|
|||||||
|
|
|
 |
|
|
Strumenti |
03-12-2007, 08:57
|
#41 |
|
Junior Member
Iscritto dal: Nov 2007
Messaggi: 9
|
@Chill-Out
Scusa ma io ho eseguito tutti i passi della procedura.
VundoFix mi ha trovato molti file infetti e mi ha pulito, però non ho trovato come poter generare il log (ci sono solo due pulsanti "Scan for Vundo" e "Remove Vundo"). Il FixVundo non ha trovato niente di infetto. ComboFix non l'ho eseguita perchè dal link fornitomi ho scaricato un exe autoestraente e quando l'ho lanciato mi ha dato il messaggio "Some installation files are corrupt, please download a fresh copy and retry the installation" ed è rimasto su una finestra Dos di colore blu con la scritta Please Wait. Mi ha comunque generato una directory ComboFix dove ci sono diversi file .bat .exe .cfexe ed un file ComboFix.sys ed io a questo punto non sapevo proprio cosa fare. Se devo ripetere l'intera procedura, ti pregherei di indicarmi come mi devo comportare sia per i logs mancanti che per ComboFix. Grazie. Il log di Prevx (l'avevo dimenticato) lo allego ora Codice:
Prevx CSI Build: (v1.2.101.104)
Computer Security Investigator Output Log
System analyzed at: 12/02/07 at 19:13:31
C:\WINDOWS\system32\ntdll.dll
Loaded into: C:\WINDOWS\System32\smss.exe
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\System32\SCardSvr.exe
Loaded into: C:\Programmi\a-squared Free\a2service.exe
Loaded into: C:\WINDOWS\System32\Ati2evxx.exe
Loaded into: C:\Programmi\Bonjour\mDNSResponder.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\Programmi\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\WINDOWS\AGRSMMSG.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\Acer\Notebook Manager\almxptray.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe
Loaded into: C:\Programmi\QuickTime\qttask.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
Loaded into: C:\Analisi_Virus\Vundo\PREVXCSI1104.EXE
PX5: 98EF83350066C70122B20B444BEBEA00D217A1B2
MD5: 75a0aecc55a3f0b9e2d54119fa4aab6d
Determination: GOOD
C:\WINDOWS\system32\CSRSS.EXE
Loaded into: C:\WINDOWS\system32\CSRSS.EXE
Loaded into: C:\WINDOWS\system32\csrss.exe
PX5: 457E08CD00DE83E3183600665DD0AE001F0FA82A
MD5: 2b511a5438308a1ac8d48482279810e6
Determination: GOOD
C:\WINDOWS\system32\CSRSRV.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
PX5: 672F934100D50DA280D100335AB03A0006C3D206
MD5: 4ba2dbac6357b3b9d89c53823afe15c5
Determination: GOOD
C:\WINDOWS\system32\basesrv.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
PX5: CDE7154D0060E2E4CE1D00F8B4D58500AEAC4112
MD5: 7b37b598b55bf80415c15bffe7a992a2
Determination: GOOD
C:\WINDOWS\system32\winsrv.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
PX5: EA125ACC0017E3527A0804FB6E773E00D0D2275E
MD5: a372e3e086a11a01cfca3b8dccbfcb50
Determination: GOOD
C:\WINDOWS\system32\GDI32.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\System32\SCardSvr.exe
Loaded into: C:\Programmi\a-squared Free\a2service.exe
Loaded into: C:\WINDOWS\System32\Ati2evxx.exe
Loaded into: C:\Programmi\Bonjour\mDNSResponder.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\Programmi\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\WINDOWS\AGRSMMSG.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\Acer\Notebook Manager\almxptray.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe
Loaded into: C:\Programmi\QuickTime\qttask.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
Loaded into: C:\Analisi_Virus\Vundo\PREVXCSI1104.EXE
PX5: E0AE989400FE60C04EE004B2BF0AC40001B8B70F
MD5: 82d7de4df9b7ff8d8b9aefc48f2f3be5
Determination: GOOD
C:\WINDOWS\system32\KERNEL32.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\System32\SCardSvr.exe
Loaded into: C:\Programmi\a-squared Free\a2service.exe
Loaded into: C:\WINDOWS\System32\Ati2evxx.exe
Loaded into: C:\Programmi\Bonjour\mDNSResponder.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\Programmi\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\WINDOWS\AGRSMMSG.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\Acer\Notebook Manager\almxptray.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe
Loaded into: C:\Programmi\QuickTime\qttask.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
Loaded into: C:\Analisi_Virus\Vundo\PREVXCSI1104.EXE
PX5: 0AD652AA00FC1D0CB2930F5593CD84005E517D9A
MD5: eb1428078e1d10fdec060857aa526a9f
Determination: GOOD
C:\WINDOWS\system32\USER32.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\System32\SCardSvr.exe
Loaded into: C:\Programmi\a-squared Free\a2service.exe
Loaded into: C:\WINDOWS\System32\Ati2evxx.exe
Loaded into: C:\Programmi\Bonjour\mDNSResponder.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\Programmi\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\WINDOWS\AGRSMMSG.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\Acer\Notebook Manager\almxptray.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe
Loaded into: C:\Programmi\QuickTime\qttask.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
Loaded into: C:\Analisi_Virus\Vundo\PREVXCSI1104.EXE
PX5: D423C40D007DC87CD48F089CF302B800036F5CB9
MD5: 9daa2190a18739b657b58f794acf2e47
Determination: GOOD
C:\WINDOWS\system32\sxs.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
PX5: F6867B260073AE3BE8420A9D4CB88200ED96EA53
MD5: 1f0124663855af228233f43021400f72
Determination: GOOD
C:\WINDOWS\system32\ADVAPI32.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\System32\SCardSvr.exe
Loaded into: C:\Programmi\a-squared Free\a2service.exe
Loaded into: C:\WINDOWS\System32\Ati2evxx.exe
Loaded into: C:\Programmi\Bonjour\mDNSResponder.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\Programmi\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\WINDOWS\AGRSMMSG.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\Acer\Notebook Manager\almxptray.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe
Loaded into: C:\Programmi\QuickTime\qttask.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
Loaded into: C:\Analisi_Virus\Vundo\PREVXCSI1104.EXE
PX5: DA31EA390036C3916C5C0A395DA4E3007CA4EABA
MD5: 09bb0a2c325f7085e24fae6134de2d16
Determination: GOOD
C:\WINDOWS\system32\RPCRT4.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\System32\SCardSvr.exe
Loaded into: C:\Programmi\a-squared Free\a2service.exe
Loaded into: C:\WINDOWS\System32\Ati2evxx.exe
Loaded into: C:\Programmi\Bonjour\mDNSResponder.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\Programmi\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\WINDOWS\AGRSMMSG.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\Acer\Notebook Manager\almxptray.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe
Loaded into: C:\Programmi\QuickTime\qttask.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
Loaded into: C:\Analisi_Virus\Vundo\PREVXCSI1104.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols\ncacn_np rpcrt4.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols\ncacn_ip_tcp rpcrt4.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols\ncadg_ip_udp rpcrt4.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\ClientProtocols\ncacn_http rpcrt4.dll
PX5: D30BFA4500E11CC3EA0408EA8337540073B46F29
MD5: 22413a53995e0a23915a6433bfb90563
Determination: GOOD
C:\WINDOWS\system32\Secur32.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\System32\SCardSvr.exe
Loaded into: C:\Programmi\a-squared Free\a2service.exe
Loaded into: C:\WINDOWS\System32\Ati2evxx.exe
Loaded into: C:\Programmi\Bonjour\mDNSResponder.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\Programmi\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\WINDOWS\AGRSMMSG.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\Acer\Notebook Manager\almxptray.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe
Loaded into: C:\Programmi\QuickTime\qttask.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
Loaded into: C:\Analisi_Virus\Vundo\PREVXCSI1104.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService secur32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService\10 secur32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService\16 secur32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService secur32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService\18 secur32.dll
PX5: 2226211D005B7868DA45009E23898E00149E78C6
MD5: 8285b8b146b42ff18ed08c558435011e
Determination: GOOD
C:\WINDOWS\system32\Apphelp.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Analisi_Virus\Vundo\PREVXCSI1104.EXE
PX5: 2E534C590076A85BF05D01EC9E4FFB0089A4554F
MD5: 086da77c3c612759d4ef437f67532e2d
Determination: GOOD
C:\WINDOWS\system32\VERSION.dll
Loaded into: C:\WINDOWS\system32\csrss.exe
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\System32\SCardSvr.exe
Loaded into: C:\Programmi\a-squared Free\a2service.exe
Loaded into: C:\Programmi\Bonjour\mDNSResponder.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\Acer\Notebook Manager\almxptray.exe
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe
Loaded into: C:\Programmi\QuickTime\qttask.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
Loaded into: C:\Analisi_Virus\Vundo\PREVXCSI1104.EXE
PX5: 17E09890009DDCC84AAD00E153CBBA0071FD3882
MD5: 9b5a59851d9a237c86210e07e2195a12
Determination: GOOD
C:\WINDOWS\system32\WINLOGON.EXE
Loaded into: C:\WINDOWS\system32\WINLOGON.EXE
Loaded into: C:\WINDOWS\system32\winlogon.exe
PX5: D0D54E6C00E89575B4CC07CFE43BE400C1F31A26
MD5: 4166454e2bcfcc20d1b8a5ac9feab243
Determination: GOOD
C:\WINDOWS\system32\AUTHZ.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 869C1EE500523D0FDE60003D7F38BD0038C5A93D
MD5: ac3257b2e441866289d7eb8377490765
Determination: GOOD
C:\WINDOWS\system32\msvcrt.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\System32\SCardSvr.exe
Loaded into: C:\Programmi\a-squared Free\a2service.exe
Loaded into: C:\WINDOWS\System32\Ati2evxx.exe
Loaded into: C:\Programmi\Bonjour\mDNSResponder.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\Programmi\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\WINDOWS\AGRSMMSG.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\Acer\Notebook Manager\almxptray.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe
Loaded into: C:\Programmi\QuickTime\qttask.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
Loaded into: C:\Analisi_Virus\Vundo\PREVXCSI1104.EXE
PX5: EAD3CF360087D2AD3C120509FE506F008FB88290
MD5: 9e6cb81be111b9935f6a97c367cabd4e
Determination: GOOD
C:\WINDOWS\system32\CRYPT32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain\DllName crypt32.dll
PX5: DD3ED9060033BBFB2E83098709F8D4001E524429
MD5: 5588d8afd51d060f82315c50d7590323
Determination: GOOD
C:\WINDOWS\system32\MSASN1.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
PX5: 09F301D4001F77D2E0150027945354004927323C
MD5: 0a75ac7d90bd8e6bc942dba004579d5b
Determination: GOOD
C:\WINDOWS\system32\NDdeApi.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
PX5: 8E19EB1100E774A0488300C192BED30080B1D3E4
MD5: 11be44f0c0978927aed7d69b75c24937
Determination: GOOD
C:\WINDOWS\system32\PROFMAP.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
PX5: 90AEB4A600D0EF596C4F00D134ACAA00BDFD0752
MD5: 0328058695d324d26528077f5b136636
Determination: GOOD
C:\WINDOWS\system32\NETAPI32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Bonjour\mDNSResponder.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
PX5: 0919F94300F3C16412B605F0CC86050045AA2AE7
MD5: 9003e9374ea7c1a81db51cee64c427f6
Determination: GOOD
C:\WINDOWS\system32\USERENV.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\System32\SCardSvr.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\Acer\Notebook Manager\almxptray.exe
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe
Loaded into: C:\Programmi\QuickTime\qttask.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
Loaded into: C:\Analisi_Virus\Vundo\PREVXCSI1104.EXE
PX5: 02BF46CD00DC848D207F0BA7D391AB00DCDEB32E
MD5: ac31ca2b251fe8057528fa937335b164
Determination: GOOD
C:\WINDOWS\system32\PSAPI.DLL
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\a-squared Free\a2service.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\psapi.dll\Path C:\WINDOWS\system32\psapi.dll
PX5: 5DB1DF3A00AE978A5A1800B9B5A8C30041FF3076
MD5: 2baf81b8504d9c1600c51a498e5453b3
Determination: GOOD
C:\WINDOWS\system32\REGAPI.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: BDCF1CB600ACB6D2C2EE007361942C0007606048
MD5: bb756f78728c2d953574e8652b7e86a8
Determination: GOOD
C:\WINDOWS\system32\SETUPAPI.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Bonjour\mDNSResponder.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
PX5: 085443D800EAF0FA42960F6622B8E300CB4CB91D
MD5: 6f83a7ed3217d0e612445612d1991767
Determination: GOOD
C:\WINDOWS\system32\WINSTA.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
PX5: 1789B2A5005E39C8D2660086022E8500C3B9450D
MD5: de24ebecf7833a4de925d0832956f21a
Determination: GOOD
C:\WINDOWS\system32\WINTRUST.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
PX5: 0D34C3E0002C3B32B2670226273B8500327F7603
MD5: 48bd2908fe77abb5ef42dd4a108600b5
Determination: GOOD
C:\WINDOWS\system32\IMAGEHLP.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
PX5: 92D4CA5F00EA8A5C340F02F2506EE800E1319CFF
MD5: f309c34e0f66dac995053e91effc9002
Determination: GOOD
C:\WINDOWS\system32\WS2_32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Bonjour\mDNSResponder.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\Programmi\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
PX5: 42D0077300700B1344D7019D11CF0E00A225E294
MD5: 12ead983c875ed9bcc8b90e3f77f2e4a
Determination: GOOD
C:\WINDOWS\system32\WS2HELP.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Bonjour\mDNSResponder.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\Programmi\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
PX5: 097C6291004A18B14EEC00B4A6264D00B84611B9
MD5: 0c1f495c1761c126bc820f4de4c8b967
Determination: GOOD
C:\WINDOWS\system32\MSGINA.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
PX5: 0590994000D0A8B53A390FFB32187D003143117B
MD5: 4ba6464cf0d5fe0cd0b43ae4b3b32d26
Determination: GOOD
C:\WINDOWS\system32\SHELL32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\System32\SCardSvr.exe
Loaded into: C:\Programmi\a-squared Free\a2service.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\WINDOWS\AGRSMMSG.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\Acer\Notebook Manager\almxptray.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe
Loaded into: C:\Programmi\QuickTime\qttask.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
Loaded into: C:\Analisi_Virus\Vundo\PREVXCSI1104.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\VmApplet rundll32 shell32,Control_RunDLL "sysdm.cpl"
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{AEB6717E-7E19-11d0-97EE-00C04FD91972}
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}\StubPath regsvr32.exe /s /n /i:U shell32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\PostBootReminder {7849596a-48ea-486e-8937-a2a3009f31a9}
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\CDBurn {fbeb8a05-beee-4442-804e-409d6c4515e9}
Loaded from: \REGISTRY\User\S-1-5-21-2800509490-1417818515-3399203189-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{0E5CBF21-D15F-11D0-8301-00AA005B4383}
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Open With\(default) {09799AFB-AD67-11d1-ABCD-00C04FC30936}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Open With\(default) {09799AFB-AD67-11d1-ABCD-00C04FC30936}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Open With EncryptionMenu\(default) {A470F8CF-A1E8-4f65-8335-227475AA5C46}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Open With EncryptionMenu\(default) {A470F8CF-A1E8-4f65-8335-227475AA5C46}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}\(default) Blocco menu Start
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}\(default) Blocco menu Start
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu\(default) {A470F8CF-A1E8-4f65-8335-227475AA5C46}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu\(default) {A470F8CF-A1E8-4f65-8335-227475AA5C46}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\PropertySheetHandlers\{ef43ecfe-2ab9-4632-bf21-58909dd177f0}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\PropertySheetHandlers\{ef43ecfe-2ab9-4632-bf21-58909dd177f0}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\FileSystem\(default) {217FC9C0-3AEA-1069-A2DB-08002B30309D}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\FileSystem\(default) {217FC9C0-3AEA-1069-A2DB-08002B30309D}
Loaded from: \REGISTRY\User\S-1-5-21-2800509490-1417818515-3399203189-1004\Software\Microsoft\Internet Explorer\Explorer Bars\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}\BarSize
Loaded from: FILE
PX5: 215DA5830048FB3674DB81C1D671C100E9F4366E
Determination: GOOD
C:\WINDOWS\system32\SHLWAPI.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\System32\SCardSvr.exe
Loaded into: C:\Programmi\a-squared Free\a2service.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\Programmi\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\WINDOWS\AGRSMMSG.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\Acer\Notebook Manager\almxptray.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe
Loaded into: C:\Programmi\QuickTime\qttask.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
Loaded into: C:\Analisi_Virus\Vundo\PREVXCSI1104.EXE
PX5: 5CE7C78F005ABB1E3E0D07293CC6C00032E98682
MD5: 19b9fcc15aaa59a34a6b6735072934b9
Determination: GOOD
C:\WINDOWS\system32\COMCTL32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\System32\SCardSvr.exe
Loaded into: C:\Programmi\a-squared Free\a2service.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\WINDOWS\AGRSMMSG.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\Acer\Notebook Manager\almxptray.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe
Loaded into: C:\Programmi\QuickTime\qttask.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
Loaded into: C:\Analisi_Virus\Vundo\PREVXCSI1104.EXE
PX5: 58711F2E00E7D4E26C3A0946506D1B008DF24393
MD5: efa21a3fe23bbcfdb6f61a3af723e05a
Determination: GOOD
C:\WINDOWS\system32\ODBC32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
PX5: A52E0F9B00E1697FD015036BACB9C10078B33C67
MD5: 485b2381cf003dad79f1371fbeaacd5a
Determination: GOOD
C:\WINDOWS\system32\comdlg32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
PX5: D1079ADC002DFDB3487D042258AF1F00F0FB72E4
MD5: c99fd691acafaeeefd03f1e4e6d3dd60
Determination: GOOD
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\System32\SCardSvr.exe
Loaded into: C:\Programmi\a-squared Free\a2service.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\WINDOWS\AGRSMMSG.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\Acer\Notebook Manager\almxptray.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe
Loaded into: C:\Programmi\QuickTime\qttask.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
Loaded into: C:\Analisi_Virus\Vundo\PREVXCSI1104.EXE
PX5: 6C2DA8F700C891F6167D107D5B6FFD004BDE3FD7
MD5: 837b282813808c17e9c94e56300aa29e
Determination: GOOD
C:\WINDOWS\system32\odbcint.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
PX5: 17030F830012904980B601AEBBE29A00B94ABB0D
MD5: ea88a16da0d06069c0c06ab5a4669e26
Determination: GOOD
C:\WINDOWS\system32\SHSVCS.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 593617FD0028BAC30E8502553039DB005AE5DAA4
MD5: fad73705bed0910e910de852b0f8aebc
Determination: GOOD
C:\WINDOWS\system32\sfc.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 16BA5AAF006AA18914FD002B882F7D0027109E10
MD5: e6f026dbc75b6eed7331ebf581afd4d8
Determination: GOOD
C:\WINDOWS\system32\sfc_os.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 53B4176200566C3D2844029CE35AC3003149753E
MD5: 8fbf27ab56de71e2bdd5a2ccb7fb9023
Determination: GOOD
C:\WINDOWS\system32\ole32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\System32\SCardSvr.exe
Loaded into: C:\Programmi\a-squared Free\a2service.exe
Loaded into: C:\Programmi\Bonjour\mDNSResponder.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\Acer\Notebook Manager\almxptray.exe
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe
Loaded into: C:\Programmi\QuickTime\qttask.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
Loaded into: C:\Analisi_Virus\Vundo\PREVXCSI1104.EXE
PX5: 85434D2700A77E169AF713D8C3B0DC00CF7A5885
MD5: d5622b6d4cd43f2223718820c0a178ad
Determination: GOOD
C:\WINDOWS\system32\WINSCARD.DLL
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 49E7BE4C00EA6409841F01CF112B5500E75D0DD5
MD5: 840535254edd74e79d059229c5a2f800
Determination: GOOD
C:\WINDOWS\system32\WTSAPI32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
PX5: 1CDB8610004CDD7F48CB007245065C0097B2DD61
MD5: e2703bb7beac36269482a8d32400ad38
Determination: GOOD
C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\System32\SCardSvr.exe
Loaded into: C:\Programmi\a-squared Free\a2service.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
PX5: 39AABB9C080BE5B765C5018CF0356000DD205F37
MD5: 65dcd932b54ffacb748b3dfc715cfdc2
Determination: GOOD
C:\WINDOWS\system32\uxtheme.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\System32\SCardSvr.exe
Loaded into: C:\Programmi\a-squared Free\a2service.exe
Loaded into: C:\WINDOWS\System32\Ati2evxx.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\WINDOWS\AGRSMMSG.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\Acer\Notebook Manager\almxptray.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe
Loaded into: C:\Programmi\QuickTime\qttask.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
Loaded into: C:\Analisi_Virus\Vundo\PREVXCSI1104.EXE
PX5: D88EDDB7006796175ABD03E85DCCE30039E51CA1
MD5: d5193d474d7bb9ce917b4cf5f3ada9d4
Determination: GOOD
C:\WINDOWS\system32\WINMM.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\System32\SCardSvr.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\WINDOWS\AGRSMMSG.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\Acer\Notebook Manager\almxptray.exe
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe
Loaded into: C:\Programmi\QuickTime\qttask.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
Loaded into: C:\Analisi_Virus\Vundo\PREVXCSI1104.EXE
PX5: 8B514EB5005BE141BAA3022C5AD8F400CAAEB534
MD5: 1dc87f8c450e295fb8cc5039d27292e5
Determination: GOOD
C:\WINDOWS\system32\cscdll.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll\DLLName cscdll.dll
PX5: 36CC0D8B0009157E909D017F19231E0041E0A92E
MD5: 38c69b2bc3182a85f0b323c9d1eb7e26
Determination: GOOD
C:\WINDOWS\system32\klogon.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon\DllName C:\WINDOWS\system32\klogon.dll
PX5: 07710499084D8892251303DFE4504000DC34B717
MD5: 535a597f39f7f6f4a4aa250447357da0
Determination: GOOD
C:\WINDOWS\system32\rsaenh.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
PX5: 19B797A900BB112F5426027FDD39EC001D5760F1
MD5: 26acbd865f8cff730f1791c4d0854352
Determination: GOOD
C:\WINDOWS\system32\WlNotify.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp\DLLName wlnotify.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule\DllName wlnotify.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn\DLLName WlNotify.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv\DllName wlnotify.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon\DLLName wlnotify.dll
PX5: 3C08F14B008AD1456C990109A197100002605D8A
MD5: 72e4cad810a967449caab723e99c74b1
Determination: GOOD
C:\WINDOWS\system32\WINSPOOL.DRV
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
PX5: A35B6D1900D11F1D3E5102B97EFC0500E974203D
MD5: a357128eea84698dcf3ed33e521292cc
Determination: GOOD
C:\WINDOWS\system32\MPR.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
PX5: 4E92FBCC002BB291EAE5000F10C15F00A1E7AD21
MD5: 7013fc08075eef2d881d55f898f2d402
Determination: GOOD
C:\WINDOWS\system32\SAMLIB.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Bonjour\mDNSResponder.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
PX5: 6D3509C200E203F6FAF00078D7EA35003D8429D0
MD5: f16c9cdb4a47969b1cf48e0620f6e217
Determination: GOOD
C:\WINDOWS\system32\msv1_0.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Authentication Packages msv1_0
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Security Packages kerberos
PX5: 7DDBB66E00F27A20FA0D01B81C65BB005752F1B9
MD5: affa7a2ecb1476f29641c90524f63e2e
Determination: GOOD
C:\WINDOWS\system32\iphlpapi.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Bonjour\mDNSResponder.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\Programmi\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
PX5: 352A2D920078A26F766401FF71F80300DA785AEF
MD5: 6150872a38d85c8cddb1b2fbff1bb07f
Determination: GOOD
C:\WINDOWS\system32\cscui.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{750fdf0e-2a26-11d1-a3ea-080036587f03} Offline Files Menu
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{10CFC467-4392-11d2-8DB4-00C04FA31A66} Offline Files Folder Options
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E} Cartella file non in linea
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Offline Files\(default) {750fdf0e-2a26-11d1-a3ea-080036587f03}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Offline Files\(default) {750fdf0e-2a26-11d1-a3ea-080036587f03}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\Offline Files\(default) {750fdf0e-2a26-11d1-a3ea-080036587f03}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\Offline Files\(default) {750fdf0e-2a26-11d1-a3ea-080036587f03}
PX5: 8E7CD5F4006500C1188E05B6248B9200BAF8CA73
MD5: 53e5ab61ddcc0f057182bc1b5513b744
Determination: GOOD
C:\WINDOWS\system32\xpsp2res.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Bonjour\mDNSResponder.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
PX5: DD9EAB9A00D5F12036192D6118710400ADB6810C
MD5: 0e8e6901c637095ec3b483475e39731e
Determination: GOOD
C:\WINDOWS\system32\NTMARTA.DLL
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
PX5: 1D452FC300F103CCD4AF019C0B4A1000D0C05759
MD5: 3c1b1065c5bfca5190e7fa7efcb11b59
Determination: GOOD
C:\WINDOWS\system32\WLDAP32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Bonjour\mDNSResponder.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\Programmi\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
PX5: 9E81915C002CE532A4010226E6EC3100C992DBA0
MD5: a340dec6229f08d8b9644f2be00100fc
Determination: GOOD
C:\WINDOWS\system32\COMRes.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Bonjour\mDNSResponder.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
PX5: D3FD3AB2006F991AE8A30C7CE8FD780095D6A640
MD5: b979bbba74f4f5db69c3a5dfdc52828c
Determination: GOOD
C:\WINDOWS\system32\OLEAUT32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\System32\SCardSvr.exe
Loaded into: C:\Programmi\a-squared Free\a2service.exe
Loaded into: C:\Programmi\Bonjour\mDNSResponder.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\Acer\Notebook Manager\almxptray.exe
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe
Loaded into: C:\Programmi\QuickTime\qttask.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
Loaded into: C:\Analisi_Virus\Vundo\PREVXCSI1104.EXE
PX5: 0ADCFE240032582262B908FFB341E7008E7C2AC4
MD5: 3025d5dab63b81f538e10878d8426389
Determination: GOOD
C:\WINDOWS\system32\CLBCATQ.DLL
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Bonjour\mDNSResponder.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
PX5: DDDD061C00DDD1C99CCC07876975D5003DF223DA
MD5: 092813b8f60f1e12e8af5db98037b770
Determination: GOOD
C:\WINDOWS\system32\wdmaud.drv
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\wave wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\midi wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\mixer wdmaud.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Userinstallable.drivers\wave wdmaud.drv
PX5: E19B13CB00CFB9ED5C250033B033BB00A27F216F
MD5: 6deb9059000c34770192b78d85f6d387
Determination: GOOD
C:\WINDOWS\system32\msacm32.drv
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP\wavemapper msacm32.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\wavemapper msacm32.drv
PX5: F8EB7CDA00A2596F522700876A3BC9005F29A42B
MD5: 05e84eead6b27c958621a4e6d33859d1
Determination: GOOD
C:\WINDOWS\system32\MSACM32.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\System32\SCardSvr.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\Acer\Notebook Manager\almxptray.exe
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe
Loaded into: C:\Programmi\QuickTime\qttask.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
Loaded into: C:\Analisi_Virus\Vundo\PREVXCSI1104.EXE
PX5: CD32AC5300D4DB3A183401A597817D009B477A6B
MD5: b088085d01b3e80e2be0e9cd1838ba9b
Determination: GOOD
C:\WINDOWS\system32\midimap.dll
Loaded into: C:\WINDOWS\system32\winlogon.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP\midimapper midimap.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\midimapper midimap.dll
PX5: 8C299C3E002D88084A0000F598A51000C8C9681D
MD5: eaaa11be5c162266e698f7658bd8a1da
Determination: GOOD
C:\WINDOWS\system32\SERVICES.EXE
Loaded into: C:\WINDOWS\system32\SERVICES.EXE
Loaded into: C:\WINDOWS\system32\services.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Eventlog\ImagePath %SystemRoot%\system32\services.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PlugPlay\ImagePath %SystemRoot%\system32\services.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Eventlog\ImagePath C:\WINDOWS\system32\services.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\PlugPlay\ImagePath C:\WINDOWS\system32\services.exe
PX5: 55CFB3920083E585A8B8011373392400747D1070
MD5: e77f6fa2a15390f1727f4c1c55b69da6
Determination: GOOD
C:\WINDOWS\system32\SCESRV.dll
Loaded into: C:\WINDOWS\system32\services.exe
PX5: 42090831009A7DEDFC25041A41C0A6009F850DB8
MD5: e84a4bfd34f64af3a9b2e4ff45c02dca
Determination: GOOD
C:\WINDOWS\system32\umpnpmgr.dll
Loaded into: C:\WINDOWS\system32\services.exe
PX5: A0722C41001DFC8BE8A7011B43DD8300C52FA704
MD5: d717635e8c6d91644aeda4b37a49762a
Determination: GOOD
C:\WINDOWS\system32\NCObjAPI.DLL
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
PX5: 7EA0BF3D001A18F58E38007796CD8000CD7F3FCC
MD5: 1fc06b22ba62ab448613461d06c328c9
Determination: GOOD
C:\WINDOWS\system32\MSVCP60.dll
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
PX5: 2D7DD02900BE71EC5085060A796CD8005BF97344
MD5: b30c42dfa52a70037ab31a85057a5657
Determination: GOOD
C:\WINDOWS\system32\ShimEng.dll
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\System32\SCardSvr.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\Acer\Notebook Manager\almxptray.exe
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe
Loaded into: C:\Programmi\QuickTime\qttask.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
Loaded into: C:\Analisi_Virus\Vundo\PREVXCSI1104.EXE
PX5: 279F162200D45347000001BBAACC850063724C8D
MD5: dc7d49e0dec335b8e14c734ab1bade66
Determination: GOOD
C:\WINDOWS\AppPatch\AcGenral.DLL
Loaded into: C:\WINDOWS\system32\services.exe
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\WINDOWS\System32\SCardSvr.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\Acer\Notebook Manager\almxptray.exe
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe
Loaded into: C:\Programmi\QuickTime\qttask.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
Loaded into: C:\Analisi_Virus\Vundo\PREVXCSI1104.EXE
PX5: 5F6310EE002D3DBC446C1C5A826CF10048881669
MD5: 26caaee19627a49509a5faaf49e418a0
Determination: GOOD
C:\WINDOWS\system32\eventlog.dll
Loaded into: C:\WINDOWS\system32\services.exe
PX5: D2B7D57A001E9CD9DA5600E2BE4F3C00079E4466
MD5: d1caa255f33c06c8302769a86ffb905e
Determination: GOOD
C:\WINDOWS\system32\LSASS.EXE
Loaded into: C:\WINDOWS\system32\LSASS.EXE
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Netlogon\ImagePath %SystemRoot%\System32\lsass.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NtLmSsp\ImagePath %SystemRoot%\System32\lsass.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PolicyAgent\ImagePath %SystemRoot%\System32\lsass.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ProtectedStorage\ImagePath %SystemRoot%\system32\lsass.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SamSs\ImagePath %SystemRoot%\system32\lsass.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Netlogon\ImagePath C:\WINDOWS\System32\lsass.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NtLmSsp\ImagePath C:\WINDOWS\System32\lsass.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\PolicyAgent\ImagePath C:\WINDOWS\System32\lsass.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ProtectedStorage\ImagePath C:\WINDOWS\system32\lsass.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\SamSs\ImagePath C:\WINDOWS\system32\lsass.exe
PX5: CC1BA69F00AF6D2D3445003B3C2E0700B638080D
MD5: 0815e8da286775fa432c7c9ee5e10ba1
Determination: GOOD
C:\WINDOWS\system32\LSASRV.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: 181FFA8C00B85EB21A490B978BFB5C007BE61F0C
MD5: 4b91b83c487be4a196ba96cf697c5ba3
Determination: GOOD
C:\WINDOWS\system32\NTDSAPI.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
PX5: B049763B0042836806A701AA022FCD00F10A90B1
MD5: 6ae3588c5fea68cdfcd743af5fc95398
Determination: GOOD
C:\WINDOWS\system32\DNSAPI.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\Programmi\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
PX5: 74EB5FA400ECF6FA447C02F4107A1600E5E5C273
MD5: b4936fb637c2e2ec03f2589cbcd077ef
Determination: GOOD
C:\WINDOWS\system32\SAMSRV.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: E92EC68300CE21C68E4E06BCC0EDF6004268C49A
MD5: 12b717e63f23bdf3fd43b295542154d9
Determination: GOOD
C:\WINDOWS\system32\cryptdll.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 81B30DAB0078862F82C6000202049600DB968CD1
MD5: 4ac54687b901091378c512a6c56f6214
Determination: GOOD
C:\WINDOWS\system32\msprivs.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: 0CA48DC3002C50B3BC750065E2B27800000C62EB
MD5: d7d64ff974b96816e1ae2c5b86de35ba
Determination: GOOD
C:\WINDOWS\system32\kerberos.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Security Packages kerberos
PX5: 6F259D99008DE085843504BA6E05F400BD1351EF
MD5: a3103d196ce0db4c8b5c6a365628e9ef
Determination: GOOD
C:\WINDOWS\system32\netlogon.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService\68 netlogon.dll
PX5: 7826BE4E00B0693C362206A7BBB246000E968C98
MD5: 926bb51bb6de79dedb93e9c2b0811ccf
Determination: GOOD
C:\WINDOWS\system32\w32time.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: B0DB78E90001F969B24A022F16FE9C007D6DCCBC
MD5: 8b97d00e5c6a593ebb605ce4b8a5caa5
Determination: GOOD
C:\WINDOWS\system32\schannel.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\SecurityProviders\SecurityProviders msapsspc.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Security Packages kerberos
Loaded from: \REGISTRY\Machine\Software\Microsoft\Rpc\SecurityService\14 schannel.dll
PX5: 978AEDC000D16F92363B021213F745004B5CD31C
MD5: e9836d1ace460b4b96fbcb03861d0323
Determination: GOOD
C:\WINDOWS\system32\wdigest.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Security Packages kerberos
PX5: F311FBD900986B6DC09400C9FE9A9C00CD8F608E
MD5: bc6964976170dc87caf151a144be586c
Determination: GOOD
C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\Programmi\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
PX5: D2380EC8088BEDB975CA01A3968D7800F4F7AFF9
MD5: 2812cca795bf75ba201252c728f92787
Determination: GOOD
C:\WINDOWS\system32\scecli.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{827D319E-6EAC-11D2-A4EA-00C04F79F83A}\DllName scecli.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}\DllName scecli.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Lsa\Notification Packages scecli
PX5: C91F3DA800B1BEBADA0C02480448D00054984981
MD5: 1446eb71adf0f54980cdd7e5a812e102
Determination: GOOD
C:\WINDOWS\system32\ipsecsvc.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: B05D914900808F8FCED102E7A46D080020A33905
MD5: 24e00a2782f1fbdda55173f6a92793b4
Determination: GOOD
C:\WINDOWS\system32\oakley.DLL
Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: A4E8D0C400046CE116C204B93C6D3F0003672778
MD5: f450886f41773a5faeb25e87b758d6a8
Determination: GOOD
C:\WINDOWS\system32\WINIPSEC.DLL
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 5E3F044E00E5E84280510004471F8A00BD7E5854
MD5: 30e14d74bcd1beea96a279f78a723346
Determination: GOOD
C:\WINDOWS\system32\mswsock.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Bonjour\mDNSResponder.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\Programmi\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\LibraryPath %SystemRoot%\System32\mswsock.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\LibraryPath %SystemRoot%\System32\mswsock.dll
PX5: 644C52BE00A05754C6240337B7759700C1FF12E3
MD5: 337cb52af1f7cf6c0f57ec8bd14dc6d1
Determination: GOOD
C:\WINDOWS\system32\hnetcfg.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\Bonjour\mDNSResponder.exe
Loaded into: C:\Programmi\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
PX5: 2CFD58C600B6F9414A810565679BD6001F42D5DE
MD5: 250d4f4e1e27543c121378268fe07208
Determination: GOOD
C:\WINDOWS\System32\wshtcpip.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\Bonjour\mDNSResponder.exe
Loaded into: C:\Programmi\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
PX5: 522AC66D001B6D5A4E8E00D8A0AEF000528059BA
MD5: 08b3a60a4dd7fae800b552f8f8d5deb0
Determination: GOOD
C:\WINDOWS\system32\dssenh.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: 31E843BE00E2A81C18FA0265E10B6500232880A4
MD5: cacd2c63a79268d131ea37e85524cc44
Determination: GOOD
C:\WINDOWS\system32\pstorsvc.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: DCF79E3E001DA16F86F70051A83A8600579ADC98
MD5: 24b2f25a42ba3cad1d238f2adae63f7c
Determination: GOOD
C:\WINDOWS\system32\psbase.dll
Loaded into: C:\WINDOWS\system32\lsass.exe
PX5: E242805400420CE08090017E79023900E657FC90
MD5: 7fe963bd4bde86b5eaf5c07c6d0118c3
Determination: GOOD
C:\WINDOWS\system32\SVCHOST.EXE
Loaded into: C:\WINDOWS\system32\SVCHOST.EXE
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\SVCHOST.EXE
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\SVCHOST.EXE
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\SVCHOST.EXE
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\SVCHOST.EXE
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Alerter\ImagePath %SystemRoot%\System32\svchost.exe -k LocalService
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\AppMgmt\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\AudioSrv\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\BITS\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Browser\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\CryptSvc\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\DcomLaunch\ImagePath %SystemRoot%\system32\svchost -k DcomLaunch
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Dhcp\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\dmserver\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Dnscache\ImagePath %SystemRoot%\System32\svchost.exe -k NetworkService
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ERSvc\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\EventSystem\ImagePath C:\WINDOWS\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\FastUserSwitchingCompatibility\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\helpsvc\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\HidServ\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\HTTPFilter\ImagePath %SystemRoot%\System32\svchost.exe -k HTTPFilter
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Irmon\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\lanmanserver\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\lanmanworkstation\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\LmHosts\ImagePath %SystemRoot%\System32\svchost.exe -k LocalService
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Messenger\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Netman\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Nla\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NtmsSvc\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RasAuto\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RasMan\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RemoteAccess\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RemoteRegistry\ImagePath %SystemRoot%\system32\svchost.exe -k LocalService
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RpcSs\ImagePath %SystemRoot%\system32\svchost -k rpcss
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Schedule\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\seclogon\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SENS\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SharedAccess\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ShellHWDetection\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\srservice\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SSDPSRV\ImagePath %SystemRoot%\System32\svchost.exe -k LocalService
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\stisvc\ImagePath %SystemRoot%\System32\svchost.exe -k imgsvc
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\TapiSrv\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\TermService\ImagePath %SystemRoot%\System32\svchost -k DComLaunch
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Themes\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\TrkWks\ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\upnphost\ImagePath %SystemRoot%\System32\svchost.exe -k LocalService
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\W32Time\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\WebClient\ImagePath %SystemRoot%\System32\svchost.exe -k LocalService
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\winmgmt\ImagePath %systemroot%\system32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\WmdmPmSN\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Wmi\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\wscsvc\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\wuauserv\ImagePath %systemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\WZCSVC\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\xmlprov\ImagePath %SystemRoot%\System32\svchost.exe -k netsvcs
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Alerter\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\AppMgmt\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\AudioSrv\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\BITS\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Browser\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\CryptSvc\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\DcomLaunch\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Dhcp\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\dmserver\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Dnscache\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ERSvc\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\EventSystem\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\FastUserSwitchingCompatibility\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\helpsvc\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\HidServ\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\HTTPFilter\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Irmon\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\lanmanserver\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\lanmanworkstation\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\LmHosts\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Messenger\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Netman\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Nla\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NtmsSvc\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RasAuto\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RasMan\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RemoteAccess\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RemoteRegistry\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RpcSs\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Schedule\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\seclogon\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\SENS\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\SharedAccess\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ShellHWDetection\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\srservice\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\SSDPSRV\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\stisvc\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\TapiSrv\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\TermService\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Themes\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\TrkWks\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\upnphost\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\W32Time\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\WebClient\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\winmgmt\ImagePath C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\WmdmPmSN\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Wmi\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\wscsvc\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\wuauserv\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\WZCSVC\ImagePath C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\xmlprov\ImagePath C:\WINDOWS\System32\svchost.exe
PX5: 41467A9700616549387D0095555BE300B7CBF228
MD5: 73955b04f209d8a1c633867841267a96
Determination: GOOD
c:\windows\system32\rpcss.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RpcSs\ImagePath %SystemRoot%\system32\svchost -k rpcss
PX5: 27F0519E00F08DE512070643B0627F006598C78A
MD5: cc41f9d29edd55037a4c26e70c175528
Determination: GOOD
c:\windows\system32\termsrv.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: 15A4D5880058E23888C304BFF814830042F0D520
MD5: c06cd1890279603e15020757e02de56b
Determination: GOOD
c:\windows\system32\ICAAPI.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: BB3E4FC6005CCAE92CC10044E2AB07008B832EBD
MD5: 66da850192b87548374fe13f38a2a265
Determination: GOOD
c:\windows\system32\mstlsapi.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
PX5: F3CF001500470019C4F901369ADAFD00DF876B1F
MD5: 9e54d8528f9b4324ed20cfcdf3be6a76
Determination: GOOD
c:\windows\system32\ACTIVEDS.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\Bonjour\mDNSResponder.exe
PX5: EFB02947002647C8F6250205FD9612006E9558F5
MD5: 25e4e36ced6b15df8d8c10460be834a2
Determination: GOOD
c:\windows\system32\adsldpc.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\Bonjour\mDNSResponder.exe
PX5: 6D8B11FE00EF99F53026027F152EC40097EA0ACA
MD5: 15ce221ace929705ba7e4346d74e8a06
Determination: GOOD
c:\windows\system32\ATL.DLL
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Bonjour\mDNSResponder.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\atl.dll\Path C:\WINDOWS\system32\atl.dll
PX5: 90FBA32A008A4DC9E6A3004879775D009B9241D5
MD5: 32bd4cc64449ea2549be4a8efc54f4de
Determination: GOOD
C:\WINDOWS\System32\winrnr.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\Programmi\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\LibraryPath %SystemRoot%\System32\winrnr.dll
PX5: DD7C6D7B00A7C2A842AB003098E8920063CE769A
MD5: bb78454c44a5b0f97295a6d66b217d65
Determination: GOOD
C:\Programmi\Bonjour\mdnsNSP.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\Programmi\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004\LibraryPath C:\Programmi\Bonjour\mdnsNSP.dll
PX5: D240058C00D95FC2705201A57ACB2E004585C058
MD5: 1f5a570ad942dfcfe4500326abdd72b2
Determination: GOOD
C:\WINDOWS\system32\rasadhlp.dll
Loaded into: C:\WINDOWS\system32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
PX5: 44992DD300BD805F2027003B3C2E0700008DD7C4
MD5: 266d8fa8f97cbbba8bade273f47215d9
Determination: GOOD
c:\windows\system32\dhcpcsvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 6B31A5B6003DEA2AB413012609A16300F9086E97
MD5: 4f56ad1b19373851392bff248c8ce1cb
Determination: GOOD
c:\windows\system32\wzcsvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 3DF4750600996C8B7E470562CED514005814EDBA
MD5: 312913174d070ed81e9d78da7b648774
Determination: GOOD
c:\windows\system32\rtutils.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Bonjour\mDNSResponder.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
PX5: BF0F14BA00130FA5ACFA00D907EAE70083958E2B
MD5: 204a7d354683a49c37505be1646c5d43
Determination: GOOD
c:\windows\system32\WMI.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
PX5: 781B3D7300C600C41695006A26ACBD006AA9CB45
MD5: 7f9fd6e98cf1898f94d4a6246d4d639e
Determination: GOOD
c:\windows\system32\ESENT.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
PX5: 44A1D0F1009656EFAA4210CE1D5F1E00AAA3CF3A
MD5: 26e0ac18ac6dc3f7f17aee22c9e0a01f
Determination: GOOD
c:\windows\system32\irmon.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 47B8C70500685EC870E3008210CDAA0043F23921
MD5: d71f66aab2522bb75fc7c6fad0b5816b
Determination: GOOD
C:\WINDOWS\System32\wshirda.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
PX5: A7AE151E008D07A62013003B3C2E0700630EE6FF
MD5: c544ba09b8b9e4a1112bc848e7678fe3
Determination: GOOD
C:\WINDOWS\System32\rastls.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: F64AC68A00F37A69B87E01DB8E696800CC9225D9
MD5: f90a2f77cb88f8201a3ad783d7edb19c
Determination: GOOD
C:\WINDOWS\system32\CRYPTUI.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
PX5: 5142AFD100A220AEFE57076D08D9310067F36935
MD5: 502a30e1a880124d7f71667e75be9688
Determination: GOOD
C:\WINDOWS\system32\WININET.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
PX5: 961F517B00817CCE18AE0A64C8D0A3004D3C6805
MD5: c82a1185becd4b075e86e3c3b22e762c
Determination: GOOD
C:\WINDOWS\System32\MPRAPI.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\Bonjour\mDNSResponder.exe
PX5: F40536E000846CE4547B017CD7ABC100D153D57A
MD5: b61978022a65fac95b8e3817d5029870
Determination: GOOD
C:\WINDOWS\System32\RASAPI32.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
PX5: 7E18516500FFE5CC9C5B03564D831C0011FCFEEB
MD5: 7ece54a6785e6a07ed02018a32b246e6
Determination: GOOD
C:\WINDOWS\System32\rasman.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
PX5: 7F1D9BFF002D89D3F04E005C98AFF900ECE9EEA3
MD5: 79d87679f6f13f7f18062c39a3c5b38a
Determination: GOOD
C:\WINDOWS\System32\TAPI32.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
PX5: ECB3A62200F5E5E3C61D0271F9934A0018AE4A00
MD5: 9b53ce123c15e95de40592cfecec5a09
Determination: GOOD
C:\WINDOWS\System32\raschap.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 6CBEE3D600A4FEB310F101DE8C083F003D6F721F
MD5: d7de6cd7a5f84909b12b7dbd7d93811d
Determination: GOOD
C:\WINDOWS\System32\WZCSAPI.DLL
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: EBF8733200CD9B7CCA4C0051E7642A0024707F2E
MD5: 28cddfdf8c30d886284f3549c4a8e284
Determination: GOOD
c:\windows\system32\schedsvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 5DDC4A3800A53317F204023D51875A00711FF5B5
MD5: 546254d4769e165cdc3388d74b201fcb
Determination: GOOD
C:\WINDOWS\System32\MSIDLE.DLL
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 892E25230047BFE41A2700448F955F00DB3FDA3D
MD5: 3dc13080f28f80ed5d31e20e226536a5
Determination: GOOD
c:\windows\system32\audiosrv.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 97A7792B000122A1A6A80092373D18006EB85382
MD5: 15ee9eff206daa73b9642fcd51a69bb1
Determination: GOOD
c:\windows\system32\wkssvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: F785B0520050629F0457028102F0DA00CD162C70
MD5: 6953de298c888abe268ff59bac64cf4e
Determination: GOOD
c:\windows\system32\qmgr.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: A628078700D0FC00D60105464D1E6100132AFD53
MD5: 04e8321935ad5643ff59901f3ef5f4f3
Determination: GOOD
c:\windows\system32\SHFOLDER.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
PX5: 209DE55C009ABDE8627700E93AF07200F7058D40
MD5: 8b205eb92b49d10055427365065357e8
Determination: GOOD
c:\windows\system32\WINHTTP.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
PX5: 8A8FE9C3008B23F25C3905D494C02C00D181B661
MD5: 5b4ec6c0fbacc85430ce3d6ae8563a0d
Determination: GOOD
c:\windows\system32\cryptsvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 4924777000FF363CECB300E8D69F7300112A6AF8
MD5: e0cc838265401128097d182fb583889a
Determination: GOOD
c:\windows\system32\certcli.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 925C7DF9003B9C1200C5031520AB850028BB5515
MD5: 5f24a58d40870f8fe6cf7e15e73de146
Determination: GOOD
c:\windows\system32\dmserver.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: FABFF932000B9F155E610037E22ABC006B953D35
MD5: 499fff7bca07009a23447776286f0510
Determination: GOOD
c:\windows\system32\ersvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 1075AE7B006257925A3B00E01F4D2400B15FB39E
MD5: ff547b3876b6e652431412345fb8ee11
Determination: GOOD
c:\windows\system32\es.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 79EA0C1C007DD384B6CC033ACA71FA00F62D9D5F
MD5: 659c04bb6086e480966ffd0d44f1cc4d
Determination: GOOD
c:\windows\pchealth\helpctr\binaries\pchsvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 5BE772A20028818F98B300E973AA5500998EE021
MD5: 03a7a19834e2a63c445b3ac5e73aab50
Determination: GOOD
c:\windows\system32\hidserv.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 96C7C37F003251D454A000B31B11EF0040F22E18
MD5: 3c924c33de25e8f01eeb3c6b8030e7bd
Determination: GOOD
c:\windows\system32\HID.DLL
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 551CD37300F70F6C527C0010EC920400B756D4FA
MD5: 3b4e115a33a2bff0d74792d572f448dd
Determination: GOOD
c:\windows\system32\srvsvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 0BFF5A6200F821CA7A0401E40DD655008D70866B
MD5: 974831aa16aee016d902f8582ccb30fe
Determination: GOOD
c:\windows\system32\netman.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 65612A5600E1886F042503516394BA0003C1C8BE
MD5: 1231d4353698e19495dc8a929b8b74eb
Determination: GOOD
c:\windows\system32\netshell.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7007ACC7-3202-11D1-AAD2-00805FC1270E} Connessioni di rete
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{992CFFA0-F557-101A-88EC-00DD010CCC48} Connessioni di rete
PX5: F7F9A56A007CF701368C1AE01A3E1600E0C02A68
MD5: 4cc28de5620ace4f613b42a4f836dede
Determination: GOOD
c:\windows\system32\credui.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
PX5: E886FD9F0056D4F18254029213832F003DEFF647
MD5: 2d68af44b169d033545fa501b9ff4f30
Determination: GOOD
c:\windows\system32\seclogon.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 5B80E36F00AA396B4A8300B7E7951D00D7AA4B2D
MD5: 241d074dab2a67d2d7616ce7c8b05650
Determination: GOOD
c:\windows\system32\sens.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 00AF89660086F69E989700E590F03600F597A8F5
MD5: 688be760c858e347a4e23186b725c86b
Determination: GOOD
c:\windows\system32\srsvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: F652BD0100BA7CC29C6202A16DDB5500C590261B
MD5: ba4e8ac9a60c4527c969d08f3abe9d36
Determination: GOOD
c:\windows\system32\POWRPROF.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
PX5: 31AB7E9C00B2127E4485007208C03300950D28C1
MD5: 41ff9d663219a1dd0397fe2c5b09436c
Determination: GOOD
c:\windows\system32\tapisrv.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 77B7DE3500985E80CE7503E2DF55BE00B03FFDDD
MD5: 3a4c429f316c510c3e4c5f2fc7372c26
Determination: GOOD
c:\windows\system32\browser.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS\(default) Personalizzazione del browser
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS\(default) Personalizzazione del browser
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS\(default) Personalizzazione del browser
PX5: 9CDD0A4F005D0D9D2E6201C807EC76000E0D1CE8
MD5: 72fbf0322be8a0f25ae722fde36ab1e6
Determination: GOOD
c:\windows\system32\wuauserv.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 0799809A00702BD41AB400068A66AC0043C84727
MD5: 4cbb7cc975e5b67022a7f95dfc6ef9ec
Determination: GOOD
c:\windows\system32\wbem\wmisvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: CEF9F3BC00C6E32738BF0260919AD800E787713F
MD5: a91acdd987dc3e0e1fcedda6f1ffef2a
Determination: GOOD
C:\WINDOWS\system32\VSSAPI.DLL
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: FAEC6BFB002AF8059230067AACCA280087EB5B02
MD5: b590f13f17409970a6994473eb98ef74
Determination: GOOD
c:\windows\system32\trkwks.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 906F8E37007C9B5A621D011F493B83005C29CC43
MD5: 6c7f265bd43a1d85103ec5cb1251d2b6
Determination: GOOD
C:\WINDOWS\system32\wuaueng.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
PX5: 26C07DF358FF2BE623151A8BD3FD64005FC70733
MD5: 3eec20e41f5f331b94002970ceaec92f
Determination: GOOD
C:\WINDOWS\System32\Cabinet.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
PX5: 60605FEC005AB19AEA050033F1225300422702FD
MD5: 4d7708fd334c23e17400ca8327ce3d11
Determination: GOOD
C:\WINDOWS\System32\mspatcha.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
PX5: 192CF4F3003C31E4769D0029DA080500F7D037E4
MD5: a434e5666a953f6a0406cc99b8b8c6a0
Determination: GOOD
c:\windows\system32\ipnathlp.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\AUTODHCP\DllName ipnathlp.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\DNSPROXY\DllName ipnathlp.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\FTP\DllName ipnathlp.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\H323\DllName ipnathlp.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\IPNAT\DllName ipnathlp.dll
PX5: 89882A6E0030CF0B12CE052A40AAE5009F9198F9
MD5: 1da364fa673e18bc1de8f5cdf3657dbd
Determination: GOOD
c:\windows\system32\wscsvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: B11BC224000C550D3E4B01F1618F6300676DF706
MD5: 17f70f4e37452a30c35565052ab68be9
Determination: GOOD
c:\windows\system32\msi.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
PX5: B09678EF00F05CBD8EB12B2266AE240024089B64
MD5: 34a737e1344985bc5a636a4ed286de61
Determination: GOOD
C:\WINDOWS\System32\wbem\wbemcomn.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
PX5: 30B285D60040901346F3037FF72C08005C58C30E
MD5: 7db0054945c1c937553f97fa1f1eaffb
Determination: GOOD
C:\WINDOWS\system32\comsvcs.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: ED0A598E00540BAB56A9139D5AFF60002DA225EE
MD5: 9c38b58fdd3ffbe7ed90b5936cce3784
Determination: GOOD
C:\WINDOWS\system32\colbact.DLL
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: A0B0F9B500ACD436ECA70034F32E2C001398A8B7
MD5: a9126ecb8bca406d6df60bec11af594a
Determination: GOOD
C:\WINDOWS\system32\MTXCLU.DLL
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
PX5: 66978F8E0092BC0304EB01E29B925900A2E75CFB
MD5: 7c5986b94eee98cf0a0f5eae44912e5e
Determination: GOOD
C:\WINDOWS\system32\WSOCK32.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\Programmi\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
PX5: 2C097C2B007169C960BA0014DCE7CC0038229E38
MD5: 3bd93201e3afa5a0660c793a4bdae773
Determination: GOOD
C:\WINDOWS\System32\CLUSAPI.DLL
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
PX5: F4F4A6AD001EC8C1E2C500B4FE61840054C0DDE3
MD5: c3b4cfba8936d0af25d5391f53f2da91
Determination: GOOD
C:\WINDOWS\System32\RESUTILS.DLL
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
PX5: 6DFA47A500DAF26FE68800D61F5B31009BB0B65D
MD5: cad4191048f595a794e14cee31db06fd
Determination: GOOD
C:\WINDOWS\System32\Wbem\wbemcore.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: D34E2BC3004DE1451AED08DF0B2B620026599912
MD5: 2e9b41fdd71fddd9d596cf3fdf0a1fdd
Determination: GOOD
C:\WINDOWS\System32\Wbem\esscli.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: DE687FC600BAAC77C8B4030B6F14AB0094AE7226
MD5: 20938c6d287b27ab3f1fde53ff3507de
Determination: GOOD
C:\WINDOWS\System32\Wbem\FastProx.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
PX5: AEBA61B800E4BC9A34F5075F66FDAB005D1447F9
MD5: fc9f0b7216d087f9502ece38439ae144
Determination: GOOD
C:\WINDOWS\System32\wbem\wbemsvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
PX5: 25397BDF00757EBFAAF700E3ED2B7800B9284F1B
MD5: dd3e1e96ea769c31936d9b09f9137954
Determination: GOOD
C:\WINDOWS\System32\wbem\wmiutils.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
PX5: 0BDBA5A5000A6748803F0102F9279500D2C1C9B2
MD5: bc664c7546ef5c1a5712e7b48af24741
Determination: GOOD
C:\WINDOWS\System32\wbem\repdrvfs.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: DAAC922100087395B4C8026D60ACD300B870E129
MD5: 41b4ed9f8d444ce09b6a1fe76ae22040
Determination: GOOD
C:\WINDOWS\System32\wbem\wmiprvsd.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: DCBBBE7700F574BEAC5B06A359C30800D52199FA
MD5: d110a8cde08cc1d346814c814d32f2ed
Determination: GOOD
C:\WINDOWS\System32\wbem\wbemess.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 57BC20470030CEBC2E7C0420B5413100E2A61178
MD5: 1c4c78b5943ae143513dd1522e14926a
Determination: GOOD
C:\WINDOWS\System32\wbem\ncprov.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 28C2B58B00AC779DB8320092176FE400CB94678D
MD5: 1b8923492b022438764dcf6bd8b0efa9
Determination: GOOD
C:\WINDOWS\System32\wbem\wbemcons.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: FEC4B3B500CE633918000143FDB47200CD210469
MD5: 89a935a5cb3fe6d25bb87de3370e6b5e
Determination: GOOD
C:\WINDOWS\System32\netcfgx.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 4F8DF8B4009990EE9C82091CBF6CD600CD59067D
MD5: ab06350510c1f68c7202703480f6ff17
Determination: GOOD
C:\WINDOWS\System32\rasmans.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 6AC5343500463BCBC43C0233B0575500AE7EBADF
MD5: 6686c0c8b47618414215fc184972c69e
Determination: GOOD
C:\WINDOWS\System32\rastapi.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 699D459D008C3BC6E634009735DEBF004B936485
MD5: f4de764732e8f6028bb18aadd4912317
Determination: GOOD
C:\WINDOWS\System32\unimdm.tsp
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: BFCEE8FF0036A1F42CB803103A63E10078271DF9
MD5: 12c9c630fd867446d8b846c28454a45f
Determination: GOOD
C:\WINDOWS\System32\uniplat.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: D4A3FA58003A460436E500FC8F082200CAF4CCCF
MD5: 8bc01cbcdc4345a7367f2edcbaa4a07f
Determination: GOOD
C:\WINDOWS\System32\unimdmat.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 8F8CA7B700081F963ABA0102BB6592004A8170FD
MD5: 03486f64e165822e2e017f1169239304
Determination: GOOD
C:\WINDOWS\system32\modemui.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: D11A71A3005679E15E1F02728B16990070468BB5
MD5: 8021a4459d596d037e6ac166b4eb8a9a
Determination: GOOD
C:\WINDOWS\System32\kmddsp.tsp
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: C200FF390086F832824F0082C924C70039E73BB5
MD5: 516447bbb1a13f72e98989580eeaeb36
Determination: GOOD
C:\WINDOWS\System32\ndptsp.tsp
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 9787C23000D76D69E07F0030C6CACA005BA7ED34
MD5: ff5cbcadd5833b484c773f7df16f13bf
Determination: GOOD
C:\WINDOWS\System32\ipconf.tsp
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: BB9887B4006414FA44B900C28BC43200412916D4
MD5: 4e2f02e1ba55160806ad42fee296f8b2
Determination: GOOD
C:\WINDOWS\System32\h323.tsp
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 72FD790F00B8268510FF046EA54C6E0080B1B5D1
MD5: ea96018804feb47c384efdb3d07e7eb9
Determination: GOOD
C:\WINDOWS\System32\hidphone.tsp
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 578102E800C1441976DD00BD8619300083827C0B
MD5: ea5c2c1f5f74a5660fb0f72e63861030
Determination: GOOD
C:\WINDOWS\System32\rasppp.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 69B8011C006A35C426B80310309570000552A536
MD5: 4a48edcab3b97997055ac533cafdb501
Determination: GOOD
C:\WINDOWS\System32\ntlsapi.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 182944C0006C52E520B8003B3C2E0700820D2E78
MD5: 8ed1589d9a626027e4faf24c149860e6
Determination: GOOD
C:\WINDOWS\System32\upnp.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 5CC09E6000F77B62063F026310FD670014E0CF2C
MD5: 7e7491c2cf7a0781c0004d2c5be71bc4
Determination: GOOD
C:\WINDOWS\System32\SSDPAPI.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: B458C80C0094BE55886700FEA91CE300F0D01D10
MD5: 4ea31d2858780ddb446a9dc9b2d23c3d
Determination: GOOD
C:\WINDOWS\System32\RASDLG.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 289AD96400BB9C934C7F0AD56A0D5500E683D618
MD5: d52a1298d47fa8652b30451855265f94
Determination: GOOD
C:\WINDOWS\system32\msxml3.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
PX5: 60B20BB200F84299DCAB10FF374BBC00797C1A91
MD5: f95e644f65d439d2f9122d52f0321327
Determination: GOOD
C:\WINDOWS\system32\wups2.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
PX5: 8F8648A158D15CF4A9FE004434B05300230EE2A8
MD5: ceb1bd87fbcb5984bdf7dc0991a060b5
Determination: GOOD
C:\WINDOWS\System32\wbem\wbemprox.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
PX5: 118AA1B200D76A754A3B0017C7664600A1463C19
MD5: cece259d273771497d2c96c8121d9c58
Determination: GOOD
C:\WINDOWS\System32\mlang.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
PX5: A0FB8BA50045A9FEF20208062C04B3005F96B032
MD5: f036bc2525f8701628abb0a550c1c692
Determination: GOOD
C:\WINDOWS\System32\xmlprovi.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: F8AAB7ED00389F6FC419009F9AC92500C1676D16
MD5: 84c74999e0f8de9d0d96fc61de29ada1
Determination: GOOD
c:\windows\system32\dnsrslvr.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 3AB739DC00686EC6B26F00A3B54A4300F767B865
MD5: 1a4ccb390093d1a6f0eec063f44aff31
Determination: GOOD
c:\windows\system32\lmhsvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 050B19680015AAE33629000A173BF5000631D061
MD5: 6e008b7eb9b67d555b5ee1c1091f3a7e
Determination: GOOD
c:\windows\system32\webclnt.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: F49C6F7000D3BB7B0AFE01B9E6A55A009E654432
MD5: 83ed24c34250afab1e55deb3d8d7ec1a
Determination: GOOD
c:\windows\system32\regsvc.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: 0038ECD50092146CEAE600DC41696F006EFFA138
MD5: 78fbe7da29307ede7ed0e33f1c4969bc
Determination: GOOD
c:\windows\system32\ssdpsrv.dll
Loaded into: C:\WINDOWS\System32\svchost.exe
PX5: EFEEB4A70072CCE218E201A90823060000AE77FB
MD5: 1fbf38a525eedd7402bfa7e27236a64f
Determination: GOOD
C:\WINDOWS\EXPLORER.EXE
Loaded into: C:\WINDOWS\EXPLORER.EXE
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell Explorer.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}\(default) Internet Explorer
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608555}\(default) Internet Explorer Classes for Java
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}\(default) Guida di Internet Explorer
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}\(default) Strumenti di installazione di Internet Explorer
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}\(default) Internet Explorer 6
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}\(default) Font principali di Internet Explorer
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{D63010AD-DC29-DB9B-2279-51482EEC507A}\(default) Internet Explorer
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}\(default) Internet Explorer
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608555}\(default) Internet Explorer Classes for Java
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}\(default) Guida di Internet Explorer
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}\(default) Strumenti di installazione di Internet Explorer
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}\(default) Internet Explorer 6
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}\(default) Font principali di Internet Explorer
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{D63010AD-DC29-DB9B-2279-51482EEC507A}\(default) Internet Explorer
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}\(default) Internet Explorer
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608555}\(default) Internet Explorer Classes for Java
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}\(default) Guida di Internet Explorer
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}\(default) Strumenti di installazione di Internet Explorer
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}\(default) Internet Explorer 6
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}\(default) Font principali di Internet Explorer
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{D63010AD-DC29-DB9B-2279-51482EEC507A}\(default) Internet Explorer
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3}\(default) Mapping aree Internet Explorer
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B}\(default) Personalizzazione Internet Explorer
PX5: 5F224AD100F73BC6CEBA0FDC56B8E400769BB8AE
MD5: 7e2817a623e16f830b660f81c0fd63da
Determination: GOOD
C:\WINDOWS\system32\BROWSEUI.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5E6AB780-7743-11CF-A12B-00AA004AE837} Barra degli strumenti Microsoft Internet
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{22BF0C20-6DA7-11D0-B373-00A0C9034938} Stato del download
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{91EA3F8B-C99B-11d0-9815-00C04FD91972} Shell Folder accresciuto
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6413BA2C-B461-11d1-A18A-080036B11A03} Shell Folder 2 accresciuto
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F61FFEC1-754F-11d0-80CA-00AA005B4383} BandProxy
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7BA4C742-9E81-11CF-99D3-00AA004AE837} Microsoft BrowserBand
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{30D02401-6A81-11d0-8274-00C04FD5AE38} SearchBand
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{169A0691-8DF9-11d1-A1C4-00C04FD75D13} Ricerca all'interno
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{07798131-AF23-11d1-9111-00A0C98BA67D} Ricerca Web
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{AF4F6510-F982-11d0-8595-00AA004CD6D8} Utilit. opzioni della struttura del Registro di sistema
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{01E04581-4EEE-11d0-BFE9-00AA005B4383} &Indirizzo
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A08C11D2-A228-11d0-825B-00AA005B4383} Address EditBox
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{00BB2763-6A77-11D0-A535-00C04FD7D062} Completamento automatico Microsoft
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7376D660-C583-11d0-A3A5-00C04FD706EC} TridentImageExtractor
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6756A641-DE71-11d0-831B-00AA005B4383} Elenco di Completamento automatico MRU
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A} Elenco di Completamento automatico MRU personalizzato
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7e653215-fa25-46bd-a339-34a2790f3cb7} Accessibile
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{acf35015-526e-4230-9596-becbe19f0ac9} Indicatore di avanzamento popup
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E0E11A09-5CB8-4B6C-8332-E00720A168F2} Parser della barra degli indirizzi
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{00BB2764-6A77-11D0-A535-00C04FD7D062} Elenco di Completamento automatico della Cronologia di Microsoft
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{03C036F1-A186-11D0-824A-00AA005B4383} Elenco di Completamento automatico di Shell Folder di Microsoft
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{00BB2765-6A77-11D0-A535-00C04FD7D062} Contenitore dell'elenco di Completamento automatico multiplo Microsoft
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ECD4FC4E-521C-11D0-B792-00A0C90312E1} Shell Band Site Menu
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3CCF8A41-5C85-11d0-9796-00AA00B90ADF} Shell DeskBarApp
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ECD4FC4C-521C-11D0-B792-00A0C90312E1} Shell DeskBar
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ECD4FC4D-521C-11D0-B792-00A0C90312E1} Shell Rebar BandSite
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{DD313E04-FEFF-11d1-8ECD-0000F87A470C} Assistenza utente
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} Impostazioni cartella globale
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{21569614-B795-46b1-85F4-E737A8DC09AD} Shell Search Band
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{438755C2-A8BA-11D1-B96B-00A0C90312E1} Precaricatore Browseui
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{8C7461EF-2B13-11d2-BE35-3078302C2030} Daemon di cache delle categorie di componenti
Loaded from: \REGISTRY\User\S-1-5-21-2800509490-1417818515-3399203189-1004\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{01E04581-4EEE-11D0-BFE9-00AA005B4383} .......
Loaded from: \REGISTRY\User\S-1-5-21-2800509490-1417818515-3399203189-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{01E04581-4EEE-11D0-BFE9-00AA005B4383} .......
PX5: 74E197CD00F453B89CCF0F389ED22800B566048B
MD5: 696397ef3aa6f04799c367bc28bbd842
Determination: GOOD
C:\WINDOWS\system32\SHDOCVW.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0} Cerca
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0} Guida in linea e supporto tecnico
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0} Guida in linea e supporto tecnico
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} Esegui...
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0} Internet
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0} Posta elettronica
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D20EA4E1-3957-11d2-A40B-0C5020524152} Tipi di carattere
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D20EA4E1-3957-11d2-A40B-0C5020524153} Strumenti di amministrazione
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EFA24E61-B078-11d0-89E4-00C04FC9E26E} Favorites Band
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0A89A860-D7B1-11CE-8350-444553540000} Shell Automation Inproc Service
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} Shell DocObject Viewer
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A5E46E3A-8849-11D1-9D8C-00C04FC99D61} Microsoft Browser Architecture
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FBF23B40-E3F0-101B-8488-00AA003E56F8} InternetShortcut
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3C374A40-BAE4-11CF-BF7D-00AA006946EE} Servizio Cronologia Url Microsoft
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FF393560-C2A7-11CF-BFF4-444553540000} Cronologia
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7BD29E00-76C1-11CF-9DD0-00A0C9034933} File temporanei Internet
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7BD29E01-76C1-11CF-9DD0-00A0C9034933} File temporanei Internet
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CFBFAE00-17A6-11D0-99CB-00C04FD64497} Hook per la ricerca di URL Microsoft
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC} Schermata iniziale applicazioni Internet Explorer 4
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{67EA19A0-CCEF-11d0-8024-00C04FD75D13} CDF Extension Copy Hook
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{131A6951-7F78-11D0-A979-00C04FD705A2} ISFBand OC
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9461b922-3c5a-11d2-bf8b-00c04fb93661} Search Assistant OC
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3DC7A020-0ACD-11CF-A9BB-00AA004AE837} Internet
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{871C5380-42A0-1069-A2EA-08002B30309D} Internet Name Space
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EFA24E64-B078-11d0-89E4-00C04FC9E26E} Explorer Band
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0} Set Program Access and Defaults
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\CDF\(default) {67EA19A0-CCEF-11d0-8024-00C04FD75D13}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\CDF\(default) {67EA19A0-CCEF-11d0-8024-00C04FD75D13}
Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}\BarSize
Loaded from: \REGISTRY\User\S-1-5-21-2800509490-1417818515-3399203189-1004\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E64-B078-11D0-89E4-00C04FC9E26E}\BarSize
Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\CLSID {1FBA04EE-3024-11d2-8F1F-0000F87ABD16}
Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Extensions\{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}\CLSID {E0DD6CAB-2D10-11D2-8F1A-0000F87ABD16}
Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Extensions\{77BF5300-1474-4EC7-9980-D32B190E9B07}\CLSID {1FBA04EE-3024-11d2-8F1F-0000F87ABD16}
Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}\CLSID {1FBA04EE-3024-11D2-8F1F-0000F87ABD16}
Loaded from: \REGISTRY\User\S-1-5-21-2800509490-1417818515-3399203189-1004\Software\Microsoft\Internet Explorer\UrlSearchHooks\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}
PX5: D9FE865200F9C218D0E616C0CC5CD600B040545A
MD5: d02aa0d4ac3739f1939faa878562e8d4
Determination: GOOD
C:\WINDOWS\System32\themeui.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}\StubPath %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{41E300E0-78B6-11ce-849B-444553540000} PlusPack CPL Extension
PX5: BAC50787005D6D22F49E05A57642CD002A91E075
MD5: 0f7bfe3ef3fc33fd598427c015bb8b5d
Determination: GOOD
C:\WINDOWS\System32\MSIMG32.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
PX5: CB413D4600B070AF127100D0C427CA00FD59EFF9
MD5: 51f309aa675b5b77d19c573b7e0bb253
Determination: GOOD
C:\WINDOWS\system32\ACTXPRXY.DLL
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 007947C1003133828EF901D865E09C00F6A66BF3
MD5: cac8ce72845461a8c6818071d923fc89
Determination: GOOD
C:\WINDOWS\System32\msutb.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\ctfmon.exe
PX5: 7A3AA486004261ECFC5902E8FBAFDA00B6B25BB1
MD5: fc6c38a1249d86fc62f72c8a5e3379db
Determination: GOOD
C:\WINDOWS\System32\MSCTF.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\WINDOWS\AGRSMMSG.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\Acer\Notebook Manager\almxptray.exe
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe
Loaded into: C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe
Loaded into: C:\Programmi\QuickTime\qttask.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
PX5: 64563C73008EB95E7EDD046B94EDCE00A3D588EB
MD5: 5d2f1beea828b4951f550bade794c1ef
Determination: GOOD
C:\Programmi\Windows Media Player\wmpband.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: D6A35AB700A52AFF8019011F047EFF00474E8C74
MD5: 57463d69ce0a5d65f07e5ebd37d08244
Determination: GOOD
C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 7.0\scrchpg.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
PX5: F6653C34080427F475AC029C8B4F20002457B1E9
MD5: e1a195577a9447a7a0b06ea3c056c286
Determination: GOOD
C:\WINDOWS\system32\LINKINFO.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 87EB2C9D005DD1A14E450046E4D6CC0014CFCDB6
MD5: b737a3da2c0a605ce2c7e118c59f38c7
Determination: GOOD
C:\WINDOWS\system32\ntshrui.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{40dd6e20-7c17-11ce-a804-00aa003ca9f6} Estensioni shell per la condivisione
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} Estensioni shell per la condivisione
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\Sharing\(default) {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\Sharing\(default) {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\PropertySheetHandlers\Sharing\(default) {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\PropertySheetHandlers\Sharing\(default) {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\Sharing\(default) {40dd6e20-7c17-11ce-a804-00aa003ca9f6}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\Sharing\(default) {40dd6e20-7c17-11ce-a804-00aa003ca9f6}
PX5: 5EB8DF8A0005A80F3870025CC8B2C100D6ECC82F
MD5: 64e0c77faf1a30547739580eb5f3aacf
Determination: GOOD
C:\WINDOWS\system32\urlmon.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
PX5: 8BAFF0430059E5826892091010F0900031B9343C
MD5: e77f5bf25ff365cc48a7171a451e1dbf
Determination: GOOD
C:\WINDOWS\System32\webcheck.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E6FB5E20-DE35-11CF-9C87-00AA005127ED} WebCheck
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE} Subscription Mgr
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F5175861-2688-11d0-9C5E-00AA00A45957} Cartella Subscription
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{08165EA0-E946-11CF-9C87-00AA005127ED} WebCheckWebCrawler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB} WebCheckChannelAgent
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7} TrayAgent
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7D559C10-9FE9-11d0-93F7-00AA0059CE02} Code Download Agent
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E6CC6978-6B6E-11D0-BECA-00C04FD940BE} ConnectionAgent
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D8BD2030-6FC9-11D0-864F-00AA006809D9} PostAgent
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB} WebCheck SyncMgr Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\WebCheck {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
PX5: 7A671D1200F332C4486E04DF4339C300F2AAD0B7
MD5: 9adae07a13e295a98f5ee7726354c28f
Determination: GOOD
C:\WINDOWS\System32\stobject.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\SysTray {35CEC8A3-2BE6-11D2-8773-92E220524153}
PX5: 54D80CDC00F43E2DDE26016C15CB850052548DBB
MD5: 6474c3d1c136c60291b8a5ee9ed1735b
Determination: GOOD
C:\WINDOWS\System32\BatMeter.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 73074F1200F9F02570C400FC5F48D3002E4325D8
MD5: 66db9d9ca443d7c8c9222bff72f61acf
Determination: GOOD
C:\WINDOWS\system32\SynTPFcs.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\Acer\Notebook Manager\almxptray.exe
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe
Loaded into: C:\Programmi\QuickTime\qttask.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
PX5: AB3287D4006E2CD8006601417C2AD10077129357
MD5: 920299374a2a17e40d161f52bbea34f8
Determination: GOOD
C:\WINDOWS\system32\fxsst.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 7AC7916600679DB596D7081F2F73E100C3154A16
MD5: 5e3d41a993fbff13824d44f16d11c904
Determination: GOOD
C:\WINDOWS\system32\FXSAPI.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 05DD648100DA639AE6AB061F6D6DC800EC7FD606
MD5: cef096127b2c4e3b7d778d4726e31100
Determination: GOOD
C:\WINDOWS\System32\drprov.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: BB8EDCE2008403A638800074FD083400905C26EC
MD5: 4f32c69e05ae35fc609218e94b0df5d9
Determination: GOOD
C:\WINDOWS\System32\ntlanman.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: FCEBCD7A009905FEAA4200960455950080D2A1BD
MD5: d72c81e7f4986beb202813fc743af8d7
Determination: GOOD
C:\WINDOWS\System32\NETUI0.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 074187360063FEE5400A014D6C2C430053ABE349
MD5: 9fe57c0551c88667b8fbde49bd399144
Determination: GOOD
C:\WINDOWS\System32\NETUI1.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: A4DAD8A200850E09C097034C744E770099F86FBA
MD5: a5ca0066df5a68d4a7403f2e32d620d8
Determination: GOOD
C:\WINDOWS\System32\NETRAP.dll
Loaded into: C:\WINDOWS\Explorer.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: B3940B1900334CEB30F300847BE9340024D302E6
MD5: e7fc69c00bebc04daef86071822b2b89
Determination: GOOD
C:\WINDOWS\System32\davclnt.dll
Loaded into: C:\WINDOWS\Explorer.EXE
PX5: 5E0DDE0C0099E131624800B42D603500DF9BC5AA
MD5: fa5791230a59dcc0f1bb0b0a193375a7
Determination: GOOD
C:\WINDOWS\system32\SPOOLSV.EXE
Loaded into: C:\WINDOWS\system32\SPOOLSV.EXE
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Spooler\ImagePath %SystemRoot%\system32\spoolsv.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Spooler\ImagePath C:\WINDOWS\system32\spoolsv.exe
PX5: 1DCDB07A00179F65E28700A02CD4BA00B29C7A8B
MD5: da81ec57acd4cdc3d4c51cf3d409af9f
Determination: GOOD
C:\WINDOWS\system32\SPOOLSS.DLL
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: EEC4C153008FC3AA248101F4B2E71800601A2E7A
MD5: dd90c59ef82d6cde5886b595ca8d8d8a
Determination: GOOD
C:\WINDOWS\system32\localspl.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 4416D740002AA3683E4E05C1EF102900643A9BD8
MD5: d5882abf5f3652acbf36c882ea4dc9a8
Determination: GOOD
C:\WINDOWS\system32\cnbjmon.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: ADFEA2D500C13C76C238009F710B75002AA8B844
MD5: a2660003f73982579ebfef1f6c2f6234
Determination: GOOD
C:\WINDOWS\system32\bthcrp.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 268DB4F6009F002150F60119D87C2C00EDD6A44F
MD5: e330d3937d31b2f5a0751155feb314b9
Determination: GOOD
C:\WINDOWS\system32\WidcommSdk.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 07FA131000154850102D076F7858CB005DBBF48C
MD5: 8ccc310c9b22371aad9d8e3aef0c8447
Determination: GOOD
C:\WINDOWS\system32\wbtapi.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 18D9F0DD3DA35CA1A02F05DA23AE50003CBFEAAA
MD5: a4d627e7b14e86bf12e056b41b692e2a
Determination: GOOD
C:\WINDOWS\system32\MFC42.DLL
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe
PX5: FD5A337B00529124B0D80F421E82790041341A00
MD5: 0ddd564836a87ea1c3232b48ff0e221c
Determination: GOOD
C:\WINDOWS\system32\MFC42LOC.DLL
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded into: C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe
PX5: 50EC1EAC0042F609E0B8000596D265006CAB3F5E
MD5: 4e03135c6b43689649293d6ca6c73dd0
Determination: GOOD
C:\WINDOWS\system32\EBPMON24.DLL
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 9D5EA9CB068BB4F4372201F7BDD3E10010B2AA26
MD5: 0414ac712b915d153bb3bbc0f7ba69c3
Determination: GOOD
C:\WINDOWS\system32\ZLhp1020.DLL
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded from: FILE
PX5: C1CB695E00D9FD03901B0104E5271D004EA56C9C
MD5: 953b419e9be71c5602a85cae732ace53
Determination: GOOD
C:\WINDOWS\system32\ZLM.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded from: FILE
PX5: 2F7422ED005C1DAD7004002DDDE82A00199F65DD
MD5: 65f8ea0d6858140beda30f42578ee37c
Determination: GOOD
C:\WINDOWS\system32\FXSMON.DLL
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 2A36441A00A304645CC8008CD2391B009EA75DB6
MD5: c39554fa1f946b6b5de9fd5fa0c8e50c
Determination: GOOD
C:\WINDOWS\system32\FXSEVENT.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 221853BF001F8E3EF0BE008AFE9E42001469090E
MD5: 1b9339bbfa8a366642a5f9f13fc0dddb
Determination: GOOD
C:\WINDOWS\system32\pjlmon.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 84CFC62400E584133C01005DDEFEF70074DE7C99
MD5: bbd335eeabda429e2a4a401ae977accc
Determination: GOOD
C:\WINDOWS\system32\tcpmon.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 4DB1307F00B38383B4DE0091A261F900D73B20B9
MD5: 1417745d9156eed7c8b871a3f8a8f56d
Determination: GOOD
C:\WINDOWS\system32\usbmon.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 355B55CF00434C1C429F0037D7A64900612AB6C2
MD5: 1ae1cda7f68b0a8603a3117ae5f00b03
Determination: GOOD
C:\WINDOWS\System32\spool\PRTPROCS\W32X86\IMFPrint.DLL
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: EECC6657001C098DC066004F58A2ED0037130D2B
MD5: bbce4deb3501b71e7eb1d8af3a35b975
Determination: GOOD
C:\WINDOWS\system32\Imf32.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded from: FILE
PX5: 6F696496003E704870D700AEE7D8C9006F4EE1FE
MD5: a0df3f3aa3dc40fe160aaefbb5187fd9
Determination: GOOD
C:\WINDOWS\system32\ZTAG32.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded from: FILE
PX5: 2ED38D1F009E6D0560D900570131CE009460C97D
MD5: 27b026cc7ee3b42745c3362603fbfc52
Determination: GOOD
C:\WINDOWS\system32\ZSPOOL.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
Loaded from: FILE
PX5: 09DFD1C700B880D350FB013D536E0400C28C836C
MD5: fae332da4762c6779a3845810405924f
Determination: GOOD
C:\WINDOWS\system32\win32spl.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 3EE5A7330005B84D903F019D6D465800D7DE2821
MD5: 660e56bc8c253b5b47dcc6560ccd62da
Determination: GOOD
C:\WINDOWS\system32\inetpp.dll
Loaded into: C:\WINDOWS\system32\spoolsv.exe
PX5: 84746D7B00F17DE826600104529E590058DFB441
MD5: be4ff5fbbc55dc3c2445377c50497f1f
Determination: GOOD
C:\WINDOWS\system32\SCARDSVR.EXE
Loaded into: C:\WINDOWS\system32\SCARDSVR.EXE
Loaded into: C:\WINDOWS\System32\SCardSvr.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SCardSvr\ImagePath %SystemRoot%\System32\SCardSvr.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\SCardSvr\ImagePath C:\WINDOWS\System32\SCardSvr.exe
PX5: FFC6D19800BAA7847E46014ECC3CD200949D4E12
MD5: 74b1e7fcfca9a3a23871aa014144013e
Determination: GOOD
C:\Programmi\a-squared Free\a2service.exe
Loaded into: C:\Programmi\a-squared Free\a2service.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\a2free\ImagePath "C:\Programmi\a-squared Free\a2service.exe"
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\a2free\ImagePath C:\Programmi\a-squared Free\a2service.exe
PX5: 8D51B84F786C9CF4506D038859E64000E6E7DAA7
MD5: c0c09160883a964b1b6e6cf32643a394
Determination: GOOD
C:\WINDOWS\system32\ATI2EVXX.EXE
Loaded into: C:\WINDOWS\system32\ATI2EVXX.EXE
Loaded into: C:\WINDOWS\System32\Ati2evxx.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Ati HotKey Poller\ImagePath %SystemRoot%\System32\Ati2evxx.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Ati HotKey Poller\ImagePath C:\WINDOWS\System32\Ati2evxx.exe
PX5: 658106030048353950D1027BA43D4500EDF40CE4
MD5: 1e39315954949a2a31fa45c08be85499
Determination: GOOD
C:\Programmi\Bonjour\mDNSResponder.exe
Loaded into: C:\Programmi\Bonjour\mDNSResponder.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Bonjour Service\ImagePath C:\Programmi\Bonjour\mDNSResponder.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Bonjour Service\ImagePath C:\Programmi\Bonjour\mDNSResponder.exe
PX5: 2CBE3E9F00938A9E8020038544862100384CBF16
MD5: 73686fe0b2e0469f89fd2075be724704
Determination: GOOD
C:\WINDOWS\system32\MDM.EXE
Loaded into: C:\WINDOWS\system32\MDM.EXE
PX5: EC00216A28161B61E57F01AE560BF600ED021561
MD5: 871d3099bb90947a492e4d025aa28de3
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
Loaded into: C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MDM\ImagePath "C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe"
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\MDM\ImagePath C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
PX5: B3CE76BC00D9D087203B0483D1FD6A0037DBA639
MD5: f074c8e60e1466af60af73778ad806b3
Determination: GOOD
C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MSSQLSERVER\ImagePath C:\PROGRA~1\MICROS~4\MSSQL\binn\sqlservr.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\MSSQLSERVER\ImagePath C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
PX5: C0F105DC3D28971090ED714D1AE7AE0013042555
Determination: GOOD
C:\Programmi\Microsoft SQL Server\MSSQL\Binn\opends60.dll
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
PX5: 2A6B3AB63FAC128B6094001FDF69A7001607AA01
MD5: 56e64ae6c5d1fa5d14fd26d321ece53d
Determination: GOOD
C:\Programmi\Microsoft SQL Server\MSSQL\Binn\ums.dll
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
PX5: E274C79F3AF20271C0B4000711AFEC00CFF60DF4
MD5: 9856773389ba3102eea078b9888e9c94
Determination: GOOD
C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlsort.dll
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
PX5: 9842BF113D36891700F709640020240072EAC32C
MD5: 6d40cfc7ce48210888c425096563d17f
Determination: GOOD
C:\WINDOWS\system32\MSVCIRT.DLL
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
PX5: 0569EF3300FB5FE6D67200D1EA2F510048C0E880
MD5: fdbb677bf0749dc9f544d34948d232fc
Determination: GOOD
C:\WINDOWS\AppPatch\AcSpecfc.DLL
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
PX5: 11CA569E00AAA104BCF503218EF51600DBE9941D
MD5: 3c99faee77ab7df1a2ea062e6ab4165d
Determination: GOOD
C:\WINDOWS\system32\DDRAW.dll
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
PX5: 4E606A3E004BFD1E107104ECA94E4700B2873B8F
MD5: 613e66ace3fae6523e6f1a0183af7f2d
Determination: GOOD
C:\WINDOWS\system32\DCIMAN32.dll
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
PX5: 256E9CF3007B0060223C00722D6B1100E50006BD
MD5: b4135161fbdf6bf676bbfa8eb79cade8
Determination: GOOD
C:\WINDOWS\system32\IMM32.dll
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
PX5: CDBF4DDD001A7574AE3A01510D252400AF18CE5E
MD5: ca38a6091ecac2668ec99afd4b6c0615
Determination: GOOD
C:\Programmi\Microsoft SQL Server\MSSQL\Binn\Resources\1040\sqlevn70.RLL
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
PX5: 4CC5891000338A2580320051D2D8BA008E80A05B
MD5: 2485e79a7fbeac0e9d88a59f40e40b92
Determination: GOOD
C:\WINDOWS\system32\XOLEHLP.DLL
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
PX5: 69A18FF9000F44C52EF8007B76DA6800F58C4582
MD5: c82e24f3992fdd0b26ebdd24363c52f7
Determination: GOOD
C:\WINDOWS\system32\MSDTCPRX.dll
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
PX5: 8903317900B15EA3829E06F3100272007781753A
MD5: 2b7d3daacf1247630b0386dcf7145fe9
Determination: GOOD
C:\Programmi\Microsoft SQL Server\MSSQL\Binn\SSnetlib.dll
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
PX5: 8DEE31073E19195F505601D68F1A7300D9B57937
MD5: cdb90206e04f093949fee2f0fb43e306
Determination: GOOD
C:\Programmi\Microsoft SQL Server\MSSQL\Binn\ssnmpn70.dll
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
PX5: EFC1F5393ECCA885605B0078DD8B0C00BEAA3580
MD5: 6eeaf08f005be4af12c8da84c9608b59
Determination: GOOD
C:\WINDOWS\system32\security.dll
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
PX5: 6E962CC0006BCF2D162C007F8D738E00DB8BC691
MD5: 71eccdfaed35071ecb63430732e4276f
Determination: GOOD
C:\Programmi\Microsoft SQL Server\MSSQL\Binn\ssmslpcn.dll
Loaded into: C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
PX5: 73B04AC53E5CA64670DF008B6DFB28000ABB1092
MD5: fc013f19c4380302ec0e56e3fe7b53c7
Determination: GOOD
C:\Programmi\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
Loaded into: C:\Programmi\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MySQL\ImagePath "C:\Programmi\MySQL\MySQL Server 5.0\bin\mysqld-nt" --defaults-file="C:\Programmi\MySQL\MySQL Server 5.0\my.ini" MySQL
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\MySQL\ImagePath C:\Programmi\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
PX5: 422721F5006D70DB702F57ABB6733600DAC63683
Determination: GOOD
C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Loaded into: C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\StarWindService\ImagePath C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\StarWindService\ImagePath C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
PX5: 5EF4A3AA00041341524F03D784C72100E865DC72
MD5: ab2b9349ada4ac5ec74b622b8303fe23
Determination: GOOD
C:\WINDOWS\System32\Wbem\wmiprvse.exe
Loaded into: C:\WINDOWS\System32\Wbem\wmiprvse.exe
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
PX5: E8727A81009B6F67547D03755F885300B29A27AB
MD5: c6a8e291e783acbcdef2742776e4fc39
Determination: GOOD
C:\WINDOWS\System32\wbem\cimwin32.dll
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
PX5: 517C956500EBC173A45D14722CBE3100ACD79F1A
MD5: 5e64ba8ee777713c590912639f32a02a
Determination: GOOD
C:\WINDOWS\System32\wbem\framedyn.dll
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
PX5: 277AC8E500749021D640021DA8B978008E053355
MD5: 95f398a46a0c449f220d5b6ce5897905
Determination: GOOD
C:\WINDOWS\system32\CFGMGR32.DLL
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
PX5: 74C69D7C00EDC85142F6003C4DC9A1006D7B8195
MD5: 15797c5aa673590064348a025a5f17d9
Determination: GOOD
C:\WINDOWS\System32\wbem\wmipcima.dll
Loaded into: C:\WINDOWS\System32\wbem\wmiprvse.exe
PX5: 4AF7FFCE00C89B0E64D7028069068E00BF601C3E
MD5: 86ca0cfe686c249b3ab0562d8c43f37c
Determination: GOOD
C:\WINDOWS\system32\alg.exe
Loaded into: C:\WINDOWS\system32\alg.exe
Loaded into: C:\WINDOWS\System32\alg.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ALG\ImagePath %SystemRoot%\System32\alg.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ALG\ImagePath C:\WINDOWS\System32\alg.exe
PX5: A1E5D90F00A84BB2AEC200E087F3A200AB0BF90E
MD5: d4a42bf3c11302aa3ccd857034ef1e54
Determination: GOOD
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\ATIPTA C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
PX5: 88DFA63800909ABBD07F0473074BB1008C5F12F1
MD5: b320608941ef15d28c2785f3977129f7
Determination: GOOD
C:\PROGRAMMI\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATRPUIXX.ITA
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
PX5: 692D891A00770884B07F01DBF4647F00C668B7E4
MD5: f4d0957c977a351c0827db32833d0217
Determination: GOOD
C:\Programmi\ATI Technologies\ATI Control Panel\atipdsxx.dll
Loaded into: C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
PX5: 865B78B14A9B9E8470B603543603660068A375BA
MD5: 9f04c408e39b5a378b74d30eb16c968b
Determination: GOOD
C:\WINDOWS\AGRSMMSG.exe
Loaded into: C:\WINDOWS\AGRSMMSG.exe
Loaded into: C:\WINDOWS\AGRSMMSG.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\AGRSMMSG AGRSMMSG.exe
PX5: 365DA92EC750A26B564D01B1EC848500E0EEF822
MD5: d4977e5b6b3bf4daa1f35d6ee44da80f
Determination: GOOD
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\SynTPLpr C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
PX5: E7FD0A8800E369EAF0DC015BD06510003BD1C9F2
MD5: ed9a9d89a8844d3ee74b6ccc4f361013
Determination: GOOD
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\SynTPEnh C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
PX5: 1F771F9A00D3385C90030819AA0A6000B91E5511
MD5: 2529850066879ec192eaebb2e297137c
Determination: GOOD
C:\WINDOWS\system32\SynTPAPI.dll
Loaded into: C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
PX5: 72409AC200569577B07201928BE0BA00319F92F4
MD5: 50d837798f64e99bbfadb29fdf595d78
Determination: GOOD
C:\Programmi\Acer\Notebook Manager\almxptray.exe
Loaded into: C:\Programmi\Acer\Notebook Manager\almxptray.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\AcerNotebookManager C:\Programmi\Acer\Notebook Manager\almxptray.exe
PX5: 2EE83B43004F2CC7B4CC07EB2293AF002AE63215
MD5: 634fec958af7145764548757e5f99089
Determination: GOOD
C:\WINDOWS\System32\hhctrl.ocx
Loaded into: C:\Programmi\Acer\Notebook Manager\almxptray.exe
PX5: D3B0A24B002675A156C508DBC9824800F99F525D
MD5: 13efcc088ed364a8d3410ff495b8f4d7
Determination: GOOD
C:\WINDOWS\System32\mui\0010\hhctrlui.dll
Loaded into: C:\Programmi\Acer\Notebook Manager\almxptray.exe
PX5: BA28999700DF7F81607B01C7951F4A005B77C7B8
MD5: 126a1b4a38bdeeb1cdf0e06e5a547669
Determination: GOOD
C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded into: C:\WINDOWS\SOUNDMAN.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\SoundMan SOUNDMAN.EXE
PX5: B3FAE17000D676D1D05C00501C8001003C7FF910
MD5: 7f3fe65039f44789982c092e6679b2c0
Determination: GOOD
C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\LManager C:\Programmi\Launch Manager\QtZgAcer.EXE
PX5: 7EDFB13A00836AB1A0ED045F0B7C45000972B057
MD5: 2db1266e0899856fe15cf84f8322252c
Determination: GOOD
C:\Programmi\Launch Manager\CDRomUtl.dll
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
PX5: 3FC73E5B003A0F2DC08F00FB16B82C00DD8D961C
MD5: 7fa2392ab2ba674800ccdb0b18b64bb8
Determination: GOOD
C:\Programmi\Launch Manager\ComFnUtl.dll
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
PX5: EFB41C5C00EDF765D03A0081BA8D6C0026D378FF
MD5: 50bd1abeb6f17ee70b2b630f400cd155
Determination: GOOD
C:\Programmi\Launch Manager\LgKCUtl.dll
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
PX5: 7BCF0EA6001FB6C72020018BF2E03A008FB1DB7F
MD5: d717e8730a066862aeec825ea98c4ecf
Determination: GOOD
C:\Programmi\Launch Manager\MixerUtl.dll
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
PX5: 46C6408B00AEADF5F009007B152A6E004A06F010
MD5: 8e3122a02c3981a9681c814e2ae102f1
Determination: GOOD
C:\Programmi\Launch Manager\OSDUtl.dll
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
PX5: FEAAB92600A50E1D80A5018A17C390006B445CF0
MD5: 459bfc011435665436edf936c80a6f3e
Determination: GOOD
C:\Programmi\Launch Manager\RgnMaker.dll
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
PX5: D861902B002E4647C0E90056E305C000B65D72DB
MD5: 5a1822b18fee8807eb7eb33ba8cf9b0f
Determination: GOOD
C:\Programmi\Launch Manager\SzUPFUtl.dll
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
PX5: 5254BBCB00572695F00500ABD6B4F90074751325
MD5: 35eafa4f987a2b05f110c54173836066
Determination: GOOD
C:\Programmi\Launch Manager\Wnd2File.dll
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
PX5: B66552F500EEF86AD0CF002F9FAD470043A8C1EB
MD5: c9a8f1d76f468eb1c6e05949f5485b0d
Determination: GOOD
C:\Programmi\Launch Manager\PowerUtl.dll
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
PX5: 0F4C3D8900FDED92E003006F7A41930081B8244A
MD5: 99cd21b43de4edc46912a54383afed0f
Determination: GOOD
C:\Programmi\Launch Manager\DialCnt.Dll
Loaded into: C:\Programmi\Launch Manager\QtZgAcer.EXE
PX5: DAC6EAA80034AB90D0EA00EA76F8580046C97540
MD5: 83d14f5fdb2366e93364a22dfe3e8c37
Determination: GOOD
C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe
Loaded into: C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\AcerWirelessManager C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe -hide
PX5: 361B5CCE0013B8FC805F04B38BADE8000CDC910A
MD5: dc0feee1c868526307dfa092b5f8082e
Determination: GOOD
C:\WINDOWS\system32\AW32N50.dll
Loaded into: C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe
PX5: 2593349A00B301CE20B3013ACFB658000CCB9FF7
MD5: ba317f683fc553ce9b2cf867d3dc55fa
Determination: GOOD
C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded into: C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\SunJavaUpdateSched "C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe"
PX5: 658E1F1B905B4E3D05360276C335CD0058FB5A32
MD5: d4f0f7437327dbaa264338baafb5e5af
Determination: GOOD
C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe
Loaded into: C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\Adobe Reader Speed Launcher "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
PX5: 7034BACB703B560C9BC900BFAF1E1000A084BCE4
MD5: e28d00ec675f5f5a5a0555e7a4523a6e
Determination: GOOD
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll
Loaded into: C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe
PX5: 1CD79A6B00ACCCBD60660869F17C0900CE4B6B7D
MD5: 4c8a880eabc0b4d462cc4b2472116ea1
Determination: GOOD
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll
Loaded into: C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe
PX5: 9A45456900EE9D7990C909755A3A5C00A6DAF154
MD5: e4fece18310e23b1d8fee993e35e7a6f
Determination: GOOD
C:\Programmi\QuickTime\qttask.exe
Loaded into: C:\Programmi\QuickTime\qttask.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\QuickTime Task "C:\Programmi\QuickTime\qttask.exe" -atboottime
PX5: 1AF7F7C2006B2F36503E04D74D4281009A3AA993
MD5: 7fbe43046efdf24fc9375024e4d02ac9
Determination: GOOD
C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\PCSuiteTrayApplication C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
Loaded from: FILE
PX5: 3D493C020052CA0A801303A1A1D7AB002EEBE9DA
MD5: b22c27a51705c6d2b8176e90cf36208f
Determination: GOOD
C:\WINDOWS\system32\ConnAPI.DLL
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
PX5: B5CC0ABC00BC8A78B4800385EF350C001AD34C2D
MD5: 258154ed7dda83e2f201ef7103142e5e
Determination: GOOD
C:\WINDOWS\system32\MSVCP71.dll
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
PX5: F133D4F000B92F08A0E107FD67B66E0015498C05
MD5: 561fa2abb31dfa8fab762145f81667c2
Determination: GOOD
C:\WINDOWS\system32\MSVCR71.dll
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
PX5: 3FEE1145002F2EB8504E05ED76DA9100776D97E7
MD5: 86f1895ae8c5e8b17d99ece768a70732
Determination: GOOD
C:\Programmi\Nokia\Nokia PC Suite 6\PCSCM.dll
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
PX5: CC090D7D008EAFC4808708E2CC100B00C6F992A2
MD5: 6550787d16122f4989cfe1987a23543b
Determination: GOOD
C:\WINDOWS\system32\OLEPRO32.DLL
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
PX5: 4451C5BD00B67BC2466601954AF9C000130A3600
MD5: cb6b225cc6c85cda0430ef12441ea5b6
Determination: GOOD
C:\Programmi\File comuni\PCSuite\ConfServer\ConfServer.dll
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
PX5: 153D8DCE00A2BFDA2EF601D8722DB40073356E9F
MD5: 8c6cf4de0cb86e552252bf29f5d0ff50
Determination: GOOD
C:\WINDOWS\system32\ATL71.DLL
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
PX5: E909302D009C54105C6B0151449A85009FE0FD3B
MD5: 8f2097e8b174f38178570c611464935f
Determination: GOOD
C:\Programmi\Nokia\Nokia PC Suite 6\Lang\LaunchApplication_ita.NLR
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
PX5: 0D10A91F004F054D264B00DF779DC7007BE867EF
MD5: 80541759ce92cc99ea15c82b6fc063cc
Determination: GOOD
C:\WINDOWS\system32\sensapi.dll
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
PX5: 945479A500423FB71A9A004C020A3B0024ABF6B3
MD5: 344e594bb748d4f828211a7c9cea0829
Determination: GOOD
C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded into: C:\WINDOWS\system32\ctfmon.exe
Loaded from: \REGISTRY\User\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\CTFMON.EXE C:\WINDOWS\System32\CTFMON.EXE
Loaded from: \REGISTRY\User\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\CTFMON.EXE C:\WINDOWS\System32\CTFMON.EXE
Loaded from: \REGISTRY\User\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\CTFMON.EXE C:\WINDOWS\System32\CTFMON.EXE
Loaded from: \REGISTRY\User\S-1-5-21-2800509490-1417818515-3399203189-1004\Software\Microsoft\Windows\CurrentVersion\Run\CTFMON.EXE C:\WINDOWS\system32\ctfmon.exe
Loaded from: \REGISTRY\User\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\CTFMON.EXE C:\WINDOWS\System32\CTFMON.EXE
PX5: 7BE460C100E5509F3C0D00F14B5A510097B91217
MD5: 5b33b4265966ee063c7fbea28958d9c2
Determination: GOOD
C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded from: \REGISTRY\User\S-1-5-21-2800509490-1417818515-3399203189-1004\Software\Microsoft\Windows\CurrentVersion\Run\PcSync C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
PX5: 1D2F6FCD00D2F1B62096167147DB1F00A517BD71
MD5: 64d9a783c0ee2b7c1069722e69f62a29
Determination: GOOD
C:\WINDOWS\system32\MFC71U.DLL
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
PX5: 037598C700D68B82FC2F0F8DECC9D10082E94C28
MD5: 7b93c623333f121dc9e689ccb1b7a733
Determination: GOOD
C:\WINDOWS\system32\MFC71ITA.DLL
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
PX5: 8C47BF9900C00236F0DE00B45623C60074094F00
MD5: ba14d19b7c983c5863601d95ea473fd2
Determination: GOOD
C:\Programmi\Nokia\Nokia PC Suite 6\PCSL.dll
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
PX5: 15C01CA9008113901031003B3C2E0700B79BCD14
MD5: b67102a8c8cdf5268275e644b246af1d
Determination: GOOD
C:\PROGRAMMI\NOKIA\NOKIA PC SUITE 6\Lang\PcSync2_ita.nlr
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
PX5: A2D280990037A89B5C2001CA8D9F4F0078B63FB2
MD5: 97f13907bf44c2c877416859e2cdcbec
Determination: GOOD
C:\PROGRAMMI\NOKIA\NOKIA PC SUITE 6\Resource\PcSync2_Nokia.ngr
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
PX5: 8F497D33005F5D10965A0B425F53AD00E9A70613
MD5: 3c2094dcc6fd978a251792393a2f0871
Determination: GOOD
C:\Programmi\File comuni\Nokia\Adapters\NclSet.dll
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
PX5: 3B079F38006D95F71EBB0473224EBB00644DCE4A
MD5: bdf5b15d4530c5ab0130ef8303e94a48
Determination: GOOD
C:\Programmi\File comuni\Nokia\Adapters\Nclaeo.dsc
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
PX5: 1DF4BD3200E5D02B50BA007FED946800F4B79E4C
MD5: 12b95f15b418e60e8b2fc649836d631d
Determination: GOOD
C:\Programmi\File comuni\Nokia\MPAPI\MPAPIps.dll
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
PX5: 226B2B9F008CD242BCFF007D9700E9006443EABB
MD5: 4ab46520573849b58d817bbebe0f6230
Determination: GOOD
C:\Programmi\Nokia\Nokia PC Suite 6\CommonSelectDevice.dll
Loaded into: C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
PX5: 1F4DBECA00864081A0F80121EC9C600070341ED0
MD5: ce833fe72fdae2673918052a71f7756a
Determination: GOOD
C:\Programmi\Skype\Phone\Skype.exe
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
Loaded from: \REGISTRY\User\S-1-5-21-2800509490-1417818515-3399203189-1004\Software\Microsoft\Windows\CurrentVersion\Run\Skype "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
PX5: DF30544F2845E5021F785D307FB36301E3FDAFD0
Determination: GOOD
C:\WINDOWS\system32\oleacc.dll
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
PX5: 81D38A4800E8D21B7EF202F4F2585B00DE902D48
MD5: 15a45dca16f54ac02443b4e5cc5b1088
Determination: GOOD
C:\WINDOWS\system32\DSOUND.dll
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
PX5: E5087FD800F9DAEF9CF20543474A2400CFECBDBE
MD5: e99a5df2a937580361d6c698e4620dba
Determination: GOOD
C:\WINDOWS\system32\dxdiagn.dll
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
PX5: 571100E40071423640C920656B8C1D0068BDEC48
MD5: 049f6612f7175d085fb699e1fe3c84c3
Determination: GOOD
C:\WINDOWS\System32\devenum.dll
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
PX5: 3F29E6CB00309A3EEA63004DF7AE9F0064C7387B
MD5: c388daf6a91be8e8615dd067bc0f3928
Determination: GOOD
C:\WINDOWS\system32\msdmo.dll
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
PX5: E066A32000D3A76538FB009324A8C000E1C6DEBF
MD5: 99a0107bacb5242f42060a06e3d796de
Determination: GOOD
C:\WINDOWS\system32\KsUser.dll
Loaded into: C:\Programmi\Skype\Phone\Skype.exe
PX5: AAD6D56F00EC2271104D0037883D3E00B79BCD14
MD5: fbbb356a996903ffb831bf72fd2a3e85
Determination: GOOD
C:\Programmi\Microsoft SQL Server\80\Tools\BINN\sqlmangr.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\BINN\sqlmangr.exe
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Loaded from: FILE
PX5: BF37B8FB00E30F02101B01280D263C00CE5A7050
MD5: 978294640062c57482bf2b65a342c266
Determination: GOOD
C:\Programmi\Microsoft SQL Server\80\Tools\Binn\W95SCM.dll
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
PX5: 755721F340B7B37DC07B009B35BFD3001ABE1A9B
MD5: ec84617fa66214996e6fa8c4e8edfc06
Determination: GOOD
C:\WINDOWS\system32\SQLUNIRL.dll
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
PX5: 909E156C40E69696C23902A9B0105C00A1A4E611
MD5: 5478216ee5cee654a03d058f016f1645
Determination: GOOD
C:\Programmi\Microsoft SQL Server\80\Tools\Binn\SQLSVC.dll
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
PX5: A7C46D3240419BBC70C401DC716249006E392FE9
MD5: cd763dfb4c89fd1f1b78ba7aa16df2de
Determination: GOOD
C:\WINDOWS\system32\odbcbcp.dll
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
PX5: 032593F2006840EC60920035AE24B90007BE0D15
MD5: a31c139e4ffed95f4476958ad39cde25
Determination: GOOD
C:\Programmi\Microsoft SQL Server\80\Tools\Binn\SQLRESLD.dll
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
PX5: 379F0FCE42D39A01709E002DDDE82A005DFB38E7
MD5: c8c513646cde522e8b4e6726eb3c64b6
Determination: GOOD
C:\Programmi\Microsoft SQL Server\80\Tools\Binn\Resources\1040\SQLSVC.RLL
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
PX5: C344A84B00221560603E002DDDE82A000CB019C1
MD5: 196e4c85cba39af81a0d71ad72743b80
Determination: GOOD
C:\Programmi\Microsoft SQL Server\80\Tools\Binn\Resources\1040\sqlmangr.RLL
Loaded into: C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
PX5: 21CE1286002D0F8080CF012DDDE82A0009524579
MD5: 6812488d8d3af49a5c15702383f69787
Determination: GOOD
C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ServiceLayer\ImagePath "C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe"
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ServiceLayer\ImagePath C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
PX5: 6F6A44160092B67AA8A5027CB0BF1500B6D5FD05
MD5: 4c0a4fefd62519552c0e5171f418c4bc
Determination: GOOD
C:\WINDOWS\system32\NclTools.dll
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
PX5: 2BF9D46100E5CD2BF0000090D1A4170058515F5E
MD5: 85f64d998d432707f949748b5aa75795
Determination: GOOD
C:\Programmi\File comuni\PCSuite\Services\NclDS.dll
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
PX5: 03FEE320008B46999815006C4DB29800F205292D
MD5: b0f606dd0ccf663b3dc66b7b6d992839
Determination: GOOD
C:\Programmi\File comuni\PCSuite\Transports\NCLIrDAMM.dll
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
PX5: 7E7519400022AFA1C621007C628A4600D5C209E0
MD5: c4e6f34259be5bef933d0583014132a7
Determination: GOOD
C:\Programmi\File comuni\PCSuite\Transports\NCLRSMM.dll
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
PX5: 9D137B0E00FC163F2E4F01339E8A3B005B4190FD
MD5: 7fecaafe21d543943c4412d98349e3ff
Determination: GOOD
C:\Programmi\File comuni\PCSuite\Transports\NCLUSBMM.dll
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
PX5: 01F6465000163371584E0106AF926E00584934AC
MD5: 434527a7118624e865ef286e514c074b
Determination: GOOD
C:\Programmi\File comuni\PCSuite\Transports\NclMSBTMM.dll
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
PX5: 2097B93E00EC050738CE011B78F57100533DBEA3
MD5: 9288687d340a2f77950d4f1fa9ec2ac4
Determination: GOOD
C:\WINDOWS\system32\irprops.cpl
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
PX5: B3FDBBC000F00ECED0E005FC4352BD00BF2165ED
MD5: 135f69cec2aec786f71018556cb1e5d9
Determination: GOOD
C:\WINDOWS\system32\DEVMGR.DLL
Loaded into: C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
PX5: 84F115890007412460510425191D2C001D7E9432
MD5: cf351b3ae423093e160d4db2ec69c656
Determination: GOOD
C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
Loaded into: C:\Programmi\File comuni\Nokia\MPAPI\MPAPI3s.exe
PX5: 593E04B000647B1632F80724511257003B034C3F
MD5: ba18073891bb866ed51d25cc6b62a96d
Determination: GOOD
C:\WINDOWS\system32\wuauclt.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
Loaded into: C:\WINDOWS\system32\wuauclt.exe
PX5: 8FEE32AE58BBA23ACF080068F5F6DC003A478EA6
MD5: f3e9065eb617a7e3a832a7976bfa021b
Determination: GOOD
C:\Programmi\Skype\Plugin Manager\skypePM.exe
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
PX5: C35AADDBC85BC73723C31F5DAB006000273EF5CF
MD5: 942a6d257dbda957c4b19169b3bbbc7d
Determination: GOOD
C:\Programmi\Skype\Plugin Manager\ezPMUtils.dll
Loaded into: C:\Programmi\Skype\Plugin Manager\skypePM.exe
PX5: D81AB210C8A15AEF2DE8214FFB0F750069B53F47
MD5: a4a9278626397492bb641d15498167fb
Determination: GOOD
C:\Analisi_Virus\Vundo\PREVXCSI1104.EXE
Loaded into: C:\Analisi_Virus\Vundo\PREVXCSI1104.EXE
PX5: 16B0EC6B381658854C7F09D9BB590A008F16482F
MD5: ddd664697e37930fab88a88325b52e0d
Determination: GOOD
C:\WINDOWS\Alaunch.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\LaunchApp Alaunch
PX5: 9D9AC42939F1803D407B062E015BD30057160679
MD5: a8e4290682042790fa7f9e071ec2f0e4
Determination: GOOD
C:\WINDOWS\system32\Ati2mdxx.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\ATIModeChange Ati2mdxx.exe
PX5: 845650C000904F7370E70028AFB850006F8320D7
MD5: fae95d6d7651b5629c4e19adbc9a3863
Determination: GOOD
C:\WINDOWS\system32\NeroCheck.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\NeroCheck C:\WINDOWS\system32\NeroCheck.exe
PX5: 0A1755890076B4FC600C028A81C92900BA5A263E
MD5: 3e4c03cefad8de135263236b61a49c90
Determination: GOOD
C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Run\AVP "C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\AVP\ImagePath "C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\AVP\ImagePath C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
PX5: 775453430872963C55A903ABF13A38004D4C6208
MD5: 38ba040617859c0610ddc6fef9016703
Determination: GOOD
C:\Programmi\MSN Messenger\msnmsgr.exe
Loaded from: \REGISTRY\User\S-1-5-21-2800509490-1417818515-3399203189-1004\Software\Microsoft\Windows\CurrentVersion\Run\msnmsgr "C:\Programmi\MSN Messenger\msnmsgr.exe" /background
PX5: 59E438AB70B0D00595F1567CB8966B00A1C6CF9F
Determination: GOOD
C:\WINDOWS\system32\drivers\acernbm.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\acernbm\ImagePath \SystemRoot\system32\drivers\acernbm.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\acernbm\ImagePath C:\WINDOWS\system32\drivers\acernbm.sys
Loaded from: FILE
PX5: B07C844E8AB496AB19FF00F01D0CF5009E14244F
MD5: 1f056a9dc1e5941b064907a1869ee230
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\ACPI.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ACPI\ImagePath System32\DRIVERS\ACPI.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ACPI\ImagePath C:\WINDOWS\System32\DRIVERS\ACPI.sys
Loaded from: FILE
PX5: 6EB7D724001F4D96E0A8029EF0BB700070C5BA93
MD5: ad825cb3397c837d1fb91d566d78de04
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\ACPIEC.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ACPIEC\ImagePath System32\DRIVERS\ACPIEC.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ACPIEC\ImagePath C:\WINDOWS\System32\DRIVERS\ACPIEC.sys
Loaded from: FILE
PX5: F21BE3DC800E8A0A2F3C009238A73C008905B399
MD5: 49ac5cd87fbdda62f3e25190019e7627
Determination: GOOD
C:\WINDOWS\system32\drivers\aec.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\aec\ImagePath system32\drivers\aec.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\aec\ImagePath C:\WINDOWS\system32\drivers\aec.sys
Loaded from: FILE
PX5: E884BE24808C5EEB2C92028B464629005484ED65
MD5: 1ee7b434ba961ef845de136224c30fec
Determination: GOOD
C:\WINDOWS\System32\drivers\afd.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\AFD\ImagePath \SystemRoot\System32\drivers\afd.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\AFD\ImagePath C:\WINDOWS\System32\drivers\afd.sys
Loaded from: FILE
PX5: EE224F5C0089E9241DEF0273688B740025971F4C
MD5: 5ac495f4cb807b2b98ad2ad591e6d92e
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\AGRSM.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\AgereSoftModem\ImagePath System32\DRIVERS\AGRSM.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\AgereSoftModem\ImagePath C:\WINDOWS\System32\DRIVERS\AGRSM.sys
Loaded from: FILE
PX5: 39BD61F540D05C69A6A41184BF6ABF002A0CFE66
MD5: ed5c8b22de2021339a7c7fccfe5c5d7e
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\agp440.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\agp440\ImagePath System32\DRIVERS\agp440.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\agp440\ImagePath C:\WINDOWS\System32\DRIVERS\agp440.sys
Loaded from: FILE
PX5: 92796BB0806349F8A56F00F55D76CD00994ACF2C
MD5: 2c428fa0c3e3a01ed93c9b2a27d8d4bb
Determination: GOOD
C:\WINDOWS\system32\drivers\ALCXWDM.SYS
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ALCXWDM\ImagePath system32\drivers\ALCXWDM.SYS
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ALCXWDM\ImagePath C:\WINDOWS\system32\drivers\ALCXWDM.SYS
Loaded from: FILE
PX5: FA55430DCC405CEAF8EA0A9946DDA200C5B21DB7
MD5: 49899bb0ccc162fe6e2368ee93992950
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\arp1394.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Arp1394\ImagePath System32\DRIVERS\arp1394.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Arp1394\ImagePath C:\WINDOWS\System32\DRIVERS\arp1394.sys
Loaded from: FILE
PX5: E79B803D809043E9ED9C00655C5EAE00E1E46E49
MD5: f0d692b0bffb46e30eb3cea168bbc49f
Determination: GOOD
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\aspnet_state\ImagePath %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\aspnet_state\ImagePath C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
PX5: 7F033FBD0086836880D600F3302B2B008E0D8DE2
MD5: e1a1206a4fb19b675e947b29ccd25fba
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\asyncmac.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\AsyncMac\ImagePath System32\DRIVERS\asyncmac.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\AsyncMac\ImagePath C:\WINDOWS\System32\DRIVERS\asyncmac.sys
Loaded from: FILE
PX5: 8BD45D2B002F3B40389D007E91CC59004B62F8E9
MD5: 02000abf34af4c218c35d257024807d6
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\atapi.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\atapi\ImagePath System32\DRIVERS\atapi.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\atapi\ImagePath C:\WINDOWS\System32\DRIVERS\atapi.sys
Loaded from: FILE
PX5: 9D6081B280209DE174C2011395153C00E47C5A8D
MD5: cdfe4411a69c224bd1d11b2da92dac51
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\ati2mtag.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ati2mtag\ImagePath System32\DRIVERS\ati2mtag.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ati2mtag\ImagePath C:\WINDOWS\System32\DRIVERS\ati2mtag.sys
Loaded from: FILE
PX5: 46AF7ECF80308B48B2A708ADB0759800D96E9BA7
MD5: 6361d85faf2442bbee2c25ada6cb8512
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\atmarpc.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Atmarpc\ImagePath System32\DRIVERS\atmarpc.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Atmarpc\ImagePath C:\WINDOWS\System32\DRIVERS\atmarpc.sys
Loaded from: FILE
PX5: C41A09F600246E0AEA81009B2DE4BF0073057136
MD5: ec88da854ab7d7752ec8be11a741bb7f
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\audstub.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\audstub\ImagePath System32\DRIVERS\audstub.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\audstub\ImagePath C:\WINDOWS\System32\DRIVERS\audstub.sys
Loaded from: FILE
PX5: C910D030000E35B30CDC00441BDEF300B79BCD14
MD5: d9f724aa26c010a217c97606b160ed68
Determination: GOOD
C:\WINDOWS\system32\AWINDIS5.SYS
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\AWINDIS5\ImagePath \??\C:\WINDOWS\system32\AWINDIS5.SYS
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\AWINDIS5\ImagePath C:\WINDOWS\system32\AWINDIS5.SYS
Loaded from: FILE
PX5: 1E1D1FBD42B7EE373FFE00BEB1035E00D0EBB45C
MD5: f62b70d3209e38a6c19a03109a25b903
Determination: GOOD
C:\WINDOWS\System32\Drivers\battc.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\BattC\MofImagePath System32\Drivers\battc.sys
Loaded from: FILE
PX5: EB6F1BAC00003DE437C500D2CB8267002617D2AD
MD5: ea22edadf90c0aba8319454b2a07b700
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\bcm4sbxp.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\bcm4sbxp\ImagePath System32\DRIVERS\bcm4sbxp.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\bcm4sbxp\ImagePath C:\WINDOWS\System32\DRIVERS\bcm4sbxp.sys
Loaded from: FILE
PX5: B39DC09E00E40C06A3D800AEA96FFE008EF39561
MD5: ba03a18635d4b0830c9262cd80d4026b
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\btport.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\BTDriver\ImagePath System32\DRIVERS\btport.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\BTDriver\ImagePath C:\WINDOWS\System32\DRIVERS\btport.sys
Loaded from: FILE
PX5: F6EBE354DBC6E52F753700BF1A683B000E08CC36
MD5: ab1ba227c5928a306b66e0e442c8110f
Determination: GOOD
C:\WINDOWS\System32\drivers\btkrnl.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\BTKRNL\ImagePath System32\drivers\btkrnl.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\BTKRNL\ImagePath C:\WINDOWS\System32\drivers\btkrnl.sys
Loaded from: FILE
PX5: 52D367291A11ADC98C5A119D734F7D00FC2A9DA0
MD5: 9ac594d9b622ac909a2d489e68d1e3ec
Determination: GOOD
C:\WINDOWS\System32\drivers\btserial.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\BTSERIAL\ImagePath \??\C:\WINDOWS\System32\drivers\btserial.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\BTSERIAL\ImagePath C:\WINDOWS\System32\drivers\btserial.sys
Loaded from: FILE
PX5: B6B61BF667B8913D567100A2D57D6000E648E48A
MD5: a34931d393f37ead1630260da269a0d9
Determination: GOOD
C:\WINDOWS\System32\drivers\btslbcsp.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\BTSLBCSP\ImagePath \??\C:\WINDOWS\System32\drivers\btslbcsp.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\BTSLBCSP\ImagePath C:\WINDOWS\System32\drivers\btslbcsp.sys
Loaded from: FILE
PX5: EB76651DD47CDE92633F0339289F1F005E806D60
MD5: 1ef990271d2f796818996043e8e3e36a
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\btwdndis.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\BTWDNDIS\ImagePath System32\DRIVERS\btwdndis.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\BTWDNDIS\ImagePath C:\WINDOWS\System32\DRIVERS\btwdndis.sys
Loaded from: FILE
PX5: 9B5CD7B46028619234980209B3FECF00FE08A5A9
MD5: 3f76a02e2ad7dc52b06f20087e274747
Determination: GOOD
C:\WINDOWS\System32\Drivers\btwusb.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\BTWUSB\ImagePath System32\Drivers\btwusb.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\BTWUSB\ImagePath C:\WINDOWS\System32\Drivers\btwusb.sys
Loaded from: FILE
PX5: 6757AEAB08C2CEE8C84000188953010036E2E85D
MD5: faf0c0e706a0d45f6efbc1503daf914d
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\cdrom.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Cdrom\ImagePath System32\DRIVERS\cdrom.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Cdrom\ImagePath C:\WINDOWS\System32\DRIVERS\cdrom.sys
Loaded from: FILE
PX5: B3CE44DD80DABE80C1400031E25C450069663A5F
MD5: af9c19b3100fe010496b1a27181fbf72
Determination: GOOD
C:\WINDOWS\system32\cisvc.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\CiSvc\ImagePath %SystemRoot%\system32\cisvc.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\CiSvc\ImagePath C:\WINDOWS\system32\cisvc.exe
PX5: B03833B20005A59D1629005665669D00201F0525
MD5: c4e84243292e37ca3b6faf4a1855b8a7
Determination: GOOD
C:\WINDOWS\system32\clipsrv.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ClipSrv\ImagePath %SystemRoot%\system32\clipsrv.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ClipSrv\ImagePath C:\WINDOWS\system32\clipsrv.exe
PX5: 50E35C41004F616D823700EBB15ECF008A4FA87F
MD5: 0a215e4bac9a1a9381d88c67517c850b
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\CmBatt.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\CmBatt\ImagePath System32\DRIVERS\CmBatt.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\CmBatt\ImagePath C:\WINDOWS\System32\DRIVERS\CmBatt.sys
Loaded from: FILE
PX5: 91BBA2540094CF733705005E75072E008A264A98
MD5: 4266be808f85826aedf3c64c1e240203
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\compbatt.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Compbatt\ImagePath System32\DRIVERS\compbatt.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Compbatt\ImagePath C:\WINDOWS\System32\DRIVERS\compbatt.sys
Loaded from: FILE
PX5: E36FE59D80DA9ACD24410031217DCA008249322A
MD5: df1b1a24bf52d0ebc01ed4ece8979f50
Determination: GOOD
C:\WINDOWS\System32\dllhost.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\COMSysApp\ImagePath C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SwPrv\ImagePath C:\WINDOWS\System32\dllhost.exe /Processid:{001163FF-017E-4CAB-BC71-1FA9AA5881A1}
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\COMSysApp\ImagePath C:\WINDOWS\System32\dllhost.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\SwPrv\ImagePath C:\WINDOWS\System32\dllhost.exe
PX5: 6EA1D06F0041EB21141900B4A32FF2002F6B8881
MD5: f4b3c65e2a3406f32d220019deb522f8
Determination: GOOD
C:\WINDOWS\system32\drivers\o2mmb.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\CONAN\ImagePath system32\drivers\o2mmb.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\CONAN\ImagePath C:\WINDOWS\system32\drivers\o2mmb.sys
Loaded from: FILE
PX5: B5EDCF942F44B4EF7A66034F68D94D0016144A8C
MD5: 765255876a4b5b2dc3e10a846aa9269a
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\disk.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Disk\ImagePath System32\DRIVERS\disk.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Disk\ImagePath C:\WINDOWS\System32\DRIVERS\disk.sys
Loaded from: FILE
PX5: 61E4E34300C80A908E6D00C10934AF006F571071
MD5: 00ca44e4534865f8a3b64f7c0984bff0
Determination: GOOD
C:\WINDOWS\System32\Drivers\DKbFltr.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\DKbFltr\ImagePath System32\Drivers\DKbFltr.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\DKbFltr\ImagePath C:\WINDOWS\System32\Drivers\DKbFltr.sys
Loaded from: FILE
PX5: 87E993B33FA4F693466F00E377A5B80003DC5894
MD5: 96a48bda68bf734aae79f910ab884a34
Determination: GOOD
C:\WINDOWS\System32\dmadmin.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\dmadmin\ImagePath %SystemRoot%\System32\dmadmin.exe /com
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\dmadmin\ImagePath C:\WINDOWS\System32\dmadmin.exe
PX5: CB8A3D6900018319702703238C5916001DF268F6
MD5: 6c9aaa1aa9bf1699d23dec4d4113226f
Determination: GOOD
C:\WINDOWS\System32\drivers\dmboot.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\dmboot\ImagePath System32\drivers\dmboot.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\dmboot\ImagePath C:\WINDOWS\System32\drivers\dmboot.sys
Loaded from: FILE
PX5: 917F152000320DE9366A0C362239380089D45879
MD5: 6570b4c952f0d8fee4c6ef2ff5e10c08
Determination: GOOD
C:\WINDOWS\System32\drivers\dmio.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\dmio\ImagePath System32\drivers\dmio.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\dmio\ImagePath C:\WINDOWS\System32\drivers\dmio.sys
Loaded from: FILE
PX5: 33A7916180B2EE7E5AC702A49AA6DC00E6795F14
MD5: c57d35621782c7f40770f3e5ca20a182
Determination: GOOD
C:\WINDOWS\System32\drivers\dmload.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\dmload\ImagePath System32\drivers\dmload.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\dmload\ImagePath C:\WINDOWS\System32\drivers\dmload.sys
Loaded from: FILE
PX5: FC216AA0003B46A9171D00359F9C1600E909FEB4
MD5: e9317282a63ca4d188c0df5e09c6ac5f
Determination: GOOD
C:\WINDOWS\system32\drivers\DMusic.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\DMusic\ImagePath system32\drivers\DMusic.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\DMusic\ImagePath C:\WINDOWS\system32\drivers\DMusic.sys
Loaded from: FILE
PX5: 64B493018066E6FACEE6008D21636D008F236B03
MD5: a6f881284ac1150e37d9ae47ff601267
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\Dot4.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\dot4\ImagePath system32\DRIVERS\Dot4.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\dot4\ImagePath C:\WINDOWS\system32\DRIVERS\Dot4.sys
Loaded from: FILE
PX5: 4AB29C6500AAD7302A6F031F0A739D00A9105712
MD5: ad7fc1963b152b3728e3c4f83554a576
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Dot4Print\ImagePath system32\DRIVERS\Dot4Prt.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Dot4Print\ImagePath C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
Loaded from: FILE
PX5: E8A097D080826848324100EDF3C8D400B0FBAD84
MD5: 77ce63a8a34ae23d9fe4c7896d1debe7
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\dot4usb.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\dot4usb\ImagePath system32\DRIVERS\dot4usb.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\dot4usb\ImagePath C:\WINDOWS\system32\DRIVERS\dot4usb.sys
Loaded from: FILE
PX5: F4438352802738B45DA300879A6CD200952ED2BE
MD5: 707e8402ecaf9c87a7dd15615f0cfea2
Determination: GOOD
C:\WINDOWS\system32\drivers\drmkaud.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\drmkaud\ImagePath system32\drivers\drmkaud.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\drmkaud\ImagePath C:\WINDOWS\system32\drivers\drmkaud.sys
Loaded from: FILE
PX5: FA93CCC9802BA0DD0B8800D3A4C66500B79BCD14
MD5: 1ed4dbbae9f5d558dbba4cc450e3eb2e
Determination: GOOD
C:\WINDOWS\system32\mnmsrvc.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Eventlog\Application\(default) mnmsrvc
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\mnmsrvc\ImagePath C:\WINDOWS\System32\mnmsrvc.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\mnmsrvc\ImagePath C:\WINDOWS\System32\mnmsrvc.exe
PX5: F2F6E69800D71BFC80AE00AF40E07800F93A911A
MD5: 940a4e02b7f03c2592a52e16dddb3e46
Determination: GOOD
C:\WINDOWS\system32\fxssvc.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Fax\ImagePath %systemroot%\system32\fxssvc.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Fax\ImagePath C:\WINDOWS\system32\fxssvc.exe
PX5: 6602748D00AECFA4184704CBFF06DC000839594C
MD5: 3ceba41f3e0ef013e4f7ae05a227fd8c
Determination: GOOD
C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\FLEXnet Licensing Service\ImagePath "C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\FLEXnet Licensing Service\ImagePath C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PX5: 2EC2590D001C75200C1B0A26A7203E002EA7ABD6
MD5: d778107d7c2a19d7e7a884a9f0d79581
Determination: GOOD
C:\WINDOWS\system32\drivers\fltmgr.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\FltMgr\ImagePath system32\drivers\fltmgr.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\FltMgr\ImagePath C:\WINDOWS\system32\drivers\fltmgr.sys
Loaded from: FILE
PX5: DD494D2180C4BB98F7F901405AA62900817D3A94
MD5: 3d234fb6d6ee875eb009864a299bea29
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\ftdisk.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Ftdisk\ImagePath System32\DRIVERS\ftdisk.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Ftdisk\ImagePath C:\WINDOWS\System32\DRIVERS\ftdisk.sys
Loaded from: FILE
PX5: D543638280F1FAF5EBA30154BD3E7700D3ED2EEC
MD5: f3269a6ee547ea87b949a1cea4816b38
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\msgpc.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Gpc\ImagePath System32\DRIVERS\msgpc.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Gpc\ImagePath C:\WINDOWS\System32\DRIVERS\msgpc.sys
Loaded from: FILE
PX5: A6DC8C520088C979894600B57B2B1A00363C4157
MD5: c0f1d4a21de5a415df8170616703debf
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\hidusb.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\HidUsb\ImagePath system32\DRIVERS\hidusb.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\HidUsb\ImagePath C:\WINDOWS\system32\DRIVERS\hidusb.sys
Loaded from: FILE
PX5: 1484F98A807906C3258400E49D6D650019C14BBC
MD5: 1de6783b918f540149aa69943bdfeba8
Determination: GOOD
C:\WINDOWS\System32\Drivers\HTTP.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\HTTP\ImagePath System32\Drivers\HTTP.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\HTTP\ImagePath C:\WINDOWS\System32\Drivers\HTTP.sys
Loaded from: FILE
PX5: 1A572A9180D9F92E022704747529EC0016C1652C
MD5: cb77bb47e67e84deb17ba29632501730
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\i8042prt.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\i8042prt\ImagePath System32\DRIVERS\i8042prt.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\i8042prt\ImagePath C:\WINDOWS\System32\DRIVERS\i8042prt.sys
Loaded from: FILE
PX5: 5176B379805D75ECD1900002BF9BC2003FF0C0D5
MD5: 30e64dfa4efaacc8142ea07766181fb4
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\imapi.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Imapi\ImagePath System32\DRIVERS\imapi.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Imapi\ImagePath C:\WINDOWS\System32\DRIVERS\imapi.sys
Loaded from: FILE
PX5: A6DE19768012C7FDA37F00B5535D7900050612BF
MD5: f8aa320c6a0409c0380e5d8a99d76ec6
Determination: GOOD
C:\WINDOWS\System32\imapi.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ImapiService\ImagePath C:\WINDOWS\System32\imapi.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ImapiService\ImagePath C:\WINDOWS\System32\imapi.exe
PX5: 74CFCD09009BDDD14A8402202B1E530034B0D214
MD5: ed7abb35c81709fb41972d30fe15311e
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\intelide.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\IntelIde\ImagePath System32\DRIVERS\intelide.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\IntelIde\ImagePath C:\WINDOWS\System32\DRIVERS\intelide.sys
Loaded from: FILE
PX5: 13577194803FCB8815F90068ABEFAF00861C758E
MD5: 7c15b34147134381421d7044479a1d73
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\intelppm.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\intelppm\ImagePath System32\DRIVERS\intelppm.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\intelppm\ImagePath C:\WINDOWS\System32\DRIVERS\intelppm.sys
Loaded from: FILE
PX5: 308DA7E000DC5FE09D58006BABC91A0052CD17AF
MD5: ebc07787034bbe312020d30198a9f362
Determination: GOOD
C:\WINDOWS\system32\drivers\ip6fw.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ip6fw\ImagePath system32\drivers\ip6fw.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ip6fw\ImagePath C:\WINDOWS\system32\drivers\ip6fw.sys
Loaded from: FILE
PX5: 554B18088049820E711F003BBA86E4005B660DCC
MD5: 4448006b6bc60e6c027932cfc38d6855
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\IpFilterDriver\ImagePath System32\DRIVERS\ipfltdrv.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\IpFilterDriver\ImagePath C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys
Loaded from: FILE
PX5: E130718C809C039180F700DA0AC8EE00F2B31814
MD5: 731f22ba402ee4b62748adaf6363c182
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\ipinip.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\IpInIp\ImagePath System32\DRIVERS\ipinip.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\IpInIp\ImagePath C:\WINDOWS\System32\DRIVERS\ipinip.sys
Loaded from: FILE
PX5: 9655BFAF0030F62E523A00C352D248003081C413
MD5: e1ec7f5da720b640cd8fb8424f1b14bb
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\ipnat.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\IpNat\ImagePath System32\DRIVERS\ipnat.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\IpNat\ImagePath C:\WINDOWS\System32\DRIVERS\ipnat.sys
Loaded from: FILE
PX5: 16BC903800541BF40F8E02F0609797000CA3B3FE
MD5: e2168cbc7098ffe963c6f23f472a3593
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\ipsec.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\IPSec\ImagePath System32\DRIVERS\ipsec.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\IPSec\ImagePath C:\WINDOWS\System32\DRIVERS\ipsec.sys
Loaded from: FILE
PX5: 84ED89D600412A2C245201A3F8A740006B772EC6
MD5: 64537aa5c003a6afeee1df819062d0d1
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\irda.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\irda\ImagePath System32\DRIVERS\irda.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\irda\ImagePath C:\WINDOWS\System32\DRIVERS\irda.sys
Loaded from: FILE
PX5: 8E3E330D80498C3355E4015E39491300BFC79D07
MD5: 86c204836feec22510d434982d4221b8
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\irenum.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\IRENUM\ImagePath System32\DRIVERS\irenum.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\IRENUM\ImagePath C:\WINDOWS\System32\DRIVERS\irenum.sys
Loaded from: FILE
PX5: 42D7DCAC001BE9A12C7B00EF915041002AED16BC
MD5: 50708daa1b1cbb7d6ac1cf8f56a24410
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\isapnp.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\isapnp\ImagePath System32\DRIVERS\isapnp.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\isapnp\ImagePath C:\WINDOWS\System32\DRIVERS\isapnp.sys
Loaded from: FILE
PX5: 8A87001A0002BFB48D1F0066402D8A00BD468997
MD5: ea3245a8e8758d6b84de189a5caaa75e
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\kbdclass.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Kbdclass\ImagePath System32\DRIVERS\kbdclass.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Kbdclass\ImagePath C:\WINDOWS\System32\DRIVERS\kbdclass.sys
Loaded from: FILE
PX5: 11013D51001BA498620F00A282D06D00135D5A16
MD5: e883ae6ea0b313e659225aa32e449ce9
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\kbdhid.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\kbdhid\ImagePath system32\DRIVERS\kbdhid.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\kbdhid\ImagePath C:\WINDOWS\system32\DRIVERS\kbdhid.sys
Loaded from: FILE
PX5: BFEF19AB007A27B83AD2001F22115F00DD6CF6D0
MD5: 24f4d51e89822c349044c28be255c8a5
Determination: GOOD
C:\WINDOWS\system32\drivers\kl1.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\kl1\ImagePath system32\drivers\kl1.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\kl1\ImagePath C:\WINDOWS\system32\drivers\kl1.sys
Loaded from: FILE
PX5: 1EE626BC188FCE0AAFFB0135FE3D8100E0194DAA
MD5: 27fa2734cf49da74b2ac9c16dc38dd88
Determination: GOOD
C:\WINDOWS\system32\drivers\klif.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\klif\ImagePath \??\C:\WINDOWS\system32\drivers\klif.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\klif\ImagePath C:\WINDOWS\system32\drivers\klif.sys
Loaded from: FILE
PX5: 7B64D69A10B23FA0D94B0214256EF000BE9D514A
MD5: c6a8ad1c9698e5b7b4dd8c19257456e8
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\klim5.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\klim5\ImagePath system32\DRIVERS\klim5.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\klim5\ImagePath C:\WINDOWS\system32\DRIVERS\klim5.sys
Loaded from: FILE
PX5: C49624AC18533BF55FB000FFA12BE700FD0843C1
MD5: 967e2224217431b21f1d04fbb4c68a4b
Determination: GOOD
C:\WINDOWS\system32\drivers\kmixer.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\kmixer\ImagePath system32\drivers\kmixer.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\kmixer\ImagePath C:\WINDOWS\system32\drivers\kmixer.sys
Loaded from: FILE
PX5: 1C3250A68067C4B7A11302D8512D99006E8A628F
MD5: ba5deda4d934e6288c2f66caf58d2562
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\Expsab2.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\LEX_AS_NIC_SERVICE\ImagePath System32\DRIVERS\Expsab2.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\LEX_AS_NIC_SERVICE\ImagePath C:\WINDOWS\System32\DRIVERS\Expsab2.sys
Loaded from: FILE
PX5: 14E9D3D780184B9F541303E227922F00580F4C20
MD5: 05271ae7fcf0014dcc6591f145ac2fb0
Determination: GOOD
C:\WINDOWS\system32\drivers\MbxFilt.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\mbxfilt\ImagePath system32\drivers\MbxFilt.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\mbxfilt\ImagePath C:\WINDOWS\system32\drivers\MbxFilt.sys
Loaded from: FILE
PX5: 8C0D1F5A41BA893D15A900BCF4F56F00AC5171DA
MD5: 8e82c593b4c46b8a12fe36cba1f1eea9
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\mouclass.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Mouclass\ImagePath System32\DRIVERS\mouclass.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Mouclass\ImagePath C:\WINDOWS\System32\DRIVERS\mouclass.sys
Loaded from: FILE
PX5: 7E80CA6A0038C59C5C6F0047F0E35500920EB276
MD5: c458e314b8722253897c94a714c2e0c0
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\mouhid.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\mouhid\ImagePath system32\DRIVERS\mouhid.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\mouhid\ImagePath C:\WINDOWS\system32\DRIVERS\mouhid.sys
Loaded from: FILE
PX5: 2301F35080287EAB2F80000FDBBFFD00349EAF96
MD5: d7662f0cf5b77bbbe3202716f5bd5318
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\mrxdav.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MRxDAV\ImagePath System32\DRIVERS\mrxdav.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\MRxDAV\ImagePath C:\WINDOWS\System32\DRIVERS\mrxdav.sys
Loaded from: FILE
PX5: 2A28D206005617C9C4F8026FCC47BD006A62BA75
MD5: 46edcc8f2db2f322c24f48785cb46366
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\mrxsmb.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MRxSmb\ImagePath System32\DRIVERS\mrxsmb.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\MRxSmb\ImagePath C:\WINDOWS\System32\DRIVERS\mrxsmb.sys
Loaded from: FILE
PX5: 3A6FDF2E00838449EA5E06BDEF52FE0062D6AA8B
MD5: 025af03ce51645c62f3b6907a7e2be5e
Determination: GOOD
C:\WINDOWS\System32\msdtc.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MSDTC\ImagePath C:\WINDOWS\System32\msdtc.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\MSDTC\ImagePath C:\WINDOWS\System32\msdtc.exe
PX5: 3A5257C800292C38184B000639E3D800639539E0
MD5: 3124662b40761a3ef8f4254d2f32e3f4
Determination: GOOD
C:\WINDOWS\system32\msiexec.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MSIServer\ImagePath C:\WINDOWS\system32\msiexec.exe /V
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\MSIServer\ImagePath C:\WINDOWS\system32\msiexec.exe
PX5: 2199A4A600D88009341401C8D9AE0A004C78202A
MD5: f5f0146580e7023adb963879840777f8
Determination: GOOD
C:\WINDOWS\system32\drivers\MSKSSRV.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MSKSSRV\ImagePath system32\drivers\MSKSSRV.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\MSKSSRV\ImagePath C:\WINDOWS\system32\drivers\MSKSSRV.sys
Loaded from: FILE
PX5: 441E162B80A429811D1500CB9CEDF700CED69BEA
MD5: ae431a8dd3c1d0d0610cdbac16057ad0
Determination: GOOD
C:\WINDOWS\system32\drivers\MSPCLOCK.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MSPCLOCK\ImagePath system32\drivers\MSPCLOCK.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\MSPCLOCK\ImagePath C:\WINDOWS\system32\drivers\MSPCLOCK.sys
Loaded from: FILE
PX5: 3656535900693AA115D1001337247B009D5BCE4B
MD5: 13e75fef9dfeb08eeded9d0246e1f448
Determination: GOOD
C:\WINDOWS\system32\drivers\MSPQM.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MSPQM\ImagePath system32\drivers\MSPQM.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\MSPQM\ImagePath C:\WINDOWS\system32\drivers\MSPQM.sys
Loaded from: FILE
PX5: 5D7EA63E804A637C13CA0078C414AC000E912E93
MD5: 1988a33ff19242576c3d0ef9ce785da7
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\mssmbios.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\mssmbios\ImagePath System32\DRIVERS\mssmbios.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\mssmbios\ImagePath C:\WINDOWS\System32\DRIVERS\mssmbios.sys
Loaded from: FILE
PX5: 5C75220680F731D03C3D001BD399CC00D7DBED29
MD5: 469541f8bfd2b32659d5d463a6714bce
Determination: GOOD
C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\MSSQLServerADHelper\ImagePath C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\MSSQLServerADHelper\ImagePath C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
PX5: 0D207B48420F3907009A01DC39030100E4C62C9A
MD5: 4fa047ea300ab0e00edaafce8ac52468
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\ndistapi.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NdisTapi\ImagePath System32\DRIVERS\ndistapi.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NdisTapi\ImagePath C:\WINDOWS\System32\DRIVERS\ndistapi.sys
Loaded from: FILE
PX5: 25AEC9EA809D4D4825A500A2A9E22F00CCB1FFC8
MD5: 08d43bbdacdf23f34d79e44ed35c1b4c
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\ndisuio.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Ndisuio\ImagePath System32\DRIVERS\ndisuio.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Ndisuio\ImagePath C:\WINDOWS\System32\DRIVERS\ndisuio.sys
Loaded from: FILE
PX5: 0BF3AB388038D73732EB00A9A855ED006D3C0384
MD5: 34d6cd56409da9a7ed573e1c90a308bf
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\ndiswan.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NdisWan\ImagePath System32\DRIVERS\ndiswan.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NdisWan\ImagePath C:\WINDOWS\System32\DRIVERS\ndiswan.sys
Loaded from: FILE
PX5: 304E26E9803B344266FF0104DAA0B500E6B358BD
MD5: 0b90e255a9490166ab368cd55a529893
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\netbios.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NetBIOS\ImagePath System32\DRIVERS\netbios.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NetBIOS\ImagePath C:\WINDOWS\System32\DRIVERS\netbios.sys
Loaded from: FILE
PX5: 6F5EDA40008AE18787EB007972CAB100F174D35C
MD5: 3a2aca8fc1d7786902ca434998d7ceb4
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\netbt.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NetBT\ImagePath System32\DRIVERS\netbt.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NetBT\ImagePath C:\WINDOWS\System32\DRIVERS\netbt.sys
Loaded from: FILE
PX5: 7D3B6A2A0069D5737CDE020A47DE6F00F472D659
MD5: 0c80e410cd2f47134407ee7dd19cc86b
Determination: GOOD
C:\WINDOWS\system32\netdde.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NetDDE\ImagePath %SystemRoot%\system32\netdde.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NetDDEdsdm\ImagePath %SystemRoot%\system32\netdde.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NetDDE\ImagePath C:\WINDOWS\system32\netdde.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NetDDEdsdm\ImagePath C:\WINDOWS\system32\netdde.exe
PX5: AAA3C89900BB76ABBADC01BFB3AC1B00E2E8A55F
MD5: de62ee316fab09de3d7a5180f0775abf
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\nic1394.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NIC1394\ImagePath System32\DRIVERS\nic1394.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NIC1394\ImagePath C:\WINDOWS\System32\DRIVERS\nic1394.sys
Loaded from: FILE
PX5: 720917AF800A6EE8F12400F5E9C6E000F750E215
MD5: 5c5c53db4fef16cf87b9911c7e8c6fbc
Determination: GOOD
C:\WINDOWS\system32\drivers\nmwcdc.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Nokia USB Generic\ImagePath system32\drivers\nmwcdc.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Nokia USB Generic\ImagePath C:\WINDOWS\system32\drivers\nmwcdc.sys
Loaded from: FILE
PX5: C023789B006DEE5A2255009E8EF167006D630858
MD5: 5abb6b2461c4eb0afdf1bf7f03963d59
Determination: GOOD
C:\WINDOWS\system32\drivers\nmwcdcm.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Nokia USB Modem\ImagePath system32\drivers\nmwcdcm.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Nokia USB Modem\ImagePath C:\WINDOWS\system32\drivers\nmwcdcm.sys
Loaded from: FILE
PX5: 616595D5007F4D3E34080033B8A523006C86ABDE
MD5: 353c16d21eec1f11306270040b3713c1
Determination: GOOD
C:\WINDOWS\system32\drivers\nmwcd.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Nokia USB Phone Parent\ImagePath system32\drivers\nmwcd.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Nokia USB Phone Parent\ImagePath C:\WINDOWS\system32\drivers\nmwcd.sys
Loaded from: FILE
PX5: C92FB7ED002BB102F2F5011FA65A6E0065E79BC3
MD5: f5b1200c75b160c81e7e48cc0489aa5e
Determination: GOOD
C:\WINDOWS\system32\drivers\nmwcdcj.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Nokia USB Port\ImagePath system32\drivers\nmwcdcj.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Nokia USB Port\ImagePath C:\WINDOWS\system32\drivers\nmwcdcj.sys
Loaded from: FILE
PX5: 616595D5007F4D3E34080033B8A523006C86ABDE
MD5: 353c16d21eec1f11306270040b3713c1
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\nscirda.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NSCIRDA\ImagePath System32\DRIVERS\nscirda.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NSCIRDA\ImagePath C:\WINDOWS\System32\DRIVERS\nscirda.sys
Loaded from: FILE
PX5: 4B2E061B008AC14B703A00530FF3C4004DA6A57B
MD5: 6216798d29c3ba9d0d6f40bbbab694a5
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\NTIDrvr.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NTIDrvr\ImagePath System32\DRIVERS\NTIDrvr.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NTIDrvr\ImagePath C:\WINDOWS\System32\DRIVERS\NTIDrvr.sys
Loaded from: FILE
PX5: 3E60FD2A8071D2BF1713002CF0C40F004D3AA78B
MD5: 3c25d8a23c366fbe1511b4a250a1a2ad
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NwlnkFlt\ImagePath System32\DRIVERS\nwlnkflt.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NwlnkFlt\ImagePath C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys
Loaded from: FILE
PX5: A826BA3A803B83AE30C000488911C200DC3CA878
MD5: b305f3fad35083837ef46a0bbce2fc57
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\NwlnkFwd\ImagePath System32\DRIVERS\nwlnkfwd.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\NwlnkFwd\ImagePath C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys
Loaded from: FILE
PX5: B9B73139006979BB7FBC0031EA7E320032D237D0
MD5: c99b3415198d1aab7227f2c88fd664b9
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\ozscr.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\O2SCBUS\ImagePath System32\DRIVERS\ozscr.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\O2SCBUS\ImagePath C:\WINDOWS\System32\DRIVERS\ozscr.sys
Loaded from: FILE
PX5: F66ABF4363BF01E150D400DAF95552007E496EE1
MD5: 7f8d43fd4159b16ebfd65e13ee34677f
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\ohci1394.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ohci1394\ImagePath System32\DRIVERS\ohci1394.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ohci1394\ImagePath C:\WINDOWS\System32\DRIVERS\ohci1394.sys
Loaded from: FILE
PX5: 4A6E8F7F8033FF34EE4200E871B4F300047CEC38
MD5: 0951db8e5823ea366b0e408d71e1ba2a
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\parport.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Parport\ImagePath System32\DRIVERS\parport.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Parport\ImagePath C:\WINDOWS\System32\DRIVERS\parport.sys
Loaded from: FILE
PX5: 4A82394D8019443A393C017F618C1500973C174B
MD5: 3490ead0612bfd0e7c1b864ee24e6a4a
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\pci.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PCI\ImagePath System32\DRIVERS\pci.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\PCI\ImagePath C:\WINDOWS\System32\DRIVERS\pci.sys
Loaded from: FILE
PX5: 9DA3602E807459480C5D01595A918400CA482387
MD5: 91fc1d483d900b1c0600a08b871c39d5
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\pciide.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PCIIde\ImagePath System32\DRIVERS\pciide.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\PCIIde\ImagePath C:\WINDOWS\System32\DRIVERS\pciide.sys
Loaded from: FILE
PX5: 826808EE00CFD8500D55002AE8E7E200B79BCD14
MD5: b2df00d650fd6c4ee781740ed3c8e67f
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\pcmcia.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Pcmcia\ImagePath System32\DRIVERS\pcmcia.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Pcmcia\ImagePath C:\WINDOWS\System32\DRIVERS\pcmcia.sys
Loaded from: FILE
PX5: 1E5E2DAE80A234A7D5E1011E8065A7000BABC19F
MD5: 28f3538a2091993a03506311a05053e8
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\raspptp.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PptpMiniport\ImagePath System32\DRIVERS\raspptp.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\PptpMiniport\ImagePath C:\WINDOWS\System32\DRIVERS\raspptp.sys
Loaded from: FILE
PX5: F406FA260016D348BD2800EFDBDF52003203F53C
MD5: 1c5cc65aac0783c344f16353e60b72ac
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\processr.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Processor\ImagePath System32\DRIVERS\processr.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Processor\ImagePath C:\WINDOWS\System32\DRIVERS\processr.sys
Loaded from: FILE
PX5: AF0FBDFA005416189A000040A9FF7600B2B78287
MD5: 2be7f01e46970e946aa18cba3de019eb
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\psched.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\PSched\ImagePath System32\DRIVERS\psched.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\PSched\ImagePath C:\WINDOWS\System32\DRIVERS\psched.sys
Loaded from: FILE
PX5: C7C1320E008655110E77011715C66E0009C5AE75
MD5: 48671f327553dcf1d27f6197f622a668
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\ptilink.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Ptilink\ImagePath System32\DRIVERS\ptilink.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Ptilink\ImagePath C:\WINDOWS\System32\DRIVERS\ptilink.sys
Loaded from: FILE
PX5: F96F182D805891FA452B007EBD870E004C25BA07
MD5: 80d317bd1c3dbc5d4fe7b1678c60cadd
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\rasacd.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RasAcd\ImagePath System32\DRIVERS\rasacd.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RasAcd\ImagePath C:\WINDOWS\System32\DRIVERS\rasacd.sys
Loaded from: FILE
PX5: EF519CA180B540A42200002C4F06E3005372DD33
MD5: fe0d99d6f31e4fad8159f690d68ded9c
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\rasirda.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Rasirda\ImagePath System32\DRIVERS\rasirda.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Rasirda\ImagePath C:\WINDOWS\System32\DRIVERS\rasirda.sys
Loaded from: FILE
PX5: 8CCCA2B7808E55A34CD8006092BBF6006631AD45
MD5: 0207d26ddf796a193ccd9f83047bb5fc
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\rasl2tp.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Rasl2tp\ImagePath System32\DRIVERS\rasl2tp.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Rasl2tp\ImagePath C:\WINDOWS\System32\DRIVERS\rasl2tp.sys
Loaded from: FILE
PX5: C15C1546804EC8E6C8410037F34FAD00B1FBF6DF
MD5: 98faeb4a4dcf812ba1c6fca4aa3e115c
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\raspppoe.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RasPppoe\ImagePath System32\DRIVERS\raspppoe.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RasPppoe\ImagePath C:\WINDOWS\System32\DRIVERS\raspppoe.sys
Loaded from: FILE
PX5: A8F2C94800B2E031A21A00F0EC682E009B5794D5
MD5: 7306eeed8895454cbed4669be9f79faa
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\raspti.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Raspti\ImagePath System32\DRIVERS\raspti.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Raspti\ImagePath C:\WINDOWS\System32\DRIVERS\raspti.sys
Loaded from: FILE
PX5: 506F10F380FEE57C406900BE351741009F00F0DE
MD5: fdbb1d60066fcfbb7452fd8f9829b242
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\rdbss.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Rdbss\ImagePath System32\DRIVERS\rdbss.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Rdbss\ImagePath C:\WINDOWS\System32\DRIVERS\rdbss.sys
Loaded from: FILE
PX5: EE21D17900972EBEAA93023D87A14E0013D2E867
MD5: 03b965b1ca47f6ef60eb5e51cb50e0af
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RDPCDD\ImagePath System32\DRIVERS\RDPCDD.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RDPCDD\ImagePath C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
Loaded from: FILE
PX5: 14FCFAAE80A686EB103300CFAE183900CB624D74
MD5: 4912d5b403614ce99c28420f75353332
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\rdpdr.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\rdpdr\ImagePath System32\DRIVERS\rdpdr.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\rdpdr\ImagePath C:\WINDOWS\System32\DRIVERS\rdpdr.sys
Loaded from: FILE
PX5: 02477783007980B5019E03607F7E03003B692115
MD5: a2cae2c60bc37e0751ef9dda7ceaf4ad
Determination: GOOD
C:\WINDOWS\system32\sessmgr.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RDSessMgr\ImagePath C:\WINDOWS\system32\sessmgr.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RDSessMgr\ImagePath C:\WINDOWS\system32\sessmgr.exe
PX5: 2C67C68B0020C05D2C3E02893D0F09005D1CF7F5
MD5: cc0693c481502844a24ef71b90a7195e
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\redbook.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\redbook\ImagePath System32\DRIVERS\redbook.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\redbook\ImagePath C:\WINDOWS\System32\DRIVERS\redbook.sys
Loaded from: FILE
PX5: AEF2FC7D804F986FE3C7004FF2D91D0029FD0FC2
MD5: a8eee004a16af1d583d9de9f6de250e0
Determination: GOOD
C:\WINDOWS\System32\Drivers\RootMdm.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ROOTMODEM\ImagePath System32\Drivers\RootMdm.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ROOTMODEM\ImagePath C:\WINDOWS\System32\Drivers\RootMdm.sys
Loaded from: FILE
PX5: F3E7979300A8EEA3177100743639FF0080591A18
MD5: d8b0b4ade32574b2d9c5cc34dc0dbbe7
Determination: GOOD
C:\WINDOWS\System32\locator.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RpcLocator\ImagePath %SystemRoot%\System32\locator.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RpcLocator\ImagePath C:\WINDOWS\System32\locator.exe
PX5: C3C0A8550045DDC726E601EBB10B83000E4A4556
MD5: 33a8f0fe0005b2d79df53441679f5149
Determination: GOOD
C:\WINDOWS\System32\rsvp.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\RSVP\ImagePath %SystemRoot%\System32\rsvp.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\RSVP\ImagePath C:\WINDOWS\System32\rsvp.exe
PX5: 2057508700E163D906880231F30F2D00E5519440
MD5: dce0d20f8fb66df41d53734bff9d66f0
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\sbp2port.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\sbp2port\ImagePath system32\DRIVERS\sbp2port.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\sbp2port\ImagePath C:\WINDOWS\system32\DRIVERS\sbp2port.sys
Loaded from: FILE
PX5: F2C0143080485633A81D0002A725B70036E2E956
MD5: 3e2c3b180872be4120f246d85560b734
Determination: GOOD
C:\WINDOWS\system32\drivers\scsiport.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\ScsiPort\ImagePath %SystemRoot%\system32\drivers\scsiport.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\ScsiPort\ImagePath C:\WINDOWS\system32\drivers\scsiport.sys
Loaded from: FILE
PX5: BAEDAB6C00163F8D78C6012DFF6A240038CAB5E8
MD5: d7fd0ff761e28ac0ea35ad71e0cd67e9
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\secdrv.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Secdrv\ImagePath System32\DRIVERS\secdrv.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Secdrv\ImagePath C:\WINDOWS\System32\DRIVERS\secdrv.sys
Loaded from: FILE
PX5: 6C1F33AD30B48B8F6BBC0037A0F8A400F11BD786
MD5: d26e26ea516450af9d072635c60387f4
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\serenum.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\serenum\ImagePath System32\DRIVERS\serenum.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\serenum\ImagePath C:\WINDOWS\System32\DRIVERS\serenum.sys
Loaded from: FILE
PX5: 4F3C7EAD801665B83CEF00E324D68C009966C2DD
MD5: a2d868aeeff612e70e213c451a70cafb
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\serial.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Serial\ImagePath System32\DRIVERS\serial.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Serial\ImagePath C:\WINDOWS\System32\DRIVERS\serial.sys
Loaded from: FILE
PX5: 84269A0C80DA4AE9020E01315B99420097A96A32
MD5: dbab3260e7eb3398cb87267d1410fad4
Determination: GOOD
C:\WINDOWS\system32\drivers\splitter.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\splitter\ImagePath system32\drivers\splitter.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\splitter\ImagePath C:\WINDOWS\system32\drivers\splitter.sys
Loaded from: FILE
PX5: 249A00630095166C194E008C6AC35800063B57CE
MD5: 0ce218578fff5f4f7e4201539c45c78f
Determination: GOOD
C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlagent.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SQLSERVERAGENT\ImagePath C:\PROGRA~1\MICROS~4\MSSQL\binn\sqlagent.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\SQLSERVERAGENT\ImagePath C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlagent.exe
PX5: CCB546ED4208C0A6A03604D21DDC0600C795B8F1
MD5: 163ad09c3f9257066b78c2333302e488
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\sr.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\sr\ImagePath \SystemRoot\System32\DRIVERS\sr.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\sr\ImagePath C:\WINDOWS\System32\DRIVERS\sr.sys
Loaded from: FILE
PX5: 4D90659E00D8A4771F1A013E6E421F00F36027A5
MD5: 896f566afc498077172eae8a50e8baf8
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\srv.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Srv\ImagePath System32\DRIVERS\srv.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Srv\ImagePath C:\WINDOWS\System32\DRIVERS\srv.sys
Loaded from: FILE
PX5: 75BFBC608040FEEB14BC05A8A20D28000AA8481B
MD5: ea554a3ffc3f536fe8320eb38f5e4843
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\swenum.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\swenum\ImagePath System32\DRIVERS\swenum.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\swenum\ImagePath C:\WINDOWS\System32\DRIVERS\swenum.sys
Loaded from: FILE
PX5: FDB253C8004ADC8E110200CB82EF3C003BACCEF1
MD5: 03c1bae4766e2450219d20b993d6e046
Determination: GOOD
C:\WINDOWS\system32\drivers\swmidi.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\swmidi\ImagePath system32\drivers\swmidi.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\swmidi\ImagePath C:\WINDOWS\system32\drivers\swmidi.sys
Loaded from: FILE
PX5: D73823E800EBA9D4D48400057CBBEE004EA1E5C8
MD5: 94abc808fc4b6d7d2bbf42b85e25bb4d
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\SynTP.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SynTP\ImagePath System32\DRIVERS\SynTP.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\SynTP\ImagePath C:\WINDOWS\System32\DRIVERS\SynTP.sys
Loaded from: FILE
PX5: 1DA32214703C687A055204688CE2540070BD314A
MD5: decaf721585f9db53d60d70fd064b6bb
Determination: GOOD
C:\WINDOWS\system32\drivers\sysaudio.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\sysaudio\ImagePath system32\drivers\sysaudio.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\sysaudio\ImagePath C:\WINDOWS\system32\drivers\sysaudio.sys
Loaded from: FILE
PX5: 23CF2276806778A5EDCF00D9512FDE00BB195FEF
MD5: 650ad082d46bac0e64c9c0e0928492fd
Determination: GOOD
C:\WINDOWS\system32\smlogsvc.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\SysmonLog\ImagePath %SystemRoot%\system32\smlogsvc.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\SysmonLog\ImagePath C:\WINDOWS\system32\smlogsvc.exe
PX5: C0E6801A0095AB606A660128541E440050C06325
MD5: bc8b8694def74b4e6c626322d4321a54
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\tcpip.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Tcpip\ImagePath System32\DRIVERS\tcpip.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Tcpip\ImagePath C:\WINDOWS\System32\DRIVERS\tcpip.sys
Loaded from: FILE
PX5: 4F73F53680D573A87D91052B82C9450084D6047A
MD5: 1dbf125862891817f374f407626967f4
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\termdd.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\TermDD\ImagePath System32\DRIVERS\termdd.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\TermDD\ImagePath C:\WINDOWS\System32\DRIVERS\termdd.sys
Loaded from: FILE
PX5: 3111E3EA882052CE9F39002D38F46900A7415306
MD5: a540a99c281d933f3d69d55e48727f47
Determination: GOOD
C:\WINDOWS\System32\tlntsvr.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\TlntSvr\ImagePath C:\WINDOWS\System32\tlntsvr.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\TlntSvr\ImagePath C:\WINDOWS\System32\tlntsvr.exe
PX5: F869AF89008EB51B24EC0113A0DCBB001FBDD7D2
MD5: 2a9daaef2cc0333db6f129f2f8b3d3fd
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\update.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Update\ImagePath System32\DRIVERS\update.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Update\ImagePath C:\WINDOWS\System32\DRIVERS\update.sys
Loaded from: FILE
PX5: DB815C1080BD5D598E3605C672D6A20096A59C7E
MD5: ced744117e91bdc0beb810f7d8608183
Determination: GOOD
C:\WINDOWS\System32\ups.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\UPS\ImagePath %SystemRoot%\System32\ups.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\UPS\ImagePath C:\WINDOWS\System32\ups.exe
PX5: B1B748F7000750CB484000B4D1F04D00484BD2C2
MD5: e4896f38a3f8dacea6ea8d7ec9889d91
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\lgusbbus.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\usbbus\ImagePath system32\DRIVERS\lgusbbus.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\usbbus\ImagePath C:\WINDOWS\system32\DRIVERS\lgusbbus.sys
Loaded from: FILE
PX5: 974AC15060E5102B5301000B6B15D9001ED6606E
MD5: 5353218b3265e3b8190335059f697a11
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\usbccgp.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\usbccgp\ImagePath system32\DRIVERS\usbccgp.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\usbccgp\ImagePath C:\WINDOWS\system32\DRIVERS\usbccgp.sys
Loaded from: FILE
PX5: 3051DD5F80B0E02D7BC400CFE2D7F10086CC5663
MD5: bffd9f120cc63bcbaa3d840f3eef9f79
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\UsbDiag\ImagePath system32\DRIVERS\lgusbdiag.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\UsbDiag\ImagePath C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys
Loaded from: FILE
PX5: 0DE014FC000F73A0950400411A023100A92AAEBA
MD5: 7dd3eefc62a1ef44e5f940fa651ed9ed
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\usbehci.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\usbehci\ImagePath System32\DRIVERS\usbehci.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\usbehci\ImagePath C:\WINDOWS\System32\DRIVERS\usbehci.sys
Loaded from: FILE
PX5: 42E57CAC00DC4FAF684000867EE93C003087E4F7
MD5: 15e993ba2f6946b2bfbbfcd30398621e
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\usbhub.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\usbhub\ImagePath System32\DRIVERS\usbhub.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\usbhub\ImagePath C:\WINDOWS\System32\DRIVERS\usbhub.sys
Loaded from: FILE
PX5: 1972CD35009EF197E1E10053A918EE0090181966
MD5: c72f40947f92cea56a8fb532edf025f1
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\USBModem\ImagePath system32\DRIVERS\lgusbmodem.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\USBModem\ImagePath C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys
Loaded from: FILE
PX5: 0060F2DD7CD2D5E0987A00140874BD0083B6CBD1
MD5: 083031a78822eccbd7510bccd3e20d4c
Determination: GOOD
C:\WINDOWS\system32\DRIVERS\usbprint.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\usbprint\ImagePath system32\DRIVERS\usbprint.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\usbprint\ImagePath C:\WINDOWS\system32\DRIVERS\usbprint.sys
Loaded from: FILE
PX5: C449F0710094064A6580004CDAAF0B00CAA1349A
MD5: a42369b7cd8886cd7c70f33da6fcbcf5
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\USBSTOR\ImagePath System32\DRIVERS\USBSTOR.SYS
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\USBSTOR\ImagePath C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS
Loaded from: FILE
PX5: 6135CAAA80509344675C002A218295006093CEAA
MD5: 6cd7b22193718f1d17a47a1cd6d37e75
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\usbuhci.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\usbuhci\ImagePath System32\DRIVERS\usbuhci.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\usbuhci\ImagePath C:\WINDOWS\System32\DRIVERS\usbuhci.sys
Loaded from: FILE
PX5: 4756F37D00016D8B5030004DF844F10054C11836
MD5: f8fd1400092e23c8f2f31406ef06167b
Determination: GOOD
C:\Programmi\MSN Messenger\usnsvc.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\usnjsvc\ImagePath "C:\Programmi\MSN Messenger\usnsvc.exe"
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\usnjsvc\ImagePath C:\Programmi\MSN Messenger\usnsvc.exe
PX5: 5ADE8CB4702068007B8E0103793683003D23EE98
MD5: c5b70a6aa947667ce0e5fc84a05ec8b6
Determination: GOOD
C:\WINDOWS\System32\drivers\vga.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\VgaSave\ImagePath \SystemRoot\System32\drivers\vga.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\VgaSave\ImagePath C:\WINDOWS\System32\drivers\vga.sys
Loaded from: FILE
PX5: 14B18202007EA0B752C8003693833D00BCED634F
MD5: 8a60edd72b4ea5aea8202daf0e427925
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Visual Studio Analyzer RPC bridge\ImagePath C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\varpc.exe\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VARPC.EXE
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Visual Studio Analyzer RPC bridge\ImagePath C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe
PX5: 5EF9A6C1F46CF75884DE0046B916EA006839A81C
MD5: b5ba71eadeed0773d2e0978f962e1bf3
Determination: GOOD
C:\WINDOWS\system32\Shadow.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\VSS\Providers\{b5946137-7b9f-4925-af80-51abd60b20d5}\(default) MS Software Shadow Copy provider 1.0
PX5: 44E2E9FB00305E993C75009C1FBF8F00D582F681
MD5: f67f896ba60045fa0b5663a7f2003dce
Determination: GOOD
C:\WINDOWS\System32\vssvc.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\VSS\ImagePath %SystemRoot%\System32\vssvc.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\VSS\ImagePath C:\WINDOWS\System32\vssvc.exe
PX5: F8FD01E1006746AE7C9C04ADE2180F00B254A617
MD5: 147c653ad61bd01556723b3c8c4fafc8
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\w70n51.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\w70n51\ImagePath System32\DRIVERS\w70n51.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\w70n51\ImagePath C:\WINDOWS\System32\DRIVERS\w70n51.sys
Loaded from: FILE
PX5: 5C7B1999809C93C82C8924DA75157500A4F2D2B0
MD5: a7412fbf0d838dc42a12d5e6cacb1788
Determination: GOOD
C:\WINDOWS\System32\DRIVERS\wanarp.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\Wanarp\ImagePath System32\DRIVERS\wanarp.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\Wanarp\ImagePath C:\WINDOWS\System32\DRIVERS\wanarp.sys
Loaded from: FILE
PX5: D61BDDFF00BF41D487E5002B87E94900EE92AF43
MD5: 984ef0b9788abf89974cfed4bfbaacbc
Determination: GOOD
C:\WINDOWS\system32\drivers\wdmaud.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\wdmaud\ImagePath system32\drivers\wdmaud.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\wdmaud\ImagePath C:\WINDOWS\system32\drivers\wdmaud.sys
Loaded from: FILE
PX5: 1A706C8200C406CF446E0184AD924B00FE330A09
MD5: efd235ca22b57c81118c1aeb4798f1c1
Determination: GOOD
C:\WINDOWS\System32\wbem\wmiapsrv.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\WmiApSrv\ImagePath C:\WINDOWS\System32\wbem\wmiapsrv.exe
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\WmiApSrv\ImagePath C:\WINDOWS\System32\wbem\wmiapsrv.exe
PX5: A8EB9B0C007C19C1EE9501FD1D31580061EB57F5
MD5: 0ee2a2754039b13a632489726689dad0
Determination: GOOD
C:\WINDOWS\System32\drivers\ws2ifsl.sys
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\WS2IFSL\ImagePath \SystemRoot\System32\drivers\ws2ifsl.sys
Loaded from: \REGISTRY\Machine\SYSTEM\ControlSet001\Services\\WS2IFSL\ImagePath C:\WINDOWS\System32\drivers\ws2ifsl.sys
Loaded from: FILE
PX5: E3FE23AC0026FAFE2FF10052E88519002DA1A545
MD5: 6abe6e225adb5a751622a9cc3bc19ce8
Determination: GOOD
C:\WINDOWS\system32\userinit.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\UserInit C:\WINDOWS\system32\userinit.exe
PX5: 33A4BB2F001DA1EB620B00510674AE00F15A5361
MD5: c1e7fe19f98a877bf8f941bf48148695
Determination: GOOD
C:\WINDOWS\system32\logonui.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost logonui.exe
PX5: 6B3184960083D65DDE0B0761A134100078FE806C
MD5: 43bdf167ce792a5639d99ad7f1eabc1c
Determination: GOOD
C:\WINDOWS\system32\sysdm.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\VmApplet rundll32 shell32,Control_RunDLL "sysdm.cpl"
PX5: 77D613BF00DD23AB9A92044AE70A3A00F8BE273E
MD5: ab25117d8498730753b25bf32d7836d6
Determination: GOOD
C:\WINDOWS\system32\rundll32.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\VmApplet rundll32 shell32,Control_RunDLL "sysdm.cpl"
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS\StubPath RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}\StubPath C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{8b15971b-5355-4c82-8c07-7e181ea07608}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
PX5: 797CA9E8007174E38209003396ABA600D9E79205
MD5: f88cdb0ccc416b3778736be74cdebb94
Determination: GOOD
C:\WINDOWS\system32\autochk.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Session Manager\BootExecute autocheck
PX5: 38890F3300760B775A86096430A56A00DB68AE82
MD5: 779768a0a8091edb749dcb8fe60213e1
Determination: GOOD
C:\WINDOWS\system32\msjava.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}\KeyFileName C:\WINDOWS\system32\msjava.dll
Loaded from: \REGISTRY\User\S-1-5-21-2800509490-1417818515-3399203189-1004\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}
PX5: 01A2D955103896C5756F0E58E5337C005E03C8EE
MD5: e75aa32c6b79c846f5314ca4da92f29e
Determination: GOOD
C:\WINDOWS\system32\Control.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{2A202491-F00D-11cf-87CC-0020AFEECF20}\(default) MacroMedia ;ShockWave ActiveX Control
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{2A202491-F00D-11cf-87CC-0020AFEECF20}\(default) MacroMedia ;ShockWave ActiveX Control
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{2A202491-F00D-11cf-87CC-0020AFEECF20}\(default) MacroMedia ;ShockWave ActiveX Control
PX5: 2549691E00D7FEE920C900E6B3BA7000953D4AE3
MD5: f055032a911e51f57cb79b3909545627
Determination: GOOD
C:\Programmi\Messenger\msmsgs.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}\KeyFileName C:\Programmi\Messenger\msmsgs.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}\Exec C:\Programmi\Messenger\msmsgs.exe
PX5: 937DB9BC008B29B4DA13198C306CAF00327E8384
MD5: 74e6e96c6f0e2eca4edbb7f7a468f259
Determination: GOOD
C:\WINDOWS\System32\msieftp.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}\KeyFileName C:\WINDOWS\System32\msieftp.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{63da6ec0-2e98-11cf-8d82-444553540000} FTP Folders Webview
PX5: 44133DFB00C5C1B9D64903B9EB9B6E00A95E5477
MD5: 9ba0424bf46a751e9f68829a9afbe680
Determination: GOOD
C:\WINDOWS\inf\unregmp2.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}\Stubpath C:\WINDOWS\inf\unregmp2.exe /ShowWMP
PX5: 25973B5F006F9C673084034E2CE1C90027DD3117
MD5: 0cee66443ca52a5ffec6b9fb1f8c9dd0
Determination: GOOD
C:\WINDOWS\system32\shmgrate.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}\StubPath %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}\StubPath %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
PX5: 20602ECB00AD0F89A6D6007CC62E8E00FE74C13B
MD5: f8cbcdaa8c509f6a424834fe51956e21
Determination: GOOD
C:\WINDOWS\system32\IEDKCS32.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS\StubPath RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3}\DllName iedkcs32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B}\DllName iedkcs32.dll
PX5: FE6CE44B003461A1F06E045F06C65A008605BA00
MD5: d99df44836fd20faa6b608a9cee60f5f
Determination: GOOD
C:\WINDOWS\system32\regsvr32.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}\StubPath %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}\StubPath regsvr32.exe /s /n /i:U shell32.dll
PX5: 9F2DE48F0086912530FD001A3E083800D58E0872
MD5: da9623d7e0ca24dd3e08523287e05a4c
Determination: GOOD
C:\Programmi\Outlook Express\setup50.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}\StubPath "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}\StubPath "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
PX5: 990052A900467F972069015D0AA93E00C6116D6B
MD5: 5565e7539564f955441de6fdcbe447a9
Determination: GOOD
C:\WINDOWS\system32\advpack.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{8b15971b-5355-4c82-8c07-7e181ea07608}\StubPath rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
PX5: 40DE446000D9DEB58E9C01A9A95DBB0000B29576
MD5: 486a0d63381b08d5a41f44e58fe3b4e4
Determination: GOOD
C:\WINDOWS\system32\ie4uinit.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}\StubPath %SystemRoot%\system32\ie4uinit.exe
PX5: 77DF5E7B005FEC32864A001224995700729F5FAF
MD5: 452fa07dd74200ad8bdadd145487f653
Determination: GOOD
C:\WINDOWS\system32\mscories.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}\StubPath C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
PX5: 35CE7B7000DF7AE9A09301F60BFC8D002280983C
MD5: f0e0877264cc833f4160c4556b092901
Determination: GOOD
C:\WINDOWS\system32\logon.scr
Loaded from: \REGISTRY\User\.DEFAULT\Control Panel\Desktop\SCRNSAVE.EXE logon.scr
Loaded from: \REGISTRY\User\S-1-5-19\Control Panel\Desktop\SCRNSAVE.EXE %SystemRoot%\System32\logon.scr
Loaded from: \REGISTRY\User\S-1-5-20\Control Panel\Desktop\SCRNSAVE.EXE %SystemRoot%\System32\logon.scr
Loaded from: \REGISTRY\User\S-1-5-18\Control Panel\Desktop\SCRNSAVE.EXE logon.scr
PX5: 509D0B6F00114C175E1803F3B4819D004996445C
MD5: 6fa8411d60c4faee5102eee1367ab34d
Determination: GOOD
C:\WINDOWS\system32\gptext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}\DllName gptext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{426031c0-0b47-4852-b0ca-ac3d37bfcb39}\DllName gptext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{42B5FAAE-6536-11d2-AE5A-0000F87571E3}\DllName gptext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{e437bc1c-aa7d-11d2-a382-00c04f991e27}\DllName gptext.dll
PX5: 3937BBDB001CF5150EDE03108010A6002700AFB6
MD5: f286c70f59f434b6ddbab5738b6b029b
Determination: GOOD
C:\WINDOWS\system32\fdeploy.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{25537BA6-77A8-11D2-9B6C-0000F8080861}\DllName fdeploy.dll
PX5: 4B245433003392E32A140131FF3EF30000999A70
MD5: b4767457d286ebb4767c5ec1df9a7424
Determination: GOOD
C:\WINDOWS\system32\dskquota.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{3610eda5-77ef-11d2-8dc5-00c04fa31a66}\DllName dskquota.dll
PX5: 67A29FF30003BFCF6E3801450DA1040095E8819B
MD5: 78b72d69ee065560a89b7ece65ed7e2c
Determination: GOOD
C:\WINDOWS\system32\appmgmts.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{c6dc5466-785a-11d2-84d0-00c04fb169f7}\DllName appmgmts.dll
PX5: D38F92810065B7EDAC840228F23E3C004E625C37
MD5: 00e50cd4d9247cb56efc1360c32ab755
Determination: GOOD
C:\WINDOWS\system32\cryptnet.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet\DllName cryptnet.dll
PX5: 7068F9AD00A507EDF8EF0072A0BBE3005197631B
MD5: f8dd2e38ecc275ae94edc7c0492416ef
Determination: GOOD
C:\WINDOWS\system32\sclgntfy.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy\DllName sclgntfy.dll
PX5: 164435B300B5B4E0548400AA1F6E0800C2CDD06A
MD5: 5ff2551a3d740476f06b20f59cd7f0be
Determination: GOOD
C:\WINDOWS\system32\comm.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\comm.drv comm.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 0D8B262B3068553F296F004B25B4F300F3172575
MD5: 01b656374912d7ccf7465a3893f18982
Determination: GOOD
C:\WINDOWS\system32\vga.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\display.drv vga.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 8D38D13480CC42FA089200F6F3895F00B79BCD14
MD5: 9c86bbb80450af95b6a4ea8ebda93d76
Determination: GOOD
C:\WINDOWS\system32\mmsystem.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\drivers mmsystem.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: B7018ADE208113FC103101C8EB6DD700B1D99765
MD5: 7b3633a771ffad1cfb8d999fb5fc2687
Determination: GOOD
C:\WINDOWS\system32\keyboard.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\keyboard.drv keyboard.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 159F7A82D0C5E0D3077700FE801B1000B79BCD14
MD5: ed4bf709aad8b665075de06a0945b030
Determination: GOOD
C:\WINDOWS\system32\mouse.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\mouse.drv mouse.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: D9EA0CB2F0FB384407BE00D28D0C0C00B79BCD14
MD5: 7d29780ac88bb7292cdcff71ba67433d
Determination: GOOD
C:\WINDOWS\system32\wfwnet.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\network.drv wfwnet.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: E9641F0220200734353000D28FC59A003BEC664C
MD5: 5302ada9b0793c84151fc463dd65d7bf
Determination: GOOD
C:\WINDOWS\system32\progman.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\shell progman.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: C0D0815600445D69AC3B01B2DAB067005DE0E11A
MD5: df0960f73f899d517ffe5a96f8715e0e
Determination: GOOD
C:\WINDOWS\system32\sound.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\sound.drv sound.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: E70CAE91D00DCE52067C00647C846400B79BCD14
MD5: 028a1f74926dc3df2d9629edc9aebafb
Determination: GOOD
C:\WINDOWS\system32\system.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\WOW\boot\system.drv system.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: D4BD27742043BEDB0DB0000478EA5C00B79BCD14
MD5: 4a00d59ae6d75bdfc2c8e5182c4b1376
Determination: GOOD
C:\WINDOWS\system32\ntvdm.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\cmdline %SystemRoot%\system32\ntvdm.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\wowcmdline %SystemRoot%\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386
PX5: DFD881F400018F016A4F06473E7EAA001AE7779E
MD5: 0fea136cc628c6182e91598f7990229c
Determination: GOOD
C:\WINDOWS\system32\krnl386.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\wowcmdline %SystemRoot%\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386
PX5: 01F6A66B6040DCB569EA013E85A2EE004745F621
MD5: 5400c4565b1b7f811b7010a92134476b
Determination: GOOD
C:\WINDOWS\system32\commdlg.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: D41FE74160643BD6833B006BB7E5A9004410FDC1
MD5: 282c6a1e0565458ce162c907a84043f4
Determination: GOOD
C:\WINDOWS\system32\ctl3dv2.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: C84734B440655DC66A4D00304EF8AC0014627D07
MD5: 637d88e7a1bedc4457c80dbc8ba9f135
Determination: GOOD
C:\WINDOWS\system32\ddeml.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 87F926CB00F2CB349A1200182C7413003E6FB37C
MD5: bf6529de6619c4970e727f58e0ad48d1
Determination: GOOD
C:\WINDOWS\system32\lanman.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: A797EACD0BCFF4C3663403FC8369B500D2DCA4A2
MD5: e9d142feaa02e867c8dcddfe84e29e20
Determination: GOOD
C:\WINDOWS\system32\netapi.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 3B2621E2C04DF3B2A77E0156CAF52A0029A06ED9
MD5: 0f4ad2e828a6cb0f100cb36f3ac6faee
Determination: GOOD
C:\WINDOWS\system32\olecli.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: B5F4F24400858B0246DF0121D0BC320031CB25FD
MD5: ca0305757c0648715f6d92ba0c43992f
Determination: GOOD
C:\WINDOWS\system32\olesvr.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: CE221EF60049CF2B5E3B009B247C6A00F018477F
MD5: 16bf834a84a7dc0d24edc8e924c90637
Determination: GOOD
C:\WINDOWS\system32\pmspl.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 98CDEBDE0094268EB67200C1C6BF85009014DA93
MD5: 57f8a50513e43aaf6a7b23389e389bbc
Determination: GOOD
C:\WINDOWS\system32\shell.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: CE2E2C35000BF1E3147B0046192BB900FA35E49E
MD5: dc8a8c47542edd026ad8f4ac3d6c2292
Determination: GOOD
C:\WINDOWS\system32\toolhelp.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 87219368400265353643009B30E21C003936EBD7
MD5: c86363c599e5d6836c21a3a3fd21c388
Determination: GOOD
C:\WINDOWS\system32\win87em.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 22C03F9D0005E87A34B40075B0F00E00517D625F
MD5: c980c971ad4ff3ca5cefdef40932d3a1
Determination: GOOD
C:\WINDOWS\system32\winoldap.mod
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: E19A53B2202676D208C7002132DA8800B79BCD14
MD5: 0ddfd6315da4b29d09d09b6873ea460b
Determination: GOOD
C:\WINDOWS\system32\winsock.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: FCF9BBDC30E28D0D0BF200D9F4D9CD00B79BCD14
MD5: 68485c5ef0e2efcebf21bbb1042b823b
Determination: GOOD
C:\WINDOWS\system32\winspool.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: F5BB157440E5748C08D600021F9AD300B79BCD14
MD5: 0b4b94b78123e8035b84105bc024f9f8
Determination: GOOD
C:\WINDOWS\system32\wowdeb.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: C1613D5DB0A80A260ABB006471357400B79BCD14
MD5: a7b82d6b38a2acd3b2684e7371c6ce93
Determination: GOOD
C:\WINDOWS\system32\timer.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 01DC5380F09B29550F040024FDB8830045F6872C
MD5: 01dc53809b29550424fdb88345f6872c
Determination: GOOD
C:\WINDOWS\system32\compobj.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: DA21156DD0BCD8E77562007DCF26A600F4FFDA3F
MD5: 40f9fc896b2ba69fdc04d75e9d00dd01
Determination: GOOD
C:\WINDOWS\system32\storage.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 60BAD4D270E3252C10B800A49D4C780095AFB292
MD5: 3a5cd674ada85bcc1ff26b81b4cdefb5
Determination: GOOD
C:\WINDOWS\system32\ole2.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: F2FC4A2A40B7B6B59BDF00629364AB00A54AED31
MD5: 145aa8ecf0526c093f71117c181694ab
Determination: GOOD
C:\WINDOWS\system32\ole2disp.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 3E66404830EBCC7296B902E3361C6400BE12EFF7
MD5: eb38be7d7cf9ec15442a9d24cb39a2ac
Determination: GOOD
C:\WINDOWS\system32\ole2nls.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 09B13294B021FA9E558F026E08072F00900228B5
MD5: 32cfcc848a57f87638e31e8735515f80
Determination: GOOD
C:\WINDOWS\system32\typelib.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: C0620321C004C14EB60D020DCCE16200701F9AEA
MD5: 7161255dfa81e67b66b746d2504d2f2b
Determination: GOOD
C:\WINDOWS\system32\msvideo.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 790EE65FC0939660F0F4012F00509C00EF668BF3
MD5: 0fec57467004486cf202ed7bdfa5dcee
Determination: GOOD
C:\WINDOWS\system32\avifile.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 23078576D07C879BAB0E016052733100CC123BD6
MD5: 92fbb472d13a6cc283529301810922fb
Determination: GOOD
C:\WINDOWS\system32\msacm.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 9509859960B48961EF3C0048E192C7002EB67DBB
MD5: b3e0e6c925d333fdca47808ebf787cb2
Determination: GOOD
C:\WINDOWS\system32\mciavi.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 8B09E9FBC0AC80C41F5801300F1C5F00B1E6B4D8
MD5: e6a1bb6f039486bceb825b365aa5548d
Determination: GOOD
C:\WINDOWS\system32\mciseq.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 6F3561B8D089079262B000F61C353D001FC85F9C
MD5: 6f3561b8890792b0f61c353d1fc85f9c
Determination: GOOD
C:\WINDOWS\system32\mciwave.drv
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 2D1A8D9600222A826E980084C50D45003B805765
MD5: 2d1a8d96222a829884c50d453b805765
Determination: GOOD
C:\WINDOWS\system32\avicap.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 8D50F512B0D5AAB0126C01BC85534E00FA0EC9E8
MD5: 4a78d6c08d90bde538d5b538a082c1c9
Determination: GOOD
C:\WINDOWS\system32\mapi.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\WOW\KnownDlls comm.drv
PX5: 26070C10A0AAA3E5F53707B6FD82F000CE7ADC57
MD5: 7979e5e1a1febebe6478108c1691b3a9
Determination: GOOD
C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(default)
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(default)
PX5: 43FC1F718034B0CAF2E7007A2CAFD0009BF22C42
MD5: c11f6a1f61481e24be3fdc06ea6f7d2a
Determination: GOOD
C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}\(default) Skype add-on (mastermind)
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}\(default) Skype add-on (mastermind)
Loaded from: \REGISTRY\User\S-1-5-21-2800509490-1417818515-3399203189-1004\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\{77BF5300-1474-4EC7-9980-D32B190E9B07}
Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Extensions\{77BF5300-1474-4EC7-9980-D32B190E9B07}\ClsidExtension {77BF5300-1474-4EC7-9980-D32B190E9B07}
PX5: 63E625D828E9036B05F4148C4A96E600B04F74D5
MD5: 5beaeef0b4624b94918c157a32d6123c
Determination: GOOD
C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\NoExplorer
Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ClsidExtension {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}
PX5: BEEC7CE7903A1989A51C07665627A3001B1EF486
MD5: d787e3123fad2bd58ab45b9a5c360acd
Determination: GOOD
C:\WINDOWS\system32\ntsd.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path\Debugger ntsd -d
PX5: 834FBBDD002D211C7C10004432E9BD00FC3D4F55
MD5: 3ecffb9259462acccaf0063841e85e9b
Determination: GOOD
C:\WINDOWS\system32\mmsys.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{00022613-0000-0000-C000-000000000046} Propriet. dei file Multimedia
PX5: 22BCF726009533B384CD093581FB0B00BBF55E93
MD5: b9e3764a67f8d272e88a74e0bdfa1bd0
Determination: GOOD
C:\WINDOWS\system32\icmui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{176d6597-26d3-11d1-b350-080036a75b03} Gestore scanner ICM
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5DB2625A-54DF-11D0-B6C4-0800091AA605} Gestore monitor ICM
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{675F097E-4C4D-11D0-B6C1-0800091AA605} Gestore stampante ICM
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{DBCE2480-C732-101B-BE72-BA78E9AD5B27} Profilo ICC
PX5: 79852F4F004FA70AD8870036A8B3F300BFB6CC72
MD5: cc61775dd0099c04c1c464d2e838e0a3
Determination: GOOD
C:\WINDOWS\system32\rshx32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1F2E5C40-9550-11CE-99D2-00AA006E086C} Pagina di protezione NTFS
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F37C5810-4D3F-11d0-B4BF-00AA00BBB723} Pagina di protezione della stampante
PX5: 8E3D69C300B1B3BBA05400C01998E00021B13B08
MD5: 96dbc8f1582fe95b299cd3d6cdba10a2
Determination: GOOD
C:\WINDOWS\system32\docprop.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3EA48300-8CF6-101B-84FB-666CCB9BCD32} Pagina di propriet. di Docfile OLE
PX5: 4D155A630014F006B8E7003E1F6CD600C0918C31
MD5: 33cf28feac3984edea3b8672a0d7f46a
Determination: GOOD
C:\WINDOWS\system32\deskadp.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{42071712-76d4-11d1-8b24-00a0c9068ff3} Estensione scheda video del Pannello di controllo
PX5: 1FEBC52C0075696A427B005EACC72200AF70D61C
MD5: 77dd733136353761750b2258ad368a7e
Determination: GOOD
C:\WINDOWS\system32\deskmon.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{42071713-76d4-11d1-8b24-00a0c9068ff3} Estensione monitor del Pannello di controllo
PX5: E6AC7E1B00B4347342D70033642CB1001FC78895
MD5: b4d9f35f49b9e5b03c45bebd96486fe4
Determination: GOOD
C:\WINDOWS\system32\dssec.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4E40F770-369C-11d0-8922-00A024AB2DBB} Pagina di protezione DS
PX5: BF365090005B6ECFCC56008F370997000EDC51ED
MD5: fba19f60318c5e62cc531f7265e64899
Determination: GOOD
C:\WINDOWS\system32\SlayerXP.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} Pagina compatibilit.
PX5: 071E70380069307964410011CDEF880004B79666
MD5: 92e3c0617dda6f19a7b0f680c94c9b6f
Determination: GOOD
C:\WINDOWS\system32\shscrap.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{56117100-C0CD-101B-81E2-00AA004AE837} Gestore dati dei ritagli di shell
PX5: CEE438A6004ACC126CE400DA76EA3300F6FBD343
MD5: 886e25758e76f75b62955e031eaaa7e5
Determination: GOOD
C:\WINDOWS\system32\diskcopy.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{59099400-57FF-11CE-BD94-0020AF85B590} Estensione copia dischi
PX5: 74FF218D0092AEB8EC3016F62F9A37009BC24342
MD5: 18ac1727a4fdd1012974ad76580d0c74
Determination: GOOD
C:\WINDOWS\system32\ntlanui2.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{59be4990-f85c-11ce-aff7-00aa003ca9f6} Estensioni shell per oggetti Rete Microsoft Windows
PX5: 0FBD6225003D84B73AA5000A7557EF00532B5590
MD5: 75ac93bb0eda95a6b928c7949e60b98b
Determination: GOOD
C:\WINDOWS\system32\printui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{77597368-7b15-11d0-a0c2-080036af3f03} Estensione shell per la stampante Web
PX5: CFC465B500331E10BE8C08062B62D70065070AFA
MD5: ca104d6e9428ba00346cd615a1ee2e31
Determination: GOOD
C:\WINDOWS\system32\dskquoui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7988B573-EC89-11cf-9C00-00AA00A14F56} Disk Quota UI
PX5: 22C011F30068927142C902641380E9009CE9DCD6
MD5: beca74d3e444b46fa22300b26a46b67d
Determination: GOOD
C:\WINDOWS\system32\syncui.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{85BBD920-42A0-1069-A2E4-08002B30309D} Sincronia file
PX5: 32CB8DAC001BF20AF6D60250E1D558008C7994BA
MD5: ad552fcc0582ea9d1a8f7ab38fb53393
Determination: GOOD
C:\WINDOWS\System32\hticons.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88895560-9AA2-1069-930E-00AA0030EBC8} Estensione di icona di HyperTerminal
PX5: FDDAAC340069DC70AEDE004813C9AE00464F204F
MD5: 487b70d88ae51825e90c98e067205e60
Determination: GOOD
C:\WINDOWS\system32\fontext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BD84B380-8CA2-1069-AB1D-08000948F534} Tipi di carattere
PX5: A9B1E4F600762191E233053033E9D8001908E1DB
MD5: 71a69eee673b5d15ebc8479be12d65c7
Determination: GOOD
C:\WINDOWS\system32\deskperf.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{f92e8c40-3d33-11d2-b1aa-080036a75b03} Display TroubleShoot CPL Extension
PX5: DEBA621400871F794A8D0005514927006E3B795A
MD5: 584dac27268a6a1892062380b1582494
Determination: GOOD
C:\WINDOWS\system32\cryptext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7444C717-39BF-11D1-8CD9-00C04FC29D45} Estensione Crypto PKO
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7444C719-39BF-11D1-8CD9-00C04FC29D45} Estensione firma crittografata
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\PropertySheetHandlers\CryptoSignMenu\(default) {7444C719-39BF-11D1-8CD9-00C04FC29D45}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\PropertySheetHandlers\CryptoSignMenu\(default) {7444C719-39BF-11D1-8CD9-00C04FC29D45}
PX5: 144B846200DE013DD4E800E6AFBAF700F56839D9
MD5: d8340d897ad5cf76e359d3ebbabb5a03
Determination: GOOD
C:\WINDOWS\system32\wiashext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E211B736-43FD-11D1-9EFB-0000F8757FCD} Scanner e fotocamere digitali
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD} Scanner e fotocamere digitali
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{905667aa-acd6-11d2-8080-00805f6596d2} Scanner e fotocamere digitali
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3F953603-1008-4f6e-A73A-04AAC7A992F1} Scanner e fotocamere digitali
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{83bbcbf3-b28a-4919-a5aa-73027445d672} Scanner e fotocamere digitali
PX5: C96A74CF00663EB10AB209D765C2F9007A08BE3F
MD5: c1f811f1edc12130f9842b93b588957f
Determination: GOOD
C:\WINDOWS\System32\remotepg.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F0152790-D56E-4445-850E-4F3117DB740C} Remote Sessions CPL Extension
PX5: B276FC4B0072F7D1EE38004C043BDE00E8D7EAE4
MD5: 248afc0c31e60bbbfaceac5fd66b4f3d
Determination: GOOD
C:\WINDOWS\system32\wuaucpl.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5F327514-6C5E-4d60-8F16-D07FA08A78ED} Auto Update Property Sheet Extension
PX5: DEC1D60858D0AD974D1603850E3A98002B746A2D
MD5: d7fa9a9750403cc68dc209cde7c50d7a
Determination: GOOD
C:\WINDOWS\System32\wshext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{60254CA5-953B-11CF-8C96-00AA00B8708C} Estensione shell per Windows Script Host
PX5: 66026A8D0045E4F800BE0104F649E900B9F8B8B3
MD5: 2a7ce0d301ed72a88b5ede591ac7c51a
Determination: GOOD
C:\Programmi\File comuni\system\ole db\oledb32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2206CDB2-19C1-11D1-89E0-00C04FD7A829} Microsoft Data Link
PX5: 722A7F0200065713701D079CB9F9D70095D47802
MD5: a2033e5a2b7fc1874cacd6d70a7a7095
Determination: GOOD
C:\WINDOWS\System32\mstask.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF} Tasks Folder Icon Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF} Tasks Folder Shell Extension
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D6277990-4C6A-11CF-8D87-00AA0060F5BF} Operazioni pianificate
PX5: 28BAE091003DDB7248B2048CE9759F0060145387
MD5: ec25a03ff0624969d508c6f1e25cd664
Determination: GOOD
C:\WINDOWS\System32\shmedia.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{875CB1A1-0F29-45de-A1AE-CFB4950D0B78} Audio Media Properties Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{40C3D757-D6E4-4b49-BB41-0E5BBEA28817} Video Media Properties Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E4B29F9D-D390-480b-92FD-7DDB47101D71} Wav Properties Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{87D62D94-71B3-4b9a-9489-5FE6850DC73E} Avi Properties Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A6FD9E45-6E44-43f9-8644-08598F5A74D9} Midi Properties Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{c5a40261-cd64-4ccf-84cb-c394da41d590} Video Thumbnail Extractor
PX5: 6F935BCA00698E3154450276A47BF4000FC59B48
MD5: bf30bb4d33afa9e7e33f82f7de84f18c
Determination: GOOD
C:\WINDOWS\System32\sendmail.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE} Sendmail service
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE} Sendmail service
PX5: 89815E52001B0148D88B0081AF133A006B487C42
MD5: 2e2cf126e0c68ee3954d4033035ca78e
Determination: GOOD
C:\WINDOWS\System32\occache.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88C6C381-2E85-11D0-94DE-444553540000} Cartella cache ActiveX
PX5: 214F9BB100EDD7C47CF8015D8AF0380096C50712
MD5: eaa6d95c930615b37d2846778480b3e7
Determination: GOOD
C:\WINDOWS\System32\appwiz.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{352EC2B7-8B9A-11D1-B8AE-006008059382} Gestione applicazioni shell
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0B124F8F-91F0-11D1-B8B5-006008059382} Enumeratore applicazioni installate
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CFCCC7A0-A282-11D1-9082-006008059382} Darwin App Publisher
PX5: 7BF23A6100E0F96772F20888CE0D3F00288DF318
MD5: 5811931252689335b915135f40af5ef1
Determination: GOOD
C:\WINDOWS\System32\shimgvw.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{e84fda7c-1d6a-45f6-b725-cb260c236066} Shell Image Verbs
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178} Shell Image Data Factory
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3F30C968-480A-4C6C-862D-EFC0897BB84B} GDI + programma di estrazione file in anteprima
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9DBD2C50-62AD-11d0-B806-00C04FD706EC} Summary Info Thumbnail handler (DOCFILES)
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EAB841A0-9550-11cf-8C16-00805F1408F3} Programma di estrazione pagine HTML in anteprima
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{eb9b1153-3b57-4e68-959a-a3266bc3d7fe} Shell Image Property Handler
PX5: BF42E4FC005BE16EB66806F7E01C32002F436309
MD5: 3528c993453ca6aec6ab684ff1189950
Determination: GOOD
C:\WINDOWS\System32\netplwiz.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CC6EEFFB-43F6-46c5-9619-51D571967F7D} Pubblicazione guidata sul Web
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{add36aa8-751a-4579-a266-d66f5202ccbb} Ordinazione di stampe tramite Web
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6b33163c-76a5-4b6c-bf21-45de9cd503a1} Oggetto Pubblicazione guidata sul Web
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{58f1f272-9240-4f51-b6d4-fd63d1618591} Creazione guidata profilo Passport
PX5: C0B90A180022DF616EE40D61CC92200055AE5438
MD5: 497a6c557821b002c784437591ff731b
Determination: GOOD
C:\WINDOWS\System32\zipfldr.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31} Cartella compressa
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BD472F60-27FA-11cf-B8B4-444553540000} Compressed (zipped) Folder Right Drag Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{888DCA60-FC0A-11CF-8F0F-00C04FD7D062} Compressed (zipped) Folder SendTo Target
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\DragDropHandlers\{BD472F60-27FA-11cf-B8B4-444553540000}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\DragDropHandlers\{BD472F60-27FA-11cf-B8B4-444553540000}\(default)
PX5: ED969ADB00D5666D2CF80569EB9E87007A803837
MD5: 84dc2b97ae10dea7b265a74971634131
Determination: GOOD
C:\WINDOWS\System32\cdfview.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{f39a0dc0-9cc8-11d0-a599-00c04fd64433} File del canale
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{f3aa0dc0-9cc8-11d0-a599-00c04fd64434} Collegamento al canale
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{f3ba0dc0-9cc8-11d0-a599-00c04fd64435} Channel Handler Object
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{f3da0dc0-9cc8-11d0-a599-00c04fd64437} Channel Menu
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{f3ea0dc0-9cc8-11d0-a599-00c04fd64438} Channel Properties
PX5: 0784111A006E354D503B02EB805B87009C63167E
MD5: 281a80b43b221bf6332995658d0830ca
Determination: GOOD
C:\WINDOWS\System32\docprop2.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{883373C3-BF89-11D1-BE35-080036B11A03} Microsoft DocProp Shell Ext
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A9CF0EAE-901A-4739-A481-E35B73E47F6D} Microsoft DocProp Inplace Edit Box Control
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8EE97210-FD1F-4B19-91DA-67914005F020} Microsoft DocProp Inplace ML Edit Box Control
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0EEA25CC-4362-4A12-850B-86EE61B0D3EB} Microsoft DocProp Inplace Droplist Combo Control
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6A205B57-2567-4A2C-B881-F787FAB579A3} Microsoft DocProp Inplace Calendar Control
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33} Microsoft DocProp Inplace Time Control
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\PropertySheetHandlers\{883373C3-BF89-11D1-BE35-080036B11A03}\(default) Summary Properties Page
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\PropertySheetHandlers\{883373C3-BF89-11D1-BE35-080036B11A03}\(default) Summary Properties Page
PX5: BAD4E96E0064F346BC36008E2891DB0060D308D0
MD5: 886ba5db0a87b5a0d5f85c39424fc2ac
Determination: GOOD
C:\WINDOWS\System32\dsquery.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8A23E65E-31C2-11d0-891C-00A024AB2DBB} Directory Query UI
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9E51E0D0-6E0F-11d2-9601-00C04FA31A86} Shell properties for a DS object
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{163FDC20-2ABC-11d0-88F0-00A024AB2DBB} Directory Object Find
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F020E586-5264-11d1-A532-0000F8757D7E} Directory Start/Search Find
PX5: 97CEB5F9000C9E25AA2703A3E1CE88000E6ADB1E
MD5: 3241be7fa4e0191ae13d80b605ac980e
Determination: GOOD
C:\WINDOWS\System32\dsuiext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0D45D530-764B-11d0-A1CA-00AA00C16E65} Directory Property UI
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{62AE1F9A-126A-11D0-A14B-0800361B1103} Directory Context Menu Verbs
PX5: 6A192EC500170EFDBCEB0145A96D9300BCCCF2CE
MD5: ca33e221efa6c8bc9081f62fb81c4f46
Determination: GOOD
C:\WINDOWS\System32\mydocs.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ECF03A33-103D-11d2-854D-006008059367} MyDocs Copy Hook
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ECF03A32-103D-11d2-854D-006008059367} MyDocs Drop Target
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4a7ded0a-ad25-11d0-98a8-0800361b1103} MyDocs Properties
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\MyDocuments\(default) {ECF03A33-103D-11d2-854D-006008059367}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\MyDocuments\(default) {ECF03A33-103D-11d2-854D-006008059367}
PX5: 57E2829600BA664D643501A4D8468A0095362A02
MD5: 0e34ad97f42004e23da845ff4f822090
Determination: GOOD
C:\WINDOWS\msagent\agentpsh.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{143A62C8-C33B-11D1-84FE-00C04FA34A14} Microsoft Agent Character Property Sheet Handler
PX5: 7469413C00931FFF5E8700E559045400C1A9DC6C
MD5: 43e7c7538d4fd053d19758dd758a2842
Determination: GOOD
C:\WINDOWS\System32\dfsshlex.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6} DfsShell
PX5: C56F8BCC000B5CE570B200C57894E100F757413D
MD5: 41f6a64eb0d0c8b6fdff7c376f4cec17
Determination: GOOD
C:\WINDOWS\System32\photowiz.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{60fd46de-f830-4894-a628-6fa81bc0190d} %DESC_PublishDropTarget%
PX5: B7418C4500E88487A00C02F731B52500E7F273D2
MD5: 06cfb5ce176f60aa715635a291960acc
Determination: GOOD
C:\WINDOWS\System32\mmcshext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7A80E4A8-8005-11D2-BCF8-00C04F72C717} MMC Icon Handler
PX5: 8A0ADE010092153AC6C80087DEA97400BEB13B83
MD5: d1c8ed56d0db39e432eddc5bfca6dbe5
Determination: GOOD
C:\WINDOWS\system32\cabview.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0CD7A5C0-9F37-11CE-AE65-08002B2E1262} .CAB file viewer
PX5: 3D37E41700A8F7F74C2701763FA52300CB1B48CD
MD5: b6bf125d2c37cd7df340b255a07134e8
Determination: GOOD
C:\Programmi\Outlook Express\wabfind.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{32714800-2E5F-11d0-8B85-00AA0044F941} &Contatti...
PX5: 4FBC213F00A9A845805300462EEB2700C79BF84F
MD5: 64ecedd4e261443874cad4d66fe9fe44
Determination: GOOD
C:\WINDOWS\system32\wmpshell.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8DD448E6-C188-4aed-AF92-44956194EB1F} Windows Media Player Play as Playlist Context Menu Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C} Windows Media Player Burn Audio CD Context Menu Handler
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD} Windows Media Player Add to Playlist Context Menu Handler
PX5: 38347505000E6E3790E70134E584230099E5F235
MD5: 26ff66b17aa576421bc14742157871f2
Determination: GOOD
C:\WINDOWS\system32\mscoree.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1D2680C9-0E2A-469d-B787-065558BC7D43} Fusion Cache
PX5: F65D0B7500B9E3C5247304486ECE1C00F72D759B
MD5: b5b67ee09b52d7129b8041b9bd411f7b
Determination: GOOD
C:\WINDOWS\System32\btneighborhood.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6af09ec9-b429-11d4-a1fb-0090960218cb} My Bluetooth Places
PX5: DBB4779D4DF66AC890440BB158092E00592A316A
MD5: 701744f0affda19121e1bea68bfb48b3
Determination: GOOD
C:\WINDOWS\System32\twext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{596AB062-B4D2-4215-9F74-E9109B0A8153} Previous Versions Property Page
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9DB7A13C-F208-4981-8353-73CC61AE2783} Previous Versions
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\PropertySheetHandlers\{596AB062-B4D2-4215-9F74-E9109B0A8153}\(default)
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\PropertySheetHandlers\{596AB062-B4D2-4215-9F74-E9109B0A8153}\(default)
PX5: 83D6D2D5007A7A78AC5A00555BE37F0060757F73
MD5: 9c0305df90319693b0b8025976de5c66
Determination: GOOD
C:\WINDOWS\System32\extmgr.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{692F0339-CBAA-47e6-B5B5-3B84DB604E87} Extensions Manager Folder
PX5: 960469CE00F8BD83DAAE00EB26D5BA00BA81D3D8
MD5: 9b1c6fa8327600e0d309143f3b295777
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Web Folders\MSONSEXT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} Cartelle Web
PX5: CFF3A8E900F0931C20561499EDC2B000C723D664
MD5: 77264964a2b836234341006159fe89a3
Determination: GOOD
C:\Programmi\Microsoft Office\Office10\OLKFSTUB.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0006F045-0000-0000-C000-000000000046} Microsoft Outlook Custom Icon Handler
PX5: B7C4D8B0B0FB43B0D522009AFBB78800355E8257
MD5: 4a3438efcf533b29445945b7b2551b20
Determination: GOOD
C:\Programmi\Microsoft Office\Office10\msohev.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{42042206-2D85-11D3-8CFF-005004838597} Microsoft Office HTML Icon Handler
PX5: 131D104EA043137C350C01DA7538A900EA1A19DB
MD5: 72a0df237f9118f18ad136e99266e816
Determination: GOOD
C:\Programmi\WinRAR\rarext.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B41DB860-8EE4-11D2-9906-E49FADC173CA} WinRAR shell extension
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\WinRAR\(default) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\WinRAR\(default) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\WinRAR\(default) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\WinRAR\(default) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\WinRAR\(default) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\WinRAR\(default) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\DragDropHandlers\WinRAR\(default) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\DragDropHandlers\WinRAR\(default) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\DragDropHandlers\WinRAR\(default) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\DragDropHandlers\WinRAR\(default) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
PX5: 3D78E7C200E17F46F8670128E3FBB80096A203A3
MD5: 2f636c9ddbc4b1b31285505f8cc7b8b5
Determination: GOOD
C:\Programmi\7-Zip\7-zip.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{23170F69-40C1-278A-1000-000100020000} 7-Zip Shell Extension
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\7-Zip\(default) {23170F69-40C1-278A-1000-000100020000}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\7-Zip\(default) {23170F69-40C1-278A-1000-000100020000}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\7-Zip\(default) {23170F69-40C1-278A-1000-000100020000}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\7-Zip\(default) {23170F69-40C1-278A-1000-000100020000}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\DragDropHandlers\7-Zip\(default) {23170F69-40C1-278A-1000-000100020000}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\DragDropHandlers\7-Zip\(default) {23170F69-40C1-278A-1000-000100020000}
PX5: 98C116BB00C1B9741E7C02308518A300BD437AB4
MD5: 328c110ec057c7e058471e4b274cd6a2
Determination: GOOD
C:\Programmi\TechSmith\SnagIt 8\SnagItIEAddin.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} SnagIt
Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Toolbar\{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3}
PX5: BB35A41948B638C97637021E2B4A1E003EB6E2E8
MD5: 3c9ec57d28c59a5912725922e1252f43
Determination: GOOD
C:\Programmi\TechSmith\SnagIt 8\SnagItShellExt.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CF74B903-3389-469c-B3B6-0204D204FCBD} SnagIt Shell Extension
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\SnagItMainShellExt\(default) {CF74B903-3389-469c-B3B6-0204D204FCBD}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\SnagItMainShellExt\(default) {CF74B903-3389-469c-B3B6-0204D204FCBD}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\SnagItMainShellExt\(default) {CF74B903-3389-469c-B3B6-0204D204FCBD}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\SnagItMainShellExt\(default) {CF74B903-3389-469c-B3B6-0204D204FCBD}
PX5: 335D193448419F1D1651029CD0DD4700B7F66778
MD5: b50b5a64cd2d090a33d3acc242677646
Determination: GOOD
C:\Programmi\MSN Messenger\fsshext.8.1.0178.00.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} Messenger Sharing Folders
PX5: 8843DBEC703CE08BE7AC042B1C39BD0022FB3418
MD5: 9cb1085b64b2426a0640f2dc126a96b5
Determination: GOOD
C:\Programmi\LG PC Suite\LG Phone Manager\Phone.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{792F0537-F929-4eb7-AC1D-FB6334C71550} LG Phone
PX5: 80A078E300BDF849C09300FD694B020033F82A7E
MD5: 7eb52436b40fb0afd77fe119c3af04e9
Determination: GOOD
C:\Programmi\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A} PhoneBrowser
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\Nokia\(default) {416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\Nokia\(default) {416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}
PX5: B156AB2600A9ED69501208BC96155200409C34BD
MD5: ee72989bdac20cc914adef6a7bceedb9
Determination: GOOD
C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{85E0B171-04FA-11D1-B7DA-00A0C90348D6} Web Anti-Virus statistics
Loaded from: \REGISTRY\Machine\Software\Microsoft\Internet Explorer\Extensions\{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}\BandCLSID {85E0B171-04FA-11D1-B7DA-00A0C90348D6}
PX5: 3F8A280508F8FA7165BA0324FBAC0500CB16AB55
MD5: a89f8fce1ffedafd910b26783db1cc5a
Determination: GOOD
C:\Programmi\a-squared Free\a2freecontmenu.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A155339D-CCCD-4714-85EB-3754B804C9DF} a-squared Free Shell Extension
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\a-squared Free Shell Extension\(default) {A155339D-CCCD-4714-85EB-3754B804C9DF}
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\a-squared Free Shell Extension\(default) {A155339D-CCCD-4714-85EB-3754B804C9DF}
PX5: DD76EF7990B9C3114C4003B40BA16900185B2352
MD5: c3deb4802a2c89af25bd007008d760c2
Determination: GOOD
C:\WINDOWS\System32\oobe\msoobe.exe
Loaded from: \REGISTRY\Machine\System\Setup\Cmdline C:\WINDOWS\System32\oobe\msoobe.exe
PX5: 5E2280790084241A6EFF001DD3F130005E74F200
MD5: 53fba99d24edbcb03e689b2db1d63d33
Determination: GOOD
C:\WINDOWS\system32\msapsspc.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\SecurityProviders\SecurityProviders msapsspc.dll
PX5: 8C479BBA0065475850000105207F00002CA02E51
MD5: 9b6e96f4ec4104bcb180c5bea2787b3f
Determination: GOOD
C:\WINDOWS\system32\digest.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\SecurityProviders\SecurityProviders msapsspc.dll
PX5: 2283761F0087EB020C9B01CC3CCBC600B4AB6B96
MD5: 9b4cd31081f2ce1d69d2580d015c82ea
Determination: GOOD
C:\WINDOWS\system32\msnsspc.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\SecurityProviders\SecurityProviders msapsspc.dll
PX5: 5FC3C3D6008FE4D0702D042D3521CB003038EB19
MD5: a99939bae7757437683f4d6b1021a499
Determination: GOOD
C:\Programmi\Adobe\Reader 8.0\Reader\pdfprevhndlrshim.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\PreviewHandlers\{49400A7C-81A8-4F52-8CCE-D54739EE87EC} Adobe PDF Preview Handler
PX5: 623D7460882DBAFD90910060B8205E0036350873
MD5: 54caaebac648af1ba1f943046a824356
Determination: GOOD
C:\Programmi\Adobe\Reader 8.0\Reader\pdfprevhndlr.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\PreviewHandlers\{DC6EFB56-9CFA-464D-8880-44885D7DC193} Adobe PDF Preview Handler for Vista
PX5: 3BD592F470063CF846ED01556DDA8700DCEF7EC5
MD5: ea24a77157a310f434144a9d71ba05aa
Determination: GOOD
C:\WINDOWS\Resources\themes\Luna\Luna.msstyles
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Themes\InstallVisualStyle %SystemRoot%\Resources\themes\Luna\Luna.msstyles
PX5: D4AC08E190E1815FF0763FFB772E82003759142D
Determination: GOOD
C:\WINDOWS\system32\rdpclip.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms rdpclip
PX5: 3129DB34009CADCFF4300018D68AB90013FA4372
MD5: 456e33d8a5b34b0b9b5de1270e13c7a3
Determination: GOOD
C:\WINDOWS\system32\rdpwsx.dll
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\WsxDll rdpwsx
PX5: 2D4F90888862EA65546401DF11DAFF009FB4CACF
MD5: 98b543037e34c640622fa61e895326c4
Determination: GOOD
C:\WINDOWS\system32\RDPCFGEX.DLL
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\CfgDll RDPCFGEX.DLL
PX5: 648184F200AE0568123C00C1F661D900A8042FB8
MD5: 0f6f4433f47441c14f17d5348cf609b0
Determination: GOOD
C:\WINDOWS\System32\cmd.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\TelnetServer\1.0\DefaultShell %SYSTEMROOT%\System32\cmd.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\TelnetServer\Defaults\DefaultShell %SYSTEMROOT%\System32\cmd.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\TelnetServer\1.0\DefaultShell %SYSTEMROOT%\System32\cmd.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\TelnetServer\Defaults\DefaultShell %SYSTEMROOT%\System32\cmd.exe
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Control\SafeBoot\AlternateShell cmd.exe
PX5: 174F65020044C14C121406F23AA7F300C65DE81F
MD5: 94744851b6a9bdcefcd26cc61a6afd12
Determination: GOOD
C:\WINDOWS\system32\rdpsnd.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP\wave rdpsnd.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP\mixer rdpsnd.dll
PX5: 34FBA65500CFB6AF4EE7003742BB470065937B12
MD5: 1c5c414cc29d507b89e355e1733a7491
Determination: GOOD
C:\WINDOWS\system32\imaadp32.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.imaadpcm imaadp32.acm
PX5: 528D926A00EB3B4A408A0067B777E0007219DE4B
MD5: 316f81b3ec381c1c76e07ca43fc12bfc
Determination: GOOD
C:\WINDOWS\system32\msadp32.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.msadpcm msadp32.acm
PX5: 9896734D003A7B4A3AD6001B2D129300C6CAD27F
MD5: 147ba07670fa18d112d631b9eec2ca21
Determination: GOOD
C:\WINDOWS\system32\msg711.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.msg711 msg711.acm
PX5: 98836843004ECD5624170012D62AF300ADA7FDE1
MD5: d609edecb9692217bca166c09a8aa6d0
Determination: GOOD
C:\WINDOWS\system32\msgsm32.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.msgsm610 msgsm32.acm
PX5: 7715C6930008610D4E5300A5AC1D5400348AB758
MD5: dbb6c6dba7c404bf266e064889c45907
Determination: GOOD
C:\WINDOWS\system32\tssoft32.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.trspch tssoft32.acm
PX5: 9DB260C30072F5C620530046E6B0DC000EF1898D
MD5: 49445261ffaab7f8b915c4d3041aa7f4
Determination: GOOD
C:\WINDOWS\system32\iccvid.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.cvid iccvid.dll
PX5: 0CEE20B80002FE623A80014E667E0900EDC97E34
MD5: be4de2539b3db9d31d75fe0d323c52ee
Determination: GOOD
C:\WINDOWS\system32\msh263.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.I420 msh263.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.M263 msh263.drv
PX5: D1EBECF00092F1C390AB04548720B200A8771D55
MD5: b2e67e6045966c14a746627dccf3f67d
Determination: GOOD
C:\WINDOWS\system32\ir32_32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.iv31 ir32_32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.iv32 ir32_32.dll
PX5: 8DA8018800BECE6B16EB036CB8543B0035864865
MD5: 379204e614b66d00b414229051d0c9a4
Determination: GOOD
C:\WINDOWS\system32\iyuv_32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.iyuv iyuv_32.dll
PX5: 8D2F485A000F6953BA8B00EF89F3AE0028DCEE98
MD5: 193315b73270bad33a3c2f527c8380f6
Determination: GOOD
C:\WINDOWS\system32\msrle32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.mrle msrle32.dll
PX5: 6AD29AC5008293D12C2D00B216F74700B26503F0
MD5: 7b999ca58c6276d885f17abc73982009
Determination: GOOD
C:\WINDOWS\system32\msvidc32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.msvc msvidc32.dll
PX5: CE4E524C0073A8EC64FF00E1300C68000D8D97A8
MD5: d648edba85278839e30979ce627e5c81
Determination: GOOD
C:\WINDOWS\system32\msyuv.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.uyvy msyuv.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.yuy2 msyuv.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.yvyu msyuv.dll
PX5: 92EC75E800DB9BE5440C000A47ABC3009642377A
MD5: b35e1e08bf94e68daf5d9f52485ea368
Determination: GOOD
C:\WINDOWS\system32\iyvu9_32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.yvu9 iyvu9_32.dll
PX5: 3F44A75400A63EFDDC5900CCD2ADAD0030F91BF3
MD5: 94a8ebd816a366041f8ccf5afd3ab7de
Determination: GOOD
C:\WINDOWS\system32\msg723.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.msg723 msg723.acm
PX5: 11020CC8008FB79ED00601EAD6C03900AA679A83
MD5: d53bde174ad076ae58c8245a524cfb85
Determination: GOOD
C:\WINDOWS\system32\msh261.drv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.M261 msh261.drv
PX5: A41AA5420008DA3EF0B402388EE55600B25D24F8
MD5: 35f5338123495c871c4c7cc9fce784f6
Determination: GOOD
C:\WINDOWS\system32\msaud32.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.msaudio1 msaud32.acm
PX5: C38F33CC0026C9E080B10460DFC46F004CE633B9
MD5: 9efca60a4bdcf77fc5e2337e3ab61b1e
Determination: GOOD
C:\WINDOWS\system32\sl_anet.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.sl_anet sl_anet.acm
PX5: 3DA8D952002B67BF508D01A57E615F00B2B2EA92
MD5: c2e1907dde505f02585e7c85f927333a
Determination: GOOD
C:\WINDOWS\system32\l3codeca.acm
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.l3acm C:\WINDOWS\system32\l3codeca.acm
PX5: BD6FA9CA00B4F05D702C042DD7B42E003DC5A552
MD5: c5af10fd0a2c5938c4d962537af13ba3
Determination: GOOD
C:\WINDOWS\system32\mpg4c32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\VIDC.MPG4 mpg4c32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\VIDC.MP42 mpg4c32.dll
PX5: 9EEA4E7700E5529D8682067E5AD5E300A3EF639A
MD5: 83e27675bda528960ae960b43592c129
Determination: GOOD
C:\WINDOWS\system32\ir50_32.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.iv50 ir50_32.dll
PX5: 95DB8CD70069DE7662210B5E89209F0017FB4DEE
MD5: 72482db9c3e0889b185f7aa5d19d1e74
Determination: GOOD
C:\WINDOWS\system32\iac25_32.ax
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.iac2 C:\WINDOWS\system32\iac25_32.ax
PX5: E24B66BA00E66065EE4202091933FE00BCC2980B
MD5: af5f7f5aac2244bbbbfbcc69316437a6
Determination: GOOD
C:\WINDOWS\system32\ir41_32.ax
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\vidc.iv41 ir41_32.ax
PX5: 86E8CCBF0054BD73DA740CCDB9D402002D11640A
MD5: beeac2b7bbaeb63c6a79cd7b7d000a75
Determination: GOOD
C:\WINDOWS\system32\sirenacm.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\msacm.siren sirenacm.dll
PX5: 92D29F56708DC7D2C7BF005BB97C8A00D5F934F9
MD5: c2bde52e48e668fe6f95c40bba7aa310
Determination: GOOD
C:\WINDOWS\system32\JAVASUP.VXD
Loaded from: \REGISTRY\Machine\System\CurrentControlSet\Services\VXD\JAVASUP\StaticVxD JAVASUP.VXD
Loaded from: FILE
PX5: 99B75F2393917E501C450098C8A2BA0043E75EB1
MD5: 35bd074ae32e5eb19ff88daf3030f803
Determination: GOOD
C:\WINDOWS\system32\ipxrip.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ipx\IPXRIP\DllName ipxrip.dll
PX5: 859821B9009D40A9548200AD83A363008B36EF0D
MD5: 2dac54a61b837fac36ffd92b7e39b3ff
Determination: GOOD
C:\WINDOWS\system32\ipxsap.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ipx\IPXSAP\DllName ipxsap.dll
PX5: 85797B9500D099280499015DBB948C00AAAAF548
MD5: 3eea6d343b3d6fcf500db1837c07df06
Determination: GOOD
C:\WINDOWS\System32\iprtrmgr.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ip\DllPath %SystemRoot%\System32\iprtrmgr.dll
PX5: D40494A6008ED12A98FE023AAD1857000DD8C7B5
MD5: 30584106b1e3c4f836d35c92ba38b184
Determination: GOOD
C:\WINDOWS\System32\ipxrtmgr.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Router\CurrentVersion\RouterManagers\Ipx\DllPath %SystemRoot%\System32\ipxrtmgr.dll
PX5: 4718448E00AA1CC09C1B00C6E262700012078A35
MD5: 7ff943a30ba413c3f43e8441a28b7aa7
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Speech\sapi.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\Speech C:\Programmi\File comuni\Microsoft Shared\Speech\sapi.cpl
PX5: 4B95DF2F0028608F7026024663B5470081E40772
MD5: b281e4e0c7de6016f067191aa0b10047
Determination: GOOD
C:\WINDOWS\system32\Firewall.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\Internet Connection Firewall Firewall.cpl
PX5: C6AD4E5900619E5B3AA801566FFF65004318E0B5
MD5: 486c95d7867757ef75946cdc7fa547dd
Determination: GOOD
C:\WINDOWS\system32\NetSetup.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\NetSetupWizard NetSetup.cpl
PX5: 1727E2B500CA6EDF648A0091303FF7003D7EE312
MD5: 6c00e8b5734cd98456e36a1919393597
Determination: GOOD
C:\Programmi\QuickTime\QTSystem\QuickTime.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\QuickTime C:\Programmi\QuickTime\QTSystem\QuickTime.cpl
PX5: 665F1A90007DE4A7807B10402F0EC700C185D76A
MD5: 3cb885290777901a579c36f6315a2900
Determination: GOOD
C:\Programmi\Nokia\Nokia PC Suite 6\ConnectionManager.cpl
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\NokiaConnectionManager C:\PROGRA~1\Nokia\NOKIAP~1\CONNEC~1.CPL
PX5: B1213407009ACEC3789800AEB83E1000E277C57B
MD5: 6441c70a48e3313d380e7172d3f8b3a6
Determination: GOOD
C:\WINDOWS\system32\Magnify.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Accessibility\Utility Manager\Magnifier\Application path Magnify.exe
PX5: 8FD0DD1200F1CC211E520147693D72005CC20F83
MD5: b8485b1b335c0c00397dd7abc041475d
Determination: GOOD
C:\WINDOWS\system32\osk.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Accessibility\Utility Manager\On-Screen Keyboard\Application path osk.exe
PX5: 865A974F008F100B4EF6035F16FFB2007D13E899
MD5: 7d5b9dd2d397e5d323c5de2d0b4caeb6
Determination: GOOD
C:\WINDOWS\system32\ADODCIT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\adodcit.dll\Path C:\WINDOWS\system32\ADODCIT.DLL
PX5: 92A3C65E00F8AB5C46150021BCE67C00F83BCA5E
MD5: 192083bce659b1322dc433f520c4d7f7
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\APE\AEEXPDTR.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\APE setup tagfile\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\APE\AEEXPDTR.EXE
PX5: 2F2212DA00BB8872301F013827EB8200FEE2B8D7
MD5: da73b26afd707752984240bc5244dbb5
Determination: GOOD
C:\WINDOWS\system32\AUTMGR32.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Autmgr32.exe\Path C:\WINDOWS\system32\AUTMGR32.EXE
PX5: D9DA191130C59B66871102099FF0A3000541EC92
MD5: d9cc5520e849bfeaa499007ec2715186
Determination: GOOD
C:\WINDOWS\system32\AUTPRX32.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Autprx32.dll\Path C:\WINDOWS\system32\AUTPRX32.DLL
PX5: D9228A1D008CF5C7243902EC64535600D42BE917
MD5: 6e62806f4121eed119ef7d361f3322ca
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\BIND.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\bind.exe\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\BIND.EXE
PX5: 2730D394109294DF951F00FB31905500404D1D57
MD5: 8489ba346072e65c4626ebe2b5e01d8e
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\BLDWIZMG.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\bldwizmg.dll\Path C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\BLDWIZMG.DLL
PX5: D0E0B68C141F6930C2C200F34498FF00410BB567
MD5: 60f772572214c96a922d9e0f0329a6a4
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\WinNT\CL32TEST.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\cl32test.exe_NT\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\WinNT\CL32TEST.EXE
PX5: 2C4AFBB7205DC5A145E608D04BBD1B00F869EC74
MD5: 6423751868e13813a0ff9fdde0a90024
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\Clireg\CLIREG32.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\clireg32.exe\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\Clireg\CLIREG32.EXE
PX5: 7CCF553E00B64E1CAA46006652E45200FFBA400C
MD5: 8d75e77913188cf8a0a3de83ffef3d9d
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\Redist\CLIREG32.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\clireg32.exe (Redist)\Path C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\Redist\CLIREG32.EXE
PX5: 7CCF553E00B64E1CAA46006652E45200FFBA400C
MD5: 8d75e77913188cf8a0a3de83ffef3d9d
Determination: GOOD
C:\WINDOWS\system32\CMCT2IT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\cmct2it.dll\Path C:\WINDOWS\system32\CMCT2IT.DLL
PX5: 1C41B4F900A82397606E00C0BBB08500A8D6C687
MD5: 4771d2b7e4c4e8d060fa21fafef2cb68
Determination: GOOD
C:\WINDOWS\system32\CMCT3IT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\cmct3it.dll\Path C:\WINDOWS\system32\CMCT3IT.DLL
PX5: 81BE50C300F5E65F70C200ADE3898800F35E962C
MD5: 4294932efe05ef2f1f9b8b5e88e11593
Determination: GOOD
C:\WINDOWS\system32\CMCTLIT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\cmctlit.dll\Path C:\WINDOWS\system32\CMCTLIT.DLL
PX5: 035042E1001989B6A21B01F64D76600050CD308E
MD5: b022543d1ca79cdacc82038a6d82d92d
Determination: GOOD
C:\WINDOWS\system32\CMDLGIT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\cmdlgit.dll\Path C:\WINDOWS\system32\CMDLGIT.DLL
PX5: 8E1A8CF000DECEAC840F009E0E044800B7602CCC
MD5: 3aec6782143c1e2d1417f5254af8e9fa
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\MSDN\1033\COLCHNG.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\colchng.exe(1033)\Path C:\Programmi\File comuni\Microsoft Shared\MSDN\1033\COLCHNG.EXE
PX5: A13EB50C00A9135290440013D1DCCC0010D5708F
MD5: 813046f10a8bd005ccbff090a1e5cf21
Determination: GOOD
C:\WINDOWS\system32\COMCT232.OCX
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\comct232.ocx\Path C:\WINDOWS\system32\COMCT232.OCX
PX5: C2AD9C12306C683381AD0212F42E41005A7517A6
MD5: 1b63af252cfeff520871f0ae37c80c5e
Determination: GOOD
C:\WINDOWS\system32\COMCT332.OCX
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\comct332.ocx\Path C:\WINDOWS\system32\COMCT332.OCX
PX5: 1EEDD72EC88E95AB557406B29F6975002E00559F
MD5: 821ab1f1cf9904cb9026c686f13f0f05
Determination: GOOD
C:\WINDOWS\system32\COMCTL32.OCX
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\comctl32.ocx\Path C:\WINDOWS\system32\COMCTL32.OCX
PX5: B338A671C024B20F48A80970D3818A00AFB0346E
MD5: eb5f811c1f78005b3c147599a0cccf51
Determination: GOOD
C:\WINDOWS\system32\COMDLG32.OCX
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\comdlg32.ocx\Path C:\WINDOWS\system32\COMDLG32.OCX
PX5: 12216787C86C832E240502FA343A3C00F8DFE989
MD5: b73809a916e6d7c1ae56f182a2e8f7e2
Determination: GOOD
C:\Programmi\File comuni\designer\CONNDIT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\conndit.dll\Path C:\Programmi\File comuni\designer\CONNDIT.DLL
PX5: A471B8EC0022C9DC7221008A6127D600F2E8BA18
MD5: 195fd44887918ae6e2a0ee5eb96c02db
Determination: GOOD
C:\Programmi\File comuni\designer\CONNRIT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\connrit.dll\Path C:\Programmi\File comuni\designer\CONNRIT.DLL
PX5: 93A8C2B000C0BDBF0CF000341740E400B79BCD14
MD5: 5c58f2ca327fc6def760eed777c5bb86
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\MSDN\COOKDOC.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\cookdoc.dll\Path C:\Programmi\File comuni\Microsoft Shared\MSDN\COOKDOC.DLL
PX5: 58A5901E008F352E80A8000ADA4AD3002E19C890
MD5: f794c85db7678951fc9baef887a76dd9
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\DAO\DAO350.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\dao350.dll\Path C:\Programmi\File comuni\Microsoft Shared\DAO\DAO350.DLL
PX5: 573D4AD4104DBFEDB34D0847D3909B00FE17CCC5
MD5: 8888bdbd4e118d915d40a11748282bca
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\DAO\dao360.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\dao360.dll\Path C:\Programmi\File comuni\Microsoft Shared\DAO\dao360.dll
PX5: C901A5B11BE17BBD906E08E88AA910007368D172
MD5: e0f1b16a2bb7b9670f154491e66fd7fd
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\VB98\DATAVIEW.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\dataview.dll\Path C:\Programmi\Microsoft Visual Studio\VB98\DATAVIEW.DLL
PX5: 69EBBA6E00F4412A504E0839EF644C00386345C5
MD5: b47cd76655fbc663846455dc02bc1b65
Determination: GOOD
C:\WINDOWS\system32\DATGDIT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\datgdit.dll\Path C:\WINDOWS\system32\DATGDIT.DLL
PX5: 28AA2BB70018883480810014720272006AA05F26
MD5: d436926f0388b47a053040f31a2ed4fb
Determination: GOOD
C:\WINDOWS\system32\DATLSIT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\datlsit.dll\Path C:\WINDOWS\system32\DATLSIT.DLL
PX5: BB79494100AF0DCF7C07006547F6050060847269
MD5: 68217644ccdf9b3b4383c5fec6ed7ebb
Determination: GOOD
C:\WINDOWS\system32\DATRPIT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\datrpit.dll\Path C:\WINDOWS\system32\DATRPIT.DLL
PX5: 1CE26758008D6E9756B500E8F89BFC00DC918B14
MD5: 64cdf60878f6fe8a1dc3606b07c5330c
Determination: GOOD
C:\WINDOWS\system32\DBGRDIT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\dbgrdit.dll\Path C:\WINDOWS\system32\DBGRDIT.DLL
PX5: 873EF7BC00C7948F8EC400371579940053CBC3B8
MD5: 3bb163589bd7bd11e2f0ca45fcd824cf
Determination: GOOD
C:\WINDOWS\system32\DBGRID32.OCX
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\dbgrid32.ocx\Path C:\WINDOWS\system32\DBGRID32.OCX
PX5: D720D7D628205EBA0453080C0A17640071195DB9
MD5: ec2f4fce368dade257d89a1bde1de380
Determination: GOOD
C:\WINDOWS\system32\DBLIST32.OCX
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\dblist32.ocx\Path C:\WINDOWS\system32\DBLIST32.OCX
PX5: 628BCF7E30EC98A60FAD03058E38F400A3822181
MD5: fae53fad924a437af259649419c806e2
Determination: GOOD
C:\WINDOWS\system32\DBLSTIT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\dblstit.dll\Path C:\WINDOWS\system32\DBLSTIT.DLL
PX5: 71D6909D00ACB2C880FD0004488C120037183109
MD5: 4323bb7b5e28b927d3d0a4a867e650ee
Determination: GOOD
C:\WINDOWS\system32\DBRPRIT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\dbrprit.dll\Path C:\WINDOWS\system32\DBRPRIT.DLL
PX5: 8A230BBF0071C1508A970016132792004EE1D67D
MD5: 4ab1dce46f19a0f09dda7c03d8a01924
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\WinNT\DDESPY.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\ddespy.exe_NT\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\WinNT\DDESPY.EXE
PX5: 394AE46C700C5701D8B200FC14A2BB00E72689A9
MD5: 2ba8e879b1e53b08d903bd9f55e2aa89
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\DEPENDS.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\depends.exe\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\DEPENDS.EXE
PX5: 8298B134009A8EFB2E9405097B725600A3C1DA54
MD5: 298d2699634589bd40fa7a44806263ea
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\MSDev98\Bin\IDE\DEVENT.PKG
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\devent.pkg\Path C:\Programmi\Microsoft Visual Studio\Common\MSDev98\Bin\IDE\DEVENT.PKG
PX5: 1C9B7E3F34D73EBD602401A3A03B4700D4148DEA
MD5: ad074e24c1c22b9ecc0a5c57d5de51ab
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\DEVENV.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\devenv.exe\Path C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\DEVENV.EXE
PX5: 847525EEED85B56D5C8505ABC787E6005EA59203
MD5: c52c2e5738076b42d5fbf24966a7d2f8
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\DFVIEW.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\dfview.exe\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\DFVIEW.EXE
PX5: C09A797910397DFC59ED00C889476000B5DD407F
MD5: 574b13ca506f863a2fb8446947b06d90
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\DOBJVIEW.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\dobjview.exe\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\DOBJVIEW.EXE
PX5: 4F7149C910A0F89EA37E000C1B33A7009CD2952C
MD5: 853c83cbc3b2d4f329e4831cc6cd550d
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\DTE.TLB
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\dte.tlb\Path C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\DTE.TLB
PX5: DA99CC3802F381168256012DDDE82A0052CC4BF2
MD5: 807735e653ad8c41681ddec21e740931
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\ERRLOOK.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\errlook.exe\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\ERRLOOK.EXE
PX5: 785E447800F8610090F100CDED8A0C0087F7543A
MD5: 045884001f12d9ee44e28b34c004d372
Determination: GOOD
C:\WINDOWS\system32\FLXGDIT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\flxgdit.dll\Path C:\WINDOWS\system32\FLXGDIT.DLL
PX5: 986D9F67001D78F4AA690086722D4600E3E9F6F0
MD5: d4a757242c0688fcad1231777b2fcfa6
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\FONTEDIT.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Fontedit.exe\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\FONTEDIT.EXE
PX5: 6ABB59CA104E75937B40019B266DBD0025A3760E
MD5: 42810e81fc596f446d5ba94050cab349
Determination: GOOD
C:\WINDOWS\System\FP30TXT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\fp30txt.dll\Path C:\WINDOWS\System\FP30TXT.DLL
PX5: B47F54F7107CB64281290190C69C8A0016ECCFDE
MD5: 8b42c90aa17bcf4925d4bc84635249e6
Determination: GOOD
C:\WINDOWS\System\FP30UTL.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\fp30utl.dll\Path C:\WINDOWS\System\FP30UTL.DLL
PX5: 57D2EEA310425D07A7900658C63D1F002F7AF941
MD5: 532a2d9e7a0bcd1bfb6f8d65351e90a2
Determination: GOOD
C:\WINDOWS\System\FP30WEC.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\fp30wec.dll\Path C:\WINDOWS\System\FP30WEC.DLL
PX5: 94C317EB108D3E353D49062012FB09003DDC95E2
MD5: c51b4ed2b48a2fb51507873f1e1074bb
Determination: GOOD
C:\WINDOWS\System\FP30WEL.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\fp30wel.dll\Path C:\WINDOWS\System\FP30WEL.DLL
PX5: 1D0F55FD1086A062C9F00ACA2DAB300053812E80
MD5: 488c7b20c003312f5a13bef2295c186a
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\resources\1040\GENPRJUI.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\genprjui.dll(ita)\Path C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\resources\1040\GENPRJUI.DLL
PX5: C5CF306500BB3EBB9E3D0121647B010000546E6B
MD5: adefbc3b083f6b0636f7f74f0e43a76b
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\GENPROJ.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\genproj.dll\Path C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\GENPROJ.DLL
PX5: A74223B740776C14A0D6122511239900533EE1AB
MD5: cd4974206d46b4645f89959ab53afdb0
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Grphflt\GIFIMP32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Export\GIF\Path C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\GIFIMP32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\GIF\Path C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\GIFIMP32.FLT
PX5: 993BB4A800FF3CBA00C20440406ACE009AA5D495
MD5: bdb9d3ab59c17cbb9440768e5d8b4564
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Grphflt\JPEGIM32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Export\JPEG\Path C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\JPEGIM32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\JPEG\Path C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\JPEGIM32.FLT
PX5: 61599D610092525FD02503FCE55931004C828E52
MD5: cdc50376ce04cdaa17b339e0e4946cb8
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Grphflt\PNG32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Export\PNG\Path C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\PNG32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\PNG\Path C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\PNG32.FLT
PX5: 1DF13743009E7BB4C02603E788DBE0007E64B0D6
MD5: 9c776e425d136ca08994695cafdfe825
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Grphflt\TIFFIM32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Export\TIFF\Path C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\TIFFIM32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\TIFF\Path C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\TIFFIM32.FLT
PX5: 6A65288600710C5E10250304BA3E68002583ACD3
MD5: 6f2343f8e2b4f8f3561dc9d4d8453274
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Grphflt\WPGEXP32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Export\WPG\Path C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\WPGEXP32.FLT
PX5: AD28D8EA00A2E2DE50320171DF11DA000A8ED846
MD5: 7030ba21d3434fb92c2b72b0a0e17655
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Grphflt\BMPIMP32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\BMP\Path C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\BMPIMP32.FLT
PX5: 93747641008297F45017019294DF89004BA0EA98
MD5: 3e747480aa108b914826e258d6f1addf
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Grphflt\CDRIMP32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\CDR\Path C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\CDRIMP32.FLT
PX5: AF8081000041B2D6C0750AEF28FC600065C7015F
MD5: 352733377ffa81c7961e465a9d52f838
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Grphflt\CGMIMP32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\CGM\Path C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\CGMIMP32.FLT
PX5: 1C973A2300A46A1C60810661ECDD4000B5833085
MD5: a6079566e62bf63cbd8c502901321d20
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Grphflt\EPSIMP32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\EPS\Path C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\EPSIMP32.FLT
PX5: 4F91CDDE00E688FBD01F0AD63A234A00A6598AEB
MD5: c257a8c4efb10aa4256abcdc4f3e8f2b
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Grphflt\FPX32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\FPX\Path C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\FPX32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\MIX\Path C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\FPX32.FLT
PX5: C5889C0C0054E9ECC0AF17A09E00EE00C55F9AFC
MD5: 9a2a02a92b25ebfe8e9c3ae55783ca56
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Grphflt\PCDIMP32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\PCD\Path C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\PCDIMP32.FLT
PX5: 6D990415003226DC90300150E1672E0019EC75D1
MD5: 2da296ee2e638ef5452facff15168944
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Grphflt\PCXIMP32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\PCX\Path C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\PCXIMP32.FLT
PX5: 786B79BE0043616D4033013060AF85003F0FC68D
MD5: 17f65b900afecb480b0a5cbc240c9600
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Grphflt\PICTIM32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\PICT\Path C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\PICTIM32.FLT
PX5: 21A9ECD100C714F3F03501E6382101000C61A2E4
MD5: 49a69036a2933e799477101f1f21782b
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Grphflt\WMFIMP32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\WMF\Path C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\WMFIMP32.FLT
PX5: 971F6A2B00A27CEF908B002DDDE82A00B908A952
MD5: 23f7f256d7e0b9e3f79e0849e8d7ade5
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Grphflt\WPGIMP32.FLT
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Graphics Filters\Import\WPG\Path C:\PROGRA~1\FILECO~1\MICROS~1\Grphflt\WPGIMP32.FLT
PX5: 71A90DB500F4B10C80DB02C4B2ED030039CCE1A1
MD5: 2be99e2b6d4c6a4485bf64329101f845
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\GUTILS.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\gutils.dll\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\GUTILS.DLL
PX5: A117C0171010DB94A5020019E0262F00A0108A7B
MD5: 00011d97ec46de947750b48127d52f33
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Wizards98\HOSTWIZ.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Hostwiz.dll\Path C:\Programmi\Microsoft Visual Studio\Common\Wizards98\HOSTWIZ.DLL
PX5: 06C61C51006C2E50609A024A710C37008B13E055
MD5: 29671a7486af52e347d807773e76a83e
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\HTMED.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\htmed.dll\Path C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\HTMED.DLL
PX5: 821C0A011066F2F871410C298F87EE0000A6E94A
MD5: 0eb03f816a2546cbc96d91950cbeaf97
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\resources\1040\HTMEDUI.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\htmedui.dll(ita)\Path C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\resources\1040\HTMEDUI.DLL
PX5: 76385018003C1BC84ACF01623BC3E500E97E5BD4
MD5: de8eabf76a8028e3afc721c0c9ac27d0
Determination: GOOD
C:\WINDOWS\system32\HTMUTIL.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\htmutil.dll\Path C:\WINDOWS\system32\HTMUTIL.DLL
PX5: 40F0E249E2497016C90502EB6B031D00DCB4E2FB
MD5: db4c777fb4f229d3887055c610ff5775
Determination: GOOD
C:\WINDOWS\system32\INETIT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\inetit.dll\Path C:\WINDOWS\system32\INETIT.DLL
PX5: 9C2BBC4E00B463823E30008C810F490028230F11
MD5: 598ad8131377fb338e0e34fa00855268
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Repostry\INSREPIM.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\insrepim.dll\Path C:\Programmi\File comuni\Microsoft Shared\Repostry\INSREPIM.DLL
PX5: 14946DCF6108A125501C0581F43371007EC2B638
MD5: f149d271a2948922928c8449fba8e117
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\IROTVIEW.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\irotview.exe\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\IROTVIEW.EXE
PX5: 4F897E2310C2519BABF9000219EBD200AE6599B2
MD5: 80506d8d63487ccc881e13edc3085839
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\IVIEWERS.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\iviewers.dll\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\IVIEWERS.DLL
PX5: 9414537A104884F1F56F01E55A8E220081F0097B
MD5: d11209a76521c1c1c652dbf477724185
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\JAVASIGN.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\javasign.dll\Path C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\JAVASIGN.DLL
PX5: FF9D517410C3EA75BD47003202D6990020A4D58B
MD5: 19472d68e8a914d37584c8001a3035eb
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\KILLLEC.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\killlec.exe\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\KILLLEC.EXE
PX5: 0A352237426D10EC6395002DDDE82A000EB823E7
MD5: e12f60f623aee20ab0fba416e5c42538
Determination: GOOD
C:\WINDOWS\system32\MCI32.OCX
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mci32.ocx\Path C:\WINDOWS\system32\MCI32.OCX
PX5: DE12AFF2C0464D22086603623F493400B32EF483
MD5: 6c5346d995b1ac78dd71e44c848152fc
Determination: GOOD
C:\WINDOWS\system32\MCIIT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mciit.dll\Path C:\WINDOWS\system32\MCIIT.DLL
PX5: 93AD36BD00649C0F867E00098556070016C99C37
MD5: 3c143064f03fa42e8184979dad4c30b9
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\MDT2DB.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mdt2db.dll\Path C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\MDT2DB.DLL
PX5: 9584FA115093490332300A12E5E9F2006304A5A4
MD5: 85083f47936b75465009cec9758c2b11
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\MDT2DBNS.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mdt2dbns.dll\Path C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\MDT2DBNS.DLL
PX5: AD2D9740E08D7B087DB805946854D700DE45314D
MD5: c14412945dbc900af43e84369975597c
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\resources\1040\MDT2DBUI.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mdt2dbui.dll(ita)\Path C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\resources\1040\MDT2DBUI.DLL
PX5: 3F8D260D105BED9F01FE01060198EC00D92332AB
MD5: c93724d3f04f1d4ca063835859be4d24
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\MDT2DD.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mdt2dd.dll\Path C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\MDT2DD.DLL
PX5: 043D86E3B05101B4FC3A0697F7992B001A513C5C
MD5: 1689b4ac7e7fa6dd85e1e4b01a9ac933
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\resources\1040\MDT2DDUI.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mdt2ddui.dll(ita)\Path C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\resources\1040\MDT2DDUI.DLL
PX5: C6D8EBD7106121DC378500B05ACE14006620CCAF
MD5: f9c466234e2acc793311a3a333744202
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\MDT2DF.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mdt2df.dll\Path C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\MDT2DF.DLL
PX5: 82337AB110CF50CA4B8309745FBBD30092CA7AB7
MD5: 90dad711b6a3f718252abfe3e2a37c55
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\MDT2DFX.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mdt2dfx.dll\Path C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\MDT2DFX.DLL
PX5: E40F7B9F109F6B462B160007E98CB30047FFA416
MD5: 39a39d7ece8a3a33c39ec9ce48a2e987
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\MDT2FREF.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mdt2fref.dll\Path C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\MDT2FREF.DLL
PX5: DC1B85D350B06EDB7AAC00EED87F87009DFFF14B
MD5: 2bdb96d02ca3f314e784e4888af95198
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\MDT2FW.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mdt2fw.dll\Path C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\MDT2FW.DLL
PX5: CADAED3B002F0B5FF72A0773D72DA50042843E28
MD5: 5dbe4f93082024d7a895c72b11fc9e40
Determination: GOOD
C:\WINDOWS\system32\MDT2FW95.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mdt2fw95.dll\Path C:\WINDOWS\system32\MDT2FW95.DLL
PX5: D5F0CAB50075B88B400A0100DC09A000004EAF5A
MD5: eab9b1a866ce08dcc650018044d8c0be
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\resources\1040\MDT2FWUI.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mdt2fwui.dll(ita)\Path C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\resources\1040\MDT2FWUI.DLL
PX5: 141711CF1028B4A52D5401534D5B450049825722
MD5: 492f76d29cc6b102df869e6445c7ac64
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\MDT2G.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mdt2g.dll\Path C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\MDT2G.DLL
PX5: BFA070A70070253300E8094F4DA15E001BE1598D
MD5: c4a2546441a208c860c21df1ba9de2b8
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\MDT2GDDO.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mdt2gddo.dll\Path C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\MDT2GDDO.DLL
PX5: B9219F57A0961057B8FD00EA6F1018004198AAE9
MD5: 3aaa77407eae46b4bd2df740b22d2eb6
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\MDT2GDDR.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mdt2gddr.dll\Path C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\MDT2GDDR.DLL
PX5: 64E03A25A023BD48B193012DD4505300BB82DD15
MD5: ee1eebe25ea5eff4f2b92889de0798e9
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\MDT2GKOR.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mdt2gkor.dll\Path C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\MDT2GKOR.DLL
PX5: 37F3B2FC00AF4FA7B0EA076867187E00D41F3D5E
MD5: ee01c322d44220e78e247cd70baaef6b
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\MDT2LV.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mdt2lv.dll\Path C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\MDT2LV.DLL
PX5: A8DE9CFBB0552BEA070E082D85EA8200FFFF5F26
MD5: 9d8f2b62843a82c09ca275a20c0916fd
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\resources\1040\MDT2LVUI.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mdt2lvui.dll(ita)\Path C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\resources\1040\MDT2LVUI.DLL
PX5: BC1F294A10BA852631AF03B8461B8000220FC54F
MD5: 01d23c16f730419d7a010509d2c30957
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\MDT2QD.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mdt2qd.dll\Path C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\MDT2QD.DLL
PX5: AEC48D166032BE3F085814094E0FCD00DC7A5DA3
MD5: 32cda2078e48f327d38cc0757e01a6fb
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\resources\1040\MDT2QDUI.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mdt2qdui.dll(ita)\Path C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\resources\1040\MDT2QDUI.DLL
PX5: 42334348107C73FEEBE90053D61C73006ECF7707
MD5: 2db5de0be95b6504bb3f2b1351e4aa6b
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\MDT2SD.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mdt2sd.dll\Path C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\MDT2SD.DLL
PX5: FCA20DFA305AD00A6B2107319CE0030049DC99D8
MD5: c2c1f64a6b3a1fb3f3d193e527cee8d2
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\resources\1040\MDT2SDUI.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mdt2sdui.dll(ita)\Path C:\Programmi\File comuni\Microsoft Shared\MSDesigners98\resources\1040\MDT2SDUI.DLL
PX5: 8FD356D2106B899EBBA401D6D5138700DAFD0A75
MD5: 4ebb3c078abac020ddca686c95c5f1b1
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Repostry\MIGREPV2.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MigRepV2.exe\Path C:\Programmi\File comuni\Microsoft Shared\Repostry\MIGREPV2.EXE
PX5: F299B5BB00861865C0BF026A2E1B1E00623969CA
MD5: f3720d3b8ee99463a4fa76772bc5f435
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Repostry\MIGV2.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MigV2.dll\Path C:\Programmi\File comuni\Microsoft Shared\Repostry\MIGV2.DLL
PX5: 3D314210005A32588075038805AD6F00336257C2
MD5: eb55d6fe8708110c8ed4353220e1ff21
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Repostry\MIGV2RC.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MigV2Rc.dll\Path C:\Programmi\File comuni\Microsoft Shared\Repostry\MIGV2RC.DLL
PX5: E79571C210DC71C351DF007CF7738D008B4C531B
MD5: 8049bb1197afde3e276b86a7e00b5856
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\VBA\MRT7ITA.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mrt7ita\Path C:\Programmi\File comuni\Microsoft Shared\VBA\MRT7ITA.DLL
PX5: 125A0CE01080E7C8014D087749474100B82400CF
MD5: 9a190fa1281fb54fc42ade992546b252
Determination: GOOD
C:\Programmi\File comuni\designer\MSADDNDR.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\msaddndr.dll\Path C:\Programmi\File comuni\designer\MSADDNDR.DLL
PX5: 4492C9E400A465D850B9010D0C0A6D00E25D7347
MD5: 64fade74d49a83c6abbb8b3228c5fe0c
Determination: GOOD
C:\WINDOWS\system32\MSADODC.OCX
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\msadodc.ocx\Path C:\WINDOWS\system32\MSADODC.OCX
PX5: 7DEE89DCC0263704D0BB01ED6C570A008964FAC2
MD5: 71c7c136133299694d21cd508ef88ffd
Determination: GOOD
C:\WINDOWS\system32\MSBIND.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\msbind.dll\Path C:\WINDOWS\system32\MSBIND.DLL
PX5: A55BEC400045FE66301001754A921B0010178499
MD5: d83acac0e10b2f3e67a047a64098cc3a
Determination: GOOD
C:\WINDOWS\system32\MSCC2IT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MsCc2it.dll\Path C:\WINDOWS\system32\MSCC2IT.DLL
PX5: F9562D8E003CD710F89D0094478D8E001E072A48
MD5: 5552cae5a8403999a3f3e625a6e1caa2
Determination: GOOD
C:\Programmi\File comuni\designer\MSCDRUN.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Mscdrun.dll\Path C:\Programmi\File comuni\designer\MSCDRUN.DLL
PX5: 5C324E1800877946C04E007BA95AF700528F36AB
MD5: 20dd49575a1df0c22e1adfc0ba3ef7d6
Determination: GOOD
C:\WINDOWS\system32\MSCH2IT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\msch2it.dll\Path C:\WINDOWS\system32\MSCH2IT.DLL
PX5: 21DBE92B003B5581BA490152ECF70E002D052064
MD5: 48ed45f87d34e386af631f7a10cd05c9
Determination: GOOD
C:\WINDOWS\system32\MSCHRT20.OCX
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mschrt20.ocx\Path C:\WINDOWS\system32\MSCHRT20.OCX
PX5: F700061DB8623CBE66750FA4E5E79A00C7368010
MD5: c80389e4872a0885cbb14fd3641166ab
Determination: GOOD
C:\WINDOWS\system32\MSCMCIT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Mscmcit.dll\Path C:\WINDOWS\system32\MSCMCIT.DLL
PX5: 81ED1541000C46D74C0702AC166E3800DC3CC6F9
MD5: 1172f5372818b7dd2c73cd893c09445a
Determination: GOOD
C:\WINDOWS\system32\MSCOMCT2.OCX
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mscomct2.ocx\Path C:\WINDOWS\system32\MSCOMCT2.OCX
PX5: 482C38FAC073C39FE2390994E4D8F0002D1899C5
MD5: c1b4af41a0370e4081d59ac99bcc929d
Determination: GOOD
C:\WINDOWS\system32\MSCOMCTL.OCX
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mscomctl.ocx\Path C:\WINDOWS\system32\MSCOMCTL.OCX
PX5: 0516B6BCC08DA9A5449F100F960561008516118A
MD5: 714cf24fc19a20ae0dc701b48ded2cf6
Determination: GOOD
C:\WINDOWS\system32\MSCOMIT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mscomit.dll\Path C:\WINDOWS\system32\MSCOMIT.DLL
PX5: 8D39D2B90089AA2836F4007FA73C6600048A22FD
MD5: 7cfffba84d0c62994eca82b1c6888223
Determination: GOOD
C:\WINDOWS\system32\MSCOMM32.OCX
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mscomm32.ocx\Path C:\WINDOWS\system32\MSCOMM32.OCX
PX5: EF714E6440F8BC25951501FDDE41AF003899C3C1
MD5: 2c6119da3993f410e74b15112f840cb0
Determination: GOOD
C:\Programmi\File comuni\designer\MSCONDES.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mscondes.dll\Path C:\Programmi\File comuni\designer\MSCONDES.DLL
PX5: 695EDF04002F33EC409A0203B584250036DFA017
MD5: 815c2d9def17fcef3b0786a1d5c03e75
Determination: GOOD
C:\WINDOWS\system32\MSDATGRD.OCX
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSDatGrd.ocx\Path C:\WINDOWS\system32\MSDATGRD.OCX
PX5: E253FF88B8CC9DA7006D04937F6ECC0075DAB9C8
MD5: e58c03482f4848af5f67aa9ed1d53336
Determination: GOOD
C:\WINDOWS\system32\MSDATLST.OCX
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\msdatlst.ocx\Path C:\WINDOWS\system32\MSDATLST.OCX
PX5: C4791BD1C0715FB28CCD03234C02F800BF8AF78B
MD5: e074f2504de473f92a519d8bf1a11d77
Determination: GOOD
C:\WINDOWS\system32\MSDATREP.OCX
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSDatRep.ocx\Path C:\WINDOWS\system32\MSDATREP.OCX
PX5: C0C3518C4045D885DD8702796A7311001A74B74C
MD5: 5f62f5906f66fec93ba261ae4dfe250f
Determination: GOOD
C:\WINDOWS\system32\MSDBRPT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\msdbrpt.dll\Path C:\WINDOWS\system32\MSDBRPT.DLL
PX5: 3613AE8A00122F31C00604824672C800C78EC419
MD5: 420cb8ac328000f5cf0f45e92edbcdc1
Determination: GOOD
C:\WINDOWS\system32\MSDBRPTR.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\msdbrptr.dll\Path C:\WINDOWS\system32\MSDBRPTR.DLL
PX5: 74471699000EDD3290C5043E1DC037008996B8ED
MD5: 179bc069d0aee0968747c95a09997137
Determination: GOOD
C:\Programmi\File comuni\designer\MSDE.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\msde.dll\Path C:\Programmi\File comuni\designer\MSDE.DLL
PX5: 2F3A109400C733CBC4460799CB98A7003E804F1B
MD5: 328f84d50788d6133241f51cf3eacbac
Determination: GOOD
C:\Programmi\File comuni\designer\MSDERUN.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\msderun.dll\Path C:\Programmi\File comuni\designer\MSDERUN.DLL
PX5: 3356430E000ADFC4140A02B69C5F72000395CCDE
MD5: 3ccf24e43e8e8d802e52e9c9990ae335
Determination: GOOD
C:\Programmi\File comuni\designer\resources\1040\MSDEUI.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\msdeui.dll(ita)\Path C:\Programmi\File comuni\designer\resources\1040\MSDEUI.DLL
PX5: C8D1EA86008BF29C925100FF015D5500D476AE93
MD5: 9522f8de6ef8d9f9abe64f86fb53b43c
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\MSDN\1033\MSDNFAV.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\msdnfav.exe(1033)\Path C:\Programmi\File comuni\Microsoft Shared\MSDN\1033\MSDNFAV.EXE
PX5: 2C698D14008827C1207902765992E100333540A5
MD5: 2de3f1fc52b3ecb81529edf68406b50a
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\MSENV.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\msenv.dll\Path C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\MSENV.DLL
PX5: 6A4AE0EF10C2109EE13D1DAEE2429300F9BC1FF8
MD5: eb99290210d65dc4942a741fa0fc3ff6
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\MSENVP.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\msenvp.dll\Path C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\MSENVP.DLL
PX5: AB06FDC51099F4D7D7CA00C34DD4E9003F4B49B5
MD5: 3cba31c1224061a9dd84e1fb35518eb4
Determination: GOOD
C:\WINDOWS\system32\MSFLXGRD.OCX
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\msflxgrd.ocx\Path C:\WINDOWS\system32\MSFLXGRD.OCX
PX5: 6151F917C08ED56DBAD40309CC130900B391E063
MD5: 06ee7bb3c681b9fa8af4280a154ee133
Determination: GOOD
C:\WINDOWS\system32\MSHFGIT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mshfgit.dll\Path C:\WINDOWS\system32\MSHFGIT.DLL
PX5: 044FDBBD00F34FBDD0C0007E65469B0062454738
MD5: 708189544eda483f673e9f31a64d8f06
Determination: GOOD
C:\WINDOWS\system32\MSHFLXGD.OCX
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mshflxgd.ocx\Path C:\WINDOWS\system32\MSHFLXGD.OCX
PX5: F35D5BD8C0DD4AA8B2520664B6E1FB00A1B2D1CA
MD5: 2704ccb7eda132776c97191e2c019747
Determination: GOOD
C:\Programmi\File comuni\designer\MSHTMPGD.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mshtmpgd.dll\Path C:\Programmi\File comuni\designer\MSHTMPGD.DLL
PX5: 3D30E28F0092DC0A60ED031EC2C2E90038608576
MD5: 8d643216e5114ab01535f6e4708cf9dd
Determination: GOOD
C:\Programmi\File comuni\designer\MSHTMPGR.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mshtmpgr.dll\Path C:\Programmi\File comuni\designer\MSHTMPGR.DLL
PX5: 74F748DB00D46C2A906F01F404BA2A007C937318
MD5: 2c5a757520436ea719434b1a807c18d9
Determination: GOOD
C:\WINDOWS\system32\MSINET.OCX
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\msinet.ocx\Path C:\WINDOWS\system32\MSINET.OCX
PX5: E1186E35D0A9E12EC48E01B76B4CAE003A4F23F3
MD5: 40d81470a19269d88bf44e766be7f84a
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\MSInfo\ieinfo5.ocx
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSInfo\Templates\ieinfo5\(default) C:\Programmi\File comuni\Microsoft Shared\MSInfo\ieinfo5.ocx
PX5: D9CCCE7600AE330472C5014263EDAE006E08A176
MD5: 7cfdd7f54c64bff62f64665a7e567896
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\MSInfo\MSIOFF10.OCX
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSInfo\Templates\msioff10\(default) C:\PROGRA~1\FILECO~1\MICROS~1\Msinfo\MSIOFF10.OCX
PX5: 594282EE0058D082A094069985DDC9007700217D
MD5: b006a57bb3a559fb47e60586921efa5d
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\MSInfo\msinfo32.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSInfo\Path C:\Programmi\File comuni\Microsoft Shared\MSInfo\msinfo32.exe
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSInfo\Path C:\Programmi\File comuni\Microsoft Shared\MSInfo\msinfo32.exe
PX5: DCC20BBB0036A3BB9EFA00953DF8F200E6CDE36A
MD5: 12644a48270558aec35230e476534f48
Determination: GOOD
C:\WINDOWS\system32\MSMAPI32.OCX
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\msmapi32.ocx\Path C:\WINDOWS\system32\MSMAPI32.OCX
PX5: CC809A1F289FF3EF17E602D45A26BC00B89DA0D2
MD5: d329085a88a9019ed5700c0f04b3176e
Determination: GOOD
C:\WINDOWS\system32\MSMASK32.OCX
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\msmask32.ocx\Path C:\WINDOWS\system32\MSMASK32.OCX
PX5: A4C51309C86D3EC58A6C02150B3345005D63AD87
MD5: f0ac7872c32cd3aeb4fc9eac782c6f37
Determination: GOOD
C:\WINDOWS\system32\MSMPIIT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\msmpiit.dll\Path C:\WINDOWS\system32\MSMPIIT.DLL
PX5: 226E960000F800F158A20089B19937008A393B17
MD5: 93c1a7d0ef166489ee5b1c07472b48d6
Determination: GOOD
C:\WINDOWS\system32\MSMSKIT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\msmskit.dll\Path C:\WINDOWS\system32\MSMSKIT.DLL
PX5: E0E7C0BE0021B26A540F0080EE663100DFBDA77A
MD5: a3845942de436d06343e4f8e6e5f6a32
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\VBA\MSO97RT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mso97rt\Path C:\Programmi\File comuni\Microsoft Shared\VBA\MSO97RT.DLL
PX5: F218909F105A61960DBB38CBAA83E300607CAD06
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\VBA\MSQRY32.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\msqry32.exe\Path C:\Programmi\File comuni\Microsoft Shared\VBA\MSQRY32.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\VBQuery\Path C:\Programmi\File comuni\Microsoft Shared\VBA\msqry32.exe
PX5: 0206D14C1024389B97FC0B85C6B22400B30586FA
MD5: 0296ff3a275d85c6f1b07f2c95ad7b91
Determination: GOOD
C:\Programmi\Microsoft Office\Office10\MSQRY32.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\MSQuery\Path C:\PROGRA~1\MICROS~2\Office10\MSQRY32.EXE
PX5: 824F331BA0A83A44454B0B458613BC00D1271B54
MD5: bb4c7db40472d0e2cbe11b49336920f7
Determination: GOOD
C:\WINDOWS\system32\MSRDC20.OCX
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\msrdc20.ocx\Path C:\WINDOWS\system32\MSRDC20.OCX
PX5: 57229656C0987B8CB23102496B0E7400BDA2A4C7
MD5: da80592805a3b818f2743701de0dadb9
Determination: GOOD
C:\WINDOWS\system32\msrdo20.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\msrdo20.dll\Path C:\WINDOWS\system32\msrdo20.dll
PX5: 67AA238F00FF573D107A06423B4D3B005790DF63
MD5: 31564551d2bf423e350277778965373e
Determination: GOOD
C:\WINDOWS\system32\msscript.ocx
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\msscript.ocx\Path C:\WINDOWS\system32\msscript.ocx
PX5: E74FC11600A01A97902F01AB8D459B00193DCDD6
MD5: 656524b4401f21e2929b78ef4c36db27
Determination: GOOD
C:\WINDOWS\system32\MSSCRIT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\msscrit.dll\Path C:\WINDOWS\system32\MSSCRIT.DLL
PX5: 76F7DCCF00F3636A3A660092ACF3D700EA5721A2
MD5: 0dafc388806e5ead110583707097356c
Determination: GOOD
C:\WINDOWS\system32\msstdfmt.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\msstdfmt.dll\Path C:\WINDOWS\system32\msstdfmt.dll
PX5: 8AE9ED3D00652CF6D03501AA8FA151006C1F5C73
MD5: 92b712df390367bfa4252a48d9d71d51
Determination: GOOD
C:\WINDOWS\system32\MSWINSCK.OCX
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\mswinsck.ocx\Path C:\WINDOWS\system32\MSWINSCK.OCX
PX5: D7EB12B3C046DBA1AA6801257881B300FE2BB675
MD5: 3d8fd62d17a44221e07d5c535950449b
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\Templates\Database Project Items\New SQL Script.SQL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\newsql.sql\Path C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\Templates\Database Project Items\New SQL Script.SQL
PX5: 7215EE9C017D9DC2002900D2921A4000E899EC5F
C:\WINDOWS\system32\ODKOB32.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\odkob32.dll\Path C:\WINDOWS\system32\ODKOB32.DLL
PX5: 776DDBBF0042342F42A000CFE4EBB800C4698F37
MD5: 94f66cd6a18efdb663a61f2025ab31c5
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\OLEVIEW.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\oleview.exe\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\OLEVIEW.EXE
PX5: B8AC47481083518F59F90273528E9800312AB7E4
MD5: 402b3ab93a959151aa8c540b96354704
Determination: GOOD
C:\WINDOWS\system32\PCCLPIT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\pcclpit.dll\Path C:\WINDOWS\system32\PCCLPIT.DLL
PX5: 12FF88A700CC914526B90032C5FC5100068A79A9
MD5: 0ec976de3b0680678ed1f3f09f39f783
Determination: GOOD
C:\WINDOWS\system32\PICCLP32.OCX
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\picclp32.ocx\Path C:\WINDOWS\system32\PICCLP32.OCX
PX5: 987A88B4C898A781449501B9DD9F6000A9C71AD0
MD5: 90502f80c58d513ac3fa15b4e226fdfa
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\WinNT\Strumenti\PSTAT.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\pstat.exe\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\WinNT\Strumenti\PSTAT.EXE
PX5: F98BABC410ABED76AB2200807BBABE0034CE98C9
MD5: 627f9a3ae0b4f46bbb463dd2fd8952aa
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\WinNT\Strumenti\PVIEW.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\pview.exe\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\WinNT\Strumenti\PVIEW.EXE
PX5: DC2708CF108EBED6DF8600809F58A600C5EFF228
MD5: 0355e05993d4991e40c90cb82b1f362a
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\VBA\QRYINT32.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Qryint32.dll\Path C:\Programmi\File comuni\Microsoft Shared\VBA\QRYINT32.DLL
PX5: 1ECDB2C110EC0003819101867DEEF400FD26A867
MD5: f130883d13109860345374edf99bac60
Determination: GOOD
C:\WINDOWS\system32\RACMGR32.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Racmgr32.exe\Path C:\WINDOWS\system32\RACMGR32.EXE
PX5: 2637BF16003DDAEDF0C6009DA4ED420001A9B8C6
MD5: ab3d4a5c45912b703d3429159a1337fb
Determination: GOOD
C:\WINDOWS\system32\RACREG32.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Racreg32.dll\Path C:\WINDOWS\system32\RACREG32.DLL
PX5: 1CEF6A9A005435238021007AFCB49900CFB6D24E
MD5: 4e86f6e372d5f823e457ee5358b46079
Determination: GOOD
C:\WINDOWS\system32\RCHTXIT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\rchtxit.dll\Path C:\WINDOWS\system32\RCHTXIT.DLL
PX5: 512AC32E0068A2C08AB100330C1BB800D2A80133
MD5: a41487a1b9be8fdd76a7418f3842bd5b
Determination: GOOD
C:\WINDOWS\system32\RDC20IT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\rdc20it.dll\Path C:\WINDOWS\system32\RDC20IT.DLL
PX5: EA912ABB00A31DBE421100756D1C9D00DE21D164
MD5: e1f386fbd491ab1e561621c4a1781253
Determination: GOOD
C:\WINDOWS\system32\RDO20IT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\rdo20it.dll\Path C:\WINDOWS\system32\RDO20IT.DLL
PX5: 1293000F005E8DE4044001A982F33900DC9412DB
MD5: 93736f3f28cdaae7c657e91ce87d81fe
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Repostry\REPBROWS.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\repbrows.exe_v6\Path C:\Programmi\File comuni\Microsoft Shared\Repostry\REPBROWS.EXE
PX5: 064B14020032B46E9039065824AD12007F6C91AA
MD5: a26f90f2a14c5e4c40b54482cf097d38
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Repostry\REPBRRC.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\repbrrc.dll\Path C:\Programmi\File comuni\Microsoft Shared\Repostry\REPBRRC.DLL
PX5: 33F28B2910CAEE47CBE5003B3C2E0700182CBDDA
MD5: f049f50befaac7427dcaaefb6f0c7b7c
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Repostry\REPCDLG.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\repcdlg.dll\Path C:\Programmi\File comuni\Microsoft Shared\Repostry\REPCDLG.DLL
PX5: B662AEB100C6A650E08B00FE2125B2002FA6856E
MD5: a49f2757cff9747644a6474da036dbad
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Repostry\REPCDLG.OCX
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\repcdlg.ocx\Path C:\Programmi\File comuni\Microsoft Shared\Repostry\REPCDLG.OCX
PX5: 6A6FB7F2289DEF00D4E101F504637B0098E5BEC9
MD5: 1d8099769c5755241b47e01797ad8d76
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Repostry\REPCDRC.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\repcdrc.dll\Path C:\Programmi\File comuni\Microsoft Shared\Repostry\REPCDRC.DLL
PX5: D8DD8CB810583CEF1F6C003B3C2E0700D5E5ED53
MD5: 2843a2e4da4b7976fcc3d52a2ea33879
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Repostry\REPODBC.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\repodbc.dll_v6\Path C:\Programmi\File comuni\Microsoft Shared\Repostry\REPODBC.DLL
PX5: 92BEF32A49093066B0211276A0D9F600F9CF3979
MD5: 75ce584581a6229342947ef768dc660f
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Repostry\REPRC.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\reprc.dll_v6\Path C:\Programmi\File comuni\Microsoft Shared\Repostry\REPRC.DLL
PX5: 36EE862410670821558D002E780D9A0022BB1351
MD5: fcedc259f04562822f45e7cb4c7e78ee
Determination: GOOD
C:\WINDOWS\system32\RICHTX32.OCX
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\richtx32.ocx\Path C:\WINDOWS\system32\RICHTX32.OCX
PX5: 161B8C48C848AA161CFF039E37539100DC0D6596
MD5: eb4a8f35a70a887fe32f43a3aa7d4e9a
Determination: GOOD
C:\WINDOWS\system32\SCP32.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\scp32.dll\Path C:\WINDOWS\system32\SCP32.DLL
PX5: 2AC1B62200F5D0DE3E2D00C8080E5900D8850BA7
MD5: 781bb5095e39817469ab034138c07ebe
Determination: GOOD
C:\WINDOWS\system32\SELFREG.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\selfreg.dll\Path C:\WINDOWS\system32\SELFREG.DLL
PX5: 0D925E5C00F15E087E3A007858930000CA28B359
MD5: a88346c7d3c20df8ee796012330b6fc2
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\MSDev98\Bin\SHSQL.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\shsql.dll\Path C:\Programmi\Microsoft Visual Studio\Common\MSDev98\Bin\SHSQL.DLL
PX5: 2BE2690D4DF9AD84800F007645194000CADA2677
MD5: 652b823461084d2b6972c059137e2168
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\SIGNCODE.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\signcode.exe\Path C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\SIGNCODE.EXE
PX5: 1D9B94CF109A6F9F6B2000733ED9CC00000FB9C7
MD5: 7873ef6cd1fb9bdcc6d58ed3d0fec47e
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\SIGNER.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\signer.dll\Path C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\SIGNER.DLL
PX5: DAD5F3AD1086A3EB2FBE01E09F373300756D47B4
MD5: 9814da76cb97079cc9f35c0e43ae8460
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\SPYHK55.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\spyhk55.dll\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\SPYHK55.DLL
PX5: 78711A423AC5DA66C0D9002FFE86660007CECCA3
MD5: 101d236f4080cce4a45b65546585bb10
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\SPYXX.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\spyxx.exe\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\SPYXX.EXE
PX5: 5F07558538E19008A02F07FF44BD0F004EEF1945
MD5: b0522d5394d4ad38fc28d2642a6382e5
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\SQL Debugging\SQLDBG.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\sqldbg.dll\Path C:\Programmi\File comuni\Microsoft Shared\SQL Debugging\SQLDBG.DLL
PX5: 76C34B7B0089EB2258CF003BF5F1A40000AB4CBD
MD5: 17ac696fc8682cb7123abde3efdef11c
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\SQLDBREG.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\sqldbreg.exe\Path C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\SQLDBREG.EXE
PX5: 1BFD88D22D68828957DE00F46F0188008706BA6B
MD5: 4e4aad9e67d25d9898ee557037abf245
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\SQLLE.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\sqlle.dll\Path C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\SQLLE.DLL
PX5: 2BCD6AB3D4C01EE010CE022F0A671800D97FC3C5
MD5: b13804399e733809d8b59ba902a4271e
Determination: GOOD
C:\WINDOWS\system32\SQLPAIT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\sqlpait.dll\Path C:\WINDOWS\system32\SQLPAIT.DLL
PX5: 4EFCF96B00B52BAA149A003B3C2E0700E4A92316
MD5: e816bb2033fade81ec9892a009a5dc83
Determination: GOOD
C:\WINDOWS\system32\SQLPARSE.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\sqlparse.dll\Path C:\WINDOWS\system32\SQLPARSE.DLL
PX5: 2A17EFE200CEB593D090017EE62B8C0045AC866B
MD5: 5406e4cc21f6972494ef70ff6918eebd
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\MSDev98\Bin\SQLPRXY.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\sqlprxy.exe\Path C:\Programmi\Microsoft Visual Studio\Common\MSDev98\Bin\SQLPRXY.EXE
PX5: FD64D8AE4D2B36B740F8002DDDE82A003C21143F
MD5: 92fc2a61173671d75d7a346b2ff9001d
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\WinNT\SR32TEST.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\sr32test.exe_NT\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\WinNT\SR32TEST.EXE
PX5: 7F11EAFF20E11CDED9A20600728550008C05487B
MD5: 6e2dc5fc4b43c647c84420da0114dd0f
Determination: GOOD
C:\WINDOWS\system32\STDFTIT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\stdftit.dll\Path C:\WINDOWS\system32\STDFTIT.DLL
PX5: D111617D00DF8ED11A75007AE7AFBB00D8E557B2
MD5: b3274a885221eee09bdf8e219fc48c52
Determination: GOOD
C:\WINDOWS\system32\SYSINFO.OCX
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\sysinfo.ocx\Path C:\WINDOWS\system32\SYSINFO.OCX
PX5: 371B24733042BD3D07CD0169A21918008B3D9624
MD5: 0db04d84b06f760be7a852a8cfc20df2
Determination: GOOD
C:\WINDOWS\system32\SYSINIT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\sysinit.dll\Path C:\WINDOWS\system32\SYSINIT.DLL
PX5: 72153DC200149AE72A5200C7FCE4680095063816
MD5: 652e13287c7192a43620d917fb02e5e1
Determination: GOOD
C:\WINDOWS\system32\TABCTIT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\tabctit.dll\Path C:\WINDOWS\system32\TABCTIT.DLL
PX5: A3AB67F2000F0216566E00AB794660005240A823
MD5: 2dfc008167b773076eeea9b80907ff01
Determination: GOOD
C:\WINDOWS\system32\TABCTL32.OCX
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\tabctl32.ocx\Path C:\WINDOWS\system32\TABCTL32.OCX
PX5: CB6442EFC87BE7C13296038881CAD2005A5919B2
MD5: 908938d3ba2d870ee9fc6238a4c6af95
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\TCPROPS.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\tcprops.dll\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\TCPROPS.DLL
PX5: 0380AE7800A81346A0D3002AEC3589001A2C297D
MD5: d3bf349c496a8315bfa5859da604123f
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\TextConv\html32.cnv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\HTML\Path C:\Programmi\File comuni\Microsoft Shared\TextConv\html32.cnv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\HTML\Path C:\Programmi\File comuni\Microsoft Shared\TextConv\html32.cnv
PX5: 4D9506A9385CE7D6C22D044B3348F800EABDC1BF
MD5: 20b2a413befa1b0d309416bf8228dc95
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\TextConv\WRD6EX32.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\MSWord6Exp\Path C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\WRD6EX32.CNV
PX5: 9EF728AE00C58DD2B08410F920658800EA5D0276
MD5: 15b06591adf703ff0c85bedd1f6fd8bd
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\TextConv\WRD6ER32.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\MSWord6RTFExp\Path C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\WRD6ER32.CNV
PX5: C22C201100EFB7579AD700F939686B00B4A10B83
MD5: b476c81d6b87f64cb4877f03a2058d65
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\TextConv\MACWRD32.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\MSWordMac4\Path C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\MACWRD32.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\MSWordMac5\Path C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\MACWRD32.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\MSWordMac51\Path C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\MACWRD32.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWordMac\Path C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\MACWRD32.CNV
PX5: 87D8F47F00C3BB7728E003635229F400D4781807
MD5: 723528d02d16c0cefc3bb60c4426da64
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\TextConv\WNWRD232.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\MSWordWin2\Path C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\WNWRD232.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWordWin2\Path C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\WNWRD232.CNV
PX5: 2BDF980F00193A16302F03FA6F2D9900E57E9ED2
MD5: dfb89304b96e3bb021de8a6686c9ffb7
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\TextConv\WORKS432.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\MSWorksWin4\Path C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\WORKS432.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWorksWin4\Path C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\WORKS432.CNV
PX5: 6FFFA7710000B9E8201804DD699F370088265D70
MD5: 42ccb9262723652deed0bf389c808c49
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\TextConv\WORKS532.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\MSWorksWin5\Path C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\WORKS532.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWorksWin5\Path C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\WORKS532.CNV
PX5: 4981BE5640FD4C23D0A000D8B66B290098B37F7B
MD5: 92088fcf40081530e8162be89c29750d
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\TextConv\WPFT532.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\WrdPrfctDat\Path C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\WPFT532.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\WrdPrfctDat50\Path C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\WPFT532.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\WrdPrfctDOS50\Path C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\WPFT532.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\WrdPrfctDOS51\Path C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\WPFT532.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Export\WrdPrfctWin\Path C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\WPFT532.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\WrdPrfctDos\Path C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\WPFT532.CNV
PX5: 70AFF0680003DB938A0905DC950C11003475EC65
MD5: 12200bc8c018f927bf434592c319918c
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\TextConv\LOTUS32.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\Lotus123\Path C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\LOTUS32.CNV
PX5: 9E6FBAEB007F0979C8A60102158E26004800BC2C
MD5: 2c0ea238b6254d8dc507f0623c4e7a6c
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\TextConv\EXCEL32.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSBiff\Path C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\EXCEL32.CNV
PX5: 704A8728007B1BFD60FA029E8725FD00F40319BC
MD5: b4d026a85b418baf7733421f565fa378
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\TextConv\write32.wpc
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWinWrite.wpc\Path C:\Programmi\File comuni\Microsoft Shared\TextConv\write32.wpc
PX5: 71A6A3C449C4AC08B01A01656F55D100B9B2E691
MD5: afd63ca25e43793fd7c42c5f74961559
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\TextConv\MSWRD632.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWord6\Path C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\MSWRD632.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWordJ6\Path C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\MSWRD632.CNV
PX5: 417C23C900BA5AE0485702F2E91DAA00C9EA8DFC
MD5: 5724a6002efe616a882ed4e63e88bb40
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\TextConv\mswrd632.wpc
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWord6.wpc\Path C:\Programmi\File comuni\Microsoft Shared\TextConv\mswrd632.wpc
PX5: 255241CE4A8E0D0D40E903D813E15E00D95525A3
MD5: da91b90d37135534d061b7e3480fc11c
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\TextConv\mswrd832.cnv
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\MSWord8\Path C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\MSWRD832.CNV
PX5: E4DB25CE10AF0B4B41E904034C3FBD003A7F764C
MD5: 40a28e9cc57f760a213a71fce642cedd
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\TextConv\RECOVR32.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\Recover\Path C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\RECOVR32.CNV
PX5: 57E4029000E09B18F49B0082C5DE430039E0386C
MD5: b975f36cb222ed7e6106c6e3c0e42ce6
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\TextConv\WPFT632.CNV
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Text Converters\Import\WordPerfect6x\Path C:\PROGRA~1\FILECO~1\MICROS~1\TextConv\WPFT632.CNV
PX5: 412C671900DFF5F068FC04E6DC6B6D002FAD07F5
MD5: 91f3540765a68c917473dce842f0049f
Determination: GOOD
C:\WINDOWS\system32\TLBINF32.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\tlbinf32.dll\Path C:\WINDOWS\system32\TLBINF32.DLL
PX5: 445B0F7E005E9C6C444E020DC858EC00EC64A3CC
MD5: 445ca9eea4c2d703a113f23104b67236
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\TRACER.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\tracer.exe\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\TRACER.EXE
PX5: 67EA057647B5147E50AE0024C196DA00F93D8AED
MD5: 1584bf54de1959e57c626f970885b869
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Triedit\triedit.dll
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\triedit.dll\Path C:\Programmi\File comuni\Microsoft Shared\Triedit\triedit.dll
PX5: 7694815F00136891569102C9F3166D002CB3B3D4
MD5: c2d5707ec0d8be682235b5d3c2d4b3cc
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\TSTCON32.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\tstcon32.exe\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\TSTCON32.EXE
PX5: 1CD4AED74D7FBD74C0D8038343958E0005AD18A6
MD5: 26990ccaa5f4cfa50c1497d7680b2da6
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Repostry\infoMdl\UML.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\uml.dll\Path C:\Programmi\File comuni\Microsoft Shared\Repostry\infoMdl\UML.DLL
PX5: 847A4B0E00CA5992A0A1010A79C9210043D4AD4C
MD5: d342135006184a78e14d202bca4c08db
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\UNDNAME.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\undname.exe\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\UNDNAME.EXE
PX5: C8BCE0BB10F3F6BF8B4D00E2243740001086B01E
MD5: cc3e8532b40c35e1227e714be34b2810
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\URLPKR.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\urlpkr.dll\Path C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\URLPKR.DLL
PX5: 5FC06C0EA03F95804FB301E2F6F93D00A320085A
MD5: 89e34e4c6d7c23ed10f1909f56a5cd1b
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\Utility Projects\Utility Project.gpz
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\utility.gpz\Path C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\Utility Projects\Utility Project.gpz
PX5: 81051BCC022CF1BE00DF00378224B000A93E2877
C:\Programmi\Microsoft Visual Studio\Common\Tools\UUIDGEN.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\uuidgen.exe\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\UUIDGEN.EXE
PX5: 176D63F810A4B7999998001C4A5013008087799B
MD5: fee30fc4a3357f4c0d98d707b79e6709
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VADEC.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\vadec.dll\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VADEC.DLL
PX5: 1416BACC1023C70561430198FF2DA7000CFBBA97
MD5: 1e8f441abc92c58589375526cf6f535e
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\resources\1040\VADECUI.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\vadecui.dll(ita)\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\resources\1040\VADECUI.DLL
PX5: 5149DBCB00F419BF5A2E005CD6611B0075F0EBE9
MD5: 94ed1cbbfda273e1aac93eeb883fed23
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VAESA.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\vaesa.dll\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VAESA.DLL
PX5: 84A3F6919C2B496FEA0501A031B262004732CA83
MD5: 652616e9ac50c2f6712433996c639e71
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\resources\1040\VAESAUI.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\vaesaui.dll(ita)\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\resources\1040\VAESAUI.DLL
PX5: DD467BF400AFDCD5182500570B06AB00C8D1CFD4
MD5: 7c34e01d0e855f7d856bfddbaef70703
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VAESI.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\vaesi.dll\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VAESI.DLL
PX5: FA689E84106D2C09618101263126B60036304977
MD5: 464ce1e2b70ed0d841b59c8e7e6668c6
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\resources\1040\VAESIUI.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\vaesiui.dll(ita)\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\resources\1040\VAESIUI.DLL
PX5: 179B11150042176B1A910037C58F5C002D47CCCD
MD5: 6b8adff160d65e8b2eec8c2a7c01fbc3
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VAHTP.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\vahtp.dll\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VAHTP.DLL
PX5: 8A930E0BA6F320F37596002DDDE82A0056EF5B07
MD5: 6e8e38cb93c99f1f89087a36f0dd7a91
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\resources\1040\VAHTPUI.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\vahtpui.dll(ita)\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\resources\1040\VAHTPUI.DLL
PX5: D91961EE00E485940AB900B692B5DE00B79BCD14
MD5: 044bffe2082e660c40ad1170a15b828d
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VAIEA.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\vaiea.dll\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VAIEA.DLL
PX5: AD709B6F3C5795ABFCF6017E72F82700D6B8444D
MD5: 3e84f138565c7098e02583c4cad6b445
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\resources\1040\VAIEAUI.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\vaieaui.dll(ita)\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\resources\1040\VAIEAUI.DLL
PX5: 4F9C152B005A3B17264100F833E3960039472335
MD5: 1b3d3cbe55bb7c95cedd66ac84c6de1d
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VAIEC.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\vaiec.dll\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VAIEC.DLL
PX5: EF5AE6C610E917E5519601F58039DB003D5834CA
MD5: 4cead470c5baed2bfebe1fcfbe52c3db
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\resources\1040\VAIECUI.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\vaiecui.dll(ita)\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\resources\1040\VAIECUI.DLL
PX5: 97DE21CD00ED1A18189300A0F1904500F03D09DD
MD5: b375272167934f0f5fc36732bbf106e3
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VALEC.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\valec.exe\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VALEC.EXE
PX5: A1D904A6107CCE9561BC02971A7BE2005B9CD612
MD5: 478b4da2dd1d416fab0e4986e666f8fc
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\resources\1040\VALECUI.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\valecui.dll(ita)\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\resources\1040\VALECUI.DLL
PX5: 5641ECF4001B4733320100B6F94F1800F41697FE
MD5: 28c041a38578be07f479b85014777bff
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VALMP.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\valmp.dll\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VALMP.DLL
PX5: 4197926D1082E4ECA13B005A39A3E1007A751ABE
MD5: e713246da9ff37e405e007fac02ddc6e
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VAPDS.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\vapds.dll\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VAPDS.DLL
PX5: F7F782F810E1B065517601F367792000FB4CFF27
MD5: 349d75afb627838f3084e94233df4ce5
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\resources\1040\VAPDSUI.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\vapdsui.dll(ita)\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\resources\1040\VAPDSUI.DLL
PX5: FC54E43B005DDC40185600793A420A00C94A0B6F
MD5: 287897e3753491059afdd0b8a921d243
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VASEI.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\vasei.dll\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VASEI.DLL
PX5: ABC57A28D4243E4CA13B03A078DE680066CFD6B3
MD5: cd4f8519f948f173fa71a9540445dcbf
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\resources\1040\VASEIUI.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\vaseiui.dll(ita)\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\resources\1040\VASEIUI.DLL
PX5: 228147C800C8E74C1A4B002D8D48C4006075B8B8
MD5: af71c89dbae5c52bba0c2281fae447ac
Determination: GOOD
C:\WINDOWS\system32\VB5DB.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\vb5db.dll\Path C:\WINDOWS\system32\VB5DB.DLL
PX5: 32D5A3CC101F07995DD801EBCA1270009B8898E2
MD5: 4c6f2d2ce86330335801f2982b26223e
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\VCM\VCMCAB.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\VCM setup tagfile\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\VCM\VCMCAB.DLL
PX5: 1E6F7A41002DC842ACA7019E1CCBC9001182D3E4
MD5: 055a8b712d3cac4d0b11ade27fcd6522
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\VCSPAWN.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\vcspawn.exe(VS)\Path C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\VCSPAWN.EXE
PX5: BEFF7DFB3194A49F6007002DDDE82A0088FB0692
MD5: b5a7594e0b317bcb167998263c79551c
Determination: GOOD
C:\WINDOWS\System\VI30WRP.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\VI30Wrp.dll\Path C:\WINDOWS\System\VI30WRP.DLL
PX5: 30D5F37D000F40A7522401EB19C565006D43B0FE
MD5: f42160610dcb98a92aa72a772f7805ad
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\VIDDBPKG.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\viddbpkg.dll\Path C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\VIDDBPKG.DLL
PX5: 3D9FA3E6A1FF03FA087208E9F9B40400AD8D1064
MD5: 0b56b5c36493c2d6ee0ebc49af15e8a6
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\resources\1040\VIDDBUI.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\viddbui.dll(ita)\Path C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\resources\1040\VIDDBUI.DLL
PX5: 8D7206AE00C73B96D64C0053D4D09A00F9432F2D
MD5: c137a4c951bf7df37da74bcac69e431d
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Wizards98\VIDWOJ.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\vidwoj.dll\Path C:\Programmi\File comuni\Microsoft Shared\Wizards98\VIDWOJ.DLL
PX5: 69AAE0194028E239CA5F01E523D13C0034D03F0A
MD5: 238191801b8601e9ac98efa1cc214139
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Wizards98\resources\1040\VIDWOJUI.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\vidwojui.dll(ita)\Path C:\Programmi\File comuni\Microsoft Shared\Wizards98\resources\1040\VIDWOJUI.DLL
PX5: DCEAC32F00C7E1F81439008B31B53F001661D351
MD5: ed6a011d1b3d02d6a0cee8563fc5cfd5
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VAVSA.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Vista setup tagfile\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VAVSA.DLL
PX5: 2B04126A50333567A53D0C1350F917006B7CC782
MD5: 222e905f68cda1a56379dcddebb13d13
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Wizards98\VIWZ1.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\viwz1.dll\Path C:\Programmi\Microsoft Visual Studio\Common\Wizards98\VIWZ1.DLL
PX5: 4ECFE61D00DCFFECF0F1224066148700C1C86A87
MD5: 6436733aa997a29e52fc29d25c5a6b71
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Wizards98\resources\1040\VIWZ1UI.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\viwz1ui.dll(ita)\Path C:\Programmi\Microsoft Visual Studio\Common\Wizards98\resources\1040\VIWZ1UI.DLL
PX5: 696791CF00BBAA89DE690C82E1DBDC00E094C5C7
MD5: 0a83ca184c012581d5b6b2570ca8178d
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\Wizards98\VIWZRT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\viwzrt.dll\Path C:\Programmi\File comuni\Microsoft Shared\Wizards98\VIWZRT.DLL
PX5: 4341D5080008A08990E60A8E838357004F514CAF
MD5: b54c91709f7452b03e14a7530d94a80e
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\Redist\VJREG.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\vjreg.exe (Redist)\Path C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\Redist\VJREG.EXE
PX5: 60398DB0902776E47F4201FD9A83CF001F450BCF
MD5: 14b5e3e27924e04b9605a5b1d710ddd8
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\vmodeler\MSVM.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\VM setup tagfile\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\VS-Ent98\vmodeler\MSVM.EXE
PX5: 0D5F3D49002CB53C6A4846F57C5AA600EFC77615
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\VSDPL.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\vsdpl.dll\Path C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\VSDPL.DLL
PX5: 01FAEA9010FEC7D8D12907FAC2650500CFD593BA
MD5: 944fe1a072d666216595509e8ea443e0
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\resources\1040\VSDPLUI.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\vsdplui.dll(ita)\Path C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\resources\1040\VSDPLUI.DLL
PX5: A4E1C0460039C1EBD00C008D88AA9C00B802F41A
MD5: 4f777f6acc71f9b19f00e12bee89bb50
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\VS98\VSHELP.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\vshelp.dll\Path C:\Programmi\File comuni\Microsoft Shared\VS98\VSHELP.DLL
PX5: 44AA0581CA652FFCC81A0139C9B39E007124A136
MD5: 7efb7ede8c227f562962759416002f4b
Determination: GOOD
C:\Programmi\File comuni\Microsoft Shared\VS98\resources\1040\VSHELPUI.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\vshelpui.dll(ita)\Path C:\Programmi\File comuni\Microsoft Shared\VS98\resources\1040\VSHELPUI.DLL
PX5: 36F26F81004B9FA952CE0024CCC9CB003905A3CF
MD5: f0367c65934ffae4aa0bd50ef842c837
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\resources\1040\VSIDE.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\Vside.dll(ita)\Path C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\resources\1040\VSIDE.DLL
PX5: 950BD53300325656C48D0604DD70C900A0FE8863
MD5: c6f56cfbddcc5d287f20b36cee6642f0
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\VSPKG.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\vspkg.dll\Path C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\VSPKG.DLL
PX5: AB90BB3110EE17E2D1A81078FF34010093C1093B
MD5: 0b0f6fc7101f6ea668c23c4127fb05fe
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\resources\1040\VSPKGUI.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\vspkgui.dll(ita)\Path C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\resources\1040\VSPKGUI.DLL
PX5: 2DCCF63500451C0BDCD50738036F6700277F61A7
MD5: 40979ae62957a6368e4d094c8c0d577d
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\VSS\win32\SSEXP.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\VSS setup tagfile\Path C:\Programmi\Microsoft Visual Studio\Common\VSS\win32\SSEXP.EXE
PX5: 001850BC00200B113E9A00A88B83BB000D19FBC6
MD5: 1192232a1772ca6015632d34ea7ef4d6
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\VSSCC.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\vsscc.dll\Path C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\VSSCC.DLL
PX5: A3C263381011584C819D0B6B07EE4000DD78D4F1
MD5: 07bc7d69dc35629b5aec41c4e5ca3101
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\resources\1040\VSSCCUI.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\vssccui.dll(ita)\Path C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\resources\1040\VSSCCUI.DLL
PX5: E29FD31A00AC66435460011E5748E8003D0B032D
MD5: dfb5c0c09e3f05989bcc42b5b1054ef6
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\VSSLN.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\vssln.dll\Path C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\VSSLN.DLL
PX5: E9BDABFB1091F3B161EB07DAE3E5D3005A3D18EA
MD5: 5fff2ec41971507955e95dc15c98710f
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\resources\1040\VSSLNUI.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\vsslnui.dll(ita)\Path C:\Programmi\Microsoft Visual Studio\Common\IDE\IDE98\resources\1040\VSSLNUI.DLL
PX5: E1E900DD00D3931934F101993036150068CD8745
MD5: c1eb2b64c4bfa86e131879e67d8b921f
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\WINDIFF.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\windiff.exe\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\WINDIFF.EXE
PX5: 802FD8B610B369935D0B0110CC3ED40005DE34A3
MD5: 62e96883e70ad488b40046085ecff19a
Determination: GOOD
C:\WINDOWS\system32\WINSKIT.DLL
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\winskit.dll\Path C:\WINDOWS\system32\WINSKIT.DLL
PX5: DBDB9FDD002ED8513E35005EFF35FE007F60D1CB
MD5: 51b6202b2e5d13f295038dfe1bdbc5ff
Determination: GOOD
C:\Programmi\Microsoft Visual Studio\Common\Tools\ZOOMIN.EXE
Loaded from: \REGISTRY\Machine\Software\Microsoft\Shared Tools\zoomin.exe\Path C:\Programmi\Microsoft Visual Studio\Common\Tools\ZOOMIN.EXE
PX5: 3F60670F301FA7547812009DEF40BA0059FC2C71
MD5: 100dce502e25588c5ccba6c8bb1100b9
Determination: GOOD
C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\PDFShell.dll
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{F9DB5320-233E-11D1-9F84-707F02C10627}\(default) PDF Column Info
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ColumnHandlers\{F9DB5320-233E-11D1-9F84-707F02C10627}\(default) PDF Column Info
PX5: 8C22B1270080452CB0520538F9A2700042807472
MD5: 2094bc9a0fc9c0e15eea5f4a9581dd14
Determination: GOOD
C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 7.0\ShellEx.dll
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\Kaspersky Anti-Virus\(default) {dd230880-495a-11d1-b064-008048ec2fc5}
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\Kaspersky Anti-Virus\(default) {dd230880-495a-11d1-b064-008048ec2fc5}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Kaspersky Anti-Virus\(default) {dd230880-495a-11d1-b064-008048ec2fc5}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\Kaspersky Anti-Virus\(default) {dd230880-495a-11d1-b064-008048ec2fc5}
PX5: 9C3CF43B08DBE8589B8100EF2AFE82005E3F1993
MD5: 2e1840060c5447c0135aa2ee4eb78ba6
Determination: GOOD
C:\Programmi\MagicISO\misosh.dll
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\MagicISO\(default) {DB85C504-C730-49DD-BEC1-7B39C6103B7A}
Loaded from: \REGISTRY\Machine\Software\Classes\Folder\shellex\ContextMenuHandlers\MagicISO\(default) {DB85C504-C730-49DD-BEC1-7B39C6103B7A}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\MagicISO\(default) {DB85C504-C730-49DD-BEC1-7B39C6103B7A}
Loaded from: \REGISTRY\Machine\Software\Classes\*\shellex\ContextMenuHandlers\MagicISO\(default) {DB85C504-C730-49DD-BEC1-7B39C6103B7A}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\MagicISO\(default) {DB85C504-C730-49DD-BEC1-7B39C6103B7A}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\ContextMenuHandlers\MagicISO\(default) {DB85C504-C730-49DD-BEC1-7B39C6103B7A}
PX5: 91352729005BFDA9520D000148A3DE009763B600
MD5: f2f7b5173ba494fa23cd17e3e3027aa4
Determination: GOOD
c:\WINDOWS\System32\BTNCopy.dll
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\Monitor\(default) {7842554E-6BED-11D2-8CDB-B05550C10000}
Loaded from: \REGISTRY\Machine\Software\Classes\Directory\shellex\CopyHookHandlers\Monitor\(default) {7842554E-6BED-11D2-8CDB-B05550C10000}
PX5: BF5B477200888E3900880196F9AAAD00320A6423
MD5: febfd2969b4ec9a7c97d2f5f315c6e24
Determination: GOOD
C:\Programmi\Microsoft Office\Office10\OSA.EXE
Loaded from: FILE
PX5: 8210284EA0B722E4453301D7A215060004970604
MD5: 5bc65464354a9fd3beaa28e18839734a
Determination: GOOD
C:\WINDOWS\system32\wuapi.dll.mui
Loaded from: FILE
PX5: 92E0CC095853C0C1753300650DDDAD00C0399BC2
MD5: b7b1ebd53c9e861db7a8ab7d13d8e1d8
Determination: GOOD
C:\WINDOWS\system32\jjwotgkb.dll
Loaded from: FILE
PX5: E024F88540A32D53300301CFD8349600C1907A5E
MD5: 06571a34ac770182dd84a816373b3d2b
Determination: BAD
Malware Group: Trojan.Vundo
C:\WINDOWS\system32\eqnnekau.dll
Loaded from: FILE
PX5: 93CC9F35407481973CBD01ACCE38C800B951F84E
MD5: b5f3c62e5faf932d16351ba991605b2a
Determination: BAD
Malware Group: Lop
C:\WINDOWS\system32\win32k.sys
Loaded from: FILE
PX5: AF40E9838058D78E21CB1CA553259300AEAD9216
MD5: 6afde6c2294db179a558377f9eb5a0f7
Determination: GOOD
C:\WINDOWS\system32\qonbqrnl.dll
Loaded from: FILE
PX5: 93CC9F35407481973CBD01ACCE38C800B951F84E
MD5: b5f3c62e5faf932d16351ba991605b2a
Determination: BAD
Malware Group: Lop
C:\WINDOWS\system32\wuaucpl.cpl.mui
Loaded from: FILE
PX5: FD92C06C58084CD4759C00E6600FAC0065A26BA6
MD5: 5271dcc72118b26619d1f8f4b3372a06
Determination: GOOD
C:\WINDOWS\system32\wuaueng.dll.mui
Loaded from: FILE
PX5: 8F87ECF5583D62C253DE00AB7F3D51002C1F4DC0
MD5: a9875e8f8a1852e0e325a02ce421ed36
Determination: GOOD
C:\WINDOWS\system32\wucltui.dll.mui
Loaded from: FILE
PX5: 70241DA158CC4AF1959400D2361A37006066AE07
MD5: 7a5740c5a55447e88a760322334244d5
Determination: GOOD
C:\WINDOWS\system32\MRT.exe
Loaded from: FILE
PX5: EF2F9102782F416A4A0616CD02206801C7C01052
Determination: GOOD
C:\WINDOWS\system32\ymikcucq.dll
Loaded from: FILE
PX5: 93CC9F35407481973CBD01ACCE38C800B951F84E
MD5: b5f3c62e5faf932d16351ba991605b2a
Determination: BAD
Malware Group: Lop
C:\WINDOWS\system32\ijptimll.dll
Loaded from: FILE
PX5: AF71E08640CAF1CB322401E8FFD305004852E23E
MD5: 15674637e08a2e0d33750ce3973f6bbc
Determination: BAD
Malware Group: TROJAN.AGENT.GEN
C:\WINDOWS\system32\fvuxyxot.dll
Loaded from: FILE
PX5: E0010D3240D3FDB634BC01A0A9AE0000782EC392
MD5: fad264b8a60dbdce5ca5174672150f37
Determination: BAD
Malware Group: Trojan.Vundo
C:\WINDOWS\system32\atasnt40.dll
Loaded from: FILE
PX5: CA95B160527EC33C1625033195523E00B40AAF00
MD5: f403e45824bc6750ba17a2459a6f5c5c
Determination: GOOD
C:\WINDOWS\system32\uceufdql.dll
Loaded from: FILE
PX5: E024F88540A32D53300301CFD8349600C1907A5E
MD5: 06571a34ac770182dd84a816373b3d2b
Determination: BAD
Malware Group: Trojan.Vundo
C:\WINDOWS\system32\qlyedocx.dll
Loaded from: FILE
PX5: E0010D3240D3FDB634BC01A0A9AE0000782EC392
MD5: fad264b8a60dbdce5ca5174672150f37
Determination: BAD
Malware Group: Trojan.Vundo
C:\WINDOWS\system32\iojjabye.dll
Loaded from: FILE
PX5: E0010D3240D3FDB634BC01A0A9AE0000782EC392
MD5: fad264b8a60dbdce5ca5174672150f37
Determination: BAD
Malware Group: Trojan.Vundo
C:\WINDOWS\system32\javaee.dll
Loaded from: FILE
PX5: 6C1A68AE10E1DFB021340250C4395500224FFC5E
MD5: daa843699abf45d1174df6f2a261450f
Determination: GOOD
C:\WINDOWS\system32\dmtqhlnd.dll
Loaded from: FILE
PX5: B0F24F0C409A42A340B501D7B1D0D50073B701DD
MD5: c9f206103594d73ea0a2eb3f89a7fea5
Determination: BAD
Malware Group: Trojan.Vundo
C:\WINDOWS\system32\MSADODC.oca
Loaded from: FILE
PX5: 70B4BBCD00A0AA468ED1003B3C2E070002383515
MD5: 7087136805bff2618539e50c114375fc
Determination: GOOD
C:\WINDOWS\system32\MSCOMM32.oca
Loaded from: FILE
PX5: 70B4BBCD00A0AA4664D1003B3C2E0700BAF4C90B
MD5: 628b134019da43bb1b99c3bfec66e72d
Determination: GOOD
C:\WINDOWS\system32\MSMASK32.oca
Loaded from: FILE
PX5: 70B4BBCD00A0AA46C0D1003B3C2E07000286FA09
MD5: a975d246ba122e5d8562efcaac549fab
Determination: GOOD
C:\WINDOWS\system32\MSHFLXGD.oca
Loaded from: FILE
PX5: 70B4BBCD00A0AA4664D1013B3C2E0700DE0E1B9B
MD5: cc444d6b859739dd73b6104638d43a43
Determination: GOOD
C:\WINDOWS\system32\mscomctl.oca
Loaded from: FILE
PX5: 70B4BBCD00A0AA4614D1043B3C2E0700190A591E
MD5: ba1a98a2da8ea4d2fea3c1a47739d984
Determination: GOOD
C:\WINDOWS\system32\SYSINFO.oca
Loaded from: FILE
PX5: 70B4BBCD00A0AA4646D1003B3C2E07008712F9F9
MD5: f033b4bb6b14cf33b54bce713af692a7
Determination: GOOD
C:\WINDOWS\system32\Comdlg32.oca
Loaded from: FILE
PX5: 70B4BBCD00A0AA468CD1003B3C2E0700DFB9C702
MD5: fd58a051c13a528423790ff9be94710f
Determination: GOOD
C:\WINDOWS\system32\java.exe
Loaded from: FILE
PX5: CF91D0AB004CEFDC1058024195AB4E00D7A77728
MD5: 08996dd4135eedcb346bc4ad97b88a72
Determination: GOOD
C:\WINDOWS\system32\javaw.exe
Loaded from: FILE
PX5: C4E5ED02008194B4109E02C4245AB900A4B13B8B
MD5: 80d62c1f4c24794ff54cfe2f98bb307e
Determination: GOOD
C:\WINDOWS\system32\javaws.exe
Loaded from: FILE
Loaded from: FILE
PX5: 5B6A409700FA1EA5203002AB525C97008C0B7F74
MD5: a84f2c13b9ff97e065e6a9e6c77fff6a
Determination: GOOD
C:\WINDOWS\system32\vhpnhqdf.dll
Loaded from: FILE
PX5: E024F88540A32D53300301CFD8349600C1907A5E
MD5: 06571a34ac770182dd84a816373b3d2b
Determination: BAD
Malware Group: Trojan.Vundo
C:\WINDOWS\system32\ensogrok.dll
Loaded from: FILE
PX5: E024F88540A32D53300301CFD8349600C1907A5E
MD5: 06571a34ac770182dd84a816373b3d2b
Determination: BAD
Malware Group: Trojan.Vundo
C:\WINDOWS\system32\msvcr80.dll
Loaded from: FILE
PX5: E342A53A00B837A990F3094692D7CC00CD06DA09
MD5: 16d7ddf3b659f7cf1cb9f4dcff4219f0
Determination: GOOD
C:\WINDOWS\system32\msvcr70.dll
Loaded from: FILE
PX5: 557F46BF00B8F62240C40522AB7B720047DFA04B
MD5: 9972a6ed4f2388dbfa8e0a96f6f3fdf1
Determination: GOOD
C:\WINDOWS\system32\widsgjyd.dll
Loaded from: FILE
PX5: AF71E08640CAF1CB322401E8FFD305004852E23E
MD5: 15674637e08a2e0d33750ce3973f6bbc
Determination: BAD
Malware Group: TROJAN.AGENT.GEN
C:\WINDOWS\system32\RICHTX32.oca
Loaded from: FILE
PX5: 70B4BBCD00A0AA46FCD1003B3C2E07006215D92A
MD5: 595fd3bf60a628d251d76ccedd67b9db
Determination: GOOD
C:\WINDOWS\system32\hfrsljdf.dll
Loaded from: FILE
PX5: AF71E08640CAF1CB322401E8FFD305004852E23E
MD5: 15674637e08a2e0d33750ce3973f6bbc
Determination: BAD
Malware Group: TROJAN.AGENT.GEN
C:\WINDOWS\system32\bbvrafax.dll
Loaded from: FILE
PX5: E024F88540A32D53300301CFD8349600C1907A5E
MD5: 06571a34ac770182dd84a816373b3d2b
Determination: BAD
Malware Group: Trojan.Vundo
C:\WINDOWS\system32\COMCT232.oca
Loaded from: FILE
PX5: 70B4BBCD00A0AA46D0D1003B3C2E0700A066CB3E
MD5: 0ec86ce583cf397375aacf5a93a33d8e
Determination: GOOD
C:\WINDOWS\system32\COMCTL32.oca
Loaded from: FILE
PX5: 70B4BBCD00A0AA46AED1033B3C2E0700872F14E4
MD5: d8dc984f2a22dbd8a606f6d7fb2b73d3
Determination: GOOD
C:\WINDOWS\system32\MSCOMCT2.oca
Loaded from: FILE
PX5: 70B4BBCD00A0AA4612D1023B3C2E0700BD3CBAF8
MD5: ba8fbb5444ffd9f8c3e873a8f58164f3
Determination: GOOD
C:\WINDOWS\system32\COMCT332.oca
Loaded from: FILE
PX5: 70B4BBCD00A0AA468CD1003B3C2E0700D078F5D1
MD5: ebd14f94b7e3964ae15b693c8609ad27
Determination: GOOD
C:\WINDOWS\system32\capicom.dll
Loaded from: FILE
PX5: 4105DEC700A72FDE209C07F3FD8280004824A923
MD5: 1b6e2050abbda860f4f9f245d1e150a5
Determination: GOOD
C:\WINDOWS\system32\lddkfxfn.dll
Loaded from: FILE
PX5: 4815FC2F4052511F30CB0134943741009DF21890
MD5: ce237cc739074ddc4e5c501d15f640b7
Determination: BAD
Malware Group: Trojan.Vundo
C:\WINDOWS\system32\hqslfvuh.dll
Loaded from: FILE
PX5: AF71E08640CAF1CB322401E8FFD305004852E23E
MD5: 15674637e08a2e0d33750ce3973f6bbc
Determination: BAD
Malware Group: TROJAN.AGENT.GEN
C:\WINDOWS\system32\VerticalMenu.ocx
Loaded from: FILE
PX5: 9C4A476A00F6EC0DB03202ED967A970015FDC5F8
MD5: b8480944a58b00bab04ed93546a53218
Determination: GOOD
C:\WINDOWS\system32\ovrvvxnx.dll
Loaded from: FILE
PX5: DA68B5A540B5DA1B362201C59F114900E8B89772
MD5: e868a065120368e65b52a8ec17981380
Determination: BAD
Malware Group: Lop
C:\WINDOWS\system32\rjimtxox.dll
Loaded from: FILE
PX5: AF71E08640CAF1CB322401E8FFD305004852E23E
MD5: 15674637e08a2e0d33750ce3973f6bbc
Determination: BAD
Malware Group: TROJAN.AGENT.GEN
C:\WINDOWS\system32\niiamiih.dll
Loaded from: FILE
PX5: B0F24F0C409A42A340B501D7B1D0D50073B701DD
MD5: c9f206103594d73ea0a2eb3f89a7fea5
Determination: BAD
Malware Group: Trojan.Vundo
C:\WINDOWS\system32\zshp1020.exe
Loaded from: FILE
PX5: 426181E000A92E3AC0FE06A6BB5D0B008DA110D3
MD5: 3d70a16fbc80b75d788b39ed6a3dcb81
Determination: GOOD
C:\WINDOWS\system32\vshp1020.dll
Loaded from: FILE
PX5: E0B2F9A20043409BA09D0194DC615D0003355C59
MD5: ef11f02c1f7a5e1297fdcb1f2bf0e29b
Determination: GOOD
C:\WINDOWS\system32\verticalmenu.oca
Loaded from: FILE
PX5: 70B4BBCD00A0AA4664D1003B3C2E0700845A45B1
MD5: 3ed52dd4710bb0d98a46adb0df11cbbe
Determination: GOOD
C:\WINDOWS\system32\ruccbnut.dll
Loaded from: FILE
PX5: AF71E08640CAF1CB322401E8FFD305004852E23E
MD5: 15674637e08a2e0d33750ce3973f6bbc
Determination: BAD
Malware Group: TROJAN.AGENT.GEN
C:\WINDOWS\system32\xpsp3res.dll
Loaded from: FILE
PX5: 25D41B510053F6EADAD40178036FEC00D58F230F
MD5: d2bc8bfece9cdb9acc26a99373afcd61
Determination: GOOD
C:\WINDOWS\system32\smoholfk.dll
Loaded from: FILE
PX5: AF71E08640CAF1CB322401E8FFD305004852E23E
MD5: 15674637e08a2e0d33750ce3973f6bbc
Determination: BAD
Malware Group: TROJAN.AGENT.GEN
C:\WINDOWS\system32\wvainqih.dll
Loaded from: FILE
PX5: AF71E08640CAF1CB322401E8FFD305004852E23E
MD5: 15674637e08a2e0d33750ce3973f6bbc
Determination: BAD
Malware Group: TROJAN.AGENT.GEN
C:\WINDOWS\system32\crqatoad.dll
Loaded from: FILE
PX5: B0F24F0C409A42A340B501D7B1D0D50073B701DD
MD5: c9f206103594d73ea0a2eb3f89a7fea5
Determination: BAD
Malware Group: Trojan.Vundo
C:\WINDOWS\system32\rkjepcsh.dll
Loaded from: FILE
PX5: E0010D3240D3FDB634BC01A0A9AE0000782EC392
MD5: fad264b8a60dbdce5ca5174672150f37
Determination: BAD
Malware Group: Trojan.Vundo
C:\WINDOWS\system32\oqwkvevj.dll
Loaded from: FILE
PX5: B0F24F0C409A42A340B501D7B1D0D50073B701DD
MD5: c9f206103594d73ea0a2eb3f89a7fea5
Determination: BAD
Malware Group: Trojan.Vundo
C:\WINDOWS\system32\xpaxxvpf.dll
Loaded from: FILE
PX5: B0F24F0C409A42A340B501D7B1D0D50073B701DD
MD5: c9f206103594d73ea0a2eb3f89a7fea5
Determination: BAD
Malware Group: Trojan.Vundo
C:\WINDOWS\system32\eajpbstu.dll
Loaded from: FILE
PX5: E0010D3240D3FDB634BC01A0A9AE0000782EC392
MD5: fad264b8a60dbdce5ca5174672150f37
Determination: BAD
Malware Group: Trojan.Vundo
C:\WINDOWS\system32\pgulfser.dll
Loaded from: FILE
PX5: DECA974440711FA52C9D013555EA46004A97862F
MD5: 8c08600b7ff6224ce32d5a0be63bc69b
Determination: GOOD
C:\WINDOWS\system32\kxsupfte.dll
Loaded from: FILE
PX5: DECA974440711FA52C9D013555EA46004A97862F
MD5: 8c08600b7ff6224ce32d5a0be63bc69b
Determination: GOOD
C:\WINDOWS\system32\msxml3a.dll
Loaded from: FILE
PX5: 8A1C339600C61EF26E750032D624FF006AFD8324
MD5: 216465f0b48b6b705f498ff0be0659e8
Determination: GOOD
C:\WINDOWS\system32\klwhtcgy.dll
Loaded from: FILE
PX5: E024F88540A32D53300301CFD8349600C1907A5E
MD5: 06571a34ac770182dd84a816373b3d2b
Determination: BAD
Malware Group: Trojan.Vundo
C:\WINDOWS\system32\vmiaaxmw.dll
Loaded from: FILE
PX5: E0010D3240D3FDB634BC01A0A9AE0000782EC392
MD5: fad264b8a60dbdce5ca5174672150f37
Determination: BAD
Malware Group: Trojan.Vundo
C:\WINDOWS\system32\watchdog.sys
Loaded from: FILE
PX5: A5490EC7005C2AF84570001E79455E0011553B7B
MD5: c9bf2f12c4e6c12f8a85fba4b6bc6208
Determination: GOOD
C:\WINDOWS\SchedLgU.Txt
Loaded from: FILE
PX5: 9D0D06B14C90738E7FA0007C800EBA00F0B18AAA
C:\WINDOWS\WRServices.dll
Loaded from: FILE
PX5: AA83B1B4003CE4627CCE0685C13E6D00E425AFA7
MD5: cce352a6f81326f291c6b6439e957a23
Determination: GOOD
C:\WINDOWS\apptune1020.exe
Loaded from: FILE
PX5: F4D954130032C39B30BC0227270761004A3739E7
MD5: 28ad6580af12d6a549519cc12df839c9
Determination: GOOD
C:\WINDOWS\setdebug.exe
Loaded from: FILE
PX5: 61935D3B10094915B5A60093CCFE91009A51570D
MD5: afab870a40df457165c83896e546fe92
Determination: GOOD
C:\WINDOWS\WindowsUpdate.log
Loaded from: FILE
PX5: F7D636A618E55D3C91661584125C0B0031AB4C86
C:\WINDOWS\system32\drivers\wmilib.sys
Loaded from: FILE
PX5: 7A1B707D0098974111DB00C8E2E10C00FCC422B3
MD5: 2f31b7f954bed437f2c75026c65caf7b
Determination: GOOD
C:\WINDOWS\system32\drivers\hsfdpsp2.sys
Loaded from: FILE
PX5: 8779C2C980FAE868E48B0FB35EB4640037393C0C
MD5: ebb354438a4c5a3327fb97306260714a
Determination: GOOD
C:\WINDOWS\system32\drivers\hsfcxts2.sys
Loaded from: FILE
PX5: B01E5EF200315B7474880AC61620FE005A82CE5F
MD5: 1225ebea76aac3c84df6c54fe5e5d8be
Determination: GOOD
C:\WINDOWS\system32\drivers\hsfbs2s2.sys
Loaded from: FILE
PX5: AF892C8C80AD05195B84032B43A9B8008B0F4B6A
MD5: 970178e8e003eb1481293830069624b9
Determination: GOOD
C:\WINDOWS\system32\drivers\hidir.sys
Loaded from: FILE
PX5: A16DCB3D00AF3CB33B8B0007C2A393009E98F478
MD5: 442915553e99782fa5713b04c3eeb94a
Determination: GOOD
C:\WINDOWS\system32\drivers\hidbth.sys
Loaded from: FILE
PX5: C468F04A80AB923164CD0019D9EDE700BDCDA16F
MD5: 05102701455e2fcb566e7d1460f988ed
Determination: GOOD
C:\WINDOWS\system32\drivers\gagp30kx.sys
Loaded from: FILE
PX5: 642F878C801E7D44B50600016FDC9C003631E6FC
MD5: 4216cd545e5c30807b560c5dcaa812e6
Determination: GOOD
C:\WINDOWS\system32\drivers\partmgr.sys
Loaded from: FILE
PX5: CD5C0D6C00BC0D35496D00DCA66DE800E5B26EF9
MD5: 3334430c29dc338092f79c38ef7b4cd0
Determination: GOOD
C:\WINDOWS\system32\drivers\ch7xxnt5.dll
Loaded from: FILE
PX5: 1877C3E83F7739BB3CA900D071619200F51930FF
MD5: 31f42ef0f98aa88d66ad3e09eed4dd11
Determination: GOOD
C:\WINDOWS\system32\drivers\bthusb.sys
Loaded from: FILE
PX5: E7E73BF300F2E0284A6100A9DDF11900F96519D9
MD5: f06d4cb9918b462a84d9ac00027efc30
Determination: GOOD
C:\WINDOWS\system32\drivers\bthprint.sys
Loaded from: FILE
PX5: BB9A60998032A4E78A5300A9DC88D600C54F085D
MD5: 275bef3567b48225b0836e138325430c
Determination: GOOD
C:\WINDOWS\system32\drivers\bthport.sys
Loaded from: FILE
PX5: 6338AACF00FAD595326504F3A4496F00E0F5490A
MD5: 88513290116b4e9447b7ce800649b3fc
Determination: GOOD
C:\WINDOWS\system32\drivers\bthpan.sys
Loaded from: FILE
PX5: 1D47A64A80076E3A8ADF01F4925E2600FD8B4F37
MD5: 10355270be12641b9764235da39dcf0f
Determination: GOOD
C:\WINDOWS\system32\drivers\bthmodem.sys
Loaded from: FILE
PX5: C7B3094980D7C27F94CD007E3580A600EA41E403
MD5: 9df0adf74ce1d6371ed60cf92eb1d9a6
Determination: GOOD
C:\WINDOWS\system32\drivers\ndproxy.sys
Loaded from: FILE
PX5: FB8873A080F72F00942D005DFF5068001A60ED1C
MD5: 59fc3fb44d2669bc144fd87826bb571f
Determination: GOOD
C:\WINDOWS\system32\drivers\cdaudio.sys
Loaded from: FILE
PX5: 7D0D30B9001A5352491B006D9C79D000079079B1
MD5: c1b486a7658353d33a10cc15211a873b
Determination: GOOD
C:\WINDOWS\system32\drivers\fs_rec.sys
Loaded from: FILE
PX5: 2E3179C900CB71741FBA004F645EEB00865149D3
MD5: 3e1e2bd4f39b0e2b7dc4f4d2bcc2779a
Determination: GOOD
C:\WINDOWS\system32\drivers\null.sys
Loaded from: FILE
PX5: 7047032880E19D2B0B4300F23A496700B79BCD14
MD5: 73c1e1f395918bc2c6dd67af7591a3ad
Determination: GOOD
C:\WINDOWS\system32\drivers\beep.sys
Loaded from: FILE
PX5: F62FA4F780D77A5110B2005CD7507900637E04C1
MD5: da1f27d85e0d1525f6621372e7b685e9
Determination: GOOD
C:\WINDOWS\system32\drivers\bthenum.sys
Loaded from: FILE
PX5: 67DA124780F37F2D4207001BE7C4FB0045C03AEB
MD5: d24b8d1784c68a25060fffbe8ed34b76
Determination: GOOD
C:\WINDOWS\system32\drivers\fips.sys
Loaded from: FILE
PX5: 1007D8C50089CEC889D600EFFDE6B800D02A5DA9
MD5: 333fbbc71bdcbb46c58a3b51b3d51184
Determination: GOOD
C:\WINDOWS\system32\drivers\dxgthk.sys
Loaded from: FILE
PX5: 0164AB8900598A330DE900E4FEF37900B79BCD14
MD5: a73f5d6705b1d820c19b18782e176efd
Determination: GOOD
C:\WINDOWS\system32\drivers\parvdm.sys
Loaded from: FILE
PX5: D78233F200E873FD1B40001BF0D2FD00501E1542
MD5: 0dabef655a444cb1e193626fb1d24b9f
Determination: GOOD
C:\WINDOWS\system32\drivers\atv10nt5.dll
Loaded from: FILE
PX5: 6457C5C27FB7E99A43C90031A6140C0087CB4A7F
MD5: f55bfa234875e960bf233a5ff279150f
Determination: GOOD
C:\WINDOWS\system32\drivers\atv06nt5.dll
Loaded from: FILE
PX5: 888D1ADB3FC69D2E37A100D692E2AF006C2D1732
MD5: 71239ed19c46393273a287e902584549
Determination: GOOD
C:\WINDOWS\system32\drivers\atv04nt5.dll
Loaded from: FILE
PX5: 07D448377F87BC2B63B200F2C6320A002A4A2743
MD5: 27e5f6f47645ca88a935be4eb5275405
Determination: GOOD
C:\WINDOWS\system32\drivers\atmepvc.sys
Loaded from: FILE
PX5: 7363E81E80EDA4EC7A0200CE34E22400450A279B
MD5: 39a0a59180f19946374275745b21aeba
Determination: GOOD
C:\WINDOWS\system32\drivers\atmuni.sys
Loaded from: FILE
PX5: 92E7BF650082565E607E05AD216E0900953642D5
MD5: e7ef69b38d17ba01f914ae8f66216a38
Determination: GOOD
C:\WINDOWS\system32\drivers\cbidf2k.sys
Loaded from: FILE
PX5: 7B8DA5F780B7DA7536FE00ABA71B6C00B12776D7
MD5: 90a673fc8e12a79afbed2576f6a7aaf9
Determination: GOOD
C:\WINDOWS\system32\drivers\cinemst2.sys
Loaded from: FILE
PX5: 7C4B5F6480542F0A010D0467679A3400F24D4424
MD5: 0cccbd6ef94910804921bf04a2107ef8
Determination: GOOD
C:\WINDOWS\system32\drivers\cpqdap01.sys
Loaded from: FILE
PX5: C60D75F500CE16D02E4100D9B4337E008A228DE3
MD5: 9624293e55ad405415862b504ca95b73
Determination: GOOD
C:\WINDOWS\system32\drivers\atv02nt5.dll
Loaded from: FILE
PX5: 5BD533455F4160A82CFF00A4A8007800311EE64B
MD5: 9f766dbccea4664f013fe8e8bee8e5ae
Determination: GOOD
C:\WINDOWS\system32\drivers\dxapi.sys
Loaded from: FILE
PX5: D0E069F50027643C29470029619BD400B7B7054A
MD5: fe97d0343acfdebdd578fc67cc91fa87
Determination: GOOD
C:\WINDOWS\system32\drivers\atv01nt5.dll
Loaded from: FILE
PX5: B74263E9BFCD367D524B004543B0620051593916
MD5: 8da61317ba5d2bac80620f353b9fd30b
Determination: GOOD
C:\WINDOWS\system32\drivers\mcd.sys
Loaded from: FILE
PX5: 874B185900D5916B1EF900C2FE181D00136FAB22
MD5: d1f8be91ed4ddb671d42e473e3fe71ab
Determination: GOOD
C:\WINDOWS\system32\drivers\nikedrv.sys
Loaded from: FILE
PX5: 31AFD82600B7B0E92F3400332F79D6008B90E2A9
MD5: be984d604d91c217355cdd3737aad25d
Determination: GOOD
C:\WINDOWS\system32\drivers\atinxsxx.sys
Loaded from: FILE
PX5: CEDD5F03008A5FA5F8E5006BA33674000902F33E
MD5: 77b575d7aab35d5908ae6ce681608d62
Determination: GOOD
C:\WINDOWS\system32\drivers\nwlnknb.sys
Loaded from: FILE
PX5: 04BB889700AAB944F73D0096D8122400A0912260
MD5: 56d34a67c05e94e16377c60609741ff8
Determination: GOOD
C:\WINDOWS\system32\drivers\nwlnkspx.sys
Loaded from: FILE
PX5: 38D410228045AB3DDA820098A4E752008EA9780C
MD5: c0bb7d1615e1acbdc99757f6ceaf8cf0
Determination: GOOD
C:\WINDOWS\system32\drivers\rawwan.sys
Loaded from: FILE
PX5: 3623B25780ED679386B1006F511AA700A8DBED63
MD5: 01524cd237223b18adbb48f70083f101
Determination: GOOD
C:\WINDOWS\system32\drivers\rio8drv.sys
Loaded from: FILE
PX5: 689BF8B80051228F2F8000540597A5009049C8B5
MD5: a56fe08ec7473e8580a390bb1081cdd7
Determination: GOOD
C:\WINDOWS\system32\drivers\riodrv.sys
Loaded from: FILE
PX5: 31AFD82600B7B0E92F3400332F79D600DA0E26E7
MD5: 0a854df84c77a0be205bfeab2ae4f0ec
Determination: GOOD
C:\WINDOWS\system32\drivers\atinxbxx.sys
Loaded from: FILE
PX5: D3D6841600E9C8A17C9D00EE54392C008BFD8C61
MD5: 3e7d485cbd0b0d9f6ea2ad9442411831
Determination: GOOD
C:\WINDOWS\system32\drivers\RMCast.sys
Loaded from: FILE
PX5: 51F889B700FC9166166A03256E7AAC00D3C16FD6
MD5: 9d54c7c15847b933e03d6e7c9307bae5
Determination: GOOD
C:\WINDOWS\system32\drivers\atintuxx.sys
Loaded from: FILE
PX5: 9CDDA52F00E9E7A81E4101F1C5DBF60019525D37
MD5: edd66332608d27f4fd5069bcd0bc5164
Determination: GOOD
C:\WINDOWS\system32\drivers\smclib.sys
Loaded from: FILE
PX5: 8A9722BD003AC63939580092009AC20088FC78D8
MD5: 017daecf0ed3aa731313433601ec40fa
Determination: GOOD
C:\WINDOWS\system32\drivers\tosdvd.sys
Loaded from: FILE
PX5: 628D18D7002B7E40CAFC00177DE27100B717B0CE
MD5: 699450901c5ccfd82357cbc531cedd23
Determination: GOOD
C:\WINDOWS\system32\drivers\tsbvcap.sys
Loaded from: FILE
PX5: 87882BA880A89CF8537500BE0BB03800CD0425CD
MD5: d74a8ec75305f1d3cfde7c7fc1bd62a9
Determination: GOOD
C:\WINDOWS\system32\drivers\atinttxx.sys
Loaded from: FILE
PX5: 4D021E9A00CC1BA9364D00987AB05B00A6802140
MD5: d80a8f6c0a717446496c3a06d33b0d9c
Determination: GOOD
C:\WINDOWS\system32\drivers\usbcamd.sys
Loaded from: FILE
PX5: D11C923000C0476E5DDA002FC1E34E00BC32EEBC
MD5: 2654eecc6fb13603ebddcd5c8ea943d1
Determination: GOOD
C:\WINDOWS\system32\drivers\usbcamd2.sys
Loaded from: FILE
PX5: D11C923080C0476E5DDA002FC1E34E002B3DC035
MD5: 61018ba9df6b63e51d9753c980e73ec2
Determination: GOOD
C:\WINDOWS\system32\drivers\vdmindvd.sys
Loaded from: FILE
PX5: 5DFBB3300012B79DE3E300778EC928004FCDB2AF
MD5: 55e01061c74a8cefff58dc36114a8d3f
Determination: GOOD
C:\WINDOWS\system32\drivers\atinsnxx.sys
Loaded from: FILE
PX5: B12DD4A0005F1C4B7090009378B5920090FEE997
MD5: ceddee2e0591894d19654d458fd3b9be
Determination: GOOD
C:\WINDOWS\system32\drivers\mnmdd.sys
Loaded from: FILE
PX5: 33A41DEC8064684210700001C4EA1400320E2D4F
MD5: 4ae068242760a1fb6e1a44bf4e16afa6
Determination: GOOD
C:\WINDOWS\system32\drivers\fsvga.sys
Loaded from: FILE
PX5: 78ACD409008333CF30C90046F776F800BAB458CE
MD5: 25a7f5539209be062d4bb3f9cd84bd16
Determination: GOOD
C:\WINDOWS\system32\drivers\atinrvxx.sys
Loaded from: FILE
PX5: B2CFA5AF0036DB7A9A1C01285BA8AA00C6DEC091
MD5: a7a01b907db63898d40b0a14248ff9a2
Determination: GOOD
C:\WINDOWS\system32\drivers\oprghdlr.sys
Loaded from: FILE
PX5: 691E96B980EF4DD30D2300DD63265E00B79BCD14
MD5: 4bb30ddc53ebc76895e38694580cdfe9
Determination: GOOD
C:\WINDOWS\system32\drivers\atinraxx.sys
Loaded from: FILE
PX5: FEA5AA1600EC2AE1CC0900185C854A00422223CC
MD5: da36687d701c833430605a298731410b
Determination: GOOD
C:\WINDOWS\system32\drivers\atinpdxx.sys
Loaded from: FILE
PX5: 56DABC9E00199F9D38D000631CEE050045090A25
MD5: e90ac2b14e98f1a4372e5891b4278784
Determination: GOOD
C:\WINDOWS\system32\drivers\usbd.sys
Loaded from: FILE
PX5: F328D8568037A02F12FA00A0B0E095005A1BACA9
MD5: 596eb39b50d6ebd9b734dc4ae0544693
Determination: GOOD
C:\WINDOWS\system32\drivers\atinmdxx.sys
Loaded from: FILE
PX5: F01147EA00BE7AB736CC00E44C302A00BEEA352D
MD5: ed4c2bf8403f4437987c0ba09cf48716
Determination: GOOD
C:\WINDOWS\system32\drivers\atinbtxx.sys
Loaded from: FILE
PX5: 734A4454007FFA55E29F00FF52B7680047F5F3B1
MD5: 993e7bd6438fe989e328c6b4bca246a9
Determination: GOOD
C:\WINDOWS\system32\drivers\ati2mtaa.sys
Loaded from: FILE
PX5: 0FF8649100F26F76FEF504C73380B900C47D5F6A
MD5: f1a3e136190b300499516e93bc621ca5
Determination: GOOD
C:\WINDOWS\system32\drivers\ati1xsxx.sys
Loaded from: FILE
PX5: 725DA013AF89D09387CF00DFF7253B006BDDF179
MD5: 0d8cab1f08f7d3c4de228b49e12e596a
Determination: GOOD
C:\WINDOWS\system32\drivers\ati1xbxx.sys
Loaded from: FILE
PX5: 50BEFAA40FC66AE3731C0014DEE71F00327B8872
MD5: 67ffbc158dd4d27ba3fc92c6acd87f73
Determination: GOOD
C:\WINDOWS\system32\drivers\ati1tuxx.sys
Loaded from: FILE
PX5: 6F56F7AF6FA57A868E0B00B0DBF03B006604A40C
MD5: 6f714b4720dd80ffa9f8d2731594ea4c
Determination: GOOD
C:\WINDOWS\system32\drivers\ati1ttxx.sys
Loaded from: FILE
PX5: 9031E7695FDBA0F15365004FF9F694004110881D
MD5: f7706dae7d101f1b19ce552d772ebfce
Determination: GOOD
C:\WINDOWS\system32\drivers\ati1snxx.sys
Loaded from: FILE
PX5: B555A9DCFFB1FA6F666D00BC1653D600EE3B9E3F
MD5: dac7d785cf62f5bd41441e9d6f5a6efe
Determination: GOOD
C:\WINDOWS\system32\drivers\ati1rvxx.sys
Loaded from: FILE
PX5: 791DC4AAAF43CE30F814008CD5B52900B5EE141F
MD5: bcaf267b10620f8c93f6e87ab726e145
Determination: GOOD
C:\WINDOWS\system32\drivers\ati1raxx.sys
Loaded from: FILE
PX5: D7E83838CFFBCC21778E006C6ECA69008610B277
MD5: 9d318099bf3876a4af4bc75966d27603
Determination: GOOD
C:\WINDOWS\system32\drivers\ati1pdxx.sys
Loaded from: FILE
PX5: E991404B0FFD6FF82F7000461A312B002816CEC0
MD5: 6fdc61e8e8e17f6ecc2d9a10fa8df347
Determination: GOOD
C:\WINDOWS\system32\drivers\ati1mdxx.sys
Loaded from: FILE
PX5: 9A0348305FAB82F42D270060B8503E0045CF641B
MD5: 60b6aa2dc1521da343f781b70eb7895a
Determination: GOOD
C:\WINDOWS\system32\drivers\ati1btxx.sys
Loaded from: FILE
PX5: 9CA86B132F837EAADD9A003E210F24004C5E2C40
MD5: d649c57da6fa762c64013747e5d7d2d6
Determination: GOOD
C:\WINDOWS\system32\drivers\amdk7.sys
Loaded from: FILE
PX5: EABF85AE00CF7D2BA2F600B95331A000E92CF98B
MD5: a4ff6cfcd83941b3628779cb32959c2b
Determination: GOOD
C:\WINDOWS\system32\drivers\amdagp.sys
Loaded from: FILE
PX5: E6EB08360057179FA86C00430CC3010056444678
MD5: 675c16a3c1f8482f85ee4a97fc0dde3d
Determination: GOOD
C:\WINDOWS\system32\drivers\alim1541.sys
Loaded from: FILE
PX5: 9F57E1E200726D99A7A3005976AF050033F652A1
MD5: f312b7cef21eff52fa23056b9d815fad
Determination: GOOD
C:\WINDOWS\system32\drivers\agpcpq.sys
Loaded from: FILE
PX5: 3C2A452B80CBBE67AF240060110ED700A72F812A
MD5: 67288b07d6aba6c1267b626e67bc56fd
Determination: GOOD
C:\WINDOWS\system32\drivers\adv11nt5.dll
Loaded from: FILE
PX5: 58C143E4BF59236B0E0B00C59499E000B79BCD14
MD5: baf61f9903577a9ad580a2f68619051f
Determination: GOOD
C:\WINDOWS\system32\drivers\adv09nt5.dll
Loaded from: FILE
PX5: 9AD87CF17F15D57C0E24009CF6F77300B79BCD14
MD5: 4891c56efcf1e125b6d15e56b2af6653
Determination: GOOD
C:\WINDOWS\system32\drivers\adv08nt5.dll
Loaded from: FILE
PX5: 3401CA303F43096C0C4D007CEFDEDA00B79BCD14
MD5: 3ed971a2b03b100511763d282fd8efb1
Determination: GOOD
C:\WINDOWS\system32\drivers\adv07nt5.dll
Loaded from: FILE
PX5: 543580EE3FE9D8490E62007237BC3800B79BCD14
MD5: e65703c52b9493850ef56fb2a315fc04
Determination: GOOD
C:\WINDOWS\system32\drivers\adv05nt5.dll
Loaded from: FILE
PX5: 832FB9491F5FAE6F0E850064C747A300B79BCD14
MD5: 8b9d6fa40866ca357f958c0993c8d460
Determination: GOOD
C:\WINDOWS\system32\drivers\adv02nt5.dll
Loaded from: FILE
PX5: 8EB38BE07FDDC0120F9E000AA4799100B79BCD14
MD5: 555cb9294ad54f9816738dffdb4b74cd
Determination: GOOD
C:\WINDOWS\system32\drivers\adv01nt5.dll
Loaded from: FILE
PX5: F9F8AA129FE59D6310B9000675F470005B49B243
MD5: 73b1537a29e7c87787d04ec954a128f0
Determination: GOOD
C:\WINDOWS\system32\drivers\irbus.sys
Loaded from: FILE
PX5: DE2B147C80E8B4069FD200104F1524007F7E57DE
MD5: 9d0f94e4feb6dcddaef975def0a32949
Determination: GOOD
C:\WINDOWS\system32\drivers\ntfs.sys
Loaded from: FILE
PX5: F6D2D4BD008F0B21C44F08EC65529C002F16FA15
MD5: 19a811ef5f1ed5c926a028ce107ff1af
Determination: GOOD
C:\WINDOWS\system32\drivers\nwrdr.sys
Loaded from: FILE
PX5: 83E10CED0073D0907FCD02CE4498B500A105309E
MD5: 3f18d9365be71c7b2e43b7cf4a0c1a10
Determination: GOOD
C:\WINDOWS\system32\drivers\rdpwd.sys
Loaded from: FILE
PX5: F059F0E3086A11EC2111023C258C8900CFC29C24
MD5: b54cd38a9ebfbf2b3561426e3fe26f62
Determination: GOOD
C:\WINDOWS\system32\drivers\tcpip6.sys
Loaded from: FILE
PX5: 5D79645C800A9DEE710003BFD457ED00F0D2E94E
MD5: dccacdd2747ada221aece5c9ada5d551
Determination: GOOD
C:\WINDOWS\system32\drivers\atnt40k.sys
Loaded from: FILE
PX5: DD45B4126819C23CC8B2005E43848F00AA25C8A0
MD5: a9a124c15b5f2fe1ffd1ea238bd5aeed
Determination: GOOD
C:\WINDOWS\system32\drivers\pxark.sys
Loaded from: FILE
PX5: 87296EB280D7F1DA296B00CB462B9500E41D2DFF
MD5: b709479a8fcf1869e64060a5bcec8c64
Determination: GOOD
C:\WINDOWS\system32\drivers\enum1394.sys
Loaded from: FILE
PX5: 4E7FF71200A58CFF197100D1CCE6B600C8D9E0FF
MD5: 80d1b490b60e74e002dc116ec5d41748
Determination: GOOD
C:\WINDOWS\system32\drivers\ACER_TM800_XPP.MRK
Loaded from: FILE
PX5: 81051BCC022CF1BE00DF00378224B000A93E2877
C:\WINDOWS\system32\drivers\btaudio.sys
Loaded from: FILE
PX5: 155AE0D0C5F82DBE54360088F1D167000853FD1D
MD5: 92948d5c258c2429942f8fed9702bf5c
Determination: GOOD
C:\WINDOWS\system32\drivers\bcbthub.sys
Loaded from: FILE
PX5: C70E8D842E2C368975C8003B0A58C500E6355622
MD5: 7baf051f58688270b02e24ee52d60406
Determination: GOOD
C:\WINDOWS\system32\drivers\fw203x.sys
Loaded from: FILE
PX5: 9287145A35C5AA39C5E401DD986806003E284AF0
MD5: 9598f704202ae8d17ca87578e42379a9
Determination: GOOD
C:\WINDOWS\system32\drivers\frmupgr.sys
Loaded from: FILE
PX5: 623B9202EC1F366743CA007C2E798F0095E9B8C5
MD5: 55c246ea3fdd96b2a9f74187f0a29066
Determination: GOOD
C:\WINDOWS\system32\drivers\volsnap.sys
Loaded from: FILE
PX5: AC3AFD0E80294768D03200EE1153E40098EF3DD1
MD5: 698869e82c57169f2140c04a272bf12b
Determination: GOOD
C:\WINDOWS\system32\drivers\videoprt.sys
Loaded from: FILE
PX5: BBE87C52808D55E2379801ACFA738900C0632DEC
MD5: d5a9d123f5ed7c9965a481bd20cf66d8
Determination: GOOD
C:\WINDOWS\system32\drivers\usbport.sys
Loaded from: FILE
PX5: A1EF174180FC34972E3902AA15903200854523B2
MD5: 2034ca78f9c6e787b4b76d81ac888351
Determination: GOOD
C:\WINDOWS\system32\drivers\usbintel.sys
Loaded from: FILE
PX5: 46A2709480A8B9863E99007B5ED70B000E5AFC3D
MD5: 2853fd4c4489e0f8bfcf78efcdb7e998
Determination: GOOD
C:\WINDOWS\system32\drivers\usb8023.sys
Loaded from: FILE
PX5: 6C38C2AE8005B13A31EC001CD2E193004FD5788A
MD5: af090265ec388bab320f1ff7e7a7d5ea
Determination: GOOD
C:\WINDOWS\system32\drivers\udfs.sys
Loaded from: FILE
PX5: 5FD2643980FF4C93024701049FF5A900913F1B6B
MD5: 12f70256f140cd7d52c58c7048fde657
Determination: GOOD
C:\WINDOWS\system32\drivers\tdtcp.sys
Loaded from: FILE
PX5: 8942980688A6EF76558200032BC6D800A375DA91
MD5: ed0580af02502d00ad8c4c066b156be9
Determination: GOOD
C:\WINDOWS\system32\drivers\tdpipe.sys
Loaded from: FILE
PX5: 3FCBC6C1086354332FFD003DE3512D00CB438F2A
MD5: 38d437cf2d98965f239b0abcd66dcb0f
Determination: GOOD
C:\WINDOWS\system32\drivers\tdi.sys
Loaded from: FILE
PX5: D2E197368059988748C500010EF1F2006AC8B3D9
MD5: 6891b74ab9a016064e82a419388d0601
Determination: GOOD
C:\WINDOWS\system32\drivers\tape.sys
Loaded from: FILE
PX5: 1278B1EF80B32A683A3F0096934CD200746C2998
MD5: a2a9ca0d1a9ac1ff54220aa0789fe5cf
Determination: GOOD
C:\WINDOWS\system32\drivers\stream.sys
Loaded from: FILE
PX5: E9758E5F00F11219BE3300252F112F00F38A6C5B
MD5: c43356072eb3e88cd62958db10cead47
Determination: GOOD
C:\WINDOWS\system32\drivers\sonydcam.sys
Loaded from: FILE
PX5: 0B9EAE4180F27A6F636900C11EF4E3002F2E7423
MD5: addc9e4757a68ab60562ad3cb9c288d6
Determination: GOOD
C:\WINDOWS\system32\drivers\sfloppy.sys
Loaded from: FILE
PX5: 6884E1AE807AAB872CD300DC197E0C00B015D834
MD5: 0d13b6df6e9e101013a7afb0ce629fe0
Determination: GOOD
C:\WINDOWS\system32\drivers\rndismp.sys
Loaded from: FILE
PX5: F5E4CD0480C828137517005714D7F1002CA246EF
MD5: 7ce8b277f3207ea82d7d22ad348befc6
Determination: GOOD
C:\WINDOWS\system32\drivers\portcls.sys
Loaded from: FILE
PX5: AD607B188079CDEF39B802DAB6A7B200F599BD35
MD5: 5b0f00e43a7094c0b7e433cb42c79164
Determination: GOOD
C:\WINDOWS\system32\drivers\pciidex.sys
Loaded from: FILE
PX5: DD4713DB00668128625F00A6F0879B00FA781103
MD5: 520b91ab011456b940d9b05fc91108ff
Determination: GOOD
C:\WINDOWS\system32\drivers\p3.sys
Loaded from: FILE
PX5: BC6A682380C862C2B56A0022A0FE9B00ED93F9A1
MD5: acf18d9f903b29790b8f8e01535f37d4
Determination: GOOD
C:\WINDOWS\system32\drivers\nwlnkipx.sys
Loaded from: FILE
PX5: B455E8AE80D2C31959AC01662F7EE7009B9C1B54
MD5: 79ea3fcda7067977625b3363a2657c80
Determination: GOOD
C:\WINDOWS\system32\drivers\npfs.sys
Loaded from: FILE
PX5: 20DA5FD280719B5A789A008E44C90300CCA72CD2
MD5: 4f601bcb8f64ea3ac0994f98fed03f8e
Determination: GOOD
C:\WINDOWS\system32\drivers\nmnt.sys
Loaded from: FILE
PX5: 4F6E51DE803D5E299DD30090E39024009FB3BD94
MD5: 60cf8c7192b3614f240838ddbaa4a245
Determination: GOOD
C:\WINDOWS\system32\drivers\ndis.sys
Loaded from: FILE
PX5: D3D6286080F2E0F0CA7A02249DEC7F001D734284
MD5: 558635d3af1c7546d26067d5d9b6959e
Determination: GOOD
C:\WINDOWS\system32\drivers\mup.sys
Loaded from: FILE
PX5: 488AE40380446D0EA57D014A890CCF00C681450A
MD5: 82035e0f41c2dd05ae41d27fe6cf7de1
Determination: GOOD
C:\WINDOWS\system32\drivers\msfs.sys
Loaded from: FILE
PX5: 075BA4B3803111464A9700E6E20263008B5F85A4
MD5: 561b3a4333ca2dbdba28b5b956822519
Determination: GOOD
C:\WINDOWS\system32\drivers\mountmgr.sys
Loaded from: FILE
PX5: 7309084F00AE944FA5B9001585E15200FF872CDC
MD5: 65653f3b4477f3c63e68a9659f85ee2e
Determination: GOOD
C:\WINDOWS\system32\drivers\modem.sys
Loaded from: FILE
PX5: F22F2ACE0067686F7617004AA04CD400DCD5102E
MD5: b30d2db351e3191bd71232036cfe711a
Determination: GOOD
C:\WINDOWS\system32\drivers\mf.sys
Loaded from: FILE
PX5: F49C56310087ADB9F998009652109C00BB35FCB1
MD5: 729d83e56c29c510258a6e9e79ffddc3
Determination: GOOD
C:\WINDOWS\system32\drivers\ksecdd.sys
Loaded from: FILE
PX5: 774C935980F76922670D01959D71E6009D9267E6
MD5: eb7ffe87fd367ea8fca0506f74a87fbb
Determination: GOOD
C:\WINDOWS\system32\drivers\ks.sys
Loaded from: FILE
PX5: 78D9F49380D52F3B2603022FFE8CE100B4CA1585
MD5: b9540e258f952650de8dec68719a5c97
Determination: GOOD
C:\WINDOWS\system32\drivers\hidparse.sys
Loaded from: FILE
PX5: 202AE5AF805FDB4161470039E900C0009EB401B0
MD5: 5fff41cd5108e9051d255c37825af697
Determination: GOOD
C:\WINDOWS\system32\drivers\hidclass.sys
Loaded from: FILE
PX5: 800EAA28801FAC928DC800F3F0296600134890AF
MD5: 378055ab8dda86228683c697c4e11685
Determination: GOOD
C:\WINDOWS\system32\drivers\flpydisk.sys
Loaded from: FILE
PX5: 60E1171000EEA79E50BF00391F7EE000F2860CEC
MD5: 0dd1de43115b93f4d85e889d7a86f548
Determination: GOOD
C:\WINDOWS\system32\drivers\fdc.sys
Loaded from: FILE
PX5: 030113CC009ED3836B77000B64308F0030511E66
MD5: ced2e8396a8838e59d8fd529c680e02c
Determination: GOOD
C:\WINDOWS\system32\drivers\fastfat.sys
Loaded from: FILE
PX5: 1E68B78D00BA4E2F30E102605EF38B00BED2E67D
MD5: 3117f595e9615e04f05a54fc15a03b20
Determination: GOOD
C:\WINDOWS\system32\drivers\dxg.sys
Loaded from: FILE
PX5: 3F54B7A780F0ED98157C011AE18D4A00EE6485EB
MD5: d3dac8432110aad0b02a58b4459ab835
Determination: GOOD
C:\WINDOWS\system32\drivers\drmk.sys
Loaded from: FILE
PX5: 73B664558055CFD9EB9800CC44976A00031F37A9
MD5: ff86422268de771d571e123eb7092c6a
Determination: GOOD
C:\WINDOWS\system32\drivers\diskdump.sys
Loaded from: FILE
PX5: 6D7A5F848072A37B37EB00C342763700264F9014
MD5: d16c81677a9be399c63cd2ea486472a5
Determination: GOOD
C:\WINDOWS\system32\drivers\crusoe.sys
Loaded from: FILE
PX5: E4FE1A7080AF31429EBC00A2612936006E0D7B97
MD5: f8c288d89ad71bf1aff0f9e4db5d3a10
Determination: GOOD
C:\WINDOWS\system32\drivers\classpnp.sys
Loaded from: FILE
PX5: 61280642007AE0BEC20400D8EC4D8200079FF3CE
MD5: d86173b401470f06d9810f7962969ddf
Determination: GOOD
C:\WINDOWS\system32\drivers\cdfs.sys
Loaded from: FILE
PX5: 0225C13D004CC9CDF93000922132D000BA57D976
MD5: cd7d5152df32b47f4e36f710b35aae02
Determination: GOOD
C:\WINDOWS\system32\drivers\bridge.sys
Loaded from: FILE
PX5: 69CABDC3803104ED17D001BEA902E2004A7836B0
MD5: e4e6a0922e3d983728c9ad4e8d466954
Determination: GOOD
C:\WINDOWS\system32\drivers\atmlane.sys
Loaded from: FILE
PX5: 823332B380717184DAFD00B035ED9500F95C0458
MD5: 0128e78fe835f074e469f03db681ca9e
Determination: GOOD
C:\WINDOWS\system32\drivers\amdk6.sys
Loaded from: FILE
PX5: 4242D904806C60F8A08300740C09B400A99A704A
MD5: 03bbca770830a6ffc5a57b697d150f2f
Determination: GOOD
C:\WINDOWS\system32\drivers\1394bus.sys
Loaded from: FILE
PX5: A01D29000095FDD3D05B00D74275E7003170E933
MD5: 009927db8019c54477dabf6f9d795053
Determination: GOOD
C:\WINDOWS\system32\drivers\mqac.sys
Loaded from: FILE
PX5: A4B93ADE00A3CC201DAC01B48E57ED0024CEA9D4
MD5: db07b0088cdfd20c2a22e675120ede34
Determination: GOOD
C:\WINDOWS\system32\drivers\watv10nt.sys
Loaded from: FILE
PX5: BC7A9CF57F55E4C36384008A4A3A0700A414BF9F
MD5: 791cc45de6e50445be72e8ad6401ff45
Determination: GOOD
C:\WINDOWS\system32\drivers\watv06nt.sys
Loaded from: FILE
PX5: D04CA646FF640CF256F2007383ABD9003A191E15
MD5: 352fa0e98bc461ce1ce5d41f64db558d
Determination: GOOD
C:\WINDOWS\system32\drivers\wadv11nt.sys
Loaded from: FILE
PX5: 3270838B9F1CA4BC2ECD00F52065DC007F926E55
MD5: 36e6c405b6143d09687f4056fd9a0d10
Determination: GOOD
C:\WINDOWS\system32\drivers\wadv09nt.sys
Loaded from: FILE
PX5: 5DB73A5C5FAB7A1D2EB000A4DD02C800BA660E95
MD5: 7bb3aa595e4507a788de1cdc63f4c8c4
Determination: GOOD
C:\WINDOWS\system32\drivers\wadv08nt.sys
Loaded from: FILE
PX5: 4CF103A01F6123B62CFA0037B0C1FD00836A25AA
MD5: 714038a8aa5de08e12062202cd7eaeb5
Determination: GOOD
C:\WINDOWS\system32\drivers\wadv07nt.sys
Loaded from: FILE
PX5: 1E0FE3D21FE339D22E2B008596227200617F8D26
MD5: 0308aef61941e4af478fa1a0f83812f5
Determination: GOOD
C:\WINDOWS\system32\drivers\wacompen.sys
Loaded from: FILE
PX5: ECD6A8780093567635F300A75D1FDA00773E3F7A
MD5: 497f6cdb901ef8de81bd501e2aefb0d0
Determination: GOOD
C:\WINDOWS\system32\drivers\viaagp.sys
Loaded from: FILE
PX5: D6E79603001AC593A55800BA66876F0054482AF4
MD5: d92e7c8a30cfd14d8e15b5f7f032151b
Determination: GOOD
C:\WINDOWS\system32\drivers\vchnt5.dll
Loaded from: FILE
PX5: 03C121663D6461E42CC400D8205B69002D8BBFF6
MD5: 5a643754291b963305f710497dae6f23
Determination: GOOD
C:\WINDOWS\system32\drivers\usbvideo.sys
Loaded from: FILE
PX5: 865C9DB9801BE3CC320C012527936E006B940059
MD5: 8968ff3973a883c49e8b564200f565b9
Determination: GOOD
C:\WINDOWS\system32\drivers\usb8023x.sys
Loaded from: FILE
PX5: 6C38C2AE8005B13A31EC001CD2E193002F68BAFC
MD5: ee37e5c79d6c788711296075b2bc95f4
Determination: GOOD
C:\WINDOWS\system32\drivers\uagp35.sys
Loaded from: FILE
PX5: 9D095C07801C22E3AE6600D63D61E600F240BE62
MD5: 49c805d42d75eddc9b6a7130999c9054
Determination: GOOD
C:\WINDOWS\system32\drivers\tunmp.sys
Loaded from: FILE
PX5: CBD0AEE38035D6A5300B00CF5C419100CB427E52
MD5: 87a0e9e18c10a9e454238e3330e2a26d
Determination: GOOD
C:\WINDOWS\system32\drivers\smbali.sys
Loaded from: FILE
PX5: 12482C94800568C617170054DB39780049EFF146
MD5: 654dd37334fb4621043003188c48d582
Determination: GOOD
C:\WINDOWS\system32\drivers\slwdmsup.sys
Loaded from: FILE
PX5: 16863D5CB8EACC283314005DED01E500658864AF
MD5: db56bb2c55723815cf549d7fc50cfceb
Determination: GOOD
C:\WINDOWS\system32\drivers\slnthal.sys
Loaded from: FILE
PX5: 4125157DC0CA9DDC747D01DF9E13BE000301B563
MD5: f9b8e30e82ee95cf3e1d3e495599b99c
Determination: GOOD
C:\WINDOWS\system32\drivers\slntamr.sys
Loaded from: FILE
PX5: 2D73A613FED6C4502D2F0603BB1BA000441F5C5B
MD5: 2c1779c0feb1f4a6033600305eba623a
Determination: GOOD
C:\WINDOWS\system32\drivers\slnt7554.sys
Loaded from: FILE
PX5: 7E3AB854FF177A8EF97F01B5C9799B0044CD1C46
MD5: d9673011648a71ed1e1f77b831bc85e6
Determination: GOOD
C:\WINDOWS\system32\drivers\sisagp.sys
Loaded from: FILE
PX5: 67D98FA680CA352AA02400A357FF2400C53F77F4
MD5: 732d859b286da692119f286b21a2a114
Determination: GOOD
C:\WINDOWS\system32\drivers\siint5.dll
Loaded from: FILE
PX5: AF524B003D8D42390F6200ED41EA3400B79BCD14
MD5: a6218ab33fdce462628fff64f035f5ec
Determination: GOOD
C:\WINDOWS\system32\drivers\sffp_sd.sys
Loaded from: FILE
PX5: 35A841FC0030CAF028AD002AAB39F600184DF1C4
MD5: 586499fd312ffd7f78553f408e71682e
Determination: GOOD
C:\WINDOWS\system32\drivers\sffdisk.sys
Loaded from: FILE
PX5: AF380F15808E7A972B3D001ABF251400652E930D
MD5: 1d9f1bec651815741f088a8fb88e17ee
Determination: GOOD
C:\WINDOWS\system32\drivers\sdbus.sys
Loaded from: FILE
PX5: BA494C87000D7A4F08B4013D43118E00EBAF0531
MD5: 02fc71b020ec8700ee8a46c58bc6f276
Determination: GOOD
C:\WINDOWS\system32\drivers\s3gnbm.sys
Loaded from: FILE
PX5: 61E69E1D00FCADE18C3D02DB5DBD000075CEE0EF
MD5: 0dbcc071a268e0340a2ba6bdd98bace4
Determination: GOOD
C:\WINDOWS\system32\drivers\rndismpx.sys
Loaded from: FILE
PX5: F5E4CD0480C828137517005714D7F1004825A207
MD5: a82a06278b29004d5da49965565ac2fd
Determination: GOOD
C:\WINDOWS\system32\drivers\rfcomm.sys
Loaded from: FILE
PX5: 86C754D3005DD90AE9C000A325CAFB008DE7ED1E
MD5: 99c4b74981a1413f142a3903130088cb
Determination: GOOD
C:\WINDOWS\system32\drivers\recagent.sys
Loaded from: FILE
PX5: 8230DA32D0FF3CCB359200458A49D1005077BCC7
MD5: e9aaa0092d74a9d371659c4c38882e12
Determination: GOOD
C:\WINDOWS\system32\drivers\nv4_mini.sys
Loaded from: FILE
PX5: 917F7FE8C02DB936F3411C8AC739AB0032E68CB2
MD5: 2b298519edbfcf451d43e0f1e8f1006d
Determination: GOOD
C:\WINDOWS\system32\drivers\ntmtlfax.sys
Loaded from: FILE
PX5: F44616B18898348BC05502B7489AC100042E0B8E
MD5: 576b34ceae5b7e5d9fd2775e93b3db53
Determination: GOOD
C:\WINDOWS\system32\drivers\mutohpen.sys
Loaded from: FILE
PX5: 99AA0498804B428D314500E20CBAD6004DAB82AC
MD5: 94af9d9d9e9a562b43d573a82fb5ab60
Determination: GOOD
C:\WINDOWS\system32\drivers\mtxparhm.sys
Loaded from: FILE
PX5: 58EEB961806700F0E8150672FF705700E15F3A2C
MD5: 6dda78a0be692b61b668fab860f276cf
Determination: GOOD
C:\WINDOWS\system32\drivers\mtlstrm.sys
Loaded from: FILE
PX5: 5C03650C006804A7FAD51340E559B800B2F2DF69
MD5: 54886a652bf5685192141df304e923fd
Determination: GOOD
C:\WINDOWS\system32\drivers\mtlmnt5.sys
Loaded from: FILE
PX5: FE91AA0DDE37188CEE5701B0C30E4C00F5593D00
MD5: c53775780148884ac87c455489a0c070
Determination: GOOD
C:\WINDOWS\system32\drivers\mdmxsdk.sys
Loaded from: FILE
PX5: F550CBF45C4DEEBE2EDE0064049C6200A1C01EF8
MD5: 195741aee20369980796b557358cd774
Determination: GOOD
C:\Documents and Settings\All Users\Dati applicazioni\desktop.ini
Loaded from: FILE
PX5: 88CF0FF93E2A4A9F00A700BD9B751300B2E9E22B
C:\Documents and Settings\Stefano Papucci\Dati applicazioni\desktop.ini
Loaded from: FILE
PX5: 88CF0FF93E2A4A9F00A700BD9B751300B2E9E22B
C:\Programmi\TechSmith\SnagIt 8\SnagIt32.exe
Loaded from: FILE
PX5: 04A8D7C0484CE48D96BF61E485D97500D9FF3B65
Determination: GOOD
C:\Programmi\Tracker Software\PDF-XChange Viewer\pdf-viewer\PDFXCview.exe
Loaded from: FILE
PX5: 2232971AC0624D5BA0735B770C18F00035564801
Determination: GOOD
C:\Documents and Settings\Stefano Papucci\Desktop\aaw2007.exe
Loaded from: FILE
PX5: 388F032A70311927BBF74395BD877701261CA8DA
Determination: GOOD
C:\Programmi\EMS\SQL Manager for MySQL\MyManager.exe
Loaded from: FILE
PX5: 9FE913FA00EF81B8C0C14A11B72AA400E4AE1ACA
Determination: SUSPICIOUS
C:\Programmi\AvRack\rtlrack.exe
Loaded from: FILE
PX5: 49B0B8C6000C627298FF378306BC74004F0D3030
Determination: GOOD
C:\WINDOWS\hh.exe
Loaded from: FILE
PX5: DE60F90A00B20CAB2A0C0033C10B9F009C6D444E
MD5: aae7c1ffada35914272fbfa581c34b34
Determination: GOOD
C:\BlueJ\bluej.exe
Loaded from: FILE
PX5: 65C3AC59009FC37D5AA90A19915E980039CDFFBB
MD5: 3ecb0dad2f6a69b6739408684492b0f7
Determination: GOOD
C:\Documents and Settings\Stefano Papucci\Desktop\cureit.exe
Loaded from: FILE
PX5: CA3AD1FCD82CDC130F9A7F00C34E4F00052A583C
Determination: GOOD
C:\Documents and Settings\Stefano Papucci\Desktop\a2FreeSetup.exe
Loaded from: FILE
PX5: 14A6205A204CA605FD652349C763F1017FDD26CE
Determination: GOOD
C:\Documents and Settings\Stefano Papucci\Desktop\kav7.0.0.125en.exe
Loaded from: FILE
PX5: 240D4249C850CF3901C77AC9CBB2D301DEF7BAB0
Determination: GOOD
C:\Programmi\CCleaner\CCleaner.exe
Loaded from: FILE
PX5: 95ACB797F053E701047A0B21BB6A8900438C6C3D
MD5: 70f1be97f2af234835b24e8e60d076ae
Determination: GOOD
C:\Documents and Settings\Stefano Papucci\Desktop\ccsetup201.exe
Loaded from: FILE
PX5: 69507500C8FBE6691A1B282D0BA37800C937F3E8
MD5: f055d43c0628cefec638b0445333f6a0
Determination: GOOD
C:\Programmi\WinRAR\WinRAR.exe
Loaded from: FILE
PX5: CBB3056D0063FA0C7E8A0E65E2A30400D91FB6F7
MD5: 08b49735868ef15358b0ed9d8184bc73
Determination: GOOD
C:\Programmi\Free Download Manager\fdm.exe
Loaded from: FILE
PX5: 7464CB1A2F2CB18990E41F5B412DC000B37FC980
MD5: c2c2a57bc921149d364186549dda0566
Determination: GOOD
C:\Programmi\WYSIWYG Web Builder 4.0\WebBuilder.exe
Loaded from: FILE
PX5: B68CA31F2C3917BE92DA12EA787DED00D8F8ED59
MD5: f8cfea3d8754d847e2508c60008e6e40
Determination: SUSPICIOUS
C:\Programmi\DbWeigher\DbWeigher.exe
Loaded from: FILE
PX5: D2B96EA200BBD19FF081045B6C8D4200825224E2
MD5: b16803d456c9a628bbbe1282bfc44cd5
Determination: SUSPICIOUS
C:\Programmi\DbWeigher\DBWConsole.exe
Loaded from: FILE
PX5: C7046726002B4BB0F08808DEE4647800895E9272
MD5: cbf76e09a7060e4a41b453250eb73e18
Determination: SUSPICIOUS
C:\Programmi\SLIK Software\DBExplorer\DBExplorer.exe
Loaded from: FILE
PX5: C7D39DBC00D6D9F910DD1649586DB600F5F5D1E8
MD5: 65c896181ae45b1a2840fc6fa7453b19
Determination: GOOD
C:\Programmi\City Interactive\Pacific Heroes\pacific.exe
Loaded from: FILE
PX5: 6D0102F30004030D90BB334D0A641600C1B9B673
Determination: GOOD
C:\Programmi\LimeWire\LimeWire.exe
Loaded from: FILE
PX5: 4528FB82001377224056023A82CA7F000E0BD396
MD5: 365418b2fefca481c6ce388da076eac2
Determination: GOOD
C:\Documents and Settings\Stefano Papucci\Desktop\SkypeSetup.exe
Loaded from: FILE
PX5: 576C46BA2846972555836CA9C1DB900152F6349E
Determination: GOOD
Results::
Known malicious programs: 31
End of PrevxCSI Log - http://www.prevx.com
Ultima modifica di quanah : 03-12-2007 alle 09:11. |
|
|
03-12-2007, 09:07
|
#42 |
|
Moderatore
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
|
scarica ComboFix da qui:
http://download.bleepingcomputer.com...a/ComboFix.exe Doppio click su combofix.exe e segui le istruzioni Allegare il log C:\combofix.txt e anche il file; C:\ComboFix-quarantined-files.txt N.B.: Durante la scansione verranno creati alcuni file sul desktop e poi eliminati - spariranno tutte le icone del desktop - il firewall potrebbe avvisare che verranno rimossi alcuni driver (consentire) NB: cancella la vecchia copia di ComboFix Allega i log con la funzione Gestisci Allegati
__________________
Try again and you will be luckier.
Ultima modifica di Chill-Out : 03-12-2007 alle 09:16. |
|
|
|
03-12-2007, 09:46
|
#43 |
|
Junior Member
Iscritto dal: Nov 2007
Messaggi: 9
|
Ho eseguito ComboFix.
Allego il log ma il file C:\ComboFix-quarantined-files.txt non me lo ha generato Codice:
ComboFix 07-12-02.7 - Stefano Papucci 2007-12-03 10.25.10.1 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1040.18.519 [GMT 1:00]
Eseguito da: C:\Documents and Settings\Stefano Papucci\Desktop\ComboFix.exe
* Creato nuovo punto di ripristino
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\bbvrafax.dll
C:\WINDOWS\system32\ensogrok.dll
C:\WINDOWS\system32\eqnnekau.dll
C:\WINDOWS\system32\hfrsljdf.dll
C:\WINDOWS\system32\hqslfvuh.dll
C:\WINDOWS\system32\ijptimll.dll
C:\WINDOWS\system32\jjwotgkb.dll
C:\WINDOWS\system32\klwhtcgy.dll
C:\WINDOWS\system32\kxsupfte.dll
C:\WINDOWS\system32\lddkfxfn.dll
C:\WINDOWS\system32\ovrvvxnx.dll
C:\WINDOWS\system32\pgulfser.dll
C:\WINDOWS\system32\qonbqrnl.dll
C:\WINDOWS\system32\rjimtxox.dll
C:\WINDOWS\system32\ruccbnut.dll
C:\WINDOWS\system32\smoholfk.dll
C:\WINDOWS\system32\uceufdql.dll
C:\WINDOWS\system32\UpMedia
C:\WINDOWS\system32\vhpnhqdf.dll
C:\WINDOWS\system32\widsgjyd.dll
C:\WINDOWS\system32\wvainqih.dll
C:\WINDOWS\system32\ymikcucq.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\LEGACY_DOMAINSERVICE
((((((((((((((((((((((((( Files Creati Da 2007-11-03 al 2007-12-03 )))))))))))))))))))))))))))))))))))
.
2007-12-02 19:15 . 2007-10-10 09:00 36,096 --a------ C:\WINDOWS\system32\drivers\VIRAGTLT.SYS
2007-12-02 19:14 . 2007-12-02 19:14 <DIR> d-------- C:\VEXPLITE
2007-12-02 16:20 . 2007-12-02 16:20 <DIR> d-------- C:\VundoFix Backups
2007-12-01 16:30 . 2007-12-01 16:30 <DIR> d-------- C:\Documents and Settings\Stefano Papucci\Dati applicazioni\PrevxCSI
2007-12-01 16:20 . 2007-12-01 16:20 <DIR> d-------- C:\Temp\Tmp___16931
2007-11-30 09:29 . 2007-11-30 09:29 <DIR> d-------- C:\Analisi_Virus
2007-11-29 14:21 . 2007-11-29 14:21 <DIR> d-------- C:\Programmi\CCleaner
2007-11-29 13:46 . 2007-11-29 13:46 19,792 --a------ C:\Documents and Settings\Stefano Papucci\dupggmjm.exe
2007-11-29 12:19 . 2007-11-29 12:19 <DIR> d-------- C:\Documents and Settings\Stefano Papucci\DoctorWeb
2007-11-29 12:05 . 2007-11-29 12:05 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Prevx
2007-11-29 10:37 . 2007-11-29 10:37 <DIR> d-------- C:\Programmi\a-squared Free
2007-11-29 08:33 . 2007-11-29 08:33 19,792 --a------ C:\Documents and Settings\Stefano Papucci\kjotdzoj.exe
2007-11-28 17:56 . 2007-11-28 17:56 <DIR> d-------- C:\Matematica_V_Ragioneria
2007-11-28 14:57 . 2007-11-28 14:57 <DIR> d-------- C:\Documents and Settings\Stefano Papucci\WebEx
2007-11-28 14:57 . 2007-11-28 14:57 <DIR> d-------- C:\Documents and Settings\Stefano Papucci\Dati applicazioni\WebEx
2007-11-28 14:57 . 2007-11-28 14:57 202,322 --a------ C:\WINDOWS\system32\atasnt40.dll
2007-11-28 14:56 . 2007-11-28 14:56 51,304 --a------ C:\WINDOWS\system32\drivers\atnt40k.sys
2007-11-26 18:27 . 2007-11-26 18:27 1,071 --a------ C:\WINDOWS\AWMODEM.INF
2007-11-25 22:15 . 2007-11-25 22:15 <DIR> d--h----- C:\WINDOWS\PIF
2007-11-25 22:03 . 2007-11-25 22:03 19,792 --a------ C:\Documents and Settings\Stefano Papucci\vyqvrzvm.exe
2007-11-25 18:33 . 2007-11-25 18:33 19,792 --a------ C:\Documents and Settings\Stefano Papucci\vyvogljp.exe
2007-11-25 17:01 . 2007-11-25 17:01 <DIR> d-------- C:\Siti
2007-11-25 14:56 . 2007-11-25 14:56 <DIR> d-------- C:\Programmi\Kaspersky Lab
2007-11-25 14:56 . 2007-11-25 14:56 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Lab
2007-11-25 14:56 . 2007-11-25 15:00 82,061 --a------ C:\WINDOWS\system32\drivers\klick.dat
2007-11-25 14:56 . 2007-11-25 15:00 81,549 --a------ C:\WINDOWS\system32\drivers\klin.dat
2007-11-25 14:56 . 2007-12-03 10:37 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx
2007-11-25 14:56 . 2007-12-03 10:37 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2007-11-25 14:56 . 2007-12-03 10:37 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2007-11-25 14:56 . 2007-12-03 10:37 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-11-25 14:55 . 2007-11-25 14:55 <DIR> d-------- C:\kav
2007-11-24 18:21 . 2007-11-24 18:21 <DIR> d-------- C:\Programmi\Teleport Pro
2007-11-24 17:56 . 2007-07-09 14:09 584,192 --------- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2007-11-22 14:44 . 2007-11-28 10:52 143 --a------ C:\WINDOWS\system32\mcrh.tmp
2007-11-21 15:28 . 2007-11-21 15:28 <DIR> d-------- C:\SpyZooka
2007-11-20 16:48 . 2006-07-06 08:43 217 --a------ C:\WINDOWS\system32\VerticalMenu.VBL
2007-11-20 15:49 . 2007-11-20 15:49 <DIR> d-------- C:\MyVBControls
2007-11-20 15:38 . 2006-07-06 08:43 176,128 --a------ C:\WINDOWS\system32\VerticalMenu.ocx
2007-11-20 15:38 . 2007-04-11 13:06 25,600 --a------ C:\WINDOWS\system32\verticalmenu.oca
2007-11-20 12:38 . 2007-11-20 12:38 <DIR> d-------- C:\Temp
2007-11-20 11:45 . 2007-11-20 11:45 <DIR> d-------- C:\BluePenguin Software Affiliate Center Order Confirmation_file
2007-11-20 11:45 . 2007-11-20 11:45 3,952 --a------ C:\BluePenguin Software Affiliate Center Order Confirmation.htm
2007-11-20 10:40 . 2007-11-20 10:40 <DIR> d-------- C:\Programmi\File comuni\Symantec Shared
2007-11-20 10:40 . 2007-11-20 10:40 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Symantec
2007-11-20 10:27 . 2007-11-20 10:27 <DIR> d-------- C:\Programmi\SpyZooka
2007-11-19 18:52 . 2007-11-19 18:52 241,152 --a------ C:\WINDOWS\system32\COMCTL32.oca
2007-11-19 18:52 . 2007-11-19 18:52 135,680 --a------ C:\WINDOWS\system32\MSCOMCT2.oca
2007-11-19 18:52 . 2007-11-19 18:52 64,512 --a------ C:\WINDOWS\system32\RICHTX32.oca
2007-11-19 18:52 . 2007-11-19 18:52 53,248 --a------ C:\WINDOWS\system32\COMCT232.oca
2007-11-19 18:52 . 2007-11-19 18:52 35,840 --a------ C:\WINDOWS\system32\COMCT332.oca
2007-11-19 16:53 . 2007-11-19 16:54 1,014 ---hs---- C:\WINDOWS\system32\ifoancxa.ini
2007-11-19 15:55 . 2003-02-28 18:26 139,536 --a------ C:\WINDOWS\system32\javaee.dll
2007-11-19 15:55 . 2003-02-28 18:26 46,352 --a------ C:\WINDOWS\setdebug.exe
2007-11-19 15:55 . 2003-02-28 16:54 7,315 --a------ C:\WINDOWS\system32\javasup.vxd
2007-11-19 15:55 . 2003-02-28 16:35 6,550 --a------ C:\WINDOWS\jautoexp.dat
2007-11-19 15:54 . 2003-02-28 16:38 113 --a------ C:\WINDOWS\system32\zonedon.reg
2007-11-19 15:54 . 2003-02-28 16:38 113 --a------ C:\WINDOWS\system32\zonedoff.reg
2007-11-19 11:16 . 2007-11-19 11:16 <DIR> d--h----- C:\Programmi\Zenographics
2007-11-19 11:16 . 2007-11-19 11:16 <DIR> d-------- C:\Programmi\Hewlett-Packard
2007-11-18 14:44 . 2007-11-19 15:57 954 ---hs---- C:\WINDOWS\system32\nmcxwptk.ini
2007-11-15 19:08 . 2007-11-18 14:30 594 ---hs---- C:\WINDOWS\system32\isbljyor.ini
2007-11-15 18:11 . 2007-11-15 19:02 354 ---hs---- C:\WINDOWS\system32\gpconljt.ini
2007-11-14 13:15 . 2007-11-14 13:15 <DIR> d-------- C:\Norton.AntiBot.v1.0-EDGE
2007-11-14 11:01 . 2007-11-14 11:29 264 --a------ C:\WINDOWS\wininit.ini
2007-11-14 10:17 . 2007-11-14 10:17 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2007-11-14 10:03 . 2007-11-14 10:03 <DIR> d-------- C:\Programmi\Sophos
2007-11-14 09:53 . 2007-11-14 11:34 669,113 ---hs---- C:\WINDOWS\system32\edfcpiha.ini
2007-11-13 14:12 . 2007-11-13 14:12 <DIR> d---s---- C:\Documents and Settings\Stefano Papucci\UserData
2007-11-13 13:57 . 2005-08-03 01:47 424,960 --a------ C:\WINDOWS\WRServices.dll
2007-11-13 12:52 . 2005-09-23 08:29 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2007-11-12 19:53 . 2007-11-12 19:53 <DIR> d-------- C:\Canzoni_Gabbianella_e_Natale
2007-11-12 19:18 . 2007-11-12 19:18 <DIR> d-------- C:\Fiabe Sonore Fabbri Editori
2007-11-11 10:00 . 2007-11-11 10:00 <DIR> d-------- C:\Programmi\Tracker Software
2007-11-08 11:38 . 2007-11-08 11:38 <DIR> d-------- C:\Programmi\3M
2007-11-07 10:44 . 2007-11-07 10:44 <DIR> d-------- C:\Posta_Ricevuta
2007-11-07 10:01 . 2007-11-07 10:01 3,671 --a------ C:\RubricaOutlookExpr.csv
2007-11-04 11:36 . 2007-11-04 11:36 <DIR> d-------- C:\TeachYourselfJava6in21Days
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-16 17:19 23,640 ----a-w C:\Documents and Settings\Stefano Papucci\Dati applicazioni\GDIPFONTCACHEV1.DAT
2007-11-01 15:32 --------- d-----w C:\Documents and Settings\Stefano Papucci\Dati applicazioni\Skype
2007-11-01 15:31 --------- d-----w C:\Programmi\Skype
2007-11-01 15:31 --------- d-----w C:\Programmi\File comuni\Skype
2007-11-01 15:31 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Skype
2007-10-25 16:54 8,483,840 ------w C:\WINDOWS\system32\dllcache\shell32.dll
2007-10-08 10:56 --------- d-----w C:\Documents and Settings\Stefano Papucci\Dati applicazioni\Nokia Multimedia Player
2007-10-04 10:39 --------- d-----w C:\Documents and Settings\Stefano Papucci\Dati applicazioni\DataLayer
2007-10-04 09:08 --------- d-----w C:\Documents and Settings\Stefano Papucci\Dati applicazioni\Logitech
2007-10-04 09:08 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Logitech
2007-10-04 08:39 --------- d-----w C:\Documents and Settings\Stefano Papucci\Dati applicazioni\Nokia
2007-10-04 08:35 --------- d-----w C:\Programmi\File comuni\Nokia
2007-10-04 08:35 --------- d-----w C:\Programmi\DIFX
2007-10-04 08:34 --------- d-----w C:\Programmi\Nokia
2007-10-04 08:34 --------- d-----w C:\Programmi\File comuni\PCSuite
2007-10-04 08:34 --------- d-----w C:\Documents and Settings\Stefano Papucci\Dati applicazioni\PC Suite
2007-10-04 08:34 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\PC Suite
2007-10-04 08:33 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Downloaded Installations
2007-09-01 15:19 11,497 ----a-w C:\Documents and Settings\Stefano Papucci\ntuserdirect.dat
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2c924209-9adc-4010-88e5-4d6b890fc300}]
C:\WINDOWS\system32\fvuxyxot.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30c87fa7-1c1d-4702-a893-8970c1ce9600}]
C:\WINDOWS\system32\iojjabye.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6bbd8050-2c51-4b3b-ab5c-cb02df5a9705}]
C:\WINDOWS\system32\eajpbstu.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7b26b0b7-1548-40c9-815f-dc895ce36b25}]
C:\WINDOWS\system32\qlyedocx.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a182ecc9-f08f-4d7d-9915-527b8aa6c67e}]
C:\WINDOWS\system32\rkjepcsh.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A20F15CE-C276-44A9-92EC-6C510A4E3ACE}]
C:\WINDOWS\system32\gebyx.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a8a4dd42-d0ec-461f-a5ff-df2bcaff85b6}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{aab72303-4ce4-4622-8a99-12e919a50981}]
C:\WINDOWS\system32\vmiaaxmw.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15:39]
"PcSync"="C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-06-19 15:59]
"msnmsgr"="C:\Programmi\MSN Messenger\msnmsgr.exe" [2007-01-19 12:54]
"Skype"="C:\Programmi\Skype\Phone\Skype.exe" [2007-09-13 13:31]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" []
"ATIModeChange"="Ati2mdxx.exe" [2001-09-04 16:24 C:\WINDOWS\system32\Ati2mdxx.exe]
"ATIPTA"="C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-01-24 21:00]
"AGRSMMSG"="AGRSMMSG.exe" [2002-10-18 11:07 C:\WINDOWS\AGRSMMSG.exe]
"SynTPLpr"="C:\Programmi\Synaptics\SynTP\SynTPLpr.exe" [2002-11-15 17:40]
"SynTPEnh"="C:\Programmi\Synaptics\SynTP\SynTPEnh.exe" [2002-11-18 09:34]
"AcerNotebookManager"="C:\Programmi\Acer\Notebook Manager\almxptray.exe" [2003-02-16 20:52]
"SoundMan"="SOUNDMAN.EXE" [2003-03-27 16:34 C:\WINDOWS\soundman.exe]
"LManager"="C:\Programmi\Launch Manager\QtZgAcer.EXE" [2003-04-14 11:36]
"AcerWirelessManager"="C:\Programmi\Acer\Wireless\Utility\Wlan11ab.exe" [2003-01-03 21:07]
"SunJavaUpdateSched"="C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"Adobe Reader Speed Launcher"="C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
"QuickTime Task"="C:\Programmi\QuickTime\qttask.exe" [2007-04-27 09:41]
"NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50]
"PCSuiteTrayApplication"="C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.exe" [2006-06-15 12:36]
"AVP"="C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [2007-06-28 12:51]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 15:39]
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Gestione servizi.lnk - C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2007-08-01 19:28:45]
Microsoft Office.lnk - C:\Programmi\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\nhdvjikz]
nhdvjikz.dll
R0 VIRAGTLT;VIRAGTLT;C:\WINDOWS\system32\drivers\VIRAGTLT.sys
R2 acernbm;acernbm;C:\WINDOWS\system32\drivers\acernbm.sys
R3 AWINDIS5;AWINDIS5 Protocol Driver;\??\C:\WINDOWS\system32\AWINDIS5.SYS
R3 CONAN;CONAN;C:\WINDOWS\system32\drivers\o2mmb.sys
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys
R3 mbxfilt;mbxfilt;C:\WINDOWS\system32\drivers\MbxFilt.sys
R3 O2SCBUS;O2Micro SmartCardBus Reader;C:\WINDOWS\system32\DRIVERS\ozscr.sys
S3 DKbFltr;Dritek HotKey Keyboard Filter Driver;C:\WINDOWS\system32\Drivers\DKbFltr.sys
S3 LEX_AS_NIC_SERVICE;LAN-Express IEEE 802.11a/b Wireless Network Adapter Service;C:\WINDOWS\system32\DRIVERS\Expsab2.sys
S3 MEMSWEEP2;MEMSWEEP2;\??\C:\WINDOWS\system32\8C4.tmp
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0898bd60-3af2-11dc-b6e4-00028aa470a2}]
\Shell\AutoRun\command - F:\LaunchU3.exe
.
**************************************************************************
catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-03 10:39:04
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
Ora fine scansione: 2007-12-03 10:40:57 - machine was rebooted
.
--- E O F ---
|
|
|
|
03-12-2007, 11:27
|
#44 |
|
Moderatore
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
|
Nuovo log di Prevx CSI + nuovo log di HijackThis
NB: allega i log in formato .txt con la fuzione Gestisci allegati o hostali su www.zshare.net indicando nel prossimo post il link dove prelevarli
__________________
Try again and you will be luckier.
Ultima modifica di Chill-Out : 03-12-2007 alle 11:44. |
|
|
|
03-12-2007, 12:04
|
#45 |
|
Junior Member
Iscritto dal: Nov 2007
Messaggi: 9
|
Ho rieseguito PrevxCSI e HiJackThis ed i loro log sono in zshare al link http://www.zshare.net/download/534081080d4fa8/
Scusa la domanda, ma perchè nel tuo messaggio indichi in grassetto rosso le modalità di invio degli allegati ? Ho sbagliato qualcosa nel mio messaggio precedente ? Grazie |
|
|
|
03-12-2007, 14:52
|
#46 | |
|
Moderatore
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
|
Avenger
Scompattarlo, avviarlo, selezionare "Input script manually" e cliccare sulla lente d'ingrandimento. Nella nuova finestra, incollare lo script che viene indicato cliccare sul pulsante "Done",cliccare sull'icona di semaforo verde rispondere "yes" 2 volte ;il pc dovrebbe riavviarsi da solo se così non fosse, riavvialo manualmente. Al riavvio del sistema verrà visualizzato il log in c:\avenger.txt da postare per il controllo. http://swandog46.geekstogo.com/avenger.zip Script: Quote:
O2 - BHO: (no name) - {2c924209-9adc-4010-88e5-4d6b890fc300} - C:\WINDOWS\system32\fvuxyxot.dll (file missing) O2 - BHO: (no name) - {30c87fa7-1c1d-4702-a893-8970c1ce9600} - C:\WINDOWS\system32\iojjabye.dll (file missing) O2 - BHO: (no name) - {6bbd8050-2c51-4b3b-ab5c-cb02df5a9705} - C:\WINDOWS\system32\eajpbstu.dll (file missing) O2 - BHO: (no name) - {7b26b0b7-1548-40c9-815f-dc895ce36b25} - C:\WINDOWS\system32\qlyedocx.dll (file missing) O2 - BHO: (no name) - {a182ecc9-f08f-4d7d-9915-527b8aa6c67e} - C:\WINDOWS\system32\rkjepcsh.dll (file missing) O2 - BHO: (no name) - {A20F15CE-C276-44A9-92EC-6C510A4E3ACE} - C:\WINDOWS\system32\gebyx.dll (file missing) O2 - BHO: {6b58ffac-b2fd-ff5a-f164-ce0d24dd4a8a} - {a8a4dd42-d0ec-461f-a5ff-df2bcaff85b6} - (no file) O2 - BHO: (no name) - {aab72303-4ce4-4622-8a99-12e919a50981} - C:\WINDOWS\system32\vmiaaxmw.dll (file missing) O20 - Winlogon Notify: nhdvjikz - nhdvjikz.dll (file missing) Disattiva Ripristino configurazione sistema Clicca sul pulsante Start, clicca con il pulsante destro del mouse su Risorse del computer, quindi scegliere Proprietà. Nella finestra di dialogo Proprietà del sistema scegliere la scheda Ripristino configurazione di sistema. Selezionare la casella di controllo Disattiva Ripristino configurazione di sistema. In alternativa selezionare la casella di controllo Disattiva Ripristino configurazione di sistema su tutte le unità. Scegliere OK. Quando viene visualizzato il messaggio seguente, scegliere Sì per confermare la disattivazione di Ripristino configurazione di sistema: Si è scelto di disattivare Ripristino configurazione di sistema. Se si continua, tutti i punti di ripristino esistenti verranno eliminati e non sarà possibile tenere traccia delle modifiche o annullarle nel computer. CCleaner Scarica ed installa (senza la toolbar di Yahoo) CCleaner per la pulizia dei file temporanei ed inutilizzati Una volta installato clicca su Opzioni -> Avanzate -> togli il segno di spunta dalla seguente voce Cancella file in Windows Temp solo se più vecchi di 48 ore Clicca sulla voce Pulizia -> Analizza -> Avvia Pulizia Download http://www.filehippo.com/download/83...b540/download/ a-squared Free Scarica, installa ed aggiorna a-squared Free clicca su Scansiona PC ed esegui una Deep Scan metti in quarantena gli eventuali malware rilevati Download: http://download5.emsisoft.com/a2FreeSetup.exe al termina allega log di a-squared e nuovo log di hijackThis Non hai sbagliato nulla e che a leggere i log nel tag quote ho le crepe negli occhi 
__________________
Try again and you will be luckier.
|
|
|
|
|
03-12-2007, 17:33
|
#47 |
|
Junior Member
Iscritto dal: Nov 2007
Messaggi: 9
|
@Chill-Out
Ho seguito le istruzioni alla lettera ed i logs sono qua http://www.zshare.net/download/534689915caf23/ |
|
|
|
03-12-2007, 17:39
|
#48 |
|
Moderatore
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
|
sembra ok, riscontri ancora problemi?
__________________
Try again and you will be luckier.
|
|
|
|
03-12-2007, 17:46
|
#49 |
|
Junior Member
Iscritto dal: Nov 2007
Messaggi: 9
|
@Chill-Out
Ad ora no!  Ti devo una cena. Ciao e grazie |
|
|
|
03-12-2007, 17:51
|
#50 |
|
Moderatore
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
|
Ultime cosette da fare:
aggiornare IE alla versione 7 http://www.microsoft.com/italy/windo...e/default.mspx puoi riabilitare il ripristino configurazione sistema e creare un punto di ripristino puoi eliminare il file dalla quarantena di a-squared -> C:\VundoFix Backups\gebyx.dll.bad rilevati: Adware.Win32.Virtumonde.aql
__________________
Try again and you will be luckier.
|
|
|
|
03-12-2007, 17:56
|
#51 |
|
Junior Member
Iscritto dal: Nov 2007
Messaggi: 9
|
Ok, lo faccio subito.
Piuttosto chiedo: io ora ho su il Kaspersky AV 7.0 (l'ho messo su dopo che mi ero accorto di tutti i problemi che NOD32 non mi aveva rilevato). Attualmente sono in trial, posso acquistarlo o è meglio cambiarlo con qualcosa di altro ? E per firewall, ho letto qui dei giudizi molto buoni riguardo a Comodo, vado per lui ? Grazie |
|
|
|
03-12-2007, 18:06
|
#52 | |
|
Moderatore
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
|
Quote:
http://www.hwupgrade.it/forum/showthread.php?t=1545212
__________________
Try again and you will be luckier.
|
|
|
|
|
03-12-2007, 18:08
|
#53 |
|
Junior Member
Iscritto dal: Nov 2007
Messaggi: 9
|
Siete impagabili !
Grazie di tutto |
|
|
|
03-12-2007, 18:28
|
#54 |
|
Moderatore
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
|
prego, di nulla.
Ciao
__________________
Try again and you will be luckier.
|
|
|
|
06-01-2008, 14:53
|
#55 |
|
Junior Member
Iscritto dal: Jan 2008
Messaggi: 12
|
Ciao a tutti
Sono stato indirizzato da voi in quanto infetto dal visrus Vundo ( e chissà cos’alto  ) Ho già svolto alcuni passi delle guida alla disinfestazione e precisamente: - Bloccato le attività di ripristino del sistema - Scaricato installato ed eseguito Nod32, e rimossi i files segnalati - Scaricato installato ed eseguito A-Squared Free v3.x Log di A-Squared Free v3.x: http://www.zshare.net/download/62184789107cfd/ - Scaricato installato ed eseguito Prevx CSI : Log di Prevx CSI: http://www.zshare.net/download/62184489de5402/ - La scansione in linea con Nanoscan diceva : Il PC non contiene virus - La scansione in linea con Ewido dava come Log: http://www.zshare.net/download/6218373699980e/ - Uppato il file C:\WINDOWS\system32\gebbyxy.dll nei siti di virustotal e virusscan.jotti ottenedo le seguenti diagnosi (http://www.zshare.net/download/624238712a7a35/) Addesso non saprei come continuare, se proseguire nei passi della guida agli infetti con hjakthis e gmer o iniziare le procedure di questa sezione, o altro ancora. In ogni caso i problemi sussistono e navigando mi si aprono finestre in continuazione che mi invitano a scaricare gli antivirus più strani o a fare viaggi a Praga. Spero di essere nel 3d giusto, intanto ringrazio chi mi ha aiutato finora e chi continuerà a farlo. Sienfun |
|
|
|
06-01-2008, 17:08
|
#56 | |
|
Bannato
Iscritto dal: Jul 2007
Città: Riverside House
Messaggi: 3333
|
Quote:
Disabilita il Ripristino configurazione di sistema procedendo in questa maniera: ● tasto destro del mouse sull'icona Risorse del Computer ● seleziona la voce Proprietà ● apri la scheda Ripristino configurazione di Sistema ● spunta la voce Disattiva ripristino configurazione di sistema ● conferma, la modifica, con Applica e, poi Ok Il Ripristino configurazione di sistema deve rimanere disabilitato fino a quando non sarà risolto il problema esposto Svuota il contenuto della cartella Prefetch procedendo in questa maniera: ● clicca su Risorse del Computer ● clicca su Disco locale C: ● cerca, all’interno delle cartelle che verranno visualizzate la cartella Windows ● aprila ed, al suo interno, cerca la cartella Prefetch ● aprila ed elimina tutte le voci conservate al suo interno mi raccomando, non eliminare la cartella Scarica DUSTBUSTER (richiede l’installazione) clicca qui per il download scarica TRENDMICRO ROOTKIT BOOSTER (non richiede l’installazione) clicca qui per il download Devi creare una apposta Cartella sul Desktop ed al suo interno scompatta il file ● lancia il tool e clicca su Scan ● al termine della scansione ti verrà richiesto di salvare il log ● se venissero rilevati rootkit provvedi alla loro eliminazione ● verrà generato un log in una cartella denominata TRMBLog all'interno della cartella che hai precedentemente creato allega il log salvato Scarica COMBO FIX (Non richiede l’installazione) clicca qui per il download Posizionalo sul Desktop e lancialo: ● completata la prima fase della scansione il sistema verrà riavviato automaticamente ● dopo il riavvio, verranno creati due log in Risorse del Computer - Disco Locale C: ● combofix.txt ● comboFix-quarantined-files.txt allega, entrambi i log che verranno rilasciati Note: Durante la scansione: ● verranno creati alcuni file sul desktop e poi eliminati ● spariranno, per un attimo, tutte le icone presenti sul Desktop ● il firewall potrebbe rilasciare un avviso che verranno rimossi alcuni driver (consentire) Scarica SPYWARE TERMINATOR (richiede l’installazione) clicca qui per il download ● una volta installato, avvia la scansione e pulisci tutto quello che rileva Scarica HIJACKTHIS (non richiede l’installazione) clicca qui per il download ● devi creare una apposta Cartella in C:/Programmi (chiamala HThis) ● scompatta, all'interno della cartella creata, il file Zip pulisci, prima di tutto gli eventuali ADS quindi: ● lancia Hijackthis_v2 ● clicca sulla voce Open the Misc Tool section ● clicca su Open ADS Spy ● clicca su Scan ● se venissero rilevati ADS spunta tutte le caselline e clicca su Remove Selected poi: ● rilancia Hijackthis_v2, clicca su Do a system scan and save a logfile ● una volta che è stata creata la list, clicca su Save Log allega il log che verrà rilasciato MODALITA’ DI PUBBLICAZIONE DEI LOG RICHIESTI: ● se il relativo txt generato è al max 20 kb, deve essere allegato alla discussione, utilizzando l'apposita funzione Gestisci Allegati; ● se superiore a 20 kb, hostato su Zshare clicca qui per raggiungere ZShare, pubblicando, nella discussione, il link che verrà rilasciato per il download. Ultima modifica di Riverside : 06-01-2008 alle 17:13. |
|
|
|
|
06-01-2008, 22:44
|
#57 |
|
Junior Member
Iscritto dal: Jan 2008
Messaggi: 12
|
Ecco i log che ho ottenuto.
Combofix http://www.zshare.net/download/6254360175a120/ ComboFix-quarantined-files http://www.zshare.net/download/62543793ed7616/ TRENDMICRO ROOTKIT BOOSTER http://www.zshare.net/download/62545445f1ef1d/ Hijackthis http://www.zshare.net/download/6254582973f1fa/ Ho rimosso avast e installato Avira e Spywere T. anche se sta diventando una battaglia per il loro continuo intervento ad ogni apertura di programma e pagina web Attendo istruzioni |
|
|
|
06-01-2008, 22:47
|
#58 |
|
Junior Member
Iscritto dal: Jan 2008
Messaggi: 12
|
Ho notato che si è tolta la spunta dal disattiva ripristino di confi di sistema, è normale?
Sono sicuro di averla spuntata a suo tempo |
|
|
|
06-01-2008, 23:28
|
#59 | |
|
Bannato
Iscritto dal: Jul 2007
Città: Riverside House
Messaggi: 3333
|
Quote:
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O4 - Global Startup: PalTalk.lnk.disabled O16 - DPF: {33331111-1111-1111-1111-615111193427} – O16 - DPF: {50BD5CDA-4BA8-4048-8FAA-763F222E41D8} - ms-its:mhtml:file://c:\nores.mht!http://adxrnet.net/code/chm/xpre.chm::/xpreload.ocx O20 - AppInit_DLLs: quella che ti indico in rosso, falla analizzare su VIRUS TOTAL: Clicca qui per VirusTotal allega il Report che verrà rilasciato O2 - BHO: {40003cd2-71c9-3f8b-6574-3ee683b134ba} - {ab431b38-6ee3-4756-b8f3-9c172dc30004} - C:\WINDOWS\System32\fisbshgw.dll Sta roba la conosci??  O16 - DPF: {BD0D1F18-5561-11DC-A0D9-692F56D89593} - http://zxcd.info/code/1026.exe P.S. 1: ComboFix ha fatto, praticamente, una strage. P.S. 2: per cercarvi le grane, siete, davvero, mostruosi 
Ultima modifica di Riverside : 06-01-2008 alle 23:34. |
|
|
|
|
07-01-2008, 00:00
|
#60 |
|
Junior Member
Iscritto dal: Jan 2008
Messaggi: 12
|
|
|
|
|
|
| Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 02:01.
