prevx.com
|
|
|
|
|
10-06-2008, 16:52
|
#3 |
|
Senior Member
Iscritto dal: Apr 2006
Messaggi: 22462
|
segui alla lettera questa guida
http://www.hwupgrade.it/forum/showthread.php?t=1599737 e posta i log caricandoli qui http://www.hwupgrade.it/forum/showthread.php?t=1599737
__________________
amd a64x2 4400+ sk939;asus a8n-sli; 2x1gb ddr400; x850 crossfire; 2 x western digital abys 320gb|| asus g1
Se striscia fulmina, se svolazza l'ammazza |
|
|
|
|
10-06-2008, 17:43
|
#4 |
|
Senior Member
Iscritto dal: Nov 2001
Città: Fidenza(pr) da Trento
Messaggi: 27479
|
@ Luça§:
ti dava errore sulle dimensioni 
__________________
"Visti da vicino siamo tutti strani..." ~|~ What Defines a Community? ~|~ Thread eMule Ufficiale ~|~ Online Armor in Italiano ~|~ Regole di Sezione ~|► Guida a PrivateFirewall
|
|
|
|
|
10-06-2008, 19:24
|
#5 | |
|
Junior Member
Iscritto dal: Jun 2008
Messaggi: 3
|
Quote:
|
|
|
|
|
|
|
| Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 20:19.
