Torna indietro   Hardware Upgrade Forum > Networking e sicurezza > Antivirus e Sicurezza > Aiuto sono infetto! Cosa faccio?
Ricarica la Pagina [win XP] Come eliminare Trusted zone?

Recensione Realme 15 Pro Game Of Thrones: un vero cimelio tech per pochi eletti
Recensione Realme 15 Pro Game Of Thrones: un vero cimelio tech per pochi eletti
Siamo volati fino a Belfast, capitale dell'Irlanda Del Nord, per scoprire il nuovo Realme 15 Pro 5G Game Of Thrones Limited Edition. Una partnership coi fiocchi, quella tra Realme e HBO, un esercizio di stile davvero ben riuscito. Ma vi raccontiamo tutto nel nostro articolo
GIGABYTE GAMING A16, Raptor Lake e RTX 5060 Laptop insieme per giocare al giusto prezzo
GIGABYTE GAMING A16, Raptor Lake e RTX 5060 Laptop insieme per giocare al giusto prezzo
Il Gigabyte Gaming A16 offre un buon equilibrio tra prestazioni e prezzo: con Core i7-13620H e RTX 5060 Laptop garantisce gaming fluido in Full HD/1440p e supporto DLSS 4. Display 165 Hz reattivo, buona autonomia e raffreddamento efficace; peccano però le USB e la qualità cromatica del pannello. Prezzo: circa 1200€.
iPhone 17 Pro: più di uno smartphone. È uno studio di produzione in formato tascabile
iPhone 17 Pro: più di uno smartphone. È uno studio di produzione in formato tascabile
C'è tanta sostanza nel nuovo smartphone della Mela dedicato ai creator digitali. Nuovo telaio in alluminio, sistema di raffreddamento vapor chamber e tre fotocamere da 48 megapixel: non è un semplice smartphone, ma uno studio di produzione digitale on-the-go
Primi camion elettrici MAN eTGX arrivano in Italia: Fratelli Foppiani Trasporti apre la strada alla mobilità sostenibile
ASUS ROG Xbox Ally e Ally X in vendita da oggi: console portatili con potenza da next-gen e anima Xbox. Ecco dove comprarle
Threads introduce le chat di gruppo e porta i messaggi diretti anche in Europa
Datacenter tra i canguri: Project Southgate porta in Australia migliaia di GPU NVIDIA Blackwell
PS Plus di ottobre: pioggia di horror e grandi ritorni per gli abbonati Extra e Premium
Waymo porta i robotaxi a Londra: dal 2026 il primo servizio senza conducente in Europa
Philips Airfryer Serie 5000 a soli 69,99€: friggitrice ad aria 13 in 1 con WiFi e tecnologia Rapid Air
NVIDIA amplia l'ecosistema NVLink Fusion: Samsung Foundry entra tra i partner
MagicPad 3 Pro: Honor lancia il primo tablet con Snapdragon 8 Elite Gen 5
vivo porta OriginOS 6 sui mercati internazionali: addio a FuntouchOS
Sony WH-1000XM6 vs WH-1000XM5: su AliExpress super prezzi per le cuffie con cancellazione del rumore
Tutti gli articoli Tutte le news

Vai al Forum
Pagina 2 di 7 < 1 2 3 4 5 6 > Ultima »
Rispondi
 
Strumenti
Old 19-02-2008, 17:22   #21
deneb87
Senior Member
 
Iscritto dal: Dec 2006
Città: Cagliari
Messaggi: 682
per ora metti in quarantena, in seguito li eliminerai
ti consiglio di fare, anzi senza consiglio , una scansione completa in Deep Scan con a-Squared e non solo selezionando quelle cartelle, grazie

mancano ancora i log di altri programmi
deneb87 è offline   Rispondi citando il messaggio o parte di esso
Old 19-02-2008, 17:28   #22
murack83pa
Bannato
 
Iscritto dal: Oct 2007
Città: Palermo
Messaggi: 4623
asquared nn hai fatto la scansione deep scan di tutto il sistema....

fai girare questo tool:
Cwshredder

chiudi tutti programma, internet explorer, msn, ecc.

avvialo, premi fix, poi ok, next, a fine scansione, se ha trovato quakosa, clicca su create report e lo posti qui

rifai la scansione con asquared in deep scan di tutto il sistema
murack83pa è offline   Rispondi citando il messaggio o parte di esso
Old 20-02-2008, 10:22   #23
Alis77
Member
 
Iscritto dal: Jan 2006
Messaggi: 73
A dire il vero avevo provato a fare deep scan ma ad un certo punto, anzi, per 2 volte di seguito nello stesso punto si bloccava e non andava avanti e cosi ho optato per l'altra modalita'! Ho pensato che fosse meglio di niente!
Alis77 è offline   Rispondi citando il messaggio o parte di esso
Old 20-02-2008, 10:57   #24
Alis77
Member
 
Iscritto dal: Jan 2006
Messaggi: 73
Cwshredder non ha rilevato nulla, poi ho fatto anke una scansione con prevxcsifree che invece ha trovato una infezione

Codice:
Prevx CSI Log - Version v1.5.103.214

Some non-malicious files are not included in this log.
C:\WINDOWS\System32\smss.exe	InMem: 1	Det [G]	MD5: 036FC522AC5784EBF03C1F85E93415E7	PX5: EAEF384300B86E2BC60900AD18ED0300B6B454BF
C:\WINDOWS\system32\ntdll.dll	InMem: 1	Det [G]	MD5: 75A0AECC55A3F0B9E2D54119FA4AAB6D	PX5: 98EF83350066C70122B20B444BEBEA00D217A1B2
C:\WINDOWS\system32\csrss.exe	InMem: 1	Det [G]	MD5: 2B511A5438308A1AC8D48482279810E6	PX5: 457E08CD00DE83E3183600665DD0AE001F0FA82A
C:\WINDOWS\system32\CSRSRV.dll	InMem: 1	Det [G]	MD5: 4BA2DBAC6357B3B9D89C53823AFE15C5	PX5: 672F934100D50DA280D100335AB03A0006C3D206
C:\WINDOWS\system32\basesrv.dll	InMem: 1	Det [G]	MD5: 7B37B598B55BF80415C15BFFE7A992A2	PX5: CDE7154D0060E2E4CE1D00F8B4D58500AEAC4112
C:\WINDOWS\system32\winsrv.dll	InMem: 1	Det [G]	MD5: A372E3E086A11A01CFCA3B8DCCBFCB50	PX5: EA125ACC0017E3527A0804FB6E773E00D0D2275E
C:\WINDOWS\system32\GDI32.dll	InMem: 1	Det [G]	MD5: 82D7DE4DF9B7FF8D8B9AEFC48F2F3BE5	PX5: E0AE989400FE60C04EE004B2BF0AC40001B8B70F
C:\WINDOWS\system32\KERNEL32.dll	InMem: 1	Det [G]	MD5: EB1428078E1D10FDEC060857AA526A9F	PX5: 0AD652AA00FC1D0CB2930F5593CD84005E517D9A
C:\WINDOWS\system32\USER32.dll	InMem: 1	Det [G]	MD5: 9DAA2190A18739B657B58F794ACF2E47	PX5: D423C40D007DC87CD48F089CF302B800036F5CB9
C:\WINDOWS\system32\sxs.dll	InMem: 1	Det [G]	MD5: 1F0124663855AF228233F43021400F72	PX5: F6867B260073AE3BE8420A9D4CB88200ED96EA53
C:\WINDOWS\system32\ADVAPI32.dll	InMem: 1	Det [G]	MD5: 09BB0A2C325F7085E24FAE6134DE2D16	PX5: DA31EA390036C3916C5C0A395DA4E3007CA4EABA
C:\WINDOWS\system32\RPCRT4.dll	InMem: 1	Det [G]	MD5: 22413A53995E0A23915A6433BFB90563	PX5: D30BFA4500E11CC3EA0408EA8337540073B46F29
	REGRPC - \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols - ncacn_np [rpcrt4.dll]
	REGRPC - \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols - ncacn_ip_tcp [rpcrt4.dll]
	REGRPC - \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols - ncadg_ip_udp [rpcrt4.dll]
	REGRPC - \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols - ncacn_http [rpcrt4.dll]
C:\WINDOWS\system32\Secur32.dll	InMem: 1	Det [G]	MD5: 8285B8B146B42FF18ED08C558435011E	PX5: 2226211D005B7868DA45009E23898E00149E78C6
	REGRPC - \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService - 9 [secur32.dll]
	REGRPC - \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService - 10 [secur32.dll]
	REGRPC - \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService - 16 [secur32.dll]
	REGRPC - \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService - 18 [secur32.dll]
C:\WINDOWS\system32\Apphelp.dll	InMem: 1	Det [G]	MD5: 086DA77C3C612759D4EF437F67532E2D	PX5: 2E534C590076A85BF05D01EC9E4FFB0089A4554F
C:\WINDOWS\system32\VERSION.dll	InMem: 1	Det [G]	MD5: 9B5A59851D9A237C86210E07E2195A12	PX5: 17E09890009DDCC84AAD00E153CBBA0071FD3882
C:\WINDOWS\system32\winlogon.exe	InMem: 1	Det [G]	MD5: 4166454E2BCFCC20D1B8A5AC9FEAB243	PX5: D0D54E6C00E89575B4CC07CFE43BE400C1F31A26
C:\WINDOWS\system32\AUTHZ.dll	InMem: 1	Det [G]	MD5: AC3257B2E441866289D7EB8377490765	PX5: 869C1EE500523D0FDE60003D7F38BD0038C5A93D
C:\WINDOWS\system32\msvcrt.dll	InMem: 1	Det [G]	MD5: 9E6CB81BE111B9935F6A97C367CABD4E	PX5: EAD3CF360087D2AD3C120509FE506F008FB88290
C:\WINDOWS\system32\CRYPT32.dll	InMem: 1	Det [G]	MD5: 5588D8AFD51D060F82315C50D7590323	PX5: DD3ED9060033BBFB2E83098709F8D4001E524429
	REGWINLOG - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain - DllName [crypt32.dll]
C:\WINDOWS\system32\MSASN1.dll	InMem: 1	Det [G]	MD5: 0A75AC7D90BD8E6BC942DBA004579D5B	PX5: 09F301D4001F77D2E0150027945354004927323C
C:\WINDOWS\system32\NDdeApi.dll	InMem: 1	Det [G]	MD5: 11BE44F0C0978927AED7D69B75C24937	PX5: 8E19EB1100E774A0488300C192BED30080B1D3E4
C:\WINDOWS\system32\PROFMAP.dll	InMem: 1	Det [G]	MD5: 0328058695D324D26528077F5B136636	PX5: 90AEB4A600D0EF596C4F00D134ACAA00BDFD0752
C:\WINDOWS\system32\NETAPI32.dll	InMem: 1	Det [G]	MD5: 9003E9374EA7C1A81DB51CEE64C427F6	PX5: 0919F94300F3C16412B605F0CC86050045AA2AE7
C:\WINDOWS\system32\USERENV.dll	InMem: 1	Det [G]	MD5: AC31CA2B251FE8057528FA937335B164	PX5: 02BF46CD00DC848D207F0BA7D391AB00DCDEB32E
C:\WINDOWS\system32\PSAPI.DLL	InMem: 1	Det [G]	MD5: 2BAF81B8504D9C1600C51A498E5453B3	PX5: 5DB1DF3A00AE978A5A1800B9B5A8C30041FF3076
C:\WINDOWS\system32\REGAPI.dll	InMem: 1	Det [G]	MD5: BB756F78728C2D953574E8652B7E86A8	PX5: BDCF1CB600ACB6D2C2EE007361942C0007606048
C:\WINDOWS\system32\SETUPAPI.dll	InMem: 1	Det [G]	MD5: 6F83A7ED3217D0E612445612D1991767	PX5: 085443D800EAF0FA42960F6622B8E300CB4CB91D
C:\WINDOWS\system32\WINSTA.dll	InMem: 1	Det [G]	MD5: DE24EBECF7833A4DE925D0832956F21A	PX5: 1789B2A5005E39C8D2660086022E8500C3B9450D
C:\WINDOWS\system32\WINTRUST.dll	InMem: 1	Det [G]	MD5: 48BD2908FE77ABB5EF42DD4A108600B5	PX5: 0D34C3E0002C3B32B2670226273B8500327F7603
C:\WINDOWS\system32\IMAGEHLP.dll	InMem: 1	Det [G]	MD5: F309C34E0F66DAC995053E91EFFC9002	PX5: 92D4CA5F00EA8A5C340F02F2506EE800E1319CFF
C:\WINDOWS\system32\WS2_32.dll	InMem: 1	Det [G]	MD5: 12EAD983C875ED9BCC8B90E3F77F2E4A	PX5: 42D0077300700B1344D7019D11CF0E00A225E294
C:\WINDOWS\system32\WS2HELP.dll	InMem: 1	Det [G]	MD5: 0C1F495C1761C126BC820F4DE4C8B967	PX5: 097C6291004A18B14EEC00B4A6264D00B84611B9
C:\WINDOWS\system32\MSGINA.dll	InMem: 1	Det [G]	MD5: 4BA6464CF0D5FE0CD0B43AE4B3B32D26	PX5: 0590994000D0A8B53A390FFB32187D003143117B
C:\WINDOWS\system32\SHELL32.dll	InMem: 1	Det [G]	PX5: 215DA5830048FB3674DB81C1D671C100E9F4366E
	REGWINLOG - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon - VmApplet [rundll32 shell32,Control_RunDLL "sysdm.cpl"]
	REGSHLEXHOOK - \REGISTRY\Machine\Software\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\InprocServer32 - {AEB6717E-7E19-11d0-97EE-00C04FD91972} [shell32.dll]
	REGDELAY - \REGISTRY\Machine\Software\Classes\CLSID\{7849596a-48ea-486e-8937-a2a3009f31a9}\InprocServer32 - PostBootReminder [%SystemRoot%\system32\SHELL32.dll]
	REGDELAY - \REGISTRY\Machine\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 - CDBurn [%SystemRoot%\system32\SHELL32.dll]
	REGTOOLBAR - \REGISTRY\Machine\Software\Classes\CLSID\{0E5CBF21-D15F-11D0-8301-00AA005B4383}\InprocServer32 - {0E5CBF21-D15F-11D0-8301-00AA005B4383} [%SystemRoot%\system32\SHELL32.dll]
	REGEXPSHELL - \REGISTRY\Machine\Software\Classes\CLSID\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}\InprocServer32 -  [%SystemRoot%\system32\SHELL32.dll]
	REGEXPSHELL - \REGISTRY\Machine\Software\Classes\CLSID\{24F14F01-7B1C-11d1-838f-0000F80461CF}\InprocServer32 -  [%SystemRoot%\system32\SHELL32.dll]
	REGEXPSHELL - \REGISTRY\Machine\Software\Classes\CLSID\{24F14F02-7B1C-11d1-838f-0000F80461CF}\InprocServer32 -  [%SystemRoot%\system32\SHELL32.dll]
	REGEXPSHELL - \REGISTRY\Machine\Software\Classes\CLSID\{66742402-F9B9-11D1-A202-0000F81FEDEE}\InprocServer32 -  [%SystemRoot%\system32\SHELL32.dll]
	REGEXPSHELL - \REGISTRY\Machine\Software\Classes\CLSID\{09799AFB-AD67-11d1-ABCD-00C04FC30936}\InprocServer32 -  [%SystemRoot%\system32\SHELL32.dll]
	REGEXPSHELL - \REGISTRY\Machine\Software\Classes\CLSID\{A470F8CF-A1E8-4f65-8335-227475AA5C46}\InprocServer32 -  [%SystemRoot%\system32\SHELL32.dll]
	REGEXPSHELL - \REGISTRY\Machine\Software\Classes\CLSID\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}\InprocServer32 -  [%SystemRoot%\system32\SHELL32.dll]
	REGEXPSHELL - \REGISTRY\Machine\Software\Classes\CLSID\{ef43ecfe-2ab9-4632-bf21-58909dd177f0}\InprocServer32 -  [%SystemRoot%\system32\SHELL32.dll]
	REGEXPSHELL - \REGISTRY\Machine\Software\Classes\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InprocServer32 -  [shell32.dll]
C:\WINDOWS\system32\SHLWAPI.dll	InMem: 1	Det [GP]	MD5: D81B5FD63D49B4748A0309CF63FEBD72	PX5: 7847F983005ABB1E3E0D0779BB584600F56F7404
C:\WINDOWS\system32\COMCTL32.dll	InMem: 1	Det [G]	MD5: EFA21A3FE23BBCFDB6F61A3AF723E05A	PX5: 58711F2E00E7D4E26C3A0946506D1B008DF24393
C:\WINDOWS\system32\ODBC32.dll	InMem: 1	Det [G]	MD5: 485B2381CF003DAD79F1371FBEAACD5A	PX5: A52E0F9B00E1697FD015036BACB9C10078B33C67
C:\WINDOWS\system32\comdlg32.dll	InMem: 1	Det [G]	MD5: C99FD691ACAFAEEEFD03F1E4E6D3DD60	PX5: D1079ADC002DFDB3487D042258AF1F00F0FB72E4
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll	InMem: 1	Det [G]	MD5: 837B282813808C17E9C94E56300AA29E	PX5: 6C2DA8F700C891F6167D107D5B6FFD004BDE3FD7
C:\WINDOWS\system32\odbcint.dll	InMem: 1	Det [G]	MD5: EA88A16DA0D06069C0C06AB5A4669E26	PX5: 17030F830012904980B601AEBBE29A00B94ABB0D
C:\WINDOWS\system32\SHSVCS.dll	InMem: 1	Det [G]	MD5: FAD73705BED0910E910DE852B0F8AEBC	PX5: 593617FD0028BAC30E8502553039DB005AE5DAA4
C:\WINDOWS\system32\sfc.dll	InMem: 1	Det [G]	MD5: E6F026DBC75B6EED7331EBF581AFD4D8	PX5: 16BA5AAF006AA18914FD002B882F7D0027109E10
C:\WINDOWS\system32\sfc_os.dll	InMem: 1	Det [G]	MD5: 8FBF27AB56DE71E2BDD5A2CCB7FB9023	PX5: 53B4176200566C3D2844029CE35AC3003149753E
C:\WINDOWS\system32\ole32.dll	InMem: 1	Det [G]	MD5: D5622B6D4CD43F2223718820C0A178AD	PX5: 85434D2700A77E169AF713D8C3B0DC00CF7A5885
C:\WINDOWS\system32\WINSCARD.DLL	InMem: 1	Det [G]	MD5: 840535254EDD74E79D059229C5A2F800	PX5: 49E7BE4C00EA6409841F01CF112B5500E75D0DD5
C:\WINDOWS\system32\WTSAPI32.dll	InMem: 1	Det [G]	MD5: E2703BB7BEAC36269482A8D32400AD38	PX5: 1CDB8610004CDD7F48CB007245065C0097B2DD61
C:\WINDOWS\system32\uxtheme.dll	InMem: 1	Det [G]	MD5: D5193D474D7BB9CE917B4CF5F3ADA9D4	PX5: D88EDDB7006796175ABD03E85DCCE30039E51CA1
C:\WINDOWS\system32\WINMM.dll	InMem: 1	Det [G]	MD5: 1DC87F8C450E295FB8CC5039D27292E5	PX5: 8B514EB5005BE141BAA3022C5AD8F400CAAEB534
C:\WINDOWS\system32\cscdll.dll	InMem: 1	Det [G]	MD5: 38C69B2BC3182A85F0B323C9D1EB7E26	PX5: 36CC0D8B0009157E909D017F19231E0041E0A92E
	REGWINLOG - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll - DLLName [cscdll.dll]
C:\WINDOWS\system32\WlNotify.dll	InMem: 1	Det [G]	MD5: 72E4CAD810A967449CAAB723E99C74B1	PX5: 3C08F14B008AD1456C990109A197100002605D8A
	REGWINLOG - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp - DLLName [wlnotify.dll]
	REGWINLOG - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule - DllName [wlnotify.dll]
	REGWINLOG - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn - DLLName [WlNotify.dll]
	REGWINLOG - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv - DllName [wlnotify.dll]
	REGWINLOG - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon - DLLName [wlnotify.dll]
C:\WINDOWS\system32\WINSPOOL.DRV	InMem: 1	Det [G]	MD5: A357128EEA84698DCF3ED33E521292CC	PX5: A35B6D1900D11F1D3E5102B97EFC0500E974203D
C:\WINDOWS\system32\MPR.dll	InMem: 1	Det [G]	MD5: 7013FC08075EEF2D881D55F898F2D402	PX5: 4E92FBCC002BB291EAE5000F10C15F00A1E7AD21
C:\WINDOWS\system32\rsaenh.dll	InMem: 1	Det [G]	MD5: 26ACBD865F8CFF730F1791C4D0854352	PX5: 19B797A900BB112F5426027FDD39EC001D5760F1
C:\WINDOWS\system32\msv1_0.dll	InMem: 1	Det [G]	MD5: AFFA7A2ECB1476F29641C90524F63E2E	PX5: 7DDBB66E00F27A20FA0D01B81C65BB005752F1B9
	REGLSA - \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa - Authentication Packages [msv1_0]
	REGLSA - \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa - Security Packages [kerberos]
C:\WINDOWS\system32\iphlpapi.dll	InMem: 1	Det [G]	MD5: 6150872A38D85C8CDDB1B2FBFF1BB07F	PX5: 352A2D920078A26F766401FF71F80300DA785AEF
C:\WINDOWS\system32\SAMLIB.dll	InMem: 1	Det [G]	MD5: F16C9CDB4A47969B1CF48E0620F6E217	PX5: 6D3509C200E203F6FAF00078D7EA35003D8429D0
C:\WINDOWS\system32\cscui.dll	InMem: 1	Det [G]	MD5: 53E5AB61DDCC0F057182BC1B5513B744	PX5: 8E7CD5F4006500C1188E05B6248B9200BAF8CA73
	REGGPOLICY - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{C631DF4C-088F-4156-B058-4375F0853CD8} - DllName [%SystemRoot%\System32\cscui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{750fdf0e-2a26-11d1-a3ea-080036587f03}\InprocServer32 - {750fdf0e-2a26-11d1-a3ea-080036587f03} [%SystemRoot%\System32\cscui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{10CFC467-4392-11d2-8DB4-00C04FA31A66}\InprocServer32 - {10CFC467-4392-11d2-8DB4-00C04FA31A66} [%SystemRoot%\System32\cscui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}\InprocServer32 - {AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E} [%SystemRoot%\System32\cscui.dll]
C:\WINDOWS\system32\xpsp2res.dll	InMem: 1	Det [G]	MD5: 0E8E6901C637095EC3B483475E39731E	PX5: DD9EAB9A00D5F12036192D6118710400ADB6810C
C:\WINDOWS\system32\wldap32.dll	InMem: 1	Det [G]	MD5: A340DEC6229F08D8B9644F2BE00100FC	PX5: 9E81915C002CE532A4010226E6EC3100C992DBA0
C:\WINDOWS\system32\NTMARTA.DLL	InMem: 1	Det [G]	MD5: 3C1B1065C5BFCA5190E7FA7EFCB11B59	PX5: 1D452FC300F103CCD4AF019C0B4A1000D0C05759
	REGLSA - \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider - ProviderPath [%SystemRoot%\system32\ntmarta.dll]
C:\WINDOWS\system32\wdmaud.drv	InMem: 1	Det [G]	MD5: 6DEB9059000C34770192B78D85F6D387	PX5: E19B13CB00CFB9ED5C250033B033BB00A27F216F
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - wave [wdmaud.drv]
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - midi [wdmaud.drv]
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - mixer [wdmaud.drv]
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Userinstallable.drivers - wave [wdmaud.drv]
C:\WINDOWS\system32\msacm32.drv	InMem: 1	Det [G]	MD5: 05E84EEAD6B27C958621A4E6D33859D1	PX5: F8EB7CDA00A2596F522700876A3BC9005F29A42B
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP - wavemapper [msacm32.drv]
C:\WINDOWS\system32\MSACM32.dll	InMem: 1	Det [G]	MD5: B088085D01B3E80E2BE0E9CD1838BA9B	PX5: CD32AC5300D4DB3A183401A597817D009B477A6B
C:\WINDOWS\system32\midimap.dll	InMem: 1	Det [G]	MD5: EAAA11BE5C162266E698F7658BD8A1DA	PX5: 8C299C3E002D88084A0000F598A51000C8C9681D
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP - midimapper [midimap.dll]
C:\WINDOWS\system32\COMRes.dll	InMem: 1	Det [G]	MD5: B979BBBA74F4F5DB69C3A5DFDC52828C	PX5: D3FD3AB2006F991AE8A30C7CE8FD780095D6A640
C:\WINDOWS\system32\OLEAUT32.dll	InMem: 1	Det [G]	MD5: B8D7F1638A52EA67FE5FEB22D3B725D1	PX5: D947C0320023C1EC686E08689A597900A28F94EE
C:\WINDOWS\system32\CLBCATQ.DLL	InMem: 1	Det [G]	MD5: 092813B8F60F1E12E8AF5DB98037B770	PX5: DDDD061C00DDD1C99CCC07876975D5003DF223DA
C:\WINDOWS\system32\Cabinet.dll	InMem: 1	Det [G]	MD5: 4D7708FD334C23E17400CA8327CE3D11	PX5: 60605FEC005AB19AEA050033F1225300422702FD
C:\WINDOWS\system32\services.exe	InMem: 1	Det [G]	MD5: E77F6FA2A15390F1727F4C1C55B69DA6	PX5: 55CFB3920083E585A8B8011373392400747D1070
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Eventlog - ImagePath [C:\WINDOWS\system32\services.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\PlugPlay - ImagePath [C:\WINDOWS\system32\services.exe]
C:\WINDOWS\system32\SCESRV.dll	InMem: 1	Det [G]	MD5: E84A4BFD34F64AF3A9B2E4FF45C02DCA	PX5: 42090831009A7DEDFC25041A41C0A6009F850DB8
C:\WINDOWS\system32\umpnpmgr.dll	InMem: 1	Det [G]	MD5: D717635E8C6D91644AEDA4B37A49762A	PX5: A0722C41001DFC8BE8A7011B43DD8300C52FA704
C:\WINDOWS\system32\NCObjAPI.DLL	InMem: 1	Det [G]	MD5: 1FC06B22BA62AB448613461D06C328C9	PX5: 7EA0BF3D001A18F58E38007796CD8000CD7F3FCC
C:\WINDOWS\system32\MSVCP60.dll	InMem: 1	Det [G]	MD5: B30C42DFA52A70037AB31A85057A5657	PX5: 2D7DD02900BE71EC5085060A796CD8005BF97344
C:\WINDOWS\system32\ShimEng.dll	InMem: 1	Det [G]	MD5: DC7D49E0DEC335B8E14C734AB1BADE66	PX5: 279F162200D45347000001BBAACC850063724C8D
C:\WINDOWS\AppPatch\AcGenral.DLL	InMem: 1	Det [G]	MD5: 26CAAEE19627A49509A5FAAF49E418A0	PX5: 5F6310EE002D3DBC446C1C5A826CF10048881669
C:\WINDOWS\system32\eventlog.dll	InMem: 1	Det [G]	MD5: D1CAA255F33C06C8302769A86FFB905E	PX5: D2B7D57A001E9CD9DA5600E2BE4F3C00079E4466
C:\WINDOWS\system32\lsass.exe	InMem: 1	Det [G]	MD5: 0815E8DA286775FA432C7C9EE5E10BA1	PX5: CC1BA69F00AF6D2D3445003B3C2E0700B638080D
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Netlogon - ImagePath [C:\WINDOWS\system32\lsass.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\NtLmSsp - ImagePath [C:\WINDOWS\system32\lsass.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\PolicyAgent - ImagePath [C:\WINDOWS\system32\lsass.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ProtectedStorage - ImagePath [C:\WINDOWS\system32\lsass.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\SamSs - ImagePath [C:\WINDOWS\system32\lsass.exe]
C:\WINDOWS\system32\LSASRV.dll	InMem: 1	Det [G]	MD5: CCA9A75FC163ED610CF3945069BF4A3A	PX5: 4A2D1F9A00EE2E841A4F0B1A2FFB0900A3181BF3
C:\WINDOWS\system32\NTDSAPI.dll	InMem: 1	Det [G]	MD5: 6AE3588C5FEA68CDFCD743AF5FC95398	PX5: B049763B0042836806A701AA022FCD00F10A90B1
C:\WINDOWS\system32\DNSAPI.dll	InMem: 1	Det [G]	MD5: B4936FB637C2E2EC03F2589CBCD077EF	PX5: 74EB5FA400ECF6FA447C02F4107A1600E5E5C273
C:\WINDOWS\system32\SAMSRV.dll	InMem: 1	Det [G]	MD5: 12B717E63F23BDF3FD43B295542154D9	PX5: E92EC68300CE21C68E4E06BCC0EDF6004268C49A
C:\WINDOWS\system32\cryptdll.dll	InMem: 1	Det [G]	MD5: 4AC54687B901091378C512A6C56F6214	PX5: 81B30DAB0078862F82C6000202049600DB968CD1
C:\WINDOWS\system32\msprivs.dll	InMem: 1	Det [G]	MD5: D7D64FF974B96816E1AE2C5B86DE35BA	PX5: 0CA48DC3002C50B3BC750065E2B27800000C62EB
C:\WINDOWS\system32\kerberos.dll	InMem: 1	Det [G]	MD5: A3103D196CE0DB4C8B5C6A365628E9EF	PX5: 6F259D99008DE085843504BA6E05F400BD1351EF
	REGLSA - \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa - Security Packages [kerberos]
C:\WINDOWS\system32\netlogon.dll	InMem: 1	Det [G]	MD5: 926BB51BB6DE79DEDB93E9C2B0811CCF	PX5: 7826BE4E00B0693C362206A7BBB246000E968C98
	REGRPC - \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService - 68 [netlogon.dll]
C:\WINDOWS\system32\w32time.dll	InMem: 1	Det [G]	MD5: 8B97D00E5C6A593EBB605CE4B8A5CAA5	PX5: B0DB78E90001F969B24A022F16FE9C007D6DCCBC
C:\WINDOWS\system32\schannel.dll	InMem: 1	Det [G]	MD5: E9836D1ACE460B4B96FBCB03861D0323	PX5: 978AEDC000D16F92363B021213F745004B5CD31C
	REGRUNGEN - \REGISTRY\Machine\System\CurrentControlSet\Control\SecurityProviders - SecurityProviders [msapsspc.dll]
	REGLSA - \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa - Security Packages [kerberos]
	REGRPC - \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService - 14 [schannel.dll]
C:\WINDOWS\system32\wdigest.dll	InMem: 1	Det [G]	MD5: BC6964976170DC87CAF151A144BE586C	PX5: F311FBD900986B6DC09400C9FE9A9C00CD8F608E
	REGLSA - \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa - Security Packages [kerberos]
C:\WINDOWS\system32\scecli.dll	InMem: 1	Det [G]	MD5: 1446EB71ADF0F54980CDD7E5A812E102	PX5: C91F3DA800B1BEBADA0C02480448D00054984981
	REGGPOLICY - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{827D319E-6EAC-11D2-A4EA-00C04F79F83A} - DllName [scecli.dll]
	REGGPOLICY - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A} - DllName [scecli.dll]
	REGLSA - \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa - Notification Packages [scecli]
C:\WINDOWS\system32\ipsecsvc.dll	InMem: 1	Det [G]	MD5: 24E00A2782F1FBDDA55173F6A92793B4	PX5: B05D914900808F8FCED102E7A46D080020A33905
C:\WINDOWS\system32\oakley.DLL	InMem: 1	Det [G]	MD5: F450886F41773A5FAEB25E87B758D6A8	PX5: A4E8D0C400046CE116C204B93C6D3F0003672778
C:\WINDOWS\system32\WINIPSEC.DLL	InMem: 1	Det [G]	MD5: 30E14D74BCD1BEEA96A279F78A723346	PX5: 5E3F044E00E5E84280510004471F8A00BD7E5854
C:\WINDOWS\system32\pstorsvc.dll	InMem: 1	Det [G]	MD5: 24B2F25A42BA3CAD1D238F2ADAE63F7C	PX5: DCF79E3E001DA16F86F70051A83A8600579ADC98
C:\WINDOWS\system32\mswsock.dll	InMem: 1	Det [G]	MD5: 337CB52AF1F7CF6C0F57EC8BD14DC6D1	PX5: 644C52BE00A05754C6240337B7759700C1FF12E3
	REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
	REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
	REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
	REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
	REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
	REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
	REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
	REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
	REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
	REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
	REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
	REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000014 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
	REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000015 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
	REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000016 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
	REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000017 - PackedCatalogItem [%SystemRoot%\system32\mswsock.dll]
	REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001 - LibraryPath [%SystemRoot%\System32\mswsock.dll]
	REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003 - LibraryPath [%SystemRoot%\System32\mswsock.dll]
C:\WINDOWS\system32\hnetcfg.dll	InMem: 1	Det [G]	MD5: 250D4F4E1E27543C121378268FE07208	PX5: 2CFD58C600B6F9414A810565679BD6001F42D5DE
C:\WINDOWS\System32\wshtcpip.dll	InMem: 1	Det [G]	MD5: 08B3A60A4DD7FAE800B552F8F8D5DEB0	PX5: 522AC66D001B6D5A4E8E00D8A0AEF000528059BA
C:\WINDOWS\system32\psbase.dll	InMem: 1	Det [G]	MD5: 7FE963BD4BDE86B5EAF5C07C6D0118C3	PX5: E242805400420CE08090017E79023900E657FC90
C:\WINDOWS\system32\dssenh.dll	InMem: 1	Det [G]	MD5: CACD2C63A79268D131EA37E85524CC44	PX5: 31E843BE00E2A81C18FA0265E10B6500232880A4
C:\WINDOWS\system32\svchost.exe	InMem: 1	Det [G]	MD5: 73955B04F209D8A1C633867841267A96	PX5: 41467A9700616549387D0095555BE300B7CBF228
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Alerter - ImagePath [C:\WINDOWS\system32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\AppMgmt - ImagePath [C:\WINDOWS\system32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\AudioSrv - ImagePath [C:\WINDOWS\System32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\BITS - ImagePath [C:\WINDOWS\system32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Browser - ImagePath [C:\WINDOWS\system32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\CryptSvc - ImagePath [C:\WINDOWS\system32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\DcomLaunch - ImagePath [C:\WINDOWS\system32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Dhcp - ImagePath [C:\WINDOWS\system32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\dmserver - ImagePath [C:\WINDOWS\System32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Dnscache - ImagePath [C:\WINDOWS\system32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ERSvc - ImagePath [C:\WINDOWS\System32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\EventSystem - ImagePath [C:\WINDOWS\system32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\FastUserSwitchingCompatibility - ImagePath [C:\WINDOWS\System32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\helpsvc - ImagePath [C:\WINDOWS\System32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\HidServ - ImagePath [C:\WINDOWS\System32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\HTTPFilter - ImagePath [C:\WINDOWS\System32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\lanmanserver - ImagePath [C:\WINDOWS\system32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\lanmanworkstation - ImagePath [C:\WINDOWS\system32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\LmHosts - ImagePath [C:\WINDOWS\system32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Messenger - ImagePath [C:\WINDOWS\system32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Netman - ImagePath [C:\WINDOWS\System32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Nla - ImagePath [C:\WINDOWS\system32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\NtmsSvc - ImagePath [C:\WINDOWS\system32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\RasAuto - ImagePath [C:\WINDOWS\system32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\RasMan - ImagePath [C:\WINDOWS\system32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\RemoteAccess - ImagePath [C:\WINDOWS\system32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\RemoteRegistry - ImagePath [C:\WINDOWS\system32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\RpcSs - ImagePath [C:\WINDOWS\system32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Schedule - ImagePath [C:\WINDOWS\System32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\seclogon - ImagePath [C:\WINDOWS\System32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\SENS - ImagePath [C:\WINDOWS\system32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\SharedAccess - ImagePath [C:\WINDOWS\system32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ShellHWDetection - ImagePath [C:\WINDOWS\System32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\srservice - ImagePath [C:\WINDOWS\system32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\SSDPSRV - ImagePath [C:\WINDOWS\system32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\stisvc - ImagePath [C:\WINDOWS\system32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\TapiSrv - ImagePath [C:\WINDOWS\System32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\TermService - ImagePath [C:\WINDOWS\System32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Themes - ImagePath [C:\WINDOWS\System32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\TrkWks - ImagePath [C:\WINDOWS\system32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\upnphost - ImagePath [C:\WINDOWS\system32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\W32Time - ImagePath [C:\WINDOWS\System32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\WebClient - ImagePath [C:\WINDOWS\system32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\winmgmt - ImagePath [C:\WINDOWS\system32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\WmdmPmSN - ImagePath [C:\WINDOWS\System32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Wmi - ImagePath [C:\WINDOWS\System32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\wscsvc - ImagePath [C:\WINDOWS\System32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\wuauserv - ImagePath [C:\WINDOWS\system32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\WudfSvc - ImagePath [C:\WINDOWS\system32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\WZCSVC - ImagePath [C:\WINDOWS\System32\svchost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\xmlprov - ImagePath [C:\WINDOWS\System32\svchost.exe]
c:\windows\system32\rpcss.dll	InMem: 1	Det [G]	MD5: CC41F9D29EDD55037A4C26E70C175528	PX5: 27F0519E00F08DE512070643B0627F006598C78A
c:\windows\system32\termsrv.dll	InMem: 1	Det [G]	MD5: C06CD1890279603E15020757E02DE56B	PX5: 15A4D5880058E23888C304BFF814830042F0D520
c:\windows\system32\ICAAPI.dll	InMem: 1	Det [G]	MD5: 66DA850192B87548374FE13F38A2A265	PX5: BB3E4FC6005CCAE92CC10044E2AB07008B832EBD
c:\windows\system32\mstlsapi.dll	InMem: 1	Det [G]	MD5: 9E54D8528F9B4324ED20CFCDF3BE6A76	PX5: F3CF001500470019C4F901369ADAFD00DF876B1F
c:\windows\system32\ACTIVEDS.dll	InMem: 1	Det [G]	MD5: 25E4E36CED6B15DF8D8C10460BE834A2	PX5: EFB02947002647C8F6250205FD9612006E9558F5
c:\windows\system32\adsldpc.dll	InMem: 1	Det [G]	MD5: 15CE221ACE929705BA7E4346D74E8A06	PX5: 6D8B11FE00EF99F53026027F152EC40097EA0ACA
c:\windows\system32\ATL.DLL	InMem: 1	Det [G]	MD5: 32BD4CC64449EA2549BE4A8EFC54F4DE	PX5: 90FBA32A008A4DC9E6A3004879775D009B9241D5
C:\WINDOWS\System32\winrnr.dll	InMem: 1	Det [G]	MD5: BB78454C44A5B0F97295A6D66B217D65	PX5: DD7C6D7B00A7C2A842AB003098E8920063CE769A
	REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002 - LibraryPath [%SystemRoot%\System32\winrnr.dll]
C:\WINDOWS\system32\rasadhlp.dll	InMem: 1	Det [G]	MD5: 266D8FA8F97CBBBA8BADE273F47215D9	PX5: 44992DD300BD805F2027003B3C2E0700008DD7C4
c:\windows\system32\dhcpcsvc.dll	InMem: 1	Det [G]	MD5: 4F56AD1B19373851392BFF248C8CE1CB	PX5: 6B31A5B6003DEA2AB413012609A16300F9086E97
c:\windows\system32\wzcsvc.dll	InMem: 1	Det [G]	MD5: 312913174D070ED81E9D78DA7B648774	PX5: 3DF4750600996C8B7E470562CED514005814EDBA
c:\windows\system32\rtutils.dll	InMem: 1	Det [G]	MD5: 204A7D354683A49C37505BE1646C5D43	PX5: BF0F14BA00130FA5ACFA00D907EAE70083958E2B
c:\windows\system32\WMI.dll	InMem: 1	Det [G]	MD5: 7F9FD6E98CF1898F94D4A6246D4D639E	PX5: 781B3D7300C600C41695006A26ACBD006AA9CB45
c:\windows\system32\ESENT.dll	InMem: 1	Det [G]	MD5: 26E0AC18AC6DC3F7F17AEE22C9E0A01F	PX5: 44A1D0F1009656EFAA4210CE1D5F1E00AAA3CF3A
C:\WINDOWS\System32\rastls.dll	InMem: 1	Det [G]	MD5: F90A2F77CB88F8201A3AD783D7EDB19C	PX5: F64AC68A00F37A69B87E01DB8E696800CC9225D9
C:\WINDOWS\system32\CRYPTUI.dll	InMem: 1	Det [G]	MD5: 502A30E1A880124D7F71667E75BE9688	PX5: 5142AFD100A220AEFE57076D08D9310067F36935
C:\WINDOWS\system32\WININET.dll	InMem: 1	Det [G]	MD5: A00EA19301855E5B844EFBA84B21860B	PX5: E48780E6008980251A6E0A5168187A002C0F8B88
C:\WINDOWS\System32\MPRAPI.dll	InMem: 1	Det [G]	MD5: B61978022A65FAC95B8E3817D5029870	PX5: F40536E000846CE4547B017CD7ABC100D153D57A
C:\WINDOWS\System32\RASAPI32.dll	InMem: 1	Det [G]	MD5: 7ECE54A6785E6A07ED02018A32B246E6	PX5: 7E18516500FFE5CC9C5B03564D831C0011FCFEEB
C:\WINDOWS\System32\rasman.dll	InMem: 1	Det [G]	MD5: 79D87679F6F13F7F18062C39A3C5B38A	PX5: 7F1D9BFF002D89D3F04E005C98AFF900ECE9EEA3
C:\WINDOWS\System32\TAPI32.dll	InMem: 1	Det [G]	MD5: 9B53CE123C15E95DE40592CFECEC5A09	PX5: ECB3A62200F5E5E3C61D0271F9934A0018AE4A00
C:\WINDOWS\System32\raschap.dll	InMem: 1	Det [G]	MD5: D7DE6CD7A5F84909B12B7DBD7D93811D	PX5: 6CBEE3D600A4FEB310F101DE8C083F003D6F721F
c:\windows\system32\schedsvc.dll	InMem: 1	Det [G]	MD5: 546254D4769E165CDC3388D74B201FCB	PX5: 5DDC4A3800A53317F204023D51875A00711FF5B5
C:\WINDOWS\System32\MSIDLE.DLL	InMem: 1	Det [G]	MD5: 3DC13080F28F80ED5D31E20E226536A5	PX5: 892E25230047BFE41A2700448F955F00DB3FDA3D
c:\windows\system32\audiosrv.dll	InMem: 1	Det [G]	MD5: 15EE9EFF206DAA73B9642FCD51A69BB1	PX5: 97A7792B000122A1A6A80092373D18006EB85382
c:\windows\system32\wkssvc.dll	InMem: 1	Det [G]	MD5: 6953DE298C888ABE268FF59BAC64CF4E	PX5: F785B0520050629F0457028102F0DA00CD162C70
c:\windows\system32\qmgr.dll	InMem: 1	Det [G]	MD5: 04E8321935AD5643FF59901F3EF5F4F3	PX5: A628078700D0FC00D60105464D1E6100132AFD53
c:\windows\system32\SHFOLDER.dll	InMem: 1	Det [G]	MD5: 8B205EB92B49D10055427365065357E8	PX5: 209DE55C009ABDE8627700E93AF07200F7058D40
c:\windows\system32\WINHTTP.dll	InMem: 1	Det [G]	MD5: 5B4EC6C0FBACC85430CE3D6AE8563A0D	PX5: 8A8FE9C3008B23F25C3905D494C02C00D181B661
c:\windows\system32\cryptsvc.dll	InMem: 1	Det [G]	MD5: E0CC838265401128097D182FB583889A	PX5: 4924777000FF363CECB300E8D69F7300112A6AF8
c:\windows\system32\certcli.dll	InMem: 1	Det [G]	MD5: 5F24A58D40870F8FE6CF7E15E73DE146	PX5: 925C7DF9003B9C1200C5031520AB850028BB5515
c:\windows\system32\dmserver.dll	InMem: 1	Det [G]	MD5: 499FFF7BCA07009A23447776286F0510	PX5: FABFF932000B9F155E610037E22ABC006B953D35
c:\windows\system32\ersvc.dll	InMem: 1	Det [G]	MD5: FF547B3876B6E652431412345FB8EE11	PX5: 1075AE7B006257925A3B00E01F4D2400B15FB39E
c:\windows\system32\es.dll	InMem: 1	Det [G]	MD5: 659C04BB6086E480966FFD0D44F1CC4D	PX5: 79EA0C1C007DD384B6CC033ACA71FA00F62D9D5F
c:\windows\pchealth\helpctr\binaries\pchsvc.dll	InMem: 1	Det [G]	MD5: 03A7A19834E2A63C445B3AC5E73AAB50	PX5: 5BE772A20028818F98B300E973AA5500998EE021
c:\windows\system32\srvsvc.dll	InMem: 1	Det [G]	MD5: 974831AA16AEE016D902F8582CCB30FE	PX5: 0BFF5A6200F821CA7A0401E40DD655008D70866B
c:\windows\system32\netman.dll	InMem: 1	Det [G]	MD5: 1231D4353698E19495DC8A929B8B74EB	PX5: 65612A5600E1886F042503516394BA0003C1C8BE
c:\windows\system32\netshell.dll	InMem: 1	Det [G]	MD5: 4CC28DE5620ACE4F613B42A4F836DEDE	PX5: F7F9A56A007CF701368C1AE01A3E1600E0C02A68
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{7007ACC7-3202-11D1-AAD2-00805FC1270E}\InprocServer32 - {7007ACC7-3202-11D1-AAD2-00805FC1270E} [C:\WINDOWS\system32\NETSHELL.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{992CFFA0-F557-101A-88EC-00DD010CCC48}\InprocServer32 - {992CFFA0-F557-101A-88EC-00DD010CCC48} [C:\WINDOWS\system32\NETSHELL.dll]
c:\windows\system32\credui.dll	InMem: 1	Det [G]	MD5: 2D68AF44B169D033545FA501B9FF4F30	PX5: E886FD9F0056D4F18254029213832F003DEFF647
c:\windows\system32\WZCSAPI.DLL	InMem: 1	Det [G]	MD5: 28CDDFDF8C30D886284F3549C4A8E284	PX5: EBF8733200CD9B7CCA4C0051E7642A0024707F2E
c:\windows\system32\sens.dll	InMem: 1	Det [G]	MD5: 688BE760C858E347A4E23186B725C86B	PX5: 00AF89660086F69E989700E590F03600F597A8F5
c:\windows\system32\trkwks.dll	InMem: 1	Det [G]	MD5: 6C7F265BD43A1D85103EC5CB1251D2B6	PX5: 906F8E37007C9B5A621D011F493B83005C29CC43
c:\windows\system32\srsvc.dll	InMem: 1	Det [G]	MD5: BA4E8AC9A60C4527C969D08F3ABE9D36	PX5: F652BD0100BA7CC29C6202A16DDB5500C590261B
c:\windows\system32\POWRPROF.dll	InMem: 1	Det [G]	MD5: 41FF9D663219A1DD0397FE2C5B09436C	PX5: 31AB7E9C00B2127E4485007208C03300950D28C1
c:\windows\system32\seclogon.dll	InMem: 1	Det [G]	MD5: 241D074DAB2A67D2D7616CE7C8B05650	PX5: 5B80E36F00AA396B4A8300B7E7951D00D7AA4B2D
c:\windows\system32\wbem\wmisvc.dll	InMem: 1	Det [G]	MD5: A91ACDD987DC3E0E1FCEDDA6F1FFEF2A	PX5: CEF9F3BC00C6E32738BF0260919AD800E787713F
C:\WINDOWS\system32\VSSAPI.DLL	InMem: 1	Det [G]	MD5: B590F13F17409970A6994473EB98EF74	PX5: FAEC6BFB002AF8059230067AACCA280087EB5B02
c:\windows\system32\wuauserv.dll	InMem: 1	Det [G]	MD5: 4CBB7CC975E5B67022A7F95DFC6EF9EC	PX5: 0799809A00702BD41AB400068A66AC0043C84727
C:\WINDOWS\system32\wuaueng.dll	InMem: 1	Det [G]	MD5: 3EEC20E41F5F331B94002970CEAEC92F	PX5: 26C07DF358FF2BE623151A8BD3FD64005FC70733
C:\WINDOWS\System32\mspatcha.dll	InMem: 1	Det [G]	MD5: A434E5666A953F6A0406CC99B8B8C6A0	PX5: 192CF4F3003C31E4769D0029DA080500F7D037E4
c:\windows\system32\wscsvc.dll	InMem: 1	Det [G]	MD5: 17F70F4E37452A30C35565052AB68BE9	PX5: B11BC224000C550D3E4B01F1618F6300676DF706
c:\windows\system32\msi.dll	InMem: 1	Det [G]	MD5: 34A737E1344985BC5A636A4ED286DE61	PX5: B09678EF00F05CBD8EB12B2266AE240024089B64
c:\windows\system32\ipnathlp.dll	InMem: 1	Det [G]	MD5: 1DA364FA673E18BC1DE8F5CDF3657DBD	PX5: 89882A6E0030CF0B12CE052A40AAE5009F9198F9
	REGROUTER - \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\AUTODHCP - DllName [ipnathlp.dll]
	REGROUTER - \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\DNSPROXY - DllName [ipnathlp.dll]
	REGROUTER - \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\FTP - DllName [ipnathlp.dll]
	REGROUTER - \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\H323 - DllName [ipnathlp.dll]
	REGROUTER - \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\IPNAT - DllName [ipnathlp.dll]
C:\WINDOWS\system32\wbem\wbemcomn.dll	InMem: 1	Det [G]	MD5: 7DB0054945C1C937553F97FA1F1EAFFB	PX5: 30B285D60040901346F3037FF72C08005C58C30E
C:\WINDOWS\System32\Wbem\wbemcore.dll	InMem: 1	Det [G]	MD5: 2E9B41FDD71FDDD9D596CF3FDF0A1FDD	PX5: D34E2BC3004DE1451AED08DF0B2B620026599912
C:\WINDOWS\System32\Wbem\esscli.dll	InMem: 1	Det [G]	MD5: 20938C6D287B27AB3F1FDE53FF3507DE	PX5: DE687FC600BAAC77C8B4030B6F14AB0094AE7226
C:\WINDOWS\System32\Wbem\FastProx.dll	InMem: 1	Det [G]	MD5: FC9F0B7216D087F9502ECE38439AE144	PX5: AEBA61B800E4BC9A34F5075F66FDAB005D1447F9
C:\WINDOWS\system32\wbem\wmiutils.dll	InMem: 1	Det [G]	MD5: BC664C7546EF5C1A5712E7B48AF24741	PX5: 0BDBA5A5000A6748803F0102F9279500D2C1C9B2
C:\WINDOWS\system32\wbem\repdrvfs.dll	InMem: 1	Det [G]	MD5: 41B4ED9F8D444CE09B6A1FE76AE22040	PX5: DAAC922100087395B4C8026D60ACD300B870E129
C:\WINDOWS\system32\comsvcs.dll	InMem: 1	Det [G]	MD5: 9C38B58FDD3FFBE7ED90B5936CCE3784	PX5: ED0A598E00540BAB56A9139D5AFF60002DA225EE
C:\WINDOWS\system32\colbact.DLL	InMem: 1	Det [G]	MD5: A9126ECB8BCA406D6DF60BEC11AF594A	PX5: A0B0F9B500ACD436ECA70034F32E2C001398A8B7
C:\WINDOWS\system32\MTXCLU.DLL	InMem: 1	Det [G]	MD5: 7C5986B94EEE98CF0A0F5EAE44912E5E	PX5: 66978F8E0092BC0304EB01E29B925900A2E75CFB
C:\WINDOWS\system32\WSOCK32.dll	InMem: 1	Det [G]	MD5: 3BD93201E3AFA5A0660C793A4BDAE773	PX5: 2C097C2B007169C960BA0014DCE7CC0038229E38
C:\WINDOWS\System32\CLUSAPI.DLL	InMem: 1	Det [G]	MD5: C3B4CFBA8936D0AF25D5391F53F2DA91	PX5: F4F4A6AD001EC8C1E2C500B4FE61840054C0DDE3
C:\WINDOWS\System32\RESUTILS.DLL	InMem: 1	Det [G]	MD5: CAD4191048F595A794E14CEE31DB06FD	PX5: 6DFA47A500DAF26FE68800D61F5B31009BB0B65D
C:\WINDOWS\system32\wbem\wmiprvsd.dll	InMem: 1	Det [G]	MD5: D110A8CDE08CC1D346814C814D32F2ED	PX5: DCBBBE7700F574BEAC5B06A359C30800D52199FA
C:\WINDOWS\system32\wbem\wbemess.dll	InMem: 1	Det [G]	MD5: 1C4C78B5943AE143513DD1522E14926A	PX5: 57BC20470030CEBC2E7C0420B5413100E2A61178
c:\windows\system32\browser.dll	InMem: 1	Det [G]	MD5: 72FBF0322BE8A0F25AE722FDE36AB1E6	PX5: 9CDD0A4F005D0D9D2E6201C807EC76000E0D1CE8
c:\windows\system32\tapisrv.dll	InMem: 1	Det [G]	MD5: 3A4C429F316C510C3E4C5F2FC7372C26	PX5: 77B7DE3500985E80CE7503E2DF55BE00B03FFDDD
c:\windows\system32\rasmans.dll	InMem: 1	Det [G]	MD5: 6686C0C8B47618414215FC184972C69E	PX5: 6AC5343500463BCBC43C0233B0575500AE7EBADF
c:\windows\system32\netcfgx.dll	InMem: 1	Det [G]	MD5: AB06350510C1F68C7202703480F6FF17	PX5: 4F8DF8B4009990EE9C82091CBF6CD600CD59067D
C:\WINDOWS\System32\rastapi.dll	InMem: 1	Det [G]	MD5: F4DE764732E8F6028BB18AADD4912317	PX5: 699D459D008C3BC6E634009735DEBF004B936485
C:\WINDOWS\system32\upnp.dll	InMem: 1	Det [G]	MD5: 7E7491C2CF7A0781C0004D2C5BE71BC4	PX5: 5CC09E6000F77B62063F026310FD670014E0CF2C
C:\WINDOWS\system32\SSDPAPI.dll	InMem: 1	Det [G]	MD5: 4EA31D2858780DDB446A9DC9B2D23C3D	PX5: B458C80C0094BE55886700FEA91CE300F0D01D10
C:\WINDOWS\System32\unimdm.tsp	InMem: 1	Det [G]	MD5: 12C9C630FD867446D8B846C28454A45F	PX5: BFCEE8FF0036A1F42CB803103A63E10078271DF9
C:\WINDOWS\System32\uniplat.dll	InMem: 1	Det [G]	MD5: 8BC01CBCDC4345A7367F2EDCBAA4A07F	PX5: D4A3FA58003A460436E500FC8F082200CAF4CCCF
C:\WINDOWS\System32\kmddsp.tsp	InMem: 1	Det [G]	MD5: 516447BBB1A13F72E98989580EEAEB36	PX5: C200FF390086F832824F0082C924C70039E73BB5
C:\WINDOWS\System32\ndptsp.tsp	InMem: 1	Det [G]	MD5: FF5CBCADD5833B484C773F7DF16F13BF	PX5: 9787C23000D76D69E07F0030C6CACA005BA7ED34
C:\WINDOWS\System32\ipconf.tsp	InMem: 1	Det [G]	MD5: 4E2F02E1BA55160806AD42FEE296F8B2	PX5: BB9887B4006414FA44B900C28BC43200412916D4
C:\WINDOWS\System32\h323.tsp	InMem: 1	Det [G]	MD5: EA96018804FEB47C384EFDB3D07E7EB9	PX5: 72FD790F00B8268510FF046EA54C6E0080B1B5D1
C:\WINDOWS\System32\hidphone.tsp	InMem: 1	Det [G]	MD5: EA5C2C1F5F74A5660FB0F72E63861030	PX5: 578102E800C1441976DD00BD8619300083827C0B
C:\WINDOWS\System32\HID.DLL	InMem: 1	Det [G]	MD5: 3B4E115A33A2BFF0D74792D572F448DD	PX5: 551CD37300F70F6C527C0010EC920400B756D4FA
C:\WINDOWS\System32\rasppp.dll	InMem: 1	Det [G]	MD5: 4A48EDCAB3B97997055AC533CAFDB501	PX5: 69B8011C006A35C426B80310309570000552A536
C:\WINDOWS\System32\ntlsapi.dll	InMem: 1	Det [G]	MD5: 8ED1589D9A626027E4FAF24C149860E6	PX5: 182944C0006C52E520B8003B3C2E0700820D2E78
C:\WINDOWS\System32\RASDLG.dll	InMem: 1	Det [G]	MD5: D52A1298D47FA8652B30451855265F94	PX5: 289AD96400BB9C934C7F0AD56A0D5500E683D618
C:\WINDOWS\system32\wbem\ncprov.dll	InMem: 1	Det [G]	MD5: 1B8923492B022438764DCF6BD8B0EFA9	PX5: 28C2B58B00AC779DB8320092176FE400CB94678D
C:\WINDOWS\system32\msxml3.dll	InMem: 1	Det [G]	MD5: F95E644F65D439D2F9122D52F0321327	PX5: 60B20BB200F84299DCAB10FF374BBC00797C1A91
C:\WINDOWS\system32\wups.dll	InMem: 1	Det [G]	MD5: A236F41B92B3CEAC754943FEF30C884E	PX5: 2F104E2558117BE383A6004E553EDB00C5D02FFD
C:\WINDOWS\system32\wbem\wbemcons.dll	InMem: 1	Det [G]	MD5: 89A935A5CB3FE6D25BB87DE3370E6B5E	PX5: FEC4B3B500CE633918000143FDB47200CD210469
c:\windows\system32\dnsrslvr.dll	InMem: 1	Det [G]	MD5: 1A4CCB390093D1A6F0EEC063F44AFF31	PX5: 3AB739DC00686EC6B26F00A3B54A4300F767B865
c:\windows\system32\lmhsvc.dll	InMem: 1	Det [G]	MD5: 6E008B7EB9B67D555B5EE1C1091F3A7E	PX5: 050B19680015AAE33629000A173BF5000631D061
c:\windows\system32\webclnt.dll	InMem: 1	Det [G]	MD5: 83ED24C34250AFAB1E55DEB3D8D7EC1A	PX5: F49C6F7000D3BB7B0AFE01B9E6A55A009E654432
c:\windows\system32\regsvc.dll	InMem: 1	Det [G]	MD5: 78FBE7DA29307EDE7ED0E33F1C4969BC	PX5: 0038ECD50092146CEAE600DC41696F006EFFA138
c:\windows\system32\ssdpsrv.dll	InMem: 1	Det [G]	MD5: 1FBF38A525EEDD7402BFA7E27236A64F	PX5: EFEEB4A70072CCE218E201A90823060000AE77FB
C:\WINDOWS\system32\brsvc01a.exe	InMem: 1	Det [G]	MD5: D3FACB34FFF5DB91ADB70987838F8BA7	PX5: 16DAE2F700B5F4D3E08A002E1361520029A5738B
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Brother XP spl Service - ImagePath [C:\WINDOWS\system32\brsvc01a.exe]
C:\WINDOWS\system32\spoolsv.exe	InMem: 1	Det [G]	MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F	PX5: 1DCDB07A00179F65E28700A02CD4BA00B29C7A8B
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Spooler - ImagePath [C:\WINDOWS\system32\spoolsv.exe]
C:\WINDOWS\system32\SPOOLSS.DLL	InMem: 1	Det [G]	MD5: DD90C59EF82D6CDE5886B595CA8D8D8A	PX5: EEC4C153008FC3AA248101F4B2E71800601A2E7A
C:\WINDOWS\system32\localspl.dll	InMem: 1	Det [G]	MD5: D5882ABF5F3652ACBF36C882EA4DC9A8	PX5: 4416D740002AA3683E4E05C1EF102900643A9BD8
C:\WINDOWS\system32\cnbjmon.dll	InMem: 1	Det [G]	MD5: A2660003F73982579EBFEF1F6C2F6234	PX5: ADFEA2D500C13C76C238009F710B75002AA8B844
C:\WINDOWS\system32\mdimon.dll	InMem: 1	Det [G]	MD5: 15A9294B81D0FF0E4AC75276C13FD04B	PX5: 5B71A346F0F10E5860F3000F6726A50076575E6B
C:\WINDOWS\system32\pdfcmnnt.dll	InMem: 1	Det [G]	MD5: 1574DD9D409F2DC45CF82C22B99164A4	PX5: 1A8759D10053B686C63D0185D678B4002069CFA1
C:\WINDOWS\system32\pjlmon.dll	InMem: 1	Det [G]	MD5: BBD335EEABDA429E2A4A401AE977ACCC	PX5: 84CFC62400E584133C01005DDEFEF70074DE7C99
C:\WINDOWS\system32\tcpmon.dll	InMem: 1	Det [G]	MD5: 1417745D9156EED7C8B871A3F8A8F56D	PX5: 4DB1307F00B38383B4DE0091A261F900D73B20B9
C:\WINDOWS\system32\usbmon.dll	InMem: 1	Det [G]	MD5: 1AE1CDA7F68B0A8603A3117AE5F00B03	PX5: 355B55CF00434C1C429F0037D7A64900612AB6C2
C:\WINDOWS\System32\spool\PRTPROCS\W32X86\brmfpp1.dll	InMem: 1	Det [G]	MD5: D5C949AF42DC0A7E3D26CF63D43604BD	PX5: 3BFB7274AD0E4F8A661B005EA138CD00E8ADA505
C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll	InMem: 1	Det [G]	MD5: 063457262374B224226710D8DB74C37C	PX5: E48E2F6AF05219F164EA008F9C19CC0025975546
C:\WINDOWS\System32\spool\PRTPROCS\W32X86\ppbipr.dll	InMem: 1	Det [G]	MD5: 091BAF6A902261F235B734DEFE0473EC	PX5: 4ED6FD12006DC9F4BA2C00AC15A9830093572310
C:\WINDOWS\system32\win32spl.dll	InMem: 1	Det [G]	MD5: 660E56BC8C253B5B47DCC6560CCD62DA	PX5: 3EE5A7330005B84D903F019D6D465800D7DE2821
C:\WINDOWS\system32\NETRAP.dll	InMem: 1	Det [G]	MD5: E7FC69C00BEBC04DAEF86071822B2B89	PX5: B3940B1900334CEB30F300847BE9340024D302E6
C:\WINDOWS\system32\inetpp.dll	InMem: 1	Det [G]	MD5: BE4FF5FBBC55DC3C2445377C50497F1F	PX5: 84746D7B00F17DE826600104529E590058DFB441
C:\WINDOWS\system32\brss01a.exe	InMem: 1	Det [G]	MD5: 9E646CD378D4D0C996BAF9BCB18237C7	PX5: 55329B8F00C84565B0A6001BA7DFC600FB6BC3AA
C:\Programmi\a-squared Free\a2service.exe	InMem: 1	Det [GP]	MD5: D8ADF0518C336ABC6FA49412DC9DE141	PX5: 6FABDEC178A154A7987B0561167144007EACC66A
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\a2free - ImagePath [C:\Programmi\a-squared Free\a2service.exe]
C:\WINDOWS\Explorer.EXE	InMem: 1	Det [G]	MD5: 7E2817A623E16F830B660F81C0FD63DA	PX5: 5F224AD100F73BC6CEBA0FDC56B8E400769BB8AE
	REGWINLOG - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon - Shell [Explorer.exe]
C:\WINDOWS\system32\BROWSEUI.dll	InMem: 1	Det [G]	MD5: 3C980090E5313D1B6A2378BA9ED5A296	PX5: 6F02E5D500A9C0D09E6B0F878595D30083B7E67E
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{5E6AB780-7743-11CF-A12B-00AA004AE837}\InprocServer32 - {5E6AB780-7743-11CF-A12B-00AA004AE837} [%SystemRoot%\system32\browseui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{22BF0C20-6DA7-11D0-B373-00A0C9034938}\InprocServer32 - {22BF0C20-6DA7-11D0-B373-00A0C9034938} [%SystemRoot%\system32\browseui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{91EA3F8B-C99B-11d0-9815-00C04FD91972}\InprocServer32 - {91EA3F8B-C99B-11d0-9815-00C04FD91972} [%SystemRoot%\system32\browseui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{6413BA2C-B461-11d1-A18A-080036B11A03}\InprocServer32 - {6413BA2C-B461-11d1-A18A-080036B11A03} [%SystemRoot%\system32\browseui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{F61FFEC1-754F-11d0-80CA-00AA005B4383}\InprocServer32 - {F61FFEC1-754F-11d0-80CA-00AA005B4383} [%SystemRoot%\system32\browseui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{7BA4C742-9E81-11CF-99D3-00AA004AE837}\InprocServer32 - {7BA4C742-9E81-11CF-99D3-00AA004AE837} [%SystemRoot%\system32\browseui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{30D02401-6A81-11d0-8274-00C04FD5AE38}\InprocServer32 - {30D02401-6A81-11d0-8274-00C04FD5AE38} [%SystemRoot%\system32\browseui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{169A0691-8DF9-11d1-A1C4-00C04FD75D13}\InprocServer32 - {169A0691-8DF9-11d1-A1C4-00C04FD75D13} [%SystemRoot%\system32\browseui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{07798131-AF23-11d1-9111-00A0C98BA67D}\InprocServer32 - {07798131-AF23-11d1-9111-00A0C98BA67D} [%SystemRoot%\system32\browseui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{AF4F6510-F982-11d0-8595-00AA004CD6D8}\InprocServer32 - {AF4F6510-F982-11d0-8595-00AA004CD6D8} [%SystemRoot%\system32\browseui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{01E04581-4EEE-11d0-BFE9-00AA005B4383}\InprocServer32 - {01E04581-4EEE-11d0-BFE9-00AA005B4383} [%SystemRoot%\system32\browseui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{A08C11D2-A228-11d0-825B-00AA005B4383}\InprocServer32 - {A08C11D2-A228-11d0-825B-00AA005B4383} [%SystemRoot%\system32\browseui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 - {00BB2763-6A77-11D0-A535-00C04FD7D062} [%SystemRoot%\system32\browseui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{7376D660-C583-11d0-A3A5-00C04FD706EC}\InprocServer32 - {7376D660-C583-11d0-A3A5-00C04FD706EC} [%SystemRoot%\system32\browseui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{6756A641-DE71-11d0-831B-00AA005B4383}\InprocServer32 - {6756A641-DE71-11d0-831B-00AA005B4383} [%SystemRoot%\system32\browseui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}\InprocServer32 - {6935DB93-21E8-4ccc-BEB9-9FE3C77A297A} [%SystemRoot%\system32\browseui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{7e653215-fa25-46bd-a339-34a2790f3cb7}\InprocServer32 - {7e653215-fa25-46bd-a339-34a2790f3cb7} [%SystemRoot%\system32\browseui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{acf35015-526e-4230-9596-becbe19f0ac9}\InprocServer32 - {acf35015-526e-4230-9596-becbe19f0ac9} [%SystemRoot%\system32\browseui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{00BB2764-6A77-11D0-A535-00C04FD7D062}\InprocServer32 - {00BB2764-6A77-11D0-A535-00C04FD7D062} [%SystemRoot%\system32\browseui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 - {03C036F1-A186-11D0-824A-00AA005B4383} [%SystemRoot%\system32\browseui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{00BB2765-6A77-11D0-A535-00C04FD7D062}\InprocServer32 - {00BB2765-6A77-11D0-A535-00C04FD7D062} [%SystemRoot%\system32\browseui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{ECD4FC4E-521C-11D0-B792-00A0C90312E1}\InprocServer32 - {ECD4FC4E-521C-11D0-B792-00A0C90312E1} [%SystemRoot%\system32\browseui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}\InprocServer32 - {3CCF8A41-5C85-11d0-9796-00AA00B90ADF} [%SystemRoot%\system32\browseui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{ECD4FC4C-521C-11D0-B792-00A0C90312E1}\InprocServer32 - {ECD4FC4C-521C-11D0-B792-00A0C90312E1} [%SystemRoot%\system32\browseui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{ECD4FC4D-521C-11D0-B792-00A0C90312E1}\InprocServer32 - {ECD4FC4D-521C-11D0-B792-00A0C90312E1} [%SystemRoot%\system32\browseui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{DD313E04-FEFF-11d1-8ECD-0000F87A470C}\InprocServer32 - {DD313E04-FEFF-11d1-8ECD-0000F87A470C} [%SystemRoot%\system32\browseui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}\InprocServer32 - {EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} [%SystemRoot%\system32\browseui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{21569614-B795-46b1-85F4-E737A8DC09AD}\InprocServer32 - {21569614-B795-46b1-85F4-E737A8DC09AD} [%SystemRoot%\system32\browseui.dll]
	REGTASKSCHED - \REGISTRY\Machine\Software\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InprocServer32 - {438755C2-A8BA-11D1-B96B-00A0C90312E1} [%SystemRoot%\system32\browseui.dll]
	REGTASKSCHED - \REGISTRY\Machine\Software\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InprocServer32 - {8C7461EF-2B13-11d2-BE35-3078302C2030} [%SystemRoot%\system32\browseui.dll]
	REGTOOLBAR - \REGISTRY\Machine\Software\Classes\CLSID\{01E04581-4EEE-11D0-BFE9-00AA005B4383}\InprocServer32 - {01E04581-4EEE-11D0-BFE9-00AA005B4383} [%SystemRoot%\system32\browseui.dll]
C:\WINDOWS\system32\SHDOCVW.dll	InMem: 1	Det [G]	MD5: AA3930156BDB25FF32E0D69E2770C351	PX5: D9FE865200515F3DD0E7162E20EFC1005D2ED551
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}\InprocServer32 - {2559a1f7-21d7-11d4-bdaf-00c04f60b9f0} [%SystemRoot%\system32\shdocvw.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}\InprocServer32 - {2559a1f0-21d7-11d4-bdaf-00c04f60b9f0} [%SystemRoot%\system32\shdocvw.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}\InprocServer32 - {2559a1f1-21d7-11d4-bdaf-00c04f60b9f0} [%SystemRoot%\system32\shdocvw.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}\InprocServer32 - {2559a1f2-21d7-11d4-bdaf-00c04f60b9f0} [%SystemRoot%\system32\shdocvw.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}\InprocServer32 - {2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} [%SystemRoot%\system32\shdocvw.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}\InprocServer32 - {2559a1f4-21d7-11d4-bdaf-00c04f60b9f0} [%SystemRoot%\system32\shdocvw.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}\InprocServer32 - {2559a1f5-21d7-11d4-bdaf-00c04f60b9f0} [%SystemRoot%\system32\shdocvw.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{D20EA4E1-3957-11d2-A40B-0C5020524152}\InprocServer32 - {D20EA4E1-3957-11d2-A40B-0C5020524152} [%SystemRoot%\system32\shdocvw.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{D20EA4E1-3957-11d2-A40B-0C5020524153}\InprocServer32 - {D20EA4E1-3957-11d2-A40B-0C5020524153} [%SystemRoot%\system32\shdocvw.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{EFA24E61-B078-11d0-89E4-00C04FC9E26E}\InprocServer32 - {EFA24E61-B078-11d0-89E4-00C04FC9E26E} [%SystemRoot%\system32\shdocvw.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{0A89A860-D7B1-11CE-8350-444553540000}\InprocServer32 - {0A89A860-D7B1-11CE-8350-444553540000} [%SystemRoot%\system32\shdocvw.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}\InprocServer32 - {E7E4BC40-E76A-11CE-A9BB-00AA004AE837} [%SystemRoot%\system32\shdocvw.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}\InprocServer32 - {A5E46E3A-8849-11D1-9D8C-00C04FC99D61} [%SystemRoot%\system32\shdocvw.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}\InprocServer32 - {FBF23B40-E3F0-101B-8488-00AA003E56F8} [shdocvw.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{3C374A40-BAE4-11CF-BF7D-00AA006946EE}\InprocServer32 - {3C374A40-BAE4-11CF-BF7D-00AA006946EE} [%SystemRoot%\system32\shdocvw.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InprocServer32 - {FF393560-C2A7-11CF-BFF4-444553540000} [%SystemRoot%\system32\shdocvw.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{7BD29E00-76C1-11CF-9DD0-00A0C9034933}\InprocServer32 - {7BD29E00-76C1-11CF-9DD0-00A0C9034933} [%SystemRoot%\system32\shdocvw.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{7BD29E01-76C1-11CF-9DD0-00A0C9034933}\InprocServer32 - {7BD29E01-76C1-11CF-9DD0-00A0C9034933} [%SystemRoot%\system32\shdocvw.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}\InprocServer32 - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} [%SystemRoot%\system32\shdocvw.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}\InprocServer32 - {A2B0DD40-CC59-11d0-A3A5-00C04FD706EC} [%SystemRoot%\system32\shdocvw.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{67EA19A0-CCEF-11d0-8024-00C04FD75D13}\InprocServer32 - {67EA19A0-CCEF-11d0-8024-00C04FD75D13} [%SystemRoot%\system32\shdocvw.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{131A6951-7F78-11D0-A979-00C04FD705A2}\InprocServer32 - {131A6951-7F78-11D0-A979-00C04FD705A2} [%SystemRoot%\system32\shdocvw.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{9461b922-3c5a-11d2-bf8b-00c04fb93661}\InprocServer32 - {9461b922-3c5a-11d2-bf8b-00c04fb93661} [%SystemRoot%\system32\shdocvw.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}\InprocServer32 - {3DC7A020-0ACD-11CF-A9BB-00AA004AE837} [%SystemRoot%\system32\shdocvw.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 - {871C5380-42A0-1069-A2EA-08002B30309D} [%SystemRoot%\system32\shdocvw.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{EFA24E64-B078-11d0-89E4-00C04FC9E26E}\InprocServer32 - {EFA24E64-B078-11d0-89E4-00C04FC9E26E} [%SystemRoot%\system32\shdocvw.dll]
	REGEXPSHELL - \REGISTRY\Machine\Software\Classes\CLSID\{4D5C8C25-D075-11d0-B416-00C04FB90376}\InprocServer32 - BarSize [%SystemRoot%\system32\shdocvw.dll]
	REGEXPSHELL - \REGISTRY\Machine\Software\Classes\CLSID\{EFA24E61-B078-11D0-89E4-00C04FC9E26E}\InprocServer32 - BarSize [%SystemRoot%\system32\shdocvw.dll]
	REGEXPSHELL - \REGISTRY\Machine\Software\Classes\CLSID\{EFA24E62-B078-11D0-89E4-00C04FC9E26E}\InprocServer32 - BarSize [%SystemRoot%\system32\shdocvw.dll]
	REGEXPSHELL - \REGISTRY\Machine\Software\Classes\CLSID\{E0DD6CAB-2D10-11D2-8F1A-0000F87ABD16}\InprocServer32 - CLSID [%SystemRoot%\system32\shdocvw.dll]
	REGEXPSHELL - \REGISTRY\Machine\Software\Classes\CLSID\{1FBA04EE-3024-11D2-8F1F-0000F87ABD16}\InprocServer32 - CLSID [%SystemRoot%\system32\shdocvw.dll]
C:\WINDOWS\system32\themeui.dll	InMem: 1	Det [G]	MD5: 0F7BFE3EF3FC33FD598427C015BB8B5D	PX5: BAC50787005D6D22F49E05A57642CD002A91E075
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{41E300E0-78B6-11ce-849B-444553540000}\InprocServer32 - {41E300E0-78B6-11ce-849B-444553540000} [%SystemRoot%\system32\themeui.dll]
C:\WINDOWS\system32\MSIMG32.dll	InMem: 1	Det [G]	MD5: 51F309AA675B5B77D19C573B7E0BB253	PX5: CB413D4600B070AF127100D0C427CA00FD59EFF9
C:\WINDOWS\system32\urlmon.dll	InMem: 1	Det [G]	MD5: 9E9F80B3B707D9523C0BCFB98F81FA0B	PX5: 2F975D23009DDBAA6866093CCE5FA8002CF6AC4A
C:\WINDOWS\system32\LINKINFO.dll	InMem: 1	Det [G]	MD5: B737A3DA2C0A605CE2C7E118C59F38C7	PX5: 87EB2C9D005DD1A14E450046E4D6CC0014CFCDB6
C:\WINDOWS\system32\ntshrui.dll	InMem: 1	Det [G]	MD5: 64E0C77FAF1A30547739580EB5F3AACF	PX5: 5EB8DF8A0005A80F3870025CC8B2C100D6ECC82F
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{40dd6e20-7c17-11ce-a804-00aa003ca9f6}\InprocServer32 - {40dd6e20-7c17-11ce-a804-00aa003ca9f6} [ntshrui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}\InprocServer32 - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} [ntshrui.dll]
C:\WINDOWS\system32\webcheck.dll	InMem: 1	Det [G]	MD5: 9ADAE07A13E295A98F5EE7726354C28F	PX5: 7A671D1200F332C4486E04DF4339C300F2AAD0B7
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\InprocServer32 - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [%SystemRoot%\system32\webcheck.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}\InprocServer32 - {ABBE31D0-6DAE-11D0-BECA-00C04FD940BE} [%SystemRoot%\system32\webcheck.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{F5175861-2688-11d0-9C5E-00AA00A45957}\InprocServer32 - {F5175861-2688-11d0-9C5E-00AA00A45957} [%SystemRoot%\system32\webcheck.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{08165EA0-E946-11CF-9C87-00AA005127ED}\InprocServer32 - {08165EA0-E946-11CF-9C87-00AA005127ED} [%SystemRoot%\system32\webcheck.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}\InprocServer32 - {E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB} [%SystemRoot%\system32\webcheck.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}\InprocServer32 - {E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7} [%SystemRoot%\system32\webcheck.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{7D559C10-9FE9-11d0-93F7-00AA0059CE02}\InprocServer32 - {7D559C10-9FE9-11d0-93F7-00AA0059CE02} [%SystemRoot%\system32\webcheck.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}\InprocServer32 - {E6CC6978-6B6E-11D0-BECA-00C04FD940BE} [%SystemRoot%\system32\webcheck.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{D8BD2030-6FC9-11D0-864F-00AA006809D9}\InprocServer32 - {D8BD2030-6FC9-11D0-864F-00AA006809D9} [%SystemRoot%\system32\webcheck.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}\InprocServer32 - {7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB} [%SystemRoot%\system32\webcheck.dll]
	REGDELAY - \REGISTRY\Machine\Software\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\InprocServer32 - WebCheck [%SystemRoot%\system32\webcheck.dll]
C:\WINDOWS\system32\stobject.dll	InMem: 1	Det [G]	MD5: 6474C3D1C136C60291B8A5EE9ED1735B	PX5: 54D80CDC00F43E2DDE26016C15CB850052548DBB
	REGDELAY - \REGISTRY\Machine\Software\Classes\CLSID\{35CEC8A3-2BE6-11D2-8773-92E220524153}\InprocServer32 - SysTray [C:\WINDOWS\system32\stobject.dll]
C:\WINDOWS\system32\BatMeter.dll	InMem: 1	Det [G]	MD5: 66DB9D9CA443D7C8C9222BFF72F61ACF	PX5: 73074F1200F9F02570C400FC5F48D3002E4325D8
C:\WINDOWS\system32\WPDShServiceObj.dll	InMem: 1	Det [G]	MD5: 8F9A244A9E6D7C3566C9C6B064D8767C	PX5: F46398C600DF6958CC1600B8147EB60085C12F66
	REGDELAY - \REGISTRY\Machine\Software\Classes\CLSID\{AAA288BA-9A4C-45B0-95D7-94D524869DB5}\InprocServer32 - WPDShServiceObj [C:\WINDOWS\system32\WPDShServiceObj.dll]
C:\WINDOWS\system32\mydocs.dll	InMem: 1	Det [G]	MD5: 0E34AD97F42004E23DA845FF4F822090	PX5: 57E2829600BA664D643501A4D8468A0095362A02
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{ECF03A33-103D-11d2-854D-006008059367}\InprocServer32 - {ECF03A33-103D-11d2-854D-006008059367} [%SystemRoot%\system32\mydocs.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{ECF03A32-103D-11d2-854D-006008059367}\InprocServer32 - {ECF03A32-103D-11d2-854D-006008059367} [%SystemRoot%\system32\mydocs.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{4a7ded0a-ad25-11d0-98a8-0800361b1103}\InprocServer32 - {4a7ded0a-ad25-11d0-98a8-0800361b1103} [%SystemRoot%\system32\mydocs.dll]
C:\WINDOWS\system32\PortableDeviceTypes.dll	InMem: 1	Det [G]	MD5: 4BDC14B0F6BD56890A94DFCED95BF878	PX5: 137E048C00987280949A029AC62EEC004C4E7E48
C:\WINDOWS\system32\PortableDeviceApi.dll	InMem: 1	Det [G]	MD5: 2AC9726B2AD5D32693819FD4280CF9C6	PX5: 7F4EDD970016C19C463C051E055AF800D47EF69E
C:\WINDOWS\system32\MSCTF.dll	InMem: 1	Det [G]	MD5: 5D2F1BEEA828B4951F550BADE794C1EF	PX5: 64563C73008EB95E7EDD046B94EDCE00A3D588EB
C:\Programmi\BillP Studios\WinPatrol\PATROLPRO.DLL	InMem: 1	Det [u]	MD5: E5E65547E6924CC0276F2F531620D603	PX5: 5D16740830A18C0AF55F00F07F766B00692EAF9A
C:\WINDOWS\system32\printui.dll	InMem: 1	Det [G]	MD5: CA104D6E9428BA00346CD615A1EE2E31	PX5: CFC465B500331E10BE8C08062B62D70065070AFA
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{77597368-7b15-11d0-a0c2-080036af3f03}\InprocServer32 - {77597368-7b15-11d0-a0c2-080036af3f03} [printui.dll]
C:\WINDOWS\system32\CFGMGR32.dll	InMem: 1	Det [G]	MD5: 15797C5AA673590064348A025A5F17D9	PX5: 74C69D7C00EDC85142F6003C4DC9A1006D7B8195
C:\WINDOWS\System32\drprov.dll	InMem: 1	Det [G]	MD5: 4F32C69E05AE35FC609218E94B0DF5D9	PX5: BB8EDCE2008403A638800074FD083400905C26EC
C:\WINDOWS\System32\ntlanman.dll	InMem: 1	Det [G]	MD5: D72C81E7F4986BEB202813FC743AF8D7	PX5: FCEBCD7A009905FEAA4200960455950080D2A1BD
C:\WINDOWS\System32\NETUI0.dll	InMem: 1	Det [G]	MD5: 9FE57C0551C88667B8FBDE49BD399144	PX5: 074187360063FEE5400A014D6C2C430053ABE349
C:\WINDOWS\System32\NETUI1.dll	InMem: 1	Det [G]	MD5: A5CA0066DF5A68D4A7403F2E32D620D8	PX5: A4DAD8A200850E09C097034C744E770099F86FBA
C:\WINDOWS\System32\davclnt.dll	InMem: 1	Det [G]	MD5: FA5791230A59DCC0F1BB0B0A193375A7	PX5: 5E0DDE0C0099E131624800B42D603500DF9BC5AA
C:\Programmi\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll	InMem: 1	Det [G]	MD5: 4B0991CD076B617A2231B19A6663C1C9	PX5: 066EC4DE00858605B060015F10D3790055C4D630
	REGEXPSHELL - \REGISTRY\Machine\Software\Classes\CLSID\{F9DB5320-233E-11D1-9F84-707F02C10627}\InprocServer32 -  [C:\Programmi\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]
C:\WINDOWS\system32\browselc.dll	InMem: 1	Det [G]	MD5: 03163D2CD97C11514F29987971F50A13	PX5: EA63F88500B471270C9A01309A4A800054BE305C
C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll	InMem: 1	Det [G]	MD5: 42729C3DE75A7A51FC6F9EF6546C9199	PX5: 72C99272A0F1D00EF61700C020CDC50072297340
C:\WINDOWS\system32\MSVCR71.dll	InMem: 1	Det [G]	MD5: 86F1895AE8C5E8B17D99ECE768A70732	PX5: 3FEE1145002F2EB8504E05ED76DA9100776D97E7
C:\WINDOWS\system32\DUSER.dll	InMem: 1	Det [G]	MD5: 0E316FF410E9A5BCA1BD1794DECE800F	PX5: 576588D800DB533AA46504C81FA1F900F6700574
C:\WINDOWS\system32\MLANG.dll	InMem: 1	Det [G]	MD5: F036BC2525F8701628ABB0A550C1C692	PX5: A0FB8BA50045A9FEF20208062C04B3005F96B032
C:\WINDOWS\system32\wzcdlg.dll	InMem: 1	Det [G]	MD5: 362D2868E6C48FBC6581B16AF55E2AD1	PX5: FDC5ABBF00DE72F2C818054EFDC634000861176E
C:\Programmi\Grisoft\AVG7\avgamsvr.exe	InMem: 1	Det [G]	MD5: 3C7B93F947355E374A49564D0D017B7B	PX5: 21DE92A5001AF2AB64A906625DE519006365E2D7
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Avg7Alrt - ImagePath [C:\Programmi\Grisoft\AVG7\avgamsvr.exe]
C:\Programmi\Grisoft\AVG7\avgklib.dll	InMem: 1	Det [G]	MD5: D756DC41EFFAAD294C858E94B4A11BD2	PX5: 0905B47E00DB8F4AF0C200D2E1793900305E89E0
C:\WINDOWS\system32\MSVCP71.dll	InMem: 1	Det [G]	MD5: 561FA2ABB31DFA8FAB762145F81667C2	PX5: F133D4F000B92F08A0E107FD67B66E0015498C05
C:\Programmi\Grisoft\AVG7\avglog.dll	InMem: 1	Det [G]	MD5: C935B33CB471DB79A42B81276A8D0934	PX5: D7A89D52008854C89AC801A4B599270028FCA248
C:\Programmi\Grisoft\AVG7\avgcfg.dll	InMem: 1	Det [G]	MD5: EE3201BF942FB000B8C98A6CEB9C4105	PX5: 9E42292C0097D465BE5108AD760F6200DA2B1CA8
C:\WINDOWS\system32\wbem\wbemprox.dll	InMem: 1	Det [G]	MD5: CECE259D273771497D2C96C8121D9C58	PX5: 118AA1B200D76A754A3B0017C7664600A1463C19
C:\WINDOWS\system32\wbem\wbemsvc.dll	InMem: 1	Det [G]	MD5: DD3E1E96EA769C31936D9B09F9137954	PX5: 25397BDF00757EBFAAF700E3ED2B7800B9284F1B
C:\Programmi\Grisoft\AVG7\avglng.dll	InMem: 1	Det [G]	MD5: 1C8526EDBCE5499EB5722BED0A14B97C	PX5: 4ECED89B00CF9794E450009CD16D5500FFF988A8
C:\Programmi\Grisoft\AVG7\avgupsvc.exe	InMem: 1	Det [G]	MD5: 30A14F65DB477DC00A64A5A24E96919C	PX5: FB2D0C8C0030CE48C28B00B9473117008F2553BE
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Avg7UpdSvc - ImagePath [C:\Programmi\Grisoft\AVG7\avgupsvc.exe]
C:\Programmi\Grisoft\AVG7\avgemc.exe	InMem: 1	Det [G]	MD5: FC0B2AE890BB0DC8C2306DABEDC8A4BA	PX5: 4A5FE9A4007E299F34A8065593279900431C83BC
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\AVGEMS - ImagePath [C:\Programmi\Grisoft\AVG7\avgemc.exe]
C:\Programmi\Grisoft\AVG7\libsasl.dll	InMem: 1	Det [G]	MD5: 694A11E643C8D3D27BFA8FC770990750	PX5: 56A03C6100B1FC62B41D00F6BE532A00B5BC37DD
C:\Programmi\Grisoft\AVG7\avgscan.dll	InMem: 1	Det [G]	MD5: 3A68865B43C361A227B9BD8DA49E71E4	PX5: 9F98A5910034E47FFE310562123AEF009D040066
C:\Programmi\Grisoft\AVG7\avgunarc.dll	InMem: 1	Det [G]	MD5: E5D4EDFBE5C6EC8B5FFE2CFCDC6DA880	PX5: 94CC112C000ECAA6EC0102379DE66800C3E8D4CB
C:\Programmi\Grisoft\AVG7\saslcrammd5.dll	InMem: 1	Det [G]	MD5: 093FD00E5CB80FE7E8DECC67758CE341	PX5: 2C96C31E00B5E01E287D004D2BD0C00035A197BB
C:\Programmi\Grisoft\AVG7\sasldigestmd5.dll	InMem: 1	Det [G]	MD5: F23D9F906D761F2E3332A4119F5AEECA	PX5: 3EB7F743003CE1316CB600F23AA81000625F6143
C:\Programmi\Grisoft\AVG7\sasllogin.dll	InMem: 1	Det [G]	MD5: 01FF0DCDB9568CC16FA2751B904A9C19	PX5: AEF045C8000B3B71248500311400D200C8CABD07
C:\Programmi\Grisoft\AVG7\saslplain.dll	InMem: 1	Det [G]	MD5: 7C6632FF007383428033EF5D21074CCE	PX5: 7701885500D5F013240C00DCBB2227008E609439
C:\Programmi\Grisoft\AVG7\avgmail.dll	InMem: 1	Det [G]	MD5: 3418CB457423454BA22EE56872932D18	PX5: 810EAF1A00F9191334950279EB43610032372599
C:\WINDOWS\system32\SensAPI.DLL	InMem: 1	Det [G]	MD5: 344E594BB748D4F828211A7C9CEA0829	PX5: 945479A500423FB71A9A004C020A3B0024ABF6B3
C:\Programmi\Grisoft\AVG7\avgemcps.dll	InMem: 1	Det [G]	MD5: B6D988D898573CCD1A2BA20422B8C8F1	PX5: C4B6B553003904352A5E00E8C63AE8000F712130
C:\WINDOWS\system32\Brmfrmps.exe	InMem: 1	Det [G]	MD5: BB192385661DAF7F3D48B586F6E1D166	PX5: EE499B3200C0A29F00AA016511AC8200CDE6B77D
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\brmfrmps - ImagePath [C:\WINDOWS\system32\Brmfrmps.exe]
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE	InMem: 1	Det [G]	MD5: 8EEF3110372D329549C8FB53209FE92C	PX5: 1A0FD2EA008FBAB47EB80052D5E1BA000B3518C5
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\C-DillaSrv - ImagePath [C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE]
C:\WINDOWS\system32\lvhidsvc.exe	InMem: 1	Det [G]	MD5: 52309E5E415E2E73A51949DE2C7244C3	PX5: C762574400C2E3B37C7A0003342B50000EA50617
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\LvHidSvc - ImagePath [C:\WINDOWS\system32\lvhidsvc.exe]
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE	InMem: 1	Det [G]	MD5: 11F714F85530A2BD134074DC30E99FCA	PX5: 2E5BA9D3480CBAE9EA2A04C9F6D7FB00F945EC88
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\MDM - ImagePath [C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE]
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\1040\mdmui.dll	InMem: 1	Det [G]	MD5: 9F8DA8A1FB99658F283329208289B5D6	PX5: 2998F71B0054707760E1002DBABFEB007BD15900
C:\WINDOWS\system32\nvsvc32.exe	InMem: 1	Det [G]	MD5: A59A928B2A1934403FA8731352D09822	PX5: 4172638C43A6DF33F0B8015A03492C008FEE7E79
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\NVSvc - ImagePath [C:\WINDOWS\system32\nvsvc32.exe]
c:\windows\system32\wiaservc.dll	InMem: 1	Det [G]	MD5: 385CF0E9C4679D23E1E8715AF2116D03	PX5: B69A81C6002918EE1A4705E2549FBB00ED5C7BBD
c:\windows\system32\mscms.dll	InMem: 1	Det [G]	MD5: CD669D359DAD2AB7EE5F6E09010A6167	PX5: DF52A2B9002BAEF722FE01B4E2E8B900D4427BF9
C:\WINDOWS\system32\BrWia04a.dll	InMem: 1	Det [G]	MD5: EEAF0623B3A33DF441734613C853F264	PX5: FC10ADCD00409B88D8D00142AE2C8C0042265BE9
C:\WINDOWS\system32\BrUSi04a.dll	InMem: 1	Det [G]	MD5: 84032D07DE3D81E210281B89430A2ACE	PX5: 7FCD027F003F6F6692AB0016948BDD004FA6555B
C:\WINDOWS\system32\actxprxy.dll	InMem: 1	Det [G]	MD5: CAC8CE72845461A8C6818071D923FC89	PX5: 007947C1003133828EF901D865E09C00F6A66BF3
C:\WINDOWS\system32\sti.dll	InMem: 1	Det [G]	MD5: 8F44BA342774B5CC5E5A6A0B68E5ECC3	PX5: D0C61BDE00B5681C0CA40120655A6E00CC4935F5
C:\WINDOWS\SOUNDMAN.EXE	InMem: 1	Det [G]	MD5: 6878F2BFA204DA2A4451F91821FD4391	PX5: 346CEE4E004EAA27D8FB007EC79EF4003BDB6C1E
	REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - SoundMan [SOUNDMAN.EXE]
C:\VEXPLITE\viritsvc.exe	InMem: 1	Det [G]	MD5: 1B4A565FFC9A7FC4D659CE82199C1F3E	PX5: 99B91105000383E1E0E4001DC9D21100AEA06448
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\viritsvclite - ImagePath [C:\VEXPLITE\viritsvc.exe]
C:\Programmi\ScanSoft\PaperPort\pptd40nt.exe	InMem: 1	Det [G]	MD5: 77476856F5D48DAA2A82C9827263AE20	PX5: 828B522C3125C990E0EB00F6A5F1D6003DADECC7
	REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - PaperPort PTD [C:\Programmi\ScanSoft\PaperPort\pptd40nt.exe]
C:\Programmi\ScanSoft\PaperPort\MAXUTIL.dll	InMem: 1	Det [G]	MD5: 20F1C37210482B8C162E87AD3030974E	PX5: 83AA589D30C6DC89A0B301F41C4DEC00C135E3C0
C:\Programmi\ScanSoft\PaperPort\PPERR.dll	InMem: 1	Det [G]	MD5: A3153762527D76CA08B0A549BB1C72A1	PX5: D91EBBD22E3C0531703E012DDDE82A00B4B6E3E3
C:\Programmi\ScanSoft\PaperPort\blicectr.dll	InMem: 1	Det [G]	MD5: 47E0561C5B357FAAF92D08FC3F65EB1F	PX5: A897EECF0005BC361CBC0004184CA200B135A077
C:\Programmi\Brother\ControlCenter2\brctrcen.exe	InMem: 1	Det [G]	MD5: 7C280EBDF43724636289D50CF26F2AB0	PX5: 8FDED87500C5779300460D58EDB7CB002A945D1D
	REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - ControlCenter2.0 [C:\Programmi\Brother\ControlCenter2\brctrcen.exe /autorun]
C:\Programmi\Brother\ControlCenter2\LTDIS12n.dll	InMem: 1	Det [G]	MD5: 9C9D11D244A299BD2F033FC563CB936F	PX5: B17F2CFA001A473540B304F775FB3F00224FBC14
C:\Programmi\Brother\ControlCenter2\LTKRN12n.dll	InMem: 1	Det [G]	MD5: 5B25715843282D0D42CB9A98B78686E1	PX5: 67A45DE800DD19E9326B06B22877D700F054F634
C:\Programmi\Brother\ControlCenter2\LTFIL12n.DLL	InMem: 1	Det [G]	MD5: DC39B687004E4B8CB6999B15B32A2A10	PX5: 7C40F99100D18A5BDA8F013B6264F000530BA65C
C:\Programmi\Brother\ControlCenter2\brccfile.dll	InMem: 1	Det [G]	MD5: EB8B64A3A08BC568C0A9FD15090B70DF	PX5: 4DDFA64D003FB19DF00F007E9E2D070018DA4844
C:\Programmi\Brother\ControlCenter2\brctcita.DLL	InMem: 1	Det [G]	PX5: 65FB2BB40092A921400831D60B49CE007CC1D36C
C:\Programmi\Brother\ControlCenter2\BRCCWIA.DLL	InMem: 1	Det [G]	MD5: 6616C92E0014F0E55CDF8BD45B651E56	PX5: A895FEA100C5F178503C012838C55A00F8E03080
C:\Programmi\LifeView TVR\RecSche.exe	InMem: 1	Det [G]	MD5: 96D5AD091F763B38DAFE881D0C0691C6	PX5: 27F764B100DF5416007C0702D2FAA50003C1E9D5
	REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - RecSche ["C:\Programmi\LifeView TVR\RecSche.exe"]
C:\Programmi\QuickTime\qttask.exe	InMem: 1	Det [G]	MD5: 76A3A30B58405C2C6D833895253A51A9	PX5: 37A987B80032E8C9802301B975AE1C003678F51A
	REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - QuickTime Task ["C:\Programmi\QuickTime\qttask.exe" -atboottime]
C:\Program Files\D-Link\DSL-200\dslstat.exe	InMem: 1	Det [G]	MD5: 103777DC976625BBCE3814D6BBAF7648	PX5: 8663FA5D000D33FA40D705BB942DD5001B91606B
	REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - DSLSTATEXE [C:\Program Files\D-Link\DSL-200\dslstat.exe icon]
C:\Program Files\D-Link\DSL-200\DbgMode.dll	InMem: 1	Det [G]	MD5: FF9B3006B09C516F0B7E810F5EEF9B9A	PX5: 53E25DF3007A3EEA306D04806D43A00028FF7252
C:\Program Files\D-Link\DSL-200\CplItaln.dll	InMem: 1	Det [G]	MD5: 7A792DFE0B70AE03084F00BA61322D5B	PX5: A5833CF2001C680E3057007617C8140087FC74D4
C:\Program Files\D-Link\DSL-200\dslagent.exe	InMem: 1	Det [G]	MD5: 78AE0C854B855CBE31E48C974814D146	PX5: C8A5F41800A9C38A006701C7F35CFB00D8BFF55B
	REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - DSLAGENTEXE [C:\Program Files\D-Link\DSL-200\dslagent.exe]
C:\VEXPLITE\MONLITE.EXE	InMem: 1	Det [u]	MD5: DFD7A22DDE4B878A20D1851808EC11E0	PX5: A65783F000619C40C05903A9FA864C001ED78132
	REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - VIRIT LITE MONITOR [C:\VEXPLITE\MONLITE.EXE]
C:\VEXPLITE\viritupg.dll	InMem: 1	Det [G]	MD5: B99E538831392211F9D4EEEF320B9E59	PX5: 34B12AB0008A7427900B012ECCE4E90094AA8E29
C:\VEXPLITE\zlib.dll	InMem: 1	Det [G]	MD5: 4965107D112666D3835308A831A29274	PX5: 4E3BFD5F00743462D0050094982A7700341DAD86
C:\WINDOWS\system32\CRTDLL.dll	InMem: 1	Det [G]	MD5: 154413B653037D6D75D4E2538C7A2564	PX5: 4AF300331B8E30AB46670205C5CC50005A157B0E
C:\VEXPLITE\Scan.dll	InMem: 1	Det [u]	MD5: E0A8DD0E9E2A4093A7A602DE188DAA2D	PX5: 9E928E080078EAE0C08503A28067AC00D760EEBB
C:\VEXPLITE\myreg.qwe	InMem: 1	Det [G]	MD5: 09BB0A2C325F7085E24FAE6134DE2D16	PX5: DA31EA390036C3916C5C0A395DA4E3007CA4EABA
C:\Programmi\Grisoft\AVG7\avgcc.exe	InMem: 1	Det [G]	MD5: 76CD8B6DBB4B8A984193AD07ADC1BD3A	PX5: B2AE899700F57D38D69508B44FC71F0069D2607D
	REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - AVG7_CC [C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP]
C:\Programmi\Grisoft\AVG7\avgtmgr.dll	InMem: 1	Det [G]	MD5: 5BD5BD73E02C3D8B2ECBF204E3A67345	PX5: D6DA4E6300CB354548B9066D9731FC002544E9AA
C:\Programmi\Grisoft\AVG7\avgctrl.dll	InMem: 1	Det [G]	MD5: 129BCCA44DD86F63532D59F4377918DC	PX5: 6C1F1FBA002BCCA6D2800DBD0E993100868D3AD9
C:\WINDOWS\system32\MFC71.DLL	InMem: 1	Det [G]	MD5: F35A584E947A5B401FEB0FE01DB4A0D7	PX5: 6CC9C2640078308D309410C7EE8D9E0004FCAA75
C:\WINDOWS\system32\MSVFW32.dll	InMem: 1	Det [G]	MD5: 35DE518C32E4D878A250301A8F2EEE08	PX5: 4870710600DDCA90DC7001F6C351A000C502322F
C:\Programmi\Grisoft\AVG7\avgabout.dll	InMem: 1	Det [G]	MD5: 04E0E30E244A96B7DBE37A30796FEA2D	PX5: 17BFD9EE00E7FFBDA64A06D4E4406400DF2ACBC4
C:\Programmi\Grisoft\AVG7\avgtest.dll	InMem: 1	Det [G]	MD5: C7F153B54C1DF8C8E03828C7EE3A74E4	PX5: EB8A58F50085CD0538CC094F9178D9007B42498B
C:\Programmi\Grisoft\AVG7\avgtres.dll	InMem: 1	Det [G]	MD5: A8E8CE4A172FD204F745D8C570D23549	PX5: D9465DA7000B3E55BE48031BC2C8C600A3BF6D08
C:\Programmi\Grisoft\AVG7\avgset.dll	InMem: 1	Det [G]	MD5: 940BE885A17CBD5D6AD82C3FA0BB1BF3	PX5: EF8C449100C5923622A9078868FB0A008E2415C2
C:\WINDOWS\system32\MFC71ITA.DLL	InMem: 1	Det [G]	MD5: BA14D19B7C983C5863601D95EA473FD2	PX5: 8C47BF9900C00236F0DE00B45623C60074094F00
C:\Programmi\Grisoft\AVG7\avgresf.dll	InMem: 1	Det [GP]	MD5: F3519991EBE7210B295F073A15ED9B06	PX5: C0E197CA0001EECEA0BF0B7D9C7A5F002BAC2E6E
C:\Programmi\Grisoft\AVG7\avgf.dll	InMem: 1	Det [G]	MD5: F1A871F63BAE2B0CBA9F8649FF4FB539	PX5: EEF491AE008EA020BC4B0050A4621600816EE6D0
C:\Programmi\Grisoft\AVG7\AVGRES.DLL	InMem: 1	Det [G]	MD5: 8222ADB1A3068E7CC457D72E57339436	PX5: 23E816BB007D3F24922513DDDD54080019D56CB3
C:\Programmi\Grisoft\AVG7\avgcckrn.dll	InMem: 1	Det [G]	MD5: E7588025E17A4C60231A96B4021EF3F2	PX5: A0E95FBA00D5DC8EE4A80879C65ABC006B005312
C:\Programmi\Grisoft\AVG7\avgvault.dll	InMem: 1	Det [G]	MD5: BB59C88CBF24F6D136E12CBB7D1F2B64	PX5: 9730B38800BDBCA9448E01B6BAEF3900B9CAF783
C:\Programmi\Grisoft\AVG7\avgrep.dll	InMem: 1	Det [G]	MD5: D1F3D118ADF63B29BE4F40871514E341	PX5: 570F223B00266A721067016EC8DFC50070955DEA
C:\Programmi\Grisoft\AVG7\avgemsui.dll	InMem: 1	Det [G]	MD5: 50DC3099980F7073EB891306DE67AC43	PX5: 178BA3BA00E716695C1906F7CFDE18006A960BEE
C:\Programmi\BillP Studios\WinPatrol\winpatrol.exe	InMem: 1	Det [G]	MD5: 608BED478BBC76C123174361C9CC0BA9	PX5: A5AB71DF380CAF93D53204DA37A307004D474AED
	REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - WinPatrol [C:\Programmi\BillP Studios\WinPatrol\winpatrol.exe -expressboot]
C:\WINDOWS\system32\mstask.dll	InMem: 1	Det [G]	MD5: EC25A03FF0624969D508C6F1E25CD664	PX5: 28BAE091003DDB7248B2048CE9759F0060145387
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}\InprocServer32 - {DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF} [C:\WINDOWS\system32\mstask.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}\InprocServer32 - {797F1E90-9EDD-11cf-8D8E-00AA0060F5BF} [C:\WINDOWS\system32\mstask.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{D6277990-4C6A-11CF-8D87-00AA0060F5BF}\InprocServer32 - {D6277990-4C6A-11CF-8D87-00AA0060F5BF} [C:\WINDOWS\system32\mstask.dll]
C:\WINDOWS\system32\ctfmon.exe	InMem: 1	Det [G]	MD5: 5B33B4265966EE063C7FBEA28958D9C2	PX5: 7BE460C100E5509F3C0D00F14B5A510097B91217
	REGRUNKEY - \REGISTRY\User\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run - CTFMON.EXE [C:\WINDOWS\system32\CTFMON.EXE]
	REGRUNKEY - \REGISTRY\User\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run - CTFMON.EXE [C:\WINDOWS\system32\CTFMON.EXE]
	REGRUNKEY - \REGISTRY\User\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run - CTFMON.EXE [C:\WINDOWS\system32\CTFMON.EXE]
	REGRUNKEY - \REGISTRY\User\S-1-5-21-2000478354-1409082233-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run - CTFMON.EXE [C:\WINDOWS\system32\ctfmon.exe]
	REGRUNKEY - \REGISTRY\User\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run - CTFMON.EXE [C:\WINDOWS\system32\CTFMON.EXE]
C:\WINDOWS\system32\MSUTB.dll	InMem: 1	Det [G]	MD5: FC6C38A1249D86FC62F72C8A5E3379DB	PX5: 7A3AA486004261ECFC5902E8FBAFDA00B6B25BB1
C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe	InMem: 1	Det [GP]	MD5: 9FFBBAA3A63E5124E1B57F8AB5053043	PX5: 389FFBAC00C2EC7126410A0DE12199005D38B812
	REGRUNKEY - \REGISTRY\User\S-1-5-21-2000478354-1409082233-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run - SpySweeper [C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe /0]
C:\WINDOWS\system32\olepro32.dll	InMem: 1	Det [G]	MD5: CB6B225CC6C85CDA0430EF12441EA5B6	PX5: 4451C5BD00B67BC2466601954AF9C000130A3600
C:\WINDOWS\System32\alg.exe	InMem: 1	Det [G]	MD5: D4A42BF3C11302AA3CCD857034EF1E54	PX5: A1E5D90F00A84BB2AEC200E087F3A200AB0BF90E
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ALG - ImagePath [C:\WINDOWS\System32\alg.exe]
C:\Programmi\Nikon\PictureProject\NkbMonitor.exe	InMem: 1	Det [G]	MD5: 6FCCE6CDE8C6EBA2AB207016A9A85A1F	PX5: A3BB730700C1F671D01D0143D16B6600355A4561
C:\Programmi\Brother\Brmfcmon\BrMfcWnd.exe	InMem: 1	Det [G]	MD5: 01B036128CD786B8B2644B624CC9E7CD	PX5: 606F10060096E11880DD0C720F48F300EE142737
C:\Programmi\Brother\Brmfcmon\Brmfcwnd.dll	InMem: 1	Det [G]	MD5: 2396B7E868F5EB89FA962FF5851FB97F	PX5: 981CABD8005EB187C06F0063806C760089FC7402
C:\Programmi\Brother\Brmfcmon\BrMfcmon.exe	InMem: 1	Det [G]	MD5: 4C378E3CC27B9323D59A9C27678FCB53	PX5: 95EF2D48001953F020DC01508D81F400A365886B
C:\Programmi\Brother\Brmfcmon\brlmw03a.dll	InMem: 1	Det [G]	MD5: 7C703D8B03747F3275685CAA1272681F	PX5: 4C05C95C00C3F2E5307A012D00CC590037DA6CBF
C:\Programmi\Brother\Brmfcmon\brlm03a.dll	InMem: 1	Det [G]	MD5: 15171FA701BC5704DFD82198624C2334	PX5: 7236D2879FB07FED5C8B006E4037770032E9D832
C:\Documents and Settings\Utente\Desktop\PREVXCSIFREE.EXE	InMem: 1	Det [G]	MD5: 18A1221102E544E1BE8E2D3F999B19D2	PX5: 3043F13238834E379CDF093924CA3700E9F733E6
C:\Temp\Tmp___10801\prevxcsi.exe	InMem: 1	Det [GP]	MD5: 8FE68F2C72A2CC443BCD0A5AEC3428D5	PX5: 305D6C5600EAE97B709B010439E83E008678C5C1
C:\Temp\Tmp___10801\CSICORE.DLL	InMem: 1	Det [GP]	MD5: 7DEFA374784DA91899EEDE2385527D64	PX5: CF3168BD00203706541A0472DB7ABE003CC075C3
C:\Temp\Tmp___10801\csiLang.dll	InMem: 1	Det [GP]	MD5: 70B65B97458A09C1812910D1559044C8	PX5: D0950A4C0058CC28A08101923267370011DD9ECE
C:\Temp\Tmp___10801\csiPart.dll	InMem: 1	Det [GP]	MD5: 6BAC17155F73EB91E52070F811836107	PX5: 5B63640100A776F0ACAF0043A6CF1800ADD4F954
C:\WINDOWS\system32\DRIVERS\ACPI.sys	InMem: 0	Det [G]	MD5: AD825CB3397C837D1FB91D566D78DE04	PX5: 6EB7D724001F4D96E0A8029EF0BB700070C5BA93
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ACPI - ImagePath [C:\WINDOWS\system32\DRIVERS\ACPI.sys]
C:\WINDOWS\system32\drivers\aec.sys	InMem: 0	Det [G]	MD5: 1EE7B434BA961EF845DE136224C30FEC	PX5: E884BE24808C5EEB2C92028B464629005484ED65
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\aec - ImagePath [C:\WINDOWS\system32\drivers\aec.sys]
C:\WINDOWS\System32\drivers\afd.sys	InMem: 0	Det [G]	MD5: 5AC495F4CB807B2B98AD2AD591E6D92E	PX5: EE224F5C0089E9241DEF0273688B740025971F4C
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\AFD - ImagePath [C:\WINDOWS\System32\drivers\afd.sys]
C:\WINDOWS\system32\DRIVERS\agp440.sys	InMem: 0	Det [G]	MD5: 2C428FA0C3E3A01ED93C9B2A27D8D4BB	PX5: 92796BB0806349F8A56F00F55D76CD00994ACF2C
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\agp440 - ImagePath [C:\WINDOWS\system32\DRIVERS\agp440.sys]
C:\WINDOWS\system32\drivers\ALCXWDM.SYS	InMem: 0	Det [G]	MD5: 02D94D2D336D3DE8C5E8FE04A62D552D	PX5: 903C21717C2C5AEC7C960B7676CCED00DF3D8F65
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ALCXWDM - ImagePath [C:\WINDOWS\system32\drivers\ALCXWDM.SYS]
C:\WINDOWS\system32\DRIVERS\asyncmac.sys	InMem: 0	Det [G]	MD5: 02000ABF34AF4C218C35D257024807D6	PX5: 8BD45D2B002F3B40389D007E91CC59004B62F8E9
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\AsyncMac - ImagePath [C:\WINDOWS\system32\DRIVERS\asyncmac.sys]
C:\WINDOWS\system32\DRIVERS\atapi.sys	InMem: 0	Det [G]	MD5: CDFE4411A69C224BD1D11B2DA92DAC51	PX5: 9D6081B280209DE174C2011395153C00E47C5A8D
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\atapi - ImagePath [C:\WINDOWS\system32\DRIVERS\atapi.sys]
C:\WINDOWS\system32\DRIVERS\atmarpc.sys	InMem: 0	Det [G]	MD5: EC88DA854AB7D7752EC8BE11A741BB7F	PX5: C41A09F600246E0AEA81009B2DE4BF0073057136
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Atmarpc - ImagePath [C:\WINDOWS\system32\DRIVERS\atmarpc.sys]
C:\WINDOWS\system32\DRIVERS\audstub.sys	InMem: 0	Det [G]	MD5: D9F724AA26C010A217C97606B160ED68	PX5: C910D030000E35B30CDC00441BDEF300B79BCD14
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\audstub - ImagePath [C:\WINDOWS\system32\DRIVERS\audstub.sys]
C:\WINDOWS\System32\Drivers\avg7core.sys	InMem: 0	Det [G]	MD5: 400E920D2E3F42BF6F1F75DD1B069CE3	PX5: 67739A3E605266738A910CA383908000FB63460D
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Avg7Core - ImagePath [C:\WINDOWS\System32\Drivers\avg7core.sys]
C:\WINDOWS\System32\Drivers\avg7rsw.sys	InMem: 0	Det [G]	MD5: 8A7E25876955E06142EF65B52C906CF1	PX5: D3752A4F8005D64C100000F6EA3191000922D830
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Avg7RsW - ImagePath [C:\WINDOWS\System32\Drivers\avg7rsw.sys]
C:\WINDOWS\System32\Drivers\avg7rsxp.sys	InMem: 0	Det [G]	MD5: 04D823D681F0D53191A172C3E667FC33	PX5: 587F629080BFBF736CAB001984B437005EE48C55
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Avg7RsXP - ImagePath [C:\WINDOWS\System32\Drivers\avg7rsxp.sys]
C:\WINDOWS\System32\Drivers\avgclean.sys	InMem: 0	Det [G]	MD5: 603DC17A48C65C637623A9BB5A5E6008	PX5: 87B050E3083D57B52A2F00D1C9CA3A00EF6956A7
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\AvgClean - ImagePath [C:\WINDOWS\System32\Drivers\avgclean.sys]
C:\WINDOWS\System32\Drivers\avgtdi.sys	InMem: 0	Det [G]	MD5: 8FA5CDFA0D72BEFFF5E9A36DF50E13EC	PX5: 272B2EC760A8F718135000A25D4E000069297BEB
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\AvgTdi - ImagePath [C:\WINDOWS\System32\Drivers\avgtdi.sys]
C:\WINDOWS\System32\Drivers\BrScnUsb.sys	InMem: 0	Det [G]	MD5: 6CF3AED19C2185C60DE2AE50EE37A342	PX5: 347459D39F5E2FD63BC1009399075C00954933ED
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\BrScnUsb - ImagePath [C:\WINDOWS\System32\Drivers\BrScnUsb.sys]
C:\WINDOWS\system32\drivers\CDANT.SYS	InMem: 0	Det [G]	MD5: B48362954D9E0B3069EBFDC283325FE5	PX5: AA45432310BC6E29DDDB0051830EAC00EFE578AC
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\C-Dilla - ImagePath [C:\WINDOWS\system32\drivers\CDANT.SYS]
C:\WINDOWS\system32\DRIVERS\CCDECODE.sys	InMem: 0	Det [G]	MD5: 6163ED60B684BAB19D3352AB22FC48B2	PX5: 4E4CADF380552430426F00BC05FF9D0038FB5853
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\CCDECODE - ImagePath [C:\WINDOWS\system32\DRIVERS\CCDECODE.sys]
C:\WINDOWS\system32\DRIVERS\cdrom.sys	InMem: 0	Det [G]	MD5: AF9C19B3100FE010496B1A27181FBF72	PX5: B3CE44DD80DABE80C1400031E25C450069663A5F
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Cdrom - ImagePath [C:\WINDOWS\system32\DRIVERS\cdrom.sys]
C:\WINDOWS\system32\cisvc.exe	InMem: 0	Det [G]	MD5: C4E84243292E37CA3B6FAF4A1855B8A7	PX5: B03833B20005A59D1629005665669D00201F0525
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\CiSvc - ImagePath [C:\WINDOWS\system32\cisvc.exe]
C:\WINDOWS\system32\clipsrv.exe	InMem: 0	Det [G]	MD5: 0A215E4BAC9A1A9381D88C67517C850B	PX5: 50E35C41004F616D823700EBB15ECF008A4FA87F
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ClipSrv - ImagePath [C:\WINDOWS\system32\clipsrv.exe]
C:\WINDOWS\system32\dllhost.exe	InMem: 0	Det [G]	MD5: F4B3C65E2A3406F32D220019DEB522F8	PX5: 6EA1D06F0041EB21141900B4A32FF2002F6B8881
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\COMSysApp - ImagePath [C:\WINDOWS\system32\dllhost.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\SwPrv - ImagePath [C:\WINDOWS\system32\dllhost.exe]
C:\WINDOWS\system32\DRIVERS\disk.sys	InMem: 0	Det [G]	MD5: 00CA44E4534865F8A3B64F7C0984BFF0	PX5: 61E4E34300C80A908E6D00C10934AF006F571071
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Disk - ImagePath [C:\WINDOWS\system32\DRIVERS\disk.sys]
C:\WINDOWS\System32\dmadmin.exe	InMem: 0	Det [G]	MD5: 6C9AAA1AA9BF1699D23DEC4D4113226F	PX5: CB8A3D6900018319702703238C5916001DF268F6
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\dmadmin - ImagePath [C:\WINDOWS\System32\dmadmin.exe]
C:\WINDOWS\System32\drivers\dmboot.sys	InMem: 0	Det [G]	MD5: 6570B4C952F0D8FEE4C6EF2FF5E10C08	PX5: 917F152000320DE9366A0C362239380089D45879
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\dmboot - ImagePath [C:\WINDOWS\System32\drivers\dmboot.sys]
C:\WINDOWS\System32\drivers\dmio.sys	InMem: 0	Det [G]	MD5: C57D35621782C7F40770F3E5CA20A182	PX5: 33A7916180B2EE7E5AC702A49AA6DC00E6795F14
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\dmio - ImagePath [C:\WINDOWS\System32\drivers\dmio.sys]
C:\WINDOWS\System32\drivers\dmload.sys	InMem: 0	Det [G]	MD5: E9317282A63CA4D188C0DF5E09C6AC5F	PX5: FC216AA0003B46A9171D00359F9C1600E909FEB4
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\dmload - ImagePath [C:\WINDOWS\System32\drivers\dmload.sys]
C:\WINDOWS\system32\drivers\DMusic.sys	InMem: 0	Det [G]	MD5: A6F881284AC1150E37D9AE47FF601267	PX5: 64B493018066E6FACEE6008D21636D008F236B03
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\DMusic - ImagePath [C:\WINDOWS\system32\drivers\DMusic.sys]
C:\WINDOWS\system32\drivers\drmkaud.sys	InMem: 0	Det [G]	MD5: 1ED4DBBAE9F5D558DBBA4CC450E3EB2E	PX5: FA93CCC9802BA0DD0B8800D3A4C66500B79BCD14
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\drmkaud - ImagePath [C:\WINDOWS\system32\drivers\drmkaud.sys]
C:\WINDOWS\system32\DRIVERS\fdc.sys	InMem: 0	Det [G]	MD5: CED2E8396A8838E59D8FD529C680E02C	PX5: 030113CC009ED3836B77000B64308F0030511E66
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Fdc - ImagePath [C:\WINDOWS\system32\DRIVERS\fdc.sys]
C:\WINDOWS\system32\DRIVERS\flpydisk.sys	InMem: 0	Det [G]	MD5: 0DD1DE43115B93F4D85E889D7A86F548	PX5: 60E1171000EEA79E50BF00391F7EE000F2860CEC
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Flpydisk - ImagePath [C:\WINDOWS\system32\DRIVERS\flpydisk.sys]
C:\WINDOWS\system32\DRIVERS\fltMgr.sys	InMem: 0	Det [G]	MD5: 3D234FB6D6EE875EB009864A299BEA29	PX5: DD494D2180C4BB98F7F901405AA62900817D3A94
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\FltMgr - ImagePath [C:\WINDOWS\system32\DRIVERS\fltMgr.sys]
C:\WINDOWS\system32\DRIVERS\ftdisk.sys	InMem: 0	Det [G]	MD5: F3269A6EE547EA87B949A1CEA4816B38	PX5: D543638280F1FAF5EBA30154BD3E7700D3ED2EEC
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Ftdisk - ImagePath [C:\WINDOWS\system32\DRIVERS\ftdisk.sys]
C:\WINDOWS\system32\DRIVERS\gameenum.sys	InMem: 0	Det [G]	MD5: 5F92FD09E5610A5995DA7D775EADCD12	PX5: 8FEAEAED8011757229C5009524482300FB74C9AC
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\gameenum - ImagePath [C:\WINDOWS\system32\DRIVERS\gameenum.sys]
C:\WINDOWS\System32\DRIVERS\gmer.sys	InMem: 0	Det [G]	MD5: 4C1D146C43492AF31B0B64C0A11BBF71	PX5: B87D52D1D1F367944E430102E68A50001008FA22
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\gmer - ImagePath [C:\WINDOWS\System32\DRIVERS\gmer.sys]
C:\WINDOWS\system32\DRIVERS\msgpc.sys	InMem: 0	Det [G]	MD5: C0F1D4A21DE5A415DF8170616703DEBF	PX5: A6DC8C520088C979894600B57B2B1A00363C4157
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Gpc - ImagePath [C:\WINDOWS\system32\DRIVERS\msgpc.sys]
C:\WINDOWS\system32\DRIVERS\hidusb.sys	InMem: 0	Det [G]	MD5: 1DE6783B918F540149AA69943BDFEBA8	PX5: 1484F98A807906C3258400E49D6D650019C14BBC
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\HidUsb - ImagePath [C:\WINDOWS\system32\DRIVERS\hidusb.sys]
C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys	InMem: 0	Det [G]	MD5: 970178E8E003EB1481293830069624B9	PX5: AF892C8C80AD05195B84032B43A9B8008B0F4B6A
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\HSFHWBS2 - ImagePath [C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys]
C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys	InMem: 0	Det [G]	MD5: EBB354438A4C5A3327FB97306260714A	PX5: 8779C2C980FAE868E48B0FB35EB4640037393C0C
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\HSF_DP - ImagePath [C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys]
C:\WINDOWS\System32\Drivers\HTTP.sys	InMem: 0	Det [G]	MD5: CB77BB47E67E84DEB17BA29632501730	PX5: 1A572A9180D9F92E022704747529EC0016C1652C
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\HTTP - ImagePath [C:\WINDOWS\System32\Drivers\HTTP.sys]
C:\WINDOWS\system32\DRIVERS\i8042prt.sys	InMem: 0	Det [G]	MD5: 30E64DFA4EFAACC8142EA07766181FB4	PX5: 5176B379805D75ECD1900002BF9BC2003FF0C0D5
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\i8042prt - ImagePath [C:\WINDOWS\system32\DRIVERS\i8042prt.sys]
C:\WINDOWS\system32\DRIVERS\imapi.sys	InMem: 0	Det [G]	MD5: F8AA320C6A0409C0380E5D8A99D76EC6	PX5: A6DE19768012C7FDA37F00B5535D7900050612BF
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Imapi - ImagePath [C:\WINDOWS\system32\DRIVERS\imapi.sys]
C:\WINDOWS\system32\imapi.exe	InMem: 0	Det [G]	MD5: ED7ABB35C81709FB41972D30FE15311E	PX5: 74CFCD09009BDDD14A8402202B1E530034B0D214
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ImapiService - ImagePath [C:\WINDOWS\system32\imapi.exe]
C:\WINDOWS\system32\DRIVERS\intelide.sys	InMem: 0	Det [G]	MD5: 7C15B34147134381421D7044479A1D73	PX5: 13577194803FCB8815F90068ABEFAF00861C758E
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\IntelIde - ImagePath [C:\WINDOWS\system32\DRIVERS\intelide.sys]
C:\WINDOWS\system32\DRIVERS\intelppm.sys	InMem: 0	Det [G]	MD5: EBC07787034BBE312020D30198A9F362	PX5: 308DA7E000DC5FE09D58006BABC91A0052CD17AF
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\intelppm - ImagePath [C:\WINDOWS\system32\DRIVERS\intelppm.sys]
C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys	InMem: 0	Det [G]	MD5: 4448006B6BC60E6C027932CFC38D6855	PX5: 554B18088049820E711F003BBA86E4005B660DCC
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Ip6Fw - ImagePath [C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys]
C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys	InMem: 0	Det [G]	MD5: 731F22BA402EE4B62748ADAF6363C182	PX5: E130718C809C039180F700DA0AC8EE00F2B31814
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\IpFilterDriver - ImagePath [C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys]
C:\WINDOWS\system32\DRIVERS\ipinip.sys	InMem: 0	Det [G]	MD5: E1EC7F5DA720B640CD8FB8424F1B14BB	PX5: 9655BFAF0030F62E523A00C352D248003081C413
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\IpInIp - ImagePath [C:\WINDOWS\system32\DRIVERS\ipinip.sys]
C:\WINDOWS\system32\DRIVERS\ipnat.sys	InMem: 0	Det [G]	MD5: E2168CBC7098FFE963C6F23F472A3593	PX5: 16BC903800541BF40F8E02F0609797000CA3B3FE
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\IpNat - ImagePath [C:\WINDOWS\system32\DRIVERS\ipnat.sys]
C:\WINDOWS\system32\DRIVERS\ipsec.sys	InMem: 0	Det [G]	MD5: 64537AA5C003A6AFEEE1DF819062D0D1	PX5: 84ED89D600412A2C245201A3F8A740006B772EC6
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\IPSec - ImagePath [C:\WINDOWS\system32\DRIVERS\ipsec.sys]
C:\WINDOWS\system32\DRIVERS\irenum.sys	InMem: 0	Det [G]	MD5: 50708DAA1B1CBB7D6AC1CF8F56A24410	PX5: 42D7DCAC001BE9A12C7B00EF915041002AED16BC
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\IRENUM - ImagePath [C:\WINDOWS\system32\DRIVERS\irenum.sys]
C:\WINDOWS\system32\DRIVERS\isapnp.sys	InMem: 0	Det [G]	MD5: EA3245A8E8758D6B84DE189A5CAAA75E	PX5: 8A87001A0002BFB48D1F0066402D8A00BD468997
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\isapnp - ImagePath [C:\WINDOWS\system32\DRIVERS\isapnp.sys]
C:\WINDOWS\system32\DRIVERS\kbdclass.sys	InMem: 0	Det [G]	MD5: E883AE6EA0B313E659225AA32E449CE9	PX5: 11013D51001BA498620F00A282D06D00135D5A16
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Kbdclass - ImagePath [C:\WINDOWS\system32\DRIVERS\kbdclass.sys]
C:\WINDOWS\system32\drivers\kmixer.sys	InMem: 0	Det [G]	MD5: BA5DEDA4D934E6288C2F66CAF58D2562	PX5: 1C3250A68067C4B7A11302D8512D99006E8A628F
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\kmixer - ImagePath [C:\WINDOWS\system32\drivers\kmixer.sys]
C:\WINDOWS\system32\DRIVERS\lvcap138.sys	InMem: 0	Det [G]	MD5: E2394044B0EEF99F16613CAB4B7EEC06	PX5: 9917410380D73DE7B2D5042819EA7400D726A576
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\LVCap138 - ImagePath [C:\WINDOWS\system32\DRIVERS\lvcap138.sys]
C:\WINDOWS\system32\DRIVERS\lvtuner.sys	InMem: 0	Det [G]	MD5: EEC09B3E810EBB6E65B8679A1F8CB751	PX5: 76D03C338005A1513FE700474FFDE400A8385F07
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\lvtuner - ImagePath [C:\WINDOWS\system32\DRIVERS\lvtuner.sys]
C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys	InMem: 0	Det [G]	MD5: 195741AEE20369980796B557358CD774	PX5: F550CBF45C4DEEBE2EDE0064049C6200A1C01EF8
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\mdmxsdk - ImagePath [C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys]
C:\WINDOWS\system32\mnmsrvc.exe	InMem: 0	Det [G]	MD5: 940A4E02B7F03C2592A52E16DDDB3E46	PX5: F2F6E69800D71BFC80AE00AF40E07800F93A911A
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\mnmsrvc - ImagePath [C:\WINDOWS\system32\mnmsrvc.exe]
C:\WINDOWS\system32\DRIVERS\mouclass.sys	InMem: 0	Det [G]	MD5: C458E314B8722253897C94A714C2E0C0	PX5: 7E80CA6A0038C59C5C6F0047F0E35500920EB276
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Mouclass - ImagePath [C:\WINDOWS\system32\DRIVERS\mouclass.sys]
C:\WINDOWS\system32\DRIVERS\mouhid.sys	InMem: 0	Det [G]	MD5: D7662F0CF5B77BBBE3202716F5BD5318	PX5: 2301F35080287EAB2F80000FDBBFFD00349EAF96
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\mouhid - ImagePath [C:\WINDOWS\system32\DRIVERS\mouhid.sys]
C:\WINDOWS\system32\DRIVERS\mrxdav.sys	InMem: 0	Det [G]	MD5: 29414447EB5BDE2F8397DC965DBB3156	PX5: 614867E18023D003BDFE0234E558A700F3D6C8CF
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\MRxDAV - ImagePath [C:\WINDOWS\system32\DRIVERS\mrxdav.sys]
C:\WINDOWS\system32\DRIVERS\mrxsmb.sys	InMem: 0	Det [G]	MD5: 025AF03CE51645C62F3B6907A7E2BE5E	PX5: 3A6FDF2E00838449EA5E06BDEF52FE0062D6AA8B
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\MRxSmb - ImagePath [C:\WINDOWS\system32\DRIVERS\mrxsmb.sys]
C:\WINDOWS\system32\msdtc.exe	InMem: 0	Det [G]	MD5: 3124662B40761A3EF8F4254D2F32E3F4	PX5: 3A5257C800292C38184B000639E3D800639539E0
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\MSDTC - ImagePath [C:\WINDOWS\system32\msdtc.exe]
C:\WINDOWS\system32\msiexec.exe	InMem: 0	Det [L]	MD5: F5F0146580E7023ADB963879840777F8	PX5: 2199A4A600D88009341401C8D9AE0A004C78202A
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\MSIServer - ImagePath [C:\WINDOWS\system32\msiexec.exe]
	REGEXTNMAP - \REGISTRY\Machine\Software\Classes\Msi.Package\shell\open\command -  ["%SystemRoot%\System32\msiexec.exe" /i "%1" %*]
	REGEXTNMAP - \REGISTRY\Machine\Software\Classes\Msi.Patch\shell\open\command -  ["%SystemRoot%\System32\msiexec.exe" /p "%1" %*]
C:\WINDOWS\system32\drivers\MSKSSRV.sys	InMem: 0	Det [G]	MD5: AE431A8DD3C1D0D0610CDBAC16057AD0	PX5: 441E162B80A429811D1500CB9CEDF700CED69BEA
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\MSKSSRV - ImagePath [C:\WINDOWS\system32\drivers\MSKSSRV.sys]
C:\WINDOWS\system32\drivers\MSPCLOCK.sys	InMem: 0	Det [G]	MD5: 13E75FEF9DFEB08EEDED9D0246E1F448	PX5: 3656535900693AA115D1001337247B009D5BCE4B
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\MSPCLOCK - ImagePath [C:\WINDOWS\system32\drivers\MSPCLOCK.sys]
C:\WINDOWS\system32\drivers\MSPQM.sys	InMem: 0	Det [G]	MD5: 1988A33FF19242576C3D0EF9CE785DA7	PX5: 5D7EA63E804A637C13CA0078C414AC000E912E93
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\MSPQM - ImagePath [C:\WINDOWS\system32\drivers\MSPQM.sys]
C:\WINDOWS\system32\DRIVERS\mssmbios.sys	InMem: 0	Det [G]	MD5: 469541F8BFD2B32659D5D463A6714BCE	PX5: 5C75220680F731D03C3D001BD399CC00D7DBED29
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\mssmbios - ImagePath [C:\WINDOWS\system32\DRIVERS\mssmbios.sys]
C:\WINDOWS\system32\drivers\MSTEE.sys	InMem: 0	Det [G]	MD5: BF13612142995096AB084F2DB7F40F77	PX5: EF9F4FE18003FE44154E00AC0DDE6800FF407119
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\MSTEE - ImagePath [C:\WINDOWS\system32\drivers\MSTEE.sys]
C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys	InMem: 0	Det [G]	MD5: 5C8DC6429C43DC6177C1FA5B76290D1A	PX5: 37E661E8803A144B4DFD01732787D600D94FD14F
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\NABTSFEC - ImagePath [C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys]
C:\WINDOWS\system32\DRIVERS\NdisIP.sys	InMem: 0	Det [G]	MD5: 520CE427A8B298F54112857BCF6BDE15	PX5: 92D82929807F4CDE2A6000D7EF7E8C008BDE37E2
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\NdisIP - ImagePath [C:\WINDOWS\system32\DRIVERS\NdisIP.sys]
C:\WINDOWS\system32\DRIVERS\ndistapi.sys	InMem: 0	Det [G]	MD5: 08D43BBDACDF23F34D79E44ED35C1B4C	PX5: 25AEC9EA809D4D4825A500A2A9E22F00CCB1FFC8
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\NdisTapi - ImagePath [C:\WINDOWS\system32\DRIVERS\ndistapi.sys]
C:\WINDOWS\system32\DRIVERS\ndisuio.sys	InMem: 0	Det [G]	MD5: 34D6CD56409DA9A7ED573E1C90A308BF	PX5: 0BF3AB388038D73732EB00A9A855ED006D3C0384
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Ndisuio - ImagePath [C:\WINDOWS\system32\DRIVERS\ndisuio.sys]
C:\WINDOWS\system32\DRIVERS\ndiswan.sys	InMem: 0	Det [G]	MD5: 0B90E255A9490166AB368CD55A529893	PX5: 304E26E9803B344266FF0104DAA0B500E6B358BD
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\NdisWan - ImagePath [C:\WINDOWS\system32\DRIVERS\ndiswan.sys]
C:\WINDOWS\system32\DRIVERS\netbios.sys	InMem: 0	Det [G]	MD5: 3A2ACA8FC1D7786902CA434998D7CEB4	PX5: 6F5EDA40008AE18787EB007972CAB100F174D35C
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\NetBIOS - ImagePath [C:\WINDOWS\system32\DRIVERS\netbios.sys]
C:\WINDOWS\system32\DRIVERS\netbt.sys	InMem: 0	Det [G]	MD5: 0C80E410CD2F47134407EE7DD19CC86B	PX5: 7D3B6A2A0069D5737CDE020A47DE6F00F472D659
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\NetBT - ImagePath [C:\WINDOWS\system32\DRIVERS\netbt.sys]
C:\WINDOWS\system32\netdde.exe	InMem: 0	Det [G]	MD5: DE62EE316FAB09DE3D7A5180F0775ABF	PX5: AAA3C89900BB76ABBADC01BFB3AC1B00E2E8A55F
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\NetDDE - ImagePath [C:\WINDOWS\system32\netdde.exe]
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\NetDDEdsdm - ImagePath [C:\WINDOWS\system32\netdde.exe]
C:\WINDOWS\system32\DRIVERS\nv4_mini.sys	InMem: 0	Det [G]	PX5: 529716DB6055A70FCEAE30C3E19ACD007FF023F9
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\nv - ImagePath [C:\WINDOWS\system32\DRIVERS\nv4_mini.sys]
C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys	InMem: 0	Det [G]	MD5: B305F3FAD35083837EF46A0BBCE2FC57	PX5: A826BA3A803B83AE30C000488911C200DC3CA878
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\NwlnkFlt - ImagePath [C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys]
C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys	InMem: 0	Det [G]	MD5: C99B3415198D1AAB7227F2C88FD664B9	PX5: B9B73139006979BB7FBC0031EA7E320032D237D0
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\NwlnkFwd - ImagePath [C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys]
C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE	InMem: 0	Det [G]	MD5: 7A56CF3E3F12E8AF599963B16F50FB6A	PX5: F61B8D0330B79FF65C6601A611B00C00EFE13B0C
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\ose - ImagePath [C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE]
C:\WINDOWS\system32\DRIVERS\parport.sys	InMem: 0	Det [G]	MD5: 3490EAD0612BFD0E7C1B864EE24E6A4A	PX5: 4A82394D8019443A393C017F618C1500973C174B
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Parport - ImagePath [C:\WINDOWS\system32\DRIVERS\parport.sys]
C:\WINDOWS\system32\DRIVERS\pci.sys	InMem: 0	Det [G]	MD5: 91FC1D483D900B1C0600A08B871C39D5	PX5: 9DA3602E807459480C5D01595A918400CA482387
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\PCI - ImagePath [C:\WINDOWS\system32\DRIVERS\pci.sys]
C:\WINDOWS\system32\DRIVERS\pciide.sys	InMem: 0	Det [G]	MD5: B2DF00D650FD6C4EE781740ED3C8E67F	PX5: 826808EE00CFD8500D55002AE8E7E200B79BCD14
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\PCIIde - ImagePath [C:\WINDOWS\system32\DRIVERS\pciide.sys]
C:\WINDOWS\system32\DRIVERS\raspptp.sys	InMem: 0	Det [G]	MD5: 1C5CC65AAC0783C344F16353E60B72AC	PX5: F406FA260016D348BD2800EFDBDF52003203F53C
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\PptpMiniport - ImagePath [C:\WINDOWS\system32\DRIVERS\raspptp.sys]
C:\WINDOWS\system32\DRIVERS\psched.sys	InMem: 0	Det [G]	MD5: 48671F327553DCF1D27F6197F622A668	PX5: C7C1320E008655110E77011715C66E0009C5AE75
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\PSched - ImagePath [C:\WINDOWS\system32\DRIVERS\psched.sys]
C:\WINDOWS\system32\DRIVERS\ptilink.sys	InMem: 0	Det [G]	MD5: 80D317BD1C3DBC5D4FE7B1678C60CADD	PX5: F96F182D805891FA452B007EBD870E004C25BA07
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Ptilink - ImagePath [C:\WINDOWS\system32\DRIVERS\ptilink.sys]
C:\WINDOWS\System32\drivers\pxark.sys	InMem: 0	Det [G]	MD5: 7CFF57044EFB70F020B9AA110729E0C4	PX5: BDC585FC007FCC6F2AD6002A0661A1001F60A94F
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\pxark - ImagePath [C:\WINDOWS\System32\drivers\pxark.sys]
C:\WINDOWS\system32\DRIVERS\PxHelp20.sys	InMem: 0	Det [G]	MD5: D86B4A68565E444D76457F14172C875A	PX5: CEED5A5408FE9DE2AA3300585AD0A300BEEAAC3B
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\PxHelp20 - ImagePath [C:\WINDOWS\system32\DRIVERS\PxHelp20.sys]
C:\WINDOWS\system32\DRIVERS\rasacd.sys	InMem: 0	Det [G]	MD5: FE0D99D6F31E4FAD8159F690D68DED9C	PX5: EF519CA180B540A42200002C4F06E3005372DD33
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\RasAcd - ImagePath [C:\WINDOWS\system32\DRIVERS\rasacd.sys]
C:\WINDOWS\system32\DRIVERS\rasl2tp.sys	InMem: 0	Det [G]	MD5: 98FAEB4A4DCF812BA1C6FCA4AA3E115C	PX5: C15C1546804EC8E6C8410037F34FAD00B1FBF6DF
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Rasl2tp - ImagePath [C:\WINDOWS\system32\DRIVERS\rasl2tp.sys]
C:\WINDOWS\system32\DRIVERS\raspppoe.sys	InMem: 0	Det [G]	MD5: 7306EEED8895454CBED4669BE9F79FAA	PX5: A8F2C94800B2E031A21A00F0EC682E009B5794D5
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\RasPppoe - ImagePath [C:\WINDOWS\system32\DRIVERS\raspppoe.sys]
C:\WINDOWS\system32\DRIVERS\raspti.sys	InMem: 0	Det [G]	MD5: FDBB1D60066FCFBB7452FD8F9829B242	PX5: 506F10F380FEE57C406900BE351741009F00F0DE
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Raspti - ImagePath [C:\WINDOWS\system32\DRIVERS\raspti.sys]
C:\WINDOWS\system32\DRIVERS\rdbss.sys	InMem: 0	Det [G]	MD5: 03B965B1CA47F6EF60EB5E51CB50E0AF	PX5: EE21D17900972EBEAA93023D87A14E0013D2E867
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Rdbss - ImagePath [C:\WINDOWS\system32\DRIVERS\rdbss.sys]
C:\WINDOWS\System32\DRIVERS\RDPCDD.sys	InMem: 0	Det [G]	MD5: 4912D5B403614CE99C28420F75353332	PX5: 14FCFAAE80A686EB103300CFAE183900CB624D74
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\RDPCDD - ImagePath [C:\WINDOWS\System32\DRIVERS\RDPCDD.sys]
C:\WINDOWS\system32\DRIVERS\rdpdr.sys	InMem: 0	Det [G]	MD5: A2CAE2C60BC37E0751EF9DDA7CEAF4AD	PX5: 02477783007980B5019E03607F7E03003B692115
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\rdpdr - ImagePath [C:\WINDOWS\system32\DRIVERS\rdpdr.sys]
C:\WINDOWS\system32\sessmgr.exe	InMem: 0	Det [G]	MD5: CC0693C481502844A24EF71B90A7195E	PX5: 2C67C68B0020C05D2C3E02893D0F09005D1CF7F5
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\RDSessMgr - ImagePath [C:\WINDOWS\system32\sessmgr.exe]
C:\WINDOWS\system32\DRIVERS\redbook.sys	InMem: 0	Det [G]	MD5: A8EEE004A16AF1D583D9DE9F6DE250E0	PX5: AEF2FC7D804F986FE3C7004FF2D91D0029FD0FC2
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\redbook - ImagePath [C:\WINDOWS\system32\DRIVERS\redbook.sys]
C:\WINDOWS\system32\locator.exe	InMem: 0	Det [G]	MD5: 33A8F0FE0005B2D79DF53441679F5149	PX5: C3C0A8550045DDC726E601EBB10B83000E4A4556
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\RpcLocator - ImagePath [C:\WINDOWS\system32\locator.exe]
C:\WINDOWS\system32\rsvp.exe	InMem: 0	Det [G]	MD5: DCE0D20F8FB66DF41D53734BFF9D66F0	PX5: 2057508700E163D906880231F30F2D00E5519440
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\RSVP - ImagePath [C:\WINDOWS\system32\rsvp.exe]
C:\WINDOWS\system32\DRIVERS\R8139n51.SYS	InMem: 0	Det [G]	MD5: 2EF9C0DC26B30B2318B1FC3FAA1F0AE7	PX5: 03815C0F80D51E06B7A6008EAF28940060730EE0
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\rtl8139 - ImagePath [C:\WINDOWS\system32\DRIVERS\R8139n51.SYS]
C:\WINDOWS\System32\SCardSvr.exe	InMem: 0	Det [G]	MD5: 74B1E7FCFCA9A3A23871AA014144013E	PX5: FFC6D19800BAA7847E46014ECC3CD200949D4E12
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\SCardSvr - ImagePath [C:\WINDOWS\System32\SCardSvr.exe]
C:\WINDOWS\system32\DRIVERS\secdrv.sys	InMem: 0	Det [G]	MD5: 90A3935D05B494A5A39D37E71F09A677	PX5: 84A9A7CB006F9ECC508100883E7135006D51A95C
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Secdrv - ImagePath [C:\WINDOWS\system32\DRIVERS\secdrv.sys]
C:\WINDOWS\system32\DRIVERS\serenum.sys	InMem: 0	Det [G]	MD5: A2D868AEEFF612E70E213C451A70CAFB	PX5: 4F3C7EAD801665B83CEF00E324D68C009966C2DD
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\serenum - ImagePath [C:\WINDOWS\system32\DRIVERS\serenum.sys]
C:\WINDOWS\system32\DRIVERS\serial.sys	InMem: 0	Det [G]	MD5: DBAB3260E7EB3398CB87267D1410FAD4	PX5: 84269A0C80DA4AE9020E01315B99420097A96A32
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Serial - ImagePath [C:\WINDOWS\system32\DRIVERS\serial.sys]
C:\WINDOWS\system32\DRIVERS\sermouse.sys	InMem: 0	Det [G]	MD5: 0943473F9C525A1C509567E2A8250E4B	PX5: 050AE9220098140B478200FB3900380012664632
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\sermouse - ImagePath [C:\WINDOWS\system32\DRIVERS\sermouse.sys]
C:\WINDOWS\system32\DRIVERS\sfloppy.sys	InMem: 0	Det [G]	MD5: 0D13B6DF6E9E101013A7AFB0CE629FE0	PX5: 6884E1AE807AAB872CD300DC197E0C00B015D834
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Sfloppy - ImagePath [C:\WINDOWS\system32\DRIVERS\sfloppy.sys]
C:\WINDOWS\system32\DRIVERS\SLIP.sys	InMem: 0	Det [G]	MD5: 5CAEED86821FA2C6139E32E9E05CCDC9	PX5: C05453A580D50DE62B1A00E6C96F380022C2D117
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\SLIP - ImagePath [C:\WINDOWS\system32\DRIVERS\SLIP.sys]
C:\WINDOWS\system32\drivers\splitter.sys	InMem: 0	Det [G]	MD5: 0CE218578FFF5F4F7E4201539C45C78F	PX5: 249A00630095166C194E008C6AC35800063B57CE
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\splitter - ImagePath [C:\WINDOWS\system32\drivers\splitter.sys]
C:\WINDOWS\system32\DRIVERS\sr.sys	InMem: 0	Det [G]	MD5: 896F566AFC498077172EAE8A50E8BAF8	PX5: 4D90659E00D8A4771F1A013E6E421F00F36027A5
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\sr - ImagePath [C:\WINDOWS\system32\DRIVERS\sr.sys]
C:\WINDOWS\system32\DRIVERS\srv.sys	InMem: 0	Det [G]	MD5: EA554A3FFC3F536FE8320EB38F5E4843	PX5: 75BFBC608040FEEB14BC05A8A20D28000AA8481B
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Srv - ImagePath [C:\WINDOWS\system32\DRIVERS\srv.sys]
C:\WINDOWS\system32\DRIVERS\StreamIP.sys	InMem: 0	Det [G]	MD5: 284C57DF5DC7ABCA656BC2B96A667AFB	PX5: 37C869AE00A1D1423CD000F9D66948002AC47A8D
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\streamip - ImagePath [C:\WINDOWS\system32\DRIVERS\StreamIP.sys]
C:\WINDOWS\system32\DRIVERS\swenum.sys	InMem: 0	Det [G]	MD5: 03C1BAE4766E2450219D20B993D6E046	PX5: FDB253C8004ADC8E110200CB82EF3C003BACCEF1
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\swenum - ImagePath [C:\WINDOWS\system32\DRIVERS\swenum.sys]
C:\WINDOWS\system32\drivers\swmidi.sys	InMem: 0	Det [G]	MD5: 94ABC808FC4B6D7D2BBF42B85E25BB4D	PX5: D73823E800EBA9D4D48400057CBBEE004EA1E5C8
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\swmidi - ImagePath [C:\WINDOWS\system32\drivers\swmidi.sys]
C:\WINDOWS\system32\drivers\sysaudio.sys	InMem: 0	Det [G]	MD5: 650AD082D46BAC0E64C9C0E0928492FD	PX5: 23CF2276806778A5EDCF00D9512FDE00BB195FEF
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\sysaudio - ImagePath [C:\WINDOWS\system32\drivers\sysaudio.sys]
C:\WINDOWS\system32\smlogsvc.exe	InMem: 0	Det [G]	MD5: BC8B8694DEF74B4E6C626322D4321A54	PX5: C0E6801A0095AB606A660128541E440050C06325
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\SysmonLog - ImagePath [C:\WINDOWS\system32\smlogsvc.exe]
C:\WINDOWS\system32\DRIVERS\tcpip.sys	InMem: 0	Det [G]	MD5: 90CAFF4B094573449A0872A0F919B178	PX5: 9F6EEC1C80D7CCB57E0F0545DD505C004B15302D
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Tcpip - ImagePath [C:\WINDOWS\system32\DRIVERS\tcpip.sys]
C:\WINDOWS\system32\DRIVERS\termdd.sys	InMem: 0	Det [G]	MD5: A540A99C281D933F3D69D55E48727F47	PX5: 3111E3EA882052CE9F39002D38F46900A7415306
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\TermDD - ImagePath [C:\WINDOWS\system32\DRIVERS\termdd.sys]
C:\WINDOWS\system32\tlntsvr.exe	InMem: 0	Det [G]	MD5: 2A9DAAEF2CC0333DB6F129F2F8B3D3FD	PX5: F869AF89008EB51B24EC0113A0DCBB001FBDD7D2
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\TlntSvr - ImagePath [C:\WINDOWS\system32\tlntsvr.exe]
C:\WINDOWS\system32\DRIVERS\update.sys	InMem: 0	Det [G]	MD5: CED744117E91BDC0BEB810F7D8608183	PX5: DB815C1080BD5D598E3605C672D6A20096A59C7E
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Update - ImagePath [C:\WINDOWS\system32\DRIVERS\update.sys]
C:\WINDOWS\System32\ups.exe	InMem: 0	Det [G]	MD5: E4896F38A3F8DACEA6EA8D7EC9889D91	PX5: B1B748F7000750CB484000B4D1F04D00484BD2C2
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\UPS - ImagePath [C:\WINDOWS\System32\ups.exe]
C:\WINDOWS\system32\DRIVERS\usbccgp.sys	InMem: 0	Det [G]	MD5: BFFD9F120CC63BCBAA3D840F3EEF9F79	PX5: 3051DD5F80B0E02D7BC400CFE2D7F10086CC5663
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\usbccgp - ImagePath [C:\WINDOWS\system32\DRIVERS\usbccgp.sys]
C:\WINDOWS\system32\DRIVERS\usbehci.sys	InMem: 0	Det [G]	MD5: 15E993BA2F6946B2BFBBFCD30398621E	PX5: 42E57CAC00DC4FAF684000867EE93C003087E4F7
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\usbehci - ImagePath [C:\WINDOWS\system32\DRIVERS\usbehci.sys]
C:\WINDOWS\system32\DRIVERS\usbhub.sys	InMem: 0	Det [G]	MD5: C72F40947F92CEA56A8FB532EDF025F1	PX5: 1972CD35009EF197E1E10053A918EE0090181966
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\usbhub - ImagePath [C:\WINDOWS\system32\DRIVERS\usbhub.sys]
C:\WINDOWS\system32\DRIVERS\usbprint.sys	InMem: 0	Det [G]	MD5: A42369B7CD8886CD7C70F33DA6FCBCF5	PX5: C449F0710094064A6580004CDAAF0B00CAA1349A
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\usbprint - ImagePath [C:\WINDOWS\system32\DRIVERS\usbprint.sys]
C:\WINDOWS\system32\DRIVERS\usbscan.sys	InMem: 0	Det [G]	MD5: A6BC71402F4F7DD5B77FD7F4A8DDBA85	PX5: A345B33E004758873B29000DE02C9B00A6455141
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\usbscan - ImagePath [C:\WINDOWS\system32\DRIVERS\usbscan.sys]
C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS	InMem: 0	Det [G]	MD5: 6CD7B22193718F1D17A47A1CD6D37E75	PX5: 6135CAAA80509344675C002A218295006093CEAA
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\USBSTOR - ImagePath [C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS]
C:\WINDOWS\system32\DRIVERS\usbuhci.sys	InMem: 0	Det [G]	MD5: F8FD1400092E23C8F2F31406EF06167B	PX5: 4756F37D00016D8B5030004DF844F10054C11836
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\usbuhci - ImagePath [C:\WINDOWS\system32\DRIVERS\usbuhci.sys]
C:\Programmi\MSN Messenger\usnsvc.exe	InMem: 0	Det [GP]	MD5: C5B70A6AA947667CE0E5FC84A05EC8B6	PX5: 5ADE8CB4702068007B8E0103793683003D23EE98
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\usnjsvc - ImagePath [C:\Programmi\MSN Messenger\usnsvc.exe]
C:\WINDOWS\System32\drivers\vga.sys	InMem: 0	Det [G]	MD5: 8A60EDD72B4EA5AEA8202DAF0E427925	PX5: 14B18202007EA0B752C8003693833D00BCED634F
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\VgaSave - ImagePath [C:\WINDOWS\System32\drivers\vga.sys]
C:\WINDOWS\system32\drivers\VIRAGTLT.SYS	InMem: 0	Det [u]	MD5: 5A016D13ADF644178E54554B51A76051	PX5: C6CB63E480C1F5D89BAA0006DB2F7400E87F0704
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\VIRAGTLT - ImagePath [C:\WINDOWS\system32\drivers\VIRAGTLT.SYS]
C:\WINDOWS\System32\vssvc.exe	InMem: 0	Det [G]	MD5: 147C653AD61BD01556723B3C8C4FAFC8	PX5: F8FD01E1006746AE7C9C04ADE2180F00B254A617
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\VSS - ImagePath [C:\WINDOWS\System32\vssvc.exe]
C:\WINDOWS\system32\DRIVERS\wanarp.sys	InMem: 0	Det [G]	MD5: 984EF0B9788ABF89974CFED4BFBAACBC	PX5: D61BDDFF00BF41D487E5002B87E94900EE92AF43
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\Wanarp - ImagePath [C:\WINDOWS\system32\DRIVERS\wanarp.sys]
C:\WINDOWS\system32\DRIVERS\gwausb.sys	InMem: 0	Det [G]	MD5: 4074C9CBB02F817B508265A13546C79E	PX5: D11069BF809FB1156B2F02283AADA100C0B7217B
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\wanusb - ImagePath [C:\WINDOWS\system32\DRIVERS\gwausb.sys]
C:\WINDOWS\system32\drivers\wdmaud.sys	InMem: 0	Det [G]	MD5: EFD235CA22B57C81118C1AEB4798F1C1	PX5: 1A706C8200C406CF446E0184AD924B00FE330A09
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\wdmaud - ImagePath [C:\WINDOWS\system32\drivers\wdmaud.sys]
C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys	InMem: 0	Det [G]	MD5: 1225EBEA76AAC3C84DF6C54FE5E5D8BE	PX5: B01E5EF200315B7474880AC61620FE005A82CE5F
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\winachsf - ImagePath [C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys]
C:\WINDOWS\system32\wbem\wmiapsrv.exe	InMem: 0	Det [G]	MD5: 0EE2A2754039B13A632489726689DAD0	PX5: A8EB9B0C007C19C1EE9501FD1D31580061EB57F5
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\WmiApSrv - ImagePath [C:\WINDOWS\system32\wbem\wmiapsrv.exe]
C:\Programmi\Windows Media Player\WMPNetwk.exe	InMem: 0	Det [GP]	MD5: 445B34ACBE9BBBE5572882EECFD7E95D	PX5: FC73B38200A9D610A0180C715584630040C97B3F
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\WMPNetworkSvc - ImagePath [C:\Programmi\Windows Media Player\WMPNetwk.exe]
C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS	InMem: 0	Det [G]	MD5: D5842484F05E12121C511AA93F6439EC	PX5: B2CFBF068074D4084BB4001A2B9A35007D8AF7A1
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\WSTCODEC - ImagePath [C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS]
C:\WINDOWS\system32\DRIVERS\WudfPf.sys	InMem: 0	Det [G]	MD5: 443F0A35CB3BE5D176053DA39157A898	PX5: 0285A9D0008C0DC8449A01CDE6D95E00E5031276
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\WudfPf - ImagePath [C:\WINDOWS\system32\DRIVERS\WudfPf.sys]
C:\WINDOWS\system32\DRIVERS\wudfrd.sys	InMem: 0	Det [G]	MD5: E12D4C486D7EB4E0961C27558DC25AF7	PX5: B11770230021A0BD57CB01245E1CC400038F4D03
	REGSERVICE - \REGISTRY\Machine\SYSTEM\ControlSet001\Services\WudfRd - ImagePath [C:\WINDOWS\system32\DRIVERS\wudfrd.sys]
C:\WINDOWS\system32\RUNDLL32.EXE	InMem: 0	Det [G]	MD5: F88CDB0CCC416B3778736BE74CDEBB94	PX5: 797CA9E8007174E38209003396ABA600D9E79205
	REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - NvCplDaemon [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup]
	REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - NvMediaCenter [RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit]
	REGWINLOG - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon - VmApplet [rundll32 shell32,Control_RunDLL "sysdm.cpl"]
	REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{B915B642-6E37-45B3-828E-C300390551CF} - StubPath [RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP]
	REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B} - StubPath [rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmt]
	REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be} - StubPath [rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.]
	REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6} - StubPath [rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.i]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{00E7B358-F65B-4dcf-83DF-CD026B94BFD4}\LocalServer32 - {00E7B358-F65B-4dcf-83DF-CD026B94BFD4} [rundll32.exe %SystemRoot%\system32\shimgvw.dll,ImageView_COMServ]
	REGEXTNMAP - \REGISTRY\Machine\Software\Classes\ShellScrap\shell\open\command -  [rundll32 %SystemRoot%\system32\shscrap.dll,OpenScrap_RunDLL %1]
C:\WINDOWS\system32\NvCpl.dll	InMem: 0	Det [G]	PX5: 89AFF487009A50F280D26CD9DF69C200AE8CD2CE
	REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - NvCplDaemon [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{A70C977A-BF00-412C-90B7-034C51DA2439}\InprocServer32 - {A70C977A-BF00-412C-90B7-034C51DA2439} [C:\WINDOWS\system32\nvcpl.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{FFB699E0-306A-11d3-8BD1-00104B6F7516}\InprocServer32 - {FFB699E0-306A-11d3-8BD1-00104B6F7516} [C:\WINDOWS\system32\nvcpl.dll]
C:\WINDOWS\system32\nwiz.exe	InMem: 0	Det [G]	MD5: 83DA3C0B8B9B9B68DB6B1B171A0128C9	PX5: 56D10D87009BA5DA30FC172CB7BC2600F6EBE0CA
	REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - nwiz [nwiz.exe /install]
C:\WINDOWS\system32\NvMcTray.dll	InMem: 0	Det [G]	MD5: BA116CD1FC1226D7F010D0736986E7B7	PX5: B8F271AD005E169C50F80128F8B7AD007E372B10
	REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - NvMediaCenter [RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit]
C:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe	InMem: 0	Det [G]	MD5: 1C3CA3E7807F915933BB4E08E599DDAB	PX5: 57EEB8900093595B6061020296115400E98511D6
	REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - SSBkgdUpdate ["C:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupd]
C:\Programmi\ScanSoft\PaperPort\IndexSearch.exe	InMem: 0	Det [G]	MD5: D124E346BF2969E30143A1FA09231941	PX5: 223D248100F92AFDA09C00D525E60000B0CD49BD
	REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - IndexSearch [C:\Programmi\ScanSoft\PaperPort\IndexSearch.exe]
C:\WINDOWS\system32\NeroCheck.exe	InMem: 0	Det [G]	MD5: 3E4C03CEFAD8DE135263236B61A49C90	PX5: 0A1755890076B4FC600C028A81C92900BA5A263E
	REGRUNKEY - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run - NeroCheck [C:\WINDOWS\system32\NeroCheck.exe]
C:\Programmi\Grisoft\AVG7\avgw.exe	InMem: 0	Det [G]	MD5: B331EF4C7437F5093D703340678469EB	PX5: 75C2FBB50077C4CB589103ED9FC2A900DCA9D54E
	REGRUNKEY - \REGISTRY\User\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run - AVG7_Run [C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE]
	REGRUNKEY - \REGISTRY\User\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run - AVG7_Run [C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE]
	REGRUNKEY - \REGISTRY\User\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run - AVG7_Run [C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE]
	REGRUNKEY - \REGISTRY\User\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run - AVG7_Run [C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE]
C:\WINDOWS\system32\userinit.exe	InMem: 0	Det [G]	MD5: C1E7FE19F98A877BF8F941BF48148695	PX5: 33A4BB2F001DA1EB620B00510674AE00F15A5361
	REGWINLOG - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon - UserInit [C:\WINDOWS\system32\userinit.exe]
C:\WINDOWS\system32\logonui.exe	InMem: 0	Det [G]	MD5: 43BDF167CE792A5639D99AD7F1EABC1C	PX5: 6B3184960083D65DDE0B0761A134100078FE806C
	REGWINLOG - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon - UIHost [logonui.exe]
C:\WINDOWS\system32\autochk.exe	InMem: 0	Det [G]	MD5: 779768A0A8091EDB749DCB8FE60213E1	PX5: 38890F3300760B775A86096430A56A00DB68AE82
	REGSESSMGR - \REGISTRY\Machine\System\CurrentControlSet\Control\Session Manager - BootExecute [autocheck]
C:\WINDOWS\system32\msjava.dll	InMem: 0	Det [G]	MD5: E75AA32C6B79C846F5314CA4DA92F29E	PX5: 01A2D955103896C5756F0E58E5337C005E03C8EE
	REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500} - KeyFileName [C:\WINDOWS\system32\msjava.dll]
C:\Programmi\Messenger\msmsgs.exe	InMem: 0	Det [G]	MD5: 74E6E96C6F0E2ECA4EDBB7F7A468F259	PX5: 937DB9BC008B29B4DA13198C306CAF00327E8384
	REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be} - KeyFileName [C:\Programmi\Messenger\msmsgs.exe]
	REGEXPSHELL - \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683} - Exec [C:\Programmi\Messenger\msmsgs.exe]
C:\WINDOWS\system32\msieftp.dll	InMem: 0	Det [G]	MD5: 9BA0424BF46A751E9F68829A9AFBE680	PX5: 44133DFB00C5C1B9D64903B9EB9B6E00A95E5477
	REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9} - KeyFileName [C:\WINDOWS\system32\msieftp.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{63da6ec0-2e98-11cf-8d82-444553540000}\InprocServer32 - {63da6ec0-2e98-11cf-8d82-444553540000} [C:\WINDOWS\system32\msieftp.dll]
C:\WINDOWS\inf\unregmp2.exe	InMem: 0	Det [G]	MD5: 91DD11541D708B8BAB5AAD80C71B202D	PX5: 8B58A3C900CA5785C6200262AB98A6000F3733D8
	REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Stubpath [C:\WINDOWS\inf\unregmp2.exe /ShowWMP]
C:\WINDOWS\system32\shmgrate.exe	InMem: 0	Det [G]	MD5: F8CBCDAA8C509F6A424834FE51956E21	PX5: 20602ECB00AD0F89A6D6007CC62E8E00FE74C13B
	REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c} - StubPath [%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE]
	REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - StubPath [%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE]
C:\WINDOWS\system32\IEDKCS32.DLL	InMem: 0	Det [G]	MD5: D99DF44836FD20FAA6B608A9CEE60F5F	PX5: FE6CE44B003461A1F06E045F06C65A008605BA00
	REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{B915B642-6E37-45B3-828E-C300390551CF} - StubPath [RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP]
	REGGPOLICY - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3} - DllName [iedkcs32.dll]
	REGGPOLICY - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B} - DllName [iedkcs32.dll]
C:\WINDOWS\system32\regsvr32.exe	InMem: 0	Det [G]	MD5: DA9623D7E0CA24DD3E08523287E05A4C	PX5: 9F2DE48F0086912530FD001A3E083800D58E0872
	REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED} - StubPath [%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %System]
	REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340} - StubPath [regsvr32.exe /s /n /i:U shell32.dll]
C:\Programmi\Outlook Express\setup50.exe	InMem: 0	Det [G]	MD5: 5565E7539564F955441DE6FDCBE447A9	PX5: 990052A900467F972069015D0AA93E00C6116D6B
	REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C} - StubPath ["%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WIN]
	REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02} - StubPath ["%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WI]
C:\WINDOWS\system32\advpack.dll	InMem: 0	Det [G]	MD5: 486A0D63381B08D5A41F44E58FE3B4E4	PX5: 40DE446000D9DEB58E9C01A9A95DBB0000B29576
	REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B} - StubPath [rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmt]
	REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be} - StubPath [rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.]
	REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6} - StubPath [rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.i]
C:\WINDOWS\system32\ie4uinit.exe	InMem: 0	Det [G]	MD5: 452FA07DD74200AD8BDADD145487F653	PX5: 77DF5E7B005FEC32864A001224995700729F5FAF
	REGACTIVEX - \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383} - StubPath [%SystemRoot%\system32\ie4uinit.exe]
C:\WINDOWS\system32\logon.scr	InMem: 0	Det [G]	MD5: 6FA8411D60C4FAEE5102EEE1367AB34D	PX5: 509D0B6F00114C175E1803F3B4819D004996445C
	REGSCRNSAVE - \REGISTRY\User\.DEFAULT\Control Panel\Desktop - SCRNSAVE.EXE [logon.scr]
	REGSCRNSAVE - \REGISTRY\User\S-1-5-19\Control Panel\Desktop - SCRNSAVE.EXE [%SystemRoot%\System32\logon.scr]
	REGSCRNSAVE - \REGISTRY\User\S-1-5-20\Control Panel\Desktop - SCRNSAVE.EXE [%SystemRoot%\System32\logon.scr]
	REGSCRNSAVE - \REGISTRY\User\S-1-5-18\Control Panel\Desktop - SCRNSAVE.EXE [logon.scr]
C:\WINDOWS\system32\gptext.dll	InMem: 0	Det [G]	MD5: F286C70F59F434B6DDBAB5738B6B029B	PX5: 3937BBDB001CF5150EDE03108010A6002700AFB6
	REGGPOLICY - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63} - DllName [gptext.dll]
	REGGPOLICY - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{426031c0-0b47-4852-b0ca-ac3d37bfcb39} - DllName [gptext.dll]
	REGGPOLICY - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{42B5FAAE-6536-11d2-AE5A-0000F87571E3} - DllName [gptext.dll]
	REGGPOLICY - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{e437bc1c-aa7d-11d2-a382-00c04f991e27} - DllName [gptext.dll]
C:\WINDOWS\system32\fdeploy.dll	InMem: 0	Det [G]	MD5: B4767457D286EBB4767C5EC1DF9A7424	PX5: 4B245433003392E32A140131FF3EF30000999A70
	REGGPOLICY - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{25537BA6-77A8-11D2-9B6C-0000F8080861} - DllName [fdeploy.dll]
C:\WINDOWS\system32\dskquota.dll	InMem: 0	Det [G]	MD5: 78B72D69EE065560A89B7ECE65ED7E2C	PX5: 67A29FF30003BFCF6E3801450DA1040095E8819B
	REGGPOLICY - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{3610eda5-77ef-11d2-8dc5-00c04fa31a66} - DllName [dskquota.dll]
C:\WINDOWS\system32\Security.dll	InMem: 0	Det [G]	MD5: 71ECCDFAED35071ECB63430732E4276F	PX5: 6E962CC0006BCF2D162C007F8D738E00DB8BC691
	REGGPOLICY - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{827D319E-6EAC-11D2-A4EA-00C04F79F83A} -  [Security]
C:\WINDOWS\system32\appmgmts.dll	InMem: 0	Det [G]	MD5: 00E50CD4D9247CB56EFC1360C32AB755	PX5: D38F92810065B7EDAC840228F23E3C004E625C37
	REGGPOLICY - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{c6dc5466-785a-11d2-84d0-00c04fb169f7} - DllName [appmgmts.dll]
C:\WINDOWS\system32\cryptnet.dll	InMem: 0	Det [G]	MD5: F8DD2E38ECC275AE94EDC7C0492416EF	PX5: 7068F9AD00A507EDF8EF0072A0BBE3005197631B
	REGWINLOG - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet - DllName [cryptnet.dll]
C:\WINDOWS\system32\sclgntfy.dll	InMem: 0	Det [G]	MD5: 5FF2551A3D740476F06B20F59CD7F0BE	PX5: 164435B300B5B4E0548400AA1F6E0800C2CDD06A
	REGWINLOG - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy - DllName [sclgntfy.dll]
C:\WINDOWS\system32\comm.drv	InMem: 0	Det [G]	MD5: 01B656374912D7CCF7465A3893F18982	PX5: 0D8B262B3068553F296F004B25B4F300F3172575
	REG16BITRUN - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot - comm.drv [comm.drv]
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\vga.drv	InMem: 0	Det [G]	MD5: 9C86BBB80450AF95B6A4EA8EBDA93D76	PX5: 8D38D13480CC42FA089200F6F3895F00B79BCD14
	REG16BITRUN - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot - display.drv [vga.drv]
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\mmsystem.dll	InMem: 0	Det [G]	MD5: 7B3633A771FFAD1CFB8D999FB5FC2687	PX5: B7018ADE208113FC103101C8EB6DD700B1D99765
	REG16BITRUN - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot - drivers [mmsystem.dll]
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\keyboard.drv	InMem: 0	Det [G]	MD5: ED4BF709AAD8B665075DE06A0945B030	PX5: 159F7A82D0C5E0D3077700FE801B1000B79BCD14
	REG16BITRUN - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot - keyboard.drv [keyboard.drv]
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\mouse.drv	InMem: 0	Det [G]	MD5: 7D29780AC88BB7292CDCFF71BA67433D	PX5: D9EA0CB2F0FB384407BE00D28D0C0C00B79BCD14
	REG16BITRUN - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot - mouse.drv [mouse.drv]
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\wfwnet.drv	InMem: 0	Det [G]	MD5: 5302ADA9B0793C84151FC463DD65D7BF	PX5: E9641F0220200734353000D28FC59A003BEC664C
	REG16BITRUN - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot - network.drv [wfwnet.drv]
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\progman.exe	InMem: 0	Det [G]	MD5: DF0960F73F899D517FFE5A96F8715E0E	PX5: C0D0815600445D69AC3B01B2DAB067005DE0E11A
	REG16BITRUN - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot - shell [progman.exe]
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\sound.drv	InMem: 0	Det [G]	MD5: 028A1F74926DC3DF2D9629EDC9AEBAFB	PX5: E70CAE91D00DCE52067C00647C846400B79BCD14
	REG16BITRUN - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot - sound.drv [sound.drv]
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\system.drv	InMem: 0	Det [G]	MD5: 4A00D59AE6D75BDFC2C8E5182C4B1376	PX5: D4BD27742043BEDB0DB0000478EA5C00B79BCD14
	REG16BITRUN - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot - system.drv [system.drv]
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\ntvdm.exe	InMem: 0	Det [G]	MD5: 0FEA136CC628C6182E91598F7990229C	PX5: DFD881F400018F016A4F06473E7EAA001AE7779E
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - cmdline [%SystemRoot%\system32\ntvdm.exe]
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - wowcmdline [%SystemRoot%\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386]
C:\WINDOWS\system32\commdlg.dll	InMem: 0	Det [G]	MD5: 282C6A1E0565458CE162C907A84043F4	PX5: D41FE74160643BD6833B006BB7E5A9004410FDC1
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\ctl3dv2.dll	InMem: 0	Det [G]	MD5: 637D88E7A1BEDC4457C80DBC8BA9F135	PX5: C84734B440655DC66A4D00304EF8AC0014627D07
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\ddeml.dll	InMem: 0	Det [G]	MD5: BF6529DE6619C4970E727F58E0AD48D1	PX5: 87F926CB00F2CB349A1200182C7413003E6FB37C
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\lanman.drv	InMem: 0	Det [G]	MD5: E9D142FEAA02E867C8DCDDFE84E29E20	PX5: A797EACD0BCFF4C3663403FC8369B500D2DCA4A2
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\netapi.dll	InMem: 0	Det [G]	MD5: 0F4AD2E828A6CB0F100CB36F3AC6FAEE	PX5: 3B2621E2C04DF3B2A77E0156CAF52A0029A06ED9
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\olecli.dll	InMem: 0	Det [G]	MD5: CA0305757C0648715F6D92BA0C43992F	PX5: B5F4F24400858B0246DF0121D0BC320031CB25FD
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\olesvr.dll	InMem: 0	Det [G]	MD5: 16BF834A84A7DC0D24EDC8E924C90637	PX5: CE221EF60049CF2B5E3B009B247C6A00F018477F
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\pmspl.dll	InMem: 0	Det [G]	MD5: 57F8A50513E43AAF6A7B23389E389BBC	PX5: 98CDEBDE0094268EB67200C1C6BF85009014DA93
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\shell.dll	InMem: 0	Det [G]	MD5: DC8A8C47542EDD026AD8F4AC3D6C2292	PX5: CE2E2C35000BF1E3147B0046192BB900FA35E49E
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\toolhelp.dll	InMem: 0	Det [G]	MD5: C86363C599E5D6836C21A3A3FD21C388	PX5: 87219368400265353643009B30E21C003936EBD7
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\win87em.dll	InMem: 0	Det [G]	MD5: C980C971AD4FF3CA5CEFDEF40932D3A1	PX5: 22C03F9D0005E87A34B40075B0F00E00517D625F
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\winoldap.mod	InMem: 0	Det [G]	MD5: 0DDFD6315DA4B29D09D09B6873EA460B	PX5: E19A53B2202676D208C7002132DA8800B79BCD14
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\winsock.dll	InMem: 0	Det [G]	MD5: 68485C5EF0E2EFCEBF21BBB1042B823B	PX5: FCF9BBDC30E28D0D0BF200D9F4D9CD00B79BCD14
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\winspool.exe	InMem: 0	Det [G]	MD5: 0B4B94B78123E8035B84105BC024F9F8	PX5: F5BB157440E5748C08D600021F9AD300B79BCD14
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\wowdeb.exe	InMem: 0	Det [G]	MD5: A7B82D6B38A2ACD3B2684E7371C6CE93	PX5: C1613D5DB0A80A260ABB006471357400B79BCD14
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\timer.drv	InMem: 0	Det [G]	MD5: 01DC53809B29550424FDB88345F6872C	PX5: 01DC5380F09B29550F040024FDB8830045F6872C
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\compobj.dll	InMem: 0	Det [G]	MD5: 40F9FC896B2BA69FDC04D75E9D00DD01	PX5: DA21156DD0BCD8E77562007DCF26A600F4FFDA3F
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\storage.dll	InMem: 0	Det [G]	MD5: 3A5CD674ADA85BCC1FF26B81B4CDEFB5	PX5: 60BAD4D270E3252C10B800A49D4C780095AFB292
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\ole2.dll	InMem: 0	Det [G]	MD5: 145AA8ECF0526C093F71117C181694AB	PX5: F2FC4A2A40B7B6B59BDF00629364AB00A54AED31
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\ole2disp.dll	InMem: 0	Det [G]	MD5: EB38BE7D7CF9EC15442A9D24CB39A2AC	PX5: 3E66404830EBCC7296B902E3361C6400BE12EFF7
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\ole2nls.dll	InMem: 0	Det [G]	MD5: 32CFCC848A57F87638E31E8735515F80	PX5: 09B13294B021FA9E558F026E08072F00900228B5
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\typelib.dll	InMem: 0	Det [G]	MD5: 7161255DFA81E67B66B746D2504D2F2B	PX5: C0620321C004C14EB60D020DCCE16200701F9AEA
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\msvideo.dll	InMem: 0	Det [G]	MD5: 0FEC57467004486CF202ED7BDFA5DCEE	PX5: 790EE65FC0939660F0F4012F00509C00EF668BF3
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\avifile.dll	InMem: 0	Det [G]	MD5: 92FBB472D13A6CC283529301810922FB	PX5: 23078576D07C879BAB0E016052733100CC123BD6
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\msacm.dll	InMem: 0	Det [G]	MD5: B3E0E6C925D333FDCA47808EBF787CB2	PX5: 9509859960B48961EF3C0048E192C7002EB67DBB
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\mciavi.drv	InMem: 0	Det [G]	MD5: E6A1BB6F039486BCEB825B365AA5548D	PX5: 8B09E9FBC0AC80C41F5801300F1C5F00B1E6B4D8
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\mciseq.drv	InMem: 0	Det [G]	MD5: 6F3561B8890792B0F61C353D1FC85F9C	PX5: 6F3561B8D089079262B000F61C353D001FC85F9C
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\mciwave.drv	InMem: 0	Det [G]	MD5: 2D1A8D96222A829884C50D453B805765	PX5: 2D1A8D9600222A826E980084C50D45003B805765
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\WINDOWS\system32\avicap.dll	InMem: 0	Det [G]	MD5: 4A78D6C08D90BDE538D5B538A082C1C9	PX5: 8D50F512B0D5AAB0126C01BC85534E00FA0EC9E8
	REG16BITRUN - \REGISTRY\Machine\System\CurrentControlSet\Control\WOW - KnownDlls [comm.drv]
C:\Programmi\Windows Live Toolbar\msntb.dll	InMem: 0	Det [G]	MD5: CEE1BE1DA21300208D07FBEAE9EA2B51	PX5: C4A095C7107127ED56080800C2287A002C8CC909
	REGBHO - \REGISTRY\Machine\Software\Classes\CLSID\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\InprocServer32 -  [C:\Programmi\Windows Live Toolbar\msntb.dll]
	REGTOOLBAR - \REGISTRY\Machine\Software\Classes\CLSID\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\InprocServer32 - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} [C:\Programmi\Windows Live Toolbar\msntb.dll]
C:\WINDOWS\system32\ntsd.exe	InMem: 0	Det [G]	MD5: 3ECFFB9259462ACCCAF0063841E85E9B	PX5: 834FBBDD002D211C7C10004432E9BD00FC3D4F55
	REGIFEO - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a  - Debugger [ntsd -d]
C:\WINDOWS\system32\mmsys.cpl	InMem: 0	Det [G]	MD5: B9E3764A67F8D272E88A74E0BDFA1BD0	PX5: 22BCF726009533B384CD093581FB0B00BBF55E93
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{00022613-0000-0000-C000-000000000046}\InprocServer32 - {00022613-0000-0000-C000-000000000046} [mmsys.cpl]
C:\WINDOWS\system32\icmui.dll	InMem: 0	Det [G]	MD5: CC61775DD0099C04C1C464D2E838E0A3	PX5: 79852F4F004FA70AD8870036A8B3F300BFB6CC72
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{176d6597-26d3-11d1-b350-080036a75b03}\InprocServer32 - {176d6597-26d3-11d1-b350-080036a75b03} [icmui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{5DB2625A-54DF-11D0-B6C4-0800091AA605}\InprocServer32 - {5DB2625A-54DF-11D0-B6C4-0800091AA605} [%SystemRoot%\System32\icmui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{675F097E-4C4D-11D0-B6C1-0800091AA605}\InprocServer32 - {675F097E-4C4D-11D0-B6C1-0800091AA605} [%SystemRoot%\system32\icmui.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{DBCE2480-C732-101B-BE72-BA78E9AD5B27}\InprocServer32 - {DBCE2480-C732-101B-BE72-BA78E9AD5B27} [%SystemRoot%\system32\icmui.dll]
C:\WINDOWS\system32\rshx32.dll	InMem: 0	Det [G]	MD5: 96DBC8F1582FE95B299CD3D6CDBA10A2	PX5: 8E3D69C300B1B3BBA05400C01998E00021B13B08
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{1F2E5C40-9550-11CE-99D2-00AA006E086C}\InprocServer32 - {1F2E5C40-9550-11CE-99D2-00AA006E086C} [rshx32.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}\InprocServer32 - {F37C5810-4D3F-11d0-B4BF-00AA00BBB723} [rshx32.dll]
C:\WINDOWS\system32\docprop.dll	InMem: 0	Det [G]	MD5: 33CF28FEAC3984EDEA3B8672A0D7F46A	PX5: 4D155A630014F006B8E7003E1F6CD600C0918C31
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{3EA48300-8CF6-101B-84FB-666CCB9BCD32}\InprocServer32 - {3EA48300-8CF6-101B-84FB-666CCB9BCD32} [docprop.dll]
C:\WINDOWS\system32\deskadp.dll	InMem: 0	Det [G]	MD5: 77DD733136353761750B2258AD368A7E	PX5: 1FEBC52C0075696A427B005EACC72200AF70D61C
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{42071712-76d4-11d1-8b24-00a0c9068ff3}\InprocServer32 - {42071712-76d4-11d1-8b24-00a0c9068ff3} [deskadp.dll]
C:\WINDOWS\system32\deskmon.dll	InMem: 0	Det [G]	MD5: B4D9F35F49B9E5B03C45BEBD96486FE4	PX5: E6AC7E1B00B4347342D70033642CB1001FC78895
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{42071713-76d4-11d1-8b24-00a0c9068ff3}\InprocServer32 - {42071713-76d4-11d1-8b24-00a0c9068ff3} [deskmon.dll]
C:\WINDOWS\system32\dssec.dll	InMem: 0	Det [G]	MD5: FBA19F60318C5E62CC531F7265E64899	PX5: BF365090005B6ECFCC56008F370997000EDC51ED
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{4E40F770-369C-11d0-8922-00A024AB2DBB}\InprocServer32 - {4E40F770-369C-11d0-8922-00A024AB2DBB} [dssec.dll]
C:\WINDOWS\system32\SlayerXP.dll	InMem: 0	Det [G]	MD5: 92E3C0617DDA6F19A7B0F680C94C9B6F	PX5: 071E70380069307964410011CDEF880004B79666
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}\InprocServer32 - {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} [SlayerXP.dll]
C:\WINDOWS\system32\shscrap.dll	InMem: 0	Det [G]	MD5: 886E25758E76F75B62955E031EAAA7E5	PX5: CEE438A6004ACC126CE400DA76EA3300F6FBD343
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{56117100-C0CD-101B-81E2-00AA004AE837}\InprocServer32 - {56117100-C0CD-101B-81E2-00AA004AE837} [shscrap.dll]
	REGEXTNMAP - \REGISTRY\Machine\Software\Classes\ShellScrap\shell\open\command -  [rundll32 %SystemRoot%\system32\shscrap.dll,OpenScrap_RunDLL %1]
C:\WINDOWS\system32\diskcopy.dll	InMem: 0	Det [G]	MD5: 18AC1727A4FDD1012974AD76580D0C74	PX5: 74FF218D0092AEB8EC3016F62F9A37009BC24342
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{59099400-57FF-11CE-BD94-0020AF85B590}\InprocServer32 - {59099400-57FF-11CE-BD94-0020AF85B590} [diskcopy.dll]
C:\WINDOWS\system32\ntlanui2.dll	InMem: 0	Det [G]	MD5: 75AC93BB0EDA95A6B928C7949E60B98B	PX5: 0FBD6225003D84B73AA5000A7557EF00532B5590
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{59be4990-f85c-11ce-aff7-00aa003ca9f6}\InprocServer32 - {59be4990-f85c-11ce-aff7-00aa003ca9f6} [ntlanui2.dll]
C:\WINDOWS\system32\dskquoui.dll	InMem: 0	Det [G]	MD5: BECA74D3E444B46FA22300B26A46B67D	PX5: 22C011F30068927142C902641380E9009CE9DCD6
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{7988B573-EC89-11cf-9C00-00AA00A14F56}\InprocServer32 - {7988B573-EC89-11cf-9C00-00AA00A14F56} [dskquoui.dll]
C:\WINDOWS\system32\syncui.dll	InMem: 0	Det [G]	MD5: AD552FCC0582EA9D1A8F7AB38FB53393	PX5: 32CB8DAC001BF20AF6D60250E1D558008C7994BA
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}\InprocServer32 - {85BBD920-42A0-1069-A2E4-08002B30309D} [syncui.dll]
C:\WINDOWS\system32\hticons.dll	InMem: 0	Det [G]	MD5: 487B70D88AE51825E90C98E067205E60	PX5: FDDAAC340069DC70AEDE004813C9AE00464F204F
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{88895560-9AA2-1069-930E-00AA0030EBC8}\InprocServer32 - {88895560-9AA2-1069-930E-00AA0030EBC8} [C:\WINDOWS\system32\hticons.dll]
C:\WINDOWS\system32\fontext.dll	InMem: 0	Det [G]	MD5: 71A69EEE673B5D15EBC8479BE12D65C7	PX5: A9B1E4F600762191E233053033E9D8001908E1DB
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{BD84B380-8CA2-1069-AB1D-08000948F534}\InprocServer32 - {BD84B380-8CA2-1069-AB1D-08000948F534} [fontext.dll]
C:\WINDOWS\system32\deskperf.dll	InMem: 0	Det [G]	MD5: 584DAC27268A6A1892062380B1582494	PX5: DEBA621400871F794A8D0005514927006E3B795A
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{f92e8c40-3d33-11d2-b1aa-080036a75b03}\InprocServer32 - {f92e8c40-3d33-11d2-b1aa-080036a75b03} [deskperf.dll]
C:\WINDOWS\system32\cryptext.dll	InMem: 0	Det [G]	MD5: D8340D897AD5CF76E359D3EBBABB5A03	PX5: 144B846200DE013DD4E800E6AFBAF700F56839D9
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{7444C717-39BF-11D1-8CD9-00C04FC29D45}\InprocServer32 - {7444C717-39BF-11D1-8CD9-00C04FC29D45} [C:\WINDOWS\system32\cryptext.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{7444C719-39BF-11D1-8CD9-00C04FC29D45}\InprocServer32 - {7444C719-39BF-11D1-8CD9-00C04FC29D45} [C:\WINDOWS\system32\cryptext.dll]
C:\WINDOWS\system32\wiashext.dll	InMem: 0	Det [G]	MD5: C1F811F1EDC12130F9842B93B588957F	PX5: C96A74CF00663EB10AB209D765C2F9007A08BE3F
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{E211B736-43FD-11D1-9EFB-0000F8757FCD}\InprocServer32 - {E211B736-43FD-11D1-9EFB-0000F8757FCD} [wiashext.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}\InprocServer32 - {FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD} [wiashext.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{905667aa-acd6-11d2-8080-00805f6596d2}\InprocServer32 - {905667aa-acd6-11d2-8080-00805f6596d2} [wiashext.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{3F953603-1008-4f6e-A73A-04AAC7A992F1}\InprocServer32 - {3F953603-1008-4f6e-A73A-04AAC7A992F1} [wiashext.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{83bbcbf3-b28a-4919-a5aa-73027445d672}\InprocServer32 - {83bbcbf3-b28a-4919-a5aa-73027445d672} [wiashext.dll]
C:\WINDOWS\system32\remotepg.dll	InMem: 0	Det [G]	MD5: 248AFC0C31E60BBBFACEAC5FD66B4F3D	PX5: B276FC4B0072F7D1EE38004C043BDE00E8D7EAE4
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{F0152790-D56E-4445-850E-4F3117DB740C}\InprocServer32 - {F0152790-D56E-4445-850E-4F3117DB740C} [C:\WINDOWS\system32\remotepg.dll]
C:\WINDOWS\system32\wshext.dll	InMem: 0	Det [G]	MD5: 2A7CE0D301ED72A88B5EDE591AC7C51A	PX5: 66026A8D0045E4F800BE0104F649E900B9F8B8B3
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{60254CA5-953B-11CF-8C96-00AA00B8708C}\InprocServer32 - {60254CA5-953B-11CF-8C96-00AA00B8708C} [C:\WINDOWS\system32\wshext.dll]
C:\Programmi\File comuni\System\Ole DB\oledb32.dll	InMem: 0	Det [G]	MD5: A2033E5A2B7FC1874CACD6D70A7A7095	PX5: 722A7F0200065713701D079CB9F9D70095D47802
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{2206CDB2-19C1-11D1-89E0-00C04FD7A829}\InprocServer32 - {2206CDB2-19C1-11D1-89E0-00C04FD7A829} [C:\Programmi\File comuni\System\Ole DB\oledb32.dll]
C:\WINDOWS\system32\wuaucpl.cpl	InMem: 0	Det [G]	MD5: D7FA9A9750403CC68DC209CDE7C50D7A	PX5: DEC1D60858D0AD974D1603850E3A98002B746A2D
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{5F327514-6C5E-4d60-8F16-D07FA08A78ED}\InprocServer32 - {5F327514-6C5E-4d60-8F16-D07FA08A78ED} [C:\WINDOWS\system32\wuaucpl.cpl]
C:\WINDOWS\system32\twext.dll	InMem: 0	Det [G]	MD5: 9C0305DF90319693B0B8025976DE5C66	PX5: 83D6D2D5007A7A78AC5A00555BE37F0060757F73
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{596AB062-B4D2-4215-9F74-E9109B0A8153}\InprocServer32 - {596AB062-B4D2-4215-9F74-E9109B0A8153} [%SystemRoot%\system32\twext.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{9DB7A13C-F208-4981-8353-73CC61AE2783}\InprocServer32 - {9DB7A13C-F208-4981-8353-73CC61AE2783} [%SystemRoot%\system32\twext.dll]
C:\WINDOWS\system32\shmedia.dll	InMem: 0	Det [G]	MD5: BF30BB4D33AFA9E7E33F82F7DE84F18C	PX5: 6F935BCA00698E3154450276A47BF4000FC59B48
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}\InprocServer32 - {875CB1A1-0F29-45de-A1AE-CFB4950D0B78} [%SystemRoot%\system32\shmedia.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}\InprocServer32 - {40C3D757-D6E4-4b49-BB41-0E5BBEA28817} [%SystemRoot%\system32\shmedia.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{E4B29F9D-D390-480b-92FD-7DDB47101D71}\InprocServer32 - {E4B29F9D-D390-480b-92FD-7DDB47101D71} [%SystemRoot%\system32\shmedia.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{87D62D94-71B3-4b9a-9489-5FE6850DC73E}\InprocServer32 - {87D62D94-71B3-4b9a-9489-5FE6850DC73E} [%SystemRoot%\system32\shmedia.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{A6FD9E45-6E44-43f9-8644-08598F5A74D9}\InprocServer32 - {A6FD9E45-6E44-43f9-8644-08598F5A74D9} [%SystemRoot%\system32\shmedia.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{c5a40261-cd64-4ccf-84cb-c394da41d590}\InprocServer32 - {c5a40261-cd64-4ccf-84cb-c394da41d590} [%SystemRoot%\system32\shmedia.dll]
C:\WINDOWS\system32\sendmail.dll	InMem: 0	Det [G]	MD5: 2E2CF126E0C68EE3954D4033035CA78E	PX5: 89815E52001B0148D88B0081AF133A006B487C42
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}\InprocServer32 - {9E56BE60-C50F-11CF-9A2C-00A0C90A90CE} [C:\WINDOWS\system32\sendmail.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}\InprocServer32 - {9E56BE61-C50F-11CF-9A2C-00A0C90A90CE} [C:\WINDOWS\system32\sendmail.dll]
C:\WINDOWS\system32\occache.dll	InMem: 0	Det [G]	MD5: EAA6D95C930615B37D2846778480B3E7	PX5: 214F9BB100EDD7C47CF8015D8AF0380096C50712
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{88C6C381-2E85-11D0-94DE-444553540000}\InprocServer32 - {88C6C381-2E85-11D0-94DE-444553540000} [%SystemRoot%\system32\occache.dll]
C:\WINDOWS\system32\appwiz.cpl	InMem: 0	Det [G]	MD5: 5811931252689335B915135F40AF5EF1	PX5: 7BF23A6100E0F96772F20888CE0D3F00288DF318
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{352EC2B7-8B9A-11D1-B8AE-006008059382}\InprocServer32 - {352EC2B7-8B9A-11D1-B8AE-006008059382} [%SystemRoot%\system32\appwiz.cpl]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{0B124F8F-91F0-11D1-B8B5-006008059382}\InprocServer32 - {0B124F8F-91F0-11D1-B8B5-006008059382} [%SystemRoot%\system32\appwiz.cpl]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{CFCCC7A0-A282-11D1-9082-006008059382}\InprocServer32 - {CFCCC7A0-A282-11D1-9082-006008059382} [%SystemRoot%\system32\appwiz.cpl]
C:\WINDOWS\system32\shimgvw.dll	InMem: 0	Det [G]	MD5: 3528C993453CA6AEC6AB684FF1189950	PX5: BF42E4FC005BE16EB66806F7E01C32002F436309
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{e84fda7c-1d6a-45f6-b725-cb260c236066}\InprocServer32 - {e84fda7c-1d6a-45f6-b725-cb260c236066} [%SystemRoot%\system32\shimgvw.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}\InprocServer32 - {66e4e4fb-f385-4dd0-8d74-a2efd1bc6178} [%SystemRoot%\system32\shimgvw.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{00E7B358-F65B-4dcf-83DF-CD026B94BFD4}\LocalServer32 - {00E7B358-F65B-4dcf-83DF-CD026B94BFD4} [rundll32.exe %SystemRoot%\system32\shimgvw.dll,ImageView_COMServ]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{3F30C968-480A-4C6C-862D-EFC0897BB84B}\InprocServer32 - {3F30C968-480A-4C6C-862D-EFC0897BB84B} [C:\WINDOWS\system32\shimgvw.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{9DBD2C50-62AD-11d0-B806-00C04FD706EC}\InprocServer32 - {9DBD2C50-62AD-11d0-B806-00C04FD706EC} [C:\WINDOWS\system32\shimgvw.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{EAB841A0-9550-11cf-8C16-00805F1408F3}\InprocServer32 - {EAB841A0-9550-11cf-8C16-00805F1408F3} [C:\WINDOWS\system32\shimgvw.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}\InprocServer32 - {eb9b1153-3b57-4e68-959a-a3266bc3d7fe} [%SystemRoot%\system32\shimgvw.dll]
C:\WINDOWS\system32\netplwiz.dll	InMem: 0	Det [G]	MD5: 497A6C557821B002C784437591FF731B	PX5: C0B90A180022DF616EE40D61CC92200055AE5438
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{CC6EEFFB-43F6-46c5-9619-51D571967F7D}\InprocServer32 - {CC6EEFFB-43F6-46c5-9619-51D571967F7D} [%SystemRoot%\system32\netplwiz.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{add36aa8-751a-4579-a266-d66f5202ccbb}\InprocServer32 - {add36aa8-751a-4579-a266-d66f5202ccbb} [%SystemRoot%\system32\netplwiz.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{6b33163c-76a5-4b6c-bf21-45de9cd503a1}\InprocServer32 - {6b33163c-76a5-4b6c-bf21-45de9cd503a1} [%SystemRoot%\system32\netplwiz.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{58f1f272-9240-4f51-b6d4-fd63d1618591}\InprocServer32 - {58f1f272-9240-4f51-b6d4-fd63d1618591} [%SystemRoot%\system32\netplwiz.dll]
C:\WINDOWS\system32\zipfldr.dll	InMem: 0	Det [G]	MD5: 84DC2B97AE10DEA7B265A74971634131	PX5: ED969ADB00D5666D2CF80569EB9E87007A803837
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31}\InprocServer32 - {E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31} [%SystemRoot%\system32\zipfldr.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{BD472F60-27FA-11cf-B8B4-444553540000}\InprocServer32 - {BD472F60-27FA-11cf-B8B4-444553540000} [%SystemRoot%\system32\zipfldr.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}\InprocServer32 - {888DCA60-FC0A-11CF-8F0F-00C04FD7D062} [%SystemRoot%\system32\zipfldr.dll]
C:\WINDOWS\system32\cdfview.dll	InMem: 0	Det [G]	MD5: ABE1FE4B298C26E44F309A5367A054EA	PX5: 0784111A006E354D503B023882242600FEE7B4D9
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{f39a0dc0-9cc8-11d0-a599-00c04fd64433}\InprocServer32 - {f39a0dc0-9cc8-11d0-a599-00c04fd64433} [%SystemRoot%\system32\cdfview.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}\InprocServer32 - {f3aa0dc0-9cc8-11d0-a599-00c04fd64434} [%SystemRoot%\system32\cdfview.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}\InprocServer32 - {f3ba0dc0-9cc8-11d0-a599-00c04fd64435} [%SystemRoot%\system32\cdfview.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{f3da0dc0-9cc8-11d0-a599-00c04fd64437}\InprocServer32 - {f3da0dc0-9cc8-11d0-a599-00c04fd64437} [%SystemRoot%\system32\cdfview.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}\InprocServer32 - {f3ea0dc0-9cc8-11d0-a599-00c04fd64438} [%SystemRoot%\system32\cdfview.dll]
C:\WINDOWS\system32\extmgr.dll	InMem: 0	Det [G]	MD5: 65BCB2AF0F6C84934F0D3D8D656CA9AE	PX5: 6E62D24D0038158ADA7D005BB8C72B0062E63556
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{692F0339-CBAA-47e6-B5B5-3B84DB604E87}\InprocServer32 - {692F0339-CBAA-47e6-B5B5-3B84DB604E87} [%SystemRoot%\system32\extmgr.dll]
C:\WINDOWS\system32\docprop2.dll	InMem: 0	Det [G]	MD5: 886BA5DB0A87B5A0D5F85C39424FC2AC	PX5: BAD4E96E0064F346BC36008E2891DB0060D308D0
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{883373C3-BF89-11D1-BE35-080036B11A03}\InprocServer32 - {883373C3-BF89-11D1-BE35-080036B11A03} [C:\WINDOWS\system32\docprop2.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{A9CF0EAE-901A-4739-A481-E35B73E47F6D}\InprocServer32 - {A9CF0EAE-901A-4739-A481-E35B73E47F6D} [C:\WINDOWS\system32\docprop2.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{8EE97210-FD1F-4B19-91DA-67914005F020}\InprocServer32 - {8EE97210-FD1F-4B19-91DA-67914005F020} [C:\WINDOWS\system32\docprop2.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}\InprocServer32 - {0EEA25CC-4362-4A12-850B-86EE61B0D3EB} [C:\WINDOWS\system32\docprop2.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{6A205B57-2567-4A2C-B881-F787FAB579A3}\InprocServer32 - {6A205B57-2567-4A2C-B881-F787FAB579A3} [C:\WINDOWS\system32\docprop2.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}\InprocServer32 - {28F8A4AC-BBB3-4D9B-B177-82BFC914FA33} [C:\WINDOWS\system32\docprop2.dll]
C:\WINDOWS\system32\dsquery.dll	InMem: 0	Det [G]	MD5: 3241BE7FA4E0191AE13D80B605AC980E	PX5: 97CEB5F9000C9E25AA2703A3E1CE88000E6ADB1E
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{8A23E65E-31C2-11d0-891C-00A024AB2DBB}\InprocServer32 - {8A23E65E-31C2-11d0-891C-00A024AB2DBB} [%SystemRoot%\system32\dsquery.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}\InprocServer32 - {9E51E0D0-6E0F-11d2-9601-00C04FA31A86} [%SystemRoot%\system32\dsquery.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}\InprocServer32 - {163FDC20-2ABC-11d0-88F0-00A024AB2DBB} [%SystemRoot%\system32\dsquery.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{F020E586-5264-11d1-A532-0000F8757D7E}\InprocServer32 - {F020E586-5264-11d1-A532-0000F8757D7E} [%SystemRoot%\system32\dsquery.dll]
C:\WINDOWS\system32\dsuiext.dll	InMem: 0	Det [G]	MD5: CA33E221EFA6C8BC9081F62FB81C4F46	PX5: 6A192EC500170EFDBCEB0145A96D9300BCCCF2CE
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{0D45D530-764B-11d0-A1CA-00AA00C16E65}\InprocServer32 - {0D45D530-764B-11d0-A1CA-00AA00C16E65} [%SystemRoot%\system32\dsuiext.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{62AE1F9A-126A-11D0-A14B-0800361B1103}\InprocServer32 - {62AE1F9A-126A-11D0-A14B-0800361B1103} [%SystemRoot%\system32\dsuiext.dll]
C:\WINDOWS\msagent\agentpsh.dll	InMem: 0	Det [G]	MD5: 43E7C7538D4FD053D19758DD758A2842	PX5: 7469413C00931FFF5E8700E559045400C1A9DC6C
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{143A62C8-C33B-11D1-84FE-00C04FA34A14}\InprocServer32 - {143A62C8-C33B-11D1-84FE-00C04FA34A14} [C:\WINDOWS\msagent\agentpsh.dll]
C:\WINDOWS\system32\dfsshlex.dll	InMem: 0	Det [G]	MD5: 41F6A64EB0D0C8B6FDFF7C376F4CEC17	PX5: C56F8BCC000B5CE570B200C57894E100F757413D
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}\InprocServer32 - {ECCDF543-45CC-11CE-B9BF-0080C87CDBA6} [C:\WINDOWS\system32\dfsshlex.dll]
C:\WINDOWS\system32\photowiz.dll	InMem: 0	Det [G]	MD5: 06CFB5CE176F60AA715635A291960ACC	PX5: B7418C4500E88487A00C02F731B52500E7F273D2
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{60fd46de-f830-4894-a628-6fa81bc0190d}\InprocServer32 - {60fd46de-f830-4894-a628-6fa81bc0190d} [%SystemRoot%\system32\photowiz.dll]
C:\WINDOWS\System32\mmcshext.dll	InMem: 0	Det [G]	MD5: D1C8ED56D0DB39E432EDDC5BFCA6DBE5	PX5: 8A0ADE010092153AC6C80087DEA97400BEB13B83
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{7A80E4A8-8005-11D2-BCF8-00C04F72C717}\InprocServer32 - {7A80E4A8-8005-11D2-BCF8-00C04F72C717} [%SystemRoot%\System32\mmcshext.dll]
C:\WINDOWS\system32\cabview.dll	InMem: 0	Det [G]	MD5: B6BF125D2C37CD7DF340B255A07134E8	PX5: 3D37E41700A8F7F74C2701763FA52300CB1B48CD
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}\InprocServer32 - {0CD7A5C0-9F37-11CE-AE65-08002B2E1262} [cabview.dll]
C:\Programmi\Outlook Express\wabfind.dll	InMem: 0	Det [G]	MD5: 64ECEDD4E261443874CAD4D66FE9FE44	PX5: 4FBC213F00A9A845805300462EEB2700C79BF84F
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{32714800-2E5F-11d0-8B85-00AA0044F941}\InprocServer32 - {32714800-2E5F-11d0-8B85-00AA0044F941} [C:\Programmi\Outlook Express\wabfind.dll]
C:\WINDOWS\system32\wmpshell.dll	InMem: 0	Det [G]	MD5: BA8C78AC39008954338F595163272A70	PX5: C02F011D0066A2BC7EF501E7B5DA7C001FF766BA
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{8DD448E6-C188-4aed-AF92-44956194EB1F}\InprocServer32 - {8DD448E6-C188-4aed-AF92-44956194EB1F} [C:\WINDOWS\system32\wmpshell.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}\InprocServer32 - {CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C} [C:\WINDOWS\system32\wmpshell.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}\InprocServer32 - {F1B9284F-E9DC-4e68-9D7E-42362A59F0FD} [C:\WINDOWS\system32\wmpshell.dll]
C:\Programmi\File comuni\Microsoft Shared\Web Folders\MSONSEXT.DLL	InMem: 0	Det [G]	MD5: BDBF48D13C5343CCED93E675EFFDB72C	PX5: 0F1AFB4348440729BAFF1329BEE4AB0046B37CB1
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{BDEADF00-C265-11D0-BCED-00A0C90AB50F}\InprocServer32 - {BDEADF00-C265-11D0-BCED-00A0C90AB50F} [C:\PROGRA~1\FILECO~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL]
C:\Programmi\Microsoft Office\OFFICE11\MLSHEXT.DLL	InMem: 0	Det [G]	MD5: 08FD97BE0DAC21FD0D25BC97372D53B0	PX5: C5F0198D80B4208C7930009CCA650000B61937FA
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{00020D75-0000-0000-C000-000000000046}\InprocServer32 - {00020D75-0000-0000-C000-000000000046} [C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL]
C:\Programmi\Microsoft Office\OFFICE11\OLKFSTUB.DLL	InMem: 0	Det [G]	MD5: CCF3C1FCFCBE20735DC3AA00E57A1CCB	PX5: 45DDCDC18072875E998103CC7586F3000FF18B43
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{0006F045-0000-0000-C000-000000000046}\InprocServer32 - {0006F045-0000-0000-C000-000000000046} [C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL]
C:\Programmi\Microsoft Office\OFFICE11\msohev.dll	InMem: 0	Det [G]	MD5: 165AE7A443F2139DD2C078AD87699F91	PX5: 9A454C88383E02BC06ED01134822DA00C01DA356
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\InprocServer32 - {42042206-2D85-11D3-8CFF-005004838597} [C:\Programmi\Microsoft Office\OFFICE11\msohev.dll]
C:\WINDOWS\system32\nvshell.dll	InMem: 0	Det [G]	MD5: CAA3CBA6D44FF268EA9EDA535C2F003B	PX5: 2371381B0051C449206907CC2BD46700205D7DD7
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{1CDB2949-8F65-4355-8456-263E7C208A5D}\InprocServer32 - {1CDB2949-8F65-4355-8456-263E7C208A5D} [C:\WINDOWS\system32\nvshell.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{1E9B04FB-F9E5-4718-997B-B8DA88302A47}\InprocServer32 - {1E9B04FB-F9E5-4718-997B-B8DA88302A47} [C:\WINDOWS\system32\nvshell.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{1E9B04FB-F9E5-4718-997B-B8DA88302A48}\InprocServer32 - {1E9B04FB-F9E5-4718-997B-B8DA88302A48} [C:\WINDOWS\system32\nvshell.dll]
C:\Programmi\WinZip\WZSHLSTB.DLL	InMem: 0	Det [G]	MD5: 66DA6F6A67D238721A3FCEB70C8DC2D0	PX5: CB01E04D0033B422148C0065AABE9500133E3FD6
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{E0D79304-84BE-11CE-9641-444553540000}\InprocServer32 - {E0D79304-84BE-11CE-9641-444553540000} [C:\PROGRA~1\WINZIP\WZSHLSTB.DLL]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{E0D79305-84BE-11CE-9641-444553540000}\InprocServer32 - {E0D79305-84BE-11CE-9641-444553540000} [C:\PROGRA~1\WINZIP\WZSHLSTB.DLL]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{E0D79306-84BE-11CE-9641-444553540000}\InprocServer32 - {E0D79306-84BE-11CE-9641-444553540000} [C:\PROGRA~1\WINZIP\WZSHLSTB.DLL]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{E0D79307-84BE-11CE-9641-444553540000}\InprocServer32 - {E0D79307-84BE-11CE-9641-444553540000} [C:\PROGRA~1\WINZIP\WZSHLSTB.DLL]
C:\Programmi\WinRAR\rarext.dll	InMem: 0	Det [G]	MD5: 1E63285EC759FAB089B234FD6217EAE9	PX5: 07DF7C73006B868CEC65018EC514810028CDE292
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}\InprocServer32 - {B41DB860-8EE4-11D2-9906-E49FADC173CA} [C:\Programmi\WinRAR\rarext.dll]
C:\Programmi\MSN Messenger\fsshext.8.1.0178.00.dll	InMem: 0	Det [G]	MD5: 9CB1085B64B2426A0640F2DC126A96B5	PX5: 8843DBEC703CE08BE7AC042B1C39BD0022FB3418
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}\InprocServer32 - {FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} [C:\Programmi\MSN Messenger\fsshext.8.1.0178.00.dll]
C:\WINDOWS\system32\Audiodev.dll	InMem: 0	Det [G]	MD5: 3A7736C77696F6C489721851C61F9558	PX5: CCC4601300C6A5E81CE50462A2841900CA6C0AEF
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{640167b4-59b0-47a6-b335-a6b3c0695aea}\InprocServer32 - {640167b4-59b0-47a6-b335-a6b3c0695aea} [%SystemRoot%\system32\Audiodev.dll]
C:\WINDOWS\system32\wpdshext.dll	InMem: 0	Det [G]	PX5: E97B47E9008439EE34BD39D2506C3B0047F4B00B
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{35786D3C-B075-49b9-88DD-029876E11C01}\InprocServer32 - {35786D3C-B075-49b9-88DD-029876E11C01} [%SystemRoot%\system32\wpdshext.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{D6791A63-E7E2-4fee-BF52-5DED8E86E9B8}\InprocServer32 - {D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} [%SystemRoot%\system32\wpdshext.dll]
C:\Programmi\Grisoft\AVG7\avgse.dll	InMem: 0	Det [G]	MD5: 36687E123D87F468E33ABF11E5DD0797	PX5: F9F3CE2B006E4BABC6AA009F1D03DF00B7FB4F13
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}\InprocServer32 - {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} [C:\Programmi\Grisoft\AVG7\avgse.dll]
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{9F97547E-460A-42C5-AE0C-81C61FFAEBC3}\InprocServer32 - {9F97547E-460A-42C5-AE0C-81C61FFAEBC3} [C:\Programmi\Grisoft\AVG7\avgse.dll]
C:\Programmi\a-squared Free\a2freecontmenu.dll	InMem: 0	Det [G]	MD5: 80BEF750167F69AEEEEBC229E37FDCC3	PX5: 2DC32EDD909DF5714C2B03139648A400FFC160C8
	REGSHELLEXT - \REGISTRY\Machine\Software\Classes\CLSID\{A155339D-CCCD-4714-85EB-3754B804C9DF}\InprocServer32 - {A155339D-CCCD-4714-85EB-3754B804C9DF} [C:\Programmi\a-squared Free\a2freecontmenu.dll]
C:\WINDOWS\system32\msapsspc.dll	InMem: 0	Det [G]	MD5: 9B6E96F4EC4104BCB180C5BEA2787B3F	PX5: 8C479BBA0065475850000105207F00002CA02E51
	REGRUNGEN - \REGISTRY\Machine\System\CurrentControlSet\Control\SecurityProviders - SecurityProviders [msapsspc.dll]
C:\WINDOWS\system32\digest.dll	InMem: 0	Det [G]	MD5: 9B4CD31081F2CE1D69D2580D015C82EA	PX5: 2283761F0087EB020C9B01CC3CCBC600B4AB6B96
	REGRUNGEN - \REGISTRY\Machine\System\CurrentControlSet\Control\SecurityProviders - SecurityProviders [msapsspc.dll]
C:\WINDOWS\system32\msnsspc.dll	InMem: 0	Det [G]	MD5: A99939BAE7757437683F4D6B1021A499	PX5: 5FC3C3D6008FE4D0702D042D3521CB003038EB19
	REGRUNGEN - \REGISTRY\Machine\System\CurrentControlSet\Control\SecurityProviders - SecurityProviders [msapsspc.dll]
C:\WINDOWS\Resources\themes\Luna\Luna.msstyles	InMem: 0	Det [G]	PX5: D4AC08E190E1815FF0763FFB772E82003759142D
	REGRUNGEN - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Themes - InstallVisualStyle [%SystemRoot%\Resources\themes\Luna\Luna.msstyles]
C:\WINDOWS\system32\rdpclip.exe	InMem: 0	Det [G]	MD5: 456E33D8A5B34B0B9B5DE1270E13C7A3	PX5: 3129DB34009CADCFF4300018D68AB90013FA4372
	REGTERM - \REGISTRY\Machine\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd - StartupPrograms [rdpclip]
C:\WINDOWS\system32\rdpwsx.dll	InMem: 0	Det [G]	MD5: 98B543037E34C640622FA61E895326C4	PX5: 2D4F90888862EA65546401DF11DAFF009FB4CACF
	REGTERM - \REGISTRY\Machine\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd - WsxDll [rdpwsx]
C:\WINDOWS\system32\RDPCFGEX.DLL	InMem: 0	Det [G]	MD5: 0F6F4433F47441C14F17D5348CF609B0	PX5: 648184F200AE0568123C00C1F661D900A8042FB8
	REGTERM - \REGISTRY\Machine\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd - CfgDll [RDPCFGEX.DLL]
C:\WINDOWS\System32\cmd.exe	InMem: 0	Det [G]	MD5: 94744851B6A9BDCEFCD26CC61A6AFD12	PX5: 174F65020044C14C121406F23AA7F300C65DE81F
	REGTELNET - \REGISTRY\Machine\Software\Microsoft\TelnetServer\1.0 - DefaultShell [%SYSTEMROOT%\System32\cmd.exe]
	REGTELNET - \REGISTRY\Machine\Software\Microsoft\TelnetServer\Defaults - DefaultShell [%SYSTEMROOT%\System32\cmd.exe]
	REGSAFESEC - \REGISTRY\Machine\System\CurrentControlSet\Control\SafeBoot - AlternateShell [cmd.exe]
C:\WINDOWS\system32\rdpsnd.dll	InMem: 0	Det [G]	MD5: 1C5C414CC29D507B89E355E1733A7491	PX5: 34FBA65500CFB6AF4EE7003742BB470065937B12
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP - wave [rdpsnd.dll]
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP - mixer [rdpsnd.dll]
C:\WINDOWS\system32\imaadp32.acm	InMem: 0	Det [G]	MD5: 316F81B3EC381C1C76E07CA43FC12BFC	PX5: 528D926A00EB3B4A408A0067B777E0007219DE4B
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - msacm.imaadpcm [imaadp32.acm]
C:\WINDOWS\system32\msadp32.acm	InMem: 0	Det [G]	MD5: 147BA07670FA18D112D631B9EEC2CA21	PX5: 9896734D003A7B4A3AD6001B2D129300C6CAD27F
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - msacm.msadpcm [msadp32.acm]
C:\WINDOWS\system32\msg711.acm	InMem: 0	Det [G]	MD5: D609EDECB9692217BCA166C09A8AA6D0	PX5: 98836843004ECD5624170012D62AF300ADA7FDE1
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - msacm.msg711 [msg711.acm]
C:\WINDOWS\system32\msgsm32.acm	InMem: 0	Det [G]	MD5: DBB6C6DBA7C404BF266E064889C45907	PX5: 7715C6930008610D4E5300A5AC1D5400348AB758
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - msacm.msgsm610 [msgsm32.acm]
C:\WINDOWS\system32\tssoft32.acm	InMem: 0	Det [G]	MD5: 49445261FFAAB7F8B915C4D3041AA7F4	PX5: 9DB260C30072F5C620530046E6B0DC000EF1898D
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - msacm.trspch [tssoft32.acm]
C:\WINDOWS\system32\iccvid.dll	InMem: 0	Det [G]	MD5: BE4DE2539B3DB9D31D75FE0D323C52EE	PX5: 0CEE20B80002FE623A80014E667E0900EDC97E34
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - vidc.cvid [iccvid.dll]
C:\WINDOWS\system32\msh263.drv	InMem: 0	Det [G]	MD5: B2E67E6045966C14A746627DCCF3F67D	PX5: D1EBECF00092F1C390AB04548720B200A8771D55
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - VIDC.I420 [msh263.drv]
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - vidc.M263 [msh263.drv]
C:\WINDOWS\system32\ir32_32.dll	InMem: 0	Det [G]	MD5: CDE3AEAEEFF57DBB43133F46E96AD8C5	PX5: 48C6FD2800CF7D770AB40340E9EE0B00336C0935
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - vidc.iv31 [ir32_32.dll]
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - vidc.iv32 [ir32_32.dll]
C:\WINDOWS\system32\ir41_32.ax	InMem: 0	Det [G]	MD5: 757C7944EB0D518020BB59A1A3AE9826	PX5: 88C1844600D60C2BF2960C06110E8900D716354E
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - vidc.iv41 [ir41_32.ax]
C:\WINDOWS\system32\iyuv_32.dll	InMem: 0	Det [G]	MD5: 193315B73270BAD33A3C2F527C8380F6	PX5: 8D2F485A000F6953BA8B00EF89F3AE0028DCEE98
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - VIDC.IYUV [iyuv_32.dll]
C:\WINDOWS\system32\msrle32.dll	InMem: 0	Det [G]	MD5: 7B999CA58C6276D885F17ABC73982009	PX5: 6AD29AC5008293D12C2D00B216F74700B26503F0
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - vidc.mrle [msrle32.dll]
C:\WINDOWS\system32\msvidc32.dll	InMem: 0	Det [G]	MD5: D648EDBA85278839E30979CE627E5C81	PX5: CE4E524C0073A8EC64FF00E1300C68000D8D97A8
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - vidc.msvc [msvidc32.dll]
C:\WINDOWS\system32\msyuv.dll	InMem: 0	Det [G]	MD5: B35E1E08BF94E68DAF5D9F52485EA368	PX5: 92EC75E800DB9BE5440C000A47ABC3009642377A
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - VIDC.UYVY [msyuv.dll]
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - VIDC.YUY2 [msyuv.dll]
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - VIDC.YVYU [msyuv.dll]
C:\WINDOWS\system32\tsbyuv.dll	InMem: 0	Det [G]	MD5: A892EC07DFFC3D8BF879102982F08721	PX5: 86646A040019522320A100B4BB4D900094B11477
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - VIDC.YVU9 [tsbyuv.dll]
C:\WINDOWS\system32\msg723.acm	InMem: 0	Det [G]	MD5: D53BDE174AD076AE58C8245A524CFB85	PX5: 11020CC8008FB79ED00601EAD6C03900AA679A83
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - msacm.msg723 [msg723.acm]
C:\WINDOWS\system32\msh261.drv	InMem: 0	Det [G]	MD5: 35F5338123495C871C4C7CC9FCE784F6	PX5: A41AA5420008DA3EF0B402388EE55600B25D24F8
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - vidc.M261 [msh261.drv]
C:\WINDOWS\system32\msaud32.acm	InMem: 0	Det [G]	MD5: 9EFCA60A4BDCF77FC5E2337E3AB61B1E	PX5: C38F33CC0026C9E080B10460DFC46F004CE633B9
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - msacm.msaudio1 [msaud32.acm]
C:\WINDOWS\system32\sl_anet.acm	InMem: 0	Det [G]	MD5: C2E1907DDE505F02585E7C85F927333A	PX5: 3DA8D952002B67BF508D01A57E615F00B2B2EA92
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - msacm.sl_anet [sl_anet.acm]
C:\WINDOWS\system32\iac25_32.ax	InMem: 0	Det [G]	MD5: 60B88C336EF385EB0ED77B73852712F3	PX5: D062C8E7003B5A390C1703C014BB9700CE1BED53
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - msacm.iac2 [C:\WINDOWS\system32\iac25_32.ax]
C:\WINDOWS\system32\ir50_32.dll	InMem: 0	Det [G]	MD5: B11FB596034932DC55A7638911F482C2	PX5: 8FA030FE0030B5D3865F0B4087D0420068F6854C
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - vidc.iv50 [ir50_32.dll]
C:\WINDOWS\system32\l3codeca.acm	InMem: 0	Det [G]	MD5: 4B4FD61EBB404842EB5823A50A3A58A9	PX5: 29088BE70099BF88700A0426A3266D008E350E66
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - msacm.l3acm [C:\WINDOWS\system32\l3codeca.acm]
C:\WINDOWS\system32\VfWWDM32.dll	InMem: 0	Det [G]	MD5: 148B5330921C365FA4A2DB6C431A9B2C	PX5: 50A7CDEB00FEFE76D6A800E76B929700EFCC0032
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - MSVideo8 [VfWWDM32.dll]
C:\WINDOWS\system32\sirenacm.dll	InMem: 0	Det [G]	MD5: C2BDE52E48E668FE6F95C40BBA7AA310	PX5: 92D29F56708DC7D2C7BF005BB97C8A00D5F934F9
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - msacm.siren [sirenacm.dll]
C:\WINDOWS\system32\DivX.dll	InMem: 0	Det [GP]	MD5: 5E1E3DB1E221217A9D8741DF89B739A1	PX5: EDB7DF0D00962A6F6A3F0AFC80E46A00C24897F6
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - vidc.DIVX [DivX.dll]
	REGDRIVER - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 - vidc.yv12 [DivX.dll]
C:\WINDOWS\system32\JAVASUP.VXD	InMem: 0	Det [G]	MD5: 35BD074AE32E5EB19FF88DAF3030F803	PX5: 99B75F2393917E501C450098C8A2BA0043E75EB1
	REGDRIVER - \REGISTRY\Machine\System\CurrentControlSet\Services\VXD\JAVASUP - StaticVxD [JAVASUP.VXD]
C:\WINDOWS\system32\rsvpsp.dll	InMem: 0	Det [G]	MD5: B4B4BC22821A8A0AC357297B784B996E	PX5: 316FAA8C007F4493605401B98234D5008F685EE8
	REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004 - PackedCatalogItem [%SystemRoot%\system32\rsvpsp.dll]
	REGLSP - \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005 - PackedCatalogItem [%SystemRoot%\system32\rsvpsp.dll]
C:\WINDOWS\system32\ipxrip.dll	InMem: 0	Det [G]	MD5: 2DAC54A61B837FAC36FFD92B7E39B3FF	PX5: 859821B9009D40A9548200AD83A363008B36EF0D
	REGROUTER - \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ipx\IPXRIP - DllName [ipxrip.dll]
C:\WINDOWS\system32\ipxsap.dll	InMem: 0	Det [G]	MD5: 3EEA6D343B3D6FCF500DB1837C07DF06	PX5: 85797B9500D099280499015DBB948C00AAAAF548
	REGROUTER - \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ipx\IPXSAP - DllName [ipxsap.dll]
C:\WINDOWS\System32\iprtrmgr.dll	InMem: 0	Det [G]	MD5: 30584106B1E3C4F836D35C92BA38B184	PX5: D40494A6008ED12A98FE023AAD1857000DD8C7B5
	REGROUTER - \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip - DllPath [%SystemRoot%\System32\iprtrmgr.dll]
C:\WINDOWS\System32\ipxrtmgr.dll	InMem: 0	Det [G]	MD5: 7FF943A30BA413C3F43E8441A28B7AA7	PX5: 4718448E00AA1CC09C1B00C6E262700012078A35
	REGROUTER - \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ipx - DllPath [%SystemRoot%\System32\ipxrtmgr.dll]
C:\WINDOWS\system32\Firewall.cpl	InMem: 0	Det [G]	MD5: 486C95D7867757EF75946CDC7FA547DD	PX5: C6AD4E5900619E5B3AA801566FFF65004318E0B5
	REGCPL - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls - Internet Connection Firewall [Firewall.cpl]
C:\WINDOWS\system32\NetSetup.cpl	InMem: 0	Det [G]	MD5: 6C00E8B5734CD98456E36A1919393597	PX5: 1727E2B500CA6EDF648A0091303FF7003D7EE312
	REGCPL - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls - NetSetupWizard [NetSetup.cpl]
C:\Programmi\File comuni\Microsoft Shared\Speech\sapi.cpl	InMem: 0	Det [G]	MD5: B281E4E0C7DE6016F067191AA0B10047	PX5: 4B95DF2F0028608F7026024663B5470081E40772
	REGCPL - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls - Speech [C:\Programmi\File comuni\Microsoft Shared\Speech\sapi.cpl]
C:\Programmi\Symantec\LiveUpdate\S32LUCP1.CPL	InMem: 0	Det [G]	MD5: A7BCB30AB61CFB112C581B8F320FCA80	PX5: 1592465760F2B1BEA6FD01FFB7677A00332F073A
	REGCPL - \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls - SYMLIVE [C:\Programmi\Symantec\LiveUpdate\S32LUCP1.CPL]
C:\WINDOWS\system32\Magnify.exe	InMem: 0	Det [G]	MD5: B8485B1B335C0C00397DD7ABC041475D	PX5: 8FD0DD1200F1CC211E520147693D72005CC20F83
	REGUTIL - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Accessibility\Utility Manager\Magnifier - Application path [Magnify.exe]
C:\WINDOWS\system32\osk.exe	InMem: 0	Det [G]	MD5: 7D5B9DD2D397E5D323C5DE2D0B4CAEB6	PX5: 865A974F008F100B4EF6035F16FFB2007D13E899
	REGUTIL - \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Accessibility\Utility Manager\On-Screen Keyboard - Application path [osk.exe]
C:\Programmi\File comuni\Microsoft Shared\GRPHFLT\GIFIMP32.FLT	InMem: 0	Det [G]	MD5: 9CB18F5954BEE166BAAD3B24D187DF04	PX5: 3DEC54433074811FBFA9022B18119700DEA3DE06
	REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Export\GIF - Path [C:\PROGRA~1\FILECO~1\MICROS~1\GRPHFLT\GIFIMP32.FLT]
	REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\GIF - Path [C:\PROGRA~1\FILECO~1\MICROS~1\GRPHFLT\GIFIMP32.FLT]
C:\Programmi\File comuni\Microsoft Shared\GRPHFLT\JPEGIM32.FLT	InMem: 0	Det [G]	MD5: 60434B6DAAAA5BF3813E2205B87CCBF8	PX5: 561D8D31584B04827C1102EBE625B600DEC6EAF4
	REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Export\JPEG - Path [C:\PROGRA~1\FILECO~1\MICROS~1\GRPHFLT\JPEGIM32.FLT]
	REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\JPEG - Path [C:\PROGRA~1\FILECO~1\MICROS~1\GRPHFLT\JPEGIM32.FLT]
C:\Programmi\File comuni\Microsoft Shared\GRPHFLT\PNG32.FLT	InMem: 0	Det [G]	MD5: E2F88E1472E20AC2E52E985C62D7516C	PX5: 2A800F6C30ACB42F2197032C1B620D001AFB5E37
	REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Export\PNG - Path [C:\PROGRA~1\FILECO~1\MICROS~1\GRPHFLT\PNG32.FLT]
	REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\PNG - Path [C:\PROGRA~1\FILECO~1\MICROS~1\GRPHFLT\PNG32.FLT]
C:\Programmi\File comuni\Microsoft Shared\GRPHFLT\CDRIMP32.FLT	InMem: 0	Det [G]	MD5: 77ABD20B8F8EFD6FD2FDB2C4CBD3D09E	PX5: 08219BE2581A9C48DAA4068E99590D00DEE0B657
	REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\CDR - Path [C:\PROGRA~1\FILECO~1\MICROS~1\GRPHFLT\CDRIMP32.FLT]
C:\Programmi\File comuni\Microsoft Shared\GRPHFLT\CGMIMP32.FLT	InMem: 0	Det [G]	MD5: 061E066BB0C1968F4B955F738B18F76A	PX5: 2EA2961858E8E56258270406A6CCE000ADE48AAF
	REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\CGM - Path [C:\PROGRA~1\FILECO~1\MICROS~1\GRPHFLT\CGMIMP32.FLT]
C:\Programmi\File comuni\Microsoft Shared\GRPHFLT\EPSIMP32.FLT	InMem: 0	Det [G]	MD5: 9C2EC478CA489508B8632383D59F3C7C	PX5: 51EC96A7E820B6FC80CA06E27E965D005D6B7EFD
	REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\EPS - Path [C:\PROGRA~1\FILECO~1\MICROS~1\GRPHFLT\EPSIMP32.FLT]
C:\Programmi\File comuni\Microsoft Shared\GRPHFLT\PICTIM32.FLT	InMem: 0	Det [G]	MD5: 176459A49103C6C3E21E0F0CC5DE64C6	PX5: 2B3FBA5458C98F78F08400114D3B6600CE83D717
	REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\PICT - Path [C:\PROGRA~1\FILECO~1\MICROS~1\GRPHFLT\PICTIM32.FLT]
C:\Programmi\File comuni\Microsoft Shared\GRPHFLT\WPGIMP32.FLT	InMem: 0	Det [G]	MD5: FBD9004258D146918071B0530FCB7D63	PX5: 5772631F58B5A2FFB88401F208DE130083E2EA0D
	REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\WPG - Path [C:\PROGRA~1\FILECO~1\MICROS~1\GRPHFLT\WPGIMP32.FLT]
C:\Programmi\File comuni\Microsoft Shared\MSInfo\ieinfo5.ocx	InMem: 0	Det [G]	MD5: 7CFDD7F54C64BFF62F64665A7E567896	PX5: D9CCCE7600AE330472C5014263EDAE006E08A176
	REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSInfo\Templates\ieinfo5 -  [C:\Programmi\File comuni\Microsoft Shared\MSInfo\ieinfo5.ocx]
C:\Programmi\File comuni\Microsoft Shared\MSInfo\OINFO11.OCX	InMem: 0	Det [G]	MD5: 44FE3ADB44DA7E4FF4BB4412EED2DA31	PX5: 1D32444FE881AD564EE10B1E64DCB400CFE26806
	REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSInfo\Templates\OInfo11 -  [C:\PROGRA~1\FILECO~1\MICROS~1\MSINFO\OINFO11.OCX]
C:\Programmi\File comuni\Microsoft Shared\MSInfo\MSInfo32.exe	InMem: 0	Det [G]	MD5: 12644A48270558AEC35230E476534F48	PX5: DCC20BBB0036A3BB9EFA00953DF8F200E6CDE36A
	REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSInfo - Path [C:\Programmi\File comuni\Microsoft Shared\MSInfo\MSInfo32.exe]
C:\Programmi\Microsoft Office\OFFICE11\MSQRY32.EXE	InMem: 0	Det [G]	MD5: 8E60C525F12F5D759D21A87AAB446ABD	PX5: 742FB872380EAE8EBA4809A85C15F50021837323
	REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSQuery - Path [C:\PROGRA~1\MICROS~2\OFFICE11\MSQRY32.EXE]
C:\Programmi\File comuni\Microsoft Shared\TextConv\html32.cnv	InMem: 0	Det [G]	MD5: 20B2A413BEFA1B0D309416BF8228DC95	PX5: 4D9506A9385CE7D6C22D044B3348F800EABDC1BF
	REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\HTML - Path [C:\Programmi\File comuni\Microsoft Shared\TextConv\html32.cnv]
	REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\HTML - Path [C:\Programmi\File comuni\Microsoft Shared\TextConv\html32.cnv]
C:\Programmi\File comuni\Microsoft Shared\TextConv\WRD6ER32.CNV	InMem: 0	Det [G]	MD5: E53620BEF06B224FE7A67388B0BECFF2	PX5: C3C71C92400AE19A461E003B3C2E07005391A6FD
	REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\MSWord6RTFExp - Path [C:\PROGRA~1\FILECO~1\MICROS~1\TEXTCONV\WRD6ER32.CNV]
C:\Programmi\File comuni\Microsoft Shared\TEXTCONV\works632.cnv	InMem: 0	Det [G]	MD5: A06B48B5ACDDDD5BBC79737C20395FB9	PX5: E463410B08DE8A64449F01223E9C5D008661BD78
	REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\MSWorksWin6 - Path [C:\Programmi\File comuni\Microsoft Shared\TEXTCONV\works632.cnv]
	REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWorksWin6 - Path [C:\Programmi\File comuni\Microsoft Shared\TEXTCONV\works632.cnv]
C:\Programmi\File comuni\Microsoft Shared\TextConv\write32.wpc	InMem: 0	Det [G]	MD5: AFD63CA25E43793FD7C42C5F74961559	PX5: 71A6A3C449C4AC08B01A01656F55D100B9B2E691
	REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWinWrite.wpc - Path [C:\Programmi\File comuni\Microsoft Shared\TextConv\write32.wpc]
C:\Programmi\File comuni\Microsoft Shared\TextConv\mswrd632.wpc	InMem: 0	Det [G]	MD5: DA91B90D37135534D061B7E3480FC11C	PX5: 255241CE4A8E0D0D40E903D813E15E00D95525A3
	REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWord6.wpc - Path [C:\Programmi\File comuni\Microsoft Shared\TextConv\mswrd632.wpc]
C:\Programmi\File comuni\Microsoft Shared\TextConv\MSWRD832.CNV	InMem: 0	Det [G]	MD5: 54EB377C95C64B5A1278F33BD57E6B81	PX5: FFD049CEE8B5A59C5034037431BA7D000D434F86
	REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWord8 - Path [C:\PROGRA~1\FILECO~1\MICROS~1\TEXTCONV\MSWRD832.CNV]
C:\Programmi\File comuni\Microsoft Shared\TextConv\RECOVR32.CNV	InMem: 0	Det [G]	MD5: DA4E955D7542BA7B9CEAD34B48F6AE24	PX5: A0E75DBF5869DD1778C700BCF0A48A00305991ED
	REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\Recover - Path [C:\PROGRA~1\FILECO~1\MICROS~1\TEXTCONV\RECOVR32.CNV]
C:\Programmi\File comuni\Microsoft Shared\TextConv\WPFT632.CNV	InMem: 0	Det [G]	MD5: A09435DEE5AA8EEFAC22A5E905847157	PX5: 1CA87F77E86D2D752A6D0378F1635200AE45784A
	REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\WordPerfect6x - Path [C:\PROGRA~1\FILECO~1\MICROS~1\TEXTCONV\WPFT632.CNV]
C:\Programmi\File comuni\Microsoft Shared\TextConv\WPFT532.CNV	InMem: 0	Det [G]	MD5: 6ED20A499BD60FD43611E17C3C5F1142	PX5: 08B820DAE88BFAA29CA602CC663BD800141418FF
	REGSHARED - \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\WrdPrfctDos - Path [C:\PROGRA~1\FILECO~1\MICROS~1\TEXTCONV\WPFT532.CNV]
C:\Programmi\Microsoft Office\OFFICE11\REFIEBAR.DLL	InMem: 0	Det [G]	MD5: 0FA0BDAA2FF4ED7E5A2FA2EC1B536712	PX5: A83FCF6640922AC79E180079D56A39000F46AC8A
	REGEXPSHELL - \REGISTRY\Machine\Software\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\InprocServer32 - BandCLSID [C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL]
C:\WINDOWS\system32\mshta.exe	InMem: 0	Det [G]	MD5: 5F39CE997F477A43B4F5B569A4AEE56E	PX5: 444E52CC00F22ED67278001B497EA1001707F225
	REGEXTNMAP - \REGISTRY\Machine\Software\Classes\htafile\shell\open\command -  [C:\WINDOWS\system32\mshta.exe "%1" %*]
C:\WINDOWS\NOTEPAD.EXE	InMem: 0	Det [G]	MD5: 13363E86B666F195AD0BF5A1630ADE0F	PX5: B603F7FE0094FF11128201E40FA14400A1692B2A
	REGEXTNMAP - \REGISTRY\Machine\Software\Classes\AutoCADScriptFile\shell\open\command -  [C:\WINDOWS\NOTEPAD.EXE "%1"]
C:\WINDOWS\System32\WScript.exe	InMem: 0	Det [G]	MD5: 58F5AC58D277F1C44E71295AAFD403F8	PX5: 4850A70600D60426C0410166FCF6E000B918B6A5
	REGEXTNMAP - \REGISTRY\Machine\Software\Classes\VBSFile\shell\open\command -  [%SystemRoot%\System32\WScript.exe "%1" %*]
	REGEXTNMAP - \REGISTRY\Machine\Software\Classes\VBEFile\shell\open\command -  [%SystemRoot%\System32\WScript.exe "%1" %*]
	REGEXTNMAP - \REGISTRY\Machine\Software\Classes\WSHFile\shell\open\command -  [%SystemRoot%\System32\WScript.exe "%1" %*]
	REGEXTNMAP - \REGISTRY\Machine\Software\Classes\WSFFile\shell\open\command -  [%SystemRoot%\System32\WScript.exe "%1" %*]
	REGEXTNMAP - \REGISTRY\Machine\Software\Classes\JSEFile\shell\open\command -  [%SystemRoot%\System32\WScript.exe "%1" %*]
	REGEXTNMAP - \REGISTRY\Machine\Software\Classes\JSFile\shell\open\command -  [%SystemRoot%\System32\WScript.exe "%1" %*]
C:\WINDOWS\system32\mmc.exe	InMem: 0	Det [G]	MD5: B0B93DE885F03974C12B6238D68A6F67	PX5: C6EB514E00915CDD74820CD0EB0CF8007694B8C8
	REGEXTNMAP - \REGISTRY\Machine\Software\Classes\MSCFile\shell\open\command -  [%SystemRoot%\system32\mmc.exe "%1" %*]
C:\Programmi\Outlook Express\msimn.exe	InMem: 0	Det [G]	MD5: 9A4B8A0D20B22E0E8BBC495CD0FC7EEA	PX5: C590CE8500B66EAEEC1A000D7D657F00AB8E0704
	REGEXTNMAP - \REGISTRY\Machine\Software\Classes\mailto\shell\open\command -  ["%ProgramFiles%\Outlook Express\msimn.exe" /mailurl:%1]
C:\Programmi\Mozilla Firefox\firefox.exe	InMem: 0	Det [G]	PX5: E99BA5126DEFAD7100706E430C3AC700D3F1C1C6
	REGEXTNMAP - \REGISTRY\Machine\Software\Classes\ftp\shell\open\command -  [C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -url "%1"]
C:\Documents and Settings\Utente\Desktop\a2FreeSetup.exe	InMem: 0	Det [u]	PX5: 14A6205A004CA6055E656049C763F10123BFF6DC
C:\Documents and Settings\Utente\Desktop\avg75free_516a1225.exe	InMem: 0	Det [G]	PX5: D1A13661B0E597CBC070E4AC9C8C3201890B9518
C:\Documents and Settings\Utente\Desktop\cwshredder.exe	InMem: 0	Det [G]	MD5: C8A6B75E72DF96DEC9B71498849B7590	PX5: E5A5530300D90F0E20A1085900FFD9009226A5B0
C:\Documents and Settings\Utente\Desktop\FindAWF.exe	InMem: 0	Det [u]	MD5: 684C1CE9A4A60465CF98F212D75E5E84	PX5: DCF2EB2016D83EF3E54402AF0009660013F2B34F
C:\WINDOWS\system32\drivers\abp480n5.sys	InMem: 0	Det [G]	MD5: 6ABB91494FE6C59089B9336452AB2EA3	PX5: C1BD84230067F4EA5CEF003B6C801800F0A16602
C:\WINDOWS\system32\drivers\acpiec.sys	InMem: 0	Det [G]	MD5: 49AC5CD87FBDDA62F3E25190019E7627	PX5: F21BE3DC800E8A0A2F3C009238A73C008905B399
C:\WINDOWS\system32\drivers\adpu160m.sys	InMem: 0	Det [G]	MD5: 9A11864873DA202C996558B2106B0BBC	PX5: A646098B00C8A7478EF4012AC693E40053E6B855
C:\WINDOWS\system32\drivers\aha154x.sys	InMem: 0	Det [G]	MD5: C23EA9B5F46C7F7910DB3EAB648FF013	PX5: B5CCD41400024B8C3232007262F16400589648E4
C:\WINDOWS\system32\drivers\aic78u2.sys	InMem: 0	Det [G]	MD5: 19DD0FB48B0C18892F70E2E7D61A1529	PX5: 841F37AC80EF3F36D7BD000A10720200E4552005
C:\WINDOWS\system32\drivers\aic78xx.sys	InMem: 0	Det [G]	MD5: B7FE594A7468AA0132DEB03FB8E34326	PX5: 645E88DA8053B973DE9500E552F9DF00FDCB4867
C:\WINDOWS\system32\drivers\aliide.sys	InMem: 0	Det [G]	MD5: 1140AB9938809700B46BB88E46D72A96	PX5: BC6DDD5E808533E01498005CD48AF0000F761377
C:\WINDOWS\system32\drivers\amdk6.sys	InMem: 0	Det [G]	MD5: 03BBCA770830A6FFC5A57B697D150F2F	PX5: 4242D904806C60F8A08300740C09B400A99A704A
C:\WINDOWS\system32\drivers\amdk7.sys	InMem: 0	Det [G]	MD5: A4FF6CFCD83941B3628779CB32959C2B	PX5: EABF85AE00CF7D2BA2F600B95331A000E92CF98B
C:\WINDOWS\system32\drivers\amsint.sys	InMem: 0	Det [G]	MD5: 79F5ADD8D24BD6893F2903A3E2F3FAD6	PX5: 983BFBAD005D94832FCE00E56154ED006EF2904F
C:\WINDOWS\system32\drivers\arp1394.sys	InMem: 0	Det [G]	MD5: F0D692B0BFFB46E30EB3CEA168BBC49F	PX5: E79B803D809043E9ED9C00655C5EAE00E1E46E49
C:\WINDOWS\system32\drivers\asc.sys	InMem: 0	Det [G]	MD5: 62D318E9A0C8FC9B780008E724283707	PX5: 57B586F580FE82A86794006034353E00FFEDC97A
C:\WINDOWS\system32\drivers\asc3350p.sys	InMem: 0	Det [G]	MD5: 69EB0CC7714B32896CCBFD5EDCBEA447	PX5: AD3D9E1A803A53B9579300764BBA6D0023C757B9
C:\WINDOWS\system32\drivers\asc3550.sys	InMem: 0	Det [G]	MD5: 5D8DE112AA0254B907861E9E9C31D597	PX5: F329E1C6001CB2953AAF005BD8D557009377D482
C:\WINDOWS\system32\drivers\aspi32.sys	InMem: 0	Det [G]	MD5: B979979AB8027F7F53FB16EC4229B7DB	PX5: FFECA31D9CC7FD7C6269005019C788008125D2E7
C:\WINDOWS\system32\drivers\ASUSHWIO.SYS	InMem: 0	Det [G]	MD5: DE91D0D73C3E61E6826D98FAC2FAC729	PX5: A73AAFA5C01706ED1657005184698A000DFF3991
C:\WINDOWS\system32\drivers\atmepvc.sys	InMem: 0	Det [G]	MD5: 39A0A59180F19946374275745B21AEBA	PX5: 7363E81E80EDA4EC7A0200CE34E22400450A279B
C:\WINDOWS\system32\drivers\atmlane.sys	InMem: 0	Det [G]	MD5: 0128E78FE835F074E469F03DB681CA9E	PX5: 823332B380717184DAFD00B035ED9500F95C0458
C:\WINDOWS\system32\drivers\atmuni.sys	InMem: 0	Det [G]	MD5: E7EF69B38D17BA01F914AE8F66216A38	PX5: 92E7BF650082565E607E05AD216E0900953642D5
C:\WINDOWS\system32\drivers\avgmfx86.sys	InMem: 0	Det [G]	MD5: 0F471F46D155046BB58E4D6869A15382	PX5: 5CEACF26484D8409691D002E31934B00DCCD2A08
C:\WINDOWS\system32\drivers\battc.sys	InMem: 0	Det [G]	MD5: EA22EDADF90C0ABA8319454B2A07B700	PX5: EB6F1BAC00003DE437C500D2CB8267002617D2AD
C:\WINDOWS\system32\drivers\beep.sys	InMem: 0	Det [G]	MD5: DA1F27D85E0D1525F6621372E7B685E9	PX5: F62FA4F780D77A5110B2005CD7507900637E04C1
C:\WINDOWS\system32\drivers\bridge.sys	InMem: 0	Det [G]	MD5: E4E6A0922E3D983728C9AD4E8D466954	PX5: 69CABDC3803104ED17D001BEA902E2004A7836B0
C:\WINDOWS\system32\drivers\cbidf2k.sys	InMem: 0	Det [G]	MD5: 90A673FC8E12A79AFBED2576F6A7AAF9	PX5: 7B8DA5F780B7DA7536FE00ABA71B6C00B12776D7
C:\WINDOWS\system32\drivers\cd20xrnt.sys	InMem: 0	Det [G]	MD5: F3EC03299634490E97BBCE94CD2954C7	PX5: 585C4579008238981E0B00FA57DBFC004069176C
C:\WINDOWS\system32\drivers\cdaudio.sys	InMem: 0	Det [G]	MD5: C1B486A7658353D33A10CC15211A873B	PX5: 7D0D30B9001A5352491B006D9C79D000079079B1
C:\WINDOWS\system32\drivers\cdfs.sys	InMem: 0	Det [G]	MD5: CD7D5152DF32B47F4E36F710B35AAE02	PX5: 0225C13D004CC9CDF93000922132D000BA57D976
C:\WINDOWS\system32\drivers\cdr4_xp.sys	InMem: 0	Det [G]	MD5: 837EEF65AF62D4E8A37C41D3879F7274	PX5: AA25D71B78C8E829247500E1DF1CD700586B4A7B
C:\WINDOWS\system32\drivers\cdralw2k.sys	InMem: 0	Det [G]	MD5: 579DA2F9F5401F55DAE2CF8779D61DFC	PX5: 4518F26FF8DED74324DE0027365E6D0072F3B365
C:\WINDOWS\system32\drivers\changer.sys	InMem: 0	Det [G]	MD5: DAF1A8193B6CAF0FB858CADCC5C4AF4A	PX5: FEBC5C5B00A5D832203A00C9150B3C0054623664
C:\WINDOWS\system32\drivers\cinemst2.sys	InMem: 0	Det [G]	MD5: 0CCCBD6EF94910804921BF04A2107EF8	PX5: 7C4B5F6480542F0A010D0467679A3400F24D4424
C:\WINDOWS\system32\drivers\classpnp.sys	InMem: 0	Det [G]	MD5: D86173B401470F06D9810F7962969DDF	PX5: 61280642007AE0BEC20400D8EC4D8200079FF3CE
C:\WINDOWS\system32\drivers\cmdide.sys	InMem: 0	Det [G]	MD5: 03A71B880380D15A0F951612B0F52BE8	PX5: 1090D35F00826C091A0300BA9B616000882568E7
C:\WINDOWS\system32\drivers\cpqarray.sys	InMem: 0	Det [G]	MD5: 3EE529119EED34CD212A215E8C40D4B6	PX5: 83BD9FEC80CF65303A83008B3639D70054F0FDB8
C:\WINDOWS\system32\drivers\cpqdap01.sys	InMem: 0	Det [G]	MD5: 9624293E55AD405415862B504CA95B73	PX5: C60D75F500CE16D02E4100D9B4337E008A228DE3
C:\WINDOWS\system32\drivers\crusoe.sys	InMem: 0	Det [G]	MD5: F8C288D89AD71BF1AFF0F9E4DB5D3A10	PX5: E4FE1A7080AF31429EBC00A2612936006E0D7B97
C:\WINDOWS\system32\drivers\dac2w2k.sys	InMem: 0	Det [G]	MD5: E550E7418984B65A78299D248F0A7F36	PX5: 2988280A8061B19BBDB80278B0C05C0011F9526A
C:\WINDOWS\system32\drivers\dac960nt.sys	InMem: 0	Det [G]	MD5: 683789CAA3864EB46125AE86FF677D34	PX5: 4A76D57C80C85C4939AF009F3428130045C96C9B
C:\WINDOWS\system32\drivers\diskdump.sys	InMem: 0	Det [G]	MD5: D16C81677A9BE399C63CD2EA486472A5	PX5: 6D7A5F848072A37B37EB00C342763700264F9014
C:\WINDOWS\system32\drivers\dpti2o.sys	InMem: 0	Det [G]	MD5: 40F3B93B4E5B0126F2F5C0A7A5E22660	PX5: 1646100FE09545F24E5D003D74376C00785BB51E
C:\WINDOWS\system32\drivers\drmk.sys	InMem: 0	Det [G]	MD5: FF86422268DE771D571E123EB7092C6A	PX5: 73B664558055CFD9EB9800CC44976A00031F37A9
C:\WINDOWS\system32\drivers\dxapi.sys	InMem: 0	Det [G]	MD5: FE97D0343ACFDEBDD578FC67CC91FA87	PX5: D0E069F50027643C29470029619BD400B7B7054A
C:\WINDOWS\system32\drivers\dxg.sys	InMem: 0	Det [G]	MD5: D3DAC8432110AAD0B02A58B4459AB835	PX5: 3F54B7A780F0ED98157C011AE18D4A00EE6485EB
C:\WINDOWS\system32\drivers\dxgthk.sys	InMem: 0	Det [G]	MD5: A73F5D6705B1D820C19B18782E176EFD	PX5: 0164AB8900598A330DE900E4FEF37900B79BCD14
C:\WINDOWS\system32\drivers\fastfat.sys	InMem: 0	Det [G]	MD5: 3117F595E9615E04F05A54FC15A03B20	PX5: 1E68B78D00BA4E2F30E102605EF38B00BED2E67D
C:\WINDOWS\system32\drivers\fips.sys	InMem: 0	Det [G]	MD5: 333FBBC71BDCBB46C58A3B51B3D51184	PX5: 1007D8C50089CEC889D600EFFDE6B800D02A5DA9
C:\WINDOWS\system32\drivers\fsvga.sys	InMem: 0	Det [G]	MD5: 25A7F5539209BE062D4BB3F9CD84BD16	PX5: 78ACD409008333CF30C90046F776F800BAB458CE
C:\WINDOWS\system32\drivers\fs_rec.sys	InMem: 0	Det [G]	MD5: 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A	PX5: 2E3179C900CB71741FBA004F645EEB00865149D3
C:\WINDOWS\system32\drivers\hidclass.sys	InMem: 0	Det [G]	MD5: 378055AB8DDA86228683C697C4E11685	PX5: 800EAA28801FAC928DC800F3F0296600134890AF
C:\WINDOWS\system32\drivers\hidparse.sys	InMem: 0	Det [G]	MD5: 5FFF41CD5108E9051D255C37825AF697	PX5: 202AE5AF805FDB4161470039E900C0009EB401B0
C:\WINDOWS\system32\drivers\hpn.sys	InMem: 0	Det [G]	MD5: B028377DEA0546A5FCFBA928A8AEFAE0	PX5: E3E88DDE608451A865E100EA998B2E0037855B2B
C:\WINDOWS\system32\drivers\i2omgmt.sys	InMem: 0	Det [G]	MD5: 8F09F91B5C91363B77BCD15599570F2C	PX5: 510CA09D0048E0B620E4008D21A9D3008D5A0DA2
C:\WINDOWS\system32\drivers\i2omp.sys	InMem: 0	Det [G]	MD5: ED6BF9E441FDEA13292A6D30A64A24C3	PX5: 53DD5A928056D71F48AC00DEF5424100686103FA
C:\WINDOWS\system32\drivers\imagedrv.sys	InMem: 0	Det [G]	MD5: FCCF4AE4EF72CBABA6D6BEFEFD77E940	PX5: 5FFFEB886072C8A95C5A016E2AA0E800107B01E6
C:\WINDOWS\system32\drivers\ini910u.sys	InMem: 0	Det [G]	MD5: 4A40E045FAEE58631FD8D91AFC620719	PX5: C7702821802D11853E090094CBC4E400E259EFF7
C:\WINDOWS\system32\drivers\inport.sys	InMem: 0	Det [G]	MD5: C290ED1483C883F2B305F532B15328C9	PX5: E4210BC7001F01C0359F00D22ED78A00619C2001
C:\WINDOWS\system32\drivers\ks.sys	InMem: 0	Det [G]	MD5: B9540E258F952650DE8DEC68719A5C97	PX5: 78D9F49380D52F3B2603022FFE8CE100B4CA1585
C:\WINDOWS\system32\drivers\ksecdd.sys	InMem: 0	Det [G]	MD5: EB7FFE87FD367EA8FCA0506F74A87FBB	PX5: 774C935980F76922670D01959D71E6009D9267E6
C:\WINDOWS\system32\drivers\lbrtfdc.sys	InMem: 0	Det [G]	MD5: CC50A66548C2F285BC8A7B0B8AA578E3	PX5: D3D99067805CCB65878500557D5D27003CEC0276
C:\WINDOWS\system32\drivers\mcd.sys	InMem: 0	Det [G]	MD5: D1F8BE91ED4DDB671D42E473E3FE71AB	PX5: 874B185900D5916B1EF900C2FE181D00136FAB22
C:\WINDOWS\system32\drivers\mf.sys	InMem: 0	Det [G]	MD5: 729D83E56C29C510258A6E9E79FFDDC3	PX5: F49C56310087ADB9F998009652109C00BB35FCB1
C:\WINDOWS\system32\drivers\mnmdd.sys	InMem: 0	Det [G]	MD5: 4AE068242760A1FB6E1A44BF4E16AFA6	PX5: 33A41DEC8064684210700001C4EA1400320E2D4F
C:\WINDOWS\system32\drivers\modem.sys	InMem: 0	Det [G]	MD5: B30D2DB351E3191BD71232036CFE711A	PX5: F22F2ACE0067686F7617004AA04CD400DCD5102E
C:\WINDOWS\system32\drivers\mountmgr.sys	InMem: 0	Det [G]	MD5: 65653F3B4477F3C63E68A9659F85EE2E	PX5: 7309084F00AE944FA5B9001585E15200FF872CDC
C:\WINDOWS\system32\drivers\mqac.sys	InMem: 0	Det [G]	MD5: 157A32DDC6A019A4E31B19D604D2F127	PX5: A4B93ADE00A3CC201DAC01B48E57ED00D6108E71
C:\WINDOWS\system32\drivers\mraid35x.sys	InMem: 0	Det [G]	MD5: 3F4BB95E5A44F3BE34824E8E7CAF0737	PX5: C698A15680F72A6A43410027AE857800E03AD3D3
C:\WINDOWS\system32\drivers\msfs.sys	InMem: 0	Det [G]	MD5: 561B3A4333CA2DBDBA28B5B956822519	PX5: 075BA4B3803111464A9700E6E20263008B5F85A4
C:\WINDOWS\system32\drivers\mup.sys	InMem: 0	Det [G]	MD5: 82035E0F41C2DD05AE41D27FE6CF7DE1	PX5: 488AE40380446D0EA57D014A890CCF00C681450A
C:\WINDOWS\system32\drivers\ndis.sys	InMem: 0	Det [G]	MD5: 558635D3AF1C7546D26067D5D9B6959E	PX5: D3D6286080F2E0F0CA7A02249DEC7F001D734284
C:\WINDOWS\system32\drivers\ndproxy.sys	InMem: 0	Det [G]	MD5: 59FC3FB44D2669BC144FD87826BB571F	PX5: FB8873A080F72F00942D005DFF5068001A60ED1C
C:\WINDOWS\system32\drivers\nic1394.sys	InMem: 0	Det [G]	MD5: 5C5C53DB4FEF16CF87B9911C7E8C6FBC	PX5: 720917AF800A6EE8F12400F5E9C6E000F750E215
C:\WINDOWS\system32\drivers\nikedrv.sys	InMem: 0	Det [G]	MD5: BE984D604D91C217355CDD3737AAD25D	PX5: 31AFD82600B7B0E92F3400332F79D6008B90E2A9
C:\WINDOWS\system32\drivers\nmnt.sys	InMem: 0	Det [G]	MD5: 60CF8C7192B3614F240838DDBAA4A245	PX5: 4F6E51DE803D5E299DD30090E39024009FB3BD94
C:\WINDOWS\system32\drivers\npfs.sys	InMem: 0	Det [G]	MD5: 4F601BCB8F64EA3AC0994F98FED03F8E	PX5: 20DA5FD280719B5A789A008E44C90300CCA72CD2
C:\WINDOWS\system32\drivers\ntfs.sys	InMem: 0	Det [G]	MD5: 19A811EF5F1ED5C926A028CE107FF1AF	PX5: F6D2D4BD008F0B21C44F08EC65529C002F16FA15
C:\WINDOWS\system32\drivers\null.sys	InMem: 0	Det [G]	MD5: 73C1E1F395918BC2C6DD67AF7591A3AD	PX5: 7047032880E19D2B0B4300F23A496700B79BCD14
C:\WINDOWS\system32\drivers\nwlnkipx.sys	InMem: 0	Det [G]	MD5: 79EA3FCDA7067977625B3363A2657C80	PX5: B455E8AE80D2C31959AC01662F7EE7009B9C1B54
C:\WINDOWS\system32\drivers\nwlnknb.sys	InMem: 0	Det [G]	MD5: 56D34A67C05E94E16377C60609741FF8	PX5: 04BB889700AAB944F73D0096D8122400A0912260
C:\WINDOWS\system32\drivers\nwlnkspx.sys	InMem: 0	Det [G]	MD5: C0BB7D1615E1ACBDC99757F6CEAF8CF0	PX5: 38D410228045AB3DDA820098A4E752008EA9780C
C:\WINDOWS\system32\drivers\nwrdr.sys	InMem: 0	Det [G]	MD5: 3F18D9365BE71C7B2E43B7CF4A0C1A10	PX5: 83E10CED0073D0907FCD02CE4498B500A105309E
C:\WINDOWS\system32\drivers\oprghdlr.sys	InMem: 0	Det [G]	MD5: 4BB30DDC53EBC76895E38694580CDFE9	PX5: 691E96B980EF4DD30D2300DD63265E00B79BCD14
C:\WINDOWS\system32\drivers\p3.sys	InMem: 0	Det [G]	MD5: ACF18D9F903B29790B8F8E01535F37D4	PX5: BC6A682380C862C2B56A0022A0FE9B00ED93F9A1
C:\WINDOWS\system32\drivers\partmgr.sys	InMem: 0	Det [G]	MD5: 3334430C29DC338092F79C38EF7B4CD0	PX5: CD5C0D6C00BC0D35496D00DCA66DE800E5B26EF9
C:\WINDOWS\system32\drivers\parvdm.sys	InMem: 0	Det [G]	MD5: 0DABEF655A444CB1E193626FB1D24B9F	PX5: D78233F200E873FD1B40001BF0D2FD00501E1542
C:\WINDOWS\system32\drivers\pciidex.sys	InMem: 0	Det [G]	MD5: 520B91AB011456B940D9B05FC91108FF	PX5: DD4713DB00668128625F00A6F0879B00FA781103
C:\WINDOWS\system32\drivers\pcmcia.sys	InMem: 0	Det [G]	MD5: 28F3538A2091993A03506311A05053E8	PX5: 1E5E2DAE80A234A7D5E1011E8065A7000BABC19F
C:\WINDOWS\system32\drivers\perc2.sys	InMem: 0	Det [G]	MD5: 6C14B9C19BA84F73D3A86DBA11133101	PX5: A43AD585A01480D56AE700F494050400D8326688
C:\WINDOWS\system32\drivers\perc2hib.sys	InMem: 0	Det [G]	MD5: F50F7C27F131AFE7BEBA13E14A3B9416	PX5: 280C41CF809F7F2E153800F3159B7600EC8E5F7E
C:\WINDOWS\system32\drivers\portcls.sys	InMem: 0	Det [G]	MD5: 5B0F00E43A7094C0B7E433CB42C79164	PX5: AD607B188079CDEF39B802DAB6A7B200F599BD35
C:\WINDOWS\system32\drivers\processr.sys	InMem: 0	Det [G]	MD5: 2BE7F01E46970E946AA18CBA3DE019EB	PX5: AF0FBDFA005416189A000040A9FF7600B2B78287
C:\WINDOWS\system32\drivers\ql1080.sys	InMem: 0	Det [G]	MD5: 0A63FB54039EB5662433CABA3B26DBA7	PX5: A82C642380AE2BE59DA700943B27FD00DC447A6B
C:\WINDOWS\system32\drivers\ql10wnt.sys	InMem: 0	Det [G]	MD5: 6503449E1D43A0FF0201AD5CB1B8C706	PX5: 7595631F80DF50C381F200FF279FAF00F5EF7B24
C:\WINDOWS\system32\drivers\ql12160.sys	InMem: 0	Det [G]	MD5: 156ED0EF20C15114CA097A34A30D8A01	PX5: 36C6F79E008C7970B15D0042B56E550063C1516E
C:\WINDOWS\system32\drivers\ql1240.sys	InMem: 0	Det [G]	MD5: 70F016BEBDE6D29E864C1230A07CC5E6	PX5: F2BAC8600017931F9E4B00F553CCA000C43C7732
C:\WINDOWS\system32\drivers\ql1280.sys	InMem: 0	Det [G]	MD5: 907F0AEEA6BC451011611E732BD31FCF	PX5: 0A6F8C92806C6174BFD3001253C5130062859538
C:\WINDOWS\system32\drivers\rawwan.sys	InMem: 0	Det [G]	MD5: 01524CD237223B18ADBB48F70083F101	PX5: 3623B25780ED679386B1006F511AA700A8DBED63
C:\WINDOWS\system32\drivers\rdpwd.sys	InMem: 0	Det [G]	MD5: B54CD38A9EBFBF2B3561426E3FE26F62	PX5: F059F0E3086A11EC2111023C258C8900CFC29C24
C:\WINDOWS\system32\drivers\rio8drv.sys	InMem: 0	Det [G]	MD5: A56FE08EC7473E8580A390BB1081CDD7	PX5: 689BF8B80051228F2F8000540597A5009049C8B5
C:\WINDOWS\system32\drivers\riodrv.sys	InMem: 0	Det [G]	MD5: 0A854DF84C77A0BE205BFEAB2AE4F0EC	PX5: 31AFD82600B7B0E92F3400332F79D600DA0E26E7
C:\WINDOWS\system32\drivers\rmcast.sys	InMem: 0	Det [G]	MD5: 9D54C7C15847B933E03D6E7C9307BAE5	PX5: 51F889B700FC9166166A03256E7AAC00D3C16FD6
C:\WINDOWS\system32\drivers\rndismp.sys	InMem: 0	Det [G]	MD5: 7CE8B277F3207EA82D7D22AD348BEFC6	PX5: F5E4CD0480C828137517005714D7F1002CA246EF
C:\WINDOWS\system32\drivers\rootmdm.sys	InMem: 0	Det [G]	MD5: D8B0B4ADE32574B2D9C5CC34DC0DBBE7	PX5: F3E7979300A8EEA3177100743639FF0080591A18
C:\WINDOWS\system32\drivers\RTL8139.sys	InMem: 0	Det [G]	MD5: D507C1400284176573224903819FFDA3	PX5: 0D1CF5B000B2C8EA5211002E76778C00F4B2E39E
C:\WINDOWS\system32\drivers\scsiport.sys	InMem: 0	Det [G]	MD5: D7FD0FF761E28AC0EA35AD71E0CD67E9	PX5: BAEDAB6C00163F8D78C6012DFF6A240038CAB5E8
C:\WINDOWS\system32\drivers\sdbus.sys	InMem: 0	Det [G]	MD5: 02FC71B020EC8700EE8A46C58BC6F276	PX5: BA494C87000D7A4F08B4013D43118E00EBAF0531
C:\WINDOWS\system32\drivers\sffdisk.sys	InMem: 0	Det [G]	MD5: 1D9F1BEC651815741F088A8FB88E17EE	PX5: AF380F15808E7A972B3D001ABF251400652E930D
C:\WINDOWS\system32\drivers\sffp_sd.sys	InMem: 0	Det [G]	MD5: 586499FD312FFD7F78553F408E71682E	PX5: 35A841FC0030CAF028AD002AAB39F600184DF1C4
C:\WINDOWS\system32\drivers\smclib.sys	InMem: 0	Det [G]	MD5: 017DAECF0ED3AA731313433601EC40FA	PX5: 8A9722BD003AC63939580092009AC20088FC78D8
C:\WINDOWS\system32\drivers\sonydcam.sys	InMem: 0	Det [G]	MD5: ADDC9E4757A68AB60562AD3CB9C288D6	PX5: 0B9EAE4180F27A6F636900C11EF4E3002F2E7423
C:\WINDOWS\system32\drivers\sparrow.sys	InMem: 0	Det [G]	MD5: 83C0F71F86D3BDAF915685F3D568B20E	PX5: 34EF085980E9566F4AC800ACA767DA00AD03B518
C:\WINDOWS\system32\drivers\stream.sys	InMem: 0	Det [G]	MD5: C43356072EB3E88CD62958DB10CEAD47	PX5: E9758E5F00F11219BE3300252F112F00F38A6C5B
C:\WINDOWS\system32\drivers\symc810.sys	InMem: 0	Det [G]	MD5: 1FF3217614018630D0A6758630FC698C	PX5: 726B03B580033B4F3FF70050993647004EA53D5F
C:\WINDOWS\system32\drivers\symc8xx.sys	InMem: 0	Det [G]	MD5: 070E001D95CF725186EF8B20335F933C	PX5: A176C643801C41297FB00031AC7E6200A76AF5F8
C:\WINDOWS\system32\drivers\sym_hi.sys	InMem: 0	Det [G]	MD5: 80AC1C4ABBE2DF3B738BF15517A51F2C	PX5: 71BB2597E0A078A96ED200558FFED400800CEC2F
C:\WINDOWS\system32\drivers\sym_u3.sys	InMem: 0	Det [G]	MD5: BF4FAB949A382A8E105F46EBB4937058	PX5: F7063075E0AC6E5A777A00060D477100337B9826
C:\WINDOWS\system32\drivers\tape.sys	InMem: 0	Det [G]	MD5: A2A9CA0D1A9AC1FF54220AA0789FE5CF	PX5: 1278B1EF80B32A683A3F0096934CD200746C2998
C:\WINDOWS\system32\drivers\tcpip6.sys	InMem: 0	Det [G]	MD5: DCCACDD2747ADA221AECE5C9ADA5D551	PX5: 5D79645C800A9DEE710003BFD457ED00F0D2E94E
C:\WINDOWS\system32\drivers\tdi.sys	InMem: 0	Det [G]	MD5: 6891B74AB9A016064E82A419388D0601	PX5: D2E197368059988748C500010EF1F2006AC8B3D9
C:\WINDOWS\system32\drivers\tdpipe.sys	InMem: 0	Det [G]	MD5: 38D437CF2D98965F239B0ABCD66DCB0F	PX5: 3FCBC6C1086354332FFD003DE3512D00CB438F2A
C:\WINDOWS\system32\drivers\tdtcp.sys	InMem: 0	Det [G]	MD5: ED0580AF02502D00AD8C4C066B156BE9	PX5: 8942980688A6EF76558200032BC6D800A375DA91
C:\WINDOWS\system32\drivers\tosdvd.sys	InMem: 0	Det [G]	MD5: 699450901C5CCFD82357CBC531CEDD23	PX5: 628D18D7002B7E40CAFC00177DE27100B717B0CE
C:\WINDOWS\system32\drivers\toside.sys	InMem: 0	Det [G]	MD5: B5CEE774DA04340C6F4C0FD14286A50E	PX5: 660069178081BD481391002BE0F151008E41C9CB
C:\WINDOWS\system32\drivers\tsbvcap.sys	InMem: 0	Det [G]	MD5: D74A8EC75305F1D3CFDE7C7FC1BD62A9	PX5: 87882BA880A89CF8537500BE0BB03800CD0425CD
C:\WINDOWS\system32\drivers\tunmp.sys	InMem: 0	Det [G]	MD5: 87A0E9E18C10A9E454238E3330E2A26D	PX5: CBD0AEE38035D6A5300B00CF5C419100CB427E52
C:\WINDOWS\system32\drivers\udfs.sys	InMem: 0	Det [G]	MD5: 12F70256F140CD7D52C58C7048FDE657	PX5: 5FD2643980FF4C93024701049FF5A900913F1B6B
C:\WINDOWS\system32\drivers\ultra.sys	InMem: 0	Det [G]	MD5: 1B698A51CD528D8DA4FFAED66DFC51B9	PX5: 41CE68A780B045778F98006DDDA3600052A1B522
C:\WINDOWS\system32\drivers\usb8023.sys	InMem: 0	Det [G]	MD5: AF090265EC388BAB320F1FF7E7A7D5EA	PX5: 6C38C2AE8005B13A31EC001CD2E193004FD5788A
C:\WINDOWS\system32\drivers\usbcamd.sys	InMem: 0	Det [G]	MD5: 2654EECC6FB13603EBDDCD5C8EA943D1	PX5: D11C923000C0476E5DDA002FC1E34E00BC32EEBC
C:\WINDOWS\system32\drivers\usbcamd2.sys	InMem: 0	Det [G]	MD5: 61018BA9DF6B63E51D9753C980E73EC2	PX5: D11C923080C0476E5DDA002FC1E34E002B3DC035
C:\WINDOWS\system32\drivers\usbd.sys	InMem: 0	Det [G]	MD5: 596EB39B50D6EBD9B734DC4AE0544693	PX5: F328D8568037A02F12FA00A0B0E095005A1BACA9
C:\WINDOWS\system32\drivers\usbintel.sys	InMem: 0	Det [G]	MD5: 2853FD4C4489E0F8BFCF78EFCDB7E998	PX5: 46A2709480A8B9863E99007B5ED70B000E5AFC3D
C:\WINDOWS\system32\drivers\usbport.sys	InMem: 0	Det [G]	MD5: 2034CA78F9C6E787B4B76D81AC888351	PX5: A1EF174180FC34972E3902AA15903200854523B2
C:\WINDOWS\system32\drivers\vdmindvd.sys	InMem: 0	Det [G]	MD5: 55E01061C74A8CEFFF58DC36114A8D3F	PX5: 5DFBB3300012B79DE3E300778EC928004FCDB2AF
C:\WINDOWS\system32\drivers\viaide.sys	InMem: 0	Det [G]	MD5: 59CB1338AD3654417BEA49636457F65D	PX5: 763F36E3001A65E115B100F2DCFD2A00D63490D3
C:\WINDOWS\system32\drivers\videoprt.sys	InMem: 0	Det [G]	MD5: D5A9D123F5ED7C9965A481BD20CF66D8	PX5: BBE87C52808D55E2379801ACFA738900C0632DEC
C:\WINDOWS\system32\drivers\volsnap.sys	InMem: 0	Det [G]	MD5: 698869E82C57169F2140C04A272BF12B	PX5: AC3AFD0E80294768D03200EE1153E40098EF3DD1
C:\WINDOWS\system32\drivers\wmilib.sys	InMem: 0	Det [G]	MD5: 2F31B7F954BED437F2C75026C65CAF7B	PX5: 7A1B707D0098974111DB00C8E2E10C00FCC422B3
C:\WINDOWS\system32\drivers\wpdusb.sys	InMem: 0	Det [G]	MD5: D4162C1D8FE1DE8F1E6EF9BA4323D520	PX5: 71F884AF00CF82759F8D00E4694A460046E65AFE
C:\WINDOWS\system32\drivers\ws2ifsl.sys	InMem: 0	Det [G]	MD5: 6ABE6E225ADB5A751622A9CC3BC19CE8	PX5: E3FE23AC0026FAFE2FF10052E88519002DA1A545
C:\Programmi\Acad2002.sfx.exe	InMem: 0	Det [G]	MD5: 4E98A22F7305166265DA23E95EA5AC46	PX5: 9EAAA4E9772F75EC9599017CD356DF008F4D69BB
C:\Programmi\CWShredder.exe	InMem: 0	Det [G]	MD5: C8A6B75E72DF96DEC9B71498849B7590	PX5: E5A5530300D90F0E20A1085900FFD9009226A5B0
C:\Programmi\gmer.exe	InMem: 0	Det [G]	MD5: 8CB03E445724628524A9C9BF17489A53	PX5: C8F8E9E7008F542290090BCC464D9800878FA181
C:\WINDOWS\gmer.dll	InMem: 0	Det [G]	MD5: 47E6F2EDAAA04DD3E4303E55A00035E3	PX5: 49FC46350073A6D080870CCC7262CC0089B69073
C:\WINDOWS\gmer.exe	InMem: 0	Det [G]	MD5: 8CB03E445724628524A9C9BF17489A53	PX5: C8F8E9E7008F542290090BCC464D9800878FA181
C:\WINDOWS\QTFont.for	InMem: 0	Det [G]	MD5: E1034D757709F37F2D1EBD96D5EAD02B	PX5: E1034D75817709F3057F002D1EBD9600D5EAD02B
C:\WINDOWS\unins000.exe	InMem: 0	Det [G]	MD5: FA216964C56ACEB2ECAFCE0815494DBC	PX5: F61B8FB359550E748D5B0A1B8473C000AFC77B0B
C:\WINDOWS\system32\bass.dll	InMem: 0	Det [GP]	MD5: 0BE4A226874ECCB9F8BFE3D8DCED0C09	PX5: 7B3A1DAA386608686A8201FF23844A007D45D064
C:\WINDOWS\system32\DivXCodecVersionChecker.exe	InMem: 0	Det [G]	MD5: A378F2C97850FBDEA78D6212DD268035	PX5: 3F29C8B5403A209C65C502F4FC359600F9E72939
C:\WINDOWS\system32\divxdec.ax	InMem: 0	Det [G]	MD5: 3AC6652959AFCEC972E7EF3FB6434759	PX5: 6AC4BC4E0045F2C2A0F709C7E339E000B5456AB8
C:\WINDOWS\system32\DivXMedia.ax	InMem: 0	Det [G]	MD5: 5EF8E2013EFA4E650BD060AA334FFF18	PX5: E2CB3C2891578685600505BAD0C4FF001398A24E
C:\WINDOWS\system32\DivXsm.exe	InMem: 0	Det [G]	MD5: 2AD4199BBC88C6AC3D15BE27369D63B4	PX5: D7B3B29D00FBE14D00BC084C3F882100A6714C60
C:\WINDOWS\system32\DivXWMPExtType.dll	InMem: 0	Det [G]	MD5: 85F907ACD7BEFE530502A0924376BA6A	PX5: C0EC59580067EBAA30EF00816E2085008BAD252A
C:\WINDOWS\system32\divx_xx07.dll	InMem: 0	Det [G]	MD5: 7F1E0A73558107ACE9C9086761FB1EF9	PX5: AD284E5B0092A92190080CD60B49CE00EE07B7EE
C:\WINDOWS\system32\divx_xx0c.dll	InMem: 0	Det [G]	MD5: 1034E98BB457EB2C1D553DC115E53036	PX5: AD284E5B0092A92190080CD60B49CE00E419FD1D
C:\WINDOWS\system32\divx_xx11.dll	InMem: 0	Det [G]	MD5: 7A569A83C24C4DF9F75147FF187E0E48	PX5: AD284E5B0092A92140080CD60B49CE0037A404C6
C:\WINDOWS\system32\dpl100.dll	InMem: 0	Det [G]	MD5: A02A458E8725BB0C21895703FAA92C2B	PX5: 10A25E3B00E4AFDB406001973C459000F4C23553
C:\WINDOWS\system32\dpu10.dll	InMem: 0	Det [G]	MD5: A04DC0DB53717E8320EFDB6D09559036	PX5: 3BA9D60E00DEA37280BA049326036C000DFCF997
C:\WINDOWS\system32\dpu11.dll	InMem: 0	Det [G]	MD5: A04DC0DB53717E8320EFDB6D09559036	PX5: 3BA9D60E00DEA37280BA049326036C000DFCF997
C:\WINDOWS\system32\dpuGUI10.dll	InMem: 0	Det [G]	MD5: C81FE4F6D90C3A084980450C9077CBA6	PX5: 9105D41400F5749ED0BB00D4496B74005326C76D
C:\WINDOWS\system32\dpuGUI11.dll	InMem: 0	Det [G]	MD5: A372F68ED2815AE3086D4A9F9FCE1D4E	PX5: 4F8A2DBA000236EA109809A22A66A30043DCD31E
C:\WINDOWS\system32\dpus11.dll	InMem: 0	Det [G]	MD5: 296B4F9A3F2A7E5BF0049C2123714E45	PX5: 68E7973B007B8024403B058FCF0E1F002A10680E
C:\WINDOWS\system32\dpv11.dll	InMem: 0	Det [G]	MD5: ABDE9CEA5EEB4CB4F1BD31F6AD425BA7	PX5: 88D410D600D3F4D1E02000E2854E3000BEC7CEBF
C:\WINDOWS\system32\dtu100.dll	InMem: 0	Det [G]	MD5: 5B5A9F777A396DBDECC76A6FF917C274	PX5: 1DE303F800F9136D000003E075FCF30005BD7B4F
C:\WINDOWS\system32\libdivx.dll	InMem: 0	Det [G]	MD5: 5D10887C550AB149A7D0E0C2438B8655	PX5: 03D6361E00D2951BF0E20F3BBF5C6A0019FF1BA1
C:\WINDOWS\system32\MRT.exe	InMem: 0	Det [G]	PX5: 36B039A778DB1D79EC0415053973EC012C9E3876
C:\WINDOWS\system32\msxml3.dll.tmp	InMem: 0	Det [G]	MD5: 4F9BF464A62D71B462EBF06F811BE2F4	PX5: 89F666590051C372DE6A10BE447182003BCA2AAB
C:\WINDOWS\system32\mucltui.dll.mui	InMem: 0	Det [G]	MD5: 0B4F08D15CAF75A5C75120B1FDE1E1AA	PX5: A5CEE5C07828FA91754700AE8244D0004ACFFC69
C:\WINDOWS\system32\px.dll	InMem: 0	Det [G]	MD5: 7E5994B7DC6FC39DD684EACE6351477C	PX5: E9F7EB80F8EFAEFC6AE108C58B0F320033617411
C:\WINDOWS\system32\pxafs.dll	InMem: 0	Det [G]	MD5: 21FE7EFA3039632434953955F3BDB235	PX5: 1123A753F87EC11EFAAD011B058C68003D35C439
C:\WINDOWS\system32\pxcpya64.exe	InMem: 0	Det [G]	MD5: 2DC2EB8A11D9E45789FE0D25D4343CA3	PX5: E28D986DF8A5F470026801384E1F4000F0153522
C:\WINDOWS\system32\pxcpyi64.exe	InMem: 0	Det [G]	MD5: D08C30A3447B43DD3256F492C3F5F9EB	PX5: 45A4A821F8DF3416D47201382BCE0B007002F024
C:\WINDOWS\system32\pxdrv.dll	InMem: 0	Det [G]	MD5: 09BA2A524D95884E2D6B973167BC696F	PX5: 6E0E4E0FF870BDC2EA62071D760297001C8E4005
C:\WINDOWS\system32\pxhpinst.exe	InMem: 0	Det [G]	MD5: D6803420EFAA9BA2EE4C7D492AF484EB	PX5: CBD6DAECF8068B391AA2012E2A5506004650773D
C:\WINDOWS\system32\pxinsa64.exe	InMem: 0	Det [G]	MD5: ADA396BB1BE8481A10DD789784150CBF	PX5: E0CFDEB4F8DC989CFCC7002B636D950035524F35
C:\WINDOWS\system32\pxinsi64.exe	InMem: 0	Det [G]	MD5: 16BE6047E84614F8781110C4D10590ED	PX5: 0D996220F87B1742CE24016FE4E661000DD12215
C:\WINDOWS\system32\pxmas.dll	InMem: 0	Det [G]	MD5: DCDB0910F1024E34D0EA92CEE3C4FCD6	PX5: 836DB537F812A5CADAC40291F5C86A00B583EE87
C:\WINDOWS\system32\pxsfs.dll	InMem: 0	Det [G]	MD5: 9C86B1A8F1E7A0A367A6BB432B1EE230	PX5: E494BE57F8326649DAFC18EFA7085F0073E546ED
C:\WINDOWS\system32\pxwave.dll	InMem: 0	Det [G]	MD5: 6E96CAAAE31B813A95585242C7A5650F	PX5: 35ECB0BFF8493830CACE0562A2D49200C8E4AE96
C:\WINDOWS\system32\qt-dx331.dll	InMem: 0	Det [G]	PX5: C9F371530031E58DE000360B1F59620004BE1690
C:\WINDOWS\system32\ssldivx.dll	InMem: 0	Det [G]	MD5: EED2CE7BD9E43B8500D906D944460D22	PX5: 2B5064B000BEF4D3107603FF1E984800D76847DF
C:\WINDOWS\system32\vxblock.dll	InMem: 0	Det [G]	MD5: 830696C53228941926DE30B977869A53	PX5: 305BC730F8C72EC15A8601FDBB575400A2FC1C62
C:\WINDOWS\system32\watchdog.sys	InMem: 0	Det [G]	MD5: C9BF2F12C4E6C12F8A85FBA4B6BC6208	PX5: A5490EC7005C2AF84570001E79455E0011553B7B
C:\WINDOWS\system32\win32k.sys	InMem: 0	Det [G]	MD5: 6AFDE6C2294DB179A558377F9EB5A0F7	PX5: AF40E9838058D78E21CB1CA553259300AEAD9216
C:\WINDOWS\system32\wuapi.dll.mui	InMem: 0	Det [G]	MD5: B7B1EBD53C9E861DB7A8AB7D13D8E1D8	PX5: 92E0CC095853C0C1753300650DDDAD00C0399BC2
C:\WINDOWS\system32\wuaucpl.cpl.mui	InMem: 0	Det [G]	MD5: 5271DCC72118B26619D1F8F4B3372A06	PX5: FD92C06C58084CD4759C00E6600FAC0065A26BA6
C:\WINDOWS\system32\wuaueng.dll.mui	InMem: 0	Det [G]	MD5: A9875E8F8A1852E0E325A02CE421ED36	PX5: 8F87ECF5583D62C253DE00AB7F3D51002C1F4DC0
C:\WINDOWS\system32\wucltui.dll.mui	InMem: 0	Det [G]	MD5: 7A5740C5A55447E88A760322334244D5	PX5: 70241DA158CC4AF1959400D2361A37006066AE07
C:\Programmi\Windows Live Toolbar\MSNTBUP.EXE	InMem: 0	Det [GP]	MD5: 07CE95C9D92C9D09442C793AE27669CC	PX5: 6FADEE3A10BFAA27868A012B640185001B76B548
C:\Programmi\Symantec\LiveUpdate\NDETECT.EXE	InMem: 0	Det [G]	MD5: DCC56185FAE82328A199BB47D0B37316	PX5: BF103DA8605245F9B62B01D84F87DB00759DE712


Summary:
C:\Sys112] >> Hidden Data


End of PrevxCSI Log - http://www.prevx.com
Intanto che riprovo con deep scan di asquared posso fare qlcs?
Alis77 è offline   Rispondi citando il messaggio o parte di esso
Old 20-02-2008, 11:01   #25
murack83pa
Bannato
 
Iscritto dal: Oct 2007
Città: Palermo
Messaggi: 4623
no, lascialo lavorare asquared e vediamo se si blocca....incrociamo le dita
murack83pa è offline   Rispondi citando il messaggio o parte di esso
Old 20-02-2008, 14:26   #26
Alis77
Member
 
Iscritto dal: Jan 2006
Messaggi: 73
Purtroppo niente da fare! La scansione con deep scan non va, l'ho lasciata inceppata per due ore... non credo che sia normale o no?
Alis77 è offline   Rispondi citando il messaggio o parte di esso
Old 20-02-2008, 15:35   #27
Alis77
Member
 
Iscritto dal: Jan 2006
Messaggi: 73
Tra i servizi di scansione antivirus-antispyware online gratuiti cosa mi consigliate?
Alis77 è offline   Rispondi citando il messaggio o parte di esso
Old 20-02-2008, 15:37   #28
murack83pa
Bannato
 
Iscritto dal: Oct 2007
Città: Palermo
Messaggi: 4623
Quote:
Originariamente inviato da Alis77 Guarda i messaggi
Tra i servizi di scansione antivirus-antispyware online gratuiti cosa mi consigliate?
allora, fai la scansione online con kaspersky:
http://www.kaspersky.com/virusscanner

c impiegherà un bel po di tempo, ma è necessario..sii paziente

evita di fare operazioni al pc.....

terminata la scansione è importante che posti il report

fai anche un nuovo log di hijackthis

quel file rilevato da prevx csi.....nn mi convince...
murack83pa è offline   Rispondi citando il messaggio o parte di esso
Old 20-02-2008, 15:38   #29
Alis77
Member
 
Iscritto dal: Jan 2006
Messaggi: 73
Intanto ho ricontrollato con hijackthis e quel maledetto Trusted zone e' sempre la'!
Alis77 è offline   Rispondi citando il messaggio o parte di esso
Old 20-02-2008, 15:43   #30
Alis77
Member
 
Iscritto dal: Jan 2006
Messaggi: 73
Ok allora mando prima il nuovo log di hijackthis e poi riparto con l'altra scansione!
Fortunatamente la pazienza non mi manca, il problema e' capirci qualcosa! Cmq intanto grazie per le dritte!
Alis77 è offline   Rispondi citando il messaggio o parte di esso
Old 20-02-2008, 15:46   #31
Chill-Out
Moderatore
 
L'Avatar di Chill-Out
 
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
Quote:
Originariamente inviato da Alis77 Guarda i messaggi
Ok allora mando prima il nuovo log di hijackthis e poi riparto con l'altra scansione!
Fortunatamente la pazienza non mi manca, il problema e' capirci qualcosa! Cmq intanto grazie per le dritte!
Scarica questo tool tasto dx del mouse sul link e lo salvi sul DeskTop
http://www.mvps.org/winhelp2002/DelDomains.inf
click dx su DelDomain e scegli installa dopodicheè fixi gli 015

Allega un nuovo log di HTJ

PS: una sscnasione col Kav male non fà
__________________
Try again and you will be luckier.
Chill-Out è offline   Rispondi citando il messaggio o parte di esso
Old 20-02-2008, 15:46   #32
Alis77
Member
 
Iscritto dal: Jan 2006
Messaggi: 73
Eccolo:

Codice:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16.44.25, on 20/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\a-squared Free\a2service.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\system32\lvhidsvc.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\svchost.exe
C:\VEXPLITE\viritsvc.exe
C:\Programmi\ScanSoft\PaperPort\pptd40nt.exe
C:\Programmi\Brother\ControlCenter2\brctrcen.exe
C:\Programmi\LifeView TVR\RecSche.exe
C:\Programmi\QuickTime\qttask.exe
C:\Program Files\D-Link\DSL-200\dslstat.exe
C:\Program Files\D-Link\DSL-200\dslagent.exe
C:\VEXPLITE\MONLITE.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Programmi\BillP Studios\WinPatrol\winpatrol.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe
C:\Programmi\Nikon\PictureProject\NkbMonitor.exe
C:\Programmi\Brother\Brmfcmon\BrMfcWnd.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://gw.aliceadsl.it/home
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da Alice
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8BD4438C-2511-4B93-AD34-2BDCD0FF78D2} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Programmi\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Programmi\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Programmi\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RecSche] "C:\Programmi\LifeView TVR\RecSche.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\D-Link\DSL-200\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\D-Link\DSL-200\dslagent.exe
O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [WinPatrol] C:\Programmi\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpySweeper] C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Programmi\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Status Monitor.lnk = C:\Programmi\Brother\Brmfcmon\BrMfcWnd.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Apri in nuova scheda in primo piano - res://C:\Programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/230?92634a9b85d542d38b25d4122a1cc946
O8 - Extra context menu item: Apri in nuova scheda in secondo piano - res://C:\Programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/229?92634a9b85d542d38b25d4122a1cc946
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://gw.aliceadsl.it/home
O15 - Trusted Zone: http://www.otherchance.com
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (Controllo AcPreview) - file://C:\Programmi\AutoCAD 2002 Ita\AcPreview.ocx
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Programmi\a-squared Free\a2service.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Remote HID Service (LvHidSvc) - Philips - C:\WINDOWS\system32\lvhidsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas   www.tgsoft.it - C:\VEXPLITE\viritsvc.exe

--
End of file - 7486 bytes
Alis77 è offline   Rispondi citando il messaggio o parte di esso
Old 20-02-2008, 15:48   #33
deneb87
Senior Member
 
Iscritto dal: Dec 2006
Città: Cagliari
Messaggi: 682
Alis dalla prossima volta, anzi anche da subito modificando il tuo messaggio, i log allegali su www.fileup.itadib.com per alleggerire la discussione e incolla qui il link per scaricarlo
deneb87 è offline   Rispondi citando il messaggio o parte di esso
Old 20-02-2008, 15:52   #34
Chill-Out
Moderatore
 
L'Avatar di Chill-Out
 
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
http://www.hwupgrade.it/forum/showpo...0&postcount=31
__________________
Try again and you will be luckier.
Chill-Out è offline   Rispondi citando il messaggio o parte di esso
Old 20-02-2008, 16:14   #35
Alis77
Member
 
Iscritto dal: Jan 2006
Messaggi: 73
Hai ragione ho fatto un po' di confusione! Forse non serve postare il nuovo log, ho utilizzato deldomain e la voce 015 non c'e' piu'! Pensate ke ho risolto o c'e' dell'altro?
Alis77 è offline   Rispondi citando il messaggio o parte di esso
Old 20-02-2008, 16:16   #36
Alis77
Member
 
Iscritto dal: Jan 2006
Messaggi: 73
Cos'e' Kav?
Alis77 è offline   Rispondi citando il messaggio o parte di esso
Old 20-02-2008, 16:21   #37
Alis77
Member
 
Iscritto dal: Jan 2006
Messaggi: 73
Ah! Forse sta per kaspersky? Mi pare che dica di utilizzare explorer? Ke faccio?
Alis77 è offline   Rispondi citando il messaggio o parte di esso
Old 20-02-2008, 16:34   #38
murack83pa
Bannato
 
Iscritto dal: Oct 2007
Città: Palermo
Messaggi: 4623
Quote:
Originariamente inviato da Alis77 Guarda i messaggi
Ah! Forse sta per kaspersky? Mi pare che dica di utilizzare explorer? Ke faccio?
fai la scansione con kav, ovvero kaspersky

è necessario utilizzare internet explorer

devi installare un activex, dopodichè scaricherà gli aggiornamenti, dopo avvia la scansione selezionando my computer e posta qui il report finale

e posta un nuovo log di hijackthis

ps: grande chill
murack83pa è offline   Rispondi citando il messaggio o parte di esso
Old 21-02-2008, 15:31   #39
Alis77
Member
 
Iscritto dal: Jan 2006
Messaggi: 73
Pesantuccio sto kaspersky, ha impiegato circa due ore in tutto comunque ha trovato un'infezione. Come richiesto posto il log e quello di hijackthis

http://www.fileup.itadib.com/downloa...a7U2ikV7R1vIca

http://www.fileup.itadib.com/downloa...VcnSN6KJletwWh

Non so se e' corretto come ho fatto!

Poi volevo sapere riguardo ai rischi che ho letto possono esserci con gli activex, quali sono e cosa ho installato esattamente con la procedura di kaspersky!
Alis77 è offline   Rispondi citando il messaggio o parte di esso
Old 21-02-2008, 15:42   #40
murack83pa
Bannato
 
Iscritto dal: Oct 2007
Città: Palermo
Messaggi: 4623
Quote:
Originariamente inviato da Alis77 Guarda i messaggi
Pesantuccio sto kaspersky, ha impiegato circa due ore in tutto comunque ha trovato un'infezione. Come richiesto posto il log e quello di hijackthis

http://www.fileup.itadib.com/downloa...a7U2ikV7R1vIca

http://www.fileup.itadib.com/downloa...VcnSN6KJletwWh

Non so se e' corretto come ho fatto!

Poi volevo sapere riguardo ai rischi che ho letto possono esserci con gli activex, quali sono e cosa ho installato esattamente con la procedura di kaspersky!
con l'activex di kaspersky nn corri alcun rischio: di fatto hai installato un componete aggiuntivo di ie, un mini programmino, che infatti ti ritrovi nell'elenco installazione applicazioni

ti consiglio di disinstallarlo, tanto nn penso che lo userai a breve

quello che ha trovato kaspersky è lo script di mirc......

mi sembra che finalmente abbiamo risolto il problema, grazie al tool di chill

puoi disinstallare virit, utilizza CCLEANER x fare un po di pulizia nel tuo sistema (nn installare la toolbar di google):
DOWNLOAD
una volta installato, lancia il programma, nel menu di sinistra portati alla voce Opzioni e nella finestra successiva clicca su:
● Impostazioni, e spunta la voce Cancellazione sicura (lenta)
poi su:
● Avanzate, togli la spunta alla voce Cancella solo file più vecchi di 48 ore
● alla voce Pulizia, spunta tutte le voci comprese nella sezione Avanzate
● nel menu a sinistra, clicca sulla voce Pulizia, clicca su tasto Avvia Pulizia per eseguire la scansione
● sempre nel menu a sinistra, clicca sulla voce Registro, spunta tutte le voci comprese nella sezione, clicca sul tasto Trova problemi ed avvia una scansione; al termine della scansione clicca sulla voce Ripara selezionati e prosegui

fixa queste voci in hijackthis x snellire il pc:

Quote:
O4 - HKLM\..\Run: [PaperPort PTD] C:\Programmi\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Programmi\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Programmi\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Programmi\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Status Monitor.lnk = C:\Programmi\Brother\Brmfcmon\BrMfcWnd.exe
x il resto, confermi che è tutto ok?
murack83pa è offline   Rispondi citando il messaggio o parte di esso
Pagina 2 di 7 < 1 2 3 4 5 6 > Ultima »
 Rispondi

« Discussione precedente | Discussione successiva »

Recensione Realme 15 Pro Game Of Thrones: un vero cimelio tech per pochi eletti Recensione Realme 15 Pro Game Of Thrones: un ver...
GIGABYTE GAMING A16, Raptor Lake e RTX 5060 Laptop insieme per giocare al giusto prezzo GIGABYTE GAMING A16, Raptor Lake e RTX 5060 Lapt...
iPhone 17 Pro: più di uno smartphone. È uno studio di produzione in formato tascabile iPhone 17 Pro: più di uno smartphone. &Eg...
Intel Panther Lake: i processori per i notebook del 2026 Intel Panther Lake: i processori per i notebook ...
Intel Xeon 6+: è tempo di Clearwater Forest Intel Xeon 6+: è tempo di Clearwater Fore...
Primi camion elettrici MAN eTGX arrivano...
ASUS ROG Xbox Ally e Ally X in vendita d...
Threads introduce le chat di gruppo e po...
Datacenter tra i canguri: Project Southg...
PS Plus di ottobre: pioggia di horror e ...
Waymo porta i robotaxi a Londra: dal 202...
Philips Airfryer Serie 5000 a soli 69,99...
NVIDIA amplia l'ecosistema NVLink Fusion...
MagicPad 3 Pro: Honor lancia il primo ta...
vivo porta OriginOS 6 sui mercati intern...
Sony WH-1000XM6 vs WH-1000XM5: su AliExp...
GTA 6 vale 100 dollari: l'ex director di...
TSMC: utili trimestrali record, +39% gra...
Xiaomi Redmi Note 14 a soli 149,90€: sma...
Google rilascia Veo 3.1: cosa cambia nel...
Chromium
GPU-Z
OCCT
LibreOffice Portable
Opera One Portable
Opera One 106
CCleaner Portable
CCleaner Standard
Cpu-Z
Driver NVIDIA GeForce 546.65 WHQL
SmartFTP
Trillian
Google Chrome Portable
Google Chrome 120
VirtualBox
Tutti gli articoli Tutte le news Tutti i download

Strumenti

Regole
Non Puoi aprire nuove discussioni
Non Puoi rispondere ai messaggi
Non Puoi allegare file
Non Puoi modificare i tuoi messaggi
Il codice vB è On
Le Faccine sono On
Il codice [IMG] è On
Il codice HTML è Off
Vai al Forum


Tutti gli orari sono GMT +1. Ora sono le: 13:16.

Contattaci - Hardware Upgrade - Archivio - Note sulla Privacy - Su

Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
Served by www3v