WinCoDecPRO Removal Needed - Hijackthis log included

Page 2 of 2 Previous  1, 2

View previous topic View next topic Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Dr Jay on Thu Oct 22, 2009 2:45 pm

How is your computer running? Are you still getting the bluescreen?


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13717
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302127
# Likes # Likes : 10

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Robert09 on Thu Oct 22, 2009 7:18 pm

DMJ - Yes, I still get the long blue screen upon start-up. I have also noticed that if I go to Task Manger and close a program, the blue screen comes up again.

Th red icon is gone however, the sound is working and the dejusched.exe no longer comes up after restarting.
How do I know the trojan is completely gone for good?

Also, I noticed the computer is running a little slower overall and when I open important things like 'Add/Remove Programs' no icons appear on the screen, however there is plain text at the top of the screen that says "Change or Remove ProgramsAdd New ProgramsAdd/Remove Windows ComponentsSet Program Access and Defaults" exactly as I typed it. The text is not clickable however.

I am also still unable to use copy/paste.

Robert09
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2009-10-14
OS OS : 2000 Pro
Points Points : 26223
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Robert09 on Thu Oct 22, 2009 10:09 pm

DMJ - I ran a Spyware Termintor scan and this is the scan report:

Logfile of Spyware Terminator v2.6.1.239 (db:3.010.013.000)
Scan Time: 10/22/2009 3:03:52 PM length: 160 s
Platform: W2K (5.0.0.2195)
User: Admin
Boot Mode: Normal
Scan type: Fast_Spyware_Scan
Scanned Objects: 46697 (Critical:6)
Filter: No System items, No Safe items, No Invalid items

Running Processes
csrss.exe [Microsoft Corporation] : C:\WINNT\system32\csrss.exe
lsass.exe [Microsoft Corporation] : C:\WINNT\system32\lsass.exe
AOLAcsd.exe [AOL LLC] : C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
DefWatch.exe [Symantec Corporation] : C:\Program Files\Symantec AntiVirus\DefWatch.exe
LxrSII1s.exe : C:\WINNT\system32\LxrSII1s.exe
rtvscan.exe [Symantec Corporation] : C:\Program Files\NavNT\rtvscan.exe
stisvc.exe [Microsoft Corporation] : C:\WINNT\system32\stisvc.exe
Rtvscan.exe [Symantec Corporation] : C:\Program Files\Symantec AntiVirus\Rtvscan.exe
wanmpsvc.exe [America Online, Inc.] : C:\WINNT\wanmpsvc.exe
WZQKPICK.EXE [WinZip Computing, S.L.] : C:\Program Files\WinZip\WZQKPICK.EXE

Internet Settings
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = [You must be registered and logged in to see this link.]
R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = [You must be registered and logged in to see this link.]
R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = [You must be registered and logged in to see this link.]
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain = RobertsonDX.com

StartUps
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AIM : [America Online, Inc.] : C:\Program Files\AIM95\aim.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, VTPreset : [S3 Graphics, Inc.] : C:\WINNT\system32\VTPreset.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HostManager : [AOL LLC] : C:\Program Files\Common Files\AOL\1255452910\ee\AOLSoftware.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Adobe ARM : [Adobe Systems Incorporated] : C:\Program Files\Common Files\ADOBE\ARM\1.0\ADOBEARM.EXE
04 - Startup: %STARTUPALL%\WinZip Quick Pick.lnk [WinZip Computing, S.L.] : C:\Program Files\WinZip\WZQKPICK.EXE

Shell Extensions
Multimedia File Property Sheet - {00022613-0000-0000-C000-000000000046} - [Microsoft Corporation] : C:\WINNT\system32\mmsys.cpl
Shell Scrap DataHandler - {56117100-C0CD-101B-81E2-00AA004AE837} - [Microsoft Corporation] : C:\WINNT\system32\shscrap.dll
HyperTerminal Icon Ext - {88895560-9AA2-1069-930E-00AA0030EBC8} - [Hilgraeve, Inc.] : C:\WINNT\system32\hticons.dll
Scheduling UI icon handler - {DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF} - [Microsoft Corporation] : C:\WINNT\system32\mstask.dll
Scheduling UI property sheet handler - {797F1E90-9EDD-11cf-8D8E-00AA0060F5BF} - [Microsoft Corporation] : C:\WINNT\system32\mstask.dll
Scheduled Tasks - {D6277990-4C6A-11CF-8D87-00AA0060F5BF} - [Microsoft Corporation] : C:\WINNT\system32\mstask.dll
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - [Microsoft Corporation] : C:\WINNT\system32\webcheck.dll
Subscription Mgr - {ABBE31D0-6DAE-11D0-BECA-00C04FD940BE} - [Microsoft Corporation] : C:\WINNT\system32\webcheck.dll
Subscription Folder - {F5175861-2688-11d0-9C5E-00AA00A45957} - [Microsoft Corporation] : C:\WINNT\system32\webcheck.dll
WebCheckWebCrawler - {08165EA0-E946-11CF-9C87-00AA005127ED} - [Microsoft Corporation] : C:\WINNT\system32\webcheck.dll
WebCheckChannelAgent - {E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB} - [Microsoft Corporation] : C:\WINNT\system32\webcheck.dll
TrayAgent - {E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7} - [Microsoft Corporation] : C:\WINNT\system32\webcheck.dll
Code Download Agent - {7D559C10-9FE9-11d0-93F7-00AA0059CE02} - [Microsoft Corporation] : C:\WINNT\system32\webcheck.dll
ConnectionAgent - {E6CC6978-6B6E-11D0-BECA-00C04FD940BE} - [Microsoft Corporation] : C:\WINNT\system32\webcheck.dll
PostAgent - {D8BD2030-6FC9-11D0-864F-00AA006809D9} - [Microsoft Corporation] : C:\WINNT\system32\webcheck.dll
WebCheck SyncMgr Handler - {7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB} - [Microsoft Corporation] : C:\WINNT\system32\webcheck.dll
VpshellEx Class - {BDA77241-42F6-11d0-85E2-00AA001FE28C} - [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll
Channel - {f39a0dc0-9cc8-11d0-a599-00c04fd64433} - [Microsoft Corporation] : C:\WINNT\system32\cdfview.dll
Channel Shortcut - {f3aa0dc0-9cc8-11d0-a599-00c04fd64434} - [Microsoft Corporation] : C:\WINNT\system32\cdfview.dll
Channel Handler Object - {f3ba0dc0-9cc8-11d0-a599-00c04fd64435} - [Microsoft Corporation] : C:\WINNT\system32\cdfview.dll
Channel Menu Handler Object - {f3da0dc0-9cc8-11d0-a599-00c04fd64437} - [Microsoft Corporation] : C:\WINNT\system32\cdfview.dll
Channel Shortcut Property Pages - {f3ea0dc0-9cc8-11d0-a599-00c04fd64438} - [Microsoft Corporation] : C:\WINNT\system32\cdfview.dll
Web Folders - {BDEADF00-C265-11D0-BCED-00A0C90AB50F} - [Microsoft Corporation] : C:\Program Files\Common Files\Microsoft Shared\Web Folders\MSONSEXT.DLL
Microsoft Office Outlook - {00020D75-0000-0000-C000-000000000046} - [Microsoft Corporation] : C:\Program Files\Microsoft Office\OFFICE11\MLSHEXT.DLL
Outlook File Icon Extension - {0006F045-0000-0000-C000-000000000046} - [Microsoft Corporation] : C:\Program Files\Microsoft Office\OFFICE11\OLKFSTUB.DLL
WinZip - {E0D79304-84BE-11CE-9641-444553540000} - [WinZip Computing LP] : C:\Program Files\WinZip\wzshlstb.dll
WinZip - {E0D79305-84BE-11CE-9641-444553540000} - [WinZip Computing LP] : C:\Program Files\WinZip\wzshlstb.dll
WinZip - {E0D79306-84BE-11CE-9641-444553540000} - [WinZip Computing LP] : C:\Program Files\WinZip\wzshlstb.dll
WinZip - {E0D79307-84BE-11CE-9641-444553540000} - [WinZip Computing LP] : C:\Program Files\WinZip\wzshlstb.dll
WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} - : C:\Program Files\WinRAR\rarext.dll

Shell Service Objects
- {WebCheck} - [Microsoft Corporation] : C:\WINNT\system32\webcheck.dll

Protocol Handler
Data Page Pluggable Protocol mso-offdap Handler - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - [Microsoft Corporation] : C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL

Services
23 - [Arcsoft, Inc.] : C:\WINNT\system32\drivers\Afc.sys
23 - [AOL LLC] : C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
23 - [Microsoft Corporation] : C:\WINNT\system32\DRIVERS\cdrom.sys
23 - [Symantec Corporation] : C:\Program Files\Symantec AntiVirus\DefWatch.exe
23 - [Microsoft Corporation] : C:\WINNT\system32\DRIVERS\disk.sys
23 - [VERITAS Software Corp.] : C:\WINNT\system32\drivers\dmio.sys
23 - [VERITAS Software Corp.] : C:\WINNT\system32\drivers\dmload.sys
23 - [VIA Technologies, Inc.] : C:\WINNT\system32\DRIVERS\fetnd5b.sys
23 - [Microsoft Corporation] : C:\WINNT\system32\DRIVERS\flpydisk.sys
23 - : C:\WINNT\system32\Drivers\LxrSII1d.sys
23 - : C:\WINNT\system32\LxrSII1s.exe
23 - [Symantec Corporation] : C:\Program Files\NavNT\rtvscan.exe
23 - [Parallel Technologies, Inc.] : C:\WINNT\system32\DRIVERS\ptilink.sys
23 - [S3 Graphics, Inc.] : C:\WINNT\system32\DRIVERS\s3gnbm.sys
23 - [Symantec Corporation] : C:\Program Files\Symantec AntiVirus\savrt.sys
23 - [Symantec Corporation] : C:\Program Files\Symantec AntiVirus\Savrtpel.sys
23 - : C:\WINNT\system32\SetupNT.sys
23 - [Symantec Corporation] : C:\Program Files\Symantec AntiVirus\Rtvscan.exe
23 - [Symantec Corporation] : C:\WINNT\system32\Drivers\SYMTDI.SYS
23 - [VIA Technologies, Inc.] : C:\WINNT\system32\DRIVERS\viaagp1.sys
23 - [VIA Technologies, Inc.] : C:\WINNT\system32\DRIVERS\viaide.sys
23 - [VIA Technologies, Inc.] : C:\WINNT\system32\drivers\vinyl97.sys
23 - [VIA Technologies, Inc.] : C:\WINNT\system32\DRIVERS\videX32.sys
23 - [VIA Technologies, Inc.] : C:\WINNT\system32\Drivers\vulfnth.sys
23 - [VIA Technologies, Inc.] : C:\WINNT\system32\Drivers\vulfntr.sys
23 - [America Online, Inc.] : C:\WINNT\system32\DRIVERS\wanatw4.sys
23 - [America Online, Inc.] : C:\WINNT\wanmpsvc.exe

Winlogon Notify
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon, DLLName : [Symantec Corporation] : C:\WINNT\system32\NavLogon.dll

Threat Files
: C:\Documents and Settings\Administrator\Desktop\SmitfraudFix\Reboot.exe
: C:\Documents and Settings\Administrator\Desktop\SmitfraudFix\restart.exe
: C:\Documents and Settings\Administrator\Desktop\SmitfraudFix\SmitfraudFix\Reboot.exe
: C:\Documents and Settings\Administrator\Desktop\SmitfraudFix\SmitfraudFix\restart.exe
: C:\Documents and Settings\Administrator\Desktop\SmitfraudFix.exe

Advanced Files Report
%SYSDIR%\csrss.exe [Microsoft Corporation] [Microsoft(R) Windows (R) 2000 Operating System] MD5=6533392C5AF4BF5C7FF12E453DD59AE5 SIZE=5392
%SYSDIR%\NavLogon.dll [Symantec Corporation] [Symantec AntiVirus] MD5=0C08E4D83ED6DDF9DB4D683ADC03AE35 SIZE=83272
%SYSDIR%\lsass.exe [Microsoft Corporation] [Microsoft(R) Windows (R) 2000 Operating System] MD5=F19D0A319AB4BF5496F08807CB9B8651 SIZE=33552
%COMMONFILES%\AOL\ACS\AOLAcsd.exe [AOL LLC] [AOL Connectivity Service] MD5=85180CF88C5EBAD73B452A43A004CA51 SIZE=46640
%COMMONFILES%\AOL\ACS\AOLacsd.dll [AOL LLC] [AOL Connectivity Service] MD5=386914F677F489C8AFCB1ED53092968B SIZE=1267072
%COMMONFILES%\AOL\ACS\xpat.dll [AOL LLC] [AOL Connectivity Service] MD5=4B8FF89DCC1AB4ACA9B6B2A0B3814131 SIZE=124288
%COMMONFILES%\AOL\ACS\ACSMDiag.dll [AOL LLC] [AOL Connectivity Service] MD5=A9FFC3CDCD2785D11B9460509B056413 SIZE=87424
%COMMONFILES%\AOL\AOLDiag\tbdiag.dll [AOL LLC] [AOL Diagnostics] MD5=15B9CC21717F3CD0F660AF315521E3C0 SIZE=106496
%COMMONFILES%\AOL\ACS\AcsCmn.dll [AOL LLC] [AOL Connectivity Service] MD5=A78F8B9BDD0027D17FB5BA5179944122 SIZE=206208
%PROGRAMFILES%\Symantec AntiVirus\DefWatch.exe [Symantec Corporation] [Symantec AntiVirus] MD5=626534AD71DAB174C4524214A9E8BB89 SIZE=30024
%SYSDIR%\LxrSII1s.exe MD5=5BEF7E9D23F65C50C63E31DD3D154D0F SIZE=53248
%PROGRAMFILES%\NavNT\rtvscan.exe [Symantec Corporation] [Norton AntiVirus] MD5=4739C7C6BD87EFFF6F033DD7DB3A4DBD SIZE=454656
%PROGRAMFILES%\NavNT\Dec2.dll [Symantec Corporation] [File Decomposer] MD5=98832FAEBAC2DD075A5BEE10A40C7996 SIZE=28672
%PROGRAMFILES%\NavNT\Dec2ARJ.dll [Symantec Corporation] [File Decomposer] MD5=1B057D4B77C531E9365432BE12183518 SIZE=36864
%PROGRAMFILES%\NavNT\Dec2ID.dll [Symantec Corporation] [File Decomposer] MD5=0A01D73DC5B01C2ECED669AB6EA9FF03 SIZE=32768
%PROGRAMFILES%\NavNT\Dec2LHA.dll [Symantec Corporation] [File Decomposer] MD5=03D76A7AF332CF5CB5D46D9D9B1C5712 SIZE=32768
%PROGRAMFILES%\NavNT\SymLHA.dll [Symantec Corporation] [File Decomposer] MD5=DF43252DA73119EB89445FD97968CDAF SIZE=65536
%PROGRAMFILES%\NavNT\Dec2LZ.dll [Symantec Corporation] [File Decomposer] MD5=DEEC530F1CAECB18CDE0A07F2E79740A SIZE=28672
%PROGRAMFILES%\NavNT\Dec2MIME.dll [Symantec Corporation] [File Decomposer] MD5=F3825A0C65CDEA115C67213C34065F3B SIZE=69632
%PROGRAMFILES%\NavNT\Dec2Zip.dll [Symantec Corporation] [File Decomposer] MD5=9FBCDB58DE1F49D19DED54934299973F SIZE=159744
%PROGRAMFILES%\NavNT\Dec2AMG.dll [Symantec Corporation] [File Decomposer] MD5=5A021E190AB14F3D334883CD6325CB8F SIZE=32768
%PROGRAMFILES%\NavNT\SYMAMG32.DLL [Symantec Corporation with portions by FUJITSU DEVICES INC.] [File Decomposer] MD5=CA3BBE4BCA1DD3337EADC749D5AA2875 SIZE=86016
%PROGRAMFILES%\NavNT\Dec2UUE.dll [Symantec Corporation] [File Decomposer] MD5=C9AFB092BF8CE173D6437A287CEDDFAE SIZE=36864
%PROGRAMFILES%\NavNT\Dec2SS.dll [Symantec Corporation] [File Decomposer] MD5=686B0036E2FA05B83BF3FB6EB2BFCBD6 SIZE=36864
%PROGRAMFILES%\NavNT\Dec2RTF.dll [Symantec Corporation] [File Decomposer] MD5=E0B6A5743555C95DECA6654FB326728C SIZE=53248
%SYSDIR%\CBA.DLL [Intel® Corporation] [Intel Common Base Agent] MD5=9494FB92DD9687E00EDFF2877B39C44F SIZE=28723
%SYSDIR%\MsgSys.dll [Intel® Corporation] [Intel Common Base Agent] MD5=E57541455E4900F58F9A8F063FFAF7A8 SIZE=41017
%SYSDIR%\NTS.dll [Intel® Corporation] [Intel Common Base Agent] MD5=094AA945FABE34A4479AB3F59FB93FD6 SIZE=77875
%SYSDIR%\PDS.DLL [Intel® Corporation] [Intel Common Base Agent] MD5=8B3D49D23FFD30609433DFD0790FA1AB SIZE=65590
%PROGRAMFILES%\NavNT\NAVLU.dll [Symantec Corporation] [Norton AntiVirus] MD5=EFD65F824C5793D8866899EC18908FEC SIZE=61440
%PROGRAMFILES%\NavNT\NAVNTUTL.DLL [Symantec/Peter Norton Group] [Norton AntiVirus] MD5=4005D24EA0CC89426F997A406EA359D0 SIZE=49152
%PROGRAMFILES%\NavNT\I2ldvp3.dll [Symantec Corporation] [Norton AntiVirus] MD5=06A5A7C481B20634BB652123000FFD44 SIZE=262144
%PROGRAMFILES%\NavNT\NAVAPI32.DLL [Symantec Corp.] [NAVAPI] MD5=46C0727A12254A74AF062E09A581A686 SIZE=196608
%PROGRAMFILES%\Symantec AntiVirus\NotesExt.dll [Symantec Corporation] [Symantec AntiVirus] MD5=2B158263F632D040E297CB1B0C3B7FEC SIZE=103776
%PROGRAMFILES%\Symantec AntiVirus\vpmsece2.dll [Symantec Corporation] [Symantec AntiVirus] MD5=CA88FAB57915678410B51CAD917987D0 SIZE=79200
%PROGRAMFILES%\Symantec AntiVirus\SAVRT32.DLL [Symantec Corporation] [Symantec AntiVirus AutoProtect] MD5=643A1C8AD3938D8855F507FBCD82192C SIZE=218344
%SYSDIR%\stisvc.exe [Microsoft Corporation] [Microsoft(R) Windows (R) 2000 Operating System] MD5=B75235626B950FF821146555C612F814 SIZE=61712
%SYSDIR%\essiscnb.dll [SEIKO EPSON CORP.] [User mode Mini Drv.] MD5=A87596C7BB6AEFBC1D2F18E5B0B121F2 SIZE=53248
%SYSDIR%\JSCPL32.CPL [JetFax, Inc.] [JetSuite] MD5=C9EA673C226F6525383526C8BFBE831E SIZE=20480
%PROGRAMFILES%\Symantec AntiVirus\Rtvscan.exe [Symantec Corporation] [Symantec AntiVirus] MD5=825349E7566B49E583399CA821D3436A SIZE=1267024
%PROGRAMFILES%\Symantec AntiVirus\NAVLU.dll [Symantec Corporation] [Symantec AntiVirus] MD5=667D0CF09C8601670F55214C11902CFC SIZE=58688
%PROGRAMFILES%\Symantec AntiVirus\I2ldvp3.dll [Symantec Corporation] [Symantec AntiVirus] MD5=F370FFC0566F590661BE9AD347950689 SIZE=243024
%PROGRAMFILES%\Symantec AntiVirus\ecmldr32.DLL [Symantec Corp.] [ECOM Loader] MD5=E8753779E5996465C7C50C8E988CED7B SIZE=42160
%PROGRAMFILES%\Symantec AntiVirus\NAVNTUTL.DLL [Symantec Corporation] [Symantec AntiVirus] MD5=26902C9A91BD545E75CFEC121B463AD0 SIZE=83280
%COMMONFILES%\Symantec Shared\VirusDefs\20090927.002\ECMSVR32.DLL [Symantec Corporation] [ECOM Server] MD5=605B554657988C0FDD77B9F226F4D8B3 SIZE=259440
%PROGRAMFILES%\Symantec AntiVirus\IMail.dll [Symantec Corporation] [Symantec AntiVirus] MD5=7D7866CD8D8F4F00055440FE76829FAD SIZE=54624
%PROGRAMFILES%\Symantec AntiVirus\DecSDK.dll [Symantec Corporation] [File Decomposer] MD5=27D41D4C58773720A9DE6B33CCA49459 SIZE=62576
%PROGRAMFILES%\Symantec AntiVirus\Dec2.dll [Symantec Corporation] [File Decomposer] MD5=101034E60AC4261D62EB0A4D5529D789 SIZE=91248
%COMMONFILES%\Symantec Shared\SSC\scandlgs.dll [Symantec Corporation] [Symantec AntiVirus] MD5=FA901A32534493312A5D2356AA1619A8 SIZE=238920
%PROGRAMFILES%\Symantec AntiVirus\Dec2ID.dll [Symantec Corporation] [File Decomposer] MD5=52861AA69224759B7FFEC70ABE4EBFD1 SIZE=54384
%PROGRAMFILES%\Symantec AntiVirus\Dec2ZIP.dll [Symantec Corporation] [File Decomposer] MD5=BEF9C387487B1E98BFB9FD85F7CABC09 SIZE=242800
%PROGRAMFILES%\Symantec AntiVirus\Dec2SS.dll [Symantec Corporation] [File Decomposer] MD5=87749B38351738BEAA3F28EA8B562EB6 SIZE=91248
%PROGRAMFILES%\Symantec AntiVirus\Dec2GZIP.dll [Symantec Corporation] [File Decomposer] MD5=B8155ECFDC90FB82780E1ED85396730C SIZE=99440
%PROGRAMFILES%\Symantec AntiVirus\Dec2CAB.dll [Symantec Corporation] [File Decomposer] MD5=78B86C519F4741840945726E67D4D810 SIZE=78960
%PROGRAMFILES%\Symantec AntiVirus\Dec2LHA.dll [Symantec Corporation] [File Decomposer] MD5=46E2BC1188B472B7D649DBC6E8D438BD SIZE=103536
%PROGRAMFILES%\Symantec AntiVirus\Dec2ARJ.dll [Symantec Corporation] [File Decomposer] MD5=1D91F58C5656263485517D95E3E5F5AE SIZE=66672
%PROGRAMFILES%\Symantec AntiVirus\Dec2TNEF.dll [Symantec Corporation] [File Decomposer] MD5=107DE2F99574CEEF274272FAC9D6059B SIZE=91248
%PROGRAMFILES%\Symantec AntiVirus\Dec2LZ.dll [Symantec Corporation] [File Decomposer] MD5=D169C16197CBA60D818E6C1EFE3F13AA SIZE=58480
%PROGRAMFILES%\Symantec AntiVirus\Dec2AMG.dll [Symantec Corporation] [File Decomposer] MD5=34602AB003647BD5B9F9D15FE64D38E2 SIZE=119920
%PROGRAMFILES%\Symantec AntiVirus\Dec2TAR.dll [Symantec Corporation] [File Decomposer] MD5=8127C7FA19F08ACD02D5B7DAAFBD29E7 SIZE=66672
%PROGRAMFILES%\Symantec AntiVirus\Dec2RTF.dll [Symantec Corporation] [File Decomposer] MD5=E9E9CADD178BCA45B0C9F9C1BE25D601 SIZE=83056
%PROGRAMFILES%\Symantec AntiVirus\Dec2Text.dll [Symantec Corporation] [File Decomposer] MD5=10E519278FCDD2B6F0DF4AC691EF00AA SIZE=234608
%WINDIR%\wanmpsvc.exe [America Online, Inc.] [America Online] MD5=909F2DC0DA7F57D229A05EE90647B2C3 SIZE=65536
%PROGRAMFILES%\Symantec AntiVirus\Cliproxy.dll [Symantec Corporation] [Symantec AntiVirus] MD5=B2F2D28775B2EDD411820BCCE427CFA9 SIZE=267600
%COMMONFILES%\Symantec Shared\ccVrTrst.dll [Symantec Corporation] [Common Client] MD5=F46E041719DAB3A776CBD98D15B3BDBD SIZE=115832
%PROGRAMFILES%\WinZip\WZQKPICK.EXE [WinZip Computing, S.L.] [WinZip] MD5=C4C3DB5E3310AC76A8591EF04B765722 SIZE=525640
%SYSDIR%\mmsys.cpl [Microsoft Corporation] [Microsoft(R) Windows (R) 2000 Operating System] MD5=5DEE527242825EF0D7E10B437FD8D843 SIZE=303888
%SYSDIR%\shscrap.dll [Microsoft Corporation] [Microsoft(R) Windows (R) 2000 Operating System] MD5=E5FB42346CCD9B9E7E45ADD3907617BF SIZE=23312
%SYSDIR%\hticons.dll [Hilgraeve, Inc.] [Microsoft(R) Windows (R) 2000 Operating System] MD5=7F985035801423B97250F694961C5A36 SIZE=21776
%SYSDIR%\mstask.dll [Microsoft Corporation] [Microsoft® Windows® Task Scheduler] MD5=C4B3D1C42EEFE4EE910AD72149FEE516 SIZE=218896
%SYSDIR%\webcheck.dll [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=F2786DC35401FCEB401A0F5810E22AB6 SIZE=258048
%COMMONFILES%\Symantec Shared\SSC\vpshell2.dll [Symantec Corporation] [Symantec AntiVirus] MD5=E13F3B595F537B4E71777A3EB236FB18 SIZE=46288
%SYSDIR%\cdfview.dll [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=F2556683EBB530F12AC504750102912F SIZE=143360
%COMMONFILES%\Microsoft Shared\Web Folders\MSONSEXT.DLL [Microsoft Corporation] [SharePoint Portal Server] MD5=32E82A0C6D4272407DC8547354EFA42B SIZE=1293008
%PROGRAMFILES%\Microsoft Office\OFFICE11\MLSHEXT.DLL [Microsoft Corporation] [Microsoft Office Outlook] MD5=283926C9F1D6C0EC263962F684F502A1 SIZE=33120
%PROGRAMFILES%\Microsoft Office\OFFICE11\OLKFSTUB.DLL [Microsoft Corporation] [Microsoft Office Outlook] MD5=EEFF9EB53DE2111DEC77E7C9E8D090F0 SIZE=236384
%PROGRAMFILES%\WinZip\wzshlstb.dll [WinZip Computing LP] [WinZip] MD5=E819E2D346B943F9562436E1ABB50EAE SIZE=5120
%PROGRAMFILES%\WinRAR\rarext.dll MD5=023707D932BA31314210E6844D33D500 SIZE=129024
%SYSDIR%\drivers\Afc.sys [Arcsoft, Inc.] [Arcsoft(R) ASPI Shell] MD5=A7B8A3A79D35215D798A300DF49ED23F SIZE=11776
%SYSDIR%\DRIVERS\cdrom.sys [Microsoft Corporation] [Microsoft(R) Windows (R) 2000 Operating System] MD5=4B86A90A7F0095D514D22A9083826488 SIZE=27984
%SYSDIR%\DRIVERS\disk.sys [Microsoft Corporation] [Microsoft(R) Windows (R) 2000 Operating System] MD5=322B9A3774DBF119F6635A476B0EB058 SIZE=30768
%SYSDIR%\drivers\dmio.sys [VERITAS Software Corp.] [VERITAS® NT Disk Manager] MD5=6B35BFDBDBC247113852F18BF0F10E3C SIZE=137936
%SYSDIR%\drivers\dmload.sys [VERITAS Software Corp.] [Logical Disk Manager for Windows NT] MD5=3F1701FFA97AB012685ABC8A2D6FCE22 SIZE=7312
%SYSDIR%\DRIVERS\fetnd5b.sys [VIA Technologies, Inc.] [VIA Rhine Family Fast Ethernet Adapter] MD5=A306E75D699DA98D0F9286B4E268661D SIZE=41984
%SYSDIR%\DRIVERS\flpydisk.sys [Microsoft Corporation] [Microsoft(R) Windows (R) 2000 Operating System] MD5=6CA845333DA54F27A8657BE7EE0B600D SIZE=19312
%SYSDIR%\Drivers\LxrSII1d.sys MD5=DB7F488269290A8C1907602B7F4C213D SIZE=70016
%SYSDIR%\DRIVERS\ptilink.sys [Parallel Technologies, Inc.] [Microsoft(R) Windows (R) 2000 Operating System] MD5=B78775F217255F786C2E8DBE4334E413 SIZE=17680
%SYSDIR%\DRIVERS\s3gnbm.sys [S3 Graphics, Inc.] [S3 ProSavage(DDR) & Twister Miniport Driver] MD5=5CF6EA833EBD3CF79573E6960F4B9E0B SIZE=167168
%PROGRAMFILES%\Symantec AntiVirus\savrt.sys [Symantec Corporation] [Symantec AntiVirus AutoProtect] MD5=C8023BE4DDA22A52CD2F60D9CB9B3985 SIZE=301200
%PROGRAMFILES%\Symantec AntiVirus\Savrtpel.sys [Symantec Corporation] [Symantec AntiVirus AutoProtect] MD5=30547FD7692DC799A0B397B2B918A158 SIZE=37008
%SYSDIR%\SetupNT.sys MD5=549EA830A5D9EDD9CD14311126C2849B SIZE=3000
%SYSDIR%\Drivers\SYMTDI.SYS [Symantec Corporation] [Symantec Security Drivers] MD5=EC1A39493FB104D317E8271162A74B94 SIZE=263736
%SYSDIR%\DRIVERS\viaagp1.sys [VIA Technologies, Inc.] [VIA CPU to AGP2.0/AGP3.0 Controller] MD5=3369521138FB8980530DA72078DA1368 SIZE=27904
%SYSDIR%\DRIVERS\viaide.sys [VIA Technologies, Inc.] [Microsoft(R) Windows NT(R) Operating System] MD5=B2B04630FE75EF32684E854828B1F764 SIZE=6234
%SYSDIR%\drivers\vinyl97.sys [VIA Technologies, Inc.] [Vinyl AC'97 Codec Combo WDM Driver] MD5=6E6C12D1544E22D36DA77F994FD1F306 SIZE=176128
%SYSDIR%\DRIVERS\videX32.sys [VIA Technologies, Inc.] [VIA PCI IDE MINI Driver] MD5=4CC623591204ACD5FC89BD0DAD70E838 SIZE=13976
%SYSDIR%\Drivers\vulfnth.sys [VIA Technologies, Inc.] [VIA USB Host Controller Lower Filter Driver] MD5=C9A8BA443F809B70BCCCCD60CC73FA5C SIZE=6912
%SYSDIR%\Drivers\vulfntr.sys [VIA Technologies, Inc.] [VIA USB Roothub Lower Filter Driver] MD5=2D8C55889616F7767E9FB8ADEE37A02A SIZE=11392
%SYSDIR%\DRIVERS\wanatw4.sys [America Online, Inc.] [Wan Miniport (ATW)] MD5=0A716C08CB13C3A8F4F51E882DBF7416 SIZE=33588
%SYSDIR%\mscoree.dll [Microsoft Corporation] [Microsoft® .NET Framework] MD5=5AB91FA45D16CF20E420C6E6F7B9FE4F SIZE=270848
%COMMONFILES%\Microsoft Shared\Web Components\10\OWC10.DLL [Microsoft Corporation] [Microsoft Office XP] MD5=AA2204BD7F9FBFAA09EF15C212A67D69 SIZE=7255384

End of Report



What should I do about the threats?

Robert09
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2009-10-14
OS OS : 2000 Pro
Points Points : 26223
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Dr Jay on Fri Oct 23, 2009 4:23 am

Please download the latest version of Kaspersky GetSystemInfo (GSI) from [You must be registered and logged in to see this link.] and save it to your Desktop.
  • Please close all other applications running on your system.
  • Please double click GetSystemInfo.exe to open it.
  • Click the Settings button.
  • Set it to Maximum
  • IMPORTANT! Then please click Customize - choose Driver / Ports tab and
  • Uncheck Scan Ports.
  • Click Create Report to run it.
  • It will create a zip folder called GetSystemInfo_XXXXXXXXXXXXXX.zip on your Desktop. Please upload the folder to [You must be registered and logged in to see this link.] and click the Submit button.

Please copy and paste the url of the GSI Parser report (not the log) in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13717
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302127
# Likes # Likes : 10

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Robert09 on Fri Oct 23, 2009 7:08 pm

I saved kapersky.fr to my Desktop but when I tried to open it, it said "This operating system is not supported. Please use GetSystemInfo 3.0.0.5". Then it asks "Do you want to install anyway?" So I clicked yes and it downloaded again as Zip file. However when I tried to open the Zip file, a WinZip window comes up asking me to register in order to use it.

Robert09
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2009-10-14
OS OS : 2000 Pro
Points Points : 26223
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Dr Jay on Fri Oct 23, 2009 7:27 pm

Download and install [You must be registered and logged in to see this link.]
Open it.
1: In left pane expand Computer folder.
2: Click once on Summary
3: In upper menu, go Report
4: And then to Quick Report-Summary
5: Save it in text file, and paste it in your next post.


DO NOT INCLUDE ANYTHING UNDER THE LINE THAT SAYS "DEBUG- PCI"


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13717
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302127
# Likes # Likes : 10

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Robert09 on Fri Oct 23, 2009 7:39 pm

--------[ EVEREST Home Edition (c) 2003-2005 Lavalys, Inc. ]------------------------------------------------------------

Version EVEREST v2.20.405
Homepage [You must be registered and logged in to see this link.]
Report Type Quick Report
Computer WS24
Generator Administrator
Operating System Microsoft Windows 2000 Professional 5.0.2195 (Win2000 Retail)
Date 2009-10-23
Time 12:35


--------[ Summary ]-----------------------------------------------------------------------------------------------------

Computer:
Operating System Microsoft Windows 2000 Professional
OS Service Pack Service Pack 4
DirectX 4.09.00.0904 (DirectX 9.0c)
Computer Name WS24
User Name Administrator

Motherboard:
CPU Type Intel Pentium 4, 2400 MHz (18 x 133)
Motherboard Name VIARAMA U8668 (Pro) (3 PCI, 1 AGP, 1 CNR, 2 SDR DIMM, 2 DDR DIMM, Audio, Video, LAN)
Motherboard Chipset VIA VT8751 Apollo P4M266
System Memory 736 MB (PC2700 DDR SDRAM)
BIOS Type Award (04/09/04)
Communication Port Communications Port (COM1)
Communication Port Printer Port (LPT1)

Display:
Video Adapter S3 Graphics ProSavageDDR (32 MB)
3D Accelerator S3 ProSavageDDR
Monitor LG L1511SK [15" LCD] (140372473)

Multimedia:
Audio Adapter VIA AC'97 Enhanced Audio Controller

Storage:
IDE Controller VIA Bus Master IDE Controller - 0571
Floppy Drive Floppy disk drive
Disk Drive WDC WD800BB-00FJA0 (74 GB, IDE)
Disk Drive EPSON Stylus Storage USB Device
Optical Drive SONY CD-ROM CDU5211 (52x CD-ROM)
SMART Hard Disks Status OK

Partitions:
C: (NTFS) 76316 MB (64823 MB free)

Input:
Keyboard Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Mouse PS/2 Compatible Mouse

Network:
Network Adapter VIA Rhine II Fast Ethernet Adapter (76.171.37.85)

Peripherals:
USB1 Controller VIA VT83C572 PCI-USB Controller
USB1 Controller VIA VT83C572 PCI-USB Controller
USB1 Controller VIA VT83C572 PCI-USB Controller
USB2 Controller VIA USB 2.0 Enhanced Host Controller
USB Device EPSON CX8300/CX8400/DX8400
USB Device USB Composite Device
USB Device USB Mass Storage Device
USB Device USB Printing Support

Robert09
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2009-10-14
OS OS : 2000 Pro
Points Points : 26223
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Dr Jay on Fri Oct 23, 2009 7:57 pm

Please download [You must be registered and logged in to see this link.]

Install program.

WHEN opened, CLICK analyze. THEN SCROLL down to Analysis, and post THE results.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13717
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302127
# Likes # Likes : 10

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Robert09 on Fri Oct 23, 2009 9:55 pm

rash dump directory: C:\WINNT\Minidump

Crash dumps are enabled on your computer.


No crash dumps have been found on your computer.

Robert09
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2009-10-14
OS OS : 2000 Pro
Points Points : 26223
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Robert09 on Fri Oct 23, 2009 10:09 pm

DMJ - I was able to find GetSystemInfo 3.0.0.5 online and I saved it to my desktop. However when I tried it open it, it just gave me an option to save it, so I saved it. When I went to the C: drive and tried to open it, it came up as a Notepad document. I tried to post it but it says the message was too big. If you want I can break it down into parts and post what came up if you think that would help.

Let me know.

Robert09
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2009-10-14
OS OS : 2000 Pro
Points Points : 26223
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Robert09 on Fri Oct 23, 2009 10:28 pm

Here it is just in case:

GetSystemInfo version 3.0.0.5:
------------------------------
HARDWARE Information:
---------------------
Processor:
Intel(R) Pentium(R) 4 CPU 2.40GHz 2405 MHz

Processors number:
1

BIOS:
Phoenix - AwardBIOS v6.00PG Phoenix-Award BIOS v6.00PG BIOS Date: 04/09/04

System Date:
23/10/2009 (dd/mm/yyyy)

Total phisical memory:
735,496 Mb

Total virtual memory:
2047,896 Mb

Available phisical memory:
735,496 Mb

Available virtual memory:
2016,064 Mb

Hard drives:
WDC WD800BB-00FJA0

Logical disks structure:
a:\ REMOVABLE Full size - 0 Mb, Free size - 0 Mb, File system -
c:\ fȋxed SYSTEM Full size - 76316 Mb, Free size - 64816 Mb, File system - NTFS
d:\ CDROM Full size - 76316 Mb, Free size - 64816 Mb, File system -
e:\ REMOVABLE Full size - 76316 Mb, Free size - 64816 Mb, File system -

Video adapters:
S3 Graphics ProSavageDDR
DRIVER - system32\DRIVERS\s3gnbm.sys ("c:\winnt\system32\drivers\s3gnbm.sys") File version = 6.14.10.0033-13.94.33, File size = 167168, File modification date = 13/08/2004 20:42, File description = S3 ProSavage(DDR) & Twister Miniport Driver, Product Name = S3 ProSavage(DDR) & Twister Miniport Driver, Product version = 6.14.10.0033-13.94.33, Company name = S3 Graphics, Inc. (Copyright (c) 2004 by S3 Graphics, Inc.) |-208207382|0x5cf6ea833ebd3cf79573e6960f4b9e0b|
S3 Graphics ProSavageDDR
DRIVER - system32\DRIVERS\s3gnbm.sys ("c:\winnt\system32\drivers\s3gnbm.sys") File version = 6.14.10.0033-13.94.33, File size = 167168, File modification date = 13/08/2004 20:42, File description = S3 ProSavage(DDR) & Twister Miniport Driver, Product Name = S3 ProSavage(DDR) & Twister Miniport Driver, Product version = 6.14.10.0033-13.94.33, Company name = S3 Graphics, Inc. (Copyright (c) 2004 by S3 Graphics, Inc.) |-208207382|0x5cf6ea833ebd3cf79573e6960f4b9e0b|

NetWork adapters:
VIA Rhine II Fast Ethernet Adapter
DRIVER - system32\DRIVERS\fetnd5b.sys ("c:\winnt\system32\drivers\fetnd5b.sys") File version = 3.22.00.0407, File size = 41984, File modification date = 29/07/2003 03:31, File description = NDIS 5.0 miniport driver, Product Name = VIA Rhine Family Fast Ethernet Adapter , Product version = 3.22.00.0407, Company name = VIA Technologies, Inc. (VIA Technologies, Inc. ) |1685419942|0xa306e75d699da98d0f9286b4e268661d|

Modems:

Multimedia:
Microsoft Kernel GS Wavetable Synthesizer
DRIVER - system32\drivers\swmidi.sys ("c:\winnt\system32\drivers\swmidi.sys") File version = 5.00.2195.6655, File size = 53552, File modification date = 19/06/2003 12:05, File description = Microsoft GS Wavetable Synthesizer, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |586389250|0x8c7cd06d097a59391d94b59715fca67c|
Microsoft DirectMusic SW Synth (WDM)
DRIVER - system32\drivers\DMusic.sys ("c:\winnt\system32\drivers\dmusic.sys") File version = 5.00.2166.1, File size = 51152, File modification date = 28/10/1999 15:24, File description = Microsoft DirectMusic Software Synthesizer (WDM), Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2166.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |838142286|0x3431984234b5988d4c09f043cf4cd779|
Microsoft Streaming Service Proxy
DRIVER - system32\drivers\MSKSSRV.sys ("c:\winnt\system32\drivers\mskssrv.sys") File version = 5.3.0000000.900 built by: DIRECTX, File size = 7424, File modification date = 12/12/2002 08:14, File description = MS KS Server, Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |369150494|0x85736f804191cb420a31aca2a7f0674f|
Microsoft Streaming Clock Proxy
DRIVER - system32\drivers\MSPCLOCK.sys ("c:\winnt\system32\drivers\mspclock.sys") File version = 5.3.0000000.900 built by: DIRECTX, File size = 5248, File modification date = 12/12/2002 08:14, File description = MS Proxy Clock, Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1959050085|0xe943adb93d83c5cbc0ca3f53f53b48cc|
Microsoft Kernel System Renderer
DRIVER - system32\drivers\sysaudio.sys ("c:\winnt\system32\drivers\sysaudio.sys") File version = 5.00.2195.6655, File size = 47568, File modification date = 19/06/2003 12:05, File description = System Audio WDM Filter, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-56662383|0x6c14d96f8c1ba929fad4ba40a29217fa|
Microsoft Kernel Audio Mixer
DRIVER - system32\drivers\kmixer.sys ("c:\winnt\system32\drivers\kmixer.sys") File version = 5.00.2195.6655, File size = 148304, File modification date = 19/06/2003 12:05, File description = Kernel Mode Audio Mixer, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1778557455|0x8e198ec9e823aa42edf45b07efe395ac|
Microsoft WINMM WDM Audio Compatibility Driver
DRIVER - system32\drivers\wdmaud.sys ("c:\winnt\system32\drivers\wdmaud.sys") File version = 5.00.2195.6655, File size = 73872, File modification date = 19/06/2003 12:05, File description = MMSYSTEM Wave/Midi API mapper, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |169788773|0x997d25513bc89614417829b5bec7c75c|
Microsoft Streaming Quality Manager Proxy
DRIVER - system32\drivers\MSPQM.sys ("c:\winnt\system32\drivers\mspqm.sys") File version = 5.00.2134.1, File size = 4816, File modification date = 25/09/1999 10:36, File description = MS Proxy Quality Manager, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |732880338|0xbb041315c9930063e5eab0bee90acff6|
Microsoft Streaming Network Raw Channel Access
DRIVER - system32\drivers\RCA.sys ("c:\winnt\system32\drivers\rca.sys") File version = 5.00.2164.1, File size = 21712, File modification date = 14/07/2003 12:00, File description = RCA filter, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2164.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |331263198|0xafce1f733a6aa3a90ac60794dfb26104|
Microsoft Streaming Network Raw Channel Access
DRIVER - system32\drivers\RCA.sys ("c:\winnt\system32\drivers\rca.sys") File version = 5.00.2164.1, File size = 21712, File modification date = 14/07/2003 12:00, File description = RCA filter, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2164.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |331263198|0xafce1f733a6aa3a90ac60794dfb26104|
Microsoft Streaming Network Raw Channel Access
DRIVER - system32\drivers\RCA.sys ("c:\winnt\system32\drivers\rca.sys") File version = 5.00.2164.1, File size = 21712, File modification date = 14/07/2003 12:00, File description = RCA filter, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2164.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |331263198|0xafce1f733a6aa3a90ac60794dfb26104|
Microsoft Streaming Network Raw Channel Access
DRIVER - system32\drivers\RCA.sys ("c:\winnt\system32\drivers\rca.sys") File version = 5.00.2164.1, File size = 21712, File modification date = 14/07/2003 12:00, File description = RCA filter, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2164.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |331263198|0xafce1f733a6aa3a90ac60794dfb26104|
Microsoft Streaming Network Raw Channel Access
DRIVER - system32\drivers\RCA.sys ("c:\winnt\system32\drivers\rca.sys") File version = 5.00.2164.1, File size = 21712, File modification date = 14/07/2003 12:00, File description = RCA filter, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2164.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |331263198|0xafce1f733a6aa3a90ac60794dfb26104|
Microsoft Streaming Network Raw Channel Access
DRIVER - system32\drivers\RCA.sys ("c:\winnt\system32\drivers\rca.sys") File version = 5.00.2164.1, File size = 21712, File modification date = 14/07/2003 12:00, File description = RCA filter, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2164.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |331263198|0xafce1f733a6aa3a90ac60794dfb26104|
Microsoft Streaming Network Raw Channel Access
DRIVER - system32\drivers\RCA.sys ("c:\winnt\system32\drivers\rca.sys") File version = 5.00.2164.1, File size = 21712, File modification date = 14/07/2003 12:00, File description = RCA filter, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2164.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |331263198|0xafce1f733a6aa3a90ac60794dfb26104|
Microsoft Streaming Network Raw Channel Access
DRIVER - system32\drivers\RCA.sys ("c:\winnt\system32\drivers\rca.sys") File version = 5.00.2164.1, File size = 21712, File modification date = 14/07/2003 12:00, File description = RCA filter, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2164.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |331263198|0xafce1f733a6aa3a90ac60794dfb26104|
Microsoft Streaming Network Raw Channel Access
DRIVER - system32\drivers\RCA.sys ("c:\winnt\system32\drivers\rca.sys") File version = 5.00.2164.1, File size = 21712, File modification date = 14/07/2003 12:00, File description = RCA filter, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2164.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |331263198|0xafce1f733a6aa3a90ac60794dfb26104|
Vinyl AC'97 Codec Combo Driver (WDM)
DRIVER - system32\drivers\vinyl97.sys ("c:\winnt\system32\drivers\vinyl97.sys") File version = 6.14.01.4090 built by: WinDDK, File size = 176128, File modification date = 01/02/2005 23:39, File description = Vinyl AC'97 Codec Combo WDM Driver, Product Name = Vinyl AC'97 Codec Combo WDM Driver, Product version = 6.14.01.4090, Company name = VIA Technologies, Inc. (Copyright (C) VIA Technologies, Inc. 1999-2004) |837740645|0x6e6c12d1544e22d36da77f994fd1f306|
BDA MPE Filter
DRIVER - system32\DRIVERS\MPE.sys ("c:\winnt\system32\drivers\mpe.sys") File version = 5.3.0000000.900 built by: DIRECTX, File size = 15104, File modification date = 09/07/2004 10:58, File description = Microsoft MPE to IP Filter, Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1601554581|0x83eff7b976ae24f1a496ca94a8a19919|
BDA IPSink
DRIVER - system32\DRIVERS\StreamIP.sys ("c:\winnt\system32\drivers\streamip.sys") File version = 5.3.0000000.900 built by: DIRECTX, File size = 14976, File modification date = 09/07/2004 10:58, File description = Microsoft IP Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1913412072|0x4544fd0db39cb7b385a5392c068162cd|
BDA Slip De-Framer
DRIVER - system32\DRIVERS\SLIP.sys ("c:\winnt\system32\drivers\slip.sys") File version = 5.3.0000000.900 built by: DIRECTX, File size = 10880, File modification date = 09/07/2004 10:58, File description = Microsoft Slip Deframing Filter Minidriver, Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-6628536|0x92723fbdd30771c293fe5ed266a31ca6|
Closed Caption Decoder
DRIVER - system32\drivers\ccdecode.sys ("c:\winnt\system32\drivers\ccdecode.sys") File version = 5.3.0000000.900 built by: DIRECTX, File size = 16384, File modification date = 09/07/2004 10:58, File description = WDM Closed Caption VBI Codec, Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |891040427|0x1478e6a09512235b9e119d2920477021|
NABTS/FEC VBI Codec
DRIVER - system32\DRIVERS\NABTSFEC.sys ("c:\winnt\system32\drivers\nabtsfec.sys") File version = 5.3.0000000.900 built by: DIRECTX, File size = 83968, File modification date = 09/07/2004 10:58, File description = WDM NABTS/FEC VBI Codec, Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-41937467|0xbb1c45d114b6dab0babf6b2fb0336db2|
World Standard Teletext Codec
DRIVER - system32\DRIVERS\WSTCODEC.SYS ("c:\winnt\system32\drivers\wstcodec.sys") File version = 5.3.0000000.900 built by: DIRECTX, File size = 18688, File modification date = 09/07/2004 10:58, File description = WDM WST Codec Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (Copyright (C) Philips Semiconductors. 1981-1999) |-1635136304|0x04aca6442e639a794293828e8dda7a44|
Microsoft Streaming Tee/Sink-to-Sink Converter
DRIVER - system32\drivers\MSTEE.sys ("c:\winnt\system32\drivers\mstee.sys") File version = 5.3.0000000.900 built by: DIRECTX, File size = 5504, File modification date = 12/12/2002 08:14, File description = WDM Tee/Communication Transform Filter , Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1743084846|0xd5059366b361f0e1124753447af08aa2|
Microsoft Streaming Tee/Sink-to-Sink Converter
DRIVER - system32\drivers\MSTEE.sys ("c:\winnt\system32\drivers\mstee.sys") File version = 5.3.0000000.900 built by: DIRECTX, File size = 5504, File modification date = 12/12/2002 08:14, File description = WDM Tee/Communication Transform Filter , Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1743084846|0xd5059366b361f0e1124753447af08aa2|
Microsoft Streaming Tee/Sink-to-Sink Converter
DRIVER - system32\drivers\MSTEE.sys ("c:\winnt\system32\drivers\mstee.sys") File version = 5.3.0000000.900 built by: DIRECTX, File size = 5504, File modification date = 12/12/2002 08:14, File description = WDM Tee/Communication Transform Filter , Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1743084846|0xd5059366b361f0e1124753447af08aa2|
Microsoft Streaming Tee/Sink-to-Sink Converter
DRIVER - system32\drivers\MSTEE.sys ("c:\winnt\system32\drivers\mstee.sys") File version = 5.3.0000000.900 built by: DIRECTX, File size = 5504, File modification date = 12/12/2002 08:14, File description = WDM Tee/Communication Transform Filter , Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1743084846|0xd5059366b361f0e1124753447af08aa2|

Printers:

Removable devices:
Floppy disk drive
DRIVER - system32\DRIVERS\flpydisk.sys ("c:\winnt\system32\drivers\flpydisk.sys") File version = 5.00.2195.6655, File size = 19312, File modification date = 14/07/2003 12:00, File description = Floppy Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1787644983|0x6ca845333da54f27a8657be7ee0b600d|
SONY CD-ROM CDU5211
DRIVER - system32\DRIVERS\cdrom.sys ("c:\winnt\system32\drivers\cdrom.sys") File version = 5.00.2195.6655, File size = 27984, File modification date = 14/07/2003 12:00, File description = SCSI CD-ROM Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-637534207|0x4b86a90a7f0095d514d22a9083826488|

SOFTWARE Information:
---------------------
Operation system:
Microsoft Windows 2000 Professional, 5.0.2195 Service Pack 4

Environment variables:
=::=::\
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Administrator\Application Data
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=WS24
ComSpec=C:\WINNT\system32\cmd.exe
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Administrator
LOGONSERVER=\\WS24
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Os2LibPath=C:\WINNT\system32\os2\dll;
Path=C:\Program Files\Mozilla Firefox;C:\WINNT\system32;C:\WINNT;C:\WINNT\system32\wbem;C:\Program Files\Integrad.3\MIV;;C:\PROGRA~1\COMMON~1\MUVEET~1\030625
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 3 Stepping 3, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0303
ProgramFiles=C:\Program Files
SystemDrive=C:
SystemRoot=C:\WINNT
TEMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
USERDOMAIN=WS24
USERNAME=Administrator
USERPROFILE=C:\Documents and Settings\Administrator
windir=C:\WINNT

Installed network protocols:
---------clients---------
Client for Microsoft Networks
DRIVER - %SystemRoot%\system32\services.exe ("C:\WINNT\system32\services.exe") File version = 5.00.2195.7035, File size = 92944, File modification date = 08/04/2005 11:51, File description = Services and Controller app, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7035, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2029553772|0xb861b4e6e9637eb76a40c10c552e0229|
--------protocol---------
Message-oriented TCP/IP Protocol (SMB session)
Remote Access NDIS WAN Driver
DRIVER - system32\DRIVERS\ndiswan.sys ("c:\winnt\system32\drivers\ndiswan.sys") File version = 5.00.2195.6699, File size = 93360, File modification date = 14/07/2003 12:00, File description = MS WAN Wrapper Network Driver (US/Canada Only, Not for Export), Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6699, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |649307845|0xb86a37aa73868343a9eee148fdfce1e0|
Layer 2 Tunneling Protocol
NDIS Usermode I/O Protocol
DRIVER - system32\DRIVERS\ndisuio.sys ("c:\winnt\system32\drivers\ndisuio.sys") File version = 5.00.2195.6655, File size = 11984, File modification date = 14/07/2003 12:00, File description = NDIS User mode I/O Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1892882990|0x69ecae880bdac3c288f0508df9cdeef0|
WINS Client(TCP/IP) Protocol
DRIVER - system32\DRIVERS\netbt.sys ("c:\winnt\system32\drivers\netbt.sys") File version = 5.00.2195.7006, File size = 175632, File modification date = 08/04/2005 11:51, File description = MBT Transport driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7006, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1487587570|0xa7ca87628217bbf4a6f501db65b19e9d|
Internet Protocol (TCP/IP)
DRIVER - system32\DRIVERS\tcpip.sys ("c:\winnt\system32\drivers\tcpip.sys") File version = 5.00.2195.7162, File size = 320528, File modification date = 18/06/2008 10:05, File description = TCP/IP driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7162, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1242875359|0x02fae418bd28e185a4909e5869497de5|
Point to Point Tunneling Protocol
--------services---------
Generic Packet Classifier
DRIVER - system32\DRIVERS\msgpc.sys ("c:\winnt\system32\drivers\msgpc.sys") File version = 5.00.2195.6655, File size = 34704, File modification date = 14/07/2003 12:00, File description = MS General Packet Classifier, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2116352398|0x6667d07854a3ae7715d22b82761cf0e7|
Steelhead
DRIVER - %SystemRoot%\system32\svchost.exe -k netsvcs ("C:\WINNT\system32\svchost.exe") File version = 5.00.2134.1, File size = 7952, File modification date = 14/07/2003 12:00, File description = Generic Host Process for Win32 Services, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |908098879|0x9e64ad53cfd9da2d22e8a924f8c6e62c|
QoS RSVP
DRIVER - %SystemRoot%\system32\rsvp.exe -s ("C:\WINNT\system32\rsvp.exe") File version = 5.00.2195.6663, File size = 176912, File modification date = 14/07/2003 12:00, File description = Microsoft RSVP 1.0, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6663, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |127861658|0x2a21bddb1ba9b5cd776949380ab46a76|
File and Printer Sharing for Microsoft Networks
DRIVER - %SystemRoot%\system32\services.exe ("C:\WINNT\system32\services.exe") File version = 5.00.2195.7035, File size = 92944, File modification date = 08/04/2005 11:51, File description = Services and Controller app, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7035, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2029553772|0xb861b4e6e9637eb76a40c10c552e0229|
Dial-Up Client
Remote Access Connection Manager
DRIVER - %SystemRoot%\system32\svchost.exe -k netsvcs ("C:\WINNT\system32\svchost.exe") File version = 5.00.2134.1, File size = 7952, File modification date = 14/07/2003 12:00, File description = Generic Host Process for Win32 Services, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |908098879|0x9e64ad53cfd9da2d22e8a924f8c6e62c|
NetBIOS Interface
DRIVER - system32\DRIVERS\netbios.sys ("c:\winnt\system32\drivers\netbios.sys") File version = 5.00.2149.1, File size = 33456, File modification date = 14/07/2003 12:00, File description = NetBIOS interface driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2149.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |66866062|0x5151e6020a26bf7bc21c18fd612506bd|
Dial-Up Server
Wireless Configuration
DRIVER - %SystemRoot%\System32\svchost.exe -k netsvcs ("C:\WINNT\system32\svchost.exe") File version = 5.00.2134.1, File size = 7952, File modification date = 14/07/2003 12:00, File description = Generic Host Process for Win32 Services, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |908098879|0x9e64ad53cfd9da2d22e8a924f8c6e62c|
-----------by type----------
MSAFD Tcpip [TCP/IP]
MSAFD Tcpip [UDP/IP]
MSAFD Tcpip [RAW/IP]
RSVP UDP Service Provider
RSVP TCP Service Provider
MSAFD NetBIOS [\Device\NetBT_Tcpip_{D6F1763D-3CAB-4C6D-BB0B-F974E2E9DC65}] SEQPACKET 0
MSAFD NetBIOS [\Device\NetBT_Tcpip_{D6F1763D-3CAB-4C6D-BB0B-F974E2E9DC65}] DATAGRAM 0
MSAFD NetBIOS [\Device\NetBT_Tcpip_{51EFD6FA-542B-4EAF-B67E-08A1DB246B8E}] SEQPACKET 1
MSAFD NetBIOS [\Device\NetBT_Tcpip_{51EFD6FA-542B-4EAF-B67E-08A1DB246B8E}] DATAGRAM 1
MSAFD NetBIOS [\Device\NetBT_Tcpip_{2A124E8B-C980-4AF4-8CD2-C373C9CAD213}] SEQPACKET 2
MSAFD NetBIOS [\Device\NetBT_Tcpip_{2A124E8B-C980-4AF4-8CD2-C373C9CAD213}] DATAGRAM 2
MSAFD NetBIOS [\Device\NetBT_Tcpip_{36234031-18A0-4BCC-933F-5018269884B4}] SEQPACKET 3
MSAFD NetBIOS [\Device\NetBT_Tcpip_{36234031-18A0-4BCC-933F-5018269884B4}] DATAGRAM 3
MSAFD NetBIOS [\Device\NetBT_Tcpip_{481F1465-BFBD-4C77-A67E-2A1215BB5C42}] SEQPACKET 4
MSAFD NetBIOS [\Device\NetBT_Tcpip_{481F1465-BFBD-4C77-A67E-2A1215BB5C42}] DATAGRAM 4

Installed applications/hotfixes:
Adobe Flash Player 10 ActiveX 10.0.32.18 (Adobe Systems Incorporated)
DEINSTALLATION: C:\WINNT\system32\Macromed\Flash\uninstall_activeX.exe
Uninstall AOL Emergency Connect Utility 1.0
DEINSTALLATION: C:\Program Files\Common Files\AOL\ECU\uninst.exe
AOL Instant Messenger (SM)
DEINSTALLATION: C:\PROGRA~1\AIM95\uninstll.exe -LOG= C:\PROGRA~1\AIM95\install.log -OEM=
AOL Uninstaller (Choose which Products to Remove)
DEINSTALLATION: C:\Program Files\Common Files\AOL\uninstaller.exe
Canon Camera Window DC_DV 5 for ZoomBrowser EX 5.4.5.17
DEINSTALLATION: "C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini"
Canon Camera Window DC_DV 6 for ZoomBrowser EX 6.4.0.9
DEINSTALLATION: "C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"
Canon Camera Window MC 6 for ZoomBrowser EX 6.3.0.8
DEINSTALLATION: "C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowMC\Uninst.ini"
Canon G.726 WMP-Decoder 1.1.0.4
DEINSTALLATION: "C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\G726Decoder\G726DecUnInstall.ini"
CCleaner (remove only) (Piriform)
DEINSTALLATION: "C:\Program Files\CCleaner\uninst.exe"
Canon Camera Support Core Library 7.3.1.6
DEINSTALLATION: "C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini"
Canon Utilities EOS Utility 1.1.0.8
DEINSTALLATION: "C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini"
EPSON Printer Software (SEIKO EPSON Corporation)
DEINSTALLATION: C:\WINNT\system32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Scan
DEINSTALLATION: C:\Program Files\epson\escndv\setup\setup.exe /r
ESET Online Scanner v3
DEINSTALLATION: C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
EVEREST Home Edition v2.20 2.20 (Lavalys Inc)
DEINSTALLATION: "C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
Internet Explorer Exception pack
DEINSTALLATION: "C:\Program Files\Internet Explorer\W2K\expinst.exe" /EU ieexinst.inf
Free Window Registry Repair
DEINSTALLATION: C:\PROGRA~1\FREEWI~1\UNWISE.EXE C:\PROGRA~1\FREEWI~1\INSTALL.LOG
HijackThis 2.0.2 2.0.2 (TrendMicro)
DEINSTALLATION: "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Internet Explorer ReadMe
DEINSTALLATION: rundll32 advpack.dll,LaunchINFSectionEx C:\WINNT\INF\iereadme.inf,,,256
VIA Platform Device Manager (English) 1.34, installation data=20091019 (VIA Technologies, Inc.)
DEINSTALLATION: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
Canon Camera TWAIN Driver 6.7 (English) 6.7.1, installation data=20080605 (Canon)
DEINSTALLATION: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{6D63A7D5-ACD1-4322-B1A6-52C9E530040D} /l1033
Hotfix for MDAC 2.53 (KB927779) 1, installation data=20090318 (Microsoft Corporation)
DEINSTALLATION: "C:\WINNT\$SQLUninstallMDAC25SP3-KB927779-x86-ENU$\spuninst\spuninst.exe"
LimeWire 4.16.6 4.16.6 (Lime Wire, LLC)
DEINSTALLATION: "C:\Program Files\LimeWire\uninstall.exe"
Microsoft .NET Framework 2.0 (Microsoft Corporation)
DEINSTALLATION: C:\WINNT\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Office Live Meeting (Microsoft)
DEINSTALLATION: C:\Program Files\Microsoft Office\Live Meeting\Quicksilver\quicksilver.exe -UALL
Canon MovieEdit Task for ZoomBrowser EX 2.4.0.14
DEINSTALLATION: "C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\MVWUninst.ini"
Mozilla Firefox (2.0.0.20) 2.0.0.20 (en-US) (Mozilla)
DEINSTALLATION: C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Windows Installer 3.0 (KB884016) 3.0 (Microsoft Corporation)
DEINSTALLATION: C:\WINNT\$MSI30UninstallMSI30-KB884016$\spuninst\spuninst.exe
ProSavageDDR and Utilities
DEINSTALLATION: C:\PROGRA~1\S3\P4M266\s3setvga.exe -s -fC:\PROGRA~1\S3\P4M266\P4M266.uns
Pdf995
DEINSTALLATION: C:\Program Files\pdf995\setup.exe uninstall
Canon Utilities PhotoStitch 3.1.19.43
DEINSTALLATION: "C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini"
Microsoft Digital Image Suite 10 (English) 10.0.0612 (Microsoft Corporation)
DEINSTALLATION: "C:\Program Files\Common Files\Microsoft Shared\Picture It!\RmvSuite.exe" ADDREMOVE=1 SKU=SUITE
Windows 2000 Hotfix (SP5) Q818043 20030501.174006 (Microsoft Corporation)
DEINSTALLATION: C:\WINNT\$NtUninstallQ818043$\spuninst\spuninst.exe
Windows Media Player Hotfix [See Q828026 for more information] (Microsoft Corporation)
DEINSTALLATION: C:\WINNT\$NtUninstallQ828026$\spuninst\spuninst.exe
Canon RAW Image Task for ZoomBrowser EX 2.6.0.13
DEINSTALLATION: "C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini"
RealPlayer (RealNetworks)
DEINSTALLATION: C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Canon RemoteCapture Task for ZoomBrowser EX 1.7.0.8
DEINSTALLATION: "C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"
S3Display
DEINSTALLATION: s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Display'
S3Gamma2
DEINSTALLATION: s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Gamma2'
S3Info2
DEINSTALLATION: s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Info2'
S3Overlay
DEINSTALLATION: s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Overlay'
EPSON CX8400 User's Guide
DEINSTALLATION: C:\Program Files\epson\guide\cx8400_e\uninstall.exe
SopCast 3.0.3 3.0.3 (SopCast.com)
DEINSTALLATION: C:\Program Files\SopCast\uninst.exe
Spyware Terminator 2.6.1.239, installation data=20091013 (Crawler Inc.)
DEINSTALLATION: "C:\Program Files\Spyware Terminator\unins000.exe"
TeamViewer 4 4.1.6911 (TeamViewer GmbH)
DEINSTALLATION: C:\Program Files\TeamViewer\Version4\uninstall.exe
TVUPlayer 2.3.0.0 2.3.0.0 (TVU networks, Inc.)
DEINSTALLATION: C:\Program Files\TVUPlayer\uninst.exe
Update Rollup 1 for Windows 2000 SP4 20050809.32623 (Microsoft Corporation)
DEINSTALLATION: "C:\WINNT\$NtUpdateRollupPackUninstall$\spuninst\spuninst.exe"
VIA Audio Driver Setup Program
DEINSTALLATION: RunDll32.exe UnAudioNT.dll,UninstallAudio C:\WINNT\IsUninst.exe -f"C:\PROGRA~1\VIATEC~1\VIAAUD~1/Uninst.isu"
Viewpoint Media Player (Remove Only)
DEINSTALLATION: C:\Program Files\Viewpoint\Viewpoint Experience Technology\\mtsAxInstaller.exe /u
WhoCrashed 1.01, installation data=20091023 (Resplendence Software Projects Sp.)
DEINSTALLATION: "C:\Program Files\WhoCrashed\unins000.exe"
Windows Live OneCare safety scanner
DEINSTALLATION: RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
WinRAR archiver
DEINSTALLATION: C:\Program Files\WinRAR\uninstall.exe
Windows Media Player system update (9 Series)
DEINSTALLATION: C:\PROGRA~1\WINDOW~2\setup_wm.exe /Uninstall
Canon Utilities ZoomBrowser EX 5.8.0.74
DEINSTALLATION: "C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini"
Microsoft Office Live Meeting 2005 (English) 7.4.2121.3, installation data=20051213 (Microsoft Corporation)
DEINSTALLATION: MsiExec.exe /I{007F4F0A-CC46-4C8F-A2AE-26E802625BF3}
Macromedia Flash Player (English) 7.0.19.0, installation data=20051102 (Macromedia, Inc.)
DEINSTALLATION: MsiExec.exe /X{0456ebd7-5f67-4ab6-852e-63781e3f389c}
ArcSoft Print Creations (ArcSoft)
DEINSTALLATION: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0D6D96F4-0CAF-4522-B05F-70A88EDECDFD}\Setup.exe" -l0x9
Platform (English) 1.34, installation data=20091019 (VIA Technologies, Inc.)
EPSON Stylus CX8400 Series Scanner Driver Update
DEINSTALLATION: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{24ADC0E4-8D3E-40C4-9106-F2DE5E9112F1}\Setup.exe" -l0x9
Java(TM) 6 Update 16 (English) 6.0.160, installation data=20091014 (Sun Microsystems, Inc.)
DEINSTALLATION: MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
QuickBooks Pro Edition 2004
DEINSTALLATION: C:\Program Files\Installshield Installation Information\{2b02f822-a9b9-458c-80e5-3ea8c0de8471}\QBReplace.exe {2b02f822-a9b9-458c-80e5-3ea8c0de8471}#{2B02F82E-A9B9-458C-80E5-3EA8C0DE8471}
Microsoft Easy Assist v2 (English) 8.1.6416.0, installation data=20091014 (Microsoft Corporation)
DEINSTALLATION: MsiExec.exe /I{326957C7-83FD-4550-A59A-849B7B4297DE}
Microsoft Digital Image Library 10 (English) 10.0.0612, installation data=20040922 (Microsoft Corporation)
Microsoft Digital Image Pro 10 (English) 10.0.0612, installation data=20040922 (Microsoft Corporation)
TaxCut California 2007 (English) 1.07.6601, installation data=20080414 (H&R Block Digital Tax Solutions LLC.)
DEINSTALLATION: MsiExec.exe /X{5FF4A578-4588-4ACF-8317-7191FC45F3E1}
Remote Desktop Connection (English) 5.1.2600.0, installation data=20040501 (Microsoft)
DEINSTALLATION: MsiExec.exe /X{60B9A48D-559E-43FA-8F28-D657190E4E52}
Canon Camera TWAIN Driver (English) 6.7.1, installation data=20080605 (Canon)
WebFldrs (English) 9.50.7522, installation data=20040501 (Microsoft Corporation)
Microsoft .NET Framework 2.0 (English) 2.0.50727, installation data=20091019 (Microsoft Corporation)
VC80CRTRedist - 8.0.50727.762 (English) 1.0.0, installation data=20090513 (DivX, Inc)
DEINSTALLATION: MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
Symantec AntiVirus (English) 9.0.110, installation data=20080211 (Symantec Corporation)
DEINSTALLATION: MsiExec.exe /I{848AC794-8B81-440A-81AE-6474337DB527}
QFolder (English) 1.00.0000, installation data=20060727 (Hewlett-Packard)
Microsoft Silverlight (English) 2.0.40115.0, installation data=20090612 (Microsoft Corporation)
DEINSTALLATION: MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Compatibility Pack for the 2007 Office system (English) 12.0.6021.5000, installation data=20091008 (Microsoft Corporation)
DEINSTALLATION: MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003 (English) 11.0.8173.0, installation data=20091008 (Microsoft Corporation)
DEINSTALLATION: MsiExec.exe /I{91110409-6000-11D3-8CFE-0150048383C9}
Microsoft Digital Image Library 9 - Blocker 9.00.0000 (Microsoft Corporation)
Adobe Reader 9.2 (English) 9.2.0, installation data=20091014 (Adobe Systems Incorporated)
DEINSTALLATION: MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A92000000001}
Palm (English) 4.1.0420, installation data=20051123 (Palm, Inc.)
DEINSTALLATION: MsiExec.exe /X{ADAED43C-BBD9-42C5-8B21-F4FBFA81E3C3}
DivX Web Player 1.4.3 (DivX,Inc.)
DEINSTALLATION: C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Norton AntiVirus Corporate Edition (English) 7.6.0.0000, installation data=20040501 (Symantec Corporation)
DEINSTALLATION: MsiExec.exe /I{BD12EB47-DBDF-11D3-BEEA-00A0CC272509}
WinZip 12.1 (English) 12.1.8519, installation data=20091014 (WinZip Computing, S.L. )
DEINSTALLATION: MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}
ArcSoft PhotoImpression 6 (English) 6, installation data=20090326 (ArcSoft)
DEINSTALLATION: C:\Program Files\InstallShield Installation Information\{D03E7B00-CA85-4684-9321-1888873C34BD}\Setup.exe -runfromtemp -l0x0009 -removeonly

Robert09
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2009-10-14
OS OS : 2000 Pro
Points Points : 26223
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Robert09 on Fri Oct 23, 2009 10:34 pm

Runned drivers:
system32\DRIVERS\asyncmac.sys - stopped (demand) ("c:\winnt\system32\drivers\asyncmac.sys") File version = 5.00.2195.6655, File size = 17840, File modification date = 14/07/2003 12:00, File description = MS Remote Access serial network driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1399398665|0x5d3d77c9eb3a8e6a14cc8e1252b6cc5c|
system32\DRIVERS\atmarpc.sys - stopped (demand) ("c:\winnt\system32\drivers\atmarpc.sys") File version = 5.00.2166.1, File size = 57904, File modification date = 14/07/2003 12:00, File description = IP/ATM Arp Client, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2166.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |418487622|0x3e348b3313ea633d45caf59da0d631ba|
\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys - stopped (demand)
system32\drivers\ccdecode.sys - stopped (demand) ("c:\winnt\system32\drivers\ccdecode.sys") File version = 5.3.0000000.900 built by: DIRECTX, File size = 16384, File modification date = 09/07/2004 10:58, File description = WDM Closed Caption VBI Codec, Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |891040427|0x1478e6a09512235b9e119d2920477021|
System32\drivers\dmboot.sys - stopped (disabled) ("c:\winnt\system32\drivers\dmboot.sys") File version = 2195.6655.297.3, File size = 369104, File modification date = 14/07/2003 12:00, File description = NT Disk Manager Startup Driver, Product Name = VERITAS® NT Disk Manager, Product version = 1.0, Company name = VERITAS Software Corp. (Copyright© 1990-1997 VERITAS Software Corporation. ALL RIGHTS RESERVED. UNPUBLISHED -- RIGHTS RESERVED UNDER THE COPYRIGHT LAWS OF THE UNITED STATES. USE OF A COPYRIGHT NOTICE IS PRECAUTIONARY ONLY AND DOES NOT IMPLY PUBLICATION OR DISCLOSURE. THIS SOFTWARE CONTAINS CONFIDENTIAL INFORMATION AND TRADE SECRETS OF VERITAS SOFTWARE. USE, DISCLOSURE, OR REPRODUCTION IS PROHIBITED WITHOUT THE PRIOR EXPRESS WRITTEN PERMISSION OF VERITAS SOFTWARE. RESTRICTED RIGHTS LEGEND USE, DUPLICATION, OR DISCLOSURE BY THE GOVERNMENT IS SUBJECT TO RESTRICTIONS AS SET FORTH IN SUBPARAGRAPH (C) (1) (ii) OF THE RIGHTS IN TECHNICAL DATA AND COMPUTER SOFTWARE CLAUSE AT DFARS 252.227-7013. VERITAS SOFTWARE 1600 PLYMOUTH STREET, MOUNTAIN VIEW, CA 94043 ) |1016478446|0x0b91c63540682bc3c826fc6d8b3ecb7b|
system32\drivers\DMusic.sys - stopped (demand) ("c:\winnt\system32\drivers\dmusic.sys") File version = 5.00.2166.1, File size = 51152, File modification date = 28/10/1999 15:24, File description = Microsoft DirectMusic Software Synthesizer (WDM), Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2166.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |838142286|0x3431984234b5988d4c09f043cf4cd779|
system32\DRIVERS\hidusb.sys - stopped (automatic) ("c:\winnt\system32\drivers\hidusb.sys") File version = 5.00.2142.1, File size = 13904, File modification date = 04/10/1999 23:03, File description = USB Miniport Driver for Input Devices, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2142.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1302675867|0xff2ca3c8d0193800e4fa510ffde0960e|
system32\DRIVERS\HPZid412.sys - stopped (demand) ("c:\winnt\system32\drivers\hpzid412.sys") File version = 8, 0, 0, 0, File size = 51088, File modification date = 22/03/2004 12:35, File description = IEEE-1284.4-1999 Driver (Windows 2000), Product Name = HP Dot4 Windows 2000, Product version = 8, 0, 0, 0, Company name = HP (Copyright © 1998, 1999 Hewlett-Packard Company) |1320066653|0x5faba4775d4c61e55ec669d643ffc71f|
system32\DRIVERS\HPZipr12.sys - stopped (demand) ("c:\winnt\system32\drivers\hpzipr12.sys") File version = 8, 0, 0, 0, File size = 16496, File modification date = 22/03/2004 12:35, File description = IEEE-1284.4-1999 Print Class Driver, Product Name = HP Dot4Print, Product version = 8, 0, 0, 0, Company name = HP (Copyright © 1998, 1999 Hewlett-Packard Company) |-1230239212|0xa3c43980ee1f1beac778b44ea65dbdd4|
system32\DRIVERS\HPZius12.sys - stopped (demand) ("c:\winnt\system32\drivers\hpzius12.sys") File version = 8, 0, 0, 0, File size = 21744, File modification date = 22/03/2004 12:35, File description = 1284.4<->Usb Datalink Driver (Windows 2000), Product Name = HP Dot4Usb Windows 2000, Product version = 8, 0, 0, 0, Company name = HP (Copyright © 1998, 1999 Hewlett-Packard Company) |1784708423|0x2906949bd4e206f2bb0dd1896ce9f66f|
system32\DRIVERS\ipfltdrv.sys - stopped (demand) ("c:\winnt\system32\drivers\ipfltdrv.sys") File version = 5.00.2168.1, File size = 34416, File modification date = 14/07/2003 12:00, File description = IP FILTER DRIVER, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2168.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |371622040|0x09a604211e2b2334fc023a41337e3165|
system32\DRIVERS\ipinip.sys - stopped (demand) ("c:\winnt\system32\drivers\ipinip.sys") File version = 5.00.2168.1, File size = 19984, File modification date = 14/07/2003 12:00, File description = IP in IP Encapsulation Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2168.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |478232406|0xdbc1437b56eea1af02cd39c011904491|
system32\DRIVERS\ipnat.sys - stopped (demand) ("c:\winnt\system32\drivers\ipnat.sys") File version = 5.00.2195.6968, File size = 67344, File modification date = 11/08/2004 22:42, File description = IP Network Address Translator, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6968, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1934899153|0xadb8a3465c0fc01c3ae633adb33fcbb3|
system32\DRIVERS\ipsec.sys - stopped (demand) ("c:\winnt\system32\drivers\ipsec.sys") File version = 5.00.2195.6738, File size = 80848, File modification date = 21/04/2003 18:19, File description = IPSEC Driver (US/Canada Only, Not for Export), Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6738, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1761904118|0x9d61c8e8044bdaac6d922eb27552f93a|
System32\DRIVERS\irenum.sys - stopped (demand) ("c:\winnt\system32\drivers\irenum.sys") File version = 5.00.2195.6655, File size = 10288, File modification date = 14/07/2003 12:00, File description = Infra-Red Bus Enumerator, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |181288994|0x7f5315e32be0632f680b30e03a2ca809|
system32\DRIVERS\kbdhid.sys - stopped (system) ("c:\winnt\system32\drivers\kbdhid.sys") File version = 5.00.2142.1, File size = 13744, File modification date = 04/10/1999 23:04, File description = HID Mouse Filter Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2142.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1910056235|0x5afd9413400ffb2b57e9be900a12b160|
system32\DRIVERS\mouhid.sys - stopped (demand) ("c:\winnt\system32\drivers\mouhid.sys") File version = 5.00.2195.6655, File size = 11632, File modification date = 19/06/2003 20:05, File description = HID Mouse Filter Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2125529729|0x80d48f52414f7798432a4764beccbcec|
system32\DRIVERS\MPE.sys - stopped (demand) ("c:\winnt\system32\drivers\mpe.sys") File version = 5.3.0000000.900 built by: DIRECTX, File size = 15104, File modification date = 09/07/2004 10:58, File description = Microsoft MPE to IP Filter, Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1601554581|0x83eff7b976ae24f1a496ca94a8a19919|
system32\drivers\MSKSSRV.sys - stopped (demand) ("c:\winnt\system32\drivers\mskssrv.sys") File version = 5.3.0000000.900 built by: DIRECTX, File size = 7424, File modification date = 12/12/2002 08:14, File description = MS KS Server, Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |369150494|0x85736f804191cb420a31aca2a7f0674f|
system32\drivers\MSPCLOCK.sys - stopped (demand) ("c:\winnt\system32\drivers\mspclock.sys") File version = 5.3.0000000.900 built by: DIRECTX, File size = 5248, File modification date = 12/12/2002 08:14, File description = MS Proxy Clock, Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1959050085|0xe943adb93d83c5cbc0ca3f53f53b48cc|
system32\drivers\MSPQM.sys - stopped (demand) ("c:\winnt\system32\drivers\mspqm.sys") File version = 5.00.2134.1, File size = 4816, File modification date = 25/09/1999 10:36, File description = MS Proxy Quality Manager, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |732880338|0xbb041315c9930063e5eab0bee90acff6|
system32\drivers\MSTEE.sys - stopped (demand) ("c:\winnt\system32\drivers\mstee.sys") File version = 5.3.0000000.900 built by: DIRECTX, File size = 5504, File modification date = 12/12/2002 08:14, File description = WDM Tee/Communication Transform Filter , Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1743084846|0xd5059366b361f0e1124753447af08aa2|
system32\DRIVERS\NABTSFEC.sys - stopped (demand) ("c:\winnt\system32\drivers\nabtsfec.sys") File version = 5.3.0000000.900 built by: DIRECTX, File size = 83968, File modification date = 09/07/2004 10:58, File description = WDM NABTS/FEC VBI Codec, Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-41937467|0xbb1c45d114b6dab0babf6b2fb0336db2|
system32\DRIVERS\ndisuio.sys - stopped (demand) ("c:\winnt\system32\drivers\ndisuio.sys") File version = 5.00.2195.6655, File size = 11984, File modification date = 14/07/2003 12:00, File description = NDIS User mode I/O Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1892882990|0x69ecae880bdac3c288f0508df9cdeef0|
\SystemRoot\system32\drivers\netdtect.sys - stopped (demand) ("C:\WINNT\system32\drivers\netdtect.sys") File version = 5.00.2138.1, File size = 9680, File modification date = 14/07/2003 12:00, File description = Network Card Detection driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2138.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-207155797|0x9b2a6147a22f7e696cc7538283de6346|
\??\C:\WINNT\system32\ntsim.sys - stopped (demand) ("\\?\c:\winnt\system32\ntsim.sys") File version = 1.07.00.0007, File size = 7040, File modification date = 17/07/2003 08:10, File description = Network Device Monitor Utility, Product Name = Network Device Monitor Utility , Product version = 1.07.00.0007, Company name = VIA Networking Technologies, Inc. (VIA Networking Technologies, Inc. ) |-1272077828|0xa568b9a9ffe2d9387222a5c90f86d731|
system32\DRIVERS\nwlnkflt.sys - stopped (demand) ("c:\winnt\system32\drivers\nwlnkflt.sys") File version = 5.00.2134.1, File size = 12560, File modification date = 14/07/2003 12:00, File description = NWLINK2 Traffic Filter Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |464812079|0x9b0d6fb5c5d6a7571aedb0c1a7a9c1b6|
system32\DRIVERS\nwlnkfwd.sys - stopped (demand) ("c:\winnt\system32\drivers\nwlnkfwd.sys") File version = 5.00.2173.1, File size = 35344, File modification date = 14/07/2003 12:00, File description = NWLINK2 Forwarder Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2173.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1503856386|0x09fa39e4812fdd042834650df09675a0|
system32\drivers\PalmUSBD.sys - stopped (demand) ("c:\winnt\system32\drivers\palmusbd.sys") File version = 6, 0, 1, 0, File size = 16694, File modification date = 23/11/2005 16:02, File description = USB Driver for Palm OS Handheld Devices, Product Name = HotSync® Manager, Product version = 6, 0, 1, 0, Company name = PalmSource, Inc. (Copyright © 2004 PalmSource, Inc.) |594008604|0x240c0d4049a833b16b63b636acf01672|
system32\drivers\RCA.sys - stopped (demand) ("c:\winnt\system32\drivers\rca.sys") File version = 5.00.2164.1, File size = 21712, File modification date = 14/07/2003 12:00, File description = RCA filter, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2164.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |331263198|0xafce1f733a6aa3a90ac60794dfb26104|
system32\DRIVERS\redbook.sys - stopped (system) ("c:\winnt\system32\drivers\redbook.sys") File version = 5.00.2195.6655, File size = 35344, File modification date = 19/06/2003 12:05, File description = Redbook Audio Filter Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |769230713|0xb5120cb5081865b0c7d93c305c7da939|
System32\Drivers\RootMdm.sys - stopped (demand) ("c:\winnt\system32\drivers\rootmdm.sys") File version = 5.00.2134.1, File size = 6032, File modification date = 14/07/2003 12:00, File description = Legacy Non-Pnp Modem Device Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-465202170|0xb6756550c2f1aa4be923d0cef5a9e0a4|
system32\DRIVERS\SLIP.sys - stopped (demand) ("c:\winnt\system32\drivers\slip.sys") File version = 5.3.0000000.900 built by: DIRECTX, File size = 10880, File modification date = 09/07/2004 10:58, File description = Microsoft Slip Deframing Filter Minidriver, Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-6628536|0x92723fbdd30771c293fe5ed266a31ca6|
system32\DRIVERS\StreamIP.sys - stopped (demand) ("c:\winnt\system32\drivers\streamip.sys") File version = 5.3.0000000.900 built by: DIRECTX, File size = 14976, File modification date = 09/07/2004 10:58, File description = Microsoft IP Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1913412072|0x4544fd0db39cb7b385a5392c068162cd|
system32\drivers\swmidi.sys - stopped (demand) ("c:\winnt\system32\drivers\swmidi.sys") File version = 5.00.2195.6655, File size = 53552, File modification date = 19/06/2003 12:05, File description = Microsoft GS Wavetable Synthesizer, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |586389250|0x8c7cd06d097a59391d94b59715fca67c|
\SystemRoot\System32\Drivers\SYMREDRV.SYS - stopped (demand) ("C:\WINNT\system32\drivers\symredrv.sys") File version = 5.3.5.3, File size = 16280, File modification date = 12/06/2004 02:28, File description = Redirector Filter Driver, Product Name = Symantec Security Drivers, Product version = 5.3.5, Company name = Symantec Corporation (Copyright 2002, 2003 Symantec Corporation) |-419638862|0x8ddb430ea48468c156db872a214178fc|
\SystemRoot\System32\Drivers\viausb.sys - stopped (demand) ("C:\WINNT\system32\drivers\viausb.sys") File version = 1.08, File size = 9038, File modification date = 18/06/2003 23:48, File description = VIA USB Filter Driver, Product Name = VIA USB Filter Driver, Product version = 1.08, Company name = VIA Technologies, Inc. (Copyright (C) VIA Technologies, Inc. 1998-2000) |-1408379831|0x646eb13fd35ab93d380a6f5e31b34a4c|
system32\DRIVERS\WSTCODEC.SYS - stopped (demand) ("c:\winnt\system32\drivers\wstcodec.sys") File version = 5.3.0000000.900 built by: DIRECTX, File size = 18688, File modification date = 09/07/2004 10:58, File description = WDM WST Codec Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (Copyright (C) Philips Semiconductors. 1981-1999) |-1635136304|0x04aca6442e639a794293828e8dda7a44|
\WINNT\System32\ntoskrnl.exe ("c:\winnt\system32\ntoskrnl.exe") File version = 5.00.2195.7133, File size = 1690880, File modification date = 05/03/2007 15:51, File description = NT Kernel & System, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7133, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |474223052|0xa9b95a62c4f298aadd3bec2fdf49fcbe|
\WINNT\System32\hal.dll ("c:\winnt\system32\hal.dll") File version = 5.00.2195.6691, File size = 82176, File modification date = 14/07/2003 12:00, File description = Hardware Abstraction Layer DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6691, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1760124540|0x40459285a03be763dcd6c278a26b9a4a|
\WINNT\System32\BOOTVID.dll ("c:\winnt\system32\bootvid.dll") File version = 5.00.2172.1, File size = 10784, File modification date = 14/07/2003 12:00, File description = VGA Boot Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2172.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-169240697|0x74e26816bb81114db55d9d7b43749f05|
ACPI.sys ("c:\winnt\system32\drivers\acpi.sys") File version = 5.00.2195.6655, File size = 163120, File modification date = 14/07/2003 12:00, File description = ACPI Driver for NT, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-320509561|0x083049d5dc3f32d17c2edfb732c78a09|
\WINNT\system32\DRIVERS\WMILIB.SYS ("c:\winnt\system32\drivers\wmilib.sys") File version = 5.00.2134.1, File size = 4240, File modification date = 14/07/2003 12:00, File description = WMILIB WMI support library Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |158766981|0x73a9f95b61048e0783371a4b78e4d637|
pci.sys ("c:\winnt\system32\drivers\pci.sys") File version = 5.00.2195.6655, File size = 59312, File modification date = 14/07/2003 12:00, File description = NT Plug and Play PCI Enumerator, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |970304090|0xf0791b1f424f8d84a81d9ae6cfadf089|
isapnp.sys ("c:\winnt\system32\drivers\isapnp.sys") File version = 5.00.2195.6655, File size = 46992, File modification date = 19/06/2003 19:05, File description = PNP ISA Bus Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1205986134|0xb630369ca276fd208c1b5146920b5f2e|
pciide.sys ("c:\winnt\system32\drivers\pciide.sys") File version = 5.00.2195.6655, File size = 3088, File modification date = 14/07/2003 12:00, File description = Generic PCI IDE Bus Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |463423486|0x7d0bcb325d29d15024d6a572044e410b|
\WINNT\system32\DRIVERS\PCIIDEX.SYS ("c:\winnt\system32\drivers\pciidex.sys") File version = 5.00.2195.6672, File size = 22064, File modification date = 14/07/2003 12:00, File description = PCI IDE Bus Driver Extension, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6672, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |814445561|0x2c05dd33a2993e64a246bccd36876c28|
MountMgr.sys ("c:\winnt\system32\drivers\mountmgr.sys") File version = 5.00.2195.7063, File size = 30160, File modification date = 16/08/2005 08:40, File description = Mount Manager, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7063, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2141379088|0x75e57b9f5c36137ea79466c3b63c38cc|
ftdisk.sys ("c:\winnt\system32\drivers\ftdisk.sys") File version = 5.00.2195.7006, File size = 116400, File modification date = 02/12/2004 13:00, File description = FT Disk Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7006, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-708039490|0xc757a3eefa44ea2d562424a4060329a6|
Diskperf.sys ("c:\winnt\system32\drivers\diskperf.sys") File version = 5.00.2195.6664, File size = 7728, File modification date = 14/07/2003 12:00, File description = Disk Performance Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6664, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1211690288|0xfd94497dd145b3920f5c393eab50ee3a|
dmload.sys ("c:\winnt\system32\drivers\dmload.sys") File version = 2195.6655.297.3, File size = 7312, File modification date = 14/07/2003 12:00, File description = NT Disk Manager Startup Driver, Product Name = Logical Disk Manager for Windows NT, Product version = 1.0, Company name = VERITAS Software Corp. (Copyright© 1990-1997 VERITAS Software Corporation. ALL RIGHTS RESERVED. UNPUBLISHED -- RIGHTS RESERVED UNDER THE COPYRIGHT LAWS OF THE UNITED STATES. USE OF A COPYRIGHT NOTICE IS PRECAUTIONARY ONLY AND DOES NOT IMPLY PUBLICATION OR DISCLOSURE. THIS SOFTWARE CONTAINS CONFIDENTIAL INFORMATION AND TRADE SECRETS OF VERITAS SOFTWARE. USE, DISCLOSURE, OR REPRODUCTION IS PROHIBITED WITHOUT THE PRIOR EXPRESS WRITTEN PERMISSION OF VERITAS SOFTWARE. RESTRICTED RIGHTS LEGEND USE, DUPLICATION, OR DISCLOSURE BY THE GOVERNMENT IS SUBJECT TO RESTRICTIONS AS SET FORTH IN SUBPARAGRAPH (C) (1) (ii) OF THE RIGHTS IN TECHNICAL DATA AND COMPUTER SOFTWARE CLAUSE AT DFARS 252.227-7013. VERITAS SOFTWARE 1600 PLYMOUTH STREET, MOUNTAIN VIEW, CA 94043 ) |-942449678|0x3f1701ffa97ab012685abc8a2d6fce22|
dmio.sys ("c:\winnt\system32\drivers\dmio.sys") File version = 2195.6655.297.3, File size = 137936, File modification date = 14/07/2003 12:00, File description = NT Disk Manager I/O Driver, Product Name = VERITAS® NT Disk Manager, Product version = 1.0, Company name = VERITAS Software Corp. (Copyright© 1990-1997 VERITAS Software Corporation. ALL RIGHTS RESERVED. UNPUBLISHED -- RIGHTS RESERVED UNDER THE COPYRIGHT LAWS OF THE UNITED STATES. USE OF A COPYRIGHT NOTICE IS PRECAUTIONARY ONLY AND DOES NOT IMPLY PUBLICATION OR DISCLOSURE. THIS SOFTWARE CONTAINS CONFIDENTIAL INFORMATION AND TRADE SECRETS OF VERITAS SOFTWARE. USE, DISCLOSURE, OR REPRODUCTION IS PROHIBITED WITHOUT THE PRIOR EXPRESS WRITTEN PERMISSION OF VERITAS SOFTWARE. RESTRICTED RIGHTS LEGEND USE, DUPLICATION, OR DISCLOSURE BY THE GOVERNMENT IS SUBJECT TO RESTRICTIONS AS SET FORTH IN SUBPARAGRAPH (C) (1) (ii) OF THE RIGHTS IN TECHNICAL DATA AND COMPUTER SOFTWARE CLAUSE AT DFARS 252.227-7013. VERITAS SOFTWARE 1600 PLYMOUTH STREET, MOUNTAIN VIEW, CA 94043 ) |1864153753|0x6b35bfdbdbc247113852f18bf0f10e3c|
PartMgr.sys ("c:\winnt\system32\drivers\partmgr.sys") File version = 5.00.2195.6655, File size = 11792, File modification date = 14/07/2003 12:00, File description = Partition Manager, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |242759426|0xf9e922dbe9f3719ce8376cc7ed18cb8d|
viaide.sys ("c:\winnt\system32\drivers\viaide.sys") File version = 5.0.2195.120, File size = 6234, File modification date = 18/10/2001 19:00, File description = VIA PCI IDE Bus Driver, Product Name = Microsoft(R) Windows NT(R) Operating System, Product version = 5.0.2195.120, Company name = VIA Technologies, Inc. (Copyright (C) Microsoft Corp. 2000-2005) |-291396412|0xb2b04630fe75ef32684e854828b1f764|
videX32.sys ("c:\winnt\system32\drivers\videx32.sys") File version = 6.0.6001.282, File size = 13976, File modification date = 05/05/2009 16:58, File description = VIA Generic PCI IDE Bus Driver, Product Name = VIA PCI IDE MINI Driver, Product version = 6.0.6001.282, Company name = VIA Technologies, Inc. (Copyright (C) VIA Technologies, Inc. 2000-2008) |1466880749|0x4cc623591204acd5fc89bd0dad70e838|
atapi.sys ("c:\winnt\system32\drivers\atapi.sys") File version = 5.00.2195.6699, File size = 86672, File modification date = 14/07/2003 12:00, File description = IDE/ATAPI Port Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6699, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1758291391|0x8c718aa8c77041b3285d55a0ce980867|
disk.sys ("c:\winnt\system32\drivers\disk.sys") File version = 5.00.2195.6655, File size = 30768, File modification date = 14/07/2003 12:00, File description = PnP Disk Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-329726145|0x322b9a3774dbf119f6635a476b0eb058|
\WINNT\system32\DRIVERS\CLASSPNP.SYS ("c:\winnt\system32\drivers\classpnp.sys") File version = 5.00.2195.6655, File size = 34832, File modification date = 14/07/2003 12:00, File description = SCSI Class System Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2034216438|0x397c92e61ce4b1764d17107a7473835c|
fltmgr.sys ("c:\winnt\system32\drivers\fltmgr.sys") File version = 5.00.2195.7039, File size = 136880, File modification date = 14/04/2005 06:59, File description = Microsoft Filesystem Filter Manager, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7039, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1690802262|0xc8eb153fa65633a99163775eeaea15f3|
PxHelp20.sys ("c:\winnt\system32\drivers\pxhelp20.sys") File version = 2.02.70a, File size = 20176, File modification date = 11/05/2004 21:32, File description = Px Engine Device Driver for Windows 2000/XP, Product Name = PxHelp20, Product version = (null), Company name = Sonic Solutions (Copyright © Sonic Solutions) |-1251829637|0xb5dfb86a6caeae9b2bf3dedb43be6393|
KSecDD.sys ("c:\winnt\system32\drivers\ksecdd.sys") File version = 5.00.2195.6824, File size = 71888, File modification date = 21/09/2003 00:32, File description = Kernel Security Support Provider Interface, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6824, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1845331325|0x80ffb99dcb8e6ab8a01be04fcb0b0758|
Ntfs.sys ("c:\winnt\system32\drivers\ntfs.sys") File version = 5.00.2195.7049, File size = 513424, File modification date = 10/05/2005 09:20, File description = NT File System Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7049, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1981755753|0x7dc1f0f9bf87ca5cee9a46c9a63dc1d3|
NDIS.sys ("c:\winnt\system32\drivers\ndis.sys") File version = 5.00.2195.6655, File size = 170928, File modification date = 14/07/2003 12:00, File description = NDIS 3.0 wrapper driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-79287622|0xfb4f2d0595bd3546a4dd915e4a9b4809|
viaagp.sys ("c:\winnt\system32\drivers\viaagp.sys") File version = 5.00.2195.6655, File size = 22416, File modification date = 19/06/2003 19:05, File description = VIA NT AGP Filter, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |665646653|0xfd9fb614c61eb068b07a7f23006012cd|
viaagp1.sys ("c:\winnt\system32\drivers\viaagp1.sys") File version = 5.0.0.3442 built by: VIA, File size = 27904, File modification date = 02/07/2003 11:42, File description = VIA NT AGP Filter, Product Name = VIA CPU to AGP2.0/AGP3.0 Controller, Product version = 5.0.0.3442, Company name = VIA Technologies, Inc. (Copyright (C) VIA Technologies., Inc. 1998-2003) |1393086445|0x3369521138fb8980530da72078da1368|
Mup.sys ("c:\winnt\system32\drivers\mup.sys") File version = 5.00.2195.7006, File size = 89328, File modification date = 02/12/2004 13:07, File description = Multiple UNC Provider driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7006, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1994092535|0x84d27503181b716a222299e59cd1259a|
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS ("C:\WINNT\system32\drivers\videoprt.sys") File version = 5.00.2195.6655, File size = 50640, File modification date = 14/07/2003 12:00, File description = Video Port Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2092750158|0xf3fd13270275ee1830e208c9fc6ad240|
\SystemRoot\system32\DRIVERS\s3gnbm.sys ("C:\WINNT\system32\drivers\s3gnbm.sys") File version = 6.14.10.0033-13.94.33, File size = 167168, File modification date = 13/08/2004 20:42, File description = S3 ProSavage(DDR) & Twister Miniport Driver, Product Name = S3 ProSavage(DDR) & Twister Miniport Driver, Product version = 6.14.10.0033-13.94.33, Company name = S3 Graphics, Inc. (Copyright (c) 2004 by S3 Graphics, Inc.) |-208207382|0x5cf6ea833ebd3cf79573e6960f4b9e0b|
\SystemRoot\System32\Drivers\vulfnth.sys ("C:\WINNT\system32\drivers\vulfnth.sys") File version = 2.57, File size = 6912, File modification date = 04/08/2003 07:29, File description = VIA USB Host Controller Lower Filter Driver, Product Name = VIA USB Host Controller Lower Filter Driver, Product version = 2.57, Company name = VIA Technologies, Inc. (Copyright (C) VIA Technologies, Inc. 2000-2004) |868435707|0xc9a8ba443f809b70bccccd60cc73fa5c|
\SystemRoot\system32\DRIVERS\USBD.SYS ("C:\WINNT\system32\drivers\usbd.sys") File version = 5.00.2195.6658, File size = 20688, File modification date = 14/07/2003 12:00, File description = Universal Serial Bus Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6658, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |834360356|0x0de8bab91b5343821e09ae3f3db5af66|
\SystemRoot\system32\DRIVERS\uhcd.sys ("C:\WINNT\system32\drivers\uhcd.sys") File version = 5.00.2195.6655, File size = 32848, File modification date = 14/07/2003 12:00, File description = Universal Host Controller Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1859043501|0x376fb5e14b9d375db3536ba563eae97a|
\SystemRoot\system32\DRIVERS\USBPORT.SYS ("C:\WINNT\system32\drivers\usbport.sys") File version = 5.00.2195.6681, File size = 138288, File modification date = 19/06/2003 12:05, File description = USB 1.1 & 2.0 Port Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6681, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-617545611|0x0cb2f063a7ce38ed4a8ff17178c1c779|
\SystemRoot\system32\DRIVERS\usbehci.sys ("C:\WINNT\system32\drivers\usbehci.sys") File version = 5.00.2195.6709, File size = 19728, File modification date = 19/06/2003 12:05, File description = EHCI eUSB Miniport Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6709, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1395663662|0x86c71ce544358d3227206a894ae04443|
\SystemRoot\system32\drivers\Afc.sys ("C:\WINNT\system32\drivers\afc.sys") File version = 1, 0, 0, 2, File size = 11776, File modification date = 23/02/2005 22:58, File description = Arcsoft(R) ASPI Shell, Product Name = Arcsoft(R) ASPI Shell, Product version = 1, 0, 0, 2, Company name = Arcsoft, Inc. ((C) Arcsoft, Inc. 1999-2005. All rights reserved.) |-1418926835|0xa7b8a3a79d35215d798a300df49ed23f|
\SystemRoot\System32\Drivers\cdrbsdrv.SYS ("C:\WINNT\system32\drivers\cdrbsdrv.sys") File version = 7. 0. 0. 5, File size = 13567, File modification date = 08/03/2004 20:55, File description = CD-ROM Filter Driver for Windows2000/xp, Product Name = B's Recorder GOLD7, Product version = 7. 5. 0. 0, Company name = B.H.A Corporation (Copyright (C) 2000-2004 B.H.A Corporation) |646861642|0x351735695e9ead93de6af85d8beb1ca8|
\SystemRoot\System32\Drivers\Cdr4_2K.SYS ("C:\WINNT\system32\drivers\cdr4_2k.sys") File version = 5.3.2.31, File size = 58000, File modification date = 01/05/2004 21:02, File description = CDR4_2k CDR Helper, Product Name = DirectCD, Product version = 5.3.2.31, Company name = Roxio (Copyright (c) 2001,2002, Roxio, Inc.) |-128455983|0x9880f86f4261699273f818ae50216b8c|
\SystemRoot\system32\DRIVERS\cdrom.sys ("C:\WINNT\system32\drivers\cdrom.sys") File version = 5.00.2195.6655, File size = 27984, File modification date = 14/07/2003 12:00, File description = SCSI CD-ROM Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-637534207|0x4b86a90a7f0095d514d22a9083826488|
\SystemRoot\System32\Drivers\Cdralw2k.SYS ("C:\WINNT\system32\drivers\cdralw2k.sys") File version = 5.3.2.31, File size = 23420, File modification date = 01/05/2004 21:02, File description = CDRAL for Windows 2000 Kernel Driver, Product Name = DirectCD, Product version = 5.3.2.31, Company name = Roxio (Copyright (c) 2001,2002, Roxio, Inc.) |1356242816|0x300500fb3ef21374f7194f9f42b130bc|
\SystemRoot\system32\drivers\KS.SYS ("C:\WINNT\system32\drivers\ks.sys") File version = 5.3.0000000.900 built by: DIRECTX, File size = 130304, File modification date = 12/12/2002 08:14, File description = Kernel CSA Library, Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1388781205|0xdc197a88746a55ae60d1c81d45cd1b4a|
\SystemRoot\system32\drivers\portcls.sys ("C:\WINNT\system32\drivers\portcls.sys") File version = 5.00.2195.6655, File size = 148208, File modification date = 19/06/2003 19:05, File description = Port Class (Class Driver for Port/Miniport Devices), Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1576184413|0xc735310cf5cc0282d55880fd7431ccbe|
\SystemRoot\system32\drivers\vinyl97.sys ("C:\WINNT\system32\drivers\vinyl97.sys") File version = 6.14.01.4090 built by: WinDDK, File size = 176128, File modification date = 01/02/2005 23:39, File description = Vinyl AC'97 Codec Combo WDM Driver, Product Name = Vinyl AC'97 Codec Combo WDM Driver, Product version = 6.14.01.4090, Company name = VIA Technologies, Inc. (Copyright (C) VIA Technologies, Inc. 1999-2004) |837740645|0x6e6c12d1544e22d36da77f994fd1f306|
\SystemRoot\system32\DRIVERS\fetnd5b.sys ("C:\WINNT\system32\drivers\fetnd5b.sys") File version = 3.22.00.0407, File size = 41984, File modification date = 29/07/2003 03:31, File description = NDIS 5.0 miniport driver, Product Name = VIA Rhine Family Fast Ethernet Adapter , Product version = 3.22.00.0407, Company name = VIA Technologies, Inc. (VIA Technologies, Inc. ) |1685419942|0xa306e75d699da98d0f9286b4e268661d|
\SystemRoot\system32\DRIVERS\fdc.sys ("C:\WINNT\system32\drivers\fdc.sys") File version = 5.00.2195.6655, File size = 26256, File modification date = 14/07/2003 12:00, File description = Floppy Disk Controller Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2080684082|0x233e2c4dae9c84cef241f0ea30619629|
\SystemRoot\system32\DRIVERS\serial.sys ("C:\WINNT\system32\drivers\serial.sys") File version = 5.00.2195.6655, File size = 62736, File modification date = 14/07/2003 12:00, File description = Serial Device Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |696249484|0x80f28698f48e298d278057f23206133b|
\SystemRoot\system32\DRIVERS\serenum.sys ("C:\WINNT\system32\drivers\serenum.sys") File version = 5.00.2195.6655, File size = 14160, File modification date = 14/07/2003 12:00, File description = Serial Port Enumerator, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1426636176|0x6db5fdf67486679da3149ef212374861|
\SystemRoot\system32\DRIVERS\parport.sys ("C:\WINNT\system32\drivers\parport.sys") File version = 5.00.2195.6655, File size = 25104, File modification date = 14/07/2003 12:00, File description = Parallel Port Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1341006333|0x69b713583d6e063ac487e2da30c04289|
\SystemRoot\system32\DRIVERS\i8042prt.sys ("C:\WINNT\system32\drivers\i8042prt.sys") File version = 5.00.2195.6655, File size = 46992, File modification date = 14/07/2003 12:00, File description = i8042 Port Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1560319814|0x3b538e8a6b5e078406159edfe09a5e53|
\SystemRoot\system32\DRIVERS\mouclass.sys ("C:\WINNT\system32\drivers\mouclass.sys") File version = 5.00.2195.6666, File size = 21776, File modification date = 14/07/2003 12:00, File description = Mouse Class Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6666, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-41839149|0x8d038dde3f19b88427968e99a6216766|
\SystemRoot\system32\DRIVERS\kbdclass.sys ("C:\WINNT\system32\drivers\kbdclass.sys") File version = 5.00.2195.6666, File size = 24528, File modification date = 14/07/2003 12:00, File description = Keyboard Class Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6666, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-708075733|0x399055f5c4a98f39b47d26888a72145d|
\SystemRoot\system32\drivers\msmpu401.sys ("C:\WINNT\system32\drivers\msmpu401.sys") File version = 5.00.2134.1, File size = 2832, File modification date = 25/09/1999 10:35, File description = MPU401 Adapter Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2077023183|0x6ea98807eede628e2e6ddf3123f80279|
\SystemRoot\system32\DRIVERS\gameenum.sys ("C:\WINNT\system32\drivers\gameenum.sys") File version = 5.00.2195.6655, File size = 9808, File modification date = 19/06/2003 12:05, File description = Game Port Enumerator, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1720132692|0x1ee4975fbc708f34a6b07c8e47f6fa3a|
\SystemRoot\system32\DRIVERS\audstub.sys ("C:\WINNT\system32\drivers\audstub.sys") File version = 5.00.2134.1, File size = 2896, File modification date = 25/09/1999 10:35, File description = AudStub Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1000652672|0x39d57104a45270f0d376e9ddb484ebbd|
\SystemRoot\system32\DRIVERS\rasl2tp.sys ("C:\WINNT\system32\drivers\rasl2tp.sys") File version = 5.00.2195.6655, File size = 52112, File modification date = 14/07/2003 12:00, File description = RAS L2TP mini-port/call-manager driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1831845332|0xec6037c594f20adedea65f0d809493d2|
\SystemRoot\system32\DRIVERS\ndistapi.sys ("C:\WINNT\system32\drivers\ndistapi.sys") File version = 5.00.2195.6655, File size = 9200, File modification date = 14/07/2003 12:00, File description = NDIS 3.0 connection wrapper driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1326028805|0xe6f675c75c53887c58b98d6db356b153|
\SystemRoot\system32\DRIVERS\ndiswan.sys ("C:\WINNT\system32\drivers\ndiswan.sys") File version = 5.00.2195.6699, File size = 93360, File modification date = 14/07/2003 12:00, File description = MS WAN Wrapper Network Driver (US/Canada Only, Not for Export), Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6699, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |649307845|0xb86a37aa73868343a9eee148fdfce1e0|
\SystemRoot\system32\DRIVERS\TDI.SYS ("C:\WINNT\system32\drivers\tdi.sys") File version = 5.00.2195.6655, File size = 16240, File modification date = 14/07/2003 12:00, File description = TDI Wrapper, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1909274947|0xa4c9ada6bf0fa9fb26ab81a5190ad8a1|
\SystemRoot\system32\DRIVERS\raspptp.sys ("C:\WINNT\system32\drivers\raspptp.sys") File version = 5.00.2195.6711, File size = 48464, File modification date = 14/07/2003 12:00, File description = Peer-to-Peer Tunneling Protocol, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6711, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2106814622|0x0e0212bbbf15800f1536cbfa157dddd6|
\SystemRoot\system32\DRIVERS\ptilink.sys ("C:\WINNT\system32\drivers\ptilink.sys") File version = 1.10, File size = 17680, File modification date = 14/07/2003 12:00, File description = Parallel Technologies DirectParallel IO Library, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Parallel Technologies, Inc. (Copyright (C) Parallel Technologies 1995-1997) |484859985|0xb78775f217255f786c2e8dbe4334e413|
\SystemRoot\system32\DRIVERS\raspti.sys ("C:\WINNT\system32\drivers\raspti.sys") File version = 5.00.2146.1, File size = 16880, File modification date = 14/07/2003 12:00, File description = PTI DirectParallel(R) mini-port/call-manager driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2146.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-584540929|0xcb09a98e97e52c389ab17b1e003c9566|
\SystemRoot\system32\DRIVERS\wanatw4.sys ("C:\WINNT\system32\drivers\wanatw4.sys") File version = 8.3.0.0, File size = 33588, File modification date = 16/07/2002 23:07, File description = Wan Miniport (ATW), Product Name = Wan Miniport (ATW), Product version = 8.3.0.0, Company name = America Online, Inc. (Copyright © 2001-2002 America Online, Inc.) |-186680304|0x0a716c08cb13c3a8f4f51e882dbf7416|
\SystemRoot\system32\DRIVERS\parallel.sys ("C:\WINNT\system32\drivers\parallel.sys") File version = 5.00.2195.6655, File size = 60208, File modification date = 14/07/2003 12:00, File description = Parallel Printer Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-803673213|0xea27799907eabdb66d2d56af68cd4f06|
\SystemRoot\system32\DRIVERS\swenum.sys ("C:\WINNT\system32\drivers\swenum.sys") File version = 5.3.0000000.900 built by: DIRECTX, File size = 4096, File modification date = 12/12/2002 08:14, File description = Plug and Play Software Device Enumerator, Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1878277492|0x616a013d3ea068b6dee83d905e92ee9f|






|

Robert09
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2009-10-14
OS OS : 2000 Pro
Points Points : 26223
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Robert09 on Fri Oct 23, 2009 10:43 pm

\SystemRoot\system32\DRIVERS\update.sys ("C:\WINNT\system32\drivers\update.sys") File version = 5.00.2195.6655, File size = 173232, File modification date = 14/07/2003 12:00, File description = Update Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |728004254|0x7a77f319935328cf30945fe0f3c69c9a|
\SystemRoot\System32\Drivers\vulfntr.sys ("C:\WINNT\system32\drivers\vulfntr.sys") File version = 2.61, File size = 11392, File modification date = 04/08/2003 07:29, File description = VIA USB Roothub Lower Filter Driver, Product Name = VIA USB Roothub Lower Filter Driver, Product version = 2.61, Company name = VIA Technologies, Inc. (Copyright (C) VIA Technologies, Inc. 2000-2004) |293880240|0x2d8c55889616f7767e9fb8adee37a02a|
\SystemRoot\system32\DRIVERS\usbhub.sys ("C:\WINNT\system32\drivers\usbhub.sys") File version = 5.00.2195.6689, File size = 40176, File modification date = 14/07/2003 12:00, File description = Default Hub Driver for USB, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6689, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-826073580|0x5c202078f5d500786a1f3279fac3aa64|
\SystemRoot\system32\DRIVERS\usbhub20.sys ("C:\WINNT\system32\drivers\usbhub20.sys") File version = 5.00.2195.6655, File size = 49776, File modification date = 19/06/2003 12:05, File description = Default Hub Driver for USB 2.0, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1158250140|0xb0205d19ba25ca654810d0aed04496a8|
\SystemRoot\system32\DRIVERS\flpydisk.sys ("C:\WINNT\system32\drivers\flpydisk.sys") File version = 5.00.2195.6655, File size = 19312, File modification date = 14/07/2003 12:00, File description = Floppy Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1787644983|0x6ca845333da54f27a8657be7ee0b600d|
\SystemRoot\System32\Drivers\NDProxy.SYS ("C:\WINNT\system32\drivers\ndproxy.sys") File version = 5.00.2138.1, File size = 40432, File modification date = 14/07/2003 12:00, File description = NDIS Proxy, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2138.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |310590742|0x1f426863d87bdf75aec76584223cd0c7|
\SystemRoot\System32\Drivers\EFS.SYS ("C:\WINNT\system32\drivers\efs.sys") File version = 5.00.2195.6655, File size = 27440, File modification date = 14/07/2003 12:00, File description = EFS File System Filter Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2132811418|0xb2916926428c0410fc1a26da0b650e41|
\SystemRoot\system32\DRIVERS\USBSTOR.SYS ("C:\WINNT\system32\drivers\usbstor.sys") File version = 5.00.2195.6655, File size = 21552, File modification date = 19/06/2003 19:05, File description = USB Mass Storage Class Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |840092662|0x13eba8a2da3447fe7f217e34210ac554|
\SystemRoot\system32\DRIVERS\usbprint.sys ("C:\WINNT\system32\drivers\usbprint.sys") File version = 5.00.2195.6655, File size = 21872, File modification date = 19/06/2003 19:05, File description = USB Printer driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-166030101|0xe0e4367f5eff9e84fafeeba6ab937fd8|
\SystemRoot\system32\DRIVERS\usbscan.sys ("C:\WINNT\system32\drivers\usbscan.sys") File version = 5.00.2195.6655, File size = 12592, File modification date = 19/06/2003 20:05, File description = USB Scanner Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-631273689|0x6c0a98c98b84eee9e3fb1cf86b6250b8|
\SystemRoot\System32\Drivers\Fs_Rec.SYS ("C:\WINNT\system32\drivers\fs_rec.sys") File version = 5.00.2195.6655, File size = 7600, File modification date = 14/07/2003 12:00, File description = File System Recognizer Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1384811349|0x405f231ad65c03dac70992a2aba759a5|
\SystemRoot\System32\Drivers\Null.SYS ("C:\WINNT\system32\drivers\null.sys") File version = 5.00.2134.1, File size = 2800, File modification date = 14/07/2003 12:00, File description = NULL Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1636063164|0x280209cde798720a24d232bf9cfda8e9|
\SystemRoot\System32\Drivers\Beep.SYS ("C:\WINNT\system32\drivers\beep.sys") File version = 5.00.2158.1, File size = 4080, File modification date = 14/07/2003 12:00, File description = BEEP Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2158.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2017162994|0xdf012c2853281ce2bf536e8de871c8c1|
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS ("C:\WINNT\system32\drivers\hidparse.sys") File version = 5.00.2195.6702, File size = 23056, File modification date = 14/07/2003 12:00, File description = Hid Parsing Library, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6702, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1371781180|0x87659dabc66257b861b81146c9b36671|
\SystemRoot\System32\drivers\vga.sys ("C:\WINNT\system32\drivers\vga.sys") File version = 5.00.2134.1, File size = 13968, File modification date = 14/07/2003 12:00, File description = VGA/Super VGA Video Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-645135383|0x1b0040415ba34497a8d76a553aee88aa|
\SystemRoot\System32\Drivers\mnmdd.SYS ("C:\WINNT\system32\drivers\mnmdd.sys") File version = 5.00.2134.1, File size = 4240, File modification date = 14/07/2003 12:00, File description = Frame buffer simulator, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-134395851|0xf9a1ccc84d1c8b392d67bf2e661ed334|
\SystemRoot\System32\Drivers\Msfs.SYS ("C:\WINNT\system32\drivers\msfs.sys") File version = 5.00.2164.1, File size = 21328, File modification date = 14/07/2003 12:00, File description = Mailslot driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2164.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-439356312|0x8840bc3953d2c0bbb104932cab848a27|
\SystemRoot\System32\Drivers\Npfs.SYS ("C:\WINNT\system32\drivers\npfs.sys") File version = 5.00.2147.1, File size = 37040, File modification date = 14/07/2003 12:00, File description = NPFS Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2147.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-125321614|0xe85a77dfcb8f1088f85120ca123ce191|
\SystemRoot\system32\DRIVERS\rasacd.sys ("C:\WINNT\system32\drivers\rasacd.sys") File version = 5.00.2134.1, File size = 8016, File modification date = 14/07/2003 12:00, File description = RAS Automatic Connection Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1775935085|0x63051b814e005dc62c7a0971668c52b4|
\SystemRoot\system32\DRIVERS\tcpip.sys ("C:\WINNT\system32\drivers\tcpip.sys") File version = 5.00.2195.7162, File size = 320528, File modification date = 18/06/2008 10:05, File description = TCP/IP driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7162, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1242875359|0x02fae418bd28e185a4909e5869497de5|
\SystemRoot\system32\DRIVERS\msgpc.sys ("C:\WINNT\system32\drivers\msgpc.sys") File version = 5.00.2195.6655, File size = 34704, File modification date = 14/07/2003 12:00, File description = MS General Packet Classifier, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2116352398|0x6667d07854a3ae7715d22b82761cf0e7|
\SystemRoot\system32\DRIVERS\wanarp.sys ("C:\WINNT\system32\drivers\wanarp.sys") File version = 5.00.2195.6601, File size = 32272, File modification date = 14/07/2003 12:00, File description = MS Remote Access and Routing ARP Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |413045311|0xaa8c76dfc4afa72f09fdbc6621b7d38d|
\SystemRoot\System32\Drivers\SYMTDI.SYS ("C:\WINNT\system32\drivers\symtdi.sys") File version = 5.3.5.3, File size = 263736, File modification date = 12/06/2004 02:28, File description = Network Dispatch Driver, Product Name = Symantec Security Drivers, Product version = 5.3.5, Company name = Symantec Corporation (Copyright 2002, 2003 Symantec Corporation) |2004971312|0xec1a39493fb104d317e8271162a74b94|
\??\C:\Program Files\Symantec\SYMEVENT.SYS ("\\?\c:\program files\symantec\symevent.sys") File version = 11.4.0.6, File size = 82832, File modification date = 05/03/2004 07:46, File description = Symantec Event Library, Product Name = SYMEVENT, Product version = 11.4.0.6, Company name = Symantec Corporation (Copyright (C) Symantec Corporation 1992-2003) |1823223223|0x42123611a49c33536ab29bdd852a9f5e|
\SystemRoot\system32\DRIVERS\netbt.sys ("C:\WINNT\system32\drivers\netbt.sys") File version = 5.00.2195.7006, File size = 175632, File modification date = 08/04/2005 11:51, File description = MBT Transport driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7006, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1487587570|0xa7ca87628217bbf4a6f501db65b19e9d|
\SystemRoot\system32\DRIVERS\netbios.sys ("C:\WINNT\system32\drivers\netbios.sys") File version = 5.00.2149.1, File size = 33456, File modification date = 14/07/2003 12:00, File description = NetBIOS interface driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2149.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |66866062|0x5151e6020a26bf7bc21c18fd612506bd|
\??\C:\Program Files\Symantec AntiVirus\savrt.sys ("\\?\c:\program files\symantec antivirus\savrt.sys") File version = 9.3.0.28, File size = 301200, File modification date = 09/02/2004 23:43, File description = AutoProtect, Product Name = Symantec AntiVirus AutoProtect, Product version = 9.3, Company name = Symantec Corporation (Copyright (c) 2003 Symantec Corporation) |637141988|0xc8023be4dda22a52cd2f60d9cb9b3985|
\??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys ("\\?\c:\program files\symantec antivirus\savrtpel.sys") File version = 9.3.0.28, File size = 37008, File modification date = 09/02/2004 23:43, File description = SAVRTPEL, Product Name = Symantec AntiVirus AutoProtect, Product version = 9.3, Company name = Symantec Corporation (Copyright (c) 2003 Symantec Corporation) |339836605|0x30547fd7692dc799a0b397b2b918a158|
\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090927.002\navex15.sys ("\\?\c:\progra~1\common~1\symant~1\virusd~1\20090927.002\navex15.sys") File version = 20091.2.0.41, File size = 1323568, File modification date = 27/09/2009 08:00, File description = AV Engine, Product Name = Symantec Antivirus Engine, Product version = 20091.2.0.41, Company name = Symantec Corporation (Copyright (C) 1991-2009 Symantec Corporation.) |-2145685123|0x6176ce576509ee71bac1b61fc8f1f138|
\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090927.002\naveng.sys ("\\?\c:\progra~1\common~1\symant~1\virusd~1\20090927.002\naveng.sys") File version = 20091.2.0.41, File size = 84912, File modification date = 27/09/2009 08:00, File description = AV Engine, Product Name = Symantec Antivirus Engine, Product version = 20091.2.0.41, Company name = Symantec Corporation (Copyright (C) 1991-2009 Symantec Corporation.) |-1761490666|0x78d629767dbcdbb1ee888f4fda841acd|
\SystemRoot\system32\DRIVERS\rdbss.sys ("C:\WINNT\system32\drivers\rdbss.sys") File version = 5.00.2195.7174, File size = 170800, File modification date = 27/08/2008 16:28, File description = Redirected Drive Buffering SubSystem Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7174, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1411474530|0xd3d07ae9194f714a2867717310df9fd1|
\SystemRoot\system32\DRIVERS\mrxsmb.sys ("C:\WINNT\system32\drivers\mrxsmb.sys") File version = 5.00.2195.7174, File size = 416016, File modification date = 27/08/2008 16:29, File description = Windows NT SMB Minirdr, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7174, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1023167358|0xc16e6c7d333491a7ef376b8cbde7061b|
\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys ("\\?\c:\program files\common files\symantec shared\eengine\eectrl.sys") File version = 107.4.1.2, File size = 385072, File modification date = 14/04/2008 08:00, File description = Symantec Eraser Control Driver, Product Name = ERASER ENGINE, Product version = 107.4.1.2, Company name = Symantec Corporation (Copyright (c) 2000-2007 Symantec Corporation. All rights reserved.) |1020285442|0xe89cc1363cb7f5320ae3b41c1333d0c3|
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\??\C:\WINNT\system32\win32k.sys ("\\?\c:\winnt\system32\win32k.sys") File version = 5.00.2195.7133, File size = 1641936, File modification date = 06/03/2007 06:12, File description = Multi-User Win32 Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7133, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1042500156|0x3300f4071ba093b9a623066a37efc692|
\SystemRoot\System32\s3gnb.dll ("C:\WINNT\system32\s3gnb.dll") File version = 6.14.10.0033-13.94.33, File size = 401280, File modification date = 13/08/2004 20:42, File description = S3 ProSavage(DDR) & Twister Display Driver, Product Name = S3 ProSavage(DDR) & Twister Display Driver, Product version = 6.14.10.0033-13.94.33, Company name = S3 Graphics, Inc. (Copyright (c) 2004 by S3 Graphics, Inc.) |1431086924|0x32c321a53ed884c86b9737a40c499acb|
\SystemRoot\System32\drivers\afd.sys ("C:\WINNT\system32\drivers\afd.sys") File version = 5.00.2195.7158, File size = 119152, File modification date = 08/05/2008 08:38, File description = Ancillary Function Driver for WinSock, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |250755651|0xe333e10e840a7f1c6017c26855250b76|
\SystemRoot\system32\drivers\wdmaud.sys ("C:\WINNT\system32\drivers\wdmaud.sys") File version = 5.00.2195.6655, File size = 73872, File modification date = 19/06/2003 12:05, File description = MMSYSTEM Wave/Midi API mapper, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |169788773|0x997d25513bc89614417829b5bec7c75c|
\SystemRoot\system32\drivers\sysaudio.sys ("C:\WINNT\system32\drivers\sysaudio.sys") File version = 5.00.2195.6655, File size = 47568, File modification date = 19/06/2003 12:05, File description = System Audio WDM Filter, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-56662383|0x6c14d96f8c1ba929fad4ba40a29217fa|
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS ("C:\WINNT\system32\drivers\hidclass.sys") File version = 5.00.2195.6655, File size = 24752, File modification date = 14/07/2003 12:00, File description = Hid Class Library, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1815151107|0x12c7623b8ffddf62aaacbd02af5e59ad|
\SystemRoot\System32\Drivers\ParVdm.SYS ("C:\WINNT\system32\drivers\parvdm.sys") File version = 5.00.2135.1, File size = 6512, File modification date = 14/07/2003 12:00, File description = VDM Parallel Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2135.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1297324735|0x888f6a6ad5810f5828de594e17fe8f3b|
\SystemRoot\System32\Drivers\Fips.SYS ("C:\WINNT\system32\drivers\fips.sys") File version = 5.00.2195.1569, File size = 33616, File modification date = 14/07/2003 12:00, File description = FIPS Crypto Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.1569, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |227328266|0xb27a36d4725a362a13d0c52ad6c7175b|
\??\C:\WINNT\system32\Drivers\LxrSII1d.sys ("\\?\c:\winnt\system32\drivers\lxrsii1d.sys") File version = (null), File size = 70016, File modification date = 19/05/2005 23:48, File description = (null), Product Name = (null), Product version = (null), Company name = (null) |1519015183|0xdb7f488269290a8c1907602b7f4c213d|
\SystemRoot\system32\DRIVERS\srv.sys ("C:\WINNT\system32\drivers\srv.sys") File version = 5.00.2195.7222, File size = 239472, File modification date = 11/12/2008 12:09, File description = Server driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7222, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-612387434|0xec93828331107576c61c769f95582d58|
\SystemRoot\system32\SetupNT.sys ("C:\WINNT\system32\setupnt.sys") File version = (null), File size = 3000, File modification date = 25/10/2000 12:27, File description = (null), Product Name = (null), Product version = (null), Company name = (null) |1216739109|0x549ea830a5d9edd9cd14311126c2849b|
\??\C:\WINNT\system32\drivers\tmcomm.sys ("\\?\c:\winnt\system32\drivers\tmcomm.sys") File version = 1.6.0.1059, File size = 102664, File modification date = 19/10/2009 23:35, File description = TrendMicro Common Module, Product Name = ActiveClean, Product version = 1.6, Company name = Trend Micro Inc. (Copyright (C) 2005-2007 Trend Micro Incorporated. All rights reserved.) |573041654|0xdf8444a8fa8fd38d8848bdd40a8403b3|
\SystemRoot\System32\Drivers\Cdfs.SYS ("C:\WINNT\system32\drivers\cdfs.sys") File version = 5.00.2195.7006, File size = 63248, File modification date = 08/04/2005 11:51, File description = CD-ROM File System Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7006, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1586303086|0x66c19373d5eb657fb028133bde5d2acb|
\SystemRoot\System32\Drivers\Fastfat.SYS ("C:\WINNT\system32\drivers\fastfat.sys") File version = 5.00.2195.7061, File size = 142288, File modification date = 19/07/2005 10:44, File description = Fast FAT File System Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7061, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |244396023|0x533478c99ca81fd700bcf6a2754ce793|
\SystemRoot\system32\drivers\kmixer.sys ("C:\WINNT\system32\drivers\kmixer.sys") File version = 5.00.2195.6655, File size = 148304, File modification date = 19/06/2003 12:05, File description = Kernel Mode Audio Mixer, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1778557455|0x8e198ec9e823aa42edf45b07efe395ac|
\WINNT\system32\NTDLL.DLL ("c:\winnt\system32\ntdll.dll") File version = 5.00.2195.7006, File size = 483600, File modification date = 16/08/2005 09:39, File description = NT Layer DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7006, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1093949723|0x4c0f0b57de8c1669aa6f49d285b3865a|

Runned processes/modules:

PROCESS System, PID = 8, USER = , Command Line =

PROCESS smss, PID = 148, USER = NT AUTHORITY\SYSTEM (Group - BUILTIN\Administrators, Everyone, NT AUTHORITY\Authenticated Users), Command Line =
\SystemRoot\System32\smss.exe, MID = 48580000, ("C:\WINNT\system32\smss.exe") File version = 5.00.2195.6601, File size = 45840, File modification date = 14/07/2003 12:00, File description = Windows NT Session Manager, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1192553804|0xf07c69367770a1c129a22f9158afaa2b|
C:\WINNT\system32\ntdll.dll, MID = 77f80000, ("c:\winnt\system32\ntdll.dll") File version = 5.00.2195.7006, File size = 483600, File modification date = 16/08/2005 09:39, File description = NT Layer DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7006, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1093949723|0x4c0f0b57de8c1669aa6f49d285b3865a|
C:\WINNT\System32\sfcfiles.dll, MID = 68010000, ("c:\winnt\system32\sfcfiles.dll") File version = 5.00.2195.7038, File size = 973072, File modification date = 08/04/2005 10:34, File description = Windows 2000 System File Checker, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7038, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1300472552|0x7645645bb506c26b96b8f31893378c4b|

PROCESS csrss, PID = 176, USER = NT AUTHORITY\SYSTEM (Group - BUILTIN\Administrators, Everyone, NT AUTHORITY\Authenticated Users), Command Line = C:\WINNT\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
"c:\winnt\system32\csrss.exe" File version = 5.00.2195.6601, File size = 5392, File modification date = 14/07/2003 12:00, File description = Client Server Runtime Process, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |411251858|0x6533392c5af4bf5c7ff12e453dd59ae5|
"c:\winnt\system32\basesrv.dll" File version = 5.00.2195.7011, File size = 46352, File modification date = 12/01/2005 19:39, File description = Windows NT BASE API Server DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7011, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-487791443|0x4daebd9f0f5b16fbdae8f26cd4ab7b74|
\??\C:\WINNT\system32\csrss.exe, MID = 5fff0000, ("\\?\c:\winnt\system32\csrss.exe") File version = 5.00.2195.6601, File size = 5392, File modification date = 14/07/2003 12:00, File description = Client Server Runtime Process, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |411251858|0x6533392c5af4bf5c7ff12e453dd59ae5|
C:\WINNT\system32\ntdll.dll, MID = 77f80000, ("c:\winnt\system32\ntdll.dll") File version = 5.00.2195.7006, File size = 483600, File modification date = 16/08/2005 09:39, File description = NT Layer DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7006, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1093949723|0x4c0f0b57de8c1669aa6f49d285b3865a|
C:\WINNT\system32\CSRSRV.dll, MID = 5ff90000, ("c:\winnt\system32\csrsrv.dll") File version = 5.00.2195.6824, File size = 35088, File modification date = 13/01/2005 09:09, File description = Client Server Runtime Process, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6824, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-198044422|0xa863252332fffe4c530b5f1aa2cbb292|
C:\WINNT\system32\basesrv.dll, MID = 5ffa0000, ("c:\winnt\system32\basesrv.dll") File version = 5.00.2195.7011, File size = 46352, File modification date = 12/01/2005 19:39, File description = Windows NT BASE API Server DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7011, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-487791443|0x4daebd9f0f5b16fbdae8f26cd4ab7b74|
C:\WINNT\system32\winsrv.dll, MID = 7cc30000, ("c:\winnt\system32\winsrv.dll") File version = 5.00.2195.7135, File size = 245520, File modification date = 13/03/2007 09:44, File description = Windows Server DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7135, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1534871728|0xe3211e4884a21375f4d64a4b3986bca3|
C:\WINNT\system32\USER32.dll, MID = 77e10000, ("c:\winnt\system32\user32.dll") File version = 5.00.2195.7133, File size = 381200, File modification date = 06/03/2007 11:17, File description = Windows 2000 USER API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7133, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |428782839|0x40023a7103796b1af6ca41a6dbc54775|
C:\WINNT\system32\KERNEL32.dll, MID = 7c570000, ("c:\winnt\system32\kernel32.dll") File version = 5.00.2195.7135, File size = 712976, File modification date = 16/04/2007 12:44, File description = Windows NT BASE API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7135, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1984583957|0x0ab23b46ccaeba64d748a5cf79cb4bb6|
C:\WINNT\system32\GDI32.dll, MID = 77f40000, ("c:\winnt\system32\gdi32.dll") File version = 5.00.2195.7205, File size = 237840, File modification date = 23/10/2008 05:27, File description = GDI Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7205, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-509084252|0xddc864563d0c543cbed08f32864a87a9|
C:\WINNT\system32\MSVCRT.dll, MID = 78000000, ("c:\winnt\system32\msvcrt.dll") File version = 6.10.9844.0, File size = 286773, File modification date = 14/07/2003 12:00, File description = Microsoft (R) C Runtime Library, Product Name = Microsoft (R) Visual C++, Product version = 6.10.9844.0, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-229369582|0xba7be6f92680b28b9031170659fd222d|
C:\WINNT\system32\advapi32.dll, MID = 7c2d0000, ("c:\winnt\system32\advapi32.dll") File version = 5.00.2195.7038, File size = 401168, File modification date = 21/04/2005 08:08, File description = Advanced Windows 32 Base API, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7038, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1396536984|0x67d5fc28cab4066922da01eb9c28167a|
C:\WINNT\system32\RPCRT4.dll, MID = 77d30000, ("c:\winnt\system32\rpcrt4.dll") File version = 5.00.2195.7090, File size = 439056, File modification date = 17/07/2007 06:42, File description = Remote Procedure Call Runtime, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7090, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-897039946|0xe11ad7a9e8320ad76954eab83356efbe|
C:\WINNT\system32\Secur32.dll, MID = 7c340000, ("c:\winnt\system32\secur32.dll") File version = 5.00.2195.6695, File size = 48912, File modification date = 14/07/2003 12:00, File description = Security Support Provider Interface, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6695, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1886565331|0x0d6b5a519879138244ef3f8549c02432|

Robert09
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2009-10-14
OS OS : 2000 Pro
Points Points : 26223
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Robert09 on Fri Oct 23, 2009 10:48 pm

PROCESS sp_rsser, PID = 648, USER = NT AUTHORITY\SYSTEM (Group - BUILTIN\Administrators, Everyone, NT AUTHORITY\Authenticated Users), Command Line = "C:\Program Files\Spyware Terminator\sp_rsser.exe"
"c:\program files\spyware terminator\sp_rsser.exe" File version = 2.5.0.511, File size = 487424, File modification date = 13/10/2009 23:43, File description = Spyware Terminator Realtime Shield Service, Product Name = Crawler Spyware Terminator, Product version = (null), Company name = Crawler.com (© Crawler.com) |-701443166|0xaa21cf891d0d8248eca1e9ba201acbef|
C:\Program Files\Spyware Terminator\sp_rsser.exe, MID = 400000, ("c:\program files\spyware terminator\sp_rsser.exe") File version = 2.5.0.511, File size = 487424, File modification date = 13/10/2009 23:43, File description = Spyware Terminator Realtime Shield Service, Product Name = Crawler Spyware Terminator, Product version = (null), Company name = Crawler.com (© Crawler.com) |-701443166|0xaa21cf891d0d8248eca1e9ba201acbef|
C:\WINNT\system32\ntdll.dll, MID = 77f80000, ("c:\winnt\system32\ntdll.dll") File version = 5.00.2195.7006, File size = 483600, File modification date = 16/08/2005 09:39, File description = NT Layer DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7006, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1093949723|0x4c0f0b57de8c1669aa6f49d285b3865a|
C:\WINNT\system32\oleaut32.dll, MID = 779b0000, ("c:\winnt\system32\oleaut32.dll") File version = 2.40.4532, File size = 631056, File modification date = 05/12/2007 10:40, File description = (null), Product Name = (null), Product version = 2.40.4532, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-1998.) |1026888533|0x6c81e3b6dde5b04290f4429f64b4959d|
C:\WINNT\system32\ole32.dll, MID = 7ce20000, ("c:\winnt\system32\ole32.dll") File version = 5.00.2195.7059, File size = 957712, File modification date = 05/09/2005 08:18, File description = Microsoft OLE for Windows, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7059, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1440050145|0x7f22f0fb5437b1b83bca7380385faf2d|
C:\WINNT\system32\RPCRT4.dll, MID = 77d30000, ("c:\winnt\system32\rpcrt4.dll") File version = 5.00.2195.7090, File size = 439056, File modification date = 17/07/2007 06:42, File description = Remote Procedure Call Runtime, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7090, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-897039946|0xe11ad7a9e8320ad76954eab83356efbe|
C:\WINNT\system32\KERNEL32.dll, MID = 7c570000, ("c:\winnt\system32\kernel32.dll") File version = 5.00.2195.7135, File size = 712976, File modification date = 16/04/2007 12:44, File description = Windows NT BASE API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7135, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1984583957|0x0ab23b46ccaeba64d748a5cf79cb4bb6|
C:\WINNT\system32\Secur32.dll, MID = 7c340000, ("c:\winnt\system32\secur32.dll") File version = 5.00.2195.6695, File size = 48912, File modification date = 14/07/2003 12:00, File description = Security Support Provider Interface, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6695, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1886565331|0x0d6b5a519879138244ef3f8549c02432|
C:\WINNT\system32\ADVAPI32.DLL, MID = 7c2d0000, ("c:\winnt\system32\advapi32.dll") File version = 5.00.2195.7038, File size = 401168, File modification date = 21/04/2005 08:08, File description = Advanced Windows 32 Base API, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7038, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1396536984|0x67d5fc28cab4066922da01eb9c28167a|
C:\WINNT\system32\GDI32.dll, MID = 77f40000, ("c:\winnt\system32\gdi32.dll") File version = 5.00.2195.7205, File size = 237840, File modification date = 23/10/2008 05:27, File description = GDI Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7205, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-509084252|0xddc864563d0c543cbed08f32864a87a9|
C:\WINNT\system32\USER32.dll, MID = 77e10000, ("c:\winnt\system32\user32.dll") File version = 5.00.2195.7133, File size = 381200, File modification date = 06/03/2007 11:17, File description = Windows 2000 USER API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7133, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |428782839|0x40023a7103796b1af6ca41a6dbc54775|
C:\WINNT\system32\shell32.dll, MID = 7cf30000, ("c:\winnt\system32\shell32.dll") File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
C:\WINNT\system32\SHLWAPI.dll, MID = 70bd0000, ("c:\winnt\system32\shlwapi.dll") File version = 6.00.2800.1106, File size = 395264, File modification date = 29/08/2002 14:14, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |548690860|0x77e607bcfb09e6958fe58b0345ec48c6|
C:\WINNT\system32\msvcrt.dll, MID = 78000000, ("c:\winnt\system32\msvcrt.dll") File version = 6.10.9844.0, File size = 286773, File modification date = 14/07/2003 12:00, File description = Microsoft (R) C Runtime Library, Product Name = Microsoft (R) Visual C++, Product version = 6.10.9844.0, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-229369582|0xba7be6f92680b28b9031170659fd222d|
C:\WINNT\system32\COMCTL32.dll, MID = 71710000, ("c:\winnt\system32\comctl32.dll") File version = 5.81, File size = 529680, File modification date = 29/08/2002 14:14, File description = Common Controls Library, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.50.4916.400, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-2001) |163435159|0x9edc93cc795dff919c6cd953912838a9|
C:\WINNT\system32\SHFolder.dll, MID = 719b0000, ("c:\winnt\system32\shfolder.dll") File version = 6.00.2800.1106, File size = 22528, File modification date = 29/08/2002 14:14, File description = Shell Folder Service, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-449221516|0xb52fe46bf6c62bc5c427c7fceaeccc18|
C:\WINNT\system32\version.dll, MID = 77820000, ("c:\winnt\system32\version.dll") File version = 5.00.2195.6623, File size = 16144, File modification date = 14/07/2003 12:00, File description = Version Checking and File Installation Libraries, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6623, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-190638979|0xca34bd29eb86bd772d59d35b959d43ee|
C:\WINNT\system32\LZ32.DLL, MID = 759b0000, ("c:\winnt\system32\lz32.dll") File version = 5.00.2195.6611, File size = 10000, File modification date = 14/07/2003 12:00, File description = LZ Expand/Compress API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6611, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1264502935|0x486298f7d8f63d3c441579783541a01b|
C:\WINNT\system32\NTMARTA.DLL, MID = 69bf0000, ("c:\winnt\system32\ntmarta.dll") File version = 5.00.2195.6666, File size = 102672, File modification date = 14/07/2003 12:00, File description = Windows NT MARTA provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6666, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1389764210|0x65ae65d9ee439a16f5acf10e37f41897|
C:\WINNT\system32\WINSPOOL.DRV, MID = 77800000, ("c:\winnt\system32\winspool.drv") File version = 5.00.2195.6659, File size = 113936, File modification date = 14/07/2003 12:00, File description = Windows Spooler Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6659, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |922778299|0xe58bf969aa9e4c548473474d8e9d971a|
C:\WINNT\system32\MPR.DLL, MID = 76620000, ("c:\winnt\system32\mpr.dll") File version = 5.00.2195.7134, File size = 54032, File modification date = 16/04/2007 12:44, File description = Multiple Provider Router DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7134, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1720145585|0xbbe0c0025a82681055660d91cef145ef|
C:\WINNT\system32\WLDAP32.dll, MID = 77950000, ("c:\winnt\system32\wldap32.dll") File version = 5.00.2195.7017, File size = 146192, File modification date = 08/04/2005 11:54, File description = Win32 LDAP API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7017, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1717065883|0x0da1335235dc386dab3c2329bcf2d4ee|
C:\WINNT\system32\SAMLIB.dll, MID = 75150000, ("c:\winnt\system32\samlib.dll") File version = 5.00.2195.6944, File size = 51984, File modification date = 08/04/2005 11:54, File description = SAM Library DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6944, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1155014648|0xabda35a92538d23407d3f394f5179002|
C:\WINNT\system32\NTDSAPI.dll, MID = 77bf0000, ("c:\winnt\system32\ntdsapi.dll") File version = 5.00.2195.6666, File size = 57616, File modification date = 14/07/2003 12:00, File description = NT5DS, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6666, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |792560724|0x1a9f0053b554fd71730b21e23458bc53|
C:\WINNT\system32\DNSAPI.DLL, MID = 77980000, ("c:\winnt\system32\dnsapi.dll") File version = 5.00.2195.7158, File size = 137488, File modification date = 25/06/2008 09:41, File description = DNS Client API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2059941658|0xf2ec571dbba43735147910f800059fac|
C:\WINNT\system32\WSOCK32.dll, MID = 75050000, ("c:\winnt\system32\wsock32.dll") File version = 5.00.2195.6603, File size = 21776, File modification date = 14/07/2003 12:00, File description = Windows Socket 32-Bit DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6603, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1515024278|0x183d2d8e28a0393b4798addd46ad27b0|
C:\WINNT\system32\WS2_32.DLL, MID = 75030000, ("c:\winnt\system32\ws2_32.dll") File version = 5.00.2195.6601, File size = 69904, File modification date = 14/07/2003 12:00, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2119670867|0x0190c62de42396d78db9be771cf2403e|
C:\WINNT\system32\WS2HELP.DLL, MID = 75020000, ("c:\winnt\system32\ws2help.dll") File version = 5.00.2134.1, File size = 18192, File modification date = 14/07/2003 12:00, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1302601384|0x28336b1300ec048124197091354251b6|
C:\WINNT\system32\NETAPI32.DLL, MID = 7cdc0000, ("c:\winnt\system32\netapi32.dll") File version = 5.00.2195.7203, File size = 310032, File modification date = 17/10/2008 17:41, File description = Net Win32 API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7203, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |439070768|0x7bbba94bcae7b4371254167c24972dfc|
C:\WINNT\system32\NETRAP.dll, MID = 751c0000, ("c:\winnt\system32\netrap.dll") File version = 5.00.2134.1, File size = 11536, File modification date = 14/07/2003 12:00, File description = Net Remote Admin Protocol DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1388728333|0x3de628eb3d632875b8a24bdc53e67277|
C:\WINNT\system32\psapi.dll, MID = 690a0000, ("c:\winnt\system32\psapi.dll") File version = 5.00.2134.1, File size = 28944, File modification date = 14/07/2003 12:00, File description = Process Status Helper, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1643079480|0x7f7005d2f1d9c579179807818c3ac4c7|

PROCESS stisvc, PID = 676, USER = NT AUTHORITY\SYSTEM (Group - BUILTIN\Administrators, Everyone, NT AUTHORITY\Authenticated Users), Command Line = C:\WINNT\system32\stisvc.exe
"c:\winnt\system32\stisvc.exe" File version = 5.00.2195.6656, File size = 61712, File modification date = 14/07/2003 12:00, File description = Still Image Devices Monitor, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6656, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1996-1997) |-1090273697|0xb75235626b950ff821146555c612f814|
C:\WINNT\system32\stisvc.exe, MID = 1000000, ("c:\winnt\system32\stisvc.exe") File version = 5.00.2195.6656, File size = 61712, File modification date = 14/07/2003 12:00, File description = Still Image Devices Monitor, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6656, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1996-1997) |-1090273697|0xb75235626b950ff821146555c612f814|
C:\WINNT\system32\ntdll.dll, MID = 77f80000, ("c:\winnt\system32\ntdll.dll") File version = 5.00.2195.7006, File size = 483600, File modification date = 16/08/2005 09:39, File description = NT Layer DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7006, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1093949723|0x4c0f0b57de8c1669aa6f49d285b3865a|
C:\WINNT\system32\MSVCRT.dll, MID = 78000000, ("c:\winnt\system32\msvcrt.dll") File version = 6.10.9844.0, File size = 286773, File modification date = 14/07/2003 12:00, File description = Microsoft (R) C Runtime Library, Product Name = Microsoft (R) Visual C++, Product version = 6.10.9844.0, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-229369582|0xba7be6f92680b28b9031170659fd222d|
C:\WINNT\system32\KERNEL32.dll, MID = 7c570000, ("c:\winnt\system32\kernel32.dll") File version = 5.00.2195.7135, File size = 712976, File modification date = 16/04/2007 12:44, File description = Windows NT BASE API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7135, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1984583957|0x0ab23b46ccaeba64d748a5cf79cb4bb6|
C:\WINNT\system32\ADVAPI32.dll, MID = 7c2d0000, ("c:\winnt\system32\advapi32.dll") File version = 5.00.2195.7038, File size = 401168, File modification date = 21/04/2005 08:08, File description = Advanced Windows 32 Base API, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7038, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1396536984|0x67d5fc28cab4066922da01eb9c28167a|
C:\WINNT\system32\RPCRT4.dll, MID = 77d30000, ("c:\winnt\system32\rpcrt4.dll") File version = 5.00.2195.7090, File size = 439056, File modification date = 17/07/2007 06:42, File description = Remote Procedure Call Runtime, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7090, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-897039946|0xe11ad7a9e8320ad76954eab83356efbe|
C:\WINNT\system32\Secur32.dll, MID = 7c340000, ("c:\winnt\system32\secur32.dll") File version = 5.00.2195.6695, File size = 48912, File modification date = 14/07/2003 12:00, File description = Security Support Provider Interface, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6695, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1886565331|0x0d6b5a519879138244ef3f8549c02432|
C:\WINNT\system32\USER32.dll, MID = 77e10000, ("c:\winnt\system32\user32.dll") File version = 5.00.2195.7133, File size = 381200, File modification date = 06/03/2007 11:17, File description = Windows 2000 USER API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7133, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |428782839|0x40023a7103796b1af6ca41a6dbc54775|
C:\WINNT\system32\GDI32.dll, MID = 77f40000, ("c:\winnt\system32\gdi32.dll") File version = 5.00.2195.7205, File size = 237840, File modification date = 23/10/2008 05:27, File description = GDI Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7205, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-509084252|0xddc864563d0c543cbed08f32864a87a9|
C:\WINNT\system32\SETUPAPI.dll, MID = 77880000, ("c:\winnt\system32\setupapi.dll") File version = 5.00.2195.6622, File size = 570128, File modification date = 14/07/2003 12:00, File description = Windows Setup API, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6622, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-895472665|0x9726125daa47dcbf34f53cef8c677b9c|
C:\WINNT\system32\USERENV.DLL, MID = 7c0f0000, ("c:\winnt\system32\userenv.dll") File version = 5.00.2195.7002, File size = 399120, File modification date = 08/04/2005 11:54, File description = Userenv, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7002, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2111145570|0x099cd26e9c34225002e4477c8ac8dcb0|
C:\WINNT\system32\STI.dll, MID = 67330000, ("c:\winnt\system32\sti.dll") File version = 5.00.2195.6656, File size = 41744, File modification date = 14/07/2003 12:00, File description = Still Image Devices DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6656, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1996-1997) |-2092542102|0xc0978492270070751491800d4d5cfca1|
C:\WINNT\system32\COMCTL32.dll, MID = 71710000, ("c:\winnt\system32\comctl32.dll") File version = 5.81, File size = 529680, File modification date = 29/08/2002 14:14, File description = Common Controls Library, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.50.4916.400, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-2001) |163435159|0x9edc93cc795dff919c6cd953912838a9|
C:\WINNT\system32\essiscnb.dll, MID = 10000000, ("c:\winnt\system32\essiscnb.dll") File version = 1.20, File size = 53248, File modification date = 08/02/2002 08:00, File description = User Mode Mini Drv., Product Name = User mode Mini Drv., Product version = 1.2, Company name = SEIKO EPSON CORP. (Copyright (C) SEIKO EPSON CORP. 1998) |1301691279|0xa87596c7bb6aefbc1d2f18e5b0b121f2|
C:\WINNT\system32\NTMARTA.DLL, MID = 69bf0000, ("c:\winnt\system32\ntmarta.dll") File version = 5.00.2195.6666, File size = 102672, File modification date = 14/07/2003 12:00, File description = Windows NT MARTA provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6666, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1389764210|0x65ae65d9ee439a16f5acf10e37f41897|
C:\WINNT\system32\WINSPOOL.DRV, MID = 77800000, ("c:\winnt\system32\winspool.drv") File version = 5.00.2195.6659, File size = 113936, File modification date = 14/07/2003 12:00, File description = Windows Spooler Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6659, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |922778299|0xe58bf969aa9e4c548473474d8e9d971a|
C:\WINNT\system32\MPR.DLL, MID = 76620000, ("c:\winnt\system32\mpr.dll") File version = 5.00.2195.7134, File size = 54032, File modification date = 16/04/2007 12:44, File description = Multiple Provider Router DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7134, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1720145585|0xbbe0c0025a82681055660d91cef145ef|
C:\WINNT\system32\WLDAP32.dll, MID = 77950000, ("c:\winnt\system32\wldap32.dll") File version = 5.00.2195.7017, File size = 146192, File modification date = 08/04/2005 11:54, File description = Win32 LDAP API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7017, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1717065883|0x0da1335235dc386dab3c2329bcf2d4ee|
C:\WINNT\system32\SAMLIB.dll, MID = 75150000, ("c:\winnt\system32\samlib.dll") File version = 5.00.2195.6944, File size = 51984, File modification date = 08/04/2005 11:54, File description = SAM Library DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6944, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1155014648|0xabda35a92538d23407d3f394f5179002|
C:\WINNT\system32\NTDSAPI.dll, MID = 77bf0000, ("c:\winnt\system32\ntdsapi.dll") File version = 5.00.2195.6666, File size = 57616, File modification date = 14/07/2003 12:00, File description = NT5DS, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6666, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |792560724|0x1a9f0053b554fd71730b21e23458bc53|
C:\WINNT\system32\DNSAPI.DLL, MID = 77980000, ("c:\winnt\system32\dnsapi.dll") File version = 5.00.2195.7158, File size = 137488, File modification date = 25/06/2008 09:41, File description = DNS Client API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2059941658|0xf2ec571dbba43735147910f800059fac|
C:\WINNT\system32\WSOCK32.dll, MID = 75050000, ("c:\winnt\system32\wsock32.dll") File version = 5.00.2195.6603, File size = 21776, File modification date = 14/07/2003 12:00, File description = Windows Socket 32-Bit DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6603, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1515024278|0x183d2d8e28a0393b4798addd46ad27b0|
C:\WINNT\system32\WS2_32.DLL, MID = 75030000, ("c:\winnt\system32\ws2_32.dll") File version = 5.00.2195.6601, File size = 69904, File modification date = 14/07/2003 12:00, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2119670867|0x0190c62de42396d78db9be771cf2403e|
C:\WINNT\system32\WS2HELP.DLL, MID = 75020000, ("c:\winnt\system32\ws2help.dll") File version = 5.00.2134.1, File size = 18192, File modification date = 14/07/2003 12:00, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1302601384|0x28336b1300ec048124197091354251b6|
C:\WINNT\system32\NETAPI32.DLL, MID = 7cdc0000, ("c:\winnt\system32\netapi32.dll") File version = 5.00.2195.7203, File size = 310032, File modification date = 17/10/2008 17:41, File description = Net Win32 API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7203, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |439070768|0x7bbba94bcae7b4371254167c24972dfc|
C:\WINNT\system32\NETRAP.dll, MID = 751c0000, ("c:\winnt\system32\netrap.dll") File version = 5.00.2134.1, File size = 11536, File modification date = 14/07/2003 12:00, File description = Net Remote Admin Protocol DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1388728333|0x3de628eb3d632875b8a24bdc53e67277|
C:\WINNT\system32\ole32.dll, MID = 7ce20000, ("c:\winnt\system32\ole32.dll") File version = 5.00.2195.7059, File size = 957712, File modification date = 05/09/2005 08:18, File description = Microsoft OLE for Windows, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7059, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1440050145|0x7f22f0fb5437b1b83bca7380385faf2d|
C:\WINNT\system32\SHLWAPI.dll, MID = 70bd0000, ("c:\winnt\system32\shlwapi.dll") File version = 6.00.2800.1106, File size = 395264, File modification date = 29/08/2002 14:14, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |548690860|0x77e607bcfb09e6958fe58b0345ec48c6|

Robert09
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2009-10-14
OS OS : 2000 Pro
Points Points : 26223
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Robert09 on Fri Oct 23, 2009 10:50 pm

PROCESS Rtvscan, PID = 700, USER = NT AUTHORITY\SYSTEM (Group - BUILTIN\Administrators, Everyone, NT AUTHORITY\Authenticated Users), Command Line = "C:\Program Files\Symantec AntiVirus\Rtvscan.exe"
"c:\program files\symantec antivirus\rtvscan.exe" File version = 9.0.1.1000, File size = 1267024, File modification date = 03/08/2004 03:36, File description = Symantec AntiVirus, Product Name = Symantec AntiVirus, Product version = 9.0.1.1000, Company name = Symantec Corporation (Copyright 1991 - 2004 Symantec Corporation. All rights reserved.) |477603674|0x825349e7566b49e583399ca821d3436a|
C:\Program Files\Symantec AntiVirus\Rtvscan.exe, MID = 400000, ("c:\program files\symantec antivirus\rtvscan.exe") File version = 9.0.1.1000, File size = 1267024, File modification date = 03/08/2004 03:36, File description = Symantec AntiVirus, Product Name = Symantec AntiVirus, Product version = 9.0.1.1000, Company name = Symantec Corporation (Copyright 1991 - 2004 Symantec Corporation. All rights reserved.) |477603674|0x825349e7566b49e583399ca821d3436a|
C:\WINNT\system32\ntdll.dll, MID = 77f80000, ("c:\winnt\system32\ntdll.dll") File version = 5.00.2195.7006, File size = 483600, File modification date = 16/08/2005 09:39, File description = NT Layer DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7006, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1093949723|0x4c0f0b57de8c1669aa6f49d285b3865a|
C:\WINNT\system32\CBA.DLL, MID = 501e0000, ("c:\winnt\system32\cba.dll") File version = 6.12.0.126 E, File size = 28723, File modification date = 17/12/2003 17:11, File description = CBA Interface Library, Product Name = Intel Common Base Agent, Product version = 6.12.0.126, Company name = Intel® Corporation (Copyright © 1997-2001 Intel® Corporation) |741506428|0x9494fb92dd9687e00edff2877b39c44f|
C:\WINNT\system32\MsgSys.dll, MID = 50240000, ("c:\winnt\system32\msgsys.dll") File version = 6.12.0.126 E, File size = 41017, File modification date = 17/12/2003 17:11, File description = CBA -- Message System Library, Product Name = Intel Common Base Agent, Product version = 6.12.0.126, Company name = Intel® Corporation (Copyright © 1997-2001 Intel® Corporation) |1222336727|0xe57541455e4900f58f9a8f063ffaf7a8|
C:\WINNT\system32\NTS.dll, MID = 50250000, ("c:\winnt\system32\nts.dll") File version = 6.12.0.126 E, File size = 77875, File modification date = 17/12/2003 17:11, File description = NTS, Product Name = Intel Common Base Agent, Product version = 6.12.0.126, Company name = Intel® Corporation (Copyright © 1997-2001 Intel® Corporation) |1419395149|0x094aa945fabe34a4479ab3f59fb93fd6|
C:\WINNT\system32\WSOCK32.dll, MID = 75050000, ("c:\winnt\system32\wsock32.dll") File version = 5.00.2195.6603, File size = 21776, File modification date = 14/07/2003 12:00, File description = Windows Socket 32-Bit DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6603, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1515024278|0x183d2d8e28a0393b4798addd46ad27b0|
C:\WINNT\system32\KERNEL32.DLL, MID = 7c570000, ("c:\winnt\system32\kernel32.dll") File version = 5.00.2195.7135, File size = 712976, File modification date = 16/04/2007 12:44, File description = Windows NT BASE API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7135, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1984583957|0x0ab23b46ccaeba64d748a5cf79cb4bb6|
C:\WINNT\system32\WS2_32.DLL, MID = 75030000, ("c:\winnt\system32\ws2_32.dll") File version = 5.00.2195.6601, File size = 69904, File modification date = 14/07/2003 12:00, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2119670867|0x0190c62de42396d78db9be771cf2403e|
C:\WINNT\system32\MSVCRT.DLL, MID = 78000000, ("c:\winnt\system32\msvcrt.dll") File version = 6.10.9844.0, File size = 286773, File modification date = 14/07/2003 12:00, File description = Microsoft (R) C Runtime Library, Product Name = Microsoft (R) Visual C++, Product version = 6.10.9844.0, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-229369582|0xba7be6f92680b28b9031170659fd222d|
C:\WINNT\system32\ADVAPI32.DLL, MID = 7c2d0000, ("c:\winnt\system32\advapi32.dll") File version = 5.00.2195.7038, File size = 401168, File modification date = 21/04/2005 08:08, File description = Advanced Windows 32 Base API, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7038, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1396536984|0x67d5fc28cab4066922da01eb9c28167a|
C:\WINNT\system32\RPCRT4.dll, MID = 77d30000, ("c:\winnt\system32\rpcrt4.dll") File version = 5.00.2195.7090, File size = 439056, File modification date = 17/07/2007 06:42, File description = Remote Procedure Call Runtime, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7090, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-897039946|0xe11ad7a9e8320ad76954eab83356efbe|
C:\WINNT\system32\Secur32.dll, MID = 7c340000, ("c:\winnt\system32\secur32.dll") File version = 5.00.2195.6695, File size = 48912, File modification date = 14/07/2003 12:00, File description = Security Support Provider Interface, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6695, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1886565331|0x0d6b5a519879138244ef3f8549c02432|
C:\WINNT\system32\WS2HELP.DLL, MID = 75020000, ("c:\winnt\system32\ws2help.dll") File version = 5.00.2134.1, File size = 18192, File modification date = 14/07/2003 12:00, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1302601384|0x28336b1300ec048124197091354251b6|
C:\WINNT\system32\MSWSOCK.dll, MID = 74ff0000, ("c:\winnt\system32\mswsock.dll") File version = 5.00.2195.7158, File size = 64784, File modification date = 25/06/2008 09:41, File description = Microsoft WinSock Extension APIs, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |423330694|0x01cfd70ce36df6857c1c952fc0e6e875|
C:\WINNT\system32\USER32.dll, MID = 77e10000, ("c:\winnt\system32\user32.dll") File version = 5.00.2195.7133, File size = 381200, File modification date = 06/03/2007 11:17, File description = Windows 2000 USER API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7133, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |428782839|0x40023a7103796b1af6ca41a6dbc54775|
C:\WINNT\system32\GDI32.dll, MID = 77f40000, ("c:\winnt\system32\gdi32.dll") File version = 5.00.2195.7205, File size = 237840, File modification date = 23/10/2008 05:27, File description = GDI Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7205, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-509084252|0xddc864563d0c543cbed08f32864a87a9|
C:\WINNT\system32\DNSAPI.dll, MID = 77980000, ("c:\winnt\system32\dnsapi.dll") File version = 5.00.2195.7158, File size = 137488, File modification date = 25/06/2008 09:41, File description = DNS Client API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2059941658|0xf2ec571dbba43735147910f800059fac|
C:\WINNT\system32\NETAPI32.dll, MID = 7cdc0000, ("c:\winnt\system32\netapi32.dll") File version = 5.00.2195.7203, File size = 310032, File modification date = 17/10/2008 17:41, File description = Net Win32 API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7203, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |439070768|0x7bbba94bcae7b4371254167c24972dfc|
C:\WINNT\system32\NTDSAPI.dll, MID = 77bf0000, ("c:\winnt\system32\ntdsapi.dll") File version = 5.00.2195.6666, File size = 57616, File modification date = 14/07/2003 12:00, File description = NT5DS, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6666, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |792560724|0x1a9f0053b554fd71730b21e23458bc53|
C:\WINNT\system32\WLDAP32.DLL, MID = 77950000, ("c:\winnt\system32\wldap32.dll") File version = 5.00.2195.7017, File size = 146192, File modification date = 08/04/2005 11:54, File description = Win32 LDAP API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7017, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1717065883|0x0da1335235dc386dab3c2329bcf2d4ee|
C:\WINNT\system32\NETRAP.dll, MID = 751c0000, ("c:\winnt\system32\netrap.dll") File version = 5.00.2134.1, File size = 11536, File modification date = 14/07/2003 12:00, File description = Net Remote Admin Protocol DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1388728333|0x3de628eb3d632875b8a24bdc53e67277|
C:\WINNT\system32\SAMLIB.dll, MID = 75150000, ("c:\winnt\system32\samlib.dll") File version = 5.00.2195.6944, File size = 51984, File modification date = 08/04/2005 11:54, File description = SAM Library DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6944, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1155014648|0xabda35a92538d23407d3f394f5179002|
C:\WINNT\system32\PDS.DLL, MID = 50270000, ("c:\winnt\system32\pds.dll") File version = 6.12.0.126 E, File size = 65590, File modification date = 17/12/2003 17:11, File description = PDS API, Product Name = Intel Common Base Agent, Product version = 6.12.0.126, Company name = Intel® Corporation (Copyright © 1997-2001 Intel® Corporation) |-1228277819|0x8b3d49d23ffd30609433dfd0790fa1ab|
C:\WINNT\system32\MPR.dll, MID = 76620000, ("c:\winnt\system32\mpr.dll") File version = 5.00.2195.7134, File size = 54032, File modification date = 16/04/2007 12:44, File description = Multiple Provider Router DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7134, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1720145585|0xbbe0c0025a82681055660d91cef145ef|
C:\WINNT\system32\ole32.dll, MID = 7ce20000, ("c:\winnt\system32\ole32.dll") File version = 5.00.2195.7059, File size = 957712, File modification date = 05/09/2005 08:18, File description = Microsoft OLE for Windows, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7059, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1440050145|0x7f22f0fb5437b1b83bca7380385faf2d|
C:\WINNT\system32\OLEAUT32.dll, MID = 779b0000, ("c:\winnt\system32\oleaut32.dll") File version = 2.40.4532, File size = 631056, File modification date = 05/12/2007 10:40, File description = (null), Product Name = (null), Product version = 2.40.4532, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-1998.) |1026888533|0x6c81e3b6dde5b04290f4429f64b4959d|
C:\WINNT\system32\CTL3D32.dll, MID = 72e90000, ("c:\winnt\system32\ctl3d32.dll") File version = 2.31.000, File size = 27136, File modification date = 14/07/2003 12:00, File description = Ctl3D 3D Windows Controls, Product Name = 3D Windows Controls, Product version = 2,31,0,0, Company name = Microsoft Corporation (Copyright © Microsoft Corp. ) |-380324108|0xad63fb7d2c4a286d5ab1657ff4cd4a43|
C:\WINNT\system32\WINMM.dll, MID = 77570000, ("c:\winnt\system32\winmm.dll") File version = 5.00.2161.1, File size = 189200, File modification date = 14/07/2003 12:00, File description = MCI API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2161.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1294126543|0x89ae2927b977604d720b1680e208af47|
C:\Program Files\Symantec AntiVirus\NAVLU.dll, MID = 516a0000, ("c:\program files\symantec antivirus\navlu.dll") File version = 9.0.1.1000, File size = 58688, File modification date = 03/08/2004 03:36, File description = Symantec AntiVirus, Product Name = Symantec AntiVirus, Product version = 9.0.1.1000, Company name = Symantec Corporation (Copyright 1991 - 2004 Symantec Corporation. All rights reserved.) |2080246130|0x667d0cf09c8601670f55214c11902cfc|
C:\WINNT\system32\MFC42.DLL, MID = 6c370000, ("c:\winnt\system32\mfc42.dll") File version = 6.00.9586.0, File size = 1015859, File modification date = 14/07/2003 12:00, File description = MFCDLL Shared Library - Retail Version, Product Name = Microsoft (R) Visual C++, Product version = 6.0.400, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1993-1998) |-675354260|0x8d0dbf25d91aa1be1e4e348434fd12e4|
C:\WINNT\system32\PSAPI.DLL, MID = 690a0000, ("c:\winnt\system32\psapi.dll") File version = 5.00.2134.1, File size = 28944, File modification date = 14/07/2003 12:00, File description = Process Status Helper, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1643079480|0x7f7005d2f1d9c579179807818c3ac4c7|
C:\WINNT\system32\USERENV.dll, MID = 7c0f0000, ("c:\winnt\system32\userenv.dll") File version = 5.00.2195.7002, File size = 399120, File modification date = 08/04/2005 11:54, File description = Userenv, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7002, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2111145570|0x099cd26e9c34225002e4477c8ac8dcb0|
C:\Program Files\Symantec AntiVirus\I2ldvp3.dll, MID = 51480000, ("c:\program files\symantec antivirus\i2ldvp3.dll") File version = 9.0.1.1000, File size = 243024, File modification date = 03/08/2004 03:36, File description = Symantec AntiVirus, Product Name = Symantec AntiVirus, Product version = 9.0.1.1000, Company name = Symantec Corporation (Copyright 1991 - 2004 Symantec Corporation. All rights reserved.) |273894993|0xf370ffc0566f590661be9ad347950689|
C:\Program Files\Symantec AntiVirus\ecmldr32.DLL, MID = 69000000, ("c:\program files\symantec antivirus\ecmldr32.dll") File version = 1.1.0.3, File size = 42160, File modification date = 27/06/2003 22:17, File description = Symantec Engine Common Object Model Loader, Product Name = ECOM Loader, Product version = 1.1.0.3, Company name = Symantec Corp. (Copyright (C) Symantec Corporation 1991-2003) |318751937|0xe8753779e5996465c7c50c8e988ced7b|
C:\WINNT\system32\SHLWAPI.dll, MID = 70bd0000, ("c:\winnt\system32\shlwapi.dll") File version = 6.00.2800.1106, File size = 395264, File modification date = 29/08/2002 14:14, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |548690860|0x77e607bcfb09e6958fe58b0345ec48c6|
C:\Program Files\Symantec AntiVirus\SAVRT32.DLL, MID = 6fa60000, ("c:\program files\symantec antivirus\savrt32.dll") File version = 9.3.0.28, File size = 218344, File modification date = 09/02/2004 23:43, File description = Symantec Realtime DLL, Product Name = Symantec AntiVirus AutoProtect, Product version = 9.3, Company name = Symantec Corporation (Copyright (c) 2003 Symantec Corporation) |-1530242046|0x643a1c8ad3938d8855f507fbcd82192c|
C:\WINNT\system32\VERSION.dll, MID = 77820000, ("c:\winnt\system32\version.dll") File version = 5.00.2195.6623, File size = 16144, File modification date = 14/07/2003 12:00, File description = Version Checking and File Installation Libraries, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6623, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-190638979|0xca34bd29eb86bd772d59d35b959d43ee|
C:\WINNT\system32\LZ32.DLL, MID = 759b0000, ("c:\winnt\system32\lz32.dll") File version = 5.00.2195.6611, File size = 10000, File modification date = 14/07/2003 12:00, File description = LZ Expand/Compress API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6611, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1264502935|0x486298f7d8f63d3c441579783541a01b|
C:\WINNT\system32\IMM32.dll, MID = 75e60000, ("c:\winnt\system32\imm32.dll") File version = 5.00.2195.6655, File size = 96528, File modification date = 14/07/2003 12:00, File description = Windows 2000 IMM32 API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |963357628|0x873794ce17dd72420d9c4072d4d112e5|
C:\Program Files\Symantec AntiVirus\NAVNTUTL.DLL, MID = 51810000, ("c:\program files\symantec antivirus\navntutl.dll") File version = 9.0.1.1000, File size = 83280, File modification date = 03/08/2004 03:36, File description = Symantec AntiVirus, Product Name = Symantec AntiVirus, Product version = 9.0.1.1000, Company name = Symantec Corporation (Copyright 1991 - 2004 Symantec Corporation. All rights reserved.) |804910486|0x26902c9a91bd545e75cfec121b463ad0|
C:\WINNT\system32\SFC.DLL, MID = 76980000, ("c:\winnt\system32\sfc.dll") File version = 5.00.2195.6673, File size = 95024, File modification date = 14/07/2003 12:00, File description = Windows File Protection, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6673, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1146302331|0x0e1f5e9b2d00611dc9fe59eef9487c76|
C:\WINNT\system32\sfcfiles.dll, MID = 68010000, ("c:\winnt\system32\sfcfiles.dll") File version = 5.00.2195.7038, File size = 973072, File modification date = 08/04/2005 10:34, File description = Windows 2000 System File Checker, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7038, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1300472552|0x7645645bb506c26b96b8f31893378c4b|
C:\WINNT\system32\CLBCATQ.DLL, MID = 7c950000, ("c:\winnt\system32\clbcatq.dll") File version = 2000.2.3529.0, File size = 551184, File modification date = 05/09/2005 08:18, File description = (null), Product Name = COM Services, Product version = 03.00.00.3529, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |191380482|0x6b8970e4791049d3ee5c3514e62797ee|
C:\WINNT\system32\wbem\wbemprox.dll, MID = 65a60000, ("c:\winnt\system32\wbem\wbemprox.dll") File version = 1.50.1085.0100, File size = 41061, File modification date = 14/07/2003 12:00, File description = Windows Management Instrumentation, Product Name = Windows Management Instrumentation, Product version = 1.50.1085.0100, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |-1084185829|0x17fa736b454dea3388e6e084451afcdc|
C:\WINNT\system32\wbem\wbemcomn.dll, MID = 65c20000, ("c:\winnt\system32\wbem\wbemcomn.dll") File version = 1.50.1085.0100, File size = 708696, File modification date = 14/07/2003 12:00, File description = Windows Management Instrumentation, Product Name = Windows Management Instrumentation, Product version = 1.50.1085.0100, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |340935955|0x1eef3ec347c1ef3437ed186946d2ee8d|
C:\WINNT\system32\shfolder.dll, MID = 719b0000, ("c:\winnt\system32\shfolder.dll") File version = 6.00.2800.1106, File size = 22528, File modification date = 29/08/2002 14:14, File description = Shell Folder Service, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-449221516|0xb52fe46bf6c62bc5c427c7fceaeccc18|
C:\WINNT\system32\IPHLPAPI.dll, MID = 77340000, ("c:\winnt\system32\iphlpapi.dll") File version = 5.00.2195.7097, File size = 68368, File modification date = 19/05/2006 09:18, File description = IP Helper API, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7097, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |979295807|0x0239d8d4b29b7664d73e16005cfefcce|
C:\WINNT\system32\ICMP.dll, MID = 77520000, ("c:\winnt\system32\icmp.dll") File version = 5.00.2134.1, File size = 7440, File modification date = 14/07/2003 12:00, File description = ICMP DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-215668467|0xeabdb948f90cc5f8e342c83ae10a71fe|
C:\WINNT\system32\MPRAPI.dll, MID = 77320000, ("c:\winnt\system32\mprapi.dll") File version = 5.00.2181.1, File size = 81168, File modification date = 14/07/2003 12:00, File description = Windows NT MP Router Administration DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2181.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1442464466|0xbb88f06f7aed4237df2a121deccb4d8a|
C:\WINNT\system32\ACTIVEDS.DLL, MID = 773b0000, ("c:\winnt\system32\activeds.dll") File version = 5.00.2195.6601, File size = 182032, File modification date = 14/07/2003 12:00, File description = ADs Router Layer DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1899155926|0x5200155df5cd700ebe717a8d6dbdccc7|
C:\WINNT\system32\ADSLDPC.DLL, MID = 77380000, ("c:\winnt\system32\adsldpc.dll") File version = 5.00.2195.6993, File size = 134928, File modification date = 08/04/2005 11:54, File description = ADs LDAP Provider C DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6993, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1367366423|0xf898815e2a3d185df0d61214cb1768ef|
C:\WINNT\system32\RTUTILS.DLL, MID = 77830000, ("c:\winnt\system32\rtutils.dll") File version = 5.00.2168.1, File size = 44816, File modification date = 14/07/2003 12:00, File description = Routing Utilities, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2168.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1125120706|0xc1fcf708669031c78dcd68589abd9d4c|
C:\WINNT\system32\SETUPAPI.DLL, MID = 77880000, ("c:\winnt\system32\setupapi.dll") File version = 5.00.2195.6622, File size = 570128, File modification date = 14/07/2003 12:00, File description = Windows Setup API, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6622, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-895472665|0x9726125daa47dcbf34f53cef8c677b9c|
C:\WINNT\system32\RASAPI32.dll, MID = 774e0000, ("c:\winnt\system32\rasapi32.dll") File version = 5.00.2195.6920, File size = 200464, File modification date = 08/04/2005 11:54, File description = Remote Access API, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6920, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |871917568|0xc2d3211d940675d7d25ccd1129126337|
C:\WINNT\system32\rasman.dll, MID = 774c0000, ("c:\winnt\system32\rasman.dll") File version = 5.00.2195.6824, File size = 58128, File modification date = 08/04/2005 11:54, File description = Remote Access Connection Manager, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6824, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1127137275|0xb342275d0a3e43983f9e27367c052ef1|
C:\WINNT\system32\TAPI32.dll, MID = 77530000, ("c:\winnt\system32\tapi32.dll") File version = 5.00.2195.6664, File size = 126736, File modification date = 14/07/2003 12:00, File description = Microsoft® Windows(TM) Telephony API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6664, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1996-97) |791213335|0x1345278cf4e09542f684d824ec90674d|
C:\WINNT\system32\COMCTL32.DLL, MID = 71710000, ("c:\winnt\system32\comctl32.dll") File version = 5.81, File size = 529680, File modification date = 29/08/2002 14:14, File description = Common Controls Library, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.50.4916.400, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-2001) |163435159|0x9edc93cc795dff919c6cd953912838a9|
C:\WINNT\system32\DHCPCSVC.DLL, MID = 77360000, ("c:\winnt\system32\dhcpcsvc.dll") File version = 5.00.2195.7085, File size = 89872, File modification date = 19/05/2006 09:18, File description = DHCP Client Service, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7085, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1178354831|0x4f17861b7f354f156d3e3663c426cb13|
C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090927.002\ecmsvr32.dll, MID = 69040000, ("c:\program files\common files\symantec shared\virusdefs\20090927.002\ecmsvr32.dll") File version = 91.2.1.10, File size = 259440, File modification date = 27/09/2009 08:00, File description = Symantec Engine Common Object Model Server, Product Name = ECOM Server, Product version = 91.2.1.10, Company name = Symantec Corporation (Copyright (C) 1991-2009 Symantec Corporation.) |2025591219|0x605b554657988c0fdd77b9f226f4d8b3|
C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090927.002\NAVEX32a.DLL, MID = 69100000, ("c:\program files\common files\symantec shared\virusdefs\20090927.002\navex32a.dll") File version = 20091.2.0.41, File size = 1647984, File modification date = 27/09/2009 08:00, File description = AV Engine, Product Name = Symantec Antivirus Engine, Product version = 20091.2.0.41, Company name = Symantec Corporation (Copyright (C) 1991-2009 Symantec Corporation.) |1131689332|0xeb4830a250d7d6af1fd73f2874d96241|
C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090927.002\NAVENG32.DLL, MID = 692c0000, ("c:\program files\common files\symantec shared\virusdefs\20090927.002\naveng32.dll") File version = 20091.2.0.41, File size = 177520, File modification date = 27/09/2009 08:00, File description = AV Engine, Product Name = Symantec Antivirus Engine, Product version = 20091.2.0.41, Company name = Symantec Corporation (Copyright (C) 1991-2009 Symantec Corporation.) |529671136|0x7e6b506e93fa06bfe7148e2d526cd675|
C:\Program Files\Symantec AntiVirus\IMail.dll, MID = 10000000, ("c:\program files\symantec antivirus\imail.dll") File version = 9.0.1.1000, File size = 54624, File modification date = 03/08/2004 03:36, File description = Symantec AntiVirus, Product Name = Symantec AntiVirus, Product version = 9.0.1.1000, Company name = Symantec Corporation (Copyright 1991 - 2004 Symantec Corporation. All rights reserved.) |2102109981|0x7d7866cd8d8f4f00055440fe76829fad|
C:\Program Files\Symantec AntiVirus\NotesExt.dll, MID = 516f0000, ("c:\program files\symantec antivirus\notesext.dll") File version = 9.0.1.1000, File size = 103776, File modification date = 03/08/2004 03:36, File description = Symantec AntiVirus, Product Name = Symantec AntiVirus, Product version = 9.0.1.1000, Company name = Symantec Corporation (Copyright 1991 - 2004 Symantec Corporation. All rights reserved.) |-1951646071|0x2b158263f632d040e297cb1b0c3b7fec|
C:\Program Files\Symantec AntiVirus\vpmsece2.dll, MID = 51750000, ("c:\program files\symantec antivirus\vpmsece2.dll") File version = 9.0.1.1000, File size = 79200, File modification date = 03/08/2004 03:37, File description = Symantec AntiVirus, Product Name = Symantec AntiVirus, Product version = 9.0.1.1000, Company name = Symantec Corporation (Copyright 1991 - 2004 Symantec Corporation. All rights reserved.) |-1868573952|0xca88fab57915678410b51cad917987d0|
C:\Program Files\Common Files\Symantec Shared\SSC\scandlgs.dll, MID = 51710000, ("c:\program files\common files\symantec shared\ssc\scandlgs.dll") File version = 9.0.1.1000, File size = 238920, File modification date = 03/08/2004 03:36, File description = Symantec AntiVirus, Product Name = Symantec AntiVirus, Product version = 9.0.1.1000, Company name = Symantec Corporation (Copyright 1991 - 2004 Symantec Corporation. All rights reserved.) |-887911360|0xfa901a32534493312a5d2356aa1619a8|
C:\WINNT\system32\comdlg32.dll, MID = 76b30000, ("c:\winnt\system32\comdlg32.dll") File version = 5.00.3700.6693, File size = 241424, File modification date = 14/07/2003 12:00, File description = Common Dialogs DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3700.6693, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1132175447|0x41c157ba2f205017ec26998009ccb046|
C:\WINNT\system32\SHELL32.DLL, MID = 7cf30000, ("c:\winnt\system32\shell32.dll") File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
C:\WINNT\system32\MSVCP60.dll, MID = 75ff0000, ("c:\winnt\system32\msvcp60.dll") File version = 6.02.3104.0, File size = 413696, File modification date = 04/08/2004 15:52, File description = Microsoft (R) C++ Runtime Library, Product Name = Microsoft (R) Visual C++, Product version = 6.02.3104.0, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1998) |1663906772|0x1b45ca78ec3744edf6a95768507a98a8|
C:\Program Files\Symantec AntiVirus\DecSDK.dll, MID = 698d0000, ("c:\program files\symantec antivirus\decsdk.dll") File version = 3.02.12.09, File size = 62576, File modification date = 02/07/2004 15:53, File description = File Decomposer Component, Product Name = File Decomposer, Product version = 3.02.12.09, Company name = Symantec Corporation (Copyright 2001 Symantec Corporation.) |-1108963629|0x27d41d4c58773720a9de6b33cca49459|
C:\Program Files\Symantec AntiVirus\Dec2.dll, MID = 69ae0000, ("c:\program files\symantec antivirus\dec2.dll") File version = 3.02.12.09, File size = 91248, File modification date = 02/07/2004 15:53, File description = File Decomposer Component, Product Name = File Decomposer, Product version = 3.02.12.09, Company name = Symantec Corporation (Copyright 2001 Symantec Corporation.) |-748566617|0x101034e60ac4261d62eb0a4d5529d789|
C:\WINNT\system32\WININET.dll, MID = 70200000, ("c:\winnt\system32\wininet.dll") File version = 6.00.2800.1106, File size = 585728, File modification date = 29/08/2002 14:14, File description = Internet Extensions for Win32, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-958945156|0x8579e8474130334dfa93d4df3f0d3fa1|
C:\WINNT\system32\CRYPT32.dll, MID = 7c740000, ("c:\winnt\system32\crypt32.dll") File version = 5.131.2195.6926, File size = 563984, File modification date = 08/04/2005 11:54, File description = Crypto API32, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.131.2195.6926, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1939721043|0x9726a08c3e529c5e6a48fff274a32932|
C:\WINNT\system32\MSASN1.dll, MID = 77430000, ("c:\winnt\system32\msasn1.dll") File version = 5.00.2195.6905, File size = 56592, File modification date = 08/04/2005 11:54, File description = ASN.1 Runtime APIs, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6905, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |941742114|0x507173a20310cc8eaebb1204dc1d822d|
C:\Program Files\Symantec AntiVirus\Dec2ID.dll, MID = 69a50000, ("c:\program files\symantec antivirus\dec2id.dll") File version = 3.02.12.09, File size = 54384, File modification date = 02/07/2004 15:53, File description = File Decomposer Component, Product Name = File Decomposer, Product version = 3.02.12.09, Company name = Symantec Corporation (Copyright 2001 Symantec Corporation.) |-701533286|0x52861aa69224759b7ffec70abe4ebfd1|
C:\Program Files\Symantec AntiVirus\Dec2ZIP.dll, MID = 698e0000, ("c:\program files\symantec antivirus\dec2zip.dll") File version = 3.02.12.09, File size = 242800, File modification date = 02/07/2004 15:53, File description = File Decomposer Component, Product Name = File Decomposer, Product version = 3.02.12.09, Company name = Symantec Corporation (Copyright 2001 Symantec Corporation.) |-1749234002|0xbef9c387487b1e98bfb9fd85f7cabc09|
C:\Program Files\Symantec AntiVirus\Dec2SS.dll, MID = 69990000, ("c:\program files\symantec antivirus\dec2ss.dll") File version = 3.02.12.09, File size = 91248, File modification date = 02/07/2004 15:53, File description = File Decomposer Component, Product Name = File Decomposer, Product version = 3.02.12.09, Company name = Symantec Corporation (Copyright 2001 Symantec Corporation.) |836517529|0x87749b38351738beaa3f28ea8b562eb6|
C:\Program Files\Symantec AntiVirus\Dec2GZIP.dll, MID = 69a60000, ("c:\program files\symantec antivirus\dec2gzip.dll") File version = 3.02.12.09, File size = 99440, File modification date = 02/07/2004 15:53, File description = File Decomposer Component, Product Name = File Decomposer, Product version = 3.02.12.09, Company name = Symantec Corporation (Copyright 2001 Symantec Corporation.) |-232032828|0xb8155ecfdc90fb82780e1ed85396730c|
C:\Program Files\Symantec AntiVirus\Dec2CAB.dll, MID = 69a80000, ("c:\program files\symantec antivirus\dec2cab.dll") File version = 3.02.12.09, File size = 78960, File modification date = 02/07/2004 15:53, File description = File Decomposer Component, Product Name = File Decomposer, Product version = 3.02.12.09, Company name = Symantec Corporation (Copyright 2001 Symantec Corporation.) |-812641745|0x78b86c519f4741840945726e67d4d810|
C:\Program Files\Symantec AntiVirus\Dec2LHA.dll, MID = 69a30000, ("c:\program files\symantec antivirus\dec2lha.dll") File version = 3.02.12.09, File size = 103536, File modification date = 02/07/2004 15:53, File description = File Decomposer Component, Product Name = File Decomposer, Product version = 3.02.12.09, Company name = Symantec Corporation (Copyright 2001 Symantec Corporation.) |542769444|0x46e2bc1188b472b7d649dbc6e8d438bd|
C:\Program Files\Symantec AntiVirus\Dec2ARJ.dll, MID = 69ab0000, ("c:\program files\symantec antivirus\dec2arj.dll") File version = 3.02.12.09, File size = 66672, File modification date = 02/07/2004 15:53, File description = File Decomposer Component, Product Name = File Decomposer, Product version = 3.02.12.09, Company name = Symantec Corporation (Copyright 2001 Symantec Corporation.) |-1069366188|0x1d91f58c5656263485517d95e3e5f5ae|
C:\Program Files\Symantec AntiVirus\Dec2TNEF.dll, MID = 69920000, ("c:\program files\symantec antivirus\dec2tnef.dll") File version = 3.02.12.09, File size = 91248, File modification date = 02/07/2004 15:53, File description = File Decomposer Component, Product Name = File Decomposer, Product version = 3.02.12.09, Company name = Symantec Corporation (Copyright 2001 Symantec Corporation.) |1651114071|0x107de2f99574ceef274272fac9d6059b|
C:\Program Files\Symantec AntiVirus\Dec2LZ.dll, MID = 69a20000, ("c:\program files\symantec antivirus\dec2lz.dll") File version = 3.02.12.09, File size = 58480, File modification date = 02/07/2004 15:53, File description = File Decomposer Component, Product Name = File Decomposer, Product version = 3.02.12.09, Company name = Symantec Corporation (Copyright 2001 Symantec Corporation.) |300568328|0xd169c16197cba60d818e6c1efe3f13aa|
C:\Program Files\Symantec AntiVirus\Dec2AMG.dll, MID = 69ac0000, ("c:\program files\symantec antivirus\dec2amg.dll") File version = 3.02.12.09, File size = 119920, File modification date = 02/07/2004 15:53, File description = File Decomposer Component, Product Name = File Decomposer, Product version = 3.02.12.09, Company name = Symantec Corporation (Copyright 2001 Symantec Corporation.) |349222603|0x34602ab003647bd5b9f9d15fe64d38e2|
C:\Program Files\Symantec AntiVirus\Dec2TAR.dll, MID = 69980000, ("c:\program files\symantec antivirus\dec2tar.dll") File version = 3.02.12.09, File size = 66672, File modification date = 02/07/2004 15:53, File description = File Decomposer Component, Product Name = File Decomposer, Product version = 3.02.12.09, Company name = Symantec Corporation (Copyright 2001 Symantec Corporation.) |1848945673|0x8127c7fa19f08acd02d5b7daafbd29e7|
C:\Program Files\Symantec AntiVirus\Dec2RTF.dll, MID = 699b0000, ("c:\program files\symantec antivirus\dec2rtf.dll") File version = 3.02.12.09, File size = 83056, File modification date = 02/07/2004 15:53, File description = File Decomposer Component, Product Name = File Decomposer, Product version = 3.02.12.09, Company name = Symantec Corporation (Copyright 2001 Symantec Corporation.) |-359422516|0xe9e9cadd178bca45b0c9f9c1be25d601|
C:\Program Files\Symantec AntiVirus\Dec2Text.dll, MID = 69940000, ("c:\program files\symantec antivirus\dec2text.dll") File version = 3.02.12.09, File size = 234608, File modification date = 02/07/2004 15:53, File description = File Decomposer Component, Product Name = File Decomposer, Product version = 3.02.12.09, Company name = Symantec Corporation (Copyright 2001 Symantec Corporation.) |1605079162|0x10e519278fcdd2b6f0df4ac691ef00aa|
C:\Program Files\Symantec AntiVirus\DefUtDCS.dll, MID = 6a800000, ("c:\program files\symantec antivirus\defutdcs.dll") File version = 1.0.82.0, File size = 918760, File modification date = 03/02/2004 20:39, File description = Symantec Definition Utilities, Product Name = Symantec Definition Utilities, Product version = 1.0.82.0, Company name = Symantec Corporation (Copyright (C) 2003, Symantec Corporation) |144591873|0x22bb2283896237caad5d28ccbe7cefb4|
C:\WINNT\System32\rnr20.dll, MID = 782c0000, ("c:\winnt\system32\rnr20.dll") File version = 5.00.2195.6603, File size = 36624, File modification date = 14/07/2003 12:00, File description = Windows Socket2 NameSpace DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6603, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-435723684|0x11ff66de71088617a7ac172f33b6fda5|
C:\WINNT\System32\winrnr.dll, MID = 777e0000, ("c:\winnt\system32\winrnr.dll") File version = 5.00.2160.1, File size = 19216, File modification date = 14/07/2003 12:00, File description = LDAP RnR Provider DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2160.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |171900358|0x71325b58bc6a78b951cfe71b7514f91e|
C:\WINNT\system32\rasadhlp.dll, MID = 777f0000, ("c:\winnt\system32\rasadhlp.dll") File version = 5.00.2195.7098, File size = 7440, File modification date = 06/07/2006 11:45, File description = Remote Access AutoDial Helper, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7098, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-830196155|0x15c7fe3ef6c5f43a10a8c3eb3b993dd6|

PROCESS wanmpsvc, PID = 744, USER = NT AUTHORITY\SYSTEM (Group - BUILTIN\Administrators, Everyone, NT AUTHORITY\Authenticated Users), Command Line = "C:\WINNT\wanmpsvc.exe"
"c:\winnt\wanmpsvc.exe" File version = 7, 0, 0, 2, File size = 65536, File modification date = 30/07/2002 23:16, File description = Wan Miniport (ATW) Service, Product Name = America Online, Product version = 7, 0, 0, 2, Company name = America Online, Inc. (Copyright © 2001 America Online, Inc.) |-994280280|0x909f2dc0da7f57d229a05ee90647b2c3|
C:\WINNT\wanmpsvc.exe, MID = 400000, ("c:\winnt\wanmpsvc.exe") File version = 7, 0, 0, 2, File size = 65536, File modification date = 30/07/2002 23:16, File description = Wan Miniport (ATW) Service, Product Name = America Online, Product version = 7, 0, 0, 2, Company name = America Online, Inc. (Copyright © 2001 America Online, Inc.) |-994280280|0x909f2dc0da7f57d229a05ee90647b2c3|
C:\WINNT\system32\ntdll.dll, MID = 77f80000, ("c:\winnt\system32\ntdll.dll") File version = 5.00.2195.7006, File size = 483600, File modification date = 16/08/2005 09:39, File description = NT Layer DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7006, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1093949723|0x4c0f0b57de8c1669aa6f49d285b3865a|
C:\WINNT\system32\KERNEL32.dll, MID = 7c570000, ("c:\winnt\system32\kernel32.dll") File version = 5.00.2195.7135, File size = 712976, File modification date = 16/04/2007 12:44, File description = Windows NT BASE API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7135, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1984583957|0x0ab23b46ccaeba64d748a5cf79cb4bb6|
C:\WINNT\system32\USER32.dll, MID = 77e10000, ("c:\winnt\system32\user32.dll") File version = 5.00.2195.7133, File size = 381200, File modification date = 06/03/2007 11:17, File description = Windows 2000 USER API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7133, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |428782839|0x40023a7103796b1af6ca41a6dbc54775|
C:\WINNT\system32\GDI32.dll, MID = 77f40000, ("c:\winnt\system32\gdi32.dll") File version = 5.00.2195.7205, File size = 237840, File modification date = 23/10/2008 05:27, File description = GDI Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7205, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-509084252|0xddc864563d0c543cbed08f32864a87a9|
C:\WINNT\system32\ADVAPI32.dll, MID = 7c2d0000, ("c:\winnt\system32\advapi32.dll") File version = 5.00.2195.7038, File size = 401168, File modification date = 21/04/2005 08:08, File description = Advanced Windows 32 Base API, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7038, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1396536984|0x67d5fc28cab4066922da01eb9c28167a|
C:\WINNT\system32\RPCRT4.dll, MID = 77d30000, ("c:\winnt\system32\rpcrt4.dll") File version = 5.00.2195.7090, File size = 439056, File modification date = 17/07/2007 06:42, File description = Remote Procedure Call Runtime, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7090, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-897039946|0xe11ad7a9e8320ad76954eab83356efbe|
C:\WINNT\system32\Secur32.dll, MID = 7c340000, ("c:\winnt\system32\secur32.dll") File version = 5.00.2195.6695, File size = 48912, File modification date = 14/07/2003 12:00, File description = Security Support Provider Interface, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6695, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1886565331|0x0d6b5a519879138244ef3f8549c02432|
C:\WINNT\system32\iphlpapi.dll, MID = 77340000, ("c:\winnt\system32\iphlpapi.dll") File version = 5.00.2195.7097, File size = 68368, File modification date = 19/05/2006 09:18, File description = IP Helper API, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7097, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |979295807|0x0239d8d4b29b7664d73e16005cfefcce|
C:\WINNT\system32\MSVCRT.dll, MID = 78000000, ("c:\winnt\system32\msvcrt.dll") File version = 6.10.9844.0, File size = 286773, File modification date = 14/07/2003 12:00, File description = Microsoft (R) C Runtime Library, Product Name = Microsoft (R) Visual C++, Product version = 6.10.9844.0, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-229369582|0xba7be6f92680b28b9031170659fd222d|
C:\WINNT\system32\WS2_32.dll, MID = 75030000, ("c:\winnt\system32\ws2_32.dll") File version = 5.00.2195.6601, File size = 69904, File modification date = 14/07/2003 12:00, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2119670867|0x0190c62de42396d78db9be771cf2403e|
C:\WINNT\system32\WS2HELP.DLL, MID = 75020000, ("c:\winnt\system32\ws2help.dll") File version = 5.00.2134.1, File size = 18192, File modification date = 14/07/2003 12:00, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1302601384|0x28336b1300ec048124197091354251b6|
C:\WINNT\system32\ICMP.dll, MID = 77520000, ("c:\winnt\system32\icmp.dll") File version = 5.00.2134.1, File size = 7440, File modification date = 14/07/2003 12:00, File description = ICMP DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-215668467|0xeabdb948f90cc5f8e342c83ae10a71fe|
C:\WINNT\system32\MPRAPI.dll, MID = 77320000, ("c:\winnt\system32\mprapi.dll") File version = 5.00.2181.1, File size = 81168, File modification date = 14/07/2003 12:00, File description = Windows NT MP Router Administration DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2181.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1442464466|0xbb88f06f7aed4237df2a121deccb4d8a|
C:\WINNT\system32\SAMLIB.DLL, MID = 75150000, ("c:\winnt\system32\samlib.dll") File version = 5.00.2195.6944, File size = 51984, File modification date = 08/04/2005 11:54, File description = SAM Library DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6944, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1155014648|0xabda35a92538d23407d3f394f5179002|
C:\WINNT\system32\NETAPI32.DLL, MID = 7cdc0000, ("c:\winnt\system32\netapi32.dll") File version = 5.00.2195.7203, File size = 310032, File modification date = 17/10/2008 17:41, File description = Net Win32 API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7203, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |439070768|0x7bbba94bcae7b4371254167c24972dfc|
C:\WINNT\system32\NTDSAPI.dll, MID = 77bf0000, ("c:\winnt\system32\ntdsapi.dll") File version = 5.00.2195.6666, File size = 57616, File modification date = 14/07/2003 12:00, File description = NT5DS, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6666, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |792560724|0x1a9f0053b554fd71730b21e23458bc53|
C:\WINNT\system32\DNSAPI.DLL, MID = 77980000, ("c:\winnt\system32\dnsapi.dll") File version = 5.00.2195.7158, File size = 137488, File modification date = 25/06/2008 09:41, File description = DNS Client API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2059941658|0xf2ec571dbba43735147910f800059fac|
C:\WINNT\system32\WSOCK32.dll, MID = 75050000, ("c:\winnt\system32\wsock32.dll") File version = 5.00.2195.6603, File size = 21776, File modification date = 14/07/2003 12:00, File description = Windows Socket 32-Bit DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6603, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1515024278|0x183d2d8e28a0393b4798addd46ad27b0|
C:\WINNT\system32\WLDAP32.DLL, MID = 77950000, ("c:\winnt\system32\wldap32.dll") File version = 5.00.2195.7017, File size = 146192, File modification date = 08/04/2005 11:54, File description = Win32 LDAP API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7017, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1717065883|0x0da1335235dc386dab3c2329bcf2d4ee|
C:\WINNT\system32\NETRAP.dll, MID = 751c0000, ("c:\winnt\system32\netrap.dll") File version = 5.00.2134.1, File size = 11536, File modification date = 14/07/2003 12:00, File description = Net Remote Admin Protocol DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1388728333|0x3de628eb3d632875b8a24bdc53e67277|
C:\WINNT\system32\OLE32.DLL, MID = 7ce20000, ("c:\winnt\system32\ole32.dll") File version = 5.00.2195.7059, File size = 957712, File modification date = 05/09/2005 08:18, File description = Microsoft OLE for Windows, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7059, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1440050145|0x7f22f0fb5437b1b83bca7380385faf2d|
C:\WINNT\system32\OLEAUT32.DLL, MID = 779b0000, ("c:\winnt\system32\oleaut32.dll") File version = 2.40.4532, File size = 631056, File modification date = 05/12/2007 10:40, File description = (null), Product Name = (null), Product version = 2.40.4532, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-1998.) |1026888533|0x6c81e3b6dde5b04290f4429f64b4959d|
C:\WINNT\system32\ACTIVEDS.DLL, MID = 773b0000, ("c:\winnt\system32\activeds.dll") File version = 5.00.2195.6601, File size = 182032, File modification date = 14/07/2003 12:00, File description = ADs Router Layer DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1899155926|0x5200155df5cd700ebe717a8d6dbdccc7|
C:\WINNT\system32\ADSLDPC.DLL, MID = 77380000, ("c:\winnt\system32\adsldpc.dll") File version = 5.00.2195.6993, File size = 134928, File modification date = 08/04/2005 11:54, File description = ADs LDAP Provider C DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6993, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1367366423|0xf898815e2a3d185df0d61214cb1768ef|
C:\WINNT\system32\RTUTILS.DLL, MID = 77830000, ("c:\winnt\system32\rtutils.dll") File version = 5.00.2168.1, File size = 44816, File modification date = 14/07/2003 12:00, File description = Routing Utilities, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2168.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1125120706|0xc1fcf708669031c78dcd68589abd9d4c|
C:\WINNT\system32\SETUPAPI.DLL, MID = 77880000, ("c:\winnt\system32\setupapi.dll") File version = 5.00.2195.6622, File size = 570128, File modification date = 14/07/2003 12:00, File description = Windows Setup API, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6622, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-895472665|0x9726125daa47dcbf34f53cef8c677b9c|
C:\WINNT\system32\USERENV.DLL, MID = 7c0f0000, ("c:\winnt\system32\userenv.dll") File version = 5.00.2195.7002, File size = 399120, File modification date = 08/04/2005 11:54, File description = Userenv, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7002, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2111145570|0x099cd26e9c34225002e4477c8ac8dcb0|
C:\WINNT\system32\RASAPI32.dll, MID = 774e0000, ("c:\winnt\system32\rasapi32.dll") File version = 5.00.2195.6920, File size = 200464, File modification date = 08/04/2005 11:54, File description = Remote Access API, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6920, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |871917568|0xc2d3211d940675d7d25ccd1129126337|
C:\WINNT\system32\rasman.dll, MID = 774c0000, ("c:\winnt\system32\rasman.dll") File version = 5.00.2195.6824, File size = 58128, File modification date = 08/04/2005 11:54, File description = Remote Access Connection Manager, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6824, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1127137275|0xb342275d0a3e43983f9e27367c052ef1|
C:\WINNT\system32\TAPI32.dll, MID = 77530000, ("c:\winnt\system32\tapi32.dll") File version = 5.00.2195.6664, File size = 126736, File modification date = 14/07/2003 12:00, File description = Microsoft® Windows(TM) Telephony API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6664, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1996-97) |791213335|0x1345278cf4e09542f684d824ec90674d|
C:\WINNT\system32\COMCTL32.DLL, MID = 71710000, ("c:\winnt\system32\comctl32.dll") File version = 5.81, File size = 529680, File modification date = 29/08/2002 14:14, File description = Common Controls Library, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.50.4916.400, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-2001) |163435159|0x9edc93cc795dff919c6cd953912838a9|
C:\WINNT\system32\SHLWAPI.DLL, MID = 70bd0000, ("c:\winnt\system32\shlwapi.dll") File version = 6.00.2800.1106, File size = 395264, File modification date = 29/08/2002 14:14, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |548690860|0x77e607bcfb09e6958fe58b0345ec48c6|
C:\WINNT\system32\DHCPCSVC.DLL, MID = 77360000, ("c:\winnt\system32\dhcpcsvc.dll") File version = 5.00.2195.7085, File size = 89872, File modification date = 19/05/2006 09:18, File description = DHCP Client Service, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7085, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1178354831|0x4f17861b7f354f156d3e3663c426cb13|
C:\WINNT\system32\SHFOLDER.dll, MID = 719b0000, ("c:\winnt\system32\shfolder.dll") File version = 6.00.2800.1106, File size = 22528, File modification date = 29/08/2002 14:14, File description = Shell Folder Service, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-449221516|0xb52fe46bf6c62bc5c427c7fceaeccc18|

Robert09
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2009-10-14
OS OS : 2000 Pro
Points Points : 26223
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Robert09 on Fri Oct 23, 2009 10:51 pm

PROCESS explorer, PID = 316, USER = WS24\Administrator (Group - WS24\None, Everyone, WS24\Debugger Users, BUILTIN\Administrators, BUILTIN\Users, NT AUTHORITY\INTERACTIVE, NT AUTHORITY\Authenticated Users, LOCAL), Command Line = C:\WINNT\Explorer.EXE
"c:\winnt\explorer.exe" File version = 5.00.3700.6690, File size = 243472, File modification date = 14/07/2003 12:00, File description = Windows Explorer, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3700.6690, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-627689957|0x59cf2b7dced9111f48f51b4b570e672d|
C:\WINNT\Explorer.EXE, MID = 400000, ("c:\winnt\explorer.exe") File version = 5.00.3700.6690, File size = 243472, File modification date = 14/07/2003 12:00, File description = Windows Explorer, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3700.6690, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-627689957|0x59cf2b7dced9111f48f51b4b570e672d|
C:\WINNT\system32\ntdll.dll, MID = 77f80000, ("c:\winnt\system32\ntdll.dll") File version = 5.00.2195.7006, File size = 483600, File modification date = 16/08/2005 09:39, File description = NT Layer DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7006, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1093949723|0x4c0f0b57de8c1669aa6f49d285b3865a|
C:\WINNT\system32\ADVAPI32.DLL, MID = 7c2d0000, ("c:\winnt\system32\advapi32.dll") File version = 5.00.2195.7038, File size = 401168, File modification date = 21/04/2005 08:08, File description = Advanced Windows 32 Base API, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7038, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1396536984|0x67d5fc28cab4066922da01eb9c28167a|
C:\WINNT\system32\KERNEL32.dll, MID = 7c570000, ("c:\winnt\system32\kernel32.dll") File version = 5.00.2195.7135, File size = 712976, File modification date = 16/04/2007 12:44, File description = Windows NT BASE API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7135, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1984583957|0x0ab23b46ccaeba64d748a5cf79cb4bb6|
C:\WINNT\system32\RPCRT4.dll, MID = 77d30000, ("c:\winnt\system32\rpcrt4.dll") File version = 5.00.2195.7090, File size = 439056, File modification date = 17/07/2007 06:42, File description = Remote Procedure Call Runtime, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7090, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-897039946|0xe11ad7a9e8320ad76954eab83356efbe|
C:\WINNT\system32\Secur32.dll, MID = 7c340000, ("c:\winnt\system32\secur32.dll") File version = 5.00.2195.6695, File size = 48912, File modification date = 14/07/2003 12:00, File description = Security Support Provider Interface, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6695, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1886565331|0x0d6b5a519879138244ef3f8549c02432|
C:\WINNT\system32\GDI32.DLL, MID = 77f40000, ("c:\winnt\system32\gdi32.dll") File version = 5.00.2195.7205, File size = 237840, File modification date = 23/10/2008 05:27, File description = GDI Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7205, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-509084252|0xddc864563d0c543cbed08f32864a87a9|
C:\WINNT\system32\USER32.dll, MID = 77e10000, ("c:\winnt\system32\user32.dll") File version = 5.00.2195.7133, File size = 381200, File modification date = 06/03/2007 11:17, File description = Windows 2000 USER API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7133, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |428782839|0x40023a7103796b1af6ca41a6dbc54775|
C:\WINNT\system32\SHLWAPI.DLL, MID = 70bd0000, ("c:\winnt\system32\shlwapi.dll") File version = 6.00.2800.1106, File size = 395264, File modification date = 29/08/2002 14:14, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |548690860|0x77e607bcfb09e6958fe58b0345ec48c6|
C:\WINNT\system32\msvcrt.dll, MID = 78000000, ("c:\winnt\system32\msvcrt.dll") File version = 6.10.9844.0, File size = 286773, File modification date = 14/07/2003 12:00, File description = Microsoft (R) C Runtime Library, Product Name = Microsoft (R) Visual C++, Product version = 6.10.9844.0, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-229369582|0xba7be6f92680b28b9031170659fd222d|
C:\WINNT\system32\COMCTL32.DLL, MID = 71710000, ("c:\winnt\system32\comctl32.dll") File version = 5.81, File size = 529680, File modification date = 29/08/2002 14:14, File description = Common Controls Library, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.50.4916.400, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-2001) |163435159|0x9edc93cc795dff919c6cd953912838a9|
C:\WINNT\system32\shim.dll, MID = 732e0000, ("c:\winnt\system32\shim.dll") File version = 5.00.2195.6717, File size = 69392, File modification date = 14/07/2003 12:00, File description = Shim Engine DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6717, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1182484103|0x96be1bc88031f27722336073678e120b|
C:\WINNT\AppPatch\AcLayers.DLL, MID = 23000000, ("c:\winnt\apppatch\aclayers.dll") File version = 5.00.2195.6717, File size = 269584, File modification date = 14/07/2003 12:00, File description = Windows 2000 Shim Accessory DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6717, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-467858954|0x86cd4fc70c682a6ca41d82f99bcc54ed|
C:\WINNT\system32\SHELL32.dll, MID = 7cf30000, ("c:\winnt\system32\shell32.dll") File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
C:\WINNT\system32\OLE32.DLL, MID = 7ce20000, ("c:\winnt\system32\ole32.dll") File version = 5.00.2195.7059, File size = 957712, File modification date = 05/09/2005 08:18, File description = Microsoft OLE for Windows, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7059, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1440050145|0x7f22f0fb5437b1b83bca7380385faf2d|
C:\WINNT\system32\CLBCATQ.DLL, MID = 7c950000, ("c:\winnt\system32\clbcatq.dll") File version = 2000.2.3529.0, File size = 551184, File modification date = 05/09/2005 08:18, File description = (null), Product Name = COM Services, Product version = 03.00.00.3529, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |191380482|0x6b8970e4791049d3ee5c3514e62797ee|
C:\WINNT\system32\OLEAUT32.dll, MID = 779b0000, ("c:\winnt\system32\oleaut32.dll") File version = 2.40.4532, File size = 631056, File modification date = 05/12/2007 10:40, File description = (null), Product Name = (null), Product version = 2.40.4532, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-1998.) |1026888533|0x6c81e3b6dde5b04290f4429f64b4959d|
C:\WINNT\system32\cscui.dll, MID = 77840000, ("c:\winnt\system32\cscui.dll") File version = 5.00.2195.6705, File size = 242960, File modification date = 14/07/2003 12:00, File description = Client Side Caching UI, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6705, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1998) |1133553554|0x2338214ee7338ae91c60f3e8b727aae0|
C:\WINNT\system32\CSCDLL.DLL, MID = 770c0000, ("c:\winnt\system32\cscdll.dll") File version = 5.00.2195.6713, File size = 101136, File modification date = 14/07/2003 12:00, File description = Offline Network Agent, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6713, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. ) |1641852540|0x99b3f8bc2e6dd1eece66eb6ca5007729|
C:\WINNT\system32\SHDOCVW.DLL, MID = 71000000, ("c:\winnt\system32\shdocvw.dll") File version = 6.00.2800.1106, File size = 1338368, File modification date = 29/08/2002 14:14, File description = Shell Doc Object and Control Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1802806112|0x7d89e0216917a6f233735902f649e8d1|
C:\WINNT\system32\browseui.dll, MID = 71160000, ("c:\winnt\system32\browseui.dll") File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
C:\WINNT\system32\LINKINFO.DLL, MID = 76710000, ("c:\winnt\system32\linkinfo.dll") File version = 5.00.2195.7069, File size = 17680, File modification date = 23/09/2005 11:03, File description = Windows Volume Tracking, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7069, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1994-1999) |-1024464648|0xeb0ea3ef05d648455d691348c819e479|
C:\WINNT\system32\ntshrui.dll, MID = 76fa0000, ("c:\winnt\system32\ntshrui.dll") File version = 5.00.2134.1, File size = 47888, File modification date = 14/07/2003 12:00, File description = Shell extensions for sharing, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1146396665|0x8648b1b3700ff6998aca8d99dd6de719|
C:\WINNT\system32\ATL.DLL, MID = 773e0000, ("c:\winnt\system32\atl.dll") File version = 3.00.9435, File size = 74810, File modification date = 14/07/2003 12:00, File description = ATL Module for Windows NT (Unicode), Product Name = Microsoft (R) Visual C++, Product version = 6.00.9435, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1996-1998) |-1243910862|0x613baa8eff406d543746584f32ca0efe|
C:\WINNT\system32\NETAPI32.DLL, MID = 7cdc0000, ("c:\winnt\system32\netapi32.dll") File version = 5.00.2195.7203, File size = 310032, File modification date = 17/10/2008 17:41, File description = Net Win32 API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7203, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |439070768|0x7bbba94bcae7b4371254167c24972dfc|
C:\WINNT\system32\NTDSAPI.dll, MID = 77bf0000, ("c:\winnt\system32\ntdsapi.dll") File version = 5.00.2195.6666, File size = 57616, File modification date = 14/07/2003 12:00, File description = NT5DS, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6666, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |792560724|0x1a9f0053b554fd71730b21e23458bc53|
C:\WINNT\system32\DNSAPI.DLL, MID = 77980000, ("c:\winnt\system32\dnsapi.dll") File version = 5.00.2195.7158, File size = 137488, File modification date = 25/06/2008 09:41, File description = DNS Client API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2059941658|0xf2ec571dbba43735147910f800059fac|
C:\WINNT\system32\WSOCK32.dll, MID = 75050000, ("c:\winnt\system32\wsock32.dll") File version = 5.00.2195.6603, File size = 21776, File modification date = 14/07/2003 12:00, File description = Windows Socket 32-Bit DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6603, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1515024278|0x183d2d8e28a0393b4798addd46ad27b0|
C:\WINNT\system32\WS2_32.DLL, MID = 75030000, ("c:\winnt\system32\ws2_32.dll") File version = 5.00.2195.6601, File size = 69904, File modification date = 14/07/2003 12:00, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2119670867|0x0190c62de42396d78db9be771cf2403e|
C:\WINNT\system32\WS2HELP.DLL, MID = 75020000, ("c:\winnt\system32\ws2help.dll") File version = 5.00.2134.1, File size = 18192, File modification date = 14/07/2003 12:00, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1302601384|0x28336b1300ec048124197091354251b6|
C:\WINNT\system32\WLDAP32.DLL, MID = 77950000, ("c:\winnt\system32\wldap32.dll") File version = 5.00.2195.7017, File size = 146192, File modification date = 08/04/2005 11:54, File description = Win32 LDAP API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7017, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1717065883|0x0da1335235dc386dab3c2329bcf2d4ee|
C:\WINNT\system32\NETRAP.dll, MID = 751c0000, ("c:\winnt\system32\netrap.dll") File version = 5.00.2134.1, File size = 11536, File modification date = 14/07/2003 12:00, File description = Net Remote Admin Protocol DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1388728333|0x3de628eb3d632875b8a24bdc53e67277|
C:\WINNT\system32\SAMLIB.dll, MID = 75150000, ("c:\winnt\system32\samlib.dll") File version = 5.00.2195.6944, File size = 51984, File modification date = 08/04/2005 11:54, File description = SAM Library DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6944, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1155014648|0xabda35a92538d23407d3f394f5179002|
C:\WINNT\system32\USERENV.DLL, MID = 7c0f0000, ("c:\winnt\system32\userenv.dll") File version = 5.00.2195.7002, File size = 399120, File modification date = 08/04/2005 11:54, File description = Userenv, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7002, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2111145570|0x099cd26e9c34225002e4477c8ac8dcb0|
C:\WINNT\system32\mydocs.dll, MID = 76df0000, ("c:\winnt\system32\mydocs.dll") File version = 5.00.3502.6601, File size = 57104, File modification date = 14/07/2003 12:00, File description = My Documents Folder UI, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3502.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1997) |-1505230217|0x811344382cfe42fac7608645203429a2|
C:\WINNT\system32\NETSHELL.dll, MID = 76f20000, ("c:\winnt\system32\netshell.dll") File version = 5.00.2195.6604, File size = 477456, File modification date = 14/07/2003 12:00, File description = Network Connections Shell, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6604, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1195136391|0xfc1783b19a718444de5f6fe5c9143079|
C:\WINNT\system32\webcheck.dll, MID = 70340000, ("c:\winnt\system32\webcheck.dll") File version = 6.00.2800.1106, File size = 258048, File modification date = 29/08/2002 14:14, File description = Web Site Monitor, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1741398926|0xf2786dc35401fceb401a0f5810e22ab6|
C:\WINNT\system32\stobject.dll, MID = 766d0000, ("c:\winnt\system32\stobject.dll") File version = 5.00.2195.6601, File size = 81168, File modification date = 14/07/2003 12:00, File description = Systray shell service object, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |724966362|0x34660338069fd5665b921ecffc96e0ce|
C:\WINNT\system32\BATMETER.DLL, MID = 76740000, ("c:\winnt\system32\batmeter.dll") File version = 5.00.3502.6601, File size = 20752, File modification date = 14/07/2003 12:00, File description = Battery Meter Helper DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3502.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1991-1997) |1687613830|0xe6475b864136ac29317ad7552faf1a4f|
C:\WINNT\system32\SETUPAPI.DLL, MID = 77880000, ("c:\winnt\system32\setupapi.dll") File version = 5.00.2195.6622, File size = 570128, File modification date = 14/07/2003 12:00, File description = Windows Setup API, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6622, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-895472665|0x9726125daa47dcbf34f53cef8c677b9c|
C:\WINNT\system32\POWRPROF.DLL, MID = 766f0000, ("c:\winnt\system32\powrprof.dll") File version = 5.00.3502.6601, File size = 13584, File modification date = 14/07/2003 12:00, File description = Power Profile Helper DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3502.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1991-1997) |-528386220|0x0a35f356726069b95f4bb2a99203fdd4|
C:\WINNT\system32\WINMM.DLL, MID = 77570000, ("c:\winnt\system32\winmm.dll") File version = 5.00.2161.1, File size = 189200, File modification date = 14/07/2003 12:00, File description = MCI API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2161.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1294126543|0x89ae2927b977604d720b1680e208af47|
C:\WINNT\system32\MPR.DLL, MID = 76620000, ("c:\winnt\system32\mpr.dll") File version = 5.00.2195.7134, File size = 54032, File modification date = 16/04/2007 12:44, File description = Multiple Provider Router DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7134, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1720145585|0xbbe0c0025a82681055660d91cef145ef|
C:\WINNT\System32\ntlanman.dll, MID = 75160000, ("c:\winnt\system32\ntlanman.dll") File version = 5.00.2195.6824, File size = 37648, File modification date = 08/04/2005 11:54, File description = Microsoft® Lan Manager, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6824, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-651521664|0x5e135566b76bd640d217244ff6977d5d|
C:\WINNT\System32\NETUI0.dll, MID = 75210000, ("c:\winnt\system32\netui0.dll") File version = 5.00.2195.6601, File size = 71952, File modification date = 14/07/2003 12:00, File description = NT LM UI Common Code - GUI Classes, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |799809943|0xa19d2705a2728bd9ffbe35273a00e59f|
C:\WINNT\System32\NETUI1.dll, MID = 751d0000, ("c:\winnt\system32\netui1.dll") File version = 5.00.2134.1, File size = 215312, File modification date = 14/07/2003 12:00, File description = NT LM UI Common Code - Networking classes, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-15966822|0x9e65344e445a287fc3a299ff5304dbe5|
C:\WINNT\system32\MSI.DLL, MID = 78b20000, ("c:\winnt\system32\msi.dll") File version = 3.1.4000.4033, File size = 2854400, File modification date = 05/04/2007 07:17, File description = Windows Installer, Product Name = Windows Installer - Unicode, Product version = 3.1.4000.4033, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-2030425112|0xf75dd2e82d0019ddddd926ba9b07a325|
C:\WINNT\system32\wdmaud.drv, MID = 77560000, ("c:\winnt\system32\wdmaud.drv") File version = 5.00.2195.6673, File size = 21264, File modification date = 19/06/2003 19:05, File description = WDM Audio driver mapper, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6673, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2003832807|0x64edee207678b40a3b0a777292744caa|
C:\WINNT\system32\MSCTF.dll, MID = 60000000, ("c:\winnt\system32\msctf.dll") File version = 1.00.2409.41 built by: Lab06_N, File size = 289792, File modification date = 21/03/2005 22:12, File description = MSUIM Server DLL, Product Name = Microsoft(R) Windows NT(R) Operating System, Product version = 1.00.2409.41, Company name = Microsoft Corporation (Copyright (C) Microsoft Corporation. 1981-2001) |-2131644266|0x3f39a3de6d810b493ab397413250ad88|
C:\WINNT\system32\msacm32.drv, MID = 77400000, ("c:\winnt\system32\msacm32.drv") File version = 5.00.2134.1, File size = 21264, File modification date = 14/07/2003 12:00, File description = Microsoft Sound Mapper, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2041383596|0x4bfd2599ed4c793054f627b1c1470e43|
C:\WINNT\system32\MSACM32.dll, MID = 77410000, ("c:\winnt\system32\msacm32.dll") File version = 5.00.2134.1, File size = 66832, File modification date = 14/07/2003 12:00, File description = Microsoft ACM Audio Filter, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1153347570|0xc7428a1a88eb172d66317aedb6ad48f0|
C:\WINNT\system32\es.dll, MID = 76290000, ("c:\winnt\system32\es.dll") File version = 2000.2.3550.0, File size = 251152, File modification date = 10/07/2008 10:00, File description = (null), Product Name = COM Services, Product version = 03.00.00.3550, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |-1675031144|0x019bd72a117c13df44d6ca3b96a345d6|
C:\WINNT\system32\TxfAux.Dll, MID = 6de80000, ("c:\winnt\system32\txfaux.dll") File version = 2000.2.3529.0, File size = 398608, File modification date = 05/09/2005 08:18, File description = Support routines for TXF, Product Name = COM Services, Product version = 03.00.00.3529, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |-877438123|0x7d303f4281c0afbedeb790c026f9e101|
C:\WINNT\system32\WININET.dll, MID = 70200000, ("c:\winnt\system32\wininet.dll") File version = 6.00.2800.1106, File size = 585728, File modification date = 29/08/2002 14:14, File description = Internet Extensions for Win32, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-958945156|0x8579e8474130334dfa93d4df3f0d3fa1|
C:\WINNT\system32\CRYPT32.dll, MID = 7c740000, ("c:\winnt\system32\crypt32.dll") File version = 5.131.2195.6926, File size = 563984, File modification date = 08/04/2005 11:54, File description = Crypto API32, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.131.2195.6926, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1939721043|0x9726a08c3e529c5e6a48fff274a32932|
C:\WINNT\system32\MSASN1.dll, MID = 77430000, ("c:\winnt\system32\msasn1.dll") File version = 5.00.2195.6905, File size = 56592, File modification date = 08/04/2005 11:54, File description = ASN.1 Runtime APIs, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6905, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |941742114|0x507173a20310cc8eaebb1204dc1d822d|
C:\WINNT\system32\urlmon.dll, MID = 702b0000, ("c:\winnt\system32\urlmon.dll") File version = 6.00.2800.1106, File size = 482816, File modification date = 29/08/2002 14:14, File description = OLE32 Extensions for Win32, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1403720552|0x54023abfe163804297f6dc05badf6668|
C:\WINNT\system32\VERSION.dll, MID = 77820000, ("c:\winnt\system32\version.dll") File version = 5.00.2195.6623, File size = 16144, File modification date = 14/07/2003 12:00, File description = Version Checking and File Installation Libraries, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6623, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-190638979|0xca34bd29eb86bd772d59d35b959d43ee|
C:\WINNT\system32\LZ32.DLL, MID = 759b0000, ("c:\winnt\system32\lz32.dll") File version = 5.00.2195.6611, File size = 10000, File modification date = 14/07/2003 12:00, File description = LZ Expand/Compress API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6611, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1264502935|0x486298f7d8f63d3c441579783541a01b|
C:\WINNT\system32\CfgMgr32.dll, MID = 770b0000, ("c:\winnt\system32\cfgmgr32.dll") File version = 5.00.2134.1, File size = 17168, File modification date = 14/07/2003 12:00, File description = Configuration Manager Forwarder DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |583119563|0x6dad3811e7b208a54d2e2009562d2a7d|
C:\WINNT\system32\browselc.dll, MID = 71960000, ("c:\winnt\system32\browselc.dll") File version = 6.00.2800.1106, File size = 62976, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1359290099|0x857a6dcab916acea6c697b2b108e2a35|
C:\WINNT\system32\mlang.dll, MID = 70440000, ("c:\winnt\system32\mlang.dll") File version = 6.00.2800.1106, File size = 574976, File modification date = 29/08/2002 14:14, File description = Multi Language Support DLL, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |541589901|0xaa213a1b082e910b768c17093fd4e0c1|
C:\WINNT\system32\IMM32.dll, MID = 75e60000, ("c:\winnt\system32\imm32.dll") File version = 5.00.2195.6655, File size = 96528, File modification date = 14/07/2003 12:00, File description = Windows 2000 IMM32 API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |963357628|0x873794ce17dd72420d9c4072d4d112e5|
C:\WINNT\system32\WINTRUST.dll, MID = 76930000, ("c:\winnt\system32\wintrust.dll") File version = 5.131.2195.6824, File size = 167184, File modification date = 12/01/2005 19:39, File description = Microsoft Trust Verification APIs, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.131.2195.6824, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |272808691|0xb48d15b923fc4f98209f5416fa43a7a7|
C:\WINNT\system32\IMAGEHLP.dll, MID = 77920000, ("c:\winnt\system32\imagehlp.dll") File version = 5.00.2195.6613, File size = 128784, File modification date = 14/07/2003 12:00, File description = Windows NT Image Helper, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6613, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |46145033|0x73aa2a817308c74e3ee8f3a9df9d65de|
C:\WINNT\system32\jscript.dll, MID = 6b700000, ("c:\winnt\system32\jscript.dll") File version = 5.6.0.6626, File size = 589874, File modification date = 26/06/2001 23:36, File description = Microsoft (r) JScript, Product Name = Microsoft (r) JScript, Product version = 5.6.0.6626, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 2001) |1257281212|0x4b0129b70e39dc60851520c27b181eab|
C:\WINNT\system32\JSCPL32.CPL, MID = 10000000, ("c:\winnt\system32\jscpl32.cpl") File version = 2.00.0179, File size = 20480, File modification date = 30/05/1998 00:16, File description = JSCpl32 - Win32 Control Panel Applet, Product Name = JetSuite, Product version = 2.00.0000, Company name = JetFax, Inc. (Copyright © JetFax 1996,1997) |942191817|0xc9ea673c226f6525383526c8bfbe831e|
C:\WINNT\system32\wuaucpl.cpl, MID = 508e0000, ("c:\winnt\system32\wuaucpl.cpl") File version = 7.4.7600.226 (winmain_wtr_wsus3sp2(wmbla).090806-1834), File size = 217816, File modification date = 07/08/2009 02:24, File description = Automatic Updates Control Panel, Product Name = Microsoft® Windows® Operating System, Product version = 7.4.7600.226, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1961471004|0x37bf196917fa0c591bafcd7949524ff3|
C:\WINNT\system32\Cabinet.dll, MID = 75a00000, ("c:\winnt\system32\cabinet.dll") File version = 5.00.2195.7000, File size = 56080, File modification date = 12/01/2005 19:39, File description = Microsoft® Cabinet File API, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7000, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-889739509|0xd84e59313ed41baf7b3c04e7fe2dae4f|
C:\WINNT\system32\MSIMG32.dll, MID = 6b2c0000, ("c:\winnt\system32\msimg32.dll") File version = 5.00.2180.1, File size = 5392, File modification date = 14/07/2003 12:00, File description = GDIEXT Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2180.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |198263719|0x6463e7716ac0acffa85d4218058eec10|
C:\WINNT\system32\wuaucpl.cpl.mui, MID = 1f00000, ("c:\winnt\system32\wuaucpl.cpl.mui") File version = 7.4.7600.226 (winmain_wtr_wsus3sp2(wmbla).090806-1834), File size = 15072, File modification date = 07/08/2009 02:24, File description = Automatic Updates Control Panel, Product Name = Microsoft® Windows® Operating System, Product version = 7.4.7600.226, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-880862922|0xb63d7016211f2323bb5b4ff1f8cb1cf6|
C:\WINNT\system32\powercfg.cpl, MID = 65050000, ("c:\winnt\system32\powercfg.cpl") File version = 5.00.3502.6601, File size = 90896, File modification date = 14/07/2003 12:00, File description = Power Management Configuration Control Panel Applet, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3502.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1991-1997) |-1655603841|0x50256d0d1baf861888ac445be8e97fef|
C:\WINNT\system32\INPUT.CPL, MID = 1f10000, ("c:\winnt\system32\input.cpl") File version = 1.00.2409.41 built by: Lab06_N, File size = 109568, File modification date = 21/03/2005 22:13, File description = Text Input DLL, Product Name = Microsoft(R) Windows NT(R) Operating System, Product version = 1.00.2409.41, Company name = Microsoft Corporation (Copyright (C) Microsoft Corporation. 1981-2001) |1145615235|0x6e65a0537638f489a7fa8647fe92928f|
C:\Program Files\WinZip\wzshlstb.dll, MID = 16200000, ("c:\program files\winzip\wzshlstb.dll") File version = 4.1 (32-bit), File size = 5120, File modification date = 21/11/2006 18:00, File description = WinZip Shell Extension DLL, Product Name = WinZip, Product version = 11.0 (6595), Company name = WinZip Computing LP (Copyright (c) WinZip International LLC 1991-2006 - All Rights Reserved) |843056482|0xe819e2d346b943f9562436e1abb50eae|
C:\WINNT\system32\docprop2.dll, MID = 71f00000, ("c:\winnt\system32\docprop2.dll") File version = 5.00.2178.1, File size = 304912, File modification date = 14/07/2003 12:00, File description = DocProp2, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2178.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1833586689|0xca12f2f17ca3588bf29e2374e71d4f3b|
C:\WINNT\system32\MSVFW32.DLL, MID = 6a8f0000, ("c:\winnt\system32\msvfw32.dll") File version = 5.00.2195.6612, File size = 116496, File modification date = 14/07/2003 12:00, File description = Microsoft Video for Windows DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6612, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1874828877|0x586636e7522400e2c20c11aba00739da|
C:\WINNT\system32\AVIFIL32.DLL, MID = 74870000, ("c:\winnt\system32\avifil32.dll") File version = 5.00.2195.7316, File size = 78608, File modification date = 13/07/2009 13:13, File description = Microsoft AVI File support library, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7316, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-199942606|0x065d4db3588b13c485980ed68381f37f|
C:\WINNT\system32\faxshell.dll, MID = 70020000, ("c:\winnt\system32\faxshell.dll") File version = 5.00.2134.1, File size = 8464, File modification date = 14/07/2003 12:00, File description = Fax Tiff Data Column Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |638015508|0xb816393b4d430853f23831576076f284|
C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll, MID = 2b40000, ("c:\program files\common files\adobe\acrobat\activex\pdfshell.dll") File version = 9.1.0.2009022700, File size = 378200, File modification date = 27/02/2009 20:16, File description = PDF Shell Extension, Product Name = Adobe PDF Shell Extension, Product version = 9.1.0.2009022700, Company name = Adobe Systems, Inc. (Copyright 1984-2009 Adobe Systems Incorporated and its licensors. All rights reserved.) |-1180912113|0x481b9ccfe45a50085e8254c921c0ac30|
C:\WINNT\system32\MSVCR80.dll, MID = 78130000, ("c:\winnt\system32\msvcr80.dll") File version = 8.00.50727.762, File size = 626688, File modification date = 02/12/2006 06:54, File description = Microsoft® C Runtime Library, Product Name = Microsoft® Visual Studio® 2005, Product version = 8.00.50727.762, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |412186895|0xe4fece18310e23b1d8fee993e35e7a6f|
C:\WINNT\system32\shdoclc.dll, MID = 718c0000, ("c:\winnt\system32\shdoclc.dll") File version = 6.00.2800.1106, File size = 533504, File modification date = 29/08/2002 14:14, File description = Shell Doc Object and Control Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |4017824|0xfd95707b90e2798a38ddfc4c59529c61|
C:\Program Files\WinRAR\rarext.dll, MID = 2d60000, ("c:\program files\winrar\rarext.dll") File version = (null), File size = 129024, File modification date = 21/09/2007 01:34, File description = (null), Product Name = (null), Product version = (null), Company name = (null) |-1061107025|0x023707d932ba31314210e6844d33d500|
C:\Program Files\Spyware Terminator\sptcontmenu.dll, MID = 3190000, ("c:\program files\spyware terminator\sptcontmenu.dll") File version = 1.1.0.15, File size = 164352, File modification date = 13/10/2009 23:43, File description = Crawler Spyware Terminator Shell Extension, Product Name = Spyware Terminator, Product version = (null), Company name = Crawler.com (© Crawler.com) |789417198|0xa5e97b2b88cc48fc178e88bf6e02f5ec|
C:\WINNT\system32\SHFolder.dll, MID = 719b0000, ("c:\winnt\system32\shfolder.dll") File version = 6.00.2800.1106, File size = 22528, File modification date = 29/08/2002 14:14, File description = Shell Folder Service, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-449221516|0xb52fe46bf6c62bc5c427c7fceaeccc18|
C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll, MID = 3300000, ("c:\program files\common files\symantec shared\ssc\vpshell2.dll") File version = 9.0.1.1000, File size = 46288, File modification date = 03/08/2004 03:37, File description = Symantec AntiVirus, Product Name = Symantec AntiVirus, Product version = 9.0.1.1000, Company name = Symantec Corporation (Copyright 1991 - 2004 Symantec Corporation. All rights reserved.) |756775627|0xe13f3b595f537b4e71777a3eb236fb18|
C:\WINNT\system32\ADSLDPC.DLL, MID = 77380000, ("c:\winnt\system32\adsldpc.dll") File version = 5.00.2195.6993, File size = 134928, File modification date = 08/04/2005 11:54, File description = ADs LDAP Provider C DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6993, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1367366423|0xf898815e2a3d185df0d61214cb1768ef|
C:\WINNT\system32\WINSPOOL.DRV, MID = 77800000, ("c:\winnt\system32\winspool.drv") File version = 5.00.2195.6659, File size = 113936, File modification date = 14/07/2003 12:00, File description = Windows Spooler Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6659, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |922778299|0xe58bf969aa9e4c548473474d8e9d971a|
C:\WINNT\system32\thumbvw.dll, MID = 66d20000, ("c:\winnt\system32\thumbvw.dll") File version = 5.00.3502.6601, File size = 187664, File modification date = 14/07/2003 12:00, File description = Thumbnail View Extension, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3502.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1959905185|0x314525cc5e46f0a4cd7a7ee823d78e4d|

Robert09
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2009-10-14
OS OS : 2000 Pro
Points Points : 26223
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Robert09 on Fri Oct 23, 2009 10:53 pm

PROCESS VPTray, PID = 428, USER = WS24\Administrator (Group - WS24\None, Everyone, WS24\Debugger Users, BUILTIN\Administrators, BUILTIN\Users, NT AUTHORITY\INTERACTIVE, NT AUTHORITY\Authenticated Users, LOCAL), Command Line = "C:\PROGRA~1\SYMANT~1\VPTray.exe"
"c:\program files\symantec antivirus\vptray.exe" File version = 9.0.1.1000, File size = 124232, File modification date = 03/08/2004 03:36, File description = Symantec AntiVirus, Product Name = Symantec AntiVirus, Product version = 9.0.1.1000, Company name = Symantec Corporation (Copyright 1991 - 2004 Symantec Corporation. All rights reserved.) |-1927514860|0x46af9457ff9d22a5832490c546169363|
C:\PROGRA~1\SYMANT~1\VPTray.exe, MID = 400000, ("c:\program files\symantec antivirus\vptray.exe") File version = 9.0.1.1000, File size = 124232, File modification date = 03/08/2004 03:36, File description = Symantec AntiVirus, Product Name = Symantec AntiVirus, Product version = 9.0.1.1000, Company name = Symantec Corporation (Copyright 1991 - 2004 Symantec Corporation. All rights reserved.) |-1927514860|0x46af9457ff9d22a5832490c546169363|
C:\WINNT\system32\ntdll.dll, MID = 77f80000, ("c:\winnt\system32\ntdll.dll") File version = 5.00.2195.7006, File size = 483600, File modification date = 16/08/2005 09:39, File description = NT Layer DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7006, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1093949723|0x4c0f0b57de8c1669aa6f49d285b3865a|
C:\WINNT\system32\KERNEL32.dll, MID = 7c570000, ("c:\winnt\system32\kernel32.dll") File version = 5.00.2195.7135, File size = 712976, File modification date = 16/04/2007 12:44, File description = Windows NT BASE API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7135, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1984583957|0x0ab23b46ccaeba64d748a5cf79cb4bb6|
C:\WINNT\system32\USER32.dll, MID = 77e10000, ("c:\winnt\system32\user32.dll") File version = 5.00.2195.7133, File size = 381200, File modification date = 06/03/2007 11:17, File description = Windows 2000 USER API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7133, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |428782839|0x40023a7103796b1af6ca41a6dbc54775|
C:\WINNT\system32\GDI32.dll, MID = 77f40000, ("c:\winnt\system32\gdi32.dll") File version = 5.00.2195.7205, File size = 237840, File modification date = 23/10/2008 05:27, File description = GDI Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7205, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-509084252|0xddc864563d0c543cbed08f32864a87a9|
C:\WINNT\system32\ADVAPI32.dll, MID = 7c2d0000, ("c:\winnt\system32\advapi32.dll") File version = 5.00.2195.7038, File size = 401168, File modification date = 21/04/2005 08:08, File description = Advanced Windows 32 Base API, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7038, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1396536984|0x67d5fc28cab4066922da01eb9c28167a|
C:\WINNT\system32\RPCRT4.dll, MID = 77d30000, ("c:\winnt\system32\rpcrt4.dll") File version = 5.00.2195.7090, File size = 439056, File modification date = 17/07/2007 06:42, File description = Remote Procedure Call Runtime, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7090, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-897039946|0xe11ad7a9e8320ad76954eab83356efbe|
C:\WINNT\system32\Secur32.dll, MID = 7c340000, ("c:\winnt\system32\secur32.dll") File version = 5.00.2195.6695, File size = 48912, File modification date = 14/07/2003 12:00, File description = Security Support Provider Interface, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6695, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1886565331|0x0d6b5a519879138244ef3f8549c02432|
C:\WINNT\system32\SHELL32.dll, MID = 7cf30000, ("c:\winnt\system32\shell32.dll") File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
C:\WINNT\system32\SHLWAPI.dll, MID = 70bd0000, ("c:\winnt\system32\shlwapi.dll") File version = 6.00.2800.1106, File size = 395264, File modification date = 29/08/2002 14:14, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |548690860|0x77e607bcfb09e6958fe58b0345ec48c6|
C:\WINNT\system32\msvcrt.dll, MID = 78000000, ("c:\winnt\system32\msvcrt.dll") File version = 6.10.9844.0, File size = 286773, File modification date = 14/07/2003 12:00, File description = Microsoft (R) C Runtime Library, Product Name = Microsoft (R) Visual C++, Product version = 6.10.9844.0, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-229369582|0xba7be6f92680b28b9031170659fd222d|
C:\WINNT\system32\COMCTL32.dll, MID = 71710000, ("c:\winnt\system32\comctl32.dll") File version = 5.81, File size = 529680, File modification date = 29/08/2002 14:14, File description = Common Controls Library, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.50.4916.400, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-2001) |163435159|0x9edc93cc795dff919c6cd953912838a9|
C:\WINNT\system32\ole32.dll, MID = 7ce20000, ("c:\winnt\system32\ole32.dll") File version = 5.00.2195.7059, File size = 957712, File modification date = 05/09/2005 08:18, File description = Microsoft OLE for Windows, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7059, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1440050145|0x7f22f0fb5437b1b83bca7380385faf2d|
C:\WINNT\system32\OLEAUT32.dll, MID = 779b0000, ("c:\winnt\system32\oleaut32.dll") File version = 2.40.4532, File size = 631056, File modification date = 05/12/2007 10:40, File description = (null), Product Name = (null), Product version = 2.40.4532, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-1998.) |1026888533|0x6c81e3b6dde5b04290f4429f64b4959d|
C:\Program Files\Symantec AntiVirus\SAVRT32.DLL, MID = 6fa60000, ("c:\program files\symantec antivirus\savrt32.dll") File version = 9.3.0.28, File size = 218344, File modification date = 09/02/2004 23:43, File description = Symantec Realtime DLL, Product Name = Symantec AntiVirus AutoProtect, Product version = 9.3, Company name = Symantec Corporation (Copyright (c) 2003 Symantec Corporation) |-1530242046|0x643a1c8ad3938d8855f507fbcd82192c|
C:\WINNT\system32\VERSION.dll, MID = 77820000, ("c:\winnt\system32\version.dll") File version = 5.00.2195.6623, File size = 16144, File modification date = 14/07/2003 12:00, File description = Version Checking and File Installation Libraries, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6623, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-190638979|0xca34bd29eb86bd772d59d35b959d43ee|
C:\WINNT\system32\LZ32.DLL, MID = 759b0000, ("c:\winnt\system32\lz32.dll") File version = 5.00.2195.6611, File size = 10000, File modification date = 14/07/2003 12:00, File description = LZ Expand/Compress API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6611, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1264502935|0x486298f7d8f63d3c441579783541a01b|
C:\WINNT\system32\CLBCATQ.DLL, MID = 7c950000, ("c:\winnt\system32\clbcatq.dll") File version = 2000.2.3529.0, File size = 551184, File modification date = 05/09/2005 08:18, File description = (null), Product Name = COM Services, Product version = 03.00.00.3529, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |191380482|0x6b8970e4791049d3ee5c3514e62797ee|
C:\WINNT\system32\msi.dll, MID = 78b20000, ("c:\winnt\system32\msi.dll") File version = 3.1.4000.4033, File size = 2854400, File modification date = 05/04/2007 07:17, File description = Windows Installer, Product Name = Windows Installer - Unicode, Product version = 3.1.4000.4033, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-2030425112|0xf75dd2e82d0019ddddd926ba9b07a325|
C:\WINNT\system32\MSCTF.dll, MID = 60000000, ("c:\winnt\system32\msctf.dll") File version = 1.00.2409.41 built by: Lab06_N, File size = 289792, File modification date = 21/03/2005 22:12, File description = MSUIM Server DLL, Product Name = Microsoft(R) Windows NT(R) Operating System, Product version = 1.00.2409.41, Company name = Microsoft Corporation (Copyright (C) Microsoft Corporation. 1981-2001) |-2131644266|0x3f39a3de6d810b493ab397413250ad88|
C:\Program Files\Symantec AntiVirus\Cliproxy.dll, MID = 513d0000, ("c:\program files\symantec antivirus\cliproxy.dll") File version = 9.0.1.1000, File size = 267600, File modification date = 03/08/2004 03:36, File description = Symantec AntiVirus, Product Name = Symantec AntiVirus, Product version = 9.0.1.1000, Company name = Symantec Corporation (Copyright 1991 - 2004 Symantec Corporation. All rights reserved.) |1701374482|0xb2f2d28775b2edd411820bcce427cfa9|
C:\WINNT\system32\CTL3D32.dll, MID = 72e90000, ("c:\winnt\system32\ctl3d32.dll") File version = 2.31.000, File size = 27136, File modification date = 14/07/2003 12:00, File description = Ctl3D 3D Windows Controls, Product Name = 3D Windows Controls, Product version = 2,31,0,0, Company name = Microsoft Corporation (Copyright © Microsoft Corp. ) |-380324108|0xad63fb7d2c4a286d5ab1657ff4cd4a43|
C:\WINNT\system32\WS2_32.dll, MID = 75030000, ("c:\winnt\system32\ws2_32.dll") File version = 5.00.2195.6601, File size = 69904, File modification date = 14/07/2003 12:00, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2119670867|0x0190c62de42396d78db9be771cf2403e|
C:\WINNT\system32\WS2HELP.DLL, MID = 75020000, ("c:\winnt\system32\ws2help.dll") File version = 5.00.2134.1, File size = 18192, File modification date = 14/07/2003 12:00, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1302601384|0x28336b1300ec048124197091354251b6|
C:\WINNT\system32\MPR.dll, MID = 76620000, ("c:\winnt\system32\mpr.dll") File version = 5.00.2195.7134, File size = 54032, File modification date = 16/04/2007 12:44, File description = Multiple Provider Router DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7134, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1720145585|0xbbe0c0025a82681055660d91cef145ef|
C:\PROGRA~1\SYMANT~1\NAVNTUTL.DLL, MID = 51810000, ("c:\program files\symantec antivirus\navntutl.dll") File version = 9.0.1.1000, File size = 83280, File modification date = 03/08/2004 03:36, File description = Symantec AntiVirus, Product Name = Symantec AntiVirus, Product version = 9.0.1.1000, Company name = Symantec Corporation (Copyright 1991 - 2004 Symantec Corporation. All rights reserved.) |804910486|0x26902c9a91bd545e75cfec121b463ad0|
C:\Program Files\Symantec AntiVirus\Cliscan.dll, MID = 51420000, ("c:\program files\symantec antivirus\cliscan.dll") File version = 9.0.1.1000, File size = 361808, File modification date = 03/08/2004 03:36, File description = Symantec AntiVirus, Product Name = Symantec AntiVirus, Product version = 9.0.1.1000, Company name = Symantec Corporation (Copyright 1991 - 2004 Symantec Corporation. All rights reserved.) |952933014|0xaaa874106b4968eea66ddb0c7120739f|
C:\WINNT\system32\WSOCK32.dll, MID = 75050000, ("c:\winnt\system32\wsock32.dll") File version = 5.00.2195.6603, File size = 21776, File modification date = 14/07/2003 12:00, File description = Windows Socket 32-Bit DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6603, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1515024278|0x183d2d8e28a0393b4798addd46ad27b0|
C:\WINNT\system32\WINMM.dll, MID = 77570000, ("c:\winnt\system32\winmm.dll") File version = 5.00.2161.1, File size = 189200, File modification date = 14/07/2003 12:00, File description = MCI API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2161.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1294126543|0x89ae2927b977604d720b1680e208af47|
C:\WINNT\system32\NETAPI32.dll, MID = 7cdc0000, ("c:\winnt\system32\netapi32.dll") File version = 5.00.2195.7203, File size = 310032, File modification date = 17/10/2008 17:41, File description = Net Win32 API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7203, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |439070768|0x7bbba94bcae7b4371254167c24972dfc|
C:\WINNT\system32\NTDSAPI.dll, MID = 77bf0000, ("c:\winnt\system32\ntdsapi.dll") File version = 5.00.2195.6666, File size = 57616, File modification date = 14/07/2003 12:00, File description = NT5DS, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6666, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |792560724|0x1a9f0053b554fd71730b21e23458bc53|
C:\WINNT\system32\DNSAPI.DLL, MID = 77980000, ("c:\winnt\system32\dnsapi.dll") File version = 5.00.2195.7158, File size = 137488, File modification date = 25/06/2008 09:41, File description = DNS Client API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2059941658|0xf2ec571dbba43735147910f800059fac|
C:\WINNT\system32\WLDAP32.DLL, MID = 77950000, ("c:\winnt\system32\wldap32.dll") File version = 5.00.2195.7017, File size = 146192, File modification date = 08/04/2005 11:54, File description = Win32 LDAP API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7017, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1717065883|0x0da1335235dc386dab3c2329bcf2d4ee|
C:\WINNT\system32\NETRAP.dll, MID = 751c0000, ("c:\winnt\system32\netrap.dll") File version = 5.00.2134.1, File size = 11536, File modification date = 14/07/2003 12:00, File description = Net Remote Admin Protocol DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1388728333|0x3de628eb3d632875b8a24bdc53e67277|
C:\WINNT\system32\SAMLIB.dll, MID = 75150000, ("c:\winnt\system32\samlib.dll") File version = 5.00.2195.6944, File size = 51984, File modification date = 08/04/2005 11:54, File description = SAM Library DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6944, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1155014648|0xabda35a92538d23407d3f394f5179002|
C:\WINNT\system32\shfolder.dll, MID = 719b0000, ("c:\winnt\system32\shfolder.dll") File version = 6.00.2800.1106, File size = 22528, File modification date = 29/08/2002 14:14, File description = Shell Folder Service, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-449221516|0xb52fe46bf6c62bc5c427c7fceaeccc18|
C:\WINNT\system32\SFC.DLL, MID = 76980000, ("c:\winnt\system32\sfc.dll") File version = 5.00.2195.6673, File size = 95024, File modification date = 14/07/2003 12:00, File description = Windows File Protection, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6673, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1146302331|0x0e1f5e9b2d00611dc9fe59eef9487c76|
C:\WINNT\system32\sfcfiles.dll, MID = 68010000, ("c:\winnt\system32\sfcfiles.dll") File version = 5.00.2195.7038, File size = 973072, File modification date = 08/04/2005 10:34, File description = Windows 2000 System File Checker, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7038, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1300472552|0x7645645bb506c26b96b8f31893378c4b|

PROCESS realsched, PID = 820, USER = WS24\Administrator (Group - WS24\None, Everyone, WS24\Debugger Users, BUILTIN\Administrators, BUILTIN\Users, NT AUTHORITY\INTERACTIVE, NT AUTHORITY\Authenticated Users, LOCAL), Command Line = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
"c:\program files\common files\real\update_ob\realsched.exe" File version = 0.1.0.4043, File size = 185632, File modification date = 06/04/2008 05:51, File description = RealNetworks Scheduler, Product Name = RealPlayer (32-bit) , Product version = 0.1.0.4043, Company name = RealNetworks, Inc. (Copyright © RealNetworks, Inc. 1995-2004) |1143612952|0x28525d80ea1d33cf60b8ac318a5f1c82|
C:\Program Files\Common Files\Real\Update_OB\realsched.exe, MID = 400000, ("c:\program files\common files\real\update_ob\realsched.exe") File version = 0.1.0.4043, File size = 185632, File modification date = 06/04/2008 05:51, File description = RealNetworks Scheduler, Product Name = RealPlayer (32-bit) , Product version = 0.1.0.4043, Company name = RealNetworks, Inc. (Copyright © RealNetworks, Inc. 1995-2004) |1143612952|0x28525d80ea1d33cf60b8ac318a5f1c82|
C:\WINNT\system32\ntdll.dll, MID = 77f80000, ("c:\winnt\system32\ntdll.dll") File version = 5.00.2195.7006, File size = 483600, File modification date = 16/08/2005 09:39, File description = NT Layer DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7006, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1093949723|0x4c0f0b57de8c1669aa6f49d285b3865a|
C:\WINNT\system32\ole32.dll, MID = 7ce20000, ("c:\winnt\system32\ole32.dll") File version = 5.00.2195.7059, File size = 957712, File modification date = 05/09/2005 08:18, File description = Microsoft OLE for Windows, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7059, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1440050145|0x7f22f0fb5437b1b83bca7380385faf2d|
C:\WINNT\system32\RPCRT4.dll, MID = 77d30000, ("c:\winnt\system32\rpcrt4.dll") File version = 5.00.2195.7090, File size = 439056, File modification date = 17/07/2007 06:42, File description = Remote Procedure Call Runtime, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7090, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-897039946|0xe11ad7a9e8320ad76954eab83356efbe|
C:\WINNT\system32\KERNEL32.dll, MID = 7c570000, ("c:\winnt\system32\kernel32.dll") File version = 5.00.2195.7135, File size = 712976, File modification date = 16/04/2007 12:44, File description = Windows NT BASE API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7135, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1984583957|0x0ab23b46ccaeba64d748a5cf79cb4bb6|
C:\WINNT\system32\Secur32.dll, MID = 7c340000, ("c:\winnt\system32\secur32.dll") File version = 5.00.2195.6695, File size = 48912, File modification date = 14/07/2003 12:00, File description = Security Support Provider Interface, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6695, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1886565331|0x0d6b5a519879138244ef3f8549c02432|
C:\WINNT\system32\ADVAPI32.DLL, MID = 7c2d0000, ("c:\winnt\system32\advapi32.dll") File version = 5.00.2195.7038, File size = 401168, File modification date = 21/04/2005 08:08, File description = Advanced Windows 32 Base API, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7038, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1396536984|0x67d5fc28cab4066922da01eb9c28167a|
C:\WINNT\system32\GDI32.dll, MID = 77f40000, ("c:\winnt\system32\gdi32.dll") File version = 5.00.2195.7205, File size = 237840, File modification date = 23/10/2008 05:27, File description = GDI Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7205, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-509084252|0xddc864563d0c543cbed08f32864a87a9|
C:\WINNT\system32\USER32.dll, MID = 77e10000, ("c:\winnt\system32\user32.dll") File version = 5.00.2195.7133, File size = 381200, File modification date = 06/03/2007 11:17, File description = Windows 2000 USER API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7133, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |428782839|0x40023a7103796b1af6ca41a6dbc54775|
C:\WINNT\system32\VERSION.dll, MID = 77820000, ("c:\winnt\system32\version.dll") File version = 5.00.2195.6623, File size = 16144, File modification date = 14/07/2003 12:00, File description = Version Checking and File Installation Libraries, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6623, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-190638979|0xca34bd29eb86bd772d59d35b959d43ee|
C:\WINNT\system32\LZ32.DLL, MID = 759b0000, ("c:\winnt\system32\lz32.dll") File version = 5.00.2195.6611, File size = 10000, File modification date = 14/07/2003 12:00, File description = LZ Expand/Compress API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6611, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1264502935|0x486298f7d8f63d3c441579783541a01b|
C:\WINNT\system32\shell32.dll, MID = 7cf30000, ("c:\winnt\system32\shell32.dll") File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
C:\WINNT\system32\SHLWAPI.dll, MID = 70bd0000, ("c:\winnt\system32\shlwapi.dll") File version = 6.00.2800.1106, File size = 395264, File modification date = 29/08/2002 14:14, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |548690860|0x77e607bcfb09e6958fe58b0345ec48c6|
C:\WINNT\system32\msvcrt.dll, MID = 78000000, ("c:\winnt\system32\msvcrt.dll") File version = 6.10.9844.0, File size = 286773, File modification date = 14/07/2003 12:00, File description = Microsoft (R) C Runtime Library, Product Name = Microsoft (R) Visual C++, Product version = 6.10.9844.0, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-229369582|0xba7be6f92680b28b9031170659fd222d|
C:\WINNT\system32\COMCTL32.dll, MID = 71710000, ("c:\winnt\system32\comctl32.dll") File version = 5.81, File size = 529680, File modification date = 29/08/2002 14:14, File description = Common Controls Library, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.50.4916.400, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-2001) |163435159|0x9edc93cc795dff919c6cd953912838a9|
C:\WINNT\system32\OLEAUT32.DLL, MID = 779b0000, ("c:\winnt\system32\oleaut32.dll") File version = 2.40.4532, File size = 631056, File modification date = 05/12/2007 10:40, File description = (null), Product Name = (null), Product version = 2.40.4532, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-1998.) |1026888533|0x6c81e3b6dde5b04290f4429f64b4959d|
C:\WINNT\system32\CLBCATQ.DLL, MID = 7c950000, ("c:\winnt\system32\clbcatq.dll") File version = 2000.2.3529.0, File size = 551184, File modification date = 05/09/2005 08:18, File description = (null), Product Name = COM Services, Product version = 03.00.00.3529, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |191380482|0x6b8970e4791049d3ee5c3514e62797ee|
C:\WINNT\system32\cscui.dll, MID = 77840000, ("c:\winnt\system32\cscui.dll") File version = 5.00.2195.6705, File size = 242960, File modification date = 14/07/2003 12:00, File description = Client Side Caching UI, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6705, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1998) |1133553554|0x2338214ee7338ae91c60f3e8b727aae0|
C:\WINNT\system32\CSCDLL.DLL, MID = 770c0000, ("c:\winnt\system32\cscdll.dll") File version = 5.00.2195.6713, File size = 101136, File modification date = 14/07/2003 12:00, File description = Offline Network Agent, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6713, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. ) |1641852540|0x99b3f8bc2e6dd1eece66eb6ca5007729|
C:\WINNT\system32\MSCTF.dll, MID = 60000000, ("c:\winnt\system32\msctf.dll") File version = 1.00.2409.41 built by: Lab06_N, File size = 289792, File modification date = 21/03/2005 22:12, File description = MSUIM Server DLL, Product Name = Microsoft(R) Windows NT(R) Operating System, Product version = 1.00.2409.41, Company name = Microsoft Corporation (Copyright (C) Microsoft Corporation. 1981-2001) |-2131644266|0x3f39a3de6d810b493ab397413250ad88|
C:\WINNT\system32\NTMARTA.DLL, MID = 69bf0000, ("c:\winnt\system32\ntmarta.dll") File version = 5.00.2195.6666, File size = 102672, File modification date = 14/07/2003 12:00, File description = Windows NT MARTA provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6666, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1389764210|0x65ae65d9ee439a16f5acf10e37f41897|
C:\WINNT\system32\WINSPOOL.DRV, MID = 77800000, ("c:\winnt\system32\winspool.drv") File version = 5.00.2195.6659, File size = 113936, File modification date = 14/07/2003 12:00, File description = Windows Spooler Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6659, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |922778299|0xe58bf969aa9e4c548473474d8e9d971a|
C:\WINNT\system32\MPR.DLL, MID = 76620000, ("c:\winnt\system32\mpr.dll") File version = 5.00.2195.7134, File size = 54032, File modification date = 16/04/2007 12:44, File description = Multiple Provider Router DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7134, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1720145585|0xbbe0c0025a82681055660d91cef145ef|
C:\WINNT\system32\WLDAP32.dll, MID = 77950000, ("c:\winnt\system32\wldap32.dll") File version = 5.00.2195.7017, File size = 146192, File modification date = 08/04/2005 11:54, File description = Win32 LDAP API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7017, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1717065883|0x0da1335235dc386dab3c2329bcf2d4ee|
C:\WINNT\system32\SAMLIB.dll, MID = 75150000, ("c:\winnt\system32\samlib.dll") File version = 5.00.2195.6944, File size = 51984, File modification date = 08/04/2005 11:54, File description = SAM Library DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6944, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1155014648|0xabda35a92538d23407d3f394f5179002|
C:\WINNT\system32\NTDSAPI.dll, MID = 77bf0000, ("c:\winnt\system32\ntdsapi.dll") File version = 5.00.2195.6666, File size = 57616, File modification date = 14/07/2003 12:00, File description = NT5DS, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6666, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |792560724|0x1a9f0053b554fd71730b21e23458bc53|
C:\WINNT\system32\DNSAPI.DLL, MID = 77980000, ("c:\winnt\system32\dnsapi.dll") File version = 5.00.2195.7158, File size = 137488, File modification date = 25/06/2008 09:41, File description = DNS Client API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2059941658|0xf2ec571dbba43735147910f800059fac|
C:\WINNT\system32\WSOCK32.dll, MID = 75050000, ("c:\winnt\system32\wsock32.dll") File version = 5.00.2195.6603, File size = 21776, File modification date = 14/07/2003 12:00, File description = Windows Socket 32-Bit DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6603, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1515024278|0x183d2d8e28a0393b4798addd46ad27b0|
C:\WINNT\system32\WS2_32.DLL, MID = 75030000, ("c:\winnt\system32\ws2_32.dll") File version = 5.00.2195.6601, File size = 69904, File modification date = 14/07/2003 12:00, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2119670867|0x0190c62de42396d78db9be771cf2403e|
C:\WINNT\system32\WS2HELP.DLL, MID = 75020000, ("c:\winnt\system32\ws2help.dll") File version = 5.00.2134.1, File size = 18192, File modification date = 14/07/2003 12:00, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1302601384|0x28336b1300ec048124197091354251b6|
C:\WINNT\system32\NETAPI32.DLL, MID = 7cdc0000, ("c:\winnt\system32\netapi32.dll") File version = 5.00.2195.7203, File size = 310032, File modification date = 17/10/2008 17:41, File description = Net Win32 API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7203, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |439070768|0x7bbba94bcae7b4371254167c24972dfc|
C:\WINNT\system32\NETRAP.dll, MID = 751c0000, ("c:\winnt\system32\netrap.dll") File version = 5.00.2134.1, File size = 11536, File modification date = 14/07/2003 12:00, File description = Net Remote Admin Protocol DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1388728333|0x3de628eb3d632875b8a24bdc53e67277|

PROCESS jusched, PID = 828, USER = WS24\Administrator (Group - WS24\None, Everyone, WS24\Debugger Users, BUILTIN\Administrators, BUILTIN\Users, NT AUTHORITY\INTERACTIVE, NT AUTHORITY\Authenticated Users, LOCAL), Command Line = "C:\Program Files\Java\jre6\bin\jusched.exe"
"c:\program files\java\jre6\bin\jusched.exe" File version = 6.0.160.1, File size = 149280, File modification date = 14/10/2009 08:54, File description = Java(TM) Platform SE binary, Product Name = Java(TM) Platform SE 6 U16, Product version = 6.0.160.1, Company name = Sun Microsystems, Inc. (Copyright © 2004) |410535439|0x5e4c9c25d603ae46dedcbd9674f86e21|
C:\Program Files\Java\jre6\bin\jusched.exe, MID = 400000, ("c:\program files\java\jre6\bin\jusched.exe") File version = 6.0.160.1, File size = 149280, File modification date = 14/10/2009 08:54, File description = Java(TM) Platform SE binary, Product Name = Java(TM) Platform SE 6 U16, Product version = 6.0.160.1, Company name = Sun Microsystems, Inc. (Copyright © 2004) |410535439|0x5e4c9c25d603ae46dedcbd9674f86e21|
C:\WINNT\system32\ntdll.dll, MID = 77f80000, ("c:\winnt\system32\ntdll.dll") File version = 5.00.2195.7006, File size = 483600, File modification date = 16/08/2005 09:39, File description = NT Layer DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7006, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1093949723|0x4c0f0b57de8c1669aa6f49d285b3865a|
C:\WINNT\system32\ADVAPI32.dll, MID = 7c2d0000, ("c:\winnt\system32\advapi32.dll") File version = 5.00.2195.7038, File size = 401168, File modification date = 21/04/2005 08:08, File description = Advanced Windows 32 Base API, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7038, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1396536984|0x67d5fc28cab4066922da01eb9c28167a|
C:\WINNT\system32\KERNEL32.dll, MID = 7c570000, ("c:\winnt\system32\kernel32.dll") File version = 5.00.2195.7135, File size = 712976, File modification date = 16/04/2007 12:44, File description = Windows NT BASE API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7135, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1984583957|0x0ab23b46ccaeba64d748a5cf79cb4bb6|
C:\WINNT\system32\RPCRT4.dll, MID = 77d30000, ("c:\winnt\system32\rpcrt4.dll") File version = 5.00.2195.7090, File size = 439056, File modification date = 17/07/2007 06:42, File description = Remote Procedure Call Runtime, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7090, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-897039946|0xe11ad7a9e8320ad76954eab83356efbe|
C:\WINNT\system32\Secur32.dll, MID = 7c340000, ("c:\winnt\system32\secur32.dll") File version = 5.00.2195.6695, File size = 48912, File modification date = 14/07/2003 12:00, File description = Security Support Provider Interface, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6695, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1886565331|0x0d6b5a519879138244ef3f8549c02432|
C:\WINNT\system32\GDI32.dll, MID = 77f40000, ("c:\winnt\system32\gdi32.dll") File version = 5.00.2195.7205, File size = 237840, File modification date = 23/10/2008 05:27, File description = GDI Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7205, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-509084252|0xddc864563d0c543cbed08f32864a87a9|
C:\WINNT\system32\USER32.dll, MID = 77e10000, ("c:\winnt\system32\user32.dll") File version = 5.00.2195.7133, File size = 381200, File modification date = 06/03/2007 11:17, File description = Windows 2000 USER API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7133, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |428782839|0x40023a7103796b1af6ca41a6dbc54775|
C:\WINNT\system32\WININET.dll, MID = 70200000, ("c:\winnt\system32\wininet.dll") File version = 6.00.2800.1106, File size = 585728, File modification date = 29/08/2002 14:14, File description = Internet Extensions for Win32, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-958945156|0x8579e8474130334dfa93d4df3f0d3fa1|
C:\WINNT\system32\CRYPT32.dll, MID = 7c740000, ("c:\winnt\system32\crypt32.dll") File version = 5.131.2195.6926, File size = 563984, File modification date = 08/04/2005 11:54, File description = Crypto API32, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.131.2195.6926, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1939721043|0x9726a08c3e529c5e6a48fff274a32932|
C:\WINNT\system32\MSASN1.dll, MID = 77430000, ("c:\winnt\system32\msasn1.dll") File version = 5.00.2195.6905, File size = 56592, File modification date = 08/04/2005 11:54, File description = ASN.1 Runtime APIs, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6905, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |941742114|0x507173a20310cc8eaebb1204dc1d822d|
C:\WINNT\system32\MSVCRT.dll, MID = 78000000, ("c:\winnt\system32\msvcrt.dll") File version = 6.10.9844.0, File size = 286773, File modification date = 14/07/2003 12:00, File description = Microsoft (R) C Runtime Library, Product Name = Microsoft (R) Visual C++, Product version = 6.10.9844.0, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-229369582|0xba7be6f92680b28b9031170659fd222d|
C:\WINNT\system32\OLEAUT32.dll, MID = 779b0000, ("c:\winnt\system32\oleaut32.dll") File version = 2.40.4532, File size = 631056, File modification date = 05/12/2007 10:40, File description = (null), Product Name = (null), Product version = 2.40.4532, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-1998.) |1026888533|0x6c81e3b6dde5b04290f4429f64b4959d|
C:\WINNT\system32\ole32.dll, MID = 7ce20000, ("c:\winnt\system32\ole32.dll") File version = 5.00.2195.7059, File size = 957712, File modification date = 05/09/2005 08:18, File description = Microsoft OLE for Windows, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7059, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1440050145|0x7f22f0fb5437b1b83bca7380385faf2d|
C:\WINNT\system32\SHLWAPI.dll, MID = 70bd0000, ("c:\winnt\system32\shlwapi.dll") File version = 6.00.2800.1106, File size = 395264, File modification date = 29/08/2002 14:14, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |548690860|0x77e607bcfb09e6958fe58b0345ec48c6|
C:\WINNT\system32\SHELL32.dll, MID = 7cf30000, ("c:\winnt\system32\shell32.dll") File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
C:\WINNT\system32\COMCTL32.dll, MID = 71710000, ("c:\winnt\system32\comctl32.dll") File version = 5.81, File size = 529680, File modification date = 29/08/2002 14:14, File description = Common Controls Library, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.50.4916.400, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-2001) |163435159|0x9edc93cc795dff919c6cd953912838a9|

PROCESS CTFMON, PID = 304, USER = WS24\Administrator (Group - WS24\None, Everyone, WS24\Debugger Users, BUILTIN\Administrators, BUILTIN\Users, NT AUTHORITY\INTERACTIVE, NT AUTHORITY\Authenticated Users, LOCAL), Command Line = "C:\WINNT\system32\ctfmon.exe"
"c:\winnt\system32\ctfmon.exe" File version = 1.00.2409.41 built by: Lab06_N, File size = 11264, File modification date = 21/03/2005 22:13, File description = Cicero Loader, Product Name = Microsoft(R) Windows NT(R) Operating System, Product version = 1.00.2409.41, Company name = Microsoft Corporation (Copyright (C) Microsoft Corporation. 1981-2001) |1744549392|0xab176f2171db704d51b8809e8a5c38bd|
C:\WINNT\system32\ctfmon.exe, MID = 400000, ("c:\winnt\system32\ctfmon.exe") File version = 1.00.2409.41 built by: Lab06_N, File size = 11264, File modification date = 21/03/2005 22:13, File description = Cicero Loader, Product Name = Microsoft(R) Windows NT(R) Operating System, Product version = 1.00.2409.41, Company name = Microsoft Corporation (Copyright (C) Microsoft Corporation. 1981-2001) |1744549392|0xab176f2171db704d51b8809e8a5c38bd|
C:\WINNT\system32\ntdll.dll, MID = 77f80000, ("c:\winnt\system32\ntdll.dll") File version = 5.00.2195.7006, File size = 483600, File modification date = 16/08/2005 09:39, File description = NT Layer DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7006, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1093949723|0x4c0f0b57de8c1669aa6f49d285b3865a|
C:\WINNT\system32\ADVAPI32.dll, MID = 7c2d0000, ("c:\winnt\system32\advapi32.dll") File version = 5.00.2195.7038, File size = 401168, File modification date = 21/04/2005 08:08, File description = Advanced Windows 32 Base API, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7038, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1396536984|0x67d5fc28cab4066922da01eb9c28167a|
C:\WINNT\system32\KERNEL32.dll, MID = 7c570000, ("c:\winnt\system32\kernel32.dll") File version = 5.00.2195.7135, File size = 712976, File modification date = 16/04/2007 12:44, File description = Windows NT BASE API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7135, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1984583957|0x0ab23b46ccaeba64d748a5cf79cb4bb6|
C:\WINNT\system32\RPCRT4.dll, MID = 77d30000, ("c:\winnt\system32\rpcrt4.dll") File version = 5.00.2195.7090, File size = 439056, File modification date = 17/07/2007 06:42, File description = Remote Procedure Call Runtime, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7090, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-897039946|0xe11ad7a9e8320ad76954eab83356efbe|
C:\WINNT\system32\Secur32.dll, MID = 7c340000, ("c:\winnt\system32\secur32.dll") File version = 5.00.2195.6695, File size = 48912, File modification date = 14/07/2003 12:00, File description = Security Support Provider Interface, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6695, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1886565331|0x0d6b5a519879138244ef3f8549c02432|
C:\WINNT\system32\USER32.dll, MID = 77e10000, ("c:\winnt\system32\user32.dll") File version = 5.00.2195.7133, File size = 381200, File modification date = 06/03/2007 11:17, File description = Windows 2000 USER API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7133, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |428782839|0x40023a7103796b1af6ca41a6dbc54775|
C:\WINNT\system32\GDI32.dll, MID = 77f40000, ("c:\winnt\system32\gdi32.dll") File version = 5.00.2195.7205, File size = 237840, File modification date = 23/10/2008 05:27, File description = GDI Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7205, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-509084252|0xddc864563d0c543cbed08f32864a87a9|
C:\WINNT\system32\MSCTF.dll, MID = 60000000, ("c:\winnt\system32\msctf.dll") File version = 1.00.2409.41 built by: Lab06_N, File size = 289792, File modification date = 21/03/2005 22:12, File description = MSUIM Server DLL, Product Name = Microsoft(R) Windows NT(R) Operating System, Product version = 1.00.2409.41, Company name = Microsoft Corporation (Copyright (C) Microsoft Corporation. 1981-2001) |-2131644266|0x3f39a3de6d810b493ab397413250ad88|
C:\WINNT\system32\MSUTB.dll, MID = 60200000, ("c:\winnt\system32\msutb.dll") File version = 1.00.2409.41 built by: Lab06_N, File size = 166912, File modification date = 21/03/2005 22:12, File description = MSUTB Server DLL, Product Name = Microsoft(R) Windows NT(R) Operating System, Product version = 1.00.2409.41, Company name = Microsoft Corporation (Copyright (C) Microsoft Corporation. 1981-2001) |783831621|0x13e71f503fb2db4ea8150129f75f0c07|
C:\WINNT\system32\ole32.dll, MID = 7ce20000, ("c:\winnt\system32\ole32.dll") File version = 5.00.2195.7059, File size = 957712, File modification date = 05/09/2005 08:18, File description = Microsoft OLE for Windows, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7059, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1440050145|0x7f22f0fb5437b1b83bca7380385faf2d|
C:\WINNT\system32\vdmdbg.dll, MID = 66390000, ("c:\winnt\system32\vdmdbg.dll") File version = 5.00.2195.7009, File size = 29456, File modification date = 08/02/2005 05:21, File description = VDMDBG.DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7009, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1237070979|0x02dc76b702c3a9f2e0f6bbd4acf577fc|
C:\WINNT\system32\OLEAUT32.DLL, MID = 779b0000, ("c:\winnt\system32\oleaut32.dll") File version = 2.40.4532, File size = 631056, File modification date = 05/12/2007 10:40, File description = (null), Product Name = (null), Product version = 2.40.4532, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-1998.) |1026888533|0x6c81e3b6dde5b04290f4429f64b4959d|
C:\WINNT\system32\shell32.dll, MID = 7cf30000, ("c:\winnt\system32\shell32.dll") File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
C:\WINNT\system32\SHLWAPI.dll, MID = 70bd0000, ("c:\winnt\system32\shlwapi.dll") File version = 6.00.2800.1106, File size = 395264, File modification date = 29/08/2002 14:14, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |548690860|0x77e607bcfb09e6958fe58b0345ec48c6|
C:\WINNT\system32\msvcrt.dll, MID = 78000000, ("c:\winnt\system32\msvcrt.dll") File version = 6.10.9844.0, File size = 286773, File modification date = 14/07/2003 12:00, File description = Microsoft (R) C Runtime Library, Product Name = Microsoft (R) Visual C++, Product version = 6.10.9844.0, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-229369582|0xba7be6f92680b28b9031170659fd222d|
C:\WINNT\system32\COMCTL32.dll, MID = 71710000, ("c:\winnt\system32\comctl32.dll") File version = 5.81, File size = 529680, File modification date = 29/08/2002 14:14, File description = Common Controls Library, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.50.4916.400, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-2001) |163435159|0x9edc93cc795dff919c6cd953912838a9|

PROCESS WZQKPICK, PID = 260, USER = WS24\Administrator (Group - WS24\None, Everyone, WS24\Debugger Users, BUILTIN\Administrators, BUILTIN\Users, NT AUTHORITY\INTERACTIVE, NT AUTHORITY\Authenticated Users, LOCAL), Command Line = "C:\Program Files\WinZip\WZQKPICK.EXE"
"c:\program files\winzip\wzqkpick.exe" File version = 1.0 (32-bit), File size = 525640, File modification date = 25/06/2009 19:10, File description = WinZip Executable, Product Name = WinZip, Product version = 12.1 (8472), Company name = WinZip Computing, S.L. (Copyright (c) 1991-2009 WinZip International LLC - All Rights Reserved) |-420791713|0xc4c3db5e3310ac76a8591ef04b765722|
C:\Program Files\WinZip\WZQKPICK.EXE, MID = 400000, ("c:\program files\winzip\wzqkpick.exe") File version = 1.0 (32-bit), File size = 525640, File modification date = 25/06/2009 19:10, File description = WinZip Executable, Product Name = WinZip, Product version = 12.1 (8472), Company name = WinZip Computing, S.L. (Copyright (c) 1991-2009 WinZip International LLC - All Rights Reserved) |-420791713|0xc4c3db5e3310ac76a8591ef04b765722|
C:\WINNT\system32\ntdll.dll, MID = 77f80000, ("c:\winnt\system32\ntdll.dll") File version = 5.00.2195.7006, File size = 483600, File modification date = 16/08/2005 09:39, File description = NT Layer DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7006, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1093949723|0x4c0f0b57de8c1669aa6f49d285b3865a|
C:\WINNT\system32\KERNEL32.dll, MID = 7c570000, ("c:\winnt\system32\kernel32.dll") File version = 5.00.2195.7135, File size = 712976, File modification date = 16/04/2007 12:44, File description = Windows NT BASE API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7135, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1984583957|0x0ab23b46ccaeba64d748a5cf79cb4bb6|
C:\WINNT\system32\ADVAPI32.dll, MID = 7c2d0000, ("c:\winnt\system32\advapi32.dll") File version = 5.00.2195.7038, File size = 401168, File modification date = 21/04/2005 08:08, File description = Advanced Windows 32 Base API, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7038, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1396536984|0x67d5fc28cab4066922da01eb9c28167a|
C:\WINNT\system32\RPCRT4.dll, MID = 77d30000, ("c:\winnt\system32\rpcrt4.dll") File version = 5.00.2195.7090, File size = 439056, File modification date = 17/07/2007 06:42, File description = Remote Procedure Call Runtime, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7090, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-897039946|0xe11ad7a9e8320ad76954eab83356efbe|
C:\WINNT\system32\Secur32.dll, MID = 7c340000, ("c:\winnt\system32\secur32.dll") File version = 5.00.2195.6695, File size = 48912, File modification date = 14/07/2003 12:00, File description = Security Support Provider Interface, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6695, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1886565331|0x0d6b5a519879138244ef3f8549c02432|
C:\WINNT\system32\USER32.dll, MID = 77e10000, ("c:\winnt\system32\user32.dll") File version = 5.00.2195.7133, File size = 381200, File modification date = 06/03/2007 11:17, File description = Windows 2000 USER API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7133, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |428782839|0x40023a7103796b1af6ca41a6dbc54775|
C:\WINNT\system32\GDI32.dll, MID = 77f40000, ("c:\winnt\system32\gdi32.dll") File version = 5.00.2195.7205, File size = 237840, File modification date = 23/10/2008 05:27, File description = GDI Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7205, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-509084252|0xddc864563d0c543cbed08f32864a87a9|
C:\WINNT\system32\SHELL32.dll, MID = 7cf30000, ("c:\winnt\system32\shell32.dll") File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
C:\WINNT\system32\SHLWAPI.dll, MID = 70bd0000, ("c:\winnt\system32\shlwapi.dll") File version = 6.00.2800.1106, File size = 395264, File modification date = 29/08/2002 14:14, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |548690860|0x77e607bcfb09e6958fe58b0345ec48c6|
C:\WINNT\system32\msvcrt.dll, MID = 78000000, ("c:\winnt\system32\msvcrt.dll") File version = 6.10.9844.0, File size = 286773, File modification date = 14/07/2003 12:00, File description = Microsoft (R) C Runtime Library, Product Name = Microsoft (R) Visual C++, Product version = 6.10.9844.0, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-229369582|0xba7be6f92680b28b9031170659fd222d|
C:\WINNT\system32\COMCTL32.dll, MID = 71710000, ("c:\winnt\system32\comctl32.dll") File version = 5.81, File size = 529680, File modification date = 29/08/2002 14:14, File description = Common Controls Library, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.50.4916.400, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-2001) |163435159|0x9edc93cc795dff919c6cd953912838a9|
C:\WINNT\system32\ole32.dll, MID = 7ce20000, ("c:\winnt\system32\ole32.dll") File version = 5.00.2195.7059, File size = 957712, File modification date = 05/09/2005 08:18, File description = Microsoft OLE for Windows, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7059, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1440050145|0x7f22f0fb5437b1b83bca7380385faf2d|
C:\WINNT\system32\OLEAUT32.dll, MID = 779b0000, ("c:\winnt\system32\oleaut32.dll") File version = 2.40.4532, File size = 631056, File modification date = 05/12/2007 10:40, File description = (null), Product Name = (null), Product version = 2.40.4532, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-1998.) |1026888533|0x6c81e3b6dde5b04290f4429f64b4959d|
C:\WINNT\system32\MSCTF.dll, MID = 60000000, ("c:\winnt\system32\msctf.dll") File version = 1.00.2409.41 built by: Lab06_N, File size = 289792, File modification date = 21/03/2005 22:12, File description = MSUIM Server DLL, Product Name = Microsoft(R) Windows NT(R) Operating System, Product version = 1.00.2409.41, Company name = Microsoft Corporation (Copyright (C) Microsoft Corporation. 1981-2001) |-2131644266|0x3f39a3de6d810b493ab397413250ad88|
C:\WINNT\system32\hhctrl.ocx, MID = 573e0000, ("c:\winnt\system32\hhctrl.ocx") File version = 5.2.3790.620 (srv03_gdr.061210-2346), File size = 519680, File modification date = 24/01/2007 04:07, File description = Microsoft® HTML Help Control, Product Name = HTML Help, Product version = 5.2.3790.620, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1677731731|0xe7c8fe179b62b806e348e9e4e1be50b6|

Robert09
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2009-10-14
OS OS : 2000 Pro
Points Points : 26223
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Robert09 on Fri Oct 23, 2009 10:54 pm

PROCESS firefox, PID = 1180, USER = WS24\Administrator (Group - WS24\None, Everyone, WS24\Debugger Users, BUILTIN\Administrators, BUILTIN\Users, NT AUTHORITY\INTERACTIVE, NT AUTHORITY\Authenticated Users, LOCAL), Command Line = "C:\Program Files\Mozilla Firefox\firefox.exe"
"c:\program files\mozilla firefox\firefox.exe" File version = 1.8.1.20: 2008121709, File size = 7678568, File modification date = 17/12/2008 21:59, File description = Firefox, Product Name = Firefox, Product version = 2.0.0.20, Company name = Mozilla Corporation (Mozilla Corporation) |-520022376|0x8f93743d81634db09023c41154b3e320|
C:\Program Files\Mozilla Firefox\firefox.exe, MID = 400000, ("c:\program files\mozilla firefox\firefox.exe") File version = 1.8.1.20: 2008121709, File size = 7678568, File modification date = 17/12/2008 21:59, File description = Firefox, Product Name = Firefox, Product version = 2.0.0.20, Company name = Mozilla Corporation (Mozilla Corporation) |-520022376|0x8f93743d81634db09023c41154b3e320|
C:\WINNT\system32\ntdll.dll, MID = 77f80000, ("c:\winnt\system32\ntdll.dll") File version = 5.00.2195.7006, File size = 483600, File modification date = 16/08/2005 09:39, File description = NT Layer DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7006, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1093949723|0x4c0f0b57de8c1669aa6f49d285b3865a|
C:\Program Files\Mozilla Firefox\js3250.dll, MID = 600d0000, ("c:\program files\mozilla firefox\js3250.dll") File version = 4.0, File size = 458848, File modification date = 17/12/2008 21:59, File description = Netscape 32-bit JavaScript Module, Product Name = NETSCAPE, Product version = 4.0, Company name = Netscape Communications Corporation (Copyright Netscape Communications. 1994-96) |665784887|0xdb9505cfa9e82563f24e9d145249cffa|
C:\Program Files\Mozilla Firefox\nspr4.dll, MID = 601a0000, ("c:\program files\mozilla firefox\nspr4.dll") File version = 4.6.8, File size = 161384, File modification date = 17/12/2008 21:59, File description = NSPR Library, Product Name = Netscape Portable Runtime, Product version = 4.6.8, Company name = Netscape Communications Corporation (Copyright © 1996-2000 Netscape Communications Corporation) |-1444531644|0x7341788e261a1ee22b423f4ae5e050a6|
C:\WINNT\system32\ADVAPI32.dll, MID = 7c2d0000, ("c:\winnt\system32\advapi32.dll") File version = 5.00.2195.7038, File size = 401168, File modification date = 21/04/2005 08:08, File description = Advanced Windows 32 Base API, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7038, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1396536984|0x67d5fc28cab4066922da01eb9c28167a|
C:\WINNT\system32\KERNEL32.dll, MID = 7c570000, ("c:\winnt\system32\kernel32.dll") File version = 5.00.2195.7135, File size = 712976, File modification date = 16/04/2007 12:44, File description = Windows NT BASE API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7135, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1984583957|0x0ab23b46ccaeba64d748a5cf79cb4bb6|
C:\WINNT\system32\RPCRT4.dll, MID = 77d30000, ("c:\winnt\system32\rpcrt4.dll") File version = 5.00.2195.7090, File size = 439056, File modification date = 17/07/2007 06:42, File description = Remote Procedure Call Runtime, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7090, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-897039946|0xe11ad7a9e8320ad76954eab83356efbe|
C:\WINNT\system32\Secur32.dll, MID = 7c340000, ("c:\winnt\system32\secur32.dll") File version = 5.00.2195.6695, File size = 48912, File modification date = 14/07/2003 12:00, File description = Security Support Provider Interface, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6695, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1886565331|0x0d6b5a519879138244ef3f8549c02432|
C:\WINNT\system32\WSOCK32.dll, MID = 75050000, ("c:\winnt\system32\wsock32.dll") File version = 5.00.2195.6603, File size = 21776, File modification date = 14/07/2003 12:00, File description = Windows Socket 32-Bit DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6603, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1515024278|0x183d2d8e28a0393b4798addd46ad27b0|
C:\WINNT\system32\WS2_32.DLL, MID = 75030000, ("c:\winnt\system32\ws2_32.dll") File version = 5.00.2195.6601, File size = 69904, File modification date = 14/07/2003 12:00, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2119670867|0x0190c62de42396d78db9be771cf2403e|
C:\WINNT\system32\MSVCRT.DLL, MID = 78000000, ("c:\winnt\system32\msvcrt.dll") File version = 6.10.9844.0, File size = 286773, File modification date = 14/07/2003 12:00, File description = Microsoft (R) C Runtime Library, Product Name = Microsoft (R) Visual C++, Product version = 6.10.9844.0, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-229369582|0xba7be6f92680b28b9031170659fd222d|
C:\WINNT\system32\WS2HELP.DLL, MID = 75020000, ("c:\winnt\system32\ws2help.dll") File version = 5.00.2134.1, File size = 18192, File modification date = 14/07/2003 12:00, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1302601384|0x28336b1300ec048124197091354251b6|
C:\WINNT\system32\WINMM.dll, MID = 77570000, ("c:\winnt\system32\winmm.dll") File version = 5.00.2161.1, File size = 189200, File modification date = 14/07/2003 12:00, File description = MCI API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2161.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1294126543|0x89ae2927b977604d720b1680e208af47|
C:\WINNT\system32\USER32.DLL, MID = 77e10000, ("c:\winnt\system32\user32.dll") File version = 5.00.2195.7133, File size = 381200, File modification date = 06/03/2007 11:17, File description = Windows 2000 USER API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7133, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |428782839|0x40023a7103796b1af6ca41a6dbc54775|
C:\WINNT\system32\GDI32.dll, MID = 77f40000, ("c:\winnt\system32\gdi32.dll") File version = 5.00.2195.7205, File size = 237840, File modification date = 23/10/2008 05:27, File description = GDI Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7205, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-509084252|0xddc864563d0c543cbed08f32864a87a9|
C:\Program Files\Mozilla Firefox\xpcom_core.dll, MID = 60370000, ("c:\program files\mozilla firefox\xpcom_core.dll") File version = 1.8.1.20: 2008121709, File size = 421992, File modification date = 17/12/2008 21:59, File description = , Product Name = Firefox, Product version = 1.8.1.20: 2008121709, Company name = Mozilla Foundation (License: MPL 1.1/GPL 2.0/LGPL 2.1) |679572954|0x1c05c0906cd0af8e5c0920da7e080668|
C:\Program Files\Mozilla Firefox\plc4.dll, MID = 60280000, ("c:\program files\mozilla firefox\plc4.dll") File version = 4.6.8, File size = 34416, File modification date = 17/12/2008 21:59, File description = PLC Library, Product Name = Netscape Portable Runtime, Product version = 4.6.8, Company name = Netscape Communications Corporation (Copyright © 1996-2000 Netscape Communications Corporation) |-1183831165|0xf574e8576da1e7bf3a89c047a1536c03|
C:\Program Files\Mozilla Firefox\plds4.dll, MID = 60290000, ("c:\program files\mozilla firefox\plds4.dll") File version = 4.6.8, File size = 30312, File modification date = 17/12/2008 21:59, File description = PLDS Library, Product Name = Netscape Portable Runtime, Product version = 4.6.8, Company name = Netscape Communications Corporation (Copyright © 1996-2000 Netscape Communications Corporation) |1298267896|0x3d2d36765d334b9feb9353dc352bd2e5|
C:\WINNT\system32\SHELL32.dll, MID = 7cf30000, ("c:\winnt\system32\shell32.dll") File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
C:\WINNT\system32\SHLWAPI.dll, MID = 70bd0000, ("c:\winnt\system32\shlwapi.dll") File version = 6.00.2800.1106, File size = 395264, File modification date = 29/08/2002 14:14, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |548690860|0x77e607bcfb09e6958fe58b0345ec48c6|
C:\WINNT\system32\COMCTL32.dll, MID = 71710000, ("c:\winnt\system32\comctl32.dll") File version = 5.81, File size = 529680, File modification date = 29/08/2002 14:14, File description = Common Controls Library, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.50.4916.400, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-2001) |163435159|0x9edc93cc795dff919c6cd953912838a9|
C:\WINNT\system32\ole32.dll, MID = 7ce20000, ("c:\winnt\system32\ole32.dll") File version = 5.00.2195.7059, File size = 957712, File modification date = 05/09/2005 08:18, File description = Microsoft OLE for Windows, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7059, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1440050145|0x7f22f0fb5437b1b83bca7380385faf2d|
C:\WINNT\system32\VERSION.dll, MID = 77820000, ("c:\winnt\system32\version.dll") File version = 5.00.2195.6623, File size = 16144, File modification date = 14/07/2003 12:00, File description = Version Checking and File Installation Libraries, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6623, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-190638979|0xca34bd29eb86bd772d59d35b959d43ee|
C:\WINNT\system32\LZ32.DLL, MID = 759b0000, ("c:\winnt\system32\lz32.dll") File version = 5.00.2195.6611, File size = 10000, File modification date = 14/07/2003 12:00, File description = LZ Expand/Compress API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6611, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1264502935|0x486298f7d8f63d3c441579783541a01b|
C:\Program Files\Mozilla Firefox\smime3.dll, MID = 602b0000, ("c:\program files\mozilla firefox\smime3.dll") File version = 3.11.9.0 Basic ECC, File size = 112224, File modification date = 17/12/2008 21:59, File description = NSS S/MIME Library, Product Name = Network Security Services, Product version = 3.11.9.0 Basic ECC, Company name = Mozilla Foundation |1120591585|0x667dac086a66c481423183e159dffd2e|
C:\Program Files\Mozilla Firefox\nss3.dll, MID = 601d0000, ("c:\program files\mozilla firefox\nss3.dll") File version = 3.11.9.0 Basic ECC, File size = 382560, File modification date = 17/12/2008 21:59, File description = NSS Base Library, Product Name = Network Security Services, Product version = 3.11.9.0 Basic ECC, Company name = Mozilla Foundation |-1136060425|0xd3301bb561762fcbf7b9ca8bad2c7fe4|
C:\Program Files\Mozilla Firefox\softokn3.dll, MID = 602d0000, ("c:\program files\mozilla firefox\softokn3.dll") File version = 3.11.4 Basic ECC, File size = 254060, File modification date = 17/12/2008 18:24, File description = NSS PKCS #11 Library, Product Name = Network Security Services, Product version = 3.11.4 Basic ECC, Company name = Mozilla Foundation |2136793915|0x6263d4384eb97d1dc08b8078c6f19645|
C:\Program Files\Mozilla Firefox\ssl3.dll, MID = 60310000, ("c:\program files\mozilla firefox\ssl3.dll") File version = 3.11.9.0 Basic ECC, File size = 136800, File modification date = 17/12/2008 21:59, File description = NSS SSL Library, Product Name = Network Security Services, Product version = 3.11.9.0 Basic ECC, Company name = Mozilla Foundation |1711296694|0x2ce02ea92ee23302c7c0759575e5b4b5|
C:\Program Files\Mozilla Firefox\xpcom_compat.dll, MID = 60350000, ("c:\program files\mozilla firefox\xpcom_compat.dll") File version = 1.8.1.20: 2008121709, File size = 73840, File modification date = 17/12/2008 21:59, File description = , Product Name = Firefox, Product version = 1.8.1.20: 2008121709, Company name = Mozilla Foundation (License: MPL 1.1/GPL 2.0/LGPL 2.1) |-986657802|0x098c72138a806e8d8b3922f49e1839ab|
C:\WINNT\system32\comdlg32.dll, MID = 76b30000, ("c:\winnt\system32\comdlg32.dll") File version = 5.00.3700.6693, File size = 241424, File modification date = 14/07/2003 12:00, File description = Common Dialogs DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3700.6693, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1132175447|0x41c157ba2f205017ec26998009ccb046|
C:\WINNT\system32\OLEAUT32.dll, MID = 779b0000, ("c:\winnt\system32\oleaut32.dll") File version = 2.40.4532, File size = 631056, File modification date = 05/12/2007 10:40, File description = (null), Product Name = (null), Product version = 2.40.4532, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-1998.) |1026888533|0x6c81e3b6dde5b04290f4429f64b4959d|
C:\WINNT\system32\WINSPOOL.DRV, MID = 77800000, ("c:\winnt\system32\winspool.drv") File version = 5.00.2195.6659, File size = 113936, File modification date = 14/07/2003 12:00, File description = Windows Spooler Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6659, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |922778299|0xe58bf969aa9e4c548473474d8e9d971a|
C:\WINNT\system32\MPR.DLL, MID = 76620000, ("c:\winnt\system32\mpr.dll") File version = 5.00.2195.7134, File size = 54032, File modification date = 16/04/2007 12:44, File description = Multiple Provider Router DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7134, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1720145585|0xbbe0c0025a82681055660d91cef145ef|
C:\WINNT\system32\MSCTF.dll, MID = 60000000, ("c:\winnt\system32\msctf.dll") File version = 1.00.2409.41 built by: Lab06_N, File size = 289792, File modification date = 21/03/2005 22:12, File description = MSUIM Server DLL, Product Name = Microsoft(R) Windows NT(R) Operating System, Product version = 1.00.2409.41, Company name = Microsoft Corporation (Copyright (C) Microsoft Corporation. 1981-2001) |-2131644266|0x3f39a3de6d810b493ab397413250ad88|
C:\WINNT\system32\CLBCATQ.DLL, MID = 7c950000, ("c:\winnt\system32\clbcatq.dll") File version = 2000.2.3529.0, File size = 551184, File modification date = 05/09/2005 08:18, File description = (null), Product Name = COM Services, Product version = 03.00.00.3529, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |191380482|0x6b8970e4791049d3ee5c3514e62797ee|
C:\WINNT\system32\cscui.dll, MID = 77840000, ("c:\winnt\system32\cscui.dll") File version = 5.00.2195.6705, File size = 242960, File modification date = 14/07/2003 12:00, File description = Client Side Caching UI, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6705, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1998) |1133553554|0x2338214ee7338ae91c60f3e8b727aae0|
C:\WINNT\system32\CSCDLL.DLL, MID = 770c0000, ("c:\winnt\system32\cscdll.dll") File version = 5.00.2195.6713, File size = 101136, File modification date = 14/07/2003 12:00, File description = Offline Network Agent, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6713, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. ) |1641852540|0x99b3f8bc2e6dd1eece66eb6ca5007729|
C:\Program Files\Mozilla Firefox\components\myspell.dll, MID = 1600000, ("c:\program files\mozilla firefox\components\myspell.dll") File version = 1.8.1.20: 2008121709, File size = 34944, File modification date = 17/12/2008 21:59, File description = , Product Name = Firefox, Product version = 1.8.1.20: 2008121709, Company name = Mozilla Foundation (License: MPL 1.1/GPL 2.0/LGPL 2.1) |-1996252039|0x8835ffee64cacac1cfc7ab642da8d899|
C:\WINNT\system32\msafd.dll, MID = 74fd0000, ("c:\winnt\system32\msafd.dll") File version = 5.00.2195.7158, File size = 105744, File modification date = 25/06/2008 09:41, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1586161951|0xb1cea115b3f8b4d5759a149c6521086f|
C:\WINNT\System32\wshtcpip.dll, MID = 75010000, ("c:\winnt\system32\wshtcpip.dll") File version = 5.00.2195.6601, File size = 17680, File modification date = 14/07/2003 12:00, File description = Windows Sockets Helper DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |254032783|0xad5819f9b7371d46ff706630309de706|
C:\WINNT\system32\iphlpapi.dll, MID = 77340000, ("c:\winnt\system32\iphlpapi.dll") File version = 5.00.2195.7097, File size = 68368, File modification date = 19/05/2006 09:18, File description = IP Helper API, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7097, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |979295807|0x0239d8d4b29b7664d73e16005cfefcce|
C:\WINNT\system32\ICMP.dll, MID = 77520000, ("c:\winnt\system32\icmp.dll") File version = 5.00.2134.1, File size = 7440, File modification date = 14/07/2003 12:00, File description = ICMP DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-215668467|0xeabdb948f90cc5f8e342c83ae10a71fe|
C:\WINNT\system32\MPRAPI.dll, MID = 77320000, ("c:\winnt\system32\mprapi.dll") File version = 5.00.2181.1, File size = 81168, File modification date = 14/07/2003 12:00, File description = Windows NT MP Router Administration DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2181.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1442464466|0xbb88f06f7aed4237df2a121deccb4d8a|
C:\WINNT\system32\SAMLIB.DLL, MID = 75150000, ("c:\winnt\system32\samlib.dll") File version = 5.00.2195.6944, File size = 51984, File modification date = 08/04/2005 11:54, File description = SAM Library DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6944, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1155014648|0xabda35a92538d23407d3f394f5179002|
C:\WINNT\system32\NETAPI32.DLL, MID = 7cdc0000, ("c:\winnt\system32\netapi32.dll") File version = 5.00.2195.7203, File size = 310032, File modification date = 17/10/2008 17:41, File description = Net Win32 API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7203, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |439070768|0x7bbba94bcae7b4371254167c24972dfc|
C:\WINNT\system32\NTDSAPI.dll, MID = 77bf0000, ("c:\winnt\system32\ntdsapi.dll") File version = 5.00.2195.6666, File size = 57616, File modification date = 14/07/2003 12:00, File description = NT5DS, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6666, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |792560724|0x1a9f0053b554fd71730b21e23458bc53|
C:\WINNT\system32\DNSAPI.DLL, MID = 77980000, ("c:\winnt\system32\dnsapi.dll") File version = 5.00.2195.7158, File size = 137488, File modification date = 25/06/2008 09:41, File description = DNS Client API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2059941658|0xf2ec571dbba43735147910f800059fac|
C:\WINNT\system32\WLDAP32.DLL, MID = 77950000, ("c:\winnt\system32\wldap32.dll") File version = 5.00.2195.7017, File size = 146192, File modification date = 08/04/2005 11:54, File description = Win32 LDAP API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7017, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1717065883|0x0da1335235dc386dab3c2329bcf2d4ee|
C:\WINNT\system32\NETRAP.dll, MID = 751c0000, ("c:\winnt\system32\netrap.dll") File version = 5.00.2134.1, File size = 11536, File modification date = 14/07/2003 12:00, File description = Net Remote Admin Protocol DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1388728333|0x3de628eb3d632875b8a24bdc53e67277|
C:\WINNT\system32\ACTIVEDS.DLL, MID = 773b0000, ("c:\winnt\system32\activeds.dll") File version = 5.00.2195.6601, File size = 182032, File modification date = 14/07/2003 12:00, File description = ADs Router Layer DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1899155926|0x5200155df5cd700ebe717a8d6dbdccc7|
C:\WINNT\system32\ADSLDPC.DLL, MID = 77380000, ("c:\winnt\system32\adsldpc.dll") File version = 5.00.2195.6993, File size = 134928, File modification date = 08/04/2005 11:54, File description = ADs LDAP Provider C DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6993, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1367366423|0xf898815e2a3d185df0d61214cb1768ef|
C:\WINNT\system32\RTUTILS.DLL, MID = 77830000, ("c:\winnt\system32\rtutils.dll") File version = 5.00.2168.1, File size = 44816, File modification date = 14/07/2003 12:00, File description = Routing Utilities, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2168.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1125120706|0xc1fcf708669031c78dcd68589abd9d4c|
C:\WINNT\system32\SETUPAPI.DLL, MID = 77880000, ("c:\winnt\system32\setupapi.dll") File version = 5.00.2195.6622, File size = 570128, File modification date = 14/07/2003 12:00, File description = Windows Setup API, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6622, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-895472665|0x9726125daa47dcbf34f53cef8c677b9c|
C:\WINNT\system32\USERENV.DLL, MID = 7c0f0000, ("c:\winnt\system32\userenv.dll") File version = 5.00.2195.7002, File size = 399120, File modification date = 08/04/2005 11:54, File description = Userenv, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7002, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2111145570|0x099cd26e9c34225002e4477c8ac8dcb0|
C:\WINNT\system32\RASAPI32.dll, MID = 774e0000, ("c:\winnt\system32\rasapi32.dll") File version = 5.00.2195.6920, File size = 200464, File modification date = 08/04/2005 11:54, File description = Remote Access API, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6920, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |871917568|0xc2d3211d940675d7d25ccd1129126337|
C:\WINNT\system32\rasman.dll, MID = 774c0000, ("c:\winnt\system32\rasman.dll") File version = 5.00.2195.6824, File size = 58128, File modification date = 08/04/2005 11:54, File description = Remote Access Connection Manager, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6824, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1127137275|0xb342275d0a3e43983f9e27367c052ef1|
C:\WINNT\system32\TAPI32.dll, MID = 77530000, ("c:\winnt\system32\tapi32.dll") File version = 5.00.2195.6664, File size = 126736, File modification date = 14/07/2003 12:00, File description = Microsoft® Windows(TM) Telephony API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6664, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1996-97) |791213335|0x1345278cf4e09542f684d824ec90674d|
C:\WINNT\system32\DHCPCSVC.DLL, MID = 77360000, ("c:\winnt\system32\dhcpcsvc.dll") File version = 5.00.2195.7085, File size = 89872, File modification date = 19/05/2006 09:18, File description = DHCP Client Service, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7085, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1178354831|0x4f17861b7f354f156d3e3663c426cb13|
C:\Program Files\Mozilla Firefox\components\jar50.dll, MID = 1930000, ("c:\program files\mozilla firefox\components\jar50.dll") File version = 1.8.1.20: 2008121709, File size = 67688, File modification date = 17/12/2008 21:59, File description = , Product Name = Firefox, Product version = 1.8.1.20: 2008121709, Company name = Mozilla Foundation (License: MPL 1.1/GPL 2.0/LGPL 2.1) |-936609089|0x524bdb1f7f5071fc3f9dfce3e8d593ae|
C:\WINNT\System32\rnr20.dll, MID = 782c0000, ("c:\winnt\system32\rnr20.dll") File version = 5.00.2195.6603, File size = 36624, File modification date = 14/07/2003 12:00, File description = Windows Socket2 NameSpace DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6603, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-435723684|0x11ff66de71088617a7ac172f33b6fda5|
C:\WINNT\System32\winrnr.dll, MID = 777e0000, ("c:\winnt\system32\winrnr.dll") File version = 5.00.2160.1, File size = 19216, File modification date = 14/07/2003 12:00, File description = LDAP RnR Provider DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2160.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |171900358|0x71325b58bc6a78b951cfe71b7514f91e|
C:\WINNT\system32\msimtf.dll, MID = 1d50000, ("c:\winnt\system32\msimtf.dll") File version = 1.00.2409.41 built by: Lab06_N, File size = 169472, File modification date = 21/03/2005 22:13, File description = Active IMM Server DLL, Product Name = Microsoft(R) Windows NT(R) Operating System, Product version = 1.00.2409.41, Company name = Microsoft Corporation (Copyright (C) Microsoft Corporation. 1981-2001) |-537903291|0xb9891496757d36a8d4496823365aaa71|
C:\WINNT\system32\MSI.DLL, MID = 78b20000, ("c:\winnt\system32\msi.dll") File version = 3.1.4000.4033, File size = 2854400, File modification date = 05/04/2007 07:17, File description = Windows Installer, Product Name = Windows Installer - Unicode, Product version = 3.1.4000.4033, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-2030425112|0xf75dd2e82d0019ddddd926ba9b07a325|
C:\Program Files\Mozilla Firefox\components\spellchk.dll, MID = 60050000, ("c:\program files\mozilla firefox\components\spellchk.dll") File version = 1.8.1.20: 2008121709, File size = 46712, File modification date = 17/12/2008 21:59, File description = , Product Name = Firefox, Product version = 1.8.1.20: 2008121709, Company name = Mozilla Foundation (License: MPL 1.1/GPL 2.0/LGPL 2.1) |-420177114|0xc7eb9b4ad35029469b6af8f438062dcc|
C:\WINNT\system32\rasadhlp.dll, MID = 777f0000, ("c:\winnt\system32\rasadhlp.dll") File version = 5.00.2195.7098, File size = 7440, File modification date = 06/07/2006 11:45, File description = Remote Access AutoDial Helper, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7098, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-830196155|0x15c7fe3ef6c5f43a10a8c3eb3b993dd6|
C:\WINNT\system32\msimg32.dll, MID = 6b2c0000, ("c:\winnt\system32\msimg32.dll") File version = 5.00.2180.1, File size = 5392, File modification date = 14/07/2003 12:00, File description = GDIEXT Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2180.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |198263719|0x6463e7716ac0acffa85d4218058eec10|
C:\Program Files\Mozilla Firefox\freebl3.dll, MID = 60090000, ("c:\program files\mozilla firefox\freebl3.dll") File version = 3.11.4 Basic ECC, File size = 200829, File modification date = 17/12/2008 18:24, File description = NSS freebl Library, Product Name = Network Security Services, Product version = 3.11.4 Basic ECC, Company name = Mozilla Foundation |-1278799495|0xc012451bbd092a4d0cdac14af9d36920|
C:\WINNT\system32\rsaenh.dll, MID = 7ca00000, ("c:\winnt\system32\rsaenh.dll") File version = 5.00.2195.6611, File size = 134928, File modification date = 14/07/2003 12:00, File description = Microsoft Enhanced Cryptographic Provider (US/Canada Only, Not for Export), Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6611, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1920969176|0x0ce723e5b4c61b1202eea0dc26118a00|
C:\WINNT\system32\CRYPT32.dll, MID = 7c740000, ("c:\winnt\system32\crypt32.dll") File version = 5.131.2195.6926, File size = 563984, File modification date = 08/04/2005 11:54, File description = Crypto API32, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.131.2195.6926, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1939721043|0x9726a08c3e529c5e6a48fff274a32932|
C:\WINNT\system32\MSASN1.dll, MID = 77430000, ("c:\winnt\system32\msasn1.dll") File version = 5.00.2195.6905, File size = 56592, File modification date = 08/04/2005 11:54, File description = ASN.1 Runtime APIs, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6905, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |941742114|0x507173a20310cc8eaebb1204dc1d822d|
C:\Program Files\Mozilla Firefox\nssckbi.dll, MID = 60230000, ("c:\program files\mozilla firefox\nssckbi.dll") File version = 1.65, File size = 276072, File modification date = 17/12/2008 21:59, File description = NSS Builtin Trusted Root CAs, Product Name = Network Security Services, Product version = 1.65, Company name = Mozilla Foundation |2143309527|0x3dc74a246631fd0bb98c707b0b336046|
C:\WINNT\system32\IMM32.DLL, MID = 75e60000, ("c:\winnt\system32\imm32.dll") File version = 5.00.2195.6655, File size = 96528, File modification date = 14/07/2003 12:00, File description = Windows 2000 IMM32 API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |963357628|0x873794ce17dd72420d9c4072d4d112e5|
C:\WINNT\system32\Mlang.dll, MID = 70440000, ("c:\winnt\system32\mlang.dll") File version = 6.00.2800.1106, File size = 574976, File modification date = 29/08/2002 14:14, File description = Multi Language Support DLL, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |541589901|0xaa213a1b082e910b768c17093fd4e0c1|
C:\WINNT\system32\wdmaud.drv, MID = 77560000, ("c:\winnt\system32\wdmaud.drv") File version = 5.00.2195.6673, File size = 21264, File modification date = 19/06/2003 19:05, File description = WDM Audio driver mapper, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6673, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2003832807|0x64edee207678b40a3b0a777292744caa|
C:\WINNT\system32\msacm32.drv, MID = 77400000, ("c:\winnt\system32\msacm32.drv") File version = 5.00.2134.1, File size = 21264, File modification date = 14/07/2003 12:00, File description = Microsoft Sound Mapper, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2041383596|0x4bfd2599ed4c793054f627b1c1470e43|
C:\WINNT\system32\MSACM32.dll, MID = 77410000, ("c:\winnt\system32\msacm32.dll") File version = 5.00.2134.1, File size = 66832, File modification date = 14/07/2003 12:00, File description = Microsoft ACM Audio Filter, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1153347570|0xc7428a1a88eb172d66317aedb6ad48f0|
C:\WINNT\system32\schannel.dll, MID = 78160000, ("c:\winnt\system32\schannel.dll") File version = 5.00.2195.6960, File size = 151312, File modification date = 08/04/2005 11:51, File description = TLS / SSL Security Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6960, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1599896551|0x725d342eacf0fd4529c19283bfb0128f|
C:\WINNT\system32\shdocvw.dll, MID = 71000000, ("c:\winnt\system32\shdocvw.dll") File version = 6.00.2800.1106, File size = 1338368, File modification date = 29/08/2002 14:14, File description = Shell Doc Object and Control Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1802806112|0x7d89e0216917a6f233735902f649e8d1|
C:\WINNT\system32\ntshrui.dll, MID = 76fa0000, ("c:\winnt\system32\ntshrui.dll") File version = 5.00.2134.1, File size = 47888, File modification date = 14/07/2003 12:00, File description = Shell extensions for sharing, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1146396665|0x8648b1b3700ff6998aca8d99dd6de719|
C:\WINNT\system32\ATL.DLL, MID = 773e0000, ("c:\winnt\system32\atl.dll") File version = 3.00.9435, File size = 74810, File modification date = 14/07/2003 12:00, File description = ATL Module for Windows NT (Unicode), Product Name = Microsoft (R) Visual C++, Product version = 6.00.9435, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1996-1998) |-1243910862|0x613baa8eff406d543746584f32ca0efe|
C:\WINNT\system32\browseui.dll, MID = 71160000, ("c:\winnt\system32\browseui.dll") File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
C:\WINNT\system32\LINKINFO.DLL, MID = 76710000, ("c:\winnt\system32\linkinfo.dll") File version = 5.00.2195.7069, File size = 17680, File modification date = 23/09/2005 11:03, File description = Windows Volume Tracking, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7069, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1994-1999) |-1024464648|0xeb0ea3ef05d648455d691348c819e479|
C:\WINNT\system32\mydocs.dll, MID = 76df0000, ("c:\winnt\system32\mydocs.dll") File version = 5.00.3502.6601, File size = 57104, File modification date = 14/07/2003 12:00, File description = My Documents Folder UI, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3502.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1997) |-1505230217|0x811344382cfe42fac7608645203429a2|

PROCESS GetSystemInfo.e, PID = 1148, USER = WS24\Administrator (Group - WS24\None, Everyone, WS24\Debugger Users, BUILTIN\Administrators, BUILTIN\Users, NT AUTHORITY\INTERACTIVE, NT AUTHORITY\Authenticated Users, LOCAL), Command Line = "C:\Documents and Settings\Administrator\Desktop\GetSystemInfo.exe"
"c:\documents and settings\administrator\desktop\getsysteminfo.exe" File version = 3, 0, 0, 5, File size = 331857, File modification date = 23/10/2009 22:20, File description = Retrive system information., Product Name = KL GetSystemInfo, Product version = 3, 0, 0, 5, Company name = Kaspersky Lab (Copyright Alexey Antropov, Kaspersky Lab. © 2004) |722413012|0xacd53240c99dfaea6721e1220a112d5a|
C:\Documents and Settings\Administrator\Desktop\GetSystemInfo.exe, MID = 400000, ("c:\documents and settings\administrator\desktop\getsysteminfo.exe") File version = 3, 0, 0, 5, File size = 331857, File modification date = 23/10/2009 22:20, File description = Retrive system information., Product Name = KL GetSystemInfo, Product version = 3, 0, 0, 5, Company name = Kaspersky Lab (Copyright Alexey Antropov, Kaspersky Lab. © 2004) |722413012|0xacd53240c99dfaea6721e1220a112d5a|
C:\WINNT\system32\ntdll.dll, MID = 77f80000, ("c:\winnt\system32\ntdll.dll") File version = 5.00.2195.7006, File size = 483600, File modification date = 16/08/2005 09:39, File description = NT Layer DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7006, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1093949723|0x4c0f0b57de8c1669aa6f49d285b3865a|
C:\WINNT\system32\KERNEL32.dll, MID = 7c570000, ("c:\winnt\system32\kernel32.dll") File version = 5.00.2195.7135, File size = 712976, File modification date = 16/04/2007 12:44, File description = Windows NT BASE API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7135, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1984583957|0x0ab23b46ccaeba64d748a5cf79cb4bb6|
C:\WINNT\system32\USER32.dll, MID = 77e10000, ("c:\winnt\system32\user32.dll") File version = 5.00.2195.7133, File size = 381200, File modification date = 06/03/2007 11:17, File description = Windows 2000 USER API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7133, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |428782839|0x40023a7103796b1af6ca41a6dbc54775|
C:\WINNT\system32\GDI32.dll, MID = 77f40000, ("c:\winnt\system32\gdi32.dll") File version = 5.00.2195.7205, File size = 237840, File modification date = 23/10/2008 05:27, File description = GDI Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7205, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-509084252|0xddc864563d0c543cbed08f32864a87a9|
C:\WINNT\system32\WINSPOOL.DRV, MID = 77800000, ("c:\winnt\system32\winspool.drv") File version = 5.00.2195.6659, File size = 113936, File modification date = 14/07/2003 12:00, File description = Windows Spooler Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6659, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |922778299|0xe58bf969aa9e4c548473474d8e9d971a|
C:\WINNT\system32\RPCRT4.DLL, MID = 77d30000, ("c:\winnt\system32\rpcrt4.dll") File version = 5.00.2195.7090, File size = 439056, File modification date = 17/07/2007 06:42, File description = Remote Procedure Call Runtime, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7090, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-897039946|0xe11ad7a9e8320ad76954eab83356efbe|
C:\WINNT\system32\Secur32.dll, MID = 7c340000, ("c:\winnt\system32\secur32.dll") File version = 5.00.2195.6695, File size = 48912, File modification date = 14/07/2003 12:00, File description = Security Support Provider Interface, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6695, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1886565331|0x0d6b5a519879138244ef3f8549c02432|
C:\WINNT\system32\ADVAPI32.DLL, MID = 7c2d0000, ("c:\winnt\system32\advapi32.dll") File version = 5.00.2195.7038, File size = 401168, File modification date = 21/04/2005 08:08, File description = Advanced Windows 32 Base API, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7038, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1396536984|0x67d5fc28cab4066922da01eb9c28167a|
C:\WINNT\system32\MPR.DLL, MID = 76620000, ("c:\winnt\system32\mpr.dll") File version = 5.00.2195.7134, File size = 54032, File modification date = 16/04/2007 12:44, File description = Multiple Provider Router DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7134, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1720145585|0xbbe0c0025a82681055660d91cef145ef|
C:\WINNT\system32\comdlg32.dll, MID = 76b30000, ("c:\winnt\system32\comdlg32.dll") File version = 5.00.3700.6693, File size = 241424, File modification date = 14/07/2003 12:00, File description = Common Dialogs DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3700.6693, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1132175447|0x41c157ba2f205017ec26998009ccb046|
C:\WINNT\system32\SHLWAPI.DLL, MID = 70bd0000, ("c:\winnt\system32\shlwapi.dll") File version = 6.00.2800.1106, File size = 395264, File modification date = 29/08/2002 14:14, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |548690860|0x77e607bcfb09e6958fe58b0345ec48c6|
C:\WINNT\system32\msvcrt.dll, MID = 78000000, ("c:\winnt\system32\msvcrt.dll") File version = 6.10.9844.0, File size = 286773, File modification date = 14/07/2003 12:00, File description = Microsoft (R) C Runtime Library, Product Name = Microsoft (R) Visual C++, Product version = 6.10.9844.0, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-229369582|0xba7be6f92680b28b9031170659fd222d|
C:\WINNT\system32\COMCTL32.DLL, MID = 71710000, ("c:\winnt\system32\comctl32.dll") File version = 5.81, File size = 529680, File modification date = 29/08/2002 14:14, File description = Common Controls Library, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.50.4916.400, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-2001) |163435159|0x9edc93cc795dff919c6cd953912838a9|
C:\WINNT\system32\SHELL32.DLL, MID = 7cf30000, ("c:\winnt\system32\shell32.dll") File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
C:\WINNT\system32\WINMM.dll, MID = 77570000, ("c:\winnt\system32\winmm.dll") File version = 5.00.2161.1, File size = 189200, File modification date = 14/07/2003 12:00, File description = MCI API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2161.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1294126543|0x89ae2927b977604d720b1680e208af47|
C:\WINNT\system32\WS2_32.dll, MID = 75030000, ("c:\winnt\system32\ws2_32.dll") File version = 5.00.2195.6601, File size = 69904, File modification date = 14/07/2003 12:00, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2119670867|0x0190c62de42396d78db9be771cf2403e|
C:\WINNT\system32\WS2HELP.DLL, MID = 75020000, ("c:\winnt\system32\ws2help.dll") File version = 5.00.2134.1, File size = 18192, File modification date = 14/07/2003 12:00, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1302601384|0x28336b1300ec048124197091354251b6|
C:\WINNT\system32\VERSION.dll, MID = 77820000, ("c:\winnt\system32\version.dll") File version = 5.00.2195.6623, File size = 16144, File modification date = 14/07/2003 12:00, File description = Version Checking and File Installation Libraries, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6623, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-190638979|0xca34bd29eb86bd772d59d35b959d43ee|
C:\WINNT\system32\LZ32.DLL, MID = 759b0000, ("c:\winnt\system32\lz32.dll") File version = 5.00.2195.6611, File size = 10000, File modification date = 14/07/2003 12:00, File description = LZ Expand/Compress API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6611, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1264502935|0x486298f7d8f63d3c441579783541a01b|
C:\WINNT\system32\Msi.dll, MID = 78b20000, ("c:\winnt\system32\msi.dll") File version = 3.1.4000.4033, File size = 2854400, File modification date = 05/04/2007 07:17, File description = Windows Installer, Product Name = Windows Installer - Unicode, Product version = 3.1.4000.4033, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-2030425112|0xf75dd2e82d0019ddddd926ba9b07a325|
C:\WINNT\system32\MSCTF.dll, MID = 60000000, ("c:\winnt\system32\msctf.dll") File version = 1.00.2409.41 built by: Lab06_N, File size = 289792, File modification date = 21/03/2005 22:12, File description = MSUIM Server DLL, Product Name = Microsoft(R) Windows NT(R) Operating System, Product version = 1.00.2409.41, Company name = Microsoft Corporation (Copyright (C) Microsoft Corporation. 1981-2001) |-2131644266|0x3f39a3de6d810b493ab397413250ad88|
C:\WINNT\system32\OLE32.DLL, MID = 7ce20000, ("c:\winnt\system32\ole32.dll") File version = 5.00.2195.7059, File size = 957712, File modification date = 05/09/2005 08:18, File description = Microsoft OLE for Windows, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7059, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1440050145|0x7f22f0fb5437b1b83bca7380385faf2d|
C:\WINNT\system32\CLBCATQ.DLL, MID = 7c950000, ("c:\winnt\system32\clbcatq.dll") File version = 2000.2.3529.0, File size = 551184, File modification date = 05/09/2005 08:18, File description = (null), Product Name = COM Services, Product version = 03.00.00.3529, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |191380482|0x6b8970e4791049d3ee5c3514e62797ee|
C:\WINNT\system32\OLEAUT32.dll, MID = 779b0000, ("c:\winnt\system32\oleaut32.dll") File version = 2.40.4532, File size = 631056, File modification date = 05/12/2007 10:40, File description = (null), Product Name = (null), Product version = 2.40.4532, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-1998.) |1026888533|0x6c81e3b6dde5b04290f4429f64b4959d|
C:\WINNT\system32\cscui.dll, MID = 77840000, ("c:\winnt\system32\cscui.dll") File version = 5.00.2195.6705, File size = 242960, File modification date = 14/07/2003 12:00, File description = Client Side Caching UI, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6705, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1998) |1133553554|0x2338214ee7338ae91c60f3e8b727aae0|
C:\WINNT\system32\CSCDLL.DLL, MID = 770c0000, ("c:\winnt\system32\cscdll.dll") File version = 5.00.2195.6713, File size = 101136, File modification date = 14/07/2003 12:00, File description = Offline Network Agent, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6713, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. ) |1641852540|0x99b3f8bc2e6dd1eece66eb6ca5007729|
C:\WINNT\system32\ntshrui.dll, MID = 76fa0000, ("c:\winnt\system32\ntshrui.dll") File version = 5.00.2134.1, File size = 47888, File modification date = 14/07/2003 12:00, File description = Shell extensions for sharing, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1146396665|0x8648b1b3700ff6998aca8d99dd6de719|
C:\WINNT\system32\ATL.DLL, MID = 773e0000, ("c:\winnt\system32\atl.dll") File version = 3.00.9435, File size = 74810, File modification date = 14/07/2003 12:00, File description = ATL Module for Windows NT (Unicode), Product Name = Microsoft (R) Visual C++, Product version = 6.00.9435, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1996-1998) |-1243910862|0x613baa8eff406d543746584f32ca0efe|
C:\WINNT\system32\NETAPI32.DLL, MID = 7cdc0000, ("c:\winnt\system32\netapi32.dll") File version = 5.00.2195.7203, File size = 310032, File modification date = 17/10/2008 17:41, File description = Net Win32 API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7203, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |439070768|0x7bbba94bcae7b4371254167c24972dfc|
C:\WINNT\system32\NTDSAPI.dll, MID = 77bf0000, ("c:\winnt\system32\ntdsapi.dll") File version = 5.00.2195.6666, File size = 57616, File modification date = 14/07/2003 12:00, File description = NT5DS, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6666, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |792560724|0x1a9f0053b554fd71730b21e23458bc53|
C:\WINNT\system32\DNSAPI.DLL, MID = 77980000, ("c:\winnt\system32\dnsapi.dll") File version = 5.00.2195.7158, File size = 137488, File modification date = 25/06/2008 09:41, File description = DNS Client API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2059941658|0xf2ec571dbba43735147910f800059fac|
C:\WINNT\system32\WSOCK32.dll, MID = 75050000, ("c:\winnt\system32\wsock32.dll") File version = 5.00.2195.6603, File size = 21776, File modification date = 14/07/2003 12:00, File description = Windows Socket 32-Bit DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6603, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1515024278|0x183d2d8e28a0393b4798addd46ad27b0|
C:\WINNT\system32\WLDAP32.DLL, MID = 77950000, ("c:\winnt\system32\wldap32.dll") File version = 5.00.2195.7017, File size = 146192, File modification date = 08/04/2005 11:54, File description = Win32 LDAP API DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7017, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1717065883|0x0da1335235dc386dab3c2329bcf2d4ee|
C:\WINNT\system32\NETRAP.dll, MID = 751c0000, ("c:\winnt\system32\netrap.dll") File version = 5.00.2134.1, File size = 11536, File modification date = 14/07/2003 12:00, File description = Net Remote Admin Protocol DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1388728333|0x3de628eb3d632875b8a24bdc53e67277|
C:\WINNT\system32\SAMLIB.dll, MID = 75150000, ("c:\winnt\system32\samlib.dll") File version = 5.00.2195.6944, File size = 51984, File modification date = 08/04/2005 11:54, File description = SAM Library DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6944, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1155014648|0xabda35a92538d23407d3f394f5179002|
C:\WINNT\system32\SHDOCVW.dll, MID = 71000000, ("c:\winnt\system32\shdocvw.dll") File version = 6.00.2800.1106, File size = 1338368, File modification date = 29/08/2002 14:14, File description = Shell Doc Object and Control Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1802806112|0x7d89e0216917a6f233735902f649e8d1|
C:\WINNT\system32\iphlpapi.dll, MID = 77340000, ("c:\winnt\system32\iphlpapi.dll") File version = 5.00.2195.7097, File size = 68368, File modification date = 19/05/2006 09:18, File description = IP Helper API, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7097, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |979295807|0x0239d8d4b29b7664d73e16005cfefcce|
C:\WINNT\system32\ICMP.dll, MID = 77520000, ("c:\winnt\system32\icmp.dll") File version = 5.00.2134.1, File size = 7440, File modification date = 14/07/2003 12:00, File description = ICMP DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-215668467|0xeabdb948f90cc5f8e342c83ae10a71fe|
C:\WINNT\system32\MPRAPI.dll, MID = 77320000, ("c:\winnt\system32\mprapi.dll") File version = 5.00.2181.1, File size = 81168, File modification date = 14/07/2003 12:00, File description = Windows NT MP Router Administration DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2181.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1442464466|0xbb88f06f7aed4237df2a121deccb4d8a|
C:\WINNT\system32\ACTIVEDS.DLL, MID = 773b0000, ("c:\winnt\system32\activeds.dll") File version = 5.00.2195.6601, File size = 182032, File modification date = 14/07/2003 12:00, File description = ADs Router Layer DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1899155926|0x5200155df5cd700ebe717a8d6dbdccc7|
C:\WINNT\system32\ADSLDPC.DLL, MID = 77380000, ("c:\winnt\system32\adsldpc.dll") File version = 5.00.2195.6993, File size = 134928, File modification date = 08/04/2005 11:54, File description = ADs LDAP Provider C DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6993, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1367366423|0xf898815e2a3d185df0d61214cb1768ef|
C:\WINNT\system32\RTUTILS.DLL, MID = 77830000, ("c:\winnt\system32\rtutils.dll") File version = 5.00.2168.1, File size = 44816, File modification date = 14/07/2003 12:00, File description = Routing Utilities, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2168.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1125120706|0xc1fcf708669031c78dcd68589abd9d4c|
C:\WINNT\system32\SETUPAPI.DLL, MID = 77880000, ("c:\winnt\system32\setupapi.dll") File version = 5.00.2195.6622, File size = 570128, File modification date = 14/07/2003 12:00, File description = Windows Setup API, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6622, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-895472665|0x9726125daa47dcbf34f53cef8c677b9c|
C:\WINNT\system32\USERENV.DLL, MID = 7c0f0000, ("c:\winnt\system32\userenv.dll") File version = 5.00.2195.7002, File size = 399120, File modification date = 08/04/2005 11:54, File description = Userenv, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7002, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2111145570|0x099cd26e9c34225002e4477c8ac8dcb0|
C:\WINNT\system32\RASAPI32.dll, MID = 774e0000, ("c:\winnt\system32\rasapi32.dll") File version = 5.00.2195.6920, File size = 200464, File modification date = 08/04/2005 11:54, File description = Remote Access API, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6920, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |871917568|0xc2d3211d940675d7d25ccd1129126337|
C:\WINNT\system32\rasman.dll, MID = 774c0000, ("c:\winnt\system32\rasman.dll") File version = 5.00.2195.6824, File size = 58128, File modification date = 08/04/2005 11:54, File description = Remote Access Connection Manager, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6824, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1127137275|0xb342275d0a3e43983f9e27367c052ef1|
C:\WINNT\system32\TAPI32.dll, MID = 77530000, ("c:\winnt\system32\tapi32.dll") File version = 5.00.2195.6664, File size = 126736, File modification date = 14/07/2003 12:00, File description = Microsoft® Windows(TM) Telephony API Client DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6664, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1996-97) |791213335|0x1345278cf4e09542f684d824ec90674d|
C:\WINNT\system32\DHCPCSVC.DLL, MID = 77360000, ("c:\winnt\system32\dhcpcsvc.dll") File version = 5.00.2195.7085, File size = 89872, File modification date = 19/05/2006 09:18, File description = DHCP Client Service, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7085, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1178354831|0x4f17861b7f354f156d3e3663c426cb13|
C:\WINNT\system32\perfproc.dll, MID = 69270000, ("c:\winnt\system32\perfproc.dll") File version = 5.00.2195.6697, File size = 29456, File modification date = 14/07/2003 12:00, File description = Windows System Process Performance Objects DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6697, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1625418278|0x466f311ae10f436d360e7fcba81af769|
C:\WINNT\system32\psapi.dll, MID = 690a0000, ("c:\winnt\system32\psapi.dll") File version = 5.00.2134.1, File size = 28944, File modification date = 14/07/2003 12:00, File description = Process Status Helper, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1643079480|0x7f7005d2f1d9c579179807818c3ac4c7|

Robert09
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2009-10-14
OS OS : 2000 Pro
Points Points : 26223
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Robert09 on Fri Oct 23, 2009 10:56 pm

Opened TCP/UDP ports:

TCP, LOCAL (host/address/port):WS24/0.0.0.0/445(microsoft-ds), REMOTE (host/address/port):*/*/*, State:LISTENING, PID = 8, Command Line =
TCP, LOCAL (host/address/port):cpe-76-171-37-85.socal.res.rr.com/76.171.37.85/139(netbios-ssn), REMOTE (host/address/port):*/*/*, State:LISTENING, PID = 8, Command Line =
TCP, LOCAL (host/address/port):cpe-76-171-37-85.socal.res.rr.com/76.171.37.85/4004, REMOTE (host/address/port):p1.toolbar.vip.sp2.yahoo.com/98.137.53.23/80(http), State:TIME_WAIT, PID = 0, Command Line = (null)
TCP, LOCAL (host/address/port):cpe-76-171-37-85.socal.res.rr.com/76.171.37.85/4009, REMOTE (host/address/port):nuq04s01-in-f149.1e100.net/74.125.19.149/80(http), State:ESTABLISHED, PID = 1180, Command Line = "c:\program files\mozilla firefox\firefox.exe" "c:\program files\mozilla firefox\firefox.exe" File version = 1.8.1.20: 2008121709, File size = 7678568, File modification date = 17/12/2008 21:59, File description = Firefox, Product Name = Firefox, Product version = 2.0.0.20, Company name = Mozilla Corporation (Mozilla Corporation) |-520022376|0x8f93743d81634db09023c41154b3e320|
TCP, LOCAL (host/address/port):cpe-76-171-37-85.socal.res.rr.com/76.171.37.85/4010, REMOTE (host/address/port):host-93-104-193-173.customer.m-online.net/93.104.193.173/80(http), State:TIME_WAIT, PID = 0, Command Line = (null)
TCP, LOCAL (host/address/port):cpe-76-171-37-85.socal.res.rr.com/76.171.37.85/4012, REMOTE (host/address/port):nuq04s01-in-f102.1e100.net/74.125.19.102/80(http), State:ESTABLISHED, PID = 1180, Command Line = "c:\program files\mozilla firefox\firefox.exe" "c:\program files\mozilla firefox\firefox.exe" File version = 1.8.1.20: 2008121709, File size = 7678568, File modification date = 17/12/2008 21:59, File description = Firefox, Product Name = Firefox, Product version = 2.0.0.20, Company name = Mozilla Corporation (Mozilla Corporation) |-520022376|0x8f93743d81634db09023c41154b3e320|
TCP, LOCAL (host/address/port):cpe-76-171-37-85.socal.res.rr.com/76.171.37.85/4015, REMOTE (host/address/port):ats-dbc.dial.aol.com/205.188.66.221/5190, State:TIME_WAIT, PID = 0, Command Line = (null)
TCP, LOCAL (host/address/port):cpe-76-171-37-85.socal.res.rr.com/76.171.37.85/4018, REMOTE (host/address/port):reachability.aol.com/205.188.130.216/80(http), State:TIME_WAIT, PID = 0, Command Line = (null)
TCP, LOCAL (host/address/port):WS24/127.0.0.1/3990, REMOTE (host/address/port):WS24/127.0.0.1/3991, State:ESTABLISHED, PID = 1180, Command Line = "c:\program files\mozilla firefox\firefox.exe" "c:\program files\mozilla firefox\firefox.exe" File version = 1.8.1.20: 2008121709, File size = 7678568, File modification date = 17/12/2008 21:59, File description = Firefox, Product Name = Firefox, Product version = 2.0.0.20, Company name = Mozilla Corporation (Mozilla Corporation) |-520022376|0x8f93743d81634db09023c41154b3e320|
TCP, LOCAL (host/address/port):WS24/127.0.0.1/3991, REMOTE (host/address/port):WS24/127.0.0.1/3990, State:ESTABLISHED, PID = 1180, Command Line = "c:\program files\mozilla firefox\firefox.exe" "c:\program files\mozilla firefox\firefox.exe" File version = 1.8.1.20: 2008121709, File size = 7678568, File modification date = 17/12/2008 21:59, File description = Firefox, Product Name = Firefox, Product version = 2.0.0.20, Company name = Mozilla Corporation (Mozilla Corporation) |-520022376|0x8f93743d81634db09023c41154b3e320|
TCP, LOCAL (host/address/port):WS24/127.0.0.1/3992, REMOTE (host/address/port):WS24/127.0.0.1/5152, State:FIN_WAIT2, PID = 400, Command Line = (null)
TCP, LOCAL (host/address/port):WS24/127.0.0.1/4006, REMOTE (host/address/port):WS24/127.0.0.1/4007, State:ESTABLISHED, PID = 1180, Command Line = "c:\program files\mozilla firefox\firefox.exe" "c:\program files\mozilla firefox\firefox.exe" File version = 1.8.1.20: 2008121709, File size = 7678568, File modification date = 17/12/2008 21:59, File description = Firefox, Product Name = Firefox, Product version = 2.0.0.20, Company name = Mozilla Corporation (Mozilla Corporation) |-520022376|0x8f93743d81634db09023c41154b3e320|
TCP, LOCAL (host/address/port):WS24/127.0.0.1/4007, REMOTE (host/address/port):WS24/127.0.0.1/4006, State:ESTABLISHED, PID = 1180, Command Line = "c:\program files\mozilla firefox\firefox.exe" "c:\program files\mozilla firefox\firefox.exe" File version = 1.8.1.20: 2008121709, File size = 7678568, File modification date = 17/12/2008 21:59, File description = Firefox, Product Name = Firefox, Product version = 2.0.0.20, Company name = Mozilla Corporation (Mozilla Corporation) |-520022376|0x8f93743d81634db09023c41154b3e320|
TCP, LOCAL (host/address/port):WS24/127.0.0.1/5152, REMOTE (host/address/port):*/*/*, State:LISTENING, PID = 500, Command Line = "c:\program files\java\jre6\bin\jqs.exe" -service -config "c:\program files\java\jre6\lib\deploy\jqs\jqs.conf" "c:\program files\java\jre6\bin\jqs.exe" File version = 6.0.160.1, File size = 153376, File modification date = 14/10/2009 08:54, File description = Java(TM) Quick Starter Service, Product Name = Java(TM) Platform SE 6 U16, Product version = 6.0.160.1, Company name = Sun Microsystems, Inc. (Copyright © 2004) |1391550021|0x09417134f248dfceea15c72bcc87f592|
TCP, LOCAL (host/address/port):WS24/127.0.0.1/5152, REMOTE (host/address/port):WS24/127.0.0.1/3992, State:CLOSE_WAIT, PID = 500, Command Line = "c:\program files\java\jre6\bin\jqs.exe" -service -config "c:\program files\java\jre6\lib\deploy\jqs\jqs.conf" "c:\program files\java\jre6\bin\jqs.exe" File version = 6.0.160.1, File size = 153376, File modification date = 14/10/2009 08:54, File description = Java(TM) Quick Starter Service, Product Name = Java(TM) Platform SE 6 U16, Product version = 6.0.160.1, Company name = Sun Microsystems, Inc. (Copyright © 2004) |1391550021|0x09417134f248dfceea15c72bcc87f592|
UDP, LOCAL (host/address/port):WS24/0.0.0.0/445(microsoft-ds), REMOTE (host/address/port):*/*/*, State:*, PID = 8, Command Line =
UDP, LOCAL (host/address/port):cpe-76-171-37-85.socal.res.rr.com/76.171.37.85/137(netbios-ns), REMOTE (host/address/port):*/*/*, State:*, PID = 8, Command Line =
UDP, LOCAL (host/address/port):cpe-76-171-37-85.socal.res.rr.com/76.171.37.85/138, REMOTE (host/address/port):*/*/*, State:*, PID = 8, Command Line =

System default language:
English

Default interface language of user:
English

Keyboard layout languages:
English

Installed code pages:
10000 = 10000 (MAC - Roman)
10079 = 10079 (MAC - Icelandic)
1250 = 1250 (ANSI - Central Europe)
1251 = 1251 (ANSI - Cyrillic)
1252 = 1252 (ANSI - Latin I)
1253 = 1253 (ANSI - Greek)
1254 = 1254 (ANSI - Turkish)
1255 = 1255 (ANSI - Hebrew)
1256 = 1256 (ANSI - Arabic)
1257 = 1257 (ANSI - Baltic)
1258 = 1258 (ANSI/OEM - Viet Nam)
1361 = Korean (Johab)
20127 = 20127 (US-ASCII)
20261 = 20261 (T.61)
20866 = 20866 (Russian - KOI8)
28591 = 28591 (ISO 8859-1 Latin I)
28592 = 28592 (ISO 8859-2 Central Europe)
28595 = ISO 8859-5 Cyrillic
28597 = ISO 8859-7 Greek
28605 = 28605 (ISO 8859-15 Latin 9)
37 = 37 (IBM EBCDIC - U.S./Canada)
437 = 437 (OEM - United States)
500 = 500 (IBM EBCDIC - International)
850 = 850 (OEM - Multilingual Latin I)
860 = 860 (OEM - Portuguese)
861 = 861 (OEM - Icelandic)
863 = 863 (OEM - Canadian French)
865 = 865 (OEM - Nordic)
874 = 874 (ANSI/OEM - Thai)
932 = 932 (ANSI/OEM - Japanese Shift-JIS)
936 = 936 (ANSI/OEM - Simplified Chinese GBK)
949 = 949 (ANSI/OEM - Korean)
950 = 950 (ANSI/OEM - Traditional Chinese Big5)
65000 = 65000 (UTF-7)
65001 = 65001 (UTF-8)

StartUp link objects:
---------------------
SYSTEM REGISTRY
*\Software\Microsoft\Windows NT\CurrentVersion\AEDebug
Debugger=drwtsn32 -p %ld -e %ld -g
"c:\winnt\system32\drwtsn32.exe" File version = 5.00.2195.6699, File size = 72464, File modification date = 14/07/2003 12:00, File description = DrWatson Postmortem Debugger, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6699, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1533013566|0x3fc93eafbcf1ff29d2d8a0300b7aea47|
*\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
Shell=Explorer.exe
"c:\winnt\explorer.exe" File version = 5.00.3700.6690, File size = 243472, File modification date = 14/07/2003 12:00, File description = Windows Explorer, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3700.6690, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-627689957|0x59cf2b7dced9111f48f51b4b570e672d|
UserInit=C:\WINNT\system32\userinit.exe,
"c:\winnt\system32\userinit.exe" File version = 5.00.2195.6612, File size = 17680, File modification date = 14/07/2003 12:00, File description = Userinit Logon Application, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6612, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1405343268|0xbf179c5b8a722cc79aef1ca90d6c7d48|
*\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\*
DllName=crypt32.dll
"c:\winnt\system32\crypt32.dll" File version = 5.131.2195.6926, File size = 563984, File modification date = 08/04/2005 11:54, File description = Crypto API32, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.131.2195.6926, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1939721043|0x9726a08c3e529c5e6a48fff274a32932|
DllName=cryptnet.dll
"c:\winnt\system32\cryptnet.dll" File version = 5.131.2195.6926, File size = 63760, File modification date = 08/04/2005 11:54, File description = Crypto Network Related API, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.131.2195.6926, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-288663189|0xfef2014ba0c5ab8f553cb014885d7b1c|
DllName=cscdll.dll
"c:\winnt\system32\cscdll.dll" File version = 5.00.2195.6713, File size = 101136, File modification date = 14/07/2003 12:00, File description = Offline Network Agent, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6713, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. ) |1641852540|0x99b3f8bc2e6dd1eece66eb6ca5007729|
DllName=C:\WINNT\system32\NavLogon.dll
"c:\winnt\system32\navlogon.dll" File version = 9.0.1.1000, File size = 83272, File modification date = 03/08/2004 03:36, File description = Symantec AntiVirus Logon Notification, Product Name = Symantec AntiVirus, Product version = 9.0.1.1000, Company name = Symantec Corporation (Copyright 1991 - 2004 Symantec Corporation. All rights reserved.) |794314520|0x0c08e4d83ed6ddf9db4d683adc03ae35|
DllName=sclgntfy.dll
"c:\winnt\system32\sclgntfy.dll" File version = 5.00.2195.6608, File size = 20752, File modification date = 14/07/2003 12:00, File description = Secondary Logon Service Notification DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6608, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2138399356|0xdddc9a84e9b1ad3bd1dfaf531c15da9e|
DllName=WlNotify.dll
"c:\winnt\system32\wlnotify.dll" File version = 5.00.2195.7000, File size = 57104, File modification date = 08/04/2005 11:54, File description = Common DLL to receive Winlogon notifications, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7000, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1963829805|0x0ac7c01fae29d99696147295cbd0a0be|
DllName=wzcdlg.dll
"c:\winnt\system32\wzcdlg.dll" File version = 5.00.2195.6604, File size = 52496, File modification date = 14/07/2003 12:00, File description = Wireless Zero Configuration Service UI, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6604, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-897269931|0x40217a42449dab0124957f81c6f33ecd|
*\Software\Microsoft\Windows*\CurrentVersion\Run*
Synchronization Manager=mobsync.exe /logon
"c:\winnt\system32\mobsync.exe" File version = 5.00.2195.6627, File size = 111376, File modification date = 14/07/2003 12:00, File description = Microsoft Synchronization Manager, Product Name = Microsoft Synchronization Manager, Product version = 5.00.2195.6627, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1309831616|0x9b2f5b9e745deaaa57fb78329ed03061|
VTPreset=VTPreset.exe
"c:\winnt\system32\vtpreset.exe" File version = 1.01.00.0102, File size = 45056, File modification date = 25/02/2004 03:17, File description = , Product Name = S3 Graphics, Inc. Utilities, Product version = 1.01.00.0102, Company name = S3 Graphics, Inc. (Copyright (C) 2001-2004 S3 Graphics, Inc.) |1229376621|0x98d537d963197ab72f11d7293fe344de|
vptray=C:\PROGRA~1\SYMANT~1\VPTray.exe
"c:\program files\symantec antivirus\vptray.exe" File version = 9.0.1.1000, File size = 124232, File modification date = 03/08/2004 03:36, File description = Symantec AntiVirus, Product Name = Symantec AntiVirus, Product version = 9.0.1.1000, Company name = Symantec Corporation (Copyright 1991 - 2004 Symantec Corporation. All rights reserved.) |-1927514860|0x46af9457ff9d22a5832490c546169363|
ccApp="C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
"c:\program files\common files\symantec shared\ccapp.exe" File version = 2.2.1.004, File size = 66680, File modification date = 10/06/2004 04:31, File description = Common Client User Session, Product Name = Common Client, Product version = 2.2.1.004, Company name = Symantec Corporation (Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.) |1729535236|0x05a76d9dd303def4dcc8ee18ee8c58b9|
TkBellExe="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
"c:\program files\common files\real\update_ob\realsched.exe" File version = 0.1.0.4043, File size = 185632, File modification date = 06/04/2008 05:51, File description = RealNetworks Scheduler, Product Name = RealPlayer (32-bit) , Product version = 0.1.0.4043, Company name = RealNetworks, Inc. (Copyright © RealNetworks, Inc. 1995-2004) |1143612952|0x28525d80ea1d33cf60b8ac318a5f1c82|
HostManager=C:\Program Files\Common Files\AOL\1255452910\ee\AOLSoftware.exe
"c:\program files\common files\aol\1255452910\ee\aolsoftware.exe" File version = 15.5.1.2, File size = 42032, File modification date = 25/05/2007 17:16, File description = AOL, Product Name = AOL Service Libraries, Product version = 15.5.1.2, Company name = AOL LLC (Copyright (c) 2007 AOL LLC) |-2027065974|0xe47a895d66ac93b16ca88fe77ce73de0|
SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe"
"c:\program files\java\jre6\bin\jusched.exe" File version = 6.0.160.1, File size = 149280, File modification date = 14/10/2009 08:54, File description = Java(TM) Platform SE binary, Product Name = Java(TM) Platform SE 6 U16, Product version = 6.0.160.1, Company name = Sun Microsystems, Inc. (Copyright © 2004) |410535439|0x5e4c9c25d603ae46dedcbd9674f86e21|
Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"c:\program files\adobe\reader 9.0\reader\reader_sl.exe" File version = 9.2.0.124, File size = 35696, File modification date = 03/10/2009 11:08, File description = Adobe Acrobat SpeedLauncher, Product Name = Adobe Acrobat, Product version = 9.2.0.124, Company name = Adobe Systems Incorporated (Copyright 1984-2009 Adobe Systems Incorporated and its licensors. All rights reserved.) |-678700535|0x33e5a8fc8eb0ee42478f8538d0215d8f|
Adobe ARM="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"c:\program files\common files\adobe\arm\1.0\adobearm.exe" File version = 1.0.5.0, File size = 935288, File modification date = 04/09/2009 19:08, File description = Adobe Reader and Acrobat Manager, Product Name = Adobe Reader and Acrobat Manager, Product version = 1.0.5.0, Company name = Adobe Systems Incorporated (Copyright © 2009 Adobe Systems Incorporated. All rights reserved.) |1354435498|0x3103fe27c967675b019e880aa6da3d6d|
^SetupICWDesktop=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop
"c:\program files\internet explorer\connection wizard\icwconn1.exe" File version = 5.00.3502.6602, File size = 186640, File modification date = 14/07/2003 12:00, File description = Internet Connection Wizard, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3502.6602, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1991-1999) |-397595315|0x76d94af73fb4c5361239782170592c4e|
AIM=C:\PROGRA~1\AIM95\aim.exe -cnetwait.odl
"c:\program files\aim95\aim.exe" File version = 4.8.2790, File size = 57344, File modification date = 22/05/2002 18:57, File description = AOL Instant Messenger (SM), Product Name = AOL Instant Messenger (SM), Product version = 4.8.2790, Company name = America Online, Inc. (Copyright © 1996-2002 America Online, Inc.) |-601929164|0xbdb9390ba6d0c04d454329ba4fbdcefa|
ctfmon.exe=ctfmon.exe
"c:\winnt\system32\ctfmon.exe" File version = 1.00.2409.41 built by: Lab06_N, File size = 11264, File modification date = 21/03/2005 22:13, File description = Cicero Loader, Product Name = Microsoft(R) Windows NT(R) Operating System, Product version = 1.00.2409.41, Company name = Microsoft Corporation (Copyright (C) Microsoft Corporation. 1981-2001) |1744549392|0xab176f2171db704d51b8809e8a5c38bd|
HKLM\System\ControlSet???\Services\*\Parameters
ServiceDll=%systemroot%\system32\qmgr.dll
"C:\WINNT\system32\qmgr.dll" File version = 6.6.2600.1596 (xpsp2.040919-1003), File size = 362496, File modification date = 05/10/2004 18:43, File description = Background Intelligent Transfer Service, Product Name = Microsoft® Windows® Operating System, Product version = 6.6.2600.1596, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1959754353|0xdcd38d8178bf1bea585f2f003ee3460e|
ServiceDll=C:\WINNT\system32\es.dll
"c:\winnt\system32\es.dll" File version = 2000.2.3550.0, File size = 251152, File modification date = 10/07/2008 10:00, File description = (null), Product Name = COM Services, Product version = 03.00.00.3550, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |-1675031144|0x019bd72a117c13df44d6ca3b96a345d6|
ServiceDll=%SystemRoot%\System32\netman.dll
"C:\WINNT\system32\netman.dll" File version = 5.00.2195.7061, File size = 100112, File modification date = 16/08/2005 08:35, File description = Network Connections Manager, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7061, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1484464074|0x600104d606ab3e9b9ab36076e6261a05|
ServiceDll=%SystemRoot%\system32\ntmssvc.dll
"C:\WINNT\system32\ntmssvc.dll" File version = 5.00.2195.6655, File size = 401168, File modification date = 14/07/2003 12:00, File description = Removable Storage Service, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1181589825|0x56d893a01269008c28fbf2d025b2fa78|
ServiceDll=%SystemRoot%\System32\rasauto.dll
"C:\WINNT\system32\rasauto.dll" File version = 5.00.2195.6604, File size = 77584, File modification date = 14/07/2003 12:00, File description = Remote Access AutoDial Manager, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6604, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1737329330|0x8b904d85988e71b01700b28ff4d966fe|
ServiceDll=%SystemRoot%\System32\rasmans.dll
"C:\WINNT\system32\rasmans.dll" File version = 5.00.2195.7099, File size = 161040, File modification date = 21/06/2006 12:17, File description = Remote Access Connection Manager, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7099, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-21091428|0x6b5255606d61a29520b1dead6ea9f368|
ServiceDll=%SystemRoot%\System32\mprdim.dll
"C:\WINNT\system32\mprdim.dll" File version = 5.00.2195.6601, File size = 47376, File modification date = 14/07/2003 12:00, File description = Dynamic Interface Manager, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-181305043|0x4e9825dbdb508f8ff6f6aa8162b14595|
ServiceDll=%SystemRoot%\system32\rpcss.dll
"C:\WINNT\system32\rpcss.dll" File version = 5.00.2195.7059, File size = 212240, File modification date = 05/09/2005 08:18, File description = Distributed COM Services, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7059, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |372701969|0x037ebcf93df5f0c31ccd2ff7e31e3ba5|
ServiceDll=%SystemRoot%\system32\sens.dll
"C:\WINNT\system32\sens.dll" File version = 5.00.2195.6627, File size = 38160, File modification date = 14/07/2003 12:00, File description = System Event Notification Service (SENS), Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6627, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1725763957|0x37bf0882ee939c02a2d3cf209831f2c5|
ServiceDll=%SystemRoot%\System32\ipnathlp.dll
"C:\WINNT\system32\ipnathlp.dll" File version = 5.00.2195.6902, File size = 442640, File modification date = 12/01/2005 19:39, File description = Microsoft NAT Helper Components, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6902, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |580561802|0xaea7a0f7c23337f36b57666dac442cf1|
ServiceDll=%SystemRoot%\System32\tapisrv.dll
"C:\WINNT\system32\tapisrv.dll" File version = 5.00.2195.7057, File size = 175888, File modification date = 02/07/2005 11:30, File description = Microsoft® Windows(TM) Telephony Server, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7057, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1994-1997) |-866239044|0xe1086008e7bce8621f09e6f13b89cc31|
ServiceDll=C:\WINNT\system32\mspmsnsv.dll
"c:\winnt\system32\mspmsnsv.dll" File version = 9.0.1.56, File size = 52224, File modification date = 27/11/2002 02:03, File description = Microsoft Media Device Service Provider, Product Name = Windows Media Device Manager, Product version = 9.0.1.56, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp.) |1753767644|0x36678803a8030ee9a771935cfc1848bd|
ServiceDll=C:\WINNT\system32\wuauserv.dll
"c:\winnt\system32\wuauserv.dll" File version = 5.4.3630.2554 built by: lab04_n, File size = 9216, File modification date = 14/07/2003 12:00, File description = Windows Update AutoUpdate Service, Product Name = Microsoft® Windows® Operating System, Product version = 5.4.3630.2554, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1911458420|0xc9921283e4c271dbb51b3e5d5283dd04|
ServiceDll=%SystemRoot%\System32\wzcsvc.dll
"C:\WINNT\system32\wzcsvc.dll" File version = 5.00.2195.6604, File size = 195856, File modification date = 14/07/2003 12:00, File description = Wireless Zero Configuration Service, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6604, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-481182338|0xc56caa178ffd4c28d4ef3801ee1cd0df|
ServiceDll=%systemroot%\system32\qmgr.dll
"C:\WINNT\system32\qmgr.dll" File version = 6.6.2600.1596 (xpsp2.040919-1003), File size = 362496, File modification date = 05/10/2004 18:43, File description = Background Intelligent Transfer Service, Product Name = Microsoft® Windows® Operating System, Product version = 6.6.2600.1596, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1959754353|0xdcd38d8178bf1bea585f2f003ee3460e|
ServiceDll=C:\WINNT\system32\es.dll
"c:\winnt\system32\es.dll" File version = 2000.2.3550.0, File size = 251152, File modification date = 10/07/2008 10:00, File description = (null), Product Name = COM Services, Product version = 03.00.00.3550, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |-1675031144|0x019bd72a117c13df44d6ca3b96a345d6|
ServiceDll=%SystemRoot%\System32\netman.dll
"C:\WINNT\system32\netman.dll" File version = 5.00.2195.7061, File size = 100112, File modification date = 16/08/2005 08:35, File description = Network Connections Manager, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7061, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1484464074|0x600104d606ab3e9b9ab36076e6261a05|
ServiceDll=%SystemRoot%\system32\ntmssvc.dll
"C:\WINNT\system32\ntmssvc.dll" File version = 5.00.2195.6655, File size = 401168, File modification date = 14/07/2003 12:00, File description = Removable Storage Service, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1181589825|0x56d893a01269008c28fbf2d025b2fa78|
ServiceDll=%SystemRoot%\System32\rasauto.dll
"C:\WINNT\system32\rasauto.dll" File version = 5.00.2195.6604, File size = 77584, File modification date = 14/07/2003 12:00, File description = Remote Access AutoDial Manager, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6604, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1737329330|0x8b904d85988e71b01700b28ff4d966fe|
ServiceDll=%SystemRoot%\System32\rasmans.dll
"C:\WINNT\system32\rasmans.dll" File version = 5.00.2195.7099, File size = 161040, File modification date = 21/06/2006 12:17, File description = Remote Access Connection Manager, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7099, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-21091428|0x6b5255606d61a29520b1dead6ea9f368|
ServiceDll=%SystemRoot%\System32\mprdim.dll
"C:\WINNT\system32\mprdim.dll" File version = 5.00.2195.6601, File size = 47376, File modification date = 14/07/2003 12:00, File description = Dynamic Interface Manager, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-181305043|0x4e9825dbdb508f8ff6f6aa8162b14595|
ServiceDll=%SystemRoot%\system32\rpcss.dll
"C:\WINNT\system32\rpcss.dll" File version = 5.00.2195.7059, File size = 212240, File modification date = 05/09/2005 08:18, File description = Distributed COM Services, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7059, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |372701969|0x037ebcf93df5f0c31ccd2ff7e31e3ba5|
ServiceDll=%SystemRoot%\system32\sens.dll
"C:\WINNT\system32\sens.dll" File version = 5.00.2195.6627, File size = 38160, File modification date = 14/07/2003 12:00, File description = System Event Notification Service (SENS), Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6627, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1725763957|0x37bf0882ee939c02a2d3cf209831f2c5|
ServiceDll=%SystemRoot%\System32\ipnathlp.dll
"C:\WINNT\system32\ipnathlp.dll" File version = 5.00.2195.6902, File size = 442640, File modification date = 12/01/2005 19:39, File description = Microsoft NAT Helper Components, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6902, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |580561802|0xaea7a0f7c23337f36b57666dac442cf1|
ServiceDll=%SystemRoot%\System32\tapisrv.dll
"C:\WINNT\system32\tapisrv.dll" File version = 5.00.2195.7057, File size = 175888, File modification date = 02/07/2005 11:30, File description = Microsoft® Windows(TM) Telephony Server, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7057, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1994-1997) |-866239044|0xe1086008e7bce8621f09e6f13b89cc31|
ServiceDll=C:\WINNT\system32\mspmsnsv.dll
"c:\winnt\system32\mspmsnsv.dll" File version = 9.0.1.56, File size = 52224, File modification date = 27/11/2002 02:03, File description = Microsoft Media Device Service Provider, Product Name = Windows Media Device Manager, Product version = 9.0.1.56, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp.) |1753767644|0x36678803a8030ee9a771935cfc1848bd|
ServiceDll=C:\WINNT\system32\wuauserv.dll
"c:\winnt\system32\wuauserv.dll" File version = 5.4.3630.2554 built by: lab04_n, File size = 9216, File modification date = 14/07/2003 12:00, File description = Windows Update AutoUpdate Service, Product Name = Microsoft® Windows® Operating System, Product version = 5.4.3630.2554, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1911458420|0xc9921283e4c271dbb51b3e5d5283dd04|
ServiceDll=%SystemRoot%\System32\wzcsvc.dll
"C:\WINNT\system32\wzcsvc.dll" File version = 5.00.2195.6604, File size = 195856, File modification date = 14/07/2003 12:00, File description = Wireless Zero Configuration Service, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6604, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-481182338|0xc56caa178ffd4c28d4ef3801ee1cd0df|
HKLM\System\ControlSet???\Services\*
ImagePath=system32\DRIVERS\ACPI.sys
"c:\winnt\system32\drivers\acpi.sys" File version = 5.00.2195.6655, File size = 163120, File modification date = 14/07/2003 12:00, File description = ACPI Driver for NT, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-320509561|0x083049d5dc3f32d17c2edfb732c78a09|
ImagePath=system32\drivers\Afc.sys
"c:\winnt\system32\drivers\afc.sys" File version = 1, 0, 0, 2, File size = 11776, File modification date = 23/02/2005 22:58, File description = Arcsoft(R) ASPI Shell, Product Name = Arcsoft(R) ASPI Shell, Product version = 1, 0, 0, 2, Company name = Arcsoft, Inc. ((C) Arcsoft, Inc. 1999-2005. All rights reserved.) |-1418926835|0xa7b8a3a79d35215d798a300df49ed23f|
ImagePath=\SystemRoot\System32\drivers\afd.sys
"C:\WINNT\system32\drivers\afd.sys" File version = 5.00.2195.7158, File size = 119152, File modification date = 08/05/2008 08:38, File description = Ancillary Function Driver for WinSock, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |250755651|0xe333e10e840a7f1c6017c26855250b76|
ImagePath=%SystemRoot%\system32\services.exe
"C:\WINNT\system32\services.exe" File version = 5.00.2195.7035, File size = 92944, File modification date = 08/04/2005 11:51, File description = Services and Controller app, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7035, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2029553772|0xb861b4e6e9637eb76a40c10c552e0229|
ImagePath="C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe"
"c:\program files\common files\aol\acs\aolacsd.exe" File version = 4.6.1.2 , File size = 46640, File modification date = 23/10/2006 12:50, File description = AOL Connectivity Service, Product Name = AOL Connectivity Service, Product version = 4.6.1.2 , Company name = AOL LLC (Copyright © 2001-2006 AOL LLC) |-1361306933|0x85180cf88c5ebad73b452a43a004ca51|
ImagePath=%SystemRoot%\system32\services.exe
"C:\WINNT\system32\services.exe" File version = 5.00.2195.7035, File size = 92944, File modification date = 08/04/2005 11:51, File description = Services and Controller app, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7035, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2029553772|0xb861b4e6e9637eb76a40c10c552e0229|
ImagePath=system32\DRIVERS\asyncmac.sys
"c:\winnt\system32\drivers\asyncmac.sys" File version = 5.00.2195.6655, File size = 17840, File modification date = 14/07/2003 12:00, File description = MS Remote Access serial network driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1399398665|0x5d3d77c9eb3a8e6a14cc8e1252b6cc5c|
ImagePath=system32\DRIVERS\atapi.sys
"c:\winnt\system32\drivers\atapi.sys" File version = 5.00.2195.6699, File size = 86672, File modification date = 14/07/2003 12:00, File description = IDE/ATAPI Port Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6699, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1758291391|0x8c718aa8c77041b3285d55a0ce980867|
ImagePath=system32\DRIVERS\atmarpc.sys
"c:\winnt\system32\drivers\atmarpc.sys" File version = 5.00.2166.1, File size = 57904, File modification date = 14/07/2003 12:00, File description = IP/ATM Arp Client, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2166.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |418487622|0x3e348b3313ea633d45caf59da0d631ba|
ImagePath=%SystemRoot%\System32\svchost.exe -k netsvcs
"C:\WINNT\system32\svchost.exe" File version = 5.00.2134.1, File size = 7952, File modification date = 14/07/2003 12:00, File description = Generic Host Process for Win32 Services, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |908098879|0x9e64ad53cfd9da2d22e8a924f8c6e62c|
ImagePath=system32\DRIVERS\audstub.sys
"c:\winnt\system32\drivers\audstub.sys" File version = 5.00.2134.1, File size = 2896, File modification date = 25/09/1999 10:35, File description = AudStub Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1000652672|0x39d57104a45270f0d376e9ddb484ebbd|
ImagePath=%SystemRoot%\system32\svchost.exe -k BITSgroup
"C:\WINNT\system32\svchost.exe" File version = 5.00.2134.1, File size = 7952, File modification date = 14/07/2003 12:00, File description = Generic Host Process for Win32 Services, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |908098879|0x9e64ad53cfd9da2d22e8a924f8c6e62c|
ImagePath=%SystemRoot%\system32\services.exe
"C:\WINNT\system32\services.exe" File version = 5.00.2195.7035, File size = 92944, File modification date = 08/04/2005 11:51, File description = Services and Controller app, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7035, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2029553772|0xb861b4e6e9637eb76a40c10c552e0229|
ImagePath=system32\drivers\ccdecode.sys
"c:\winnt\system32\drivers\ccdecode.sys" File version = 5.3.0000000.900 built by: DIRECTX, File size = 16384, File modification date = 09/07/2004 10:58, File description = WDM Closed Caption VBI Codec, Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |891040427|0x1478e6a09512235b9e119d2920477021|
ImagePath="C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
"c:\program files\common files\symantec shared\ccevtmgr.exe" File version = 2.2.1.004, File size = 255096, File modification date = 10/06/2004 04:31, File description = Common Client Event Manager Service, Product Name = Common Client, Product version = 2.2.1.004, Company name = Symantec Corporation (Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.) |-1683137025|0xae5858e655396d8efa3008b83b7f739a|
ImagePath="C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"
"c:\program files\common files\symantec shared\ccpwdsvc.exe" File version = 2.2.1.004, File size = 87160, File modification date = 10/06/2004 04:31, File description = Common Client Password Validation, Product Name = Common Client, Product version = 2.2.1.004, Company name = Symantec Corporation (Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.) |600031876|0x7109348188ede64d8c7db5df930f94c1|
ImagePath="C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
"c:\program files\common files\symantec shared\ccsetmgr.exe" File version = 2.2.1.004, File size = 242808, File modification date = 10/06/2004 04:31, File description = Common Client Settings Manager Service, Product Name = Common Client, Product version = 2.2.1.004, Company name = Symantec Corporation (Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.) |-733496957|0xc5af6ec3dde5f349e4f55a088297c871|
ImagePath=system32\DRIVERS\cdrom.sys
"c:\winnt\system32\drivers\cdrom.sys" File version = 5.00.2195.6655, File size = 27984, File modification date = 14/07/2003 12:00, File description = SCSI CD-ROM Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-637534207|0x4b86a90a7f0095d514d22a9083826488|
ImagePath=C:\WINNT\system32\cisvc.exe
"c:\winnt\system32\cisvc.exe" File version = 5.00.2134.1, File size = 5392, File modification date = 14/07/2003 12:00, File description = Content Index service, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2036583598|0x2830a2c82270f387265dfa658656eb99|
ImagePath=%SystemRoot%\system32\clipsrv.exe
"C:\WINNT\system32\clipsrv.exe" File version = 5.00.2134.1, File size = 31504, File modification date = 14/07/2003 12:00, File description = Windows NT DDE Server, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2002085244|0x804212b6b82354cf4f0c2d567575688a|
ImagePath=C:\WINNT\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
"c:\winnt\microsoft.net\framework\v2.0.50727\mscorsvw.exe" File version = 2.0.50727.42 (RTM.050727-4200), File size = 66240, File modification date = 23/09/2005 14:28, File description = .NET Runtime Optimization Service, Product Name = Microsoft® .NET Framework, Product version = 2.0.50727.42, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2108567825|0x3c4d595e7f9b747325aef28b4adcaae5|
ImagePath="C:\Program Files\Symantec AntiVirus\DefWatch.exe"
"c:\program files\symantec antivirus\defwatch.exe" File version = 9.0.1.1000, File size = 30024, File modification date = 03/08/2004 03:36, File description = Virus Definition Daemon, Product Name = Symantec AntiVirus, Product version = 9.0.1.1000, Company name = Symantec Corporation (Copyright 1998 - 2004 Symantec Corporation. All rights reserved.) |1371831212|0x626534ad71dab174c4524214a9e8bb89|
ImagePath=%SystemRoot%\system32\services.exe
"C:\WINNT\system32\services.exe" File version = 5.00.2195.7035, File size = 92944, File modification date = 08/04/2005 11:51, File description = Services and Controller app, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7035, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2029553772|0xb861b4e6e9637eb76a40c10c552e0229|
ImagePath=system32\DRIVERS\disk.sys
"c:\winnt\system32\drivers\disk.sys" File version = 5.00.2195.6655, File size = 30768, File modification date = 14/07/2003 12:00, File description = PnP Disk Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-329726145|0x322b9a3774dbf119f6635a476b0eb058|
ImagePath=%SystemRoot%\System32\dmadmin.exe /com
"C:\WINNT\system32\dmadmin.exe" File version = 2195.6624.297.3, File size = 147728, File modification date = 14/07/2003 12:00, File description = Logical Disk Manager service process, Product Name = Logical Disk Manager for Windows NT, Product version = 1.0, Company name = VERITAS Software Corp. (Copyright © VERITAS Software 1997) |292191532|0x7b080c0ac30884e981221342da197c1e|
ImagePath=System32\drivers\dmboot.sys
"c:\winnt\system32\drivers\dmboot.sys" File version = 2195.6655.297.3, File size = 369104, File modification date = 14/07/2003 12:00, File description = NT Disk Manager Startup Driver, Product Name = VERITAS® NT Disk Manager, Product version = 1.0, Company name = VERITAS Software Corp. (Copyright© 1990-1997 VERITAS Software Corporation. ALL RIGHTS RESERVED. UNPUBLISHED -- RIGHTS RESERVED UNDER THE COPYRIGHT LAWS OF THE UNITED STATES. USE OF A COPYRIGHT NOTICE IS PRECAUTIONARY ONLY AND DOES NOT IMPLY PUBLICATION OR DISCLOSURE. THIS SOFTWARE CONTAINS CONFIDENTIAL INFORMATION AND TRADE SECRETS OF VERITAS SOFTWARE. USE, DISCLOSURE, OR REPRODUCTION IS PROHIBITED WITHOUT THE PRIOR EXPRESS WRITTEN PERMISSION OF VERITAS SOFTWARE. RESTRICTED RIGHTS LEGEND USE, DUPLICATION, OR DISCLOSURE BY THE GOVERNMENT IS SUBJECT TO RESTRICTIONS AS SET FORTH IN SUBPARAGRAPH (C) (1) (ii) OF THE RIGHTS IN TECHNICAL DATA AND COMPUTER SOFTWARE CLAUSE AT DFARS 252.227-7013. VERITAS SOFTWARE 1600 PLYMOUTH STREET, MOUNTAIN VIEW, CA 94043 ) |1016478446|0x0b91c63540682bc3c826fc6d8b3ecb7b|
ImagePath=System32\drivers\dmio.sys
"c:\winnt\system32\drivers\dmio.sys" File version = 2195.6655.297.3, File size = 137936, File modification date = 14/07/2003 12:00, File description = NT Disk Manager I/O Driver, Product Name = VERITAS® NT Disk Manager, Product version = 1.0, Company name = VERITAS Software Corp. (Copyright© 1990-1997 VERITAS Software Corporation. ALL RIGHTS RESERVED. UNPUBLISHED -- RIGHTS RESERVED UNDER THE COPYRIGHT LAWS OF THE UNITED STATES. USE OF A COPYRIGHT NOTICE IS PRECAUTIONARY ONLY AND DOES NOT IMPLY PUBLICATION OR DISCLOSURE. THIS SOFTWARE CONTAINS CONFIDENTIAL INFORMATION AND TRADE SECRETS OF VERITAS SOFTWARE. USE, DISCLOSURE, OR REPRODUCTION IS PROHIBITED WITHOUT THE PRIOR EXPRESS WRITTEN PERMISSION OF VERITAS SOFTWARE. RESTRICTED RIGHTS LEGEND USE, DUPLICATION, OR DISCLOSURE BY THE GOVERNMENT IS SUBJECT TO RESTRICTIONS AS SET FORTH IN SUBPARAGRAPH (C) (1) (ii) OF THE RIGHTS IN TECHNICAL DATA AND COMPUTER SOFTWARE CLAUSE AT DFARS 252.227-7013. VERITAS SOFTWARE 1600 PLYMOUTH STREET, MOUNTAIN VIEW, CA 9

Robert09
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2009-10-14
OS OS : 2000 Pro
Points Points : 26223
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Robert09 on Fri Oct 23, 2009 11:06 pm

4043 ) |1864153753|0x6b35bfdbdbc247113852f18bf0f10e3c|
ImagePath=System32\drivers\dmload.sys
"c:\winnt\system32\drivers\dmload.sys" File version = 2195.6655.297.3, File size = 7312, File modification date = 14/07/2003 12:00, File description = NT Disk Manager Startup Driver, Product Name = Logical Disk Manager for Windows NT, Product version = 1.0, Company name = VERITAS Software Corp. (Copyright© 1990-1997 VERITAS Software Corporation. ALL RIGHTS RESERVED. UNPUBLISHED -- RIGHTS RESERVED UNDER THE COPYRIGHT LAWS OF THE UNITED STATES. USE OF A COPYRIGHT NOTICE IS PRECAUTIONARY ONLY AND DOES NOT IMPLY PUBLICATION OR DISCLOSURE. THIS SOFTWARE CONTAINS CONFIDENTIAL INFORMATION AND TRADE SECRETS OF VERITAS SOFTWARE. USE, DISCLOSURE, OR REPRODUCTION IS PROHIBITED WITHOUT THE PRIOR EXPRESS WRITTEN PERMISSION OF VERITAS SOFTWARE. RESTRICTED RIGHTS LEGEND USE, DUPLICATION, OR DISCLOSURE BY THE GOVERNMENT IS SUBJECT TO RESTRICTIONS AS SET FORTH IN SUBPARAGRAPH (C) (1) (ii) OF THE RIGHTS IN TECHNICAL DATA AND COMPUTER SOFTWARE CLAUSE AT DFARS 252.227-7013. VERITAS SOFTWARE 1600 PLYMOUTH STREET, MOUNTAIN VIEW, CA 94043 ) |-942449678|0x3f1701ffa97ab012685abc8a2d6fce22|
ImagePath=%SystemRoot%\system32\services.exe
"C:\WINNT\system32\services.exe" File version = 5.00.2195.7035, File size = 92944, File modification date = 08/04/2005 11:51, File description = Services and Controller app, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7035, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2029553772|0xb861b4e6e9637eb76a40c10c552e0229|
ImagePath=system32\drivers\DMusic.sys
"c:\winnt\system32\drivers\dmusic.sys" File version = 5.00.2166.1, File size = 51152, File modification date = 28/10/1999 15:24, File description = Microsoft DirectMusic Software Synthesizer (WDM), Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2166.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |838142286|0x3431984234b5988d4c09f043cf4cd779|
ImagePath=%SystemRoot%\system32\services.exe
"C:\WINNT\system32\services.exe" File version = 5.00.2195.7035, File size = 92944, File modification date = 08/04/2005 11:51, File description = Services and Controller app, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7035, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2029553772|0xb861b4e6e9637eb76a40c10c552e0229|
ImagePath=\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
"\\?\c:\program files\common files\symantec shared\eengine\eectrl.sys" File version = 107.4.1.2, File size = 385072, File modification date = 14/04/2008 08:00, File description = Symantec Eraser Control Driver, Product Name = ERASER ENGINE, Product version = 107.4.1.2, Company name = Symantec Corporation (Copyright (c) 2000-2007 Symantec Corporation. All rights reserved.) |1020285442|0xe89cc1363cb7f5320ae3b41c1333d0c3|
ImagePath=%SystemRoot%\system32\services.exe
"C:\WINNT\system32\services.exe" File version = 5.00.2195.7035, File size = 92944, File modification date = 08/04/2005 11:51, File description = Services and Controller app, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7035, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2029553772|0xb861b4e6e9637eb76a40c10c552e0229|
ImagePath=C:\WINNT\system32\svchost.exe -k netsvcs
"c:\winnt\system32\svchost.exe" File version = 5.00.2134.1, File size = 7952, File modification date = 14/07/2003 12:00, File description = Generic Host Process for Win32 Services, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |908098879|0x9e64ad53cfd9da2d22e8a924f8c6e62c|
ImagePath=%systemroot%\system32\faxsvc.exe
"C:\WINNT\system32\faxsvc.exe" File version = 5.00.2195.6612, File size = 94992, File modification date = 14/07/2003 12:00, File description = Fax Service, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6612, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-240528834|0xc63946c8124a58a6c86efb0ebec7ccf9|
ImagePath=system32\DRIVERS\fdc.sys
"c:\winnt\system32\drivers\fdc.sys" File version = 5.00.2195.6655, File size = 26256, File modification date = 14/07/2003 12:00, File description = Floppy Disk Controller Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2080684082|0x233e2c4dae9c84cef241f0ea30619629|
ImagePath=system32\DRIVERS\fetnd5b.sys
"c:\winnt\system32\drivers\fetnd5b.sys" File version = 3.22.00.0407, File size = 41984, File modification date = 29/07/2003 03:31, File description = NDIS 5.0 miniport driver, Product Name = VIA Rhine Family Fast Ethernet Adapter , Product version = 3.22.00.0407, Company name = VIA Technologies, Inc. (VIA Technologies, Inc. ) |1685419942|0xa306e75d699da98d0f9286b4e268661d|
ImagePath=system32\DRIVERS\flpydisk.sys
"c:\winnt\system32\drivers\flpydisk.sys" File version = 5.00.2195.6655, File size = 19312, File modification date = 14/07/2003 12:00, File description = Floppy Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1787644983|0x6ca845333da54f27a8657be7ee0b600d|
ImagePath=system32\drivers\fltmgr.sys
"c:\winnt\system32\drivers\fltmgr.sys" File version = 5.00.2195.7039, File size = 136880, File modification date = 14/04/2005 06:59, File description = Microsoft Filesystem Filter Manager, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7039, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1690802262|0xc8eb153fa65633a99163775eeaea15f3|
ImagePath=system32\DRIVERS\ftdisk.sys
"c:\winnt\system32\drivers\ftdisk.sys" File version = 5.00.2195.7006, File size = 116400, File modification date = 02/12/2004 13:00, File description = FT Disk Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7006, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-708039490|0xc757a3eefa44ea2d562424a4060329a6|
ImagePath=system32\DRIVERS\gameenum.sys
"c:\winnt\system32\drivers\gameenum.sys" File version = 5.00.2195.6655, File size = 9808, File modification date = 19/06/2003 12:05, File description = Game Port Enumerator, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1720132692|0x1ee4975fbc708f34a6b07c8e47f6fa3a|
ImagePath=system32\DRIVERS\msgpc.sys
"c:\winnt\system32\drivers\msgpc.sys" File version = 5.00.2195.6655, File size = 34704, File modification date = 14/07/2003 12:00, File description = MS General Packet Classifier, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2116352398|0x6667d07854a3ae7715d22b82761cf0e7|
ImagePath=%SystemRoot%\system32\hidserv.exe
"C:\WINNT\system32\hidserv.exe" File version = 5.00.2195.6655, File size = 19728, File modification date = 19/06/2003 20:05, File description = HID Audio Service, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-93283534|0x58cd2730e2bac2e58d32d65b2b042020|
ImagePath=system32\DRIVERS\hidusb.sys
"c:\winnt\system32\drivers\hidusb.sys" File version = 5.00.2142.1, File size = 13904, File modification date = 04/10/1999 23:03, File description = USB Miniport Driver for Input Devices, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2142.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1302675867|0xff2ca3c8d0193800e4fa510ffde0960e|
ImagePath=system32\DRIVERS\HPZid412.sys
"c:\winnt\system32\drivers\hpzid412.sys" File version = 8, 0, 0, 0, File size = 51088, File modification date = 22/03/2004 12:35, File description = IEEE-1284.4-1999 Driver (Windows 2000), Product Name = HP Dot4 Windows 2000, Product version = 8, 0, 0, 0, Company name = HP (Copyright © 1998, 1999 Hewlett-Packard Company) |1320066653|0x5faba4775d4c61e55ec669d643ffc71f|
ImagePath=system32\DRIVERS\HPZipr12.sys
"c:\winnt\system32\drivers\hpzipr12.sys" File version = 8, 0, 0, 0, File size = 16496, File modification date = 22/03/2004 12:35, File description = IEEE-1284.4-1999 Print Class Driver, Product Name = HP Dot4Print, Product version = 8, 0, 0, 0, Company name = HP (Copyright © 1998, 1999 Hewlett-Packard Company) |-1230239212|0xa3c43980ee1f1beac778b44ea65dbdd4|
ImagePath=system32\DRIVERS\HPZius12.sys
"c:\winnt\system32\drivers\hpzius12.sys" File version = 8, 0, 0, 0, File size = 21744, File modification date = 22/03/2004 12:35, File description = 1284.4<->Usb Datalink Driver (Windows 2000), Product Name = HP Dot4Usb Windows 2000, Product version = 8, 0, 0, 0, Company name = HP (Copyright © 1998, 1999 Hewlett-Packard Company) |1784708423|0x2906949bd4e206f2bb0dd1896ce9f66f|
ImagePath=system32\DRIVERS\i8042prt.sys
"c:\winnt\system32\drivers\i8042prt.sys" File version = 5.00.2195.6655, File size = 46992, File modification date = 14/07/2003 12:00, File description = i8042 Port Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1560319814|0x3b538e8a6b5e078406159edfe09a5e53|
ImagePath="C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"
"c:\program files\common files\installshield\driver\11\intel 32\idrivert.exe" File version = 11.00.28844, File size = 69632, File modification date = 04/04/2005 07:41, File description = IDriverT Module, Product Name = InstallShield (R), Product version = 11.00, Company name = Macrovision Corporation (Copyright (C) 2005 Macrovision Corporation) |798943343|0x1cf03c69b49acb70c722df92755c0c8c|
ImagePath=system32\DRIVERS\ipfltdrv.sys
"c:\winnt\system32\drivers\ipfltdrv.sys" File version = 5.00.2168.1, File size = 34416, File modification date = 14/07/2003 12:00, File description = IP FILTER DRIVER, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2168.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |371622040|0x09a604211e2b2334fc023a41337e3165|
ImagePath=system32\DRIVERS\ipinip.sys
"c:\winnt\system32\drivers\ipinip.sys" File version = 5.00.2168.1, File size = 19984, File modification date = 14/07/2003 12:00, File description = IP in IP Encapsulation Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2168.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |478232406|0xdbc1437b56eea1af02cd39c011904491|
ImagePath=system32\DRIVERS\ipnat.sys
"c:\winnt\system32\drivers\ipnat.sys" File version = 5.00.2195.6968, File size = 67344, File modification date = 11/08/2004 22:42, File description = IP Network Address Translator, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6968, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1934899153|0xadb8a3465c0fc01c3ae633adb33fcbb3|
ImagePath=system32\DRIVERS\ipsec.sys
"c:\winnt\system32\drivers\ipsec.sys" File version = 5.00.2195.6738, File size = 80848, File modification date = 21/04/2003 18:19, File description = IPSEC Driver (US/Canada Only, Not for Export), Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6738, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1761904118|0x9d61c8e8044bdaac6d922eb27552f93a|
ImagePath=System32\DRIVERS\irenum.sys
"c:\winnt\system32\drivers\irenum.sys" File version = 5.00.2195.6655, File size = 10288, File modification date = 14/07/2003 12:00, File description = Infra-Red Bus Enumerator, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |181288994|0x7f5315e32be0632f680b30e03a2ca809|
ImagePath=system32\DRIVERS\isapnp.sys
"c:\winnt\system32\drivers\isapnp.sys" File version = 5.00.2195.6655, File size = 46992, File modification date = 19/06/2003 19:05, File description = PNP ISA Bus Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1205986134|0xb630369ca276fd208c1b5146920b5f2e|
ImagePath="C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"
"c:\program files\java\jre6\bin\jqs.exe" File version = 6.0.160.1, File size = 153376, File modification date = 14/10/2009 08:54, File description = Java(TM) Quick Starter Service, Product Name = Java(TM) Platform SE 6 U16, Product version = 6.0.160.1, Company name = Sun Microsystems, Inc. (Copyright © 2004) |1391550021|0x09417134f248dfceea15c72bcc87f592|
"c:\program files\java\jre6\lib\deploy\jqs\jqs.conf" File version = (null), File size = 43481, File modification date = 14/10/2009 08:54, File description = (null), Product Name = (null), Product version = (null), Company name = (null) |-1278862412|0x04f4e9849f47161638aaaf96faf6dd98|
ImagePath=system32\DRIVERS\kbdclass.sys
"c:\winnt\system32\drivers\kbdclass.sys" File version = 5.00.2195.6666, File size = 24528, File modification date = 14/07/2003 12:00, File description = Keyboard Class Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6666, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-708075733|0x399055f5c4a98f39b47d26888a72145d|
ImagePath=system32\DRIVERS\kbdhid.sys
"c:\winnt\system32\drivers\kbdhid.sys" File version = 5.00.2142.1, File size = 13744, File modification date = 04/10/1999 23:04, File description = HID Mouse Filter Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2142.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1910056235|0x5afd9413400ffb2b57e9be900a12b160|
ImagePath=system32\drivers\kmixer.sys
"c:\winnt\system32\drivers\kmixer.sys" File version = 5.00.2195.6655, File size = 148304, File modification date = 19/06/2003 12:05, File description = Kernel Mode Audio Mixer, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1778557455|0x8e198ec9e823aa42edf45b07efe395ac|
ImagePath=%SystemRoot%\system32\services.exe
"C:\WINNT\system32\services.exe" File version = 5.00.2195.7035, File size = 92944, File modification date = 08/04/2005 11:51, File description = Services and Controller app, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7035, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2029553772|0xb861b4e6e9637eb76a40c10c552e0229|
ImagePath=%SystemRoot%\system32\services.exe
"C:\WINNT\system32\services.exe" File version = 5.00.2195.7035, File size = 92944, File modification date = 08/04/2005 11:51, File description = Services and Controller app, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7035, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2029553772|0xb861b4e6e9637eb76a40c10c552e0229|
ImagePath=%SystemRoot%\system32\services.exe
"C:\WINNT\system32\services.exe" File version = 5.00.2195.7035, File size = 92944, File modification date = 08/04/2005 11:51, File description = Services and Controller app, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7035, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2029553772|0xb861b4e6e9637eb76a40c10c552e0229|
ImagePath=\??\C:\WINNT\system32\Drivers\LxrSII1d.sys
"\\?\c:\winnt\system32\drivers\lxrsii1d.sys" File version = (null), File size = 70016, File modification date = 19/05/2005 23:48, File description = (null), Product Name = (null), Product version = (null), Company name = (null) |1519015183|0xdb7f488269290a8c1907602b7f4c213d|
ImagePath=LxrSII1s.exe
"c:\winnt\system32\lxrsii1s.exe" File version = (null), File size = 53248, File modification date = 19/05/2005 23:48, File description = (null), Product Name = (null), Product version = (null), Company name = (null) |1016846823|0x5bef7e9d23f65c50c63e31dd3d154d0f|
ImagePath="C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
"c:\program files\common files\microsoft shared\vs7debug\mdm.exe" File version = 7.00.9466, File size = 322120, File modification date = 20/06/2003 06:25, File description = Machine Debug Manager, Product Name = Microsoft® Visual Studio .NET, Product version = 7.00.9466, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1982951129|0x11f714f85530a2bd134074dc30e99fca|
ImagePath=%SystemRoot%\system32\services.exe
"C:\WINNT\system32\services.exe" File version = 5.00.2195.7035, File size = 92944, File modification date = 08/04/2005 11:51, File description = Services and Controller app, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7035, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2029553772|0xb861b4e6e9637eb76a40c10c552e0229|
ImagePath=C:\WINNT\system32\mnmsrvc.exe
"c:\winnt\system32\mnmsrvc.exe" File version = 4.4.3385, File size = 21776, File modification date = 14/07/2003 12:00, File description = NetMeeting Remote Desktop Sharing, Product Name = Windows® NetMeeting®, Product version = 3.01, Company name = Microsoft Corporation (Copyright © Microsoft Corporation 1996-1999) |1179567600|0xeeee63b92ca888ac9fb3d13581751ec2|

Robert09
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2009-10-14
OS OS : 2000 Pro
Points Points : 26223
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Robert09 on Fri Oct 23, 2009 11:15 pm

ImagePath=system32\DRIVERS\mouclass.sys
"c:\winnt\system32\drivers\mouclass.sys" File version = 5.00.2195.6666, File size = 21776, File modification date = 14/07/2003 12:00, File description = Mouse Class Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6666, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-41839149|0x8d038dde3f19b88427968e99a6216766|
ImagePath=system32\DRIVERS\mouhid.sys
"c:\winnt\system32\drivers\mouhid.sys" File version = 5.00.2195.6655, File size = 11632, File modification date = 19/06/2003 20:05, File description = HID Mouse Filter Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2125529729|0x80d48f52414f7798432a4764beccbcec|
ImagePath=system32\DRIVERS\MPE.sys
"c:\winnt\system32\drivers\mpe.sys" File version = 5.3.0000000.900 built by: DIRECTX, File size = 15104, File modification date = 09/07/2004 10:58, File description = Microsoft MPE to IP Filter, Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1601554581|0x83eff7b976ae24f1a496ca94a8a19919|
ImagePath=system32\DRIVERS\mrxsmb.sys
"c:\winnt\system32\drivers\mrxsmb.sys" File version = 5.00.2195.7174, File size = 416016, File modification date = 27/08/2008 16:29, File description = Windows NT SMB Minirdr, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7174, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1023167358|0xc16e6c7d333491a7ef376b8cbde7061b|
ImagePath=C:\WINNT\system32\msdtc.exe
"c:\winnt\system32\msdtc.exe" File version = 1999.9.3421.3, File size = 6928, File modification date = 14/07/2003 12:00, File description = MS DTC console program, Product Name = Microsoft Distributed Transaction Coordinator, Product version = 03.00.00.3421, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |-362559341|0xedc54e17cdf1811a472d518a82182449|
ImagePath=%systemroot%\system32\msiexec.exe /V
"C:\WINNT\system32\msiexec.exe" File version = 3.1.4000.1823, File size = 78848, File modification date = 04/05/2005 21:45, File description = Windows® installer, Product Name = Windows Installer - Unicode, Product version = 3.1.4000.1823, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1201451646|0xf5f0146580e7023adb963879840777f8|
ImagePath=system32\drivers\MSKSSRV.sys
"c:\winnt\system32\drivers\mskssrv.sys" File version = 5.3.0000000.900 built by: DIRECTX, File size = 7424, File modification date = 12/12/2002 08:14, File description = MS KS Server, Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |369150494|0x85736f804191cb420a31aca2a7f0674f|
ImagePath=system32\drivers\MSPCLOCK.sys
"c:\winnt\system32\drivers\mspclock.sys" File version = 5.3.0000000.900 built by: DIRECTX, File size = 5248, File modification date = 12/12/2002 08:14, File description = MS Proxy Clock, Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1959050085|0xe943adb93d83c5cbc0ca3f53f53b48cc|
ImagePath=system32\drivers\MSPQM.sys
"c:\winnt\system32\drivers\mspqm.sys" File version = 5.00.2134.1, File size = 4816, File modification date = 25/09/1999 10:36, File description = MS Proxy Quality Manager, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |732880338|0xbb041315c9930063e5eab0bee90acff6|
ImagePath=system32\drivers\MSTEE.sys
"c:\winnt\system32\drivers\mstee.sys" File version = 5.3.0000000.900 built by: DIRECTX, File size = 5504, File modification date = 12/12/2002 08:14, File description = WDM Tee/Communication Transform Filter , Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1743084846|0xd5059366b361f0e1124753447af08aa2|
ImagePath=system32\drivers\msmpu401.sys
"c:\winnt\system32\drivers\msmpu401.sys" File version = 5.00.2134.1, File size = 2832, File modification date = 25/09/1999 10:35, File description = MPU401 Adapter Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2077023183|0x6ea98807eede628e2e6ddf3123f80279|
ImagePath=system32\DRIVERS\NABTSFEC.sys
"c:\winnt\system32\drivers\nabtsfec.sys" File version = 5.3.0000000.900 built by: DIRECTX, File size = 83968, File modification date = 09/07/2004 10:58, File description = WDM NABTS/FEC VBI Codec, Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-41937467|0xbb1c45d114b6dab0babf6b2fb0336db2|
ImagePath=\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090927.002\naveng.sys
"\\?\c:\progra~1\common~1\symant~1\virusd~1\20090927.002\naveng.sys" File version = 20091.2.0.41, File size = 84912, File modification date = 27/09/2009 08:00, File description = AV Engine, Product Name = Symantec Antivirus Engine, Product version = 20091.2.0.41, Company name = Symantec Corporation (Copyright (C) 1991-2009 Symantec Corporation.) |-1761490666|0x78d629767dbcdbb1ee888f4fda841acd|
ImagePath=\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090927.002\navex15.sys
"\\?\c:\progra~1\common~1\symant~1\virusd~1\20090927.002\navex15.sys" File version = 20091.2.0.41, File size = 1323568, File modification date = 27/09/2009 08:00, File description = AV Engine, Product Name = Symantec Antivirus Engine, Product version = 20091.2.0.41, Company name = Symantec Corporation (Copyright (C) 1991-2009 Symantec Corporation.) |-2145685123|0x6176ce576509ee71bac1b61fc8f1f138|
ImagePath=system32\DRIVERS\ndistapi.sys
"c:\winnt\system32\drivers\ndistapi.sys" File version = 5.00.2195.6655, File size = 9200, File modification date = 14/07/2003 12:00, File description = NDIS 3.0 connection wrapper driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1326028805|0xe6f675c75c53887c58b98d6db356b153|
ImagePath=system32\DRIVERS\ndisuio.sys
"c:\winnt\system32\drivers\ndisuio.sys" File version = 5.00.2195.6655, File size = 11984, File modification date = 14/07/2003 12:00, File description = NDIS User mode I/O Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1892882990|0x69ecae880bdac3c288f0508df9cdeef0|
ImagePath=system32\DRIVERS\ndiswan.sys
"c:\winnt\system32\drivers\ndiswan.sys" File version = 5.00.2195.6699, File size = 93360, File modification date = 14/07/2003 12:00, File description = MS WAN Wrapper Network Driver (US/Canada Only, Not for Export), Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6699, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |649307845|0xb86a37aa73868343a9eee148fdfce1e0|
ImagePath=system32\DRIVERS\netbios.sys
"c:\winnt\system32\drivers\netbios.sys" File version = 5.00.2149.1, File size = 33456, File modification date = 14/07/2003 12:00, File description = NetBIOS interface driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2149.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |66866062|0x5151e6020a26bf7bc21c18fd612506bd|
ImagePath=system32\DRIVERS\netbt.sys
"c:\winnt\system32\drivers\netbt.sys" File version = 5.00.2195.7006, File size = 175632, File modification date = 08/04/2005 11:51, File description = MBT Transport driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7006, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1487587570|0xa7ca87628217bbf4a6f501db65b19e9d|
ImagePath=%SystemRoot%\system32\netdde.exe
"C:\WINNT\system32\netdde.exe" File version = 5.00.2195.6958, File size = 110352, File modification date = 09/07/2004 14:37, File description = Network DDE - DDE Communication, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6958, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1918163301|0xf9b001cb9573d32433e051ec9f4ff203|
ImagePath=%SystemRoot%\system32\netdde.exe
"C:\WINNT\system32\netdde.exe" File version = 5.00.2195.6958, File size = 110352, File modification date = 09/07/2004 14:37, File description = Network DDE - DDE Communication, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6958, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1918163301|0xf9b001cb9573d32433e051ec9f4ff203|
ImagePath=\SystemRoot\system32\drivers\netdtect.sys
"C:\WINNT\system32\drivers\netdtect.sys" File version = 5.00.2138.1, File size = 9680, File modification date = 14/07/2003 12:00, File description = Network Card Detection driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2138.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-207155797|0x9b2a6147a22f7e696cc7538283de6346|
ImagePath=%SystemRoot%\system32\lsass.exe
"C:\WINNT\system32\lsass.exe" File version = 5.00.2195.7011, File size = 33552, File modification date = 19/12/2004 22:30, File description = LSA Executable and Server DLL (Export Version), Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7011, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |598350771|0xf19d0a319ab4bf5496f08807cb9b8651|
ImagePath=%SystemRoot%\System32\svchost.exe -k netsvcs
"C:\WINNT\system32\svchost.exe" File version = 5.00.2134.1, File size = 7952, File modification date = 14/07/2003 12:00, File description = Generic Host Process for Win32 Services, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |908098879|0x9e64ad53cfd9da2d22e8a924f8c6e62c|
ImagePath=C:\Program Files\NavNT\rtvscan.exe
"c:\program files\navnt\rtvscan.exe" File version = 7.60.00.926, File size = 454656, File modification date = 24/09/2001 14:59, File description = Norton AntiVirus, Product Name = Norton AntiVirus, Product version = 7.60.00.926, Company name = Symantec Corporation (Copyright (C) Symantec Corporation 1991-2000) |-310218696|0x4739c7c6bd87efff6f033dd7db3a4dbd|
ImagePath=%SystemRoot%\system32\lsass.exe
"C:\WINNT\system32\lsass.exe" File version = 5.00.2195.7011, File size = 33552, File modification date = 19/12/2004 22:30, File description = LSA Executable and Server DLL (Export Version), Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7011, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |598350771|0xf19d0a319ab4bf5496f08807cb9b8651|
ImagePath=%SystemRoot%\system32\svchost.exe -k netsvcs
"C:\WINNT\system32\svchost.exe" File version = 5.00.2134.1, File size = 7952, File modification date = 14/07/2003 12:00, File description = Generic Host Process for Win32 Services, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |908098879|0x9e64ad53cfd9da2d22e8a924f8c6e62c|
ImagePath=\??\C:\WINNT\system32\ntsim.sys
"\\?\c:\winnt\system32\ntsim.sys" File version = 1.07.00.0007, File size = 7040, File modification date = 17/07/2003 08:10, File description = Network Device Monitor Utility, Product Name = Network Device Monitor Utility , Product version = 1.07.00.0007, Company name = VIA Networking Technologies, Inc. (VIA Networking Technologies, Inc. ) |-1272077828|0xa568b9a9ffe2d9387222a5c90f86d731|
ImagePath=system32\DRIVERS\nwlnkflt.sys
"c:\winnt\system32\drivers\nwlnkflt.sys" File version = 5.00.2134.1, File size = 12560, File modification date = 14/07/2003 12:00, File description = NWLINK2 Traffic Filter Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |464812079|0x9b0d6fb5c5d6a7571aedb0c1a7a9c1b6|
ImagePath=system32\DRIVERS\nwlnkfwd.sys
"c:\winnt\system32\drivers\nwlnkfwd.sys" File version = 5.00.2173.1, File size = 35344, File modification date = 14/07/2003 12:00, File description = NWLINK2 Forwarder Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2173.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1503856386|0x09fa39e4812fdd042834650df09675a0|
ImagePath="C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
"c:\program files\common files\microsoft shared\source engine\ose.exe" File version = 11.0.5525, File size = 89136, File modification date = 28/07/2003 19:28, File description = Office Source Engine, Product Name = Office Source Engine, Product version = 11.0.5525, Company name = Microsoft Corporation (Copyright © 2002-2003 Microsoft Corporation. All rights reserved.) |1474957311|0x7a56cf3e3f12e8af599963b16f50fb6a|
ImagePath=system32\drivers\PalmUSBD.sys
"c:\winnt\system32\drivers\palmusbd.sys" File version = 6, 0, 1, 0, File size = 16694, File modification date = 23/11/2005 16:02, File description = USB Driver for Palm OS Handheld Devices, Product Name = HotSync® Manager, Product version = 6, 0, 1, 0, Company name = PalmSource, Inc. (Copyright © 2004 PalmSource, Inc.) |594008604|0x240c0d4049a833b16b63b636acf01672|
ImagePath=system32\DRIVERS\parallel.sys
"c:\winnt\system32\drivers\parallel.sys" File version = 5.00.2195.6655, File size = 60208, File modification date = 14/07/2003 12:00, File description = Parallel Printer Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-803673213|0xea27799907eabdb66d2d56af68cd4f06|
ImagePath=system32\DRIVERS\parport.sys
"c:\winnt\system32\drivers\parport.sys" File version = 5.00.2195.6655, File size = 25104, File modification date = 14/07/2003 12:00, File description = Parallel Port Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1341006333|0x69b713583d6e063ac487e2da30c04289|
ImagePath=system32\DRIVERS\pci.sys
"c:\winnt\system32\drivers\pci.sys" File version = 5.00.2195.6655, File size = 59312, File modification date = 14/07/2003 12:00, File description = NT Plug and Play PCI Enumerator, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |970304090|0xf0791b1f424f8d84a81d9ae6cfadf089|
ImagePath=system32\DRIVERS\pciide.sys
"c:\winnt\system32\drivers\pciide.sys" File version = 5.00.2195.6655, File size = 3088, File modification date = 14/07/2003 12:00, File description = Generic PCI IDE Bus Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |463423486|0x7d0bcb325d29d15024d6a572044e410b|
ImagePath=%SystemRoot%\system32\services.exe
"C:\WINNT\system32\services.exe" File version = 5.00.2195.7035, File size = 92944, File modification date = 08/04/2005 11:51, File description = Services and Controller app, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7035, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2029553772|0xb861b4e6e9637eb76a40c10c552e0229|
ImagePath=%SystemRoot%\system32\lsass.exe
"C:\WINNT\system32\lsass.exe" File version = 5.00.2195.7011, File size = 33552, File modification date = 19/12/2004 22:30, File description = LSA Executable and Server DLL (Export Version), Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7011, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |598350771|0xf19d0a319ab4bf5496f08807cb9b8651|
ImagePath=system32\DRIVERS\raspptp.sys
"c:\winnt\system32\drivers\raspptp.sys" File version = 5.00.2195.6711, File size = 48464, File modification date = 14/07/2003 12:00, File description = Peer-to-Peer Tunneling Protocol, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6711, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2106814622|0x0e0212bbbf15800f1536cbfa157dddd6|
ImagePath=%SystemRoot%\system32\services.exe
"C:\WINNT\system32\services.exe" File version = 5.00.2195.7035, File size = 92944, File modification date = 08/04/2005 11:51, File description = Services and Controller app, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7035, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2029553772|0xb861b4e6e9637eb76a40c10c552e0229|
ImagePath=system32\DRIVERS\ptilink.sys
"c:\winnt\system32\drivers\ptilink.sys" File version = 1.10, File size = 17680, File modification date = 14/07/2003 12:00, File description = Parallel Technologies DirectParallel IO Library, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Parallel Technologies, Inc. (Copyright (C) Parallel Technologies 1995-1997) |484859985|0xb78775f217255f786c2e8dbe4334e413|
ImagePath=System32\Drivers\PxHelp20.sys
"c:\winnt\system32\drivers\pxhelp20.sys" File version = 2.02.70a, File size = 20176, File modification date = 11/05/2004 21:32, File description = Px Engine Device Driver for Windows 2000/XP, Product Name = PxHelp20, Product version = (null), Company name = Sonic Solutions (Copyright © Sonic Solutions) |-1251829637|0xb5dfb86a6caeae9b2bf3dedb43be6393|
ImagePath=system32\DRIVERS\rasacd.sys
"c:\winnt\system32\drivers\rasacd.sys" File version = 5.00.2134.1, File size = 8016, File modification date = 14/07/2003 12:00, File description = RAS Automatic Connection Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1775935085|0x63051b814e005dc62c7a0971668c52b4|
ImagePath=%SystemRoot%\system32\svchost.exe -k netsvcs
"C:\WINNT\system32\svchost.exe" File version = 5.00.2134.1, File size = 7952, File modification date = 14/07/2003 12:00, File description = Generic Host Process for Win32 Services, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |908098879|0x9e64ad53cfd9da2d22e8a924f8c6e62c|
ImagePath=system32\DRIVERS\rasl2tp.sys
"c:\winnt\system32\drivers\rasl2tp.sys" File version = 5.00.2195.6655, File size = 52112, File modification date = 14/07/2003 12:00, File description = RAS L2TP mini-port/call-manager driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1831845332|0xec6037c594f20adedea65f0d809493d2|
ImagePath=%SystemRoot%\system32\svchost.exe -k netsvcs
"C:\WINNT\system32\svchost.exe" File version = 5.00.2134.1, File size = 7952, File modification date = 14/07/2003 12:00, File description = Generic Host Process for Win32 Services, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |908098879|0x9e64ad53cfd9da2d22e8a924f8c6e62c|
ImagePath=system32\DRIVERS\raspti.sys
"c:\winnt\system32\drivers\raspti.sys" File version = 5.00.2146.1, File size = 16880, File modification date = 14/07/2003 12:00, File description = PTI DirectParallel(R) mini-port/call-manager driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2146.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-584540929|0xcb09a98e97e52c389ab17b1e003c9566|
ImagePath=system32\drivers\RCA.sys
"c:\winnt\system32\drivers\rca.sys" File version = 5.00.2164.1, File size = 21712, File modification date = 14/07/2003 12:00, File description = RCA filter, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2164.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |331263198|0xafce1f733a6aa3a90ac60794dfb26104|
ImagePath=system32\DRIVERS\rdbss.sys
"c:\winnt\system32\drivers\rdbss.sys" File version = 5.00.2195.7174, File size = 170800, File modification date = 27/08/2008 16:28, File description = Redirected Drive Buffering SubSystem Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7174, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1411474530|0xd3d07ae9194f714a2867717310df9fd1|
ImagePath=system32\DRIVERS\redbook.sys
"c:\winnt\system32\drivers\redbook.sys" File version = 5.00.2195.6655, File size = 35344, File modification date = 19/06/2003 12:05, File description = Redbook Audio Filter Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |769230713|0xb5120cb5081865b0c7d93c305c7da939|
ImagePath=%SystemRoot%\system32\svchost.exe -k netsvcs
"C:\WINNT\system32\svchost.exe" File version = 5.00.2134.1, File size = 7952, File modification date = 14/07/2003 12:00, File description = Generic Host Process for Win32 Services, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |908098879|0x9e64ad53cfd9da2d22e8a924f8c6e62c|
ImagePath=%SystemRoot%\system32\regsvc.exe
"C:\WINNT\system32\regsvc.exe" File version = 5.00.2195.6701, File size = 68368, File modification date = 14/07/2003 12:00, File description = Remote Registry Service, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6701, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1062888785|0x250c4ce389783fa2398e3afa4317008c|
ImagePath=System32\Drivers\RootMdm.sys
"c:\winnt\system32\drivers\rootmdm.sys" File version = 5.00.2134.1, File size = 6032, File modification date = 14/07/2003 12:00, File description = Legacy Non-Pnp Modem Device Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-465202170|0xb6756550c2f1aa4be923d0cef5a9e0a4|
ImagePath=%SystemRoot%\system32\locator.exe
"C:\WINNT\system32\locator.exe" File version = 5.00.2195.6619, File size = 72464, File modification date = 14/07/2003 12:00, File description = Rpc Locator, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6619, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1596384476|0xad57e33f4f7f404d9aba97e8b33fa21b|
ImagePath=%SystemRoot%\system32\svchost -k rpcss
"C:\WINNT\system32\svchost.exe" File version = 5.00.2134.1, File size = 7952, File modification date = 14/07/2003 12:00, File description = Generic Host Process for Win32 Services, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |908098879|0x9e64ad53cfd9da2d22e8a924f8c6e62c|
"c:\winnt\system32\rpcss.dll" File version = 5.00.2195.7059, File size = 212240, File modification date = 05/09/2005 08:18, File description = Distributed COM Services, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7059, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |372701969|0x037ebcf93df5f0c31ccd2ff7e31e3ba5|
ImagePath=%SystemRoot%\system32\rsvp.exe -s
"C:\WINNT\system32\rsvp.exe" File version = 5.00.2195.6663, File size = 176912, File modification date = 14/07/2003 12:00, File description = Microsoft RSVP 1.0, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6663, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |127861658|0x2a21bddb1ba9b5cd776949380ab46a76|
ImagePath=system32\DRIVERS\s3gnbm.sys
"c:\winnt\system32\drivers\s3gnbm.sys" File version = 6.14.10.0033-13.94.33, File size = 167168, File modification date = 13/08/2004 20:42, File description = S3 ProSavage(DDR) & Twister Miniport Driver, Product Name = S3 ProSavage(DDR) & Twister Miniport Driver, Product version = 6.14.10.0033-13.94.33, Company name = S3 Graphics, Inc. (Copyright (c) 2004 by S3 Graphics, Inc.) |-208207382|0x5cf6ea833ebd3cf79573e6960f4b9e0b|
ImagePath=%SystemRoot%\system32\lsass.exe
"C:\WINNT\system32\lsass.exe" File version = 5.00.2195.7011, File size = 33552, File modification date = 19/12/2004 22:30, File description = LSA Executable and Server DLL (Export Version), Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7011, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |598350771|0xf19d0a319ab4bf5496f08807cb9b8651|
ImagePath="C:\Program Files\Symantec AntiVirus\SavRoam.exe"
"c:\program files\symantec antivirus\savroam.exe" File version = 1.5.0.0, File size = 173392, File modification date = 03/08/2004 03:36, File description = SAVRoam, Product Name = Symantec SAVRoam, Product version = 1.5.0.0, Company name = symantec (Copyright 2002 - 2004 Symantec Corporation. All rights reserved.) |2100999099|0xd3f4a71ca4eea5f235d5f5d86b7fc896|
ImagePath=\??\C:\Program Files\Symantec AntiVirus\savrt.sys
"\\?\c:\program files\symantec antivirus\savrt.sys" File version = 9.3.0.28, File size = 301200, File modification date = 09/02/2004 23:43, File description = AutoProtect, Product Name = Symantec AntiVirus AutoProtect, Product version = 9.3, Company name = Symantec Corporation (Copyright (c) 2003 Symantec Corporation) |637141988|0xc8023be4dda22a52cd2f60d9cb9b3985|
ImagePath=\??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys
"\\?\c:\program files\symantec antivirus\savrtpel.sys" File version = 9.3.0.28, File size = 37008, File modification date = 09/02/2004 23:43, File description = SAVRTPEL, Product Name = Symantec AntiVirus AutoProtect, Product version = 9.3, Company name = Symantec Corporation (Copyright (c) 2003 Symantec Corporation) |339836605|0x30547fd7692dc799a0b397b2b918a158|
ImagePath=%SystemRoot%\System32\SCardSvr.exe
"C:\WINNT\system32\scardsvr.exe" File version = 5.00.2195.6609, File size = 100112, File modification date = 14/07/2003 12:00, File description = Smart Card Resource Management Server, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6609, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1870847312|0x13c381e66cda8d4d80e84bf18307551f|
ImagePath=%SystemRoot%\System32\SCardSvr.exe
"C:\WINNT\system32\scardsvr.exe" File version = 5.00.2195.6609, File size = 100112, File modification date = 14/07/2003 12:00, File description = Smart Card Resource Management Server, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6609, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1870847312|0x13c381e66cda8d4d80e84bf18307551f|
ImagePath=%SystemRoot%\system32\MSTask.exe
"C:\WINNT\system32\mstask.exe" File version = 4.71.2195.6972, File size = 122128, File modification date = 07/09/2004 15:59, File description = Task Scheduler Engine, Product Name = Microsoft® Windows® Task Scheduler, Product version = 4.71.2195.6972, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1997) |-1018974063|0xb00529eae5d0ce97010b69cc677128c8|
ImagePath=%SystemRoot%\system32\services.exe
"C:\WINNT\system32\services.exe" File version = 5.00.2195.7035, File size = 92944, File modification date = 08/04/2005 11:51, File description = Services and Controller app, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7035, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2029553772|0xb861b4e6e9637eb76a40c10c552e0229|
ImagePath=%SystemRoot%\system32\svchost.exe -k netsvcs
"C:\WINNT\system32\svchost.exe" File version = 5.00.2134.1, File size = 7952, File modification date = 14/07/2003 12:00, File description = Generic Host Process for Win32 Services, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |908098879|0x9e64ad53cfd9da2d22e8a924f8c6e62c|
ImagePath=system32\DRIVERS\serenum.sys
"c:\winnt\system32\drivers\serenum.sys" File version = 5.00.2195.6655, File size = 14160, File modification date = 14/07/2003 12:00, File description = Serial Port Enumerator, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1426636176|0x6db5fdf67486679da3149ef212374861|
ImagePath=system32\DRIVERS\serial.sys
"c:\winnt\system32\drivers\serial.sys" File version = 5.00.2195.6655, File size = 62736, File modification date = 14/07/2003 12:00, File description = Serial Device Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |696249484|0x80f28698f48e298d278057f23206133b|
ImagePath=\SystemRoot\system32\SetupNT.sys
"C:\WINNT\system32\setupnt.sys" File version = (null), File size = 3000, File modification date = 25/10/2000 12:27, File description = (null), Product Name = (null), Product version = (null), Company name = (null) |1216739109|0x549ea830a5d9edd9cd14311126c2849b|
ImagePath=%SystemRoot%\System32\svchost.exe -k netsvcs
"C:\WINNT\system32\svchost.exe" File version = 5.00.2134.1, File size = 7952, File modification date = 14/07/2003 12:00, File description = Generic Host Process for Win32 Services, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |908098879|0x9e64ad53cfd9da2d22e8a924f8c6e62c|
ImagePath=system32\DRIVERS\SLIP.sys
"c:\winnt\system32\drivers\slip.sys" File version = 5.3.0000000.900 built by: DIRECTX, File size = 10880, File modification date = 09/07/2004 10:58, File description = Microsoft Slip Deframing Filter Minidriver, Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-6628536|0x92723fbdd30771c293fe5ed266a31ca6|
ImagePath="C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"
"c:\program files\common files\symantec shared\sndsrvc.exe" File version = 5.3.5.3, File size = 201944, File modification date = 12/06/2004 02:28, File description = Network Driver Service, Product Name = Symantec Security Drivers, Product version = 5.3.5, Company name = Symantec Corporation (Copyright 2002, 2003 Symantec Corporation) |345405197|0x8abacc93eb3ba11b8b011df4d693637c|
ImagePath=%SystemRoot%\system32\spoolsv.exe
"C:\WINNT\system32\spoolsv.exe" File version = 5.00.2195.7059, File size = 47376, File modification date = 12/07/2005 04:59, File description = Spooler SubSystem App, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7059, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2050836070|0xfacfb75ecc070103619fa044e0b210d3|
ImagePath="C:\Program Files\Spyware Terminator\sp_rsser.exe"
"c:\program files\spyware terminator\sp_rsser.exe" File version = 2.5.0.511, File size = 487424, File modification date = 13/10/2009 23:43, File description = Spyware Terminator Realtime Shield Service, Product Name = Crawler Spyware Terminator, Product version = (null), Company name = Crawler.com (© Crawler.com) |-701443166|0xaa21cf891d0d8248eca1e9ba201acbef|
ImagePath=system32\DRIVERS\srv.sys
"c:\winnt\system32\drivers\srv.sys" File version = 5.00.2195.7222, File size = 239472, File modification date = 11/12/2008 12:09, File description = Server driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7222, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-612387434|0xec93828331107576c61c769f95582d58|
ImagePath=%systemroot%\system32\stisvc.exe
"C:\WINNT\system32\stisvc.exe" File version = 5.00.2195.6656, File size = 61712, File modification date = 14/07/2003 12:00, File description = Still Image Devices Monitor, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6656, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1996-1997) |-1090273697|0xb75235626b950ff821146555c612f814|
ImagePath=system32\DRIVERS\StreamIP.sys
"c:\winnt\system32\drivers\streamip.sys" File version = 5.3.0000000.900 built by: DIRECTX, File size = 14976, File modification date = 09/07/2004 10:58, File description = Microsoft IP Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1913412072|0x4544fd0db39cb7b385a5392c068162cd|
ImagePath=system32\DRIVERS\swenum.sys
"c:\winnt\system32\drivers\swenum.sys" File version = 5.3.0000000.900 built by: DIRECTX, File size = 4096, File modification date = 12/12/2002 08:14, File description = Plug and Play Software Device Enumerator, Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1878277492|0x616a013d3ea068b6dee83d905e92ee9f|
ImagePath=system32\drivers\swmidi.sys
"c:\winnt\system32\drivers\swmidi.sys" File version = 5.00.2195.6655, File size = 53552, File modification date = 19/06/2003 12:05, File description = Microsoft GS Wavetable Synthesizer, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |586389250|0x8c7cd06d097a59391d94b59715fca67c|
ImagePath="C:\Program Files\Symantec AntiVirus\Rtvscan.exe"
"c:\program files\symantec antivirus\rtvscan.exe" File version = 9.0.1.1000, File size = 1267024, File modification date = 03/08/2004 03:36, File description = Symantec AntiVirus, Product Name = Symantec AntiVirus, Product version = 9.0.1.1000, Company name = Symantec Corporation (Copyright 1991 - 2004 Symantec Corporation. All rights reserved.) |477603674|0x825349e7566b49e583399ca821d3436a|
ImagePath=\??\C:\Program Files\Symantec\SYMEVENT.SYS
"\\?\c:\program files\symantec\symevent.sys" File version = 11.4.0.6, File size = 82832, File modification date = 05/03/2004 07:46, File description = Symantec Event Library, Product Name = SYMEVENT, Product version = 11.4.0.6, Company name = Symantec Corporation (Copyright (C) Symantec Corporation 1992-2003) |1823223223|0x42123611a49c33536ab29bdd852a9f5e|
ImagePath=\SystemRoot\System32\Drivers\SYMREDRV.SYS
"C:\WINNT\system32\drivers\symredrv.sys" File version = 5.3.5.3, File size = 16280, File modification date = 12/06/2004 02:28, File description = Redirector Filter Driver, Product Name = Symantec Security Drivers, Product version = 5.3.5, Company name = Symantec Corporation (Copyright 2002, 2003 Symantec Corporation) |-419638862|0x8ddb430ea48468c156db872a214178fc|
ImagePath=\SystemRoot\System32\Drivers\SYMTDI.SYS
"C:\WINNT\system32\drivers\symtdi.sys" File version = 5.3.5.3, File size = 263736, File modification date = 12/06/2004 02:28, File description = Network Dispatch Driver, Product Name = Symantec Security Drivers, Product version = 5.3.5, Company name = Symantec Corporation (Copyright 2002, 2003 Symantec Corporation) |2004971312|0xec1a39493fb104d317e8271162a74b94|
ImagePath=system32\drivers\sysaudio.sys
"c:\winnt\system32\drivers\sysaudio.sys" File version = 5.00.2195.6655, File size = 47568, File modification date = 19/06/2003 12:05, File description = System Audio WDM Filter, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-56662383|0x6c14d96f8c1ba929fad4ba40a29217fa|
ImagePath=%SystemRoot%\system32\smlogsvc.exe
"C:\WINNT\system32\smlogsvc.exe" File version = 5.00.2195.6608, File size = 85776, File modification date = 14/07/2003 12:00, File description = Performance Logs and Alerts Service, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6608, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |598376597|0xf4f35fe5f46262d45491822d8a66bf62|
ImagePath=%SystemRoot%\System32\svchost.exe -k netsvcs
"C:\WINNT\system32\svchost.exe" File version = 5.00.2134.1, File size = 7952, File modification date = 14/07/2003 12:00, File description = Generic Host Process for Win32 Services, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |908098879|0x9e64ad53cfd9da2d22e8a924f8c6e62c|
ImagePath=system32\DRIVERS\tcpip.sys
"c:\winnt\system32\drivers\tcpip.sys" File version = 5.00.2195.7162, File size = 320528, File modification date = 18/06/2008 10:05, File description = TCP/IP driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7162, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1242875359|0x02fae418bd28e185a4909e5869497de5|
ImagePath="C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe" -service
"c:\program files\teamviewer\version4\teamviewer_service.exe" File version = 1, File size = 185640, File modification date = 07/10/2009 12:50, File description = TeamViewer Service, Product Name = TeamViewer, Product version = 3.6, Company name = TeamViewer GmbH (©TeamViewer GmbH) |-1428090342|0x392e619012f752d071910917e9307cc9|
ImagePath=%SystemRoot%\System32\svchost.exe -k netsvcs
"C:\WINNT\system32\svchost.exe" File version = 5.00.2134.1, File size = 7952, File modification date = 14/07/2003 12:00, File description = Generic Host Process for Win32 Services, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |908098879|0x9e64ad53cfd9da2d22e8a924f8c6e62c|
ImagePath=%SystemRoot%\system32\tlntsvr.exe
"C:\WINNT\system32\tlntsvr.exe" File version = 5.00.99206.1, File size = 186128, File modification date = 14/07/2003 12:00, File description = Microsoft Telnet Service, Product Name = Microsoft(R) Windows NT(R) Operating System, Product version = 5.00.99206.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1729846464|0xfa57d2175f4978e2f32cb1b02781d76a|
ImagePath=\??\C:\WINNT\system32\drivers\tmcomm.sys
"\\?\c:\winnt\system32\drivers\tmcomm.sys" File version = 1.6.0.1059, File size = 102664, File modification date = 19/10/2009 23:35, File description = TrendMicro Common Module, Product Name = ActiveClean, Product version = 1.6, Company name = Trend Micro Inc. (Copyright (C) 2005-2007 Trend Micro Incorporated. All rights reserved.) |573041654|0xdf8444a8fa8fd38d8848bdd40a8403b3|
ImagePath=%SystemRoot%\system32\services.exe
"C:\WINNT\system32\services.exe" File version = 5.00.2195.7035, File size = 92944, File modification date = 08/04/2005 11:51, File description = Services and Controller app, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7035, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2029553772|0xb861b4e6e9637eb76a40c10c552e0229|
ImagePath=system32\DRIVERS\uhcd.sys
"c:\winnt\system32\drivers\uhcd.sys" File version = 5.00.2195.6655, File size = 32848, File modification date = 14/07/2003 12:00, File description = Universal Host Controller Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1859043501|0x376fb5e14b9d375db3536ba563eae97a|
ImagePath=system32\DRIVERS\update.sys
"c:\winnt\system32\drivers\update.sys" File version = 5.00.2195.6655, File size = 173232, File modification date = 14/07/2003 12:00, File description = Update Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |728004254|0x7a77f319935328cf30945fe0f3c69c9a|
ImagePath=%SystemRoot%\System32\ups.exe
"C:\WINNT\system32\ups.exe" File version = 5.00.2158.1, File size = 17680, File modification date = 14/07/2003 12:00, File description = UPS Service, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2158.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |860388540|0x222a997aa4c7f7a2b3453b556afa4406|
ImagePath=system32\DRIVERS\usbehci.sys
"c:\winnt\system32\drivers\usbehci.sys" File version = 5.00.2195.6709, File size = 19728, File modification date = 19/06/2003 12:05, File description = EHCI eUSB Miniport Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6709, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1395663662|0x86c71ce544358d3227206a894ae04443|
ImagePath=system32\DRIVERS\usbhub.sys
"c:\winnt\system32\drivers\usbhub.sys" File version = 5.00.2195.6689, File size = 40176, File modification date = 14/07/2003 12:00, File description = Default Hub Driver for USB, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6689, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-826073580|0x5c202078f5d500786a1f3279fac3aa64|
ImagePath=system32\DRIVERS\usbhub20.sys
"c:\winnt\system32\drivers\usbhub20.sys" File version = 5.00.2195.6655, File size = 49776, File modification date = 19/06/2003 12:05, File description = Default Hub Driver for USB 2.0, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1158250140|0xb0205d19ba25ca654810d0aed04496a8|
ImagePath=system32\DRIVERS\usbprint.sys
"c:\winnt\system32\drivers\usbprint.sys" File version = 5.00.2195.6655, File size = 21872, File modification date = 19/06/2003 19:05, File description = USB Printer driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-166030101|0xe0e4367f5eff9e84fafeeba6ab937fd8|
ImagePath=system32\DRIVERS\usbscan.sys
"c:\winnt\system32\drivers\usbscan.sys" File version = 5.00.2195.6655, File size = 12592, File modification date = 19/06/2003 20:05, File description = USB Scanner Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-631273689|0x6c0a98c98b84eee9e3fb1cf86b6250b8|
ImagePath=system32\DRIVERS\USBSTOR.SYS
"c:\winnt\system32\drivers\usbstor.sys" File version = 5.00.2195.6655, File size = 21552, File modification date = 19/06/2003 19:05, File description = USB Mass Storage Class Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |840092662|0x13eba8a2da3447fe7f217e34210ac554|
ImagePath=%SystemRoot%\System32\UtilMan.exe
"C:\WINNT\system32\utilman.exe" File version = 1, 0, 0, 3, File size = 22800, File modification date = 14/07/2003 12:00, File description = UtilMan EXE, Product Name = Utility Manager, Product version = 1, 0, 0, 1, Company name = Microsoft Corporation (Copyright © 1997-1999 Microsoft Corporation) |1708878169|0x7a960f1e9a0b2f7d14f1d0eddd74375c|
ImagePath=\SystemRoot\System32\drivers\vga.sys
"C:\WINNT\system32\drivers\vga.sys" File version = 5.00.2134.1, File size = 13968, File modification date = 14/07/2003 12:00, File description = VGA/Super VGA Video Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-645135383|0x1b0040415ba34497a8d76a553aee88aa|
ImagePath=system32\DRIVERS\viaagp.sys
"c:\winnt\system32\drivers\viaagp.sys" File version = 5.00.2195.6655, File size = 22416, File modification date = 19/06/2003 19:05, File description = VIA NT AGP Filter, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |665646653|0xfd9fb614c61eb068b07a7f23006012cd|
ImagePath=system32\DRIVERS\viaagp1.sys
"c:\winnt\system32\drivers\viaagp1.sys" File version = 5.0.0.3442 built by: VIA, File size = 27904, File modification date = 02/07/2003 11:42, File description = VIA NT AGP Filter, Product Name = VIA CPU to AGP2.0/AGP3.0 Controller, Product version = 5.0.0.3442, Company name = VIA Technologies, Inc. (Copyright (C) VIA Technologies., Inc. 1998-2003) |1393086445|0x3369521138fb8980530da72078da1368|
ImagePath=\SystemRoot\System32\Drivers\viausb.sys
"C:\WINNT\system32\drivers\viausb.sys" File version = 1.08, File size = 9038, File modification date = 18/06/2003 23:48, File description = VIA USB Filter Driver, Product Name = VIA USB Filter Driver, Product version = 1.08, Company name = VIA Technologies, Inc. (Copyright (C) VIA Technologies, Inc. 1998-2000) |-1408379831|0x646eb13fd35ab93d380a6f5e31b34a4c|
ImagePath=system32\DRIVERS\viaide.sys
"c:\winnt\system32\drivers\viaide.sys" File version = 5.0.2195.120, File size = 6234, File modification date = 18/10/2001 19:00, File description = VIA PCI IDE Bus Driver, Product Name = Microsoft(R) Windows NT(R) Operating System, Product version = 5.0.2195.120, Company name = VIA Technologies, Inc. (Copyright (C) Microsoft Corp. 2000-2005) |-291396412|0xb2b04630fe75ef32684e854828b1f764|
ImagePath=system32\drivers\vinyl97.sys
"c:\winnt\system32\drivers\vinyl97.sys" File version = 6.14.01.4090 built by: WinDDK, File size = 176128, File modification date = 01/02/2005 23:39, File description = Vinyl AC'97 Codec Combo WDM Driver, Product Name = Vinyl AC'97 Codec Combo WDM Driver, Product version = 6.14.01.4090, Company name = VIA Technologies, Inc. (Copyright (C) VIA Technologies, Inc. 1999-2004) |837740645|0x6e6c12d1544e22d36da77f994fd1f306|
ImagePath=system32\DRIVERS\videX32.sys
"c:\winnt\system32\drivers\videx32.sys" File version = 6.0.6001.282, File size = 13976, File modification date = 05/05/2009 16:58, File description = VIA Generic PCI IDE Bus Driver, Product Name = VIA PCI IDE MINI Driver, Product version = 6.0.6001.282, Company name = VIA Technologies, Inc. (Copyright (C) VIA Technologies, Inc. 2000-2008) |1466880749|0x4cc623591204acd5fc89bd0dad70e838|
ImagePath=\SystemRoot\System32\Drivers\vulfnth.sys
"C:\WINNT\system32\drivers\vulfnth.sys" File version = 2.57, File size = 6912, File modification date = 04/08/2003 07:29, File description = VIA USB Host Controller Lower Filter Driver, Product Name = VIA USB Host Controller Lower Filter Driver, Product version = 2.57, Company name = VIA Technologies, Inc. (Copyright (C) VIA Technologies, Inc. 2000-2004) |868435707|0xc9a8ba443f809b70bccccd60cc73fa5c|
ImagePath=\SystemRoot\System32\Drivers\vulfntr.sys
"C:\WINNT\system32\drivers\vulfntr.sys" File version = 2.61, File size = 11392, File modification date = 04/08/2003 07:29, File description = VIA USB Roothub Lower Filter Driver, Product Name = VIA USB Roothub Lower Filter Driver, Product version = 2.61, Company name = VIA Technologies, Inc. (Copyright (C) VIA Technologies, Inc. 2000-2004) |293880240|0x2d8c55889616f7767e9fb8adee37a02a|
ImagePath=%SystemRoot%\system32\services.exe
"C:\WINNT\system32\services.exe" File version = 5.00.2195.7035, File size = 92944, File modification date = 08/04/2005 11:51, File description = Services and Controller app, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7035, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2029553772|0xb861b4e6e9637eb76a40c10c552e0229|
ImagePath=system32\DRIVERS\wanarp.sys
"c:\winnt\system32\drivers\wanarp.sys" File version = 5.00.2195.6601, File size = 32272, File modification date = 14/07/2003 12:00, File description = MS Remote Access and Routing ARP Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |413045311|0xaa8c76dfc4afa72f09fdbc6621b7d38d|
ImagePath=system32\DRIVERS\wanatw4.sys
"c:\winnt\system32\drivers\wanatw4.sys" File version = 8.3.0.0, File size = 33588, File modification date = 16/07/2002 23:07, File description = Wan Miniport (ATW), Product Name = Wan Miniport (ATW), Product version = 8.3.0.0, Company name = America Online, Inc. (Copyright © 2001-2002 America Online, Inc.) |-186680304|0x0a716c08cb13c3a8f4f51e882dbf7416|
ImagePath="C:\WINNT\wanmpsvc.exe"
"c:\winnt\wanmpsvc.exe" File version = 7, 0, 0, 2, File size = 65536, File modification date = 30/07/2002 23:16, File description = Wan Miniport (ATW) Service, Product Name = America Online, Product version = 7, 0, 0, 2, Company name = America Online, Inc. (Copyright © 2001 America Online, Inc.) |-994280280|0x909f2dc0da7f57d229a05ee90647b2c3|
ImagePath=system32\drivers\wdmaud.sys
"c:\winnt\system32\drivers\wdmaud.sys" File version = 5.00.2195.6655, File size = 73872, File modification date = 19/06/2003 12:05, File description = MMSYSTEM Wave/Midi API mapper, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6655, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |169788773|0x997d25513bc89614417829b5bec7c75c|
ImagePath=%SystemRoot%\System32\WBEM\WinMgmt.exe
"C:\WINNT\system32\wbem\winmgmt.exe" File version = 1.50.1085.0100, File size = 196706, File modification date = 14/07/2003 12:00, File description = Windows Management Instrumentation, Product Name = Windows Management Instrumentation, Product version = 1.50.1085.0100, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |-1445173447|0x05b2001e1bc653fd6091e741b46f71b4|
ImagePath=%SystemRoot%\System32\svchost.exe -k netsvcs
"C:\WINNT\system32\svchost.exe" File version = 5.00.2134.1, File size = 7952, File modification date = 14/07/2003 12:00, File description = Generic Host Process for Win32 Services, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |908098879|0x9e64ad53cfd9da2d22e8a924f8c6e62c|
ImagePath=%SystemRoot%\system32\Services.exe
"C:\WINNT\system32\services.exe" File version = 5.00.2195.7035, File size = 92944, File modification date = 08/04/2005 11:51, File description = Services and Controller app, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7035, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2029553772|0xb861b4e6e9637eb76a40c10c552e0229|
ImagePath=system32\DRIVERS\WSTCODEC.SYS
"c:\winnt\system32\drivers\wstcodec.sys" File version = 5.3.0000000.900 built by: DIRECTX, File size = 18688, File modification date = 09/07/2004 10:58, File description = WDM WST Codec Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (Copyright (C) Philips Semiconductors. 1981-1999) |-1635136304|0x04aca6442e639a794293828e8dda7a44|
ImagePath=%systemroot%\system32\svchost.exe -k wugroup
"C:\WINNT\system32\svchost.exe" File version = 5.00.2134.1, File size = 7952, File modification date = 14/07/2003 12:00, File description = Generic Host Process for Win32 Services, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |908098879|0x9e64ad53cfd9da2d22e8a924f8c6e62c|
ImagePath=%SystemRoot%\System32\svchost.exe -k netsvcs
"C:\WINNT\system32\svchost.exe" File version = 5.00.2134.1, File size = 7952, File modification date = 14/07/2003 12:00, File description = Generic Host Process for Win32 Services, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |908098879|0x9e64ad53cfd9da2d22e8a924f8c6e62c|

Robert09
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2009-10-14
OS OS : 2000 Pro
Points Points : 26223
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Robert09 on Fri Oct 23, 2009 11:21 pm

HKLM\system\controlset???\control\Session Manager
BootExecute=autocheck autochk *
"c:\winnt\system32\autochk.exe" File version = 5.00.2195.6881, File size = 579856, File modification date = 10/12/2003 02:47, File description = Auto Check Utility, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6881, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-828436589|0xa222d7b8cd8b7001a3d35f6cfc13599a|
HKLM\Software\Microsoft\Active Setup\Installed Components\*
StubPath=C:\WINNT\inf\unregmp2.exe /ShowWMP {22d6f312-b0f6-11d0-94ab-0080c74c7e95}>
"c:\winnt\inf\unregmp2.exe" File version = 9.00.00.2980, File size = 192512, File modification date = 11/12/2002 22:08, File description = Microsoft Windows Media Player Setup Utility, Product Name = Microsoft(R) Windows Media Player, Product version = 9.00.00.2980, Company name = Microsoft Corporation ((C) Microsoft Corporation. All rights reserved.) |741083839|0x9da9400d6d0343c1562e61e7e7aa98a7|
StubPath="C:\WINNT\system32\shmgrate.exe" OCInstallUserConfigIE {26923b43-4d38-484f-9b9e-de460746276c}>
"c:\winnt\system32\shmgrate.exe" File version = 5.00.2195.6707, File size = 33552, File modification date = 14/07/2003 12:00, File description = Windows NT User Data Migration Tool, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6707, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |416731579|0xb88d67a0d84c5424e8349e8a6c16155c|
StubPath=RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP {60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS>
"c:\winnt\system32\rundll32.exe" File version = 5.00.2134.1, File size = 10000, File modification date = 14/07/2003 12:00, File description = Run a DLL as an App, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-721210653|0x1ed5274825cd1eebbe102b9ff7c9ec31|
"c:\winnt\system32\iedkcs32.dll" File version = 6.00.2800.1106, File size = 294912, File modification date = 29/08/2002 14:14, File description = Microsoft Internet Explorer Customization DLL, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-893389467|0xc4cd0d228deab0a80a6125fd36edce5e|
StubPath="C:\WINNT\system32\shmgrate.exe" OCInstallUserConfigOE {881dd1c5-3dcf-431b-b061-f3f88e8be88a}>
"c:\winnt\system32\shmgrate.exe" File version = 5.00.2195.6707, File size = 33552, File modification date = 14/07/2003 12:00, File description = Windows NT User Data Migration Tool, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6707, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |416731579|0xb88d67a0d84c5424e8349e8a6c16155c|
StubPath="%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
"C:\Program Files\outlook express\setup50.exe" File version = 6.00.2800.1106, File size = 67584, File modification date = 29/08/2002 14:06, File description = Outlook Express Setup Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1119116633|0x5f57bc66ada2dfdeeae9506aa4738017|
"c:\winnt\system32\user.exe" File version = 3.10, File size = 47808, File modification date = 14/07/2003 12:00, File description = Windows User-interface core component, Product Name = Microsoft® Windows(TM) Operating System, Product version = 3.10, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1981-1996) |638711142|0x97fd0399db4bf50f413a1f30db18f598|
StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINNT\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
"c:\winnt\system32\rundll32.exe" File version = 5.00.2134.1, File size = 10000, File modification date = 14/07/2003 12:00, File description = Run a DLL as an App, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-721210653|0x1ed5274825cd1eebbe102b9ff7c9ec31|
"c:\winnt\system32\advpack.dll" File version = 6.00.2800.1106, File size = 91136, File modification date = 29/08/2002 14:14, File description = ADVPACK, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2139789443|0x84f97568ea488bdfa0199a14ecd0bc7b|
"c:\winnt\inf\msnetmtg.inf" File version = (null), File size = 43699, File modification date = 14/07/2003 12:00, File description = (null), Product Name = (null), Product version = (null), Company name = (null) |-1874699855|0x636935bc7446b996b36444d2787e753e|
StubPath=regsvr32.exe /s /n /i:"S 2 true 3 true 4 true 5 true 6 true 7 true" initpki.dll
"c:\winnt\system32\regsvr32.exe" File version = 5.00.2195.6662, File size = 11024, File modification date = 14/07/2003 12:00, File description = Microsoft(C) Register Server, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6662, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1542102088|0x2543f89cbc41dee3151fd152bdb04ee4|
"c:\winnt\system32\initpki.dll" File version = 5.131.2195.6601, File size = 138000, File modification date = 14/07/2003 12:00, File description = Microsoft Trust Installation and Setup, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.131.2195.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |684592706|0xc3871e08be6c6ea14b26e4f90538fdaf|
StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINNT\INF\wmp.inf,PerUserStub
"c:\winnt\system32\rundll32.exe" File version = 5.00.2134.1, File size = 10000, File modification date = 14/07/2003 12:00, File description = Run a DLL as an App, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-721210653|0x1ed5274825cd1eebbe102b9ff7c9ec31|
"c:\winnt\system32\advpack.dll" File version = 6.00.2800.1106, File size = 91136, File modification date = 29/08/2002 14:14, File description = ADVPACK, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2139789443|0x84f97568ea488bdfa0199a14ecd0bc7b|
"c:\winnt\inf\wmp.inf" File version = (null), File size = 33609, File modification date = 12/12/2002 02:47, File description = (null), Product Name = (null), Product version = (null), Company name = (null) |-1620444436|0x1244ab8faca9d5bb380f8f8d008e17c7|
StubPath="%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
"C:\Program Files\outlook express\setup50.exe" File version = 6.00.2800.1106, File size = 67584, File modification date = 29/08/2002 14:06, File description = Outlook Express Setup Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1119116633|0x5f57bc66ada2dfdeeae9506aa4738017|
"c:\winnt\system32\user.exe" File version = 3.10, File size = 47808, File modification date = 14/07/2003 12:00, File description = Windows User-interface core component, Product Name = Microsoft® Windows(TM) Operating System, Product version = 3.10, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1981-1996) |638711142|0x97fd0399db4bf50f413a1f30db18f598|
StubPath=regsvr32.exe /s /n /i:U shell32.dll
"c:\winnt\system32\regsvr32.exe" File version = 5.00.2195.6662, File size = 11024, File modification date = 14/07/2003 12:00, File description = Microsoft(C) Register Server, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6662, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1542102088|0x2543f89cbc41dee3151fd152bdb04ee4|
"c:\winnt\system32\shell32.dll" File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
StubPath=%SystemRoot%\system32\ie4uinit.exe
"C:\WINNT\system32\ie4uinit.exe" File version = 6.00.2800.1106, File size = 28672, File modification date = 29/08/2002 14:14, File description = IE 5.0 Per-User Install Utility, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1548181245|0xb978bee92acd77e8907d8493a46d08be|
StubPath=C:\WINNT\system32\Rundll32.exe C:\WINNT\system32\mscories.dll,Install
"c:\winnt\system32\rundll32.exe" File version = 5.00.2134.1, File size = 10000, File modification date = 14/07/2003 12:00, File description = Run a DLL as an App, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-721210653|0x1ed5274825cd1eebbe102b9ff7c9ec31|
"c:\winnt\system32\mscories.dll" File version = 2.0.50727.42 (RTM.050727-4200), File size = 74240, File modification date = 23/09/2005 14:28, File description = Microsoft .NET IE SECURITY REGISTRATION, Product Name = Microsoft® .NET Framework, Product version = 2.0.50727.42, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1383650402|0x46e55aea48bad9297df685c722619bd6|
StubPath=%SystemRoot%\system32\updcrl.exe -e -u %SystemRoot%\system32\verisignpub1.crl
"C:\WINNT\system32\updcrl.exe" File version = 5.1.2462.0 (Lab03_N.010322-1915), File size = 7168, File modification date = 23/03/2001 23:17, File description = UPDCRL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.1.2462.0, Company name = Microsoft Corporation (Copyright (C) Microsoft Corporation. 1981-2001) |816381070|0xca32888d236bc9d229daca00c51fe0fb|
"C:\WINNT\system32\verisignpub1.crl" File version = (null), File size = 437, File modification date = 23/03/2001 22:26, File description = (null), Product Name = (null), Product version = (null), Company name = (null) |-514838590|0x4f0234ad0ee37e3182d35b0ebfafbc3e|
HKLM\Software\Microsoft\Windows NT\CurrentVersion\WOW\BOOT
comm.drv=comm.drv
"c:\winnt\system32\comm.drv" File version = 3.10, File size = 10544, File modification date = 14/07/2003 12:00, File description = Windows COMM Driver, Product Name = Microsoft® Windows(TM) Operating System, Product version = 3.10, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1981-1996) |626219473|0x9101ad48b51a5b0ba5a8c91120c49b30|
display.drv=vga.drv
"c:\winnt\system\vga.drv" File version = 3.10, File size = 2176, File modification date = 14/07/2003 12:00, File description = WOW Display Driver Module, Product Name = Microsoft® Windows(TM) Operating System, Product version = 3.10, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1981-1996) |-801122597|0x32b8d521553ce65e0c238da6b05db3f1|
drivers=mmsystem.dll
"c:\winnt\system\mmsystem.dll" File version = 3.10, File size = 68624, File modification date = 14/07/2003 12:00, File description = System APIs for Multimedia, Product Name = Microsoft® Windows(TM) Operating System, Product version = 3.10, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1981-1996) |975465178|0x8ac2a505df667d26e43dfc2e03fca002|
keyboard.drv=keyboard.drv

Robert09
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2009-10-14
OS OS : 2000 Pro
Points Points : 26223
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Robert09 on Fri Oct 23, 2009 11:28 pm


"c:\winnt\system\keyboard.drv" File version = 3.10, File size = 2000, File modification date = 14/07/2003 12:00, File description = WOW Keyboard Driver Module, Product Name = Microsoft® Windows(TM) Operating System, Product version = 3.10, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1981-1996) |-163139180|0x1e4d89f23e38e0912109aa3583652149|
mouse.drv=mouse.drv
"c:\winnt\system\mouse.drv" File version = 3.10, File size = 2032, File modification date = 14/07/2003 12:00, File description = WOW MOUSE Driver Module, Product Name = Microsoft® Windows(TM) Operating System, Product version = 3.10, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1981-1996) |1927789742|0x7107c6b0a81b424d7fd86639a77fac3e|
network.drv=wfwnet.drv
"c:\winnt\system\wfwnet.drv" File version = 3.10, File size = 13792, File modification date = 14/07/2003 12:00, File description = Windows for Workgroups network driver, Product Name = Microsoft® Windows(TM) Operating System, Product version = 3.10, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1981-1996) |657184308|0x0dd20b7be22de02871693ad4e3e0da8c|
shell=progman.exe
"c:\winnt\system32\progman.exe" File version = 5.00.2134.1, File size = 162064, File modification date = 14/07/2003 12:00, File description = Program Manager, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1086279108|0x6329f69858091c392239cc829540a29c|
sound.drv=sound.drv
"c:\winnt\system\sound.drv" File version = 3.10, File size = 1744, File modification date = 14/07/2003 12:00, File description = WOW SOUND Driver Module, Product Name = Microsoft® Windows(TM) Operating System, Product version = 3.10, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1981-1996) |1841912135|0x04d2b9e5de42d728c9bfbaeebfa0d1bd|
system.drv=system.drv
"c:\winnt\system\system.drv" File version = 3.10, File size = 3360, File modification date = 14/07/2003 12:00, File description = Windows System Driver core component, Product Name = Microsoft® Windows(TM) Operating System, Product version = 3.10, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1981-1996) |-1444004298|0x2f1da9dbbcce1e6aa7f4e2fc00b229e4|
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers
timer=timer.drv
"c:\winnt\system\timer.drv" File version = 3.10, File size = 4048, File modification date = 14/07/2003 12:00, File description = Timer driver for PC compatibles, Product Name = Microsoft® Windows(TM) Operating System, Product version = 3.10, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1981-1996) |-1863381346|0x818a7ecd1731c166af9182b97d4bffbb|
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32
aux=mmdrv.dll
"c:\winnt\system32\mmdrv.dll" File version = 5.00.2134.1, File size = 12048, File modification date = 14/07/2003 12:00, File description = MultiMedia Kernel support Driver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1648951836|0x4c75c15046baf6ebdb672465dd8bd947|
midimapper=midimap.dll
"c:\winnt\system32\midimap.dll" File version = 5.00.2134.1, File size = 19216, File modification date = 14/07/2003 12:00, File description = Microsoft MIDI Mapper, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |362025198|0x52274edb5ac13eddcb3bf6cbb1b03ae5|
vidc.cvid=iccvid.dll
"c:\winnt\system32\iccvid.dll" File version = 1.10.0.6, File size = 110592, File modification date = 14/07/2003 12:00, File description = Cinepak® Codec, Product Name = Cinepak for Windows 32, Product version = 1.10.0.0, Company name = Radius Inc. (Copyright © 1992-1995 Radius Inc., All Rights Reserved) |-646317481|0xcb3b7ee47ba7dbb3d23d34e274895133|
vidc.iv31=ir32_32.dll
"c:\winnt\system32\ir32_32.dll" File version = (null), File size = 199168, File modification date = 14/07/2003 12:00, File description = (null), Product Name = Intel Indeo(R) Video R3.2 32-bit Driver, Product version = Version 3.24.15.03, Company name = Intel(R) Corporation (Copyright Intel Corporation 1992-1995) |-1276791688|0x345a85e646e8e9149ec095fa1ba85933|
vidc.iv32=ir32_32.dll
"c:\winnt\system32\ir32_32.dll" File version = (null), File size = 199168, File modification date = 14/07/2003 12:00, File description = (null), Product Name = Intel Indeo(R) Video R3.2 32-bit Driver, Product version = Version 3.24.15.03, Company name = Intel(R) Corporation (Copyright Intel Corporation 1992-1995) |-1276791688|0x345a85e646e8e9149ec095fa1ba85933|
vidc.mrle=msrle32.dll
"c:\winnt\system32\msrle32.dll" File version = 5.00.2195.6612, File size = 11024, File modification date = 14/07/2003 12:00, File description = Microsoft RLE Compressor, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6612, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-44098678|0xaa3ef1c9834ebdb583bc186cb4a3451c|
vidc.msvc=msvidc32.dll
"c:\winnt\system32\msvidc32.dll" File version = 5.00.2134.1, File size = 27920, File modification date = 14/07/2003 12:00, File description = Microsoft Video 1 Compressor, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-807419382|0x8daf1b91e299bed75a6c1c1a55fb3f64|
wavemapper=msacm32.drv
"c:\winnt\system32\msacm32.drv" File version = 5.00.2134.1, File size = 21264, File modification date = 14/07/2003 12:00, File description = Microsoft Sound Mapper, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-2041383596|0x4bfd2599ed4c793054f627b1c1470e43|
wdmaud.drv=wdmaud.drv
"c:\winnt\system32\wdmaud.drv" File version = 5.00.2195.6673, File size = 21264, File modification date = 19/06/2003 19:05, File description = WDM Audio driver mapper, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6673, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2003832807|0x64edee207678b40a3b0a777292744caa|
vidc.M263=msh263.drv
"c:\winnt\system32\msh263.drv" File version = 4.4.3385, File size = 258320, File modification date = 02/12/1999 22:30, File description = Microsoft H.263 ICM Driver, Product Name = Windows® NetMeeting®, Product version = 3.01, Company name = Microsoft Corporation (Copyright © Intel Corp. and Microsoft Corporation 1995-1999) |1166780754|0x7669c8ceabdc7668402f3722aaade4d1|
vidc.M261=msh261.drv
"c:\winnt\system32\msh261.drv" File version = 4.4.3385, File size = 167696, File modification date = 14/07/2003 12:00, File description = Microsoft H.261 ICM Driver, Product Name = Windows® NetMeeting®, Product version = 3.01, Company name = Microsoft Corporation (Copyright © Intel Corp. and Microsoft Corporation 1995-1999) |-1194740707|0x437ba5a82b2fbac8018c938055686bf8|
vidc.I420=msh263.drv
"c:\winnt\system32\msh263.drv" File version = 4.4.3385, File size = 258320, File modification date = 02/12/1999 22:30, File description = Microsoft H.263 ICM Driver, Product Name = Windows® NetMeeting®, Product version = 3.01, Company name = Microsoft Corporation (Copyright © Intel Corp. and Microsoft Corporation 1995-1999) |1166780754|0x7669c8ceabdc7668402f3722aaade4d1|
vidc.iv50=ir50_32.dll
"c:\winnt\system32\ir50_32.dll" File version = R.5.10.15.2.55, File size = 755200, File modification date = 14/07/2003 12:00, File description = Intel Indeo® video 5.10, Product Name = Intel Indeo® video 5.10, Product version = R.5.10.15.2.55, Company name = Intel Corporation (Copyright © 1994-1998 Intel Corp.) |243962893|0x2fb23431d7e87fe17d61421409ec13bf|
VIDC.UYVY=msyuv.dll
"c:\winnt\system32\msyuv.dll" File version = 5.3.0000000.900 built by: DIRECTX, File size = 16896, File modification date = 09/07/2004 10:58, File description = Microsoft UYVY Video Decompressor, Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-253714284|0xbf66ae458e457e425e7fbb0769ea0f39|
VIDC.YUY2=msyuv.dll
"c:\winnt\system32\msyuv.dll" File version = 5.3.0000000.900 built by: DIRECTX, File size = 16896, File modification date = 09/07/2004 10:58, File description = Microsoft UYVY Video Decompressor, Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-253714284|0xbf66ae458e457e425e7fbb0769ea0f39|
VIDC.YVYU=msyuv.dll
"c:\winnt\system32\msyuv.dll" File version = 5.3.0000000.900 built by: DIRECTX, File size = 16896, File modification date = 09/07/2004 10:58, File description = Microsoft UYVY Video Decompressor, Product Name = Microsoft® Windows® Operating System, Product version = 5.3.0000000.900, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-253714284|0xbf66ae458e457e425e7fbb0769ea0f39|
midi=wdmaud.drv
"c:\winnt\system32\wdmaud.drv" File version = 5.00.2195.6673, File size = 21264, File modification date = 19/06/2003 19:05, File description = WDM Audio driver mapper, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6673, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2003832807|0x64edee207678b40a3b0a777292744caa|
wave=wdmaud.drv
"c:\winnt\system32\wdmaud.drv" File version = 5.00.2195.6673, File size = 21264, File modification date = 19/06/2003 19:05, File description = WDM Audio driver mapper, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6673, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2003832807|0x64edee207678b40a3b0a777292744caa|
midi1=wdmaud.drv
"c:\winnt\system32\wdmaud.drv" File version = 5.00.2195.6673, File size = 21264, File modification date = 19/06/2003 19:05, File description = WDM Audio driver mapper, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6673, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2003832807|0x64edee207678b40a3b0a777292744caa|
mixer=wdmaud.drv
"c:\winnt\system32\wdmaud.drv" File version = 5.00.2195.6673, File size = 21264, File modification date = 19/06/2003 19:05, File description = WDM Audio driver mapper, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6673, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |2003832807|0x64edee207678b40a3b0a777292744caa|
msacm.l3acm=C:\WINNT\system32\l3codeca.acm
"c:\winnt\system32\l3codeca.acm" File version = 1, 9, 0, 0305, File size = 290816, File modification date = 03/04/2002 21:37, File description = MPEG Layer-3 Audio Codec for MSACM, Product Name = MPEG Layer-3 Audio Codec for MSACM, Product version = 1, 0, 0, 0, Company name = Fraunhofer Institut Integrierte Schaltungen IIS (Copyright © 1996-1999 Fraunhofer Institut Integrierte Schaltungen IIS) |868474091|0x4b4fd61ebb404842eb5823a50a3a58a9|
*\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
Network.ConnectionTray={7007ACCF-3202-11D1-AAD2-00805FC1270E}
"c:\winnt\system32\netshell.dll" File version = 5.00.2195.6604, File size = 477456, File modification date = 14/07/2003 12:00, File description = Network Connections Shell, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6604, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1195136391|0xfc1783b19a718444de5f6fe5c9143079|
WebCheck={E6FB5E20-DE35-11CF-9C87-00AA005127ED}
"C:\WINNT\system32\webcheck.dll" File version = 6.00.2800.1106, File size = 258048, File modification date = 29/08/2002 14:14, File description = Web Site Monitor, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1741398926|0xf2786dc35401fceb401a0f5810e22ab6|
SysTray={35CEC8A3-2BE6-11D2-8773-92E220524153}
"C:\WINNT\system32\stobject.dll" File version = 5.00.2195.6601, File size = 81168, File modification date = 14/07/2003 12:00, File description = Systray shell service object, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |724966362|0x34660338069fd5665b921ecffc96e0ce|
*\Control Panel\Desktop

Robert09
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2009-10-14
OS OS : 2000 Pro
Points Points : 26223
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Robert09 on Fri Oct 23, 2009 11:35 pm

SCRNSAVE.EXE=logon.scr
"c:\winnt\system32\logon.scr" File version = 5.00.2195.6601, File size = 130832, File modification date = 14/07/2003 12:00, File description = Logon Screen Saver, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-232589221|0xa09562d9a064226108be0e56decc6574|
*\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
{438755C2-A8BA-11D1-B96B-00A0C90312E1}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{8C7461EF-2B13-11d2-BE35-3078302C2030}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
*\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{AEB6717E-7E19-11d0-97EE-00C04FD91972}
"c:\winnt\system32\shell32.dll" File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
{00022613-0000-0000-C000-000000000046}
"c:\winnt\system32\mmsys.cpl" File version = 5.00.2161.1, File size = 303888, File modification date = 14/07/2003 12:00, File description = Control Panel Drivers Applet, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2161.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |64357965|0x5dee527242825ef0d7e10b437fd8d843|
{176d6597-26d3-11d1-b350-080036a75b03}
"c:\winnt\system32\icmui.dll" File version = 5.00.2180.1, File size = 51472, File modification date = 14/07/2003 12:00, File description = Microsoft Color Matching System User Interface DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2180.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |191376273|0x013eadf2c3aa4617c7e473cf3802c42a|
{1F2E5C40-9550-11CE-99D2-00AA006E086C}
"c:\winnt\system32\rshx32.dll" File version = 5.00.2195.6613, File size = 35088, File modification date = 14/07/2003 12:00, File description = Security Shell Extension, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6613, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1409151765|0xd8e00f516a12408ecb6a642af699af23|
{3EA48300-8CF6-101B-84FB-666CCB9BCD32}
"c:\winnt\system32\docprop.dll" File version = 5.00.2134.1, File size = 43280, File modification date = 14/07/2003 12:00, File description = OLE DocFile Property Page, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1250571404|0xd7db4db202df4dd69018ea3fbd2ba397|
{40dd6e20-7c17-11ce-a804-00aa003ca9f6}
"c:\winnt\system32\ntshrui.dll" File version = 5.00.2134.1, File size = 47888, File modification date = 14/07/2003 12:00, File description = Shell extensions for sharing, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1146396665|0x8648b1b3700ff6998aca8d99dd6de719|
{41E300E0-78B6-11ce-849B-444553540000}
"c:\winnt\system32\plustab.dll" File version = 5.00.2134.1, File size = 20752, File modification date = 14/07/2003 12:00, File description = Effects Control Panel extension, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1486722621|0x30e919a12a136d610b9f2112611e8e2d|
{42071712-76d4-11d1-8b24-00a0c9068ff3}
"c:\winnt\system32\deskadp.dll" File version = 5.00.2920.0000, File size = 13072, File modification date = 14/07/2003 12:00, File description = Advanced display adapter properties, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2920.0000, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |348119470|0x896ea483c1eb3d463f31fb947abde128|
{42071713-76d4-11d1-8b24-00a0c9068ff3}
"c:\winnt\system32\deskmon.dll" File version = 5.00.2920.0000, File size = 14096, File modification date = 14/07/2003 12:00, File description = Advanced display monitor properties, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2920.0000, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |477288398|0xa0d3edac93fed90d48a526a234cafe1f|
{4E40F770-369C-11d0-8922-00A024AB2DBB}
"c:\winnt\system32\dssec.dll" File version = 5.00.2195.6623, File size = 28944, File modification date = 14/07/2003 12:00, File description = Directory Service Security UI, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6623, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1996) |-1279722218|0xf9cfb3bcf55d1374bd23cfbc23fe6bdc|
{56117100-C0CD-101B-81E2-00AA004AE837}
"c:\winnt\system32\shscrap.dll" File version = 5.00.2134.1, File size = 23312, File modification date = 14/07/2003 12:00, File description = Shell scrap object handler, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1309378651|0xe5fb42346ccd9b9e7e45add3907617bf|
{59099400-57FF-11CE-BD94-0020AF85B590}
"c:\winnt\system32\diskcopy.dll" File version = 5.00.2195.6601, File size = 16144, File modification date = 14/07/2003 12:00, File description = Windows DiskCopy, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1991-1999) |-2130987114|0x4330d77e69382a58d19de7e00596d88c|
{59be4990-f85c-11ce-aff7-00aa003ca9f6}
"c:\winnt\system32\ntlanui2.dll" File version = 5.00.2134.1, File size = 15632, File modification date = 14/07/2003 12:00, File description = Network object shell UI, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |357228222|0x061b9437f6ef3132c02492db797f49ab|
{5DB2625A-54DF-11D0-B6C4-0800091AA605}
"C:\WINNT\system32\icmui.dll" File version = 5.00.2180.1, File size = 51472, File modification date = 14/07/2003 12:00, File description = Microsoft Color Matching System User Interface DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2180.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |191376273|0x013eadf2c3aa4617c7e473cf3802c42a|
{675F097E-4C4D-11D0-B6C1-0800091AA605}
"C:\WINNT\system32\icmui.dll" File version = 5.00.2180.1, File size = 51472, File modification date = 14/07/2003 12:00, File description = Microsoft Color Matching System User Interface DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2180.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |191376273|0x013eadf2c3aa4617c7e473cf3802c42a|
{77597368-7b15-11d0-a0c2-080036af3f03}
"c:\winnt\system32\printui.dll" File version = 5.00.2195.6702, File size = 381712, File modification date = 14/07/2003 12:00, File description = Print UI DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6702, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |566274647|0x6769d75b373debd183dc7829b1ee9556|
{7988B573-EC89-11cf-9C00-00AA00A14F56}
"c:\winnt\system32\dskquoui.dll" File version = 5.00.2195.6601, File size = 146192, File modification date = 14/07/2003 12:00, File description = Windows Shell Disk Quota UI DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1780458762|0x232a84ebe8fcfb2e0e8796991a0bcce7|
{85BBD920-42A0-1069-A2E4-08002B30309D}
"c:\winnt\system32\syncui.dll" File version = 5.00.2134.1, File size = 166672, File modification date = 14/07/2003 12:00, File description = Windows Briefcase, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1992-1999) |523017862|0x4bc5a5d5a110b91a7370d6335c34a365|
{88895560-9AA2-1069-930E-00AA0030EBC8}
"c:\winnt\system32\hticons.dll" File version = 5.00.2195.6684, File size = 21776, File modification date = 14/07/2003 12:00, File description = HyperTerminal Applet Library, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6684, Company name = Hilgraeve, Inc. (Copyright © Hilgraeve, Inc. 1999) |-62361461|0x7f985035801423b97250f694961c5a36|
{BD84B380-8CA2-1069-AB1D-08000948F534}
"c:\winnt\system32\fontext.dll" File version = 5.00.2195.6601, File size = 200976, File modification date = 14/07/2003 12:00, File description = Windows Font Folder, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1991-1995) |-1808051399|0x1567c8ccdc7ffcd324ac25e4c1d47891|
{DBCE2480-C732-101B-BE72-BA78E9AD5B27}
"C:\WINNT\system32\icmui.dll" File version = 5.00.2180.1, File size = 51472, File modification date = 14/07/2003 12:00, File description = Microsoft Color Matching System User Interface DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2180.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |191376273|0x013eadf2c3aa4617c7e473cf3802c42a|
{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}
"c:\winnt\system32\rshx32.dll" File version = 5.00.2195.6613, File size = 35088, File modification date = 14/07/2003 12:00, File description = Security Shell Extension, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6613, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1409151765|0xd8e00f516a12408ecb6a642af699af23|
{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}
"c:\winnt\system32\ntshrui.dll" File version = 5.00.2134.1, File size = 47888, File modification date = 14/07/2003 12:00, File description = Shell extensions for sharing, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1146396665|0x8648b1b3700ff6998aca8d99dd6de719|
{f92e8c40-3d33-11d2-b1aa-080036a75b03}
"c:\winnt\system32\deskperf.dll" File version = 5.00.2134.1, File size = 14096, File modification date = 14/07/2003 12:00, File description = Advanced display performance properties, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2134.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1603628693|0xd9e2531a58ee94d76891ef790d7a6333|
{60254CA5-953B-11CF-8C96-00AA00B8708C}
"c:\winnt\system32\wshext.dll" File version = 5.6.0.6626, File size = 65585, File modification date = 27/06/2001 00:56, File description = Microsoft (r) Shell Extension for Windows script Host, Product Name = Microsoft (r) Windows script Host, Product version = 5.6.0.6626, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 2001) |863431403|0x4c252e9e26df05f93f1740e2d4f2bb9d|
{7444C717-39BF-11D1-8CD9-00C04FC29D45}
"c:\winnt\system32\cryptext.dll" File version = 5.131.2181.1, File size = 49424, File modification date = 14/07/2003 12:00, File description = Crypto Shell Extensions, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.131.2181.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |710747680|0xdc8ac92754b876fc843a685a2c1a34ab|
{7444C719-39BF-11D1-8CD9-00C04FC29D45}
"c:\winnt\system32\cryptext.dll" File version = 5.131.2181.1, File size = 49424, File modification date = 14/07/2003 12:00, File description = Crypto Shell Extensions, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.131.2181.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |710747680|0xdc8ac92754b876fc843a685a2c1a34ab|
{7007ACC7-3202-11D1-AAD2-00805FC1270E}
"c:\winnt\system32\netshell.dll" File version = 5.00.2195.6604, File size = 477456, File modification date = 14/07/2003 12:00, File description = Network Connections Shell, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6604, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1195136391|0xfc1783b19a718444de5f6fe5c9143079|
{EFA24E61-B078-11d0-89E4-00C04FC9E26E}
"C:\WINNT\system32\shdocvw.dll" File version = 6.00.2800.1106, File size = 1338368, File modification date = 29/08/2002 14:14, File description = Shell Doc Object and Control Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1802806112|0x7d89e0216917a6f233735902f649e8d1|
{0A89A860-D7B1-11CE-8350-444553540000}
"C:\WINNT\system32\shdocvw.dll" File version = 6.00.2800.1106, File size = 1338368, File modification date = 29/08/2002 14:14, File description = Shell Doc Object and Control Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1802806112|0x7d89e0216917a6f233735902f649e8d1|
{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}
"C:\WINNT\system32\shdocvw.dll" File version = 6.00.2800.1106, File size = 1338368, File modification date = 29/08/2002 14:14, File description = Shell Doc Object and Control Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1802806112|0x7d89e0216917a6f233735902f649e8d1|
{FBF23B40-E3F0-101B-8488-00AA003E56F8}
"c:\winnt\system32\shdocvw.dll" File version = 6.00.2800.1106, File size = 1338368, File modification date = 29/08/2002 14:14, File description = Shell Doc Object and Control Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1802806112|0x7d89e0216917a6f233735902f649e8d1|
{3C374A40-BAE4-11CF-BF7D-00AA006946EE}
"C:\WINNT\system32\shdocvw.dll" File version = 6.00.2800.1106, File size = 1338368, File modification date = 29/08/2002 14:14, File description = Shell Doc Object and Control Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1802806112|0x7d89e0216917a6f233735902f649e8d1|
{FF393560-C2A7-11CF-BFF4-444553540000}
"C:\WINNT\system32\shdocvw.dll" File version = 6.00.2800.1106, File size = 1338368, File modification date = 29/08/2002 14:14, File description = Shell Doc Object and Control Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1802806112|0x7d89e0216917a6f233735902f649e8d1|
{7BD29E00-76C1-11CF-9DD0-00A0C9034933}
"C:\WINNT\system32\shdocvw.dll" File version = 6.00.2800.1106, File size = 1338368, File modification date = 29/08/2002 14:14, File description = Shell Doc Object and Control Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1802806112|0x7d89e0216917a6f233735902f649e8d1|
{CFBFAE00-17A6-11D0-99CB-00C04FD64497}
"C:\WINNT\system32\shdocvw.dll" File version = 6.00.2800.1106, File size = 1338368, File modification date = 29/08/2002 14:14, File description = Shell Doc Object and Control Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1802806112|0x7d89e0216917a6f233735902f649e8d1|
{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}
"C:\WINNT\system32\shdocvw.dll" File version = 6.00.2800.1106, File size = 1338368, File modification date = 29/08/2002 14:14, File description = Shell Doc Object and Control Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1802806112|0x7d89e0216917a6f233735902f649e8d1|
{67EA19A0-CCEF-11d0-8024-00C04FD75D13}
"C:\WINNT\system32\shdocvw.dll" File version = 6.00.2800.1106, File size = 1338368, File modification date = 29/08/2002 14:14, File description = Shell Doc Object and Control Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1802806112|0x7d89e0216917a6f233735902f649e8d1|
{131A6951-7F78-11D0-A979-00C04FD705A2}
"C:\WINNT\system32\shdocvw.dll" File version = 6.00.2800.1106, File size = 1338368, File modification date = 29/08/2002 14:14, File description = Shell Doc Object and Control Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1802806112|0x7d89e0216917a6f233735902f649e8d1|
{9461b922-3c5a-11d2-bf8b-00c04fb93661}
"C:\WINNT\system32\shdocvw.dll" File version = 6.00.2800.1106, File size = 1338368, File modification date = 29/08/2002 14:14, File description = Shell Doc Object and Control Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1802806112|0x7d89e0216917a6f233735902f649e8d1|
{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}
"C:\WINNT\system32\shdocvw.dll" File version = 6.00.2800.1106, File size = 1338368, File modification date = 29/08/2002 14:14, File description = Shell Doc Object and Control Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1802806112|0x7d89e0216917a6f233735902f649e8d1|
{871C5380-42A0-1069-A2EA-08002B30309D}
"C:\WINNT\system32\shdocvw.dll" File version = 6.00.2800.1106, File size = 1338368, File modification date = 29/08/2002 14:14, File description = Shell Doc Object and Control Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1802806112|0x7d89e0216917a6f233735902f649e8d1|
{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}
"c:\winnt\system32\mstask.dll" File version = 4.71.2195.6972, File size = 218896, File modification date = 12/01/2005 19:39, File description = Task Scheduler interface DLL, Product Name = Microsoft® Windows® Task Scheduler, Product version = 4.71.2195.6972, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1997) |991653062|0xc4b3d1c42eefe4ee910ad72149fee516|
{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}
"c:\winnt\system32\mstask.dll" File version = 4.71.2195.6972, File size = 218896, File modification date = 12/01/2005 19:39, File description = Task Scheduler interface DLL, Product Name = Microsoft® Windows® Task Scheduler, Product version = 4.71.2195.6972, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1997) |991653062|0xc4b3d1c42eefe4ee910ad72149fee516|
{D6277990-4C6A-11CF-8D87-00AA0060F5BF}
"c:\winnt\system32\mstask.dll" File version = 4.71.2195.6972, File size = 218896, File modification date = 12/01/2005 19:39, File description = Task Scheduler interface DLL, Product Name = Microsoft® Windows® Task Scheduler, Product version = 4.71.2195.6972, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1997) |991653062|0xc4b3d1c42eefe4ee910ad72149fee516|
{1A9BA3A0-143A-11CF-8350-444553540000}
"C:\WINNT\system32\shell32.dll" File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
{20D04FE0-3AEA-1069-A2D8-08002B30309D}
"C:\WINNT\system32\shell32.dll" File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
{86747AC0-42A0-1069-A2E6-08002B30309D}
"C:\WINNT\system32\shell32.dll" File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
{0AFACED1-E828-11D1-9187-B532F1E9575D}
"C:\WINNT\system32\shell32.dll" File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
{12518493-00B2-11d2-9FA5-9E3420524153}
"C:\WINNT\system32\shell32.dll" File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
{21B22460-3AEA-1069-A2DC-08002B30309D}
"C:\WINNT\system32\shell32.dll" File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
{B091E540-83E3-11CF-A713-0020AFD79762}
"C:\WINNT\system32\shell32.dll" File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
{FBF23B41-E3F0-101B-8488-00AA003E56F8}
"C:\WINNT\system32\shell32.dll" File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
{C2FBB630-2971-11d1-A18C-00C04FD75D13}
"C:\WINNT\system32\shell32.dll" File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
{C2FBB631-2971-11d1-A18C-00C04FD75D13}
"C:\WINNT\system32\shell32.dll" File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
{13709620-C279-11CE-A49E-444553540000}
"c:\winnt\system32\shell32.dll" File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
{62112AA1-EBE4-11cf-A5FB-0020AFE7292D}
"C:\WINNT\system32\shell32.dll" File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
{4622AD11-FF23-11d0-8D34-00A0C90F2719}
"C:\WINNT\system32\shell32.dll" File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
{7BA4C740-9E81-11CF-99D3-00AA004AE837}
"C:\WINNT\system32\shell32.dll" File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
{D969A300-E7FF-11d0-A93B-00A0C90F2719}
"C:\WINNT\system32\shell32.dll" File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
{09799AFB-AD67-11d1-ABCD-00C04FC30936}
"C:\WINNT\system32\shell32.dll" File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
{3FC0B520-68A9-11D0-8D77-00C04FD70822}
"C:\WINNT\system32\shell32.dll" File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
{75048700-EF1F-11D0-9888-006097DEACF9}
"c:\winnt\system32\shell32.dll" File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
{6D5313C0-8C62-11D1-B2CD-006097DF8C11}
"C:\WINNT\system32\shell32.dll" File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
{57651662-CE3E-11D0-8D77-00C04FC99D61}
"C:\WINNT\system32\shell32.dll" File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
{4657278A-411B-11d2-839A-00C04FD918D0}
"C:\WINNT\system32\shell32.dll" File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
{A470F8CF-A1E8-4f65-8335-227475AA5C46}
"C:\WINNT\system32\shell32.dll" File version = 5.00.3900.7105, File size = 2362640, File modification date = 13/07/2006 07:09, File description = Windows Shell Common Dll, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3900.7105, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |959277735|0x961cfc812107bcbd77488224c48e1a58|
{5E6AB780-7743-11CF-A12B-00AA004AE837}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{22BF0C20-6DA7-11D0-B373-00A0C9034938}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{568804CA-CBD7-11d0-9816-00C04FD91972}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{5b4dae26-b807-11d0-9815-00c04fd91972}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{8278F931-2A3E-11d2-838F-00C04FD918D0}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{E13EF4E4-D2F2-11d0-9816-00C04FD91972}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{ECD4FC4F-521C-11D0-B792-00A0C90312E1}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{91EA3F8B-C99B-11d0-9815-00C04FD91972}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{6413BA2C-B461-11d1-A18A-080036B11A03}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{F61FFEC1-754F-11d0-80CA-00AA005B4383}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{D82BE2B0-5764-11D0-A96E-00C04FD705A2}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{7BA4C742-9E81-11CF-99D3-00AA004AE837}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{30D02401-6A81-11d0-8274-00C04FD5AE38}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{169A0691-8DF9-11d1-A1C4-00C04FD75D13}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{07798131-AF23-11d1-9111-00A0C98BA67D}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{0E5CBF21-D15F-11d0-8301-00AA005B4383}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{AF4F6510-F982-11d0-8595-00AA004CD6D8}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{01E04581-4EEE-11d0-BFE9-00AA005B4383}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{A08C11D2-A228-11d0-825B-00AA005B4383}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{00BB2763-6A77-11D0-A535-00C04FD7D062}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{7487cd30-f71a-11d0-9ea7-00805f714772}

Robert09
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2009-10-14
OS OS : 2000 Pro
Points Points : 26223
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Robert09 on Fri Oct 23, 2009 11:36 pm

"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{7376D660-C583-11d0-A3A5-00C04FD706EC}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{6756A641-DE71-11d0-831B-00AA005B4383}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{00BB2764-6A77-11D0-A535-00C04FD7D062}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{03C036F1-A186-11D0-824A-00AA005B4383}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{00BB2765-6A77-11D0-A535-00C04FD7D062}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{ECD4FC4E-521C-11D0-B792-00A0C90312E1}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{ECD4FC4C-521C-11D0-B792-00A0C90312E1}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{ECD4FC4D-521C-11D0-B792-00A0C90312E1}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{DD313E04-FEFF-11d1-8ECD-0000F87A470C}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}
"c:\winnt\system32\sendmail.dll" File version = 5.50.4807.2300, File size = 18704, File modification date = 29/08/2002 14:14, File description = Send Mail, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.50.4807.2300, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-2001) |1415410071|0x88498463c50e594e29737cbbef4b28bf|
{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}
"c:\winnt\system32\sendmail.dll" File version = 5.50.4807.2300, File size = 18704, File modification date = 29/08/2002 14:14, File description = Send Mail, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.50.4807.2300, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-2001) |1415410071|0x88498463c50e594e29737cbbef4b28bf|
{88C6C381-2E85-11D0-94DE-444553540000}
"C:\WINNT\system32\occache.dll" File version = 6.00.2800.1106, File size = 87552, File modification date = 29/08/2002 14:14, File description = Object Control Viewer, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-928611238|0x6d13c2d8a298ce93dc4e741b6b07051b|
{E6FB5E20-DE35-11CF-9C87-00AA005127ED}
"C:\WINNT\system32\webcheck.dll" File version = 6.00.2800.1106, File size = 258048, File modification date = 29/08/2002 14:14, File description = Web Site Monitor, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1741398926|0xf2786dc35401fceb401a0f5810e22ab6|
{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}
"C:\WINNT\system32\webcheck.dll" File version = 6.00.2800.1106, File size = 258048, File modification date = 29/08/2002 14:14, File description = Web Site Monitor, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1741398926|0xf2786dc35401fceb401a0f5810e22ab6|
{F5175861-2688-11d0-9C5E-00AA00A45957}
"C:\WINNT\system32\webcheck.dll" File version = 6.00.2800.1106, File size = 258048, File modification date = 29/08/2002 14:14, File description = Web Site Monitor, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1741398926|0xf2786dc35401fceb401a0f5810e22ab6|
{08165EA0-E946-11CF-9C87-00AA005127ED}
"C:\WINNT\system32\webcheck.dll" File version = 6.00.2800.1106, File size = 258048, File modification date = 29/08/2002 14:14, File description = Web Site Monitor, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1741398926|0xf2786dc35401fceb401a0f5810e22ab6|
{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}
"C:\WINNT\system32\webcheck.dll" File version = 6.00.2800.1106, File size = 258048, File modification date = 29/08/2002 14:14, File description = Web Site Monitor, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1741398926|0xf2786dc35401fceb401a0f5810e22ab6|
{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}
"C:\WINNT\system32\webcheck.dll" File version = 6.00.2800.1106, File size = 258048, File modification date = 29/08/2002 14:14, File description = Web Site Monitor, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1741398926|0xf2786dc35401fceb401a0f5810e22ab6|
{7D559C10-9FE9-11d0-93F7-00AA0059CE02}
"C:\WINNT\system32\webcheck.dll" File version = 6.00.2800.1106, File size = 258048, File modification date = 29/08/2002 14:14, File description = Web Site Monitor, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1741398926|0xf2786dc35401fceb401a0f5810e22ab6|
{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}
"C:\WINNT\system32\webcheck.dll" File version = 6.00.2800.1106, File size = 258048, File modification date = 29/08/2002 14:14, File description = Web Site Monitor, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1741398926|0xf2786dc35401fceb401a0f5810e22ab6|
{D8BD2030-6FC9-11D0-864F-00AA006809D9}
"C:\WINNT\system32\webcheck.dll" File version = 6.00.2800.1106, File size = 258048, File modification date = 29/08/2002 14:14, File description = Web Site Monitor, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1741398926|0xf2786dc35401fceb401a0f5810e22ab6|
{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}
"C:\WINNT\system32\webcheck.dll" File version = 6.00.2800.1106, File size = 258048, File modification date = 29/08/2002 14:14, File description = Web Site Monitor, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1741398926|0xf2786dc35401fceb401a0f5810e22ab6|
{8BEBB290-52D0-11D0-B7F4-00C04FD706EC}
"c:\winnt\system32\thumbvw.dll" File version = 5.00.3502.6601, File size = 187664, File modification date = 14/07/2003 12:00, File description = Thumbnail View Extension, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3502.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1959905185|0x314525cc5e46f0a4cd7a7ee823d78e4d|
{EAB841A0-9550-11CF-8C16-00805F1408F3}
"c:\winnt\system32\thumbvw.dll" File version = 5.00.3502.6601, File size = 187664, File modification date = 14/07/2003 12:00, File description = Thumbnail View Extension, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3502.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1959905185|0x314525cc5e46f0a4cd7a7ee823d78e4d|
{1AEB1360-5AFC-11D0-B806-00C04FD706EC}
"c:\winnt\system32\thumbvw.dll" File version = 5.00.3502.6601, File size = 187664, File modification date = 14/07/2003 12:00, File description = Thumbnail View Extension, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3502.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1959905185|0x314525cc5e46f0a4cd7a7ee823d78e4d|
{9DBD2C50-62AD-11D0-B806-00C04FD706EC}
"c:\winnt\system32\thumbvw.dll" File version = 5.00.3502.6601, File size = 187664, File modification date = 14/07/2003 12:00, File description = Thumbnail View Extension, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3502.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1959905185|0x314525cc5e46f0a4cd7a7ee823d78e4d|
{500202A0-731E-11D0-B829-00C04FD706EC}
"c:\winnt\system32\thumbvw.dll" File version = 5.00.3502.6601, File size = 187664, File modification date = 14/07/2003 12:00, File description = Thumbnail View Extension, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3502.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-1959905185|0x314525cc5e46f0a4cd7a7ee823d78e4d|
{352EC2B7-8B9A-11D1-B8AE-006008059382}
"C:\WINNT\system32\appwiz.cpl" File version = 5.00.2195.6624, File size = 301328, File modification date = 14/07/2003 12:00, File description = Shell Application Manager, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6624, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-317400502|0x1dafcb99d8923128ba43cc473b2b48af|
{0B124F8C-91F0-11D1-B8B5-006008059382}
"C:\WINNT\system32\appwiz.cpl" File version = 5.00.2195.6624, File size = 301328, File modification date = 14/07/2003 12:00, File description = Shell Application Manager, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6624, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-317400502|0x1dafcb99d8923128ba43cc473b2b48af|
{CFCCC7A0-A282-11D1-9082-006008059382}
"C:\WINNT\system32\appwiz.cpl" File version = 5.00.2195.6624, File size = 301328, File modification date = 14/07/2003 12:00, File description = Shell Application Manager, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6624, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-317400502|0x1dafcb99d8923128ba43cc473b2b48af|
{fe1290f0-cfbd-11cf-a330-00aa00c16e65}
"c:\winnt\system32\dsfolder.dll" File version = 5.00.2195.6601, File size = 41744, File modification date = 14/07/2003 12:00, File description = Directory Service UI, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1998) |745459159|0x33696b746b449527ae10ccb02751161c|
{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}
"c:\winnt\system32\dsfolder.dll" File version = 5.00.2195.6601, File size = 41744, File modification date = 14/07/2003 12:00, File description = Directory Service UI, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1998) |745459159|0x33696b746b449527ae10ccb02751161c|
{8A23E65E-31C2-11d0-891C-00A024AB2DBB}
"c:\winnt\system32\dsquery.dll" File version = 5.00.2195.6622, File size = 157456, File modification date = 14/07/2003 12:00, File description = Directory Service Find, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6622, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1998) |1181000444|0xb0b4ebeb970cd3083a17eff435cfa024|
{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}
"c:\winnt\system32\dsquery.dll" File version = 5.00.2195.6622, File size = 157456, File modification date = 14/07/2003 12:00, File description = Directory Service Find, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6622, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1998) |1181000444|0xb0b4ebeb970cd3083a17eff435cfa024|
{F020E586-5264-11d1-A532-0000F8757D7E}
"c:\winnt\system32\dsquery.dll" File version = 5.00.2195.6622, File size = 157456, File modification date = 14/07/2003 12:00, File description = Directory Service Find, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6622, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1998) |1181000444|0xb0b4ebeb970cd3083a17eff435cfa024|
{0D45D530-764B-11d0-A1CA-00AA00C16E65}
"c:\winnt\system32\dsuiext.dll" File version = 5.00.2195.6611, File size = 110864, File modification date = 14/07/2003 12:00, File description = Directory Service Common UI, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6611, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1998) |-1232817208|0xbab273aa4368418a74a5761f1ade0376|
{62AE1F9A-126A-11D0-A14B-0800361B1103}
"c:\winnt\system32\dsuiext.dll" File version = 5.00.2195.6611, File size = 110864, File modification date = 14/07/2003 12:00, File description = Directory Service Common UI, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6611, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1998) |-1232817208|0xbab273aa4368418a74a5761f1ade0376|
{450D8FBA-AD25-11D0-98A8-0800361B1103}
"c:\winnt\system32\mydocs.dll" File version = 5.00.3502.6601, File size = 57104, File modification date = 14/07/2003 12:00, File description = My Documents Folder UI, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3502.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1997) |-1505230217|0x811344382cfe42fac7608645203429a2|
{ECF03A33-103D-11d2-854D-006008059367}
"c:\winnt\system32\mydocs.dll" File version = 5.00.3502.6601, File size = 57104, File modification date = 14/07/2003 12:00, File description = My Documents Folder UI, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3502.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1997) |-1505230217|0x811344382cfe42fac7608645203429a2|
{ECF03A32-103D-11d2-854D-006008059367}
"c:\winnt\system32\mydocs.dll" File version = 5.00.3502.6601, File size = 57104, File modification date = 14/07/2003 12:00, File description = My Documents Folder UI, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3502.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1997) |-1505230217|0x811344382cfe42fac7608645203429a2|
{4a7ded0a-ad25-11d0-98a8-0800361b1103}
"c:\winnt\system32\mydocs.dll" File version = 5.00.3502.6601, File size = 57104, File modification date = 14/07/2003 12:00, File description = My Documents Folder UI, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3502.6601, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1997) |-1505230217|0x811344382cfe42fac7608645203429a2|
{750fdf0e-2a26-11d1-a3ea-080036587f03}
"c:\winnt\system32\cscui.dll" File version = 5.00.2195.6705, File size = 242960, File modification date = 14/07/2003 12:00, File description = Client Side Caching UI, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6705, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1998) |1133553554|0x2338214ee7338ae91c60f3e8b727aae0|
{10CFC467-4392-11d2-8DB4-00C04FA31A66}
"c:\winnt\system32\cscui.dll" File version = 5.00.2195.6705, File size = 242960, File modification date = 14/07/2003 12:00, File description = Client Side Caching UI, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6705, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1998) |1133553554|0x2338214ee7338ae91c60f3e8b727aae0|
{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}
"c:\winnt\system32\cscui.dll" File version = 5.00.2195.6705, File size = 242960, File modification date = 14/07/2003 12:00, File description = Client Side Caching UI, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6705, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1998) |1133553554|0x2338214ee7338ae91c60f3e8b727aae0|
{7A80E4A8-8005-11D2-BCF8-00C04F72C717}
"c:\winnt\system32\mmcshext.dll" File version = 5.00.2153.1, File size = 24848, File modification date = 14/07/2003 12:00, File description = MMC Shell Extension DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2153.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-548455844|0xa847ec9b0283bb4e181cf40a95b4b39d|
{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}
"c:\winnt\system32\cabview.dll" File version = 5.00.2920.0000, File size = 31504, File modification date = 14/07/2003 12:00, File description = Cabinet File Viewer Shell Extension, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2920.0000, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-704193117|0xe83ef8d425caf647c4919b50648ff052|
{BDA77241-42F6-11d0-85E2-00AA001FE28C}
"c:\program files\common files\symantec shared\ssc\vpshell2.dll" File version = 9.0.1.1000, File size = 46288, File modification date = 03/08/2004 03:37, File description = Symantec AntiVirus, Product Name = Symantec AntiVirus, Product version = 9.0.1.1000, Company name = Symantec Corporation (Copyright 1991 - 2004 Symantec Corporation. All rights reserved.) |756775627|0xe13f3b595f537b4e71777a3eb236fb18|
{32683183-48a0-441b-a342-7c2a440a9478}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{7e653215-fa25-46bd-a339-34a2790f3cb7}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{acf35015-526e-4230-9596-becbe19f0ac9}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{E0E11A09-5CB8-4B6C-8332-E00720A168F2}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}
"C:\WINNT\system32\shdocvw.dll" File version = 6.00.2800.1106, File size = 1338368, File modification date = 29/08/2002 14:14, File description = Shell Doc Object and Control Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1802806112|0x7d89e0216917a6f233735902f649e8d1|
{7BD29E01-76C1-11CF-9DD0-00A0C9034933}
"C:\WINNT\system32\shdocvw.dll" File version = 6.00.2800.1106, File size = 1338368, File modification date = 29/08/2002 14:14, File description = Shell Doc Object and Control Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1802806112|0x7d89e0216917a6f233735902f649e8d1|
{EFA24E64-B078-11d0-89E4-00C04FC9E26E}
"C:\WINNT\system32\shdocvw.dll" File version = 6.00.2800.1106, File size = 1338368, File modification date = 29/08/2002 14:14, File description = Shell Doc Object and Control Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1802806112|0x7d89e0216917a6f233735902f649e8d1|
{32714800-2E5F-11d0-8B85-00AA0044F941}
"c:\program files\outlook express\wabfind.dll" File version = 6.00.2800.1106, File size = 30208, File modification date = 29/08/2002 14:06, File description = Find People, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1517676|0xd826bd2bb3b69beaa0ce109563da662d|
{BDEADF00-C265-11D0-BCED-00A0C90AB50F}
"c:\program files\common files\microsoft shared\web folders\msonsext.dll" File version = 11.0.6715.60, File size = 1293008, File modification date = 20/09/2005 19:33, File description = Microsoft Web Folders, Product Name = SharePoint Portal Server, Product version = 11.0.6715.60, Company name = Microsoft Corporation (Copyright (c) 2001-2003 Microsoft Corporation. All rights reserved.) |641387587|0x32e82a0c6d4272407dc8547354efa42b|
{00020D75-0000-0000-C000-000000000046}
"c:\program files\microsoft office\office11\mlshext.dll" File version = 11.0.8161, File size = 33120, File modification date = 23/03/2007 02:06, File description = Microsoft Shell Extension Library, Product Name = Microsoft Office Outlook, Product version = 11.0.8161, Company name = Microsoft Corporation (Copyright © 1995-2003 Microsoft Corporation. All rights reserved.) |1873846434|0x283926c9f1d6c0ec263962f684f502a1|
{0006F045-0000-0000-C000-000000000046}
"c:\program files\microsoft office\office11\olkfstub.dll" File version = 11.0.8161, File size = 236384, File modification date = 23/03/2007 02:08, File description = Outlook Shell Hook for Start/Find, Product Name = Microsoft Office Outlook, Product version = 11.0.8161, Company name = Microsoft Corporation (Copyright © 1995-2003 Microsoft Corporation. All rights reserved.) |1718828426|0xeeff9eb53de2111dec77e7c9e8d090f0|
{42042206-2D85-11D3-8CFF-005004838597}
"c:\program files\microsoft office\office11\msohev.dll" File version = 11.0.5510, File size = 67128, File modification date = 15/07/2003 05:52, File description = Microsoft Office 2003 component, Product Name = Microsoft Office 2003, Product version = 11.0.5510, Company name = Microsoft Corporation (Copyright © 1983-2003 Microsoft Corporation. All rights reserved.) |1433809039|0x165ae7a443f2139dd2c078ad87699f91|
{7D5C4BDD-B015-4401-8731-1507B87DE297}
"c:\program files\common files\intuit\quickbooks\qbversiontool.dll" File version = 1.0.0.1, File size = 200704, File modification date = 23/06/2004 10:51, File description = TODO: , Product Name = TODO: , Product version = 1.0.0.1, Company name = TODO: (TODO: (c) . All rights reserved.) |1664600036|0x5869cdde4407d368b8fcd0ee6c6dafbc|
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}
"c:\program files\real\realplayer\rpshell.dll" File version = 1.0.1.2767, File size = 54584, File modification date = 06/04/2008 05:51, File description = RealPlayer Shell Extensions, Product Name = RealPlayer, Product version = 1.0.1.2767, Company name = RealNetworks, Inc. (Copyright © RealNetworks, Inc. 2001-2004) |370349389|0x98d96a612e826294506b4db4519a88bc|
{E0D79304-84BE-11CE-9641-444553540000}
"c:\program files\winzip\wzshlstb.dll" File version = 4.1 (32-bit), File size = 5120, File modification date = 21/11/2006 18:00, File description = WinZip Shell Extension DLL, Product Name = WinZip, Product version = 11.0 (6595), Company name = WinZip Computing LP (Copyright (c) WinZip International LLC 1991-2006 - All Rights Reserved) |843056482|0xe819e2d346b943f9562436e1abb50eae|
{E0D79305-84BE-11CE-9641-444553540000}
"c:\program files\winzip\wzshlstb.dll" File version = 4.1 (32-bit), File size = 5120, File modification date = 21/11/2006 18:00, File description = WinZip Shell Extension DLL, Product Name = WinZip, Product version = 11.0 (6595), Company name = WinZip Computing LP (Copyright (c) WinZip International LLC 1991-2006 - All Rights Reserved) |843056482|0xe819e2d346b943f9562436e1abb50eae|
{E0D79306-84BE-11CE-9641-444553540000}
"c:\program files\winzip\wzshlstb.dll" File version = 4.1 (32-bit), File size = 5120, File modification date = 21/11/2006 18:00, File description = WinZip Shell Extension DLL, Product Name = WinZip, Product version = 11.0 (6595), Company name = WinZip Computing LP (Copyright (c) WinZip International LLC 1991-2006 - All Rights Reserved) |843056482|0xe819e2d346b943f9562436e1abb50eae|
{E0D79307-84BE-11CE-9641-444553540000}
"c:\program files\winzip\wzshlstb.dll" File version = 4.1 (32-bit), File size = 5120, File modification date = 21/11/2006 18:00, File description = WinZip Shell Extension DLL, Product Name = WinZip, Product version = 11.0 (6595), Company name = WinZip Computing LP (Copyright (c) WinZip International LLC 1991-2006 - All Rights Reserved) |843056482|0xe819e2d346b943f9562436e1abb50eae|
{B41DB860-8EE4-11D2-9906-E49FADC173CA}
"c:\program files\winrar\rarext.dll" File version = (null), File size = 129024, File modification date = 21/09/2007 01:34, File description = (null), Product Name = (null), Product version = (null), Company name = (null) |-1061107025|0x023707d932ba31314210e6844d33d500|
{BD88A479-9623-4897-8546-BC62B9628F44}
"c:\program files\spyware terminator\sptcontmenu.dll" File version = 1.1.0.15, File size = 164352, File modification date = 13/10/2009 23:43, File description = Crawler Spyware Terminator Shell Extension, Product Name = Spyware Terminator, Product version = (null), Company name = Crawler.com (© Crawler.com) |789417198|0xa5e97b2b88cc48fc178e88bf6e02f5ec|
{e82a2d71-5b2f-43a0-97b8-81be15854de8}
"c:\winnt\system32\dfshim.dll" File version = 2.0.50727.42 (RTM.050727-4200), File size = 83456, File modification date = 23/09/2005 14:28, File description = Application Deployment Support Library, Product Name = Microsoft® .NET Framework, Product version = 2.0.50727.42, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1760645834|0xb3511383c8be3a8c5b88a78971fc1141|
{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75}
"c:\winnt\system32\dfshim.dll" File version = 2.0.50727.42 (RTM.050727-4200), File size = 83456, File modification date = 23/09/2005 14:28, File description = Application Deployment Support Library, Product Name = Microsoft® .NET Framework, Product version = 2.0.50727.42, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1760645834|0xb3511383c8be3a8c5b88a78971fc1141|
{f39a0dc0-9cc8-11d0-a599-00c04fd64433}
"C:\WINNT\system32\cdfview.dll" File version = 6.00.2800.1106, File size = 142336, File modification date = 29/08/2002 14:14, File description = Channel Definition File Viewer, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-2065642336|0x0eacddb2971a7abd7b9ccf4387f714b4|
{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}
"C:\WINNT\system32\cdfview.dll" File version = 6.00.2800.1106, File size = 142336, File modification date = 29/08/2002 14:14, File description = Channel Definition File Viewer, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-2065642336|0x0eacddb2971a7abd7b9ccf4387f714b4|
{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}
"C:\WINNT\system32\cdfview.dll" File version = 6.00.2800.1106, File size = 142336, File modification date = 29/08/2002 14:14, File description = Channel Definition File Viewer, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-2065642336|0x0eacddb2971a7abd7b9ccf4387f714b4|
{f3da0dc0-9cc8-11d0-a599-00c04fd64437}
"C:\WINNT\system32\cdfview.dll" File version = 6.00.2800.1106, File size = 142336, File modification date = 29/08/2002 14:14, File description = Channel Definition File Viewer, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-2065642336|0x0eacddb2971a7abd7b9ccf4387f714b4|
{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}
"C:\WINNT\system32\cdfview.dll" File version = 6.00.2800.1106, File size = 142336, File modification date = 29/08/2002 14:14, File description = Channel Definition File Viewer, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-2065642336|0x0eacddb2971a7abd7b9ccf4387f714b4|
HKLM\Software\Microsoft\Internet Explorer\Toolbar
{8E718888-423F-11D2-876E-00A0C9082467}
"c:\winnt\system32\msdxm.ocx" File version = 6.4.09.1129, File size = 844560, File modification date = 31/03/2005 07:10, File description = Windows Media Player 2 ActiveX Control, Product Name = Microsoft Windows Media Player, Product version = 6.4.09.1129, Company name = Microsoft Corporation (Copyright (C) 1992-1999 Microsoft Corp.) |1024513349|0x755aa1f85e3788c3c287ffa03cf58627|
*\Software\Microsoft\Internet Explorer\MenuExt\*
DEFAULT=res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
"c:\program files\microsoft office\office11\excel.exe" File version = 11.0.8169, File size = 10352472, File modification date = 31/05/2007 20:41, File description = Microsoft Office Excel, Product Name = Microsoft Office 2003, Product version = 11.0.8169, Company name = Microsoft Corporation (Copyright © 1985-2003 Microsoft Corporation. All rights reserved.) |-938677709|0x49a38000d31452a9faf0d8d1774634f6|
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe
a=firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" File version = 1.8.1.20: 2008121709, File size = 7678568, File modification date = 17/12/2008 21:59, File description = Firefox, Product Name = Firefox, Product version = 2.0.0.20, Company name = Mozilla Corporation (Mozilla Corporation) |-520022376|0x8f93743d81634db09023c41154b3e320|
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*
Debugger=ntsd -d
"c:\winnt\system32\ntsd.exe" File version = 5.00.2184.1, File size = 163600, File modification date = 14/07/2003 12:00, File description = Symbolic Debugger for Windows 2000, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2184.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-748372301|0x16b1a9f1b7068a747906741e444521c6|
*\SOFTWARE\Microsoft\Internet Explorer\Extensions\*
BandCLSID={FF059E31-CC5A-4E2E-BF3B-96E929D65503}
"c:\program files\microsoft office\office11\refiebar.dll" File version = 11.0.8164, File size = 63840, File modification date = 19/04/2007 21:10, File description = Allows you to use the Research Library and its collection of information services from Microsoft Internet Explorer, Product Name = Research Library Explorer Bar, Product version = 11.0.8164, Company name = Microsoft Corporation (Copyright © 2002-2003 Microsoft Corporation. All rights reserved.) |-387047169|0x22bdc1e6e606c9bae68141d7099309ab|
Icon=C:\PROGRA~1\MICROS~2\OFFICE11\REFBAR.ICO
"c:\program files\microsoft office\office11\refbar.ico" File version = (null), File size = 5974, File modification date = 25/03/2003 18:45, File description = (null), Product Name = (null), Product version = (null), Company name = (null) |70333190|0x6f9f10679b6f5928d1dbd0bbaebee0c6|
HotIcon=C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO
"c:\program files\microsoft office\office11\refbarh.ico" File version = (null), File size = 5974, File modification date = 25/03/2003 18:45, File description = (null), Product Name = (null), Product version = (null), Company name = (null) |70333190|0x6f9f10679b6f5928d1dbd0bbaebee0c6|
CLSID={E0DD6CAB-2D10-11D2-8F1A-0000F87ABD16}
"C:\WINNT\system32\shdocvw.dll" File version = 6.00.2800.1106, File size = 1338368, File modification date = 29/08/2002 14:14, File description = Shell Doc Object and Control Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1802806112|0x7d89e0216917a6f233735902f649e8d1|
HotIcon=C:\PROGRA~1\AIM95\aimres.dll,144
"c:\program files\aim95\aimres.dll" File version = 4.8.2790, File size = 1138688, File modification date = 22/05/2002 19:23, File description = Aim Resources, Product Name = AOL Instant Messenger (SM), Product version = 4.8.2790, Company name = America Online, Inc. (Copyright © 1996-2002 America Online, Inc.) |328962460|0x47350ca764a2827e1887e89a0747be00|
Icon=C:\PROGRA~1\AIM95\aimres.dll,143
"c:\program files\aim95\aimres.dll" File version = 4.8.2790, File size = 1138688, File modification date = 22/05/2002 19:23, File description = Aim Resources, Product Name = AOL Instant Messenger (SM), Product version = 4.8.2790, Company name = America Online, Inc. (Copyright © 1996-2002 America Online, Inc.) |328962460|0x47350ca764a2827e1887e89a0747be00|
CLSID={1FBA04EE-3024-11D2-8F1F-0000F87ABD16}
"C:\WINNT\system32\shdocvw.dll" File version = 6.00.2800.1106, File size = 1338368, File modification date = 29/08/2002 14:14, File description = Shell Doc Object and Control Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1802806112|0x7d89e0216917a6f233735902f649e8d1|
Exec=C:\PROGRA~1\AIM95\aim.exe
"c:\program files\aim95\aim.exe" File version = 4.8.2790, File size = 57344, File modification date = 22/05/2002 18:57, File description = AOL Instant Messenger (SM), Product Name = AOL Instant Messenger (SM), Product version = 4.8.2790, Company name = America Online, Inc. (Copyright © 1996-2002 America Online, Inc.) |-601929164|0xbdb9390ba6d0c04d454329ba4fbdcefa|
script=%SystemRoot%\web\related.htm
"C:\WINNT\web\related.htm" File version = (null), File size = 654, File modification date = 29/08/2002 14:14, File description = (null), Product Name = (null), Product version = (null), Company name = (null) |1387564768|0xd54bc13c29cf06ae0be21f74ca361b1c|
clsid={1FBA04EE-3024-11D2-8F1F-0000F87ABD16}
"C:\WINNT\system32\shdocvw.dll" File version = 6.00.2800.1106, File size = 1338368, File modification date = 29/08/2002 14:14, File description = Shell Doc Object and Control Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1802806112|0x7d89e0216917a6f233735902f649e8d1|
CLSID={E0DD6CAB-2D10-11D2-8F1A-0000F87ABD16}
"C:\WINNT\system32\shdocvw.dll" File version = 6.00.2800.1106, File size = 1338368, File modification date = 29/08/2002 14:14, File description = Shell Doc Object and Control Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1802806112|0x7d89e0216917a6f233735902f649e8d1|
HotIcon=C:\Program Files\Real\RealPlayer\eb_act.ico
"c:\program files\real\realplayer\eb_act.ico" File version = (null), File size = 1878, File modification date = 02/04/2008 04:11, File description = (null), Product Name = (null), Product version = (null), Company name = (null) |65231544|0x2dfb4f163967def82f92553b6bbc242c|
Icon=C:\Program Files\Real\RealPlayer\eb_inact.ico
"c:\program files\real\realplayer\eb_inact.ico" File version = (null), File size = 1878, File modification date = 02/04/2008 04:11, File description = (null), Product Name = (null), Product version = (null), Company name = (null) |560819914|0x63c516569928d4041ea7fa8dbc038890|
BandCLSID={FE54FA40-D68C-11d2-98FA-00C0F0318AFE}
"c:\winnt\system32\shdocvw.dll" File version = 6.00.2800.1106, File size = 1338368, File modification date = 29/08/2002 14:14, File description = Shell Doc Object and Control Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1802806112|0x7d89e0216917a6f233735902f649e8d1|
ToolTip=Real.com Explorer Bar
"c:\winnt\explorer.exe" File version = 5.00.3700.6690, File size = 243472, File modification date = 14/07/2003 12:00, File description = Windows Explorer, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.3700.6690, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-627689957|0x59cf2b7dced9111f48f51b4b570e672d|
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\*\Contains\Files
C:\WINNT\Downloaded Program Files\MIWDeploy.dll
"c:\winnt\downloaded program files\miwdeploy.dll" File version = 3.3.2.1001, File size = 208896, File modification date = 19/05/2005 23:09, File description = MIW Deploy ActiveX Control, Product Name = MIV on Web, Product version = 3.3.2.1001, Company name = (Copyright 2001) |-351764830|0x44f247683cb908a077fbd0f199756f74|
C:\WINNT\Downloaded Program Files\wlscBase.dll
"c:\winnt\downloaded program files\wlscbase.dll" File version = 1.11.6796.1, File size = 452488, File modification date = 09/09/2009 10:37, File description = Windows Live OneCare Safety Scanner Base Module, Product Name = Microsoft® Windows Live OneCare, Product version = 1.11.6796.1, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved) |-936835891|0x468995ac642f885f6bf3af4c5cb255a1|
C:\WINNT\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
"c:\winnt\downloaded program files\fp_ax_cab_installer.exe" File version = 1.0.20, File size = 1962160, File modification date = 18/07/2009 03:12, File description = Adobe® Flash® Player ActiveX Installer, Product Name = Adobe® Flash® Player ActiveX, Product version = 10.0.32.18, Company name = Adobe Systems Incorporated (Copyright © 1996-2009 Adobe Systems Incorporated and its licensors. All Rights Reserved.) |-1970156578|0x77d31fb654a53dbfb151c7a8e11e3a02|
C:\WINNT\Downloaded Program Files\CONFLICT.1\FP_AX_CAB_INSTALLER.exe
"c:\winnt\downloaded program files\conflict.1\fp_ax_cab_installer.exe" File version = 1.0.20, File size = 1962160, File modification date = 18/07/2009 03:12, File description = Adobe® Flash® Player ActiveX Installer, Product Name = Adobe® Flash® Player ActiveX, Product version = 10.0.32.18, Company name = Adobe Systems Incorporated (Copyright © 1996-2009 Adobe Systems Incorporated and its licensors. All Rights Reserved.) |-1970156578|0x77d31fb654a53dbfb151c7a8e11e3a02|
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
{438755C2-A8BA-11D1-B96B-00A0C90312E1}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
{8C7461EF-2B13-11d2-BE35-3078302C2030}
"C:\WINNT\system32\browseui.dll" File version = 6.00.2800.1106, File size = 1026048, File modification date = 29/08/2002 14:14, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2800.1106, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2126393315|0xe3f453543365d0864ea8e62f671b6696|
LSP
HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\*
"C:\WINNT\system32\msafd.dll" File version = 5.00.2195.7158, File size = 105744, File modification date = 25/06/2008 09:41, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1586161951|0xb1cea115b3f8b4d5759a149c6521086f|
"C:\WINNT\system32\msafd.dll" File version = 5.00.2195.7158, File size = 105744, File modification date = 25/06/2008 09:41, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1586161951|0xb1cea115b3f8b4d5759a149c6521086f|
"C:\WINNT\system32\msafd.dll" File version = 5.00.2195.7158, File size = 105744, File modification date = 25/06/2008 09:41, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1586161951|0xb1cea115b3f8b4d5759a149c6521086f|
"C:\WINNT\system32\rsvpsp.dll" File version = 5.00.2195.6611, File size = 77072, File modification date = 14/07/2003 12:00, File description = Microsoft Windows Rsvp 1.0 Service Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6611, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1657678913|0xc950179659144c3e38a3c773c06de69f|
"C:\WINNT\system32\rsvpsp.dll" File version = 5.00.2195.6611, File size = 77072, File modification date = 14/07/2003 12:00, File description = Microsoft Windows Rsvp 1.0 Service Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6611, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1657678913|0xc950179659144c3e38a3c773c06de69f|
"C:\WINNT\system32\msafd.dll" File version = 5.00.2195.7158, File size = 105744, File modification date = 25/06/2008 09:41, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1586161951|0xb1cea115b3f8b4d5759a149c6521086f|
"C:\WINNT\system32\msafd.dll" File version = 5.00.2195.7158, File size = 105744, File modification date = 25/06/2008 09:41, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1586161951|0xb1cea115b3f8b4d5759a149c6521086f|
"C:\WINNT\system32\msafd.dll" File version = 5.00.2195.7158, File size = 105744, File modification date = 25/06/2008 09:41, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1586161951|0xb1cea115b3f8b4d5759a149c6521086f|
"C:\WINNT\system32\msafd.dll" File version = 5.00.2195.7158, File size = 105744, File modification date = 25/06/2008 09:41, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1586161951|0xb1cea115b3f8b4d5759a149c6521086f|
"C:\WINNT\system32\msafd.dll" File version = 5.00.2195.7158, File size = 105744, File modification date = 25/06/2008 09:41, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1586161951|0xb1cea115b3f8b4d5759a149c6521086f|
"C:\WINNT\system32\msafd.dll" File version = 5.00.2195.7158, File size = 105744, File modification date = 25/06/2008 09:41, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1586161951|0xb1cea115b3f8b4d5759a149c6521086f|
"C:\WINNT\system32\msafd.dll" File version = 5.00.2195.7158, File size = 105744, File modification date = 25/06/2008 09:41, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1586161951|0xb1cea115b3f8b4d5759a149c6521086f|
"C:\WINNT\system32\msafd.dll" File version = 5.00.2195.7158, File size = 105744, File modification date = 25/06/2008 09:41, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1586161951|0xb1cea115b3f8b4d5759a149c6521086f|
"C:\WINNT\system32\msafd.dll" File version = 5.00.2195.7158, File size = 105744, File modification date = 25/06/2008 09:41, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1586161951|0xb1cea115b3f8b4d5759a149c6521086f|
"C:\WINNT\system32\msafd.dll" File version = 5.00.2195.7158, File size = 105744, File modification date = 25/06/2008 09:41, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1586161951|0xb1cea115b3f8b4d5759a149c6521086f|
"C:\WINNT\system32\msafd.dll" File version = 5.00.2195.7158, File size = 105744, File modification date = 25/06/2008 09:41, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1586161951|0xb1cea115b3f8b4d5759a149c6521086f|
"C:\WINNT\system32\msafd.dll" File version = 5.00.2195.7158, File size = 105744, File modification date = 25/06/2008 09:41, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1586161951|0xb1cea115b3f8b4d5759a149c6521086f|
"C:\WINNT\system32\msafd.dll" File version = 5.00.2195.7158, File size = 105744, File modification date = 25/06/2008 09:41, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1586161951|0xb1cea115b3f8b4d5759a149c6521086f|
"C:\WINNT\system32\rsvpsp.dll" File version = 5.00.2195.6611, File size = 77072, File modification date = 14/07/2003 12:00, File description = Microsoft Windows Rsvp 1.0 Service Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6611, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1657678913|0xc950179659144c3e38a3c773c06de69f|
"C:\WINNT\system32\rsvpsp.dll" File version = 5.00.2195.6611, File size = 77072, File modification date = 14/07/2003 12:00, File description = Microsoft Windows Rsvp 1.0 Service Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6611, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1657678913|0xc950179659144c3e38a3c773c06de69f|
"C:\WINNT\system32\msafd.dll" File version = 5.00.2195.7158, File size = 105744, File modification date = 25/06/2008 09:41, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1586161951|0xb1cea115b3f8b4d5759a149c6521086f|
"C:\WINNT\system32\msafd.dll" File version = 5.00.2195.7158, File size = 105744, File modification date = 25/06/2008 09:41, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1586161951|0xb1cea115b3f8b4d5759a149c6521086f|
"C:\WINNT\system32\msafd.dll" File version = 5.00.2195.7158, File size = 105744, File modification date = 25/06/2008 09:41, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1586161951|0xb1cea115b3f8b4d5759a149c6521086f|
"C:\WINNT\system32\msafd.dll" File version = 5.00.2195.7158, File size = 105744, File modification date = 25/06/2008 09:41, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1586161951|0xb1cea115b3f8b4d5759a149c6521086f|
"C:\WINNT\system32\msafd.dll" File version = 5.00.2195.7158, File size = 105744, File modification date = 25/06/2008 09:41, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1586161951|0xb1cea115b3f8b4d5759a149c6521086f|
"C:\WINNT\system32\msafd.dll" File version = 5.00.2195.7158, File size = 105744, File modification date = 25/06/2008 09:41, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1586161951|0xb1cea115b3f8b4d5759a149c6521086f|
"C:\WINNT\system32\msafd.dll" File version = 5.00.2195.7158, File size = 105744, File modification date = 25/06/2008 09:41, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1586161951|0xb1cea115b3f8b4d5759a149c6521086f|
"C:\WINNT\system32\msafd.dll" File version = 5.00.2195.7158, File size = 105744, File modification date = 25/06/2008 09:41, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1586161951|0xb1cea115b3f8b4d5759a149c6521086f|
"C:\WINNT\system32\msafd.dll" File version = 5.00.2195.7158, File size = 105744, File modification date = 25/06/2008 09:41, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1586161951|0xb1cea115b3f8b4d5759a149c6521086f|
"C:\WINNT\system32\msafd.dll" File version = 5.00.2195.7158, File size = 105744, File modification date = 25/06/2008 09:41, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.7158, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |1586161951|0xb1cea115b3f8b4d5759a149c6521086f|
HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\*
"C:\WINNT\system32\rnr20.dll" File version = 5.00.2195.6603, File size = 36624, File modification date = 14/07/2003 12:00, File description = Windows Socket2 NameSpace DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6603, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-435723684|0x11ff66de71088617a7ac172f33b6fda5|
"C:\WINNT\system32\winrnr.dll" File version = 5.00.2160.1, File size = 19216, File modification date = 14/07/2003 12:00, File description = LDAP RnR Provider DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2160.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |171900358|0x71325b58bc6a78b951cfe71b7514f91e|
"C:\WINNT\system32\rnr20.dll" File version = 5.00.2195.6603, File size = 36624, File modification date = 14/07/2003 12:00, File description = Windows Socket2 NameSpace DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2195.6603, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |-435723684|0x11ff66de71088617a7ac172f33b6fda5|
"C:\WINNT\system32\winrnr.dll" File version = 5.00.2160.1, File size = 19216, File modification date = 14/07/2003 12:00, File description = LDAP RnR Provider DLL, Product Name = Microsoft(R) Windows (R) 2000 Operating System, Product version = 5.00.2160.1, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1999) |171900358|0x71325b58bc6a78b951cfe71b7514f91e|
HOSTS
C:\WINNT\System32\drivers\etc\hosts
127.0.0.1 localhost
STARTUP MENU
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
"C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk" File version = (null), File size = 1535, File modification date = 14/10/2009 09:00, File description = (null), Product Name = (null), Product version = (null), Company name = (null) |1277425231|0xacf76906c00d2dbb2451c8b528261403|
"c:\program files\winzip\wzqkpick.exe" File version = 1.0 (32-bit), File size = 525640, File modification date = 25/06/2009 19:10, File description = WinZip Executable, Product Name = WinZip, Product version = 12.1 (8472), Company name = WinZip Computing, S.L. (Copyright (c) 1991-2009 WinZip International LLC - All Rights Reserved) |-420791713|0xc4c3db5e3310ac76a8591ef04b765722|

Robert09
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2009-10-14
OS OS : 2000 Pro
Points Points : 26223
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Dr Jay on Sat Oct 24, 2009 12:45 am

Do you have the url for it? This is hard to read. The url will be in the address bar, when you view the report.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13717
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302127
# Likes # Likes : 10

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Robert09 on Sat Oct 24, 2009 2:17 am

DMJ - That report is actually from Notepad so I don't have a URL for it. I couldn't get the program to open, but that report showed up in Notepad somehow.

Robert09
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2009-10-14
OS OS : 2000 Pro
Points Points : 26223
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Dr Jay on Sat Oct 24, 2009 2:34 am

Were you able to access the website [You must be registered and logged in to see this link.] ?

There is a place to upload that notepad file. Then, it outputs to readable text.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13717
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302127
# Likes # Likes : 10

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Robert09 on Sat Oct 24, 2009 4:56 am

DMJ - I uploaded it to GSI, but my problems with copy/paste are not allowing me to copy the URL to post it.

What should I do?


Under 'Suspicious' the only thing that was found were "Potentially Incompatible Software"
Just an FYI.

Robert09
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2009-10-14
OS OS : 2000 Pro
Points Points : 26223
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Robert09 on Sat Oct 24, 2009 5:03 am

Disregard the last post, I will just type it out for you:

[You must be registered and logged in to see this link.]

Robert09
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2009-10-14
OS OS : 2000 Pro
Points Points : 26223
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Dr Jay on Sat Oct 24, 2009 9:30 pm

Hello.

I have consulted another expert, and he has told me that we should recommend that the computer to be formatted.

I recommend to purchase an XP disc (usually cheap), or higher OS (Vista, or 7, etc). Then, reformat and reinstall.

What I saw on your system was called a library rootkit. Here is what that is in layman's terms:
"Library rootkits commonly patch, hook, or replace system files with versions that hide information about the attacker. These instances may modify how a legitimate program behaves by making it perform additional functions that it is not authorized to do, such as causing your sound to not behave properly, and then sending blue-screens. "

The blue-screens were spawned as a result of injected audio drivers. Although we may have fȋxed part of the driver, the driver is damaged, and locked therefore making it impossible to repair. The malware has compromised your system in a way, where even if we did say your computer was clean, it could become reinfected very easily, making it difficult to maintain. It is recommended to get XP or higher, because support by experts is much better.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13717
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302127
# Likes # Likes : 10

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Robert09 on Sat Oct 24, 2009 9:35 pm

Considering the specifications of my computer, do you think it will be ok to install XP?

Let me know. If so, I will install XP. Also be advised I am currently running 2k Pro.

Robert09
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2009-10-14
OS OS : 2000 Pro
Points Points : 26223
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WinCoDecPRO Removal Needed - Hijackthis log included

Post by Dr Jay on Sat Oct 24, 2009 9:44 pm

Understood. It will be a full install, so you cannot use an Upgrade disc (it usually says Upgrade on the box or disc).

I checked your system specifications by the Kaspersky GSI, and it will run XP very good. I say go ahead. Smile


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13717
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302127
# Likes # Likes : 10

View user profile

Back to top Go down

Page 2 of 2 Previous  1, 2

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum