Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Need help with rundll32.exe bad image issue please and thx

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Need help with rundll32.exe bad image issue please and thx

Unread postby dionneleep » April 6th, 2008, 1:02 am

Please help. We started having trouble a week ago trying to open our Internet Explorer. When I rebooted the computer, the active desktop was in safe mode. When I attempted to follow the directions listed on the desktop, I received -An error message that said that an error had occured on the script on the page, line 65, char 1, error object doesn't support this action, code 0, url: file///C:?Documents%20and%20Settings/David/Application%20Data/Microsoft/Internet%20Explorer/Desktop.htt Do you want to continue running scripts on this page?
Nothing happened when I clicked either yes or no. When I attempted to go to properties and get to the desktop, I received this:
rundll32.exe-bad image
The application or DLL C:\Windows\System32\Shimgvw.dll is not a valid Windows image. Please check this against your installation diskette.
We have run the Webroot SpySweeper and the Symantec Antivirus and neither has picked anything up. We continue to have problems and would REALLY appreciate help. The HijackThis log is below. Thank you so much for your help.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:35:46 PM, on 4/5/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~2\VPTray.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Palm\Hotsync.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre1.5.0_10\bin\jucheck.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\David\LOCALS~1\Temp\Rar$EX06.922\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe"
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray
O4 - HKCU\..\Run: [SpyKiller] "C:\Program Files\SpyKiller\spykiller.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [QuickenScheduledUpdates] "C:\Program Files\Quicken\bagent.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 1991385640
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v ... b34246.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://attwm.webex.com/client/v_mywebe ... eatgpc.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Basics Service - Seagate Technology LLC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Winferno Subscription Service - Capital Intellect Inc - C:\Program Files\Common Files\Winferno\WSS\WSS.exe

--
End of file - 9334 bytes
dionneleep
Regular Member
 
Posts: 26
Joined: April 6th, 2008, 12:43 am
Advertisement
Register to Remove

Re: Need help with rundll32.exe bad image issue please and thx

Unread postby Katana » April 12th, 2008, 2:12 pm

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the HJT forum and wait for help.


Unless informed of in advance, failure to post replies within 5 days will result in this thread being closed.

Hello and welcome to the forums

My name is Katana and I will be helping you to remove any infection(s) that you may have.

Please observe these rules while we work:
1. If you don't know, stop and ask! Don't keep going on.
2. Please reply to this thread. Do not start a new topic.
3. Please continue to respond until I give you the "All Clear"
(Just because you can't see a problem doesn't mean it isn't there)

If you can do those three things, everything should go smoothly :D

I apologize for the delay in responding, but as you can probably see the forums are quite busy.
Unfortunately there are far more people needing help than there are helpers.

----------------------------------------------------------------------------------------


Remove Programs

Now click Start---Control Panel. Double click Add or Remove Programs. If any of the following programs are listed there,
click on the program to highlight it, and click on remove.
  • SpyKiller
Now close the Control Panel.


Deckard's System Scanner (DSS)

Please download Deckard's System Scanner (DSS) to your Desktop.
Note: You must be logged onto an account with administrator privileges.
  1. Close all applications and windows.
  2. Double-click on dss.exe to run it, and follow the prompts.
  3. When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt<-this one will be minimized
  4. Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt and the extra.txt to your post. in your reply
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: Need help with rundll32.exe bad image issue please and thx

Unread postby dionneleep » April 13th, 2008, 1:01 am

Thank you for the help. SpyKiller was not listed as a program in the add/remove list. Here are the logs from DSS
Main txt-

Deckard's System Scanner v20071014.68
Run by David on 2008-04-12 21:56:09
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
100: 2008-04-13 04:56:14 UTC - RP1254 - Deckard's System Scanner Restore Point
99: 2008-04-12 18:00:19 UTC - RP1253 - System Checkpoint
98: 2008-04-11 17:24:07 UTC - RP1252 - Installed QuickTime
97: 2008-04-11 12:19:11 UTC - RP1251 - System Checkpoint
96: 2008-04-10 10:02:19 UTC - RP1250 - Software Distribution Service 3.0


-- First Restore Point --
1: 2008-01-15 04:00:21 UTC - RP1155 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as David.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:59:13 PM, on 4/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~2\VPTray.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Palm\Hotsync.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\7RHAS4FI\dss[1].exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\David.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe"
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [SpyKiller] "C:\Program Files\SpyKiller\spykiller.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [QuickenScheduledUpdates] "C:\Program Files\Quicken\bagent.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 1991385640
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v ... b34246.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://attwm.webex.com/client/v_mywebe ... eatgpc.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Basics Service - Seagate Technology LLC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Winferno Subscription Service - Capital Intellect Inc - C:\Program Files\Common Files\Winferno\WSS\WSS.exe

--
End of file - 9265 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R2 ElbyCDIO (ElbyCDIO Driver) - c:\windows\system32\drivers\elbycdio.sys <Not Verified; Elaborate Bytes AG; CDRTools>
R3 AnyDVD - c:\windows\system32\drivers\anydvd.sys <Not Verified; SlySoft, Inc.; AnyDVD>
R3 ElbyDelay - c:\windows\system32\drivers\elbydelay.sys <Not Verified; Elaborate Bytes AG; CDRTools>

S1 InCDPass - c:\windows\system32\drivers\incdpass.sys (file missing)
S1 InCDRm (InCD Reader) - c:\windows\system32\drivers\incdrm.sys (file missing)
S4 InCDFs (InCD File System) - c:\windows\system32\drivers\incdfs.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 CCALib8 (Canon Camera Access Library 8) - c:\program files\canon\cal\calmain.exe <Not Verified; Canon Inc.; >
R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>

S3 Winferno Subscription Service - "c:\program files\common files\winferno\wss\wss.exe" <Not Verified; Capital Intellect Inc; WSS2007>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-04-12 15:26:01 400 --a------ C:\WINDOWS\Tasks\WSSHelper.job
2008-04-12 15:26:00 416 --a------ C:\WINDOWS\Tasks\PCConfidential.job
2008-04-10 19:21:04 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2008-03-12 and 2008-04-12 -----------------------------

2008-04-12 21:58:51 0 d-------- C:\Program Files\Trend Micro
2008-03-13 21:01:17 0 d-------- C:\Program Files\iTunes


-- Find3M Report ---------------------------------------------------------------

2008-04-11 21:02:51 0 d-------- C:\Program Files\Quicken
2008-04-11 10:27:39 0 d-------- C:\Program Files\QuickTime
2008-03-30 15:28:21 0 d-------- C:\Documents and Settings\David\Application Data\U3
2008-03-13 21:01:44 0 d-------- C:\Program Files\iPod
2008-03-07 18:27:01 0 d-------- C:\Documents and Settings\David\Application Data\Move Networks
2008-01-18 07:22:26 164 --a------ C:\install.dat


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio"="cmicnfg.cpl" []
"NvMixerTray"="C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [06/03/2004 09:51 PM]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe" [08/11/2003 01:07 AM]
"@"="" []
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [07/09/2001 10:50 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" [11/09/2006 04:07 PM]
"basicsmssmenu"="C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" [10/09/2007 05:21 PM]
"NvCplDaemon"="RUNDLL32.exe" [08/04/2004 12:56 AM C:\WINDOWS\system32\rundll32.exe]
"nwiz"="nwiz.exe" [12/05/2007 02:41 AM C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="RUNDLL32.exe" [08/04/2004 12:56 AM C:\WINDOWS\system32\rundll32.exe]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [10/13/2006 09:44 PM]
"vptray"="C:\PROGRA~1\SYMANT~2\VPTray.exe" [10/14/2006 07:02 AM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [02/19/2008 01:10 PM]
"SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" [01/04/2008 09:56 PM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [03/28/2008 11:37 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpyKiller"="C:\Program Files\SpyKiller\spykiller.exe" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 12:56 AM]
"PhotoShow Deluxe Media Manager"="C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe" []
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [11/30/2006 10:49 PM]
"QuickenScheduledUpdates"="C:\Program Files\Quicken\bagent.exe" [10/30/2006 07:39 AM]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [10/28/2005 04:25 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [9/23/2005 11:05:26 PM]
HOTSYNCSHORTCUTNAME.lnk - C:\Program Files\Palm\Hotsync.exe [6/9/2004 3:27:34 PM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"




-- End of Deckard's System Scanner: finished at 2008-04-12 22:00:39 ------------

Extra Txt

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: AMD Athlon(tm) XP 2500+
Percentage of Memory in Use: 73%
Physical Memory (total/avail): 511.48 MiB / 133.36 MiB
Pagefile Memory (total/avail): 1249.96 MiB / 711.8 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1918.61 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 189.92 GiB total, 154.42 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)
F: is Fixed (NTFS) - 19.01 GiB total, 2.47 GiB free.
G: is Fixed (NTFS) - 465.76 GiB total, 434.14 GiB free.
H: is Removable (No Media)

\\.\PHYSICALDRIVE0 - Maxtor 6L200R0 - 189.92 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 189.92 GiB - C:

\\.\PHYSICALDRIVE1 - Maxtor 92049U6 - 19.01 GiB - 1 partition
\PARTITION0 - Installable File System - 19.01 GiB - F:

\\.\PHYSICALDRIVE3 - HP psc 2410 USB Device

\\.\PHYSICALDRIVE2 - Seagate FreeAgentDesktop USB Device - 465.76 GiB - 1 partition
\PARTITION0 - Installable File System - 465.76 GiB - G:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

AntivirusOverride is set.


[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"="C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe:*:Enabled:HP Software Update Client"
"C:\\Program Files\\Yahoo! Games\\Cubis Gold 2\\cubis2.exe"="C:\\Program Files\\Yahoo! Games\\Cubis Gold 2\\cubis2.exe:*:Enabled:cubis2"
"C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Symantec AntiVirus\\Rtvscan.exe"="C:\\Program Files\\Symantec AntiVirus\\Rtvscan.exe:*:Enabled:Symantec Antivirus"
"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe"="C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe:*:Enabled:Symantec Email"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\David\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.5.0_10\lib\ext\QTJava.zip
COLLECTIONID=COL5123
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=PEARLY
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HMSERVER=https://h30083.www3.hp.com/wuss/servlet/WUSSServlet
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\David
ITEMID=dj-17724-8
LANG=1033
LOGONSERVER=\\PEARLY
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
OSVER=winXPP
Path=C:\WINDOWS\System32;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0a00
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.5.0_10\lib\ext\QTJava.zip
SESSIONID=1089242066370wuws04-l19ec4ed:fdb40207e7:3b57
SESSIONNAME=Console
SWUTVER=1.0.18.20030625
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\David\LOCALS~1\Temp
TIMEOUT=0
TMP=C:\DOCUME~1\David\LOCALS~1\Temp
TOOLPATH=/C:\Program%20Files\HP\HP%20Software%20Update\install.htm
UPDATEDIR=C:\DOCUME~1\David\LOCALS~1\Temp\rad7B25E.tmp
USERDOMAIN=PEARLY
USERNAME=David
USERPROFILE=C:\Documents and Settings\David
VERSION=3.0.1
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

David (admin)
Dionne (new local, admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ACDSee 5.0 PowerPack --> MsiExec.exe /I{5058B085-AA79-41E5-A726-681B4C4B846E}
Adobe Acrobat 4.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.dll"
Adobe Atmosphere Player for Acrobat and Adobe Reader --> C:\WINDOWS\atmoUn.exe
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.0.9 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002}
Adobe® Photoshop® Album Starter Edition 3.0 --> MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
AnyDVD --> "C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD"
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
C-Media 3D Audio --> C:\WINDOWS\CMIUnInstall.exe
Cake Mania (remove only) --> "C:\Program Files\Yahoo! Games\Cake Mania\Uninstall.exe"
Canon Camera Access Library --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini"
Canon Camera Support Core Library --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini"
Canon Camera Window DC_DV 5 for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini"
Canon Camera Window DC_DV 6 for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"
Canon Camera Window MC 6 for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowMC\Uninst.ini"
Canon G.726 WMP-Decoder --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\G726Decoder\G726DecUnInstall.ini"
Canon MovieEdit Task for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\MVWUninst.ini"
Canon RAW Image Task for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini"
Canon RemoteCapture Task for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"
Canon Utilities EOS Utility --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini"
Canon Utilities PhotoStitch --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini"
Canon Utilities ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini"
Carrie the Caregiver (remove only) --> "C:\Program Files\Yahoo! Games\Carrie the Caregiver\Uninstall.exe"
Ciao Bella (remove only) --> "C:\Program Files\Yahoo! Games\Ciao Bella\Uninstall.exe"
CloneDVD2 --> "C:\Program Files\slysoft\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files\slysoft\CloneDVD2"
Diner Dash (remove only) --> "C:\Program Files\Yahoo! Games\Diner Dash\Uninstall.exe"
Disney's Mahjongg --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{37933094-157A-4FA5-9564-F350DEEBA5B2}\setup.exe" -l0x9 Disney's Mahjongg
Drive Manager --> "C:\Program Files\InstallShield Installation Information\{48B0F38D-1913-44F3-99AA-D4C55A2B038E}\setup.exe" -runfromtemp -l0x0409 -removeonly
Drive Manager --> MsiExec.exe /I{48B0F38D-1913-44F3-99AA-D4C55A2B038E}
Drop --> C:\PROGRA~1\eGames\Drop\UNWISE.EXE C:\PROGRA~1\eGames\Drop\INSTALL.LOG
Drop! --> C:\PROGRA~1\eGames\Drop!\UNWISE.EXE C:\PROGRA~1\eGames\Drop!\INSTALL.LOG
Freddi Fish's One-Stop Fun Shop --> C:\WINDOWS\IsUninst.exe -fc:\hegames\FreddisFunShop\Uninst.isu
HighMAT Extension to Microsoft Windows XP CD Writing Wizard --> MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
HijackThis 2.0.2 --> "C:\DOCUME~1\David\LOCALS~1\Temp\Rar$EX06.922\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Photo & Imaging 3.1 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP PSC & OfficeJet 3.0 --> "C:\Program Files\HP\Digital Imaging\{F38FA38A-7E5A-4209-88ED-4DE21CD20EEF}\setup\hpzscr01.exe" -datfile hposcr03.dat
HP Software Update --> MsiExec.exe /X{936C42D0-8CEE-4BDF-B8CE-C4BDC93C6CF8}
iPod for Windows 2005-10-12 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{D9F4A9F8-92C5-4289-9D04-F0F8F02D580A} /l1033
iTunes --> MsiExec.exe /I{80FD852F-5AAC-4129-B931-06AAFFA43138}
J2SE Runtime Environment 5.0 Update 10 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
JumpStart Advanced School Time --> C:\Program Files\Common Files\Knowledge Adventure\Uninstall\JSSchoolTimeUn.exe
LEGO My Style Preschool --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CA4E4163-4CE3-11D4-9532-005004039EB0}\setup.exe"
LiveUpdate 3.2 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Luxor (remove only) --> "C:\Program Files\MumboJumbo\Luxor\uninstall.exe"
Luxor Amun Rising (remove only) --> "C:\Program Files\MumboJumbo\Luxor Amun Rising\uninstall.exe"
Macromedia Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~2\Install.log
Meeting Service Player --> C:\WINDOWS\DOWNLO~1\atcliun.exe
Memories Disc Creator 2.0 --> MsiExec.exe /X{2E132061-C78A-48D4-A899-1D13B9D189FA}
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Data Access Components KB870669 --> C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft Office OneNote 2003 --> MsiExec.exe /I{90A10409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Web Publishing Wizard 1.52 --> RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie4x86.inf,WebPostUninstall
Microsoft Windows Journal Viewer --> MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}
Move Networks Media Player for Internet Explorer --> C:\Documents and Settings\David\Application Data\Move Networks\ie_bin\Uninst.exe
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Nero 7 Demo --> MsiExec.exe /I{84B2CF01-194D-2284-B313-F2E0D78D1033}
NVIDIA Drivers --> C:\WINDOWS\system32\NVUNINST.EXE UninstallGUI
NvMixer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D7A6C517-11F2-419F-B5BB-27772B939698}\Setup.exe" -uninstall
OLYMPUS CAMEDIA Master 4.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{30BB4D60-81DB-11D5-BB77-00400536ABAC}\Setup.exe"
overland --> MsiExec.exe /I{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}
Palm --> MsiExec.exe /X{A005B38F-D5AB-4E35-93DD-9886E449FAF1}
Penguin Puzzle --> C:\PROGRA~1\eGames\PENGUI~1\UNWISE.EXE C:\PROGRA~1\eGames\PENGUI~1\INSTALL.LOG
Quicken 2006 --> MsiExec.exe /X{2818095F-FB6C-42C8-827E-0A406CC9AFF5}
QuickTime --> MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
RealOptimizer ACD plug-in --> MsiExec.exe /X{B3C125F4-D272-494C-B55F-7D74763056B0}
Sandlot Games Client Services --> "C:\Program Files\Common Files\Sandlot Shared\unins000.exe"
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Shockwave --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Spy Sweeper --> "C:\Program Files\Webroot\Spy Sweeper\unins000.exe"
Super Collapse! 3 --> C:\PROGRA~1\MUMBOJ~1\SUPERC~1\UNWISE.EXE /U C:\PROGRA~1\MUMBOJ~1\SUPERC~1\INSTALL.LOG
Symantec AntiVirus --> MsiExec.exe /I{6C28BDA4-6D99-4DD0-9F22-6A90A445E982}
Ultimate Mahjongg 10 --> C:\PROGRA~1\ValuSoft\ULTIMA~1\UNWISE.EXE C:\PROGRA~1\ValuSoft\ULTIMA~1\INSTALL.LOG
Viewpoint Manager (Remove Only) --> C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgrInstaller.exe /u /k
Viewpoint Toolbar --> C:\Program Files\Viewpoint\Viewpoint Toolbar\3.8.0\Uninstaller.exe /u /k /url "http://www.viewpoint.com/pub/uninstallcompleted.html"
ViewSonic Monitor Drivers --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B4FEA924-630D-11D4-B78E-005004566E4D}\Setup.exe" -l0x9
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Yahoo! extras --> C:\PROGRA~1\Yahoo!\Common\unyext.exe
Yahoo! Install Manager --> C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Internet Mail --> C:\WINDOWS\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\ymmapi.dll
Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Toolbar --> C:\PROGRA~1\Yahoo!\Common\unyt.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type10443 / Warning
Event Submitted/Written: 04/12/2008 02:38:51 AM
Event ID/Source: 6 / Symantec AntiVirus
Event Description:
Could not scan 9 files inside C:\Program Files\McAfee.com\Agent\Uninst\screm.ui due to extraction errors encountered by the Decomposer Engines.

Event Record #/Type10442 / Warning
Event Submitted/Written: 04/12/2008 02:38:50 AM
Event ID/Source: 6 / Symantec AntiVirus
Event Description:
Could not scan 14 files inside C:\Program Files\McAfee.com\Agent\Data\News\valert.ui due to extraction errors encountered by the Decomposer Engines.

Event Record #/Type10441 / Warning
Event Submitted/Written: 04/12/2008 02:34:16 AM
Event ID/Source: 6 / Symantec AntiVirus
Event Description:
Could not scan 5 files inside C:\Program Files\HP\Digital Imaging\{F38FA38A-7E5A-4209-88ED-4DE21CD20EEF}\Product\6100.cab due to extraction errors encountered by the Decomposer Engines.

Event Record #/Type10440 / Warning
Event Submitted/Written: 04/12/2008 02:34:15 AM
Event ID/Source: 6 / Symantec AntiVirus
Event Description:
Could not scan 5 files inside C:\Program Files\HP\Digital Imaging\{F38FA38A-7E5A-4209-88ED-4DE21CD20EEF}\Product\5500.cab due to extraction errors encountered by the Decomposer Engines.

Event Record #/Type10439 / Warning
Event Submitted/Written: 04/12/2008 02:34:14 AM
Event ID/Source: 6 / Symantec AntiVirus
Event Description:
Could not scan 5 files inside C:\Program Files\HP\Digital Imaging\{F38FA38A-7E5A-4209-88ED-4DE21CD20EEF}\Product\4105.cab due to extraction errors encountered by the Decomposer Engines.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type4976 / Warning
Event Submitted/Written: 04/12/2008 09:50:55 PM
Event ID/Source: 51 / Disk
Event Description:
An error was detected on device \Device\Harddisk2\D during a paging operation.

Event Record #/Type4975 / Warning
Event Submitted/Written: 04/12/2008 08:56:32 PM
Event ID/Source: 51 / Disk
Event Description:
An error was detected on device \Device\Harddisk2\D during a paging operation.

Event Record #/Type4974 / Warning
Event Submitted/Written: 04/12/2008 08:22:34 PM
Event ID/Source: 51 / Disk
Event Description:
An error was detected on device \Device\Harddisk2\D during a paging operation.

Event Record #/Type4973 / Warning
Event Submitted/Written: 04/12/2008 07:46:48 PM
Event ID/Source: 51 / Disk
Event Description:
An error was detected on device \Device\Harddisk2\D during a paging operation.

Event Record #/Type4972 / Warning
Event Submitted/Written: 04/12/2008 06:56:33 PM
Event ID/Source: 51 / Disk
Event Description:
An error was detected on device \Device\Harddisk2\D during a paging operation.



-- End of Deckard's System Scanner: finished at 2008-04-12 22:00:39 ------------
dionneleep
Regular Member
 
Posts: 26
Joined: April 6th, 2008, 12:43 am

Re: Need help with rundll32.exe bad image issue please and thx

Unread postby Katana » April 13th, 2008, 5:48 am

Download and Run ComboFix (by sUBs)
Please visit this webpage for instructions for downloading and running ComboFix:

Bleeping Computer ComboFix Tutorial

Post the log from ComboFix when you've accomplished that, along with a new HijackThis log.




Your Java and Adobe is out of date. Older versions have vulnerabilities that malware can use to infect your system.

Please follow these steps to remove older version Java and Adobe components and update.

Updating Java:
  • Download the latest version of Java Runtime Environment (JRE) 6u5 from http://java.sun.com/javase/downloads/index.jsp
  • Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
  • Click the "Download" button to the right.
  • Check the box that says: "Accept License Agreement".
  • The page will refresh.
  • Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.

Update Adobe Acrobat Reader
  • Please go to this link Adobe Acrobat Reader Download Link
  • Cllick Download
  • On the right Untick Adobe Phototshop Album Starter Edition if you do not wish to include this in the installation.
  • Click the Continue button
  • Click Run, and click Run again
  • Next click the Install Now button and follow the on screen prompts

Now close all windows, including your browser.
Double click on the Java installation that you downloaded and follow the prompts.

Remove Programs
Now click Start---Control Panel. Double click Add or Remove Programs. If any of the following programs are listed there,
click on the program to highlight it, and click on remove.
  • Adobe Reader 7.0.9
  • J2SE Runtime Environment 5.0 Update 10
Now close the Control Panel.

Reboot your machine.

Please note:-
An error was detected on device \Device\Harddisk2\D during a paging operation
This could indicate that your Hard drive is failing
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: Need help with rundll32.exe bad image issue please and thx

Unread postby dionneleep » April 13th, 2008, 2:29 pm

The Combo fix did not go smoothly the first time as I got a bad image box the first time and I closed the box instead of clicking ok. So the Combo fix stalled and I restarted the computer and ran it again. It seemed to go smoothly this time. Part of the instructions for Combofix was to install the windows recovery. I followed these directions, but this does not appeared to have installed correctly. The Java update did not go smoothly either. This error mssg appeared javaw.exe.badimage The application of DLL C:\Programfiles\Java\jre1.5.0_10\bin\dcp.dll is not a valid window image. Pleas check this against your installation diskette.
The Adobe install went fine. I went ahead and removed the Java 5.0 update. There was not an Adobe Reader 7.0.9, but there is a Adobe Acrobat 4.0 I left this alone. Here are the log files from Combo Fix and Hijack This. Thanks!

ComboFix 08-04-12.10 - David 2008-04-13 11:13:13.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.130 [GMT -7:00]
Running from: C:\Documents and Settings\David\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
G:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2008-03-13 to 2008-04-13 )))))))))))))))))))))))))))))))
.

2008-04-13 10:48 . 2008-04-13 10:48 <DIR> d-------- C:\Program Files\Adobe Media Player
2008-04-13 10:47 . 2008-04-13 10:47 <DIR> d-------- C:\Program Files\Common Files\Adobe AIR
2008-04-13 10:39 . 2008-04-13 10:58 <DIR> d-------- C:\Documents and Settings\David\.SunDownloadManager
2008-04-12 21:58 . 2008-04-12 21:58 <DIR> d-------- C:\Program Files\Trend Micro
2008-04-12 21:55 . 2008-04-12 21:55 <DIR> d-------- C:\Deckard
2008-03-28 23:37 . 2008-03-28 23:37 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2008-03-28 23:37 . 2008-03-28 23:37 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts
2008-03-13 21:01 . 2008-03-13 21:01 <DIR> d-------- C:\Program Files\iTunes

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-13 17:49 --------- d-----w C:\Program Files\Common Files\Adobe
2008-04-12 04:02 --------- d-----w C:\Program Files\Quicken
2008-04-11 17:27 --------- d-----w C:\Program Files\QuickTime
2008-03-30 22:28 --------- d-----w C:\Documents and Settings\David\Application Data\U3
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-14 04:01 --------- d-----w C:\Program Files\iPod
2008-03-08 01:27 --------- d-----w C:\Documents and Settings\David\Application Data\Move Networks
2008-03-08 00:56 557,056 ----a-w C:\Documents and Settings\David\GoToAssist_phone__317_en.exe
2008-03-01 13:06 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-01-18 14:22 164 ----a-w C:\install.dat
2006-05-17 02:43 10,240 --sha-w C:\Program Files\Thumbs.db
2002-09-11 14:26 63,730 -c--a-w C:\Program Files\viewsonicinstruct_xp.pdf
2001-11-23 19:08 712,704 -c----w C:\WINDOWS\inf\OTHER\AUDIO3D.DLL
.

((((((((((((((((((((((((((((( snapshot@2008-04-13_ 9.21.07.87 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-09 10:20:43 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-13 18:06:48 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-13 17:50:46 295,606 ----a-r C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-A81200000003}\SC_Reader.exe
+ 2006-06-05 21:14:28 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcm80.dll
+ 2006-06-05 21:14:28 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcp80.dll
+ 2006-06-05 21:14:28 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpyKiller"="C:\Program Files\SpyKiller\spykiller.exe" [ ]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56 15360]
"PhotoShow Deluxe Media Manager"="C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe" [ ]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2006-11-30 22:49 4662776]
"QuickenScheduledUpdates"="C:\Program Files\Quicken\bagent.exe" [2006-10-30 07:39 57344]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-10-28 16:25 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio"="cmicnfg.cpl" []
"NvMixerTray"="C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-06-03 21:51 131072]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-08-11 01:07 188416]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"basicsmssmenu"="C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" [2007-10-09 17:21 169328]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-04 00:56 33280 C:\WINDOWS\system32\rundll32.exe]
"nwiz"="nwiz.exe" [2007-12-05 02:41 1626112 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="RUNDLL32.exe" [2004-08-04 00:56 33280 C:\WINDOWS\system32\rundll32.exe]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2006-10-13 21:44 95848]
"vptray"="C:\PROGRA~1\SYMANT~2\VPTray.exe" [2006-10-14 07:02 134856]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 13:10 267048]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 23:37 413696]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" [2008-01-04 21:56 5367664]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HOTSYNCSHORTCUTNAME.lnk - C:\Program Files\Palm\Hotsync.exe [2004-06-09 15:27:34 471040]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Symantec AntiVirus\\Rtvscan.exe"=
"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R2 Basics Service;Basics Service;"C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe" [2007-10-09 17:21]
R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 14:38]
S3 Winferno Subscription Service;Winferno Subscription Service;"C:\Program Files\Common Files\Winferno\WSS\WSS.exe" [2007-07-30 11:29]

.
Contents of the 'Scheduled Tasks' folder
"2008-04-11 02:21:04 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-04-13 18:07:08 C:\WINDOWS\Tasks\PCConfidential.job"
- C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
"2008-04-13 18:07:12 C:\WINDOWS\Tasks\WSSHelper.job"
- C:\Program Files\Common Files\Winferno\WSS\WSSHelper.exe
.
**************************************************************************

catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-13 11:17:12
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-04-13 11:18:31
ComboFix-quarantined-files.txt 2008-04-13 18:18:20
Pre-Run: 165,316,837,376 bytes free
Post-Run: 165,304,094,720 bytes free
.
2008-04-13 18:05:36 --- E O F ---

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:22:29 AM, on 4/13/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~2\VPTray.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Palm\Hotsync.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe"
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray
O4 - HKCU\..\Run: [SpyKiller] "C:\Program Files\SpyKiller\spykiller.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [QuickenScheduledUpdates] "C:\Program Files\Quicken\bagent.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 1991385640
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v ... b34246.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://attwm.webex.com/client/v_mywebe ... eatgpc.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Basics Service - Seagate Technology LLC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Winferno Subscription Service - Capital Intellect Inc - C:\Program Files\Common Files\Winferno\WSS\WSS.exe

--
End of file - 8602 bytes
dionneleep
Regular Member
 
Posts: 26
Joined: April 6th, 2008, 12:43 am

Re: Need help with rundll32.exe bad image issue please and thx

Unread postby Katana » April 13th, 2008, 3:19 pm

Please can you run a disk scan, followed by a Kaspersky scan
  1. Double-click My Computer, and then right-click the hard disk that you want to check. (C:\)
  2. Click Properties, and then click Tools.
  3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
  4. Use the following procedure:
    • select the Scan for and attempt recovery of bad sectors check box, and then click Start.
    Note If one or more of the files on the hard disk are open, you will receive the following message:
    The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
    Click Yes to schedule the disk check, and then restart your computer to start the disk check.

Kaspersky Online Scanner .
Your Antivirus and/or Antispyware may give a warning during the scan. This is perfectly normal
Go Here http://www.kaspersky.com/kos/eng/partne ... bscan.html

Read the Requirements and limitations before you click Accept.
Allow the ActiveX download if necessary
Once the database has downloaded, click Next.
Click Scan Settings and change the "Scan using the following antivirus database" from standard to extended and then click OK.
Click on "My Computer" and then put the kettle on!
When the scan has completed, click Save Report As...
Enter a name for the file in the Filename: text box and then click the down arrow to the right of Save as type: and select text file (*.txt)
Click Save - by default the file will be saved to your Desktop, but you can change this if you wish.
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: Need help with rundll32.exe bad image issue please and thx

Unread postby dionneleep » April 13th, 2008, 8:56 pm

I assumed you wanted to see the log from the Kaspersky scan so I am posting it. Thanks again.

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Sunday, April 13, 2008 5:58:23 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 13/04/2008
Kaspersky Anti-Virus database records: 702432
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
H:\

Scan Statistics:
Total number of scanned objects: 154128
Number of viruses found: 5
Number of infected objects: 25
Number of suspicious objects: 4
Duration of the scan process: 02:19:19

Infected Object Name / Virus Name / Last Action
C:\Backup_docs.bkf/Documents_and_Settings\David\My_Documents\backup-20041219-165735-618.dll Infected: Trojan.Win32.StartPage.qr skipped
C:\Backup_docs.bkf/Documents_and_Settings\David\My_Documents\backup-20041231-112754-776.dll Infected: Trojan.Win32.StartPage.qr skipped
C:\Backup_docs.bkf MTF: infected - 2 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBConfig.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDebug.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDetect.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBNotify.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBRefr.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg2.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetDev.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetLoc.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetUsr.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBStHash.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBValid.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPPolicy.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStart.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStop.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtErEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\D1130D5D.TMP Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtMoEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtNvEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtScEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtTxFEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtViEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AD40000.VBN Suspicious: Exploit.Win32.IMG-WMF skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AD80000.VBN Infected: Exploit.JS.CVE-2005-1790.t skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AD80001.VBN Infected: Exploit.JS.CVE-2005-1790.t skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0ADC0000.VBN Infected: Exploit.JS.CVE-2005-1790.t skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0ADC0001.VBN Infected: Exploit.JS.CVE-2005-1790.t skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AE00000.VBN Infected: Exploit.JS.CVE-2005-1790.t skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AE40000.VBN Infected: Exploit.JS.CVE-2005-1790.t skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AF40000.VBN Infected: Exploit.JS.CVE-2005-1790.t skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AF40001.VBN Suspicious: Exploit.Win32.IMG-WMF skipped
C:\Documents and Settings\David\Application Data\Webroot\Spy Sweeper\Logs\080413113805.ses Object is locked skipped
C:\Documents and Settings\David\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\David\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\David\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\David\Local Settings\Temp\~DF57B2.tmp Object is locked skipped
C:\Documents and Settings\David\Local Settings\Temp\~DF57C7.tmp Object is locked skipped
C:\Documents and Settings\David\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\David\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\David\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Data\settings.dat Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS009B84E0-C2AB-432B-A01C-2008859CC8FB.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS0D181E15-3430-4862-B532-6EC0FD7D7355.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS19E7350C-67FF-4258-8402-BB58E1526903.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS1B1FE199-315C-41EA-A425-CF143212B7EE.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS1B24D5BF-7610-4C67-95B7-45ECBBDE24FC.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS20523858-ED43-4559-9AB1-C282CF257F6F.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS228FF8DC-6A6C-45FF-8697-B2FB20A04C69.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS23643505-FDA8-492F-A9E5-8F3DE29C069D.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS2CBDCEE1-1124-41E0-BC7F-9DADF5B03AAF.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS2CE88D1E-AFA7-43C0-A4DE-C448F260C04E.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS2FB4ABA7-4741-49BB-9CC6-856A9C50FB87.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS33A08039-9035-4B27-9C18-DC4BA052EAE6.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS355A42B1-A1C0-4644-8880-DFD4E6192AD3.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS36D813A8-38BF-448D-A0CD-F81C31D2D31C.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS38EAF924-4FB6-42EA-B0B4-F8DB67BAD40F.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS3B53CD10-0CAD-43AD-8D7B-71DA38FEDB82.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS3D34E3D3-D099-4785-96AC-7CDE0C45F58C.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS3E3D2CB2-A2A5-4372-B016-57894E33A76B.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS3EA3EF38-0229-48F5-A27A-7873E8727F16.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS40843817-7DE3-47D2-B4DA-1F0B3375A1E5.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS417A1193-7BD7-4527-99B9-07FDEE23ECC3.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS4DFA653B-E710-41AA-A03B-AAD1EB68E997.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS51001026-EE7E-4D03-B902-E544593AE5D4.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS586A343A-1E3E-48E3-AB24-7ECC8E96A4D5.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS58D1970D-76FF-4E76-B14E-CCF09F52F79C.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS592EF6F7-21C2-473F-9687-01E8337E2D0B.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS592F046B-BF2E-4B79-8B7D-088BFD9EDDCA.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS5B0EAAE4-6AC6-4F3B-9162-11E60EEA88B8.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS5CBC9062-7F1A-4D6D-8719-0C29E03645A7.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS5E05F619-4A93-455D-BAA8-EB1A17690D20.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS60898A9F-751D-4E31-B759-FB5BDD448415.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS61A331EB-77D9-4EE5-A74D-E0D420B8D301.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS648EBA7C-A546-4ED0-983E-589E0552E229.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS65CBC1EE-1F26-475B-8636-1749E6152716.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS6A529684-8CA4-4691-A6A6-8F4673F3D989.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS6B7BFA00-ACCC-4783-95E8-FA06BCDC0787.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS6B7C2CD1-3746-4355-AEB1-F7B3EE8CD7AA.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS70C81F0B-2431-40F6-88EA-21C13AE04076.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS75A0268F-2153-4D6E-ADEC-650337285FCC.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS75A96EF2-0533-4441-8AEB-F2314469FF7A.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS788B212A-6ACC-4360-B375-823DE3504B30.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS78B0F504-3864-4113-8B27-7314BC7C8206.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS7A7B6DAC-952D-4916-8C72-5ACDFCF4E3A4.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS7C7C8C2F-6AAC-4EB9-ACE1-5E88ECADF7EF.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS7D927B2E-EB12-46D9-A617-3E9F931F46E4.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS7DBF2EC1-9C7D-4BF0-AAD6-9B9B1432961B.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS7EEF1A03-976C-444D-95D7-187F1BA3E266.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS80F415F5-6401-4AA4-A37D-CD2D44AB48C5.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS81A1CEE0-8ED9-4F8C-A457-12302EA51879.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS81E3CF86-D9EF-4FCA-AE3C-44C7A6771E34.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS8EE821C3-5EFD-4D86-A901-C0C261908FB0.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS94F2A512-ABB1-44DA-9A7C-CA56D634E469.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS96014C7A-AD4F-4F44-A03E-F8FBD654A67E.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS99904790-CE80-48C0-87A7-786FEBFFF030.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS9B79B75C-0DCF-4FB2-9A1A-A782256A9A13.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS9D9E7B4C-2243-4759-A0F4-1EF2E5C5C3B7.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS9E51F756-5B27-43CC-B258-5EF4AF0250B1.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS9FA6D254-8766-4E63-A869-85C698ECEA9B.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSA4A5497C-A363-431D-A90A-C924861DE4A0.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSA69F29CD-59B7-475F-A038-B42BAB212949.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSA75670F7-2293-4CB3-8C91-3DC5AE43B2A4.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSA88162C7-7EC7-4E4A-9397-F26DE87A5F38.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSAE3C020B-18EA-47D1-8D92-72D6530C87CD.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSB2172D2C-33DD-4817-8C32-D557D2B95F49.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSB4D0D814-7F6A-47A0-AB17-E1BA8E661269.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSB527C2B6-4D80-47B6-A2A1-2641E667A1AD.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSB5F63AEF-4CBE-4DEE-A543-530A20D4D24E.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSB61DBCFB-D4FA-4216-926E-D0E425F1720F.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSB7502CFA-565D-45DE-AF10-BB4B6B1138C0.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSB9D50E96-D320-4A0C-AAFE-926BC65D4946.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSBC8068A5-AA29-45F8-88BB-5C9AB792E3A8.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSBF4BCAF6-388C-43F3-9CCF-BD0AEC28EAF1.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSC08FBB61-D32C-4D54-BB13-D939DF2F700C.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSC0F4F874-BB50-4AE6-897E-FAFEC27071B7.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSC10521F6-84A6-4156-BC1A-A6B0DA3DDB48.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSC258C2A2-5BD2-4821-9343-C482E5B0E090.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSC38B6908-9E0C-4CBD-A22D-A7BED212CD59.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSD46F6ED8-3212-47C2-B12F-F28ECE5405EE.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSD497F65C-F9CC-4633-AE18-7891723FA854.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSD512F7A0-2D8D-4908-B19B-E7C4D72F20BE.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSDB7896D1-5152-4ECA-8CCE-881FE7F99B08.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSDC1B6899-5BD0-4F2A-9DF8-21079D753A1A.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSDF068394-1002-4EE8-A394-F2BF86018754.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSE0A3F3B8-3A9B-4092-ABB7-DFED661CDF70.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSE109DD99-B284-4941-BE01-90B48B1D55E3.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSE3AC0B09-67C1-4E8A-9AC5-315A3BCA7DC5.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSE44EC478-85F6-4E7D-BAF4-FE735E9668B2.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSEE15667F-10AD-403A-AA95-A39F9B689A01.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSF14D8794-06FC-4B88-A071-48ECEF78C62F.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\FINDnFIX\keys1\NirComLine.exe Infected: not-a-virus:RemoteAdmin.Win32.NirCmdLine.14 skipped
C:\Program Files\Common Files\Symantec Shared\eengine\EPERSIST.DAT Object is locked skipped
C:\Program Files\Webroot\Spy Sweeper\Masters\masters.bak Object is locked skipped
C:\Program Files\Webroot\Spy Sweeper\Masters\Masters.const Object is locked skipped
C:\Program Files\Webroot\Spy Sweeper\Masters\masters.mst Object is locked skipped
C:\Program Files\Webroot\Spy Sweeper\Masters.base Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{F9BB205C-9525-4E64-9FEF-B9236839F25D}\RP1259\change.log Object is locked skipped
C:\WINDOWS\cpbrkpie.ocx Infected: not-a-virus:AdWare.Win32.Coupons skipped
C:\WINDOWS\CSC\00000001 Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{127E2E03-95FD-4FF4-B81F-9488CAEBC690}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
F:\Backup_docs.bkf/Documents_and_Settings\David\My_Documents\backup-20041219-165735-618.dll Infected: Trojan.Win32.StartPage.qr skipped
F:\Backup_docs.bkf/Documents_and_Settings\David\My_Documents\backup-20041231-112754-776.dll Infected: Trojan.Win32.StartPage.qr skipped
F:\Backup_docs.bkf MTF: infected - 2 skipped
F:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0AD40000.VBN Suspicious: Exploit.Win32.IMG-WMF skipped
F:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0AD80000.VBN Infected: Exploit.JS.CVE-2005-1790.t skipped
F:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0AD80001.VBN Infected: Exploit.JS.CVE-2005-1790.t skipped
F:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0ADC0000.VBN Infected: Exploit.JS.CVE-2005-1790.t skipped
F:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0ADC0001.VBN Infected: Exploit.JS.CVE-2005-1790.t skipped
F:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0AE00000.VBN Infected: Exploit.JS.CVE-2005-1790.t skipped
F:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0AE40000.VBN Infected: Exploit.JS.CVE-2005-1790.t skipped
F:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0AF40000.VBN Infected: Exploit.JS.CVE-2005-1790.t skipped
F:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0AF40001.VBN Suspicious: Exploit.Win32.IMG-WMF skipped
F:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0AF80000.VBN Infected: Exploit.JS.CVE-2005-1790.t skipped
F:\FINDnFIX\keys1\NirComLine.exe Infected: not-a-virus:RemoteAdmin.Win32.NirCmdLine.14 skipped
F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
F:\System Volume Information\_restore{F9BB205C-9525-4E64-9FEF-B9236839F25D}\RP1259\change.log Object is locked skipped
F:\WINDOWS\cpbrkpie.ocx Infected: not-a-virus:AdWare.Win32.Coupons skipped
G:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
G:\System Volume Information\_restore{F9BB205C-9525-4E64-9FEF-B9236839F25D}\RP1259\change.log Object is locked skipped

Scan process completed.
dionneleep
Regular Member
 
Posts: 26
Joined: April 6th, 2008, 12:43 am

Re: Need help with rundll32.exe bad image issue please and thx

Unread postby Katana » April 14th, 2008, 5:03 am

There are no signs of dramatic malware that would be causing your problems, so we will have to run some further scans

Custom CFScript
  • Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:

    Code: Select all
    
    File::
    C:\Backup_docs.bkf
    C:\WINDOWS\cpbrkpie.ocx
    F:\Backup_docs.bkf
    F:\WINDOWS\cpbrkpie.ocx
    Folder::
    C:\Program Files\SpyKiller
    
    Registry::
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SpyKiller"=-
    "PhotoShow Deluxe Media Manager"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Cmaudio"=-
    

  • Save this as CFScript.txt and place it on your desktop.


    Image


  • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  • ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
  • When finished, it will produce a log for you. Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.


GetSystemInfo

Please download GetSystemInfo from HERE
Double click GetSysteminfo.exe
It will ask you where to save the report, please save it to your desktop or somewhere that you can find it easily.
It will display it's progress on your screen, when the box disappears it has finished.


Active Scan
Your Antivirus and/or Antispyware may give a warning during the scan. This is perfectly normal
Please go to this site Link >> ActiveScan << LINK
  • Cclick the Scan Now button
  • Follow the prompts to install the Active X if necessary
  • Go and make a cup of tea/coffee/beverage of your choice and watch some TV :)
  • When the scan is finished, a report will be generated
  • Next to Scan Details click the small Save button and save the report to your desktop.
  • Please post the report in your reply.

Please post all logs in your reply.
You will probably need more than one post.
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: Need help with rundll32.exe bad image issue please and thx

Unread postby dionneleep » April 14th, 2008, 10:27 am

The Active Scan appears to have gotten stuck on a picture file-for about 3.5 hours now. I started the scan around 3:30am pst. Should I abort this scan?


ComboFix 08-04-12.10 - David 2008-04-14 3:09:35.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.77 [GMT -7:00]
Running from: C:\Documents and Settings\David\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\David\Desktop\CFScript.txt
* Created a new restore point

FILE ::
C:\Backup_docs.bkf
C:\WINDOWS\cpbrkpie.ocx
F:\Backup_docs.bkf
F:\WINDOWS\cpbrkpie.ocx
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Backup_docs.bkf
C:\Program Files\SpyKiller
C:\Program Files\SpyKiller\BlockedCookies.txt
C:\Program Files\SpyKiller\hosts
C:\Program Files\SpyKiller\irunin.bmp
C:\Program Files\SpyKiller\irunin.dat
C:\Program Files\SpyKiller\irunin.ini
C:\Program Files\SpyKiller\irunin.lng
C:\Program Files\SpyKiller\license.txt
C:\Program Files\SpyKiller\RegistryspyList
C:\Program Files\SpyKiller\rmcomtb.exe
C:\Program Files\SpyKiller\SpyKiller log1-1-05215058.txt
C:\Program Files\SpyKiller\SpyKiller log1-12-042136.txt
C:\Program Files\SpyKiller\SpyKiller log1-7-04153339.txt
C:\Program Files\SpyKiller\SpyKiller log1-7-04183756.txt
C:\Program Files\SpyKiller\SpyKiller log1-7-047921.txt
C:\Program Files\SpyKiller\SpyKiller log1-7-06122145.txt
C:\Program Files\SpyKiller\SpyKiller log1-8-05113151.txt
C:\Program Files\SpyKiller\SpyKiller log10-11-0471522.txt
C:\Program Files\SpyKiller\SpyKiller log10-11-0481918.txt
C:\Program Files\SpyKiller\SpyKiller log10-11-0492136.txt
C:\Program Files\SpyKiller\SpyKiller log10-12-04115250.txt
C:\Program Files\SpyKiller\SpyKiller log10-12-0453842.txt
C:\Program Files\SpyKiller\SpyKiller log10-3-0581859.txt
C:\Program Files\SpyKiller\SpyKiller log10-3-069937.txt
C:\Program Files\SpyKiller\SpyKiller log10-6-05113224.txt
C:\Program Files\SpyKiller\SpyKiller log10-7-05152352.txt
C:\Program Files\SpyKiller\SpyKiller log10-8-0663030.txt
C:\Program Files\SpyKiller\SpyKiller log10-9-04204831.txt
C:\Program Files\SpyKiller\SpyKiller log11-1-0521959.txt
C:\Program Files\SpyKiller\SpyKiller log11-10-0421476.txt
C:\Program Files\SpyKiller\SpyKiller log11-10-05213310.txt
C:\Program Files\SpyKiller\SpyKiller log11-11-0412531.txt
C:\Program Files\SpyKiller\SpyKiller log11-12-0411653.txt
C:\Program Files\SpyKiller\SpyKiller log11-12-0611614.txt
C:\Program Files\SpyKiller\SpyKiller log11-5-06211254.txt
C:\Program Files\SpyKiller\SpyKiller log11-8-04211841.txt
C:\Program Files\SpyKiller\SpyKiller log11-8-04212918.txt
C:\Program Files\SpyKiller\SpyKiller log11-8-0620637.txt
C:\Program Files\SpyKiller\SpyKiller log11-8-0661949.txt
C:\Program Files\SpyKiller\SpyKiller log11-9-05174656.txt
C:\Program Files\SpyKiller\SpyKiller log12-1-0520473.txt
C:\Program Files\SpyKiller\SpyKiller log12-10-04194236.txt
C:\Program Files\SpyKiller\SpyKiller log12-10-0420311.txt
C:\Program Files\SpyKiller\SpyKiller log12-10-0654216.txt
C:\Program Files\SpyKiller\SpyKiller log12-11-0491839.txt
C:\Program Files\SpyKiller\SpyKiller log12-5-0661731.txt
C:\Program Files\SpyKiller\SpyKiller log12-7-0420278.txt
C:\Program Files\SpyKiller\SpyKiller log12-7-067418.txt
C:\Program Files\SpyKiller\SpyKiller log12-8-0415915.txt
C:\Program Files\SpyKiller\SpyKiller log12-8-056730.txt
C:\Program Files\SpyKiller\SpyKiller log13-10-0483714.txt
C:\Program Files\SpyKiller\SpyKiller log13-11-04212631.txt
C:\Program Files\SpyKiller\SpyKiller log13-4-05641.txt
C:\Program Files\SpyKiller\SpyKiller log13-4-0664929.txt
C:\Program Files\SpyKiller\SpyKiller log13-7-0415122.txt
C:\Program Files\SpyKiller\SpyKiller log13-7-056144.txt
C:\Program Files\SpyKiller\SpyKiller log13-8-069384.txt
C:\Program Files\SpyKiller\SpyKiller log13-9-04112850.txt
C:\Program Files\SpyKiller\SpyKiller log13-9-066317.txt
C:\Program Files\SpyKiller\SpyKiller log14-11-04141130.txt
C:\Program Files\SpyKiller\SpyKiller log14-12-0411588.txt
C:\Program Files\SpyKiller\SpyKiller log14-12-0575844.txt
C:\Program Files\SpyKiller\SpyKiller log14-2-05111858.txt
C:\Program Files\SpyKiller\SpyKiller log14-3-0515383.txt
C:\Program Files\SpyKiller\SpyKiller log14-7-06175033.txt
C:\Program Files\SpyKiller\SpyKiller log14-9-05212434.txt
C:\Program Files\SpyKiller\SpyKiller log15-1-05154050.txt
C:\Program Files\SpyKiller\SpyKiller log15-1-0574057.txt
C:\Program Files\SpyKiller\SpyKiller log15-10-04213347.txt
C:\Program Files\SpyKiller\SpyKiller log15-11-0420130.txt
C:\Program Files\SpyKiller\SpyKiller log15-2-0655750.txt
C:\Program Files\SpyKiller\SpyKiller log15-6-0663530.txt
C:\Program Files\SpyKiller\SpyKiller log15-7-0621169.txt
C:\Program Files\SpyKiller\SpyKiller log15-8-0402019.txt
C:\Program Files\SpyKiller\SpyKiller log15-9-04204742.txt
C:\Program Files\SpyKiller\SpyKiller log16-1-052034.txt
C:\Program Files\SpyKiller\SpyKiller log16-10-0463150.txt
C:\Program Files\SpyKiller\SpyKiller log16-11-04101528.txt
C:\Program Files\SpyKiller\SpyKiller log16-12-046815.txt
C:\Program Files\SpyKiller\SpyKiller log16-12-0485819.txt
C:\Program Files\SpyKiller\SpyKiller log16-3-05105320.txt
C:\Program Files\SpyKiller\SpyKiller log16-7-04215947.txt
C:\Program Files\SpyKiller\SpyKiller log16-8-0521622.txt
C:\Program Files\SpyKiller\SpyKiller log16-9-04194430.txt
C:\Program Files\SpyKiller\SpyKiller log16-9-0463218.txt
C:\Program Files\SpyKiller\SpyKiller log17-1-05111917.txt
C:\Program Files\SpyKiller\SpyKiller log17-12-0674851.txt
C:\Program Files\SpyKiller\SpyKiller log17-2-0563816.txt
C:\Program Files\SpyKiller\SpyKiller log17-5-0555657.txt
C:\Program Files\SpyKiller\SpyKiller log17-7-04104710.txt
C:\Program Files\SpyKiller\SpyKiller log17-8-0495056.txt
C:\Program Files\SpyKiller\SpyKiller log18-11-04135432.txt
C:\Program Files\SpyKiller\SpyKiller log18-11-04195254.txt
C:\Program Files\SpyKiller\SpyKiller log18-11-0463237.txt
C:\Program Files\SpyKiller\SpyKiller log18-11-0482037.txt
C:\Program Files\SpyKiller\SpyKiller log18-11-0671250.txt
C:\Program Files\SpyKiller\SpyKiller log18-12-0414612.txt
C:\Program Files\SpyKiller\SpyKiller log18-12-0463659.txt
C:\Program Files\SpyKiller\SpyKiller log18-12-047379.txt
C:\Program Files\SpyKiller\SpyKiller log18-12-0483428.txt
C:\Program Files\SpyKiller\SpyKiller log18-2-067478.txt
C:\Program Files\SpyKiller\SpyKiller log18-6-0563713.txt
C:\Program Files\SpyKiller\SpyKiller log18-6-0621122.txt
C:\Program Files\SpyKiller\SpyKiller log18-7-0471714.txt
C:\Program Files\SpyKiller\SpyKiller log18-7-0484741.txt
C:\Program Files\SpyKiller\SpyKiller log18-7-0552552.txt
C:\Program Files\SpyKiller\SpyKiller log19-12-05202338.txt
C:\Program Files\SpyKiller\SpyKiller log2-1-0518173.txt
C:\Program Files\SpyKiller\SpyKiller log2-1-0719523.txt
C:\Program Files\SpyKiller\SpyKiller log2-11-0410042.txt
C:\Program Files\SpyKiller\SpyKiller log2-11-04112723.txt
C:\Program Files\SpyKiller\SpyKiller log2-11-04143013.txt
C:\Program Files\SpyKiller\SpyKiller log2-12-04103238.txt
C:\Program Files\SpyKiller\SpyKiller log2-2-0583652.txt
C:\Program Files\SpyKiller\SpyKiller log2-4-0572129.txt
C:\Program Files\SpyKiller\SpyKiller log2-8-0620586.txt
C:\Program Files\SpyKiller\SpyKiller log20-1-0521391.txt
C:\Program Files\SpyKiller\SpyKiller log20-1-0652719.txt
C:\Program Files\SpyKiller\SpyKiller log20-10-0422452.txt
C:\Program Files\SpyKiller\SpyKiller log20-4-0591216.txt
C:\Program Files\SpyKiller\SpyKiller log20-5-05203536.txt
C:\Program Files\SpyKiller\SpyKiller log20-5-05212923.txt
C:\Program Files\SpyKiller\SpyKiller log20-5-06204421.txt
C:\Program Files\SpyKiller\SpyKiller log20-5-0665437.txt
C:\Program Files\SpyKiller\SpyKiller log20-9-0554743.txt
C:\Program Files\SpyKiller\SpyKiller log21-10-04131327.txt
C:\Program Files\SpyKiller\SpyKiller log21-11-04202123.txt
C:\Program Files\SpyKiller\SpyKiller log21-11-0520025.txt
C:\Program Files\SpyKiller\SpyKiller log21-2-056506.txt
C:\Program Files\SpyKiller\SpyKiller log21-4-05124030.txt
C:\Program Files\SpyKiller\SpyKiller log21-8-0574915.txt
C:\Program Files\SpyKiller\SpyKiller log22-10-05153026.txt
C:\Program Files\SpyKiller\SpyKiller log22-11-04124710.txt
C:\Program Files\SpyKiller\SpyKiller log23-1-0516577.txt
C:\Program Files\SpyKiller\SpyKiller log23-10-04221312.txt
C:\Program Files\SpyKiller\SpyKiller log23-10-0515321.txt
C:\Program Files\SpyKiller\SpyKiller log23-11-04221951.txt
C:\Program Files\SpyKiller\SpyKiller log23-11-05111537.txt
C:\Program Files\SpyKiller\SpyKiller log23-11-0520171.txt
C:\Program Files\SpyKiller\SpyKiller log24-11-04113258.txt
C:\Program Files\SpyKiller\SpyKiller log24-12-04161049.txt
C:\Program Files\SpyKiller\SpyKiller log24-12-0418412.txt
C:\Program Files\SpyKiller\SpyKiller log24-12-0502242.txt
C:\Program Files\SpyKiller\SpyKiller log24-3-05103128.txt
C:\Program Files\SpyKiller\SpyKiller log24-3-0685124.txt
C:\Program Files\SpyKiller\SpyKiller log24-4-05211920.txt
C:\Program Files\SpyKiller\SpyKiller log24-5-062163.txt
C:\Program Files\SpyKiller\SpyKiller log25-1-0520160.txt
C:\Program Files\SpyKiller\SpyKiller log25-10-049657.txt
C:\Program Files\SpyKiller\SpyKiller log25-2-05213334.txt
C:\Program Files\SpyKiller\SpyKiller log25-5-06102237.txt
C:\Program Files\SpyKiller\SpyKiller log25-7-04144355.txt
C:\Program Files\SpyKiller\SpyKiller log25-8-0413729.txt
C:\Program Files\SpyKiller\SpyKiller log26-10-04215547.txt
C:\Program Files\SpyKiller\SpyKiller log26-4-0662553.txt
C:\Program Files\SpyKiller\SpyKiller log26-6-0411470.txt
C:\Program Files\SpyKiller\SpyKiller log26-6-0412160.txt
C:\Program Files\SpyKiller\SpyKiller log26-6-04141335.txt
C:\Program Files\SpyKiller\SpyKiller log26-6-04142737.txt
C:\Program Files\SpyKiller\SpyKiller log26-8-04114018.txt
C:\Program Files\SpyKiller\SpyKiller log26-8-0412266.txt
C:\Program Files\SpyKiller\SpyKiller log27-1-0575233.txt
C:\Program Files\SpyKiller\SpyKiller log27-10-04115634.txt
C:\Program Files\SpyKiller\SpyKiller log27-11-0491835.txt
C:\Program Files\SpyKiller\SpyKiller log27-11-06143238.txt
C:\Program Files\SpyKiller\SpyKiller log27-4-058576.txt
C:\Program Files\SpyKiller\SpyKiller log27-6-04193320.txt
C:\Program Files\SpyKiller\SpyKiller log27-7-04212111.txt
C:\Program Files\SpyKiller\SpyKiller log27-9-055351.txt
C:\Program Files\SpyKiller\SpyKiller log28-2-0573113.txt
C:\Program Files\SpyKiller\SpyKiller log28-8-042293.txt
C:\Program Files\SpyKiller\SpyKiller log28-9-0419171.txt
C:\Program Files\SpyKiller\SpyKiller log29-10-0412521.txt
C:\Program Files\SpyKiller\SpyKiller log29-10-0413253.txt
C:\Program Files\SpyKiller\SpyKiller log29-6-0416844.txt
C:\Program Files\SpyKiller\SpyKiller log29-6-04194457.txt
C:\Program Files\SpyKiller\SpyKiller log3-10-0613536.txt
C:\Program Files\SpyKiller\SpyKiller log3-11-068425.txt
C:\Program Files\SpyKiller\SpyKiller log3-6-051322.txt
C:\Program Files\SpyKiller\SpyKiller log3-8-042206.txt
C:\Program Files\SpyKiller\SpyKiller log30-1-0652833.txt
C:\Program Files\SpyKiller\SpyKiller log30-11-04102352.txt
C:\Program Files\SpyKiller\SpyKiller log30-11-0482316.txt
C:\Program Files\SpyKiller\SpyKiller log30-11-0485455.txt
C:\Program Files\SpyKiller\SpyKiller log30-5-06102240.txt
C:\Program Files\SpyKiller\SpyKiller log30-6-0419394.txt
C:\Program Files\SpyKiller\SpyKiller log30-7-04195336.txt
C:\Program Files\SpyKiller\SpyKiller log31-10-04101218.txt
C:\Program Files\SpyKiller\SpyKiller log31-10-0610426.txt
C:\Program Files\SpyKiller\SpyKiller log31-12-04112352.txt
C:\Program Files\SpyKiller\SpyKiller log31-3-06203650.txt
C:\Program Files\SpyKiller\SpyKiller log31-3-066049.txt
C:\Program Files\SpyKiller\SpyKiller log31-5-05195735.txt
C:\Program Files\SpyKiller\SpyKiller log31-5-06195754.txt
C:\Program Files\SpyKiller\SpyKiller log4-12-04213350.txt
C:\Program Files\SpyKiller\SpyKiller log4-5-0684053.txt
C:\Program Files\SpyKiller\SpyKiller log4-6-0675233.txt
C:\Program Files\SpyKiller\SpyKiller log5-1-0561548.txt
C:\Program Files\SpyKiller\SpyKiller log5-1-06164458.txt
C:\Program Files\SpyKiller\SpyKiller log5-11-04215255.txt
C:\Program Files\SpyKiller\SpyKiller log5-11-042232.txt
C:\Program Files\SpyKiller\SpyKiller log5-11-0464243.txt
C:\Program Files\SpyKiller\SpyKiller log5-12-04143545.txt
C:\Program Files\SpyKiller\SpyKiller log5-5-057475.txt
C:\Program Files\SpyKiller\SpyKiller log5-8-0610328.txt
C:\Program Files\SpyKiller\SpyKiller log5-9-047507.txt
C:\Program Files\SpyKiller\SpyKiller log6-11-04112745.txt
C:\Program Files\SpyKiller\SpyKiller log6-11-0483850.txt
C:\Program Files\SpyKiller\SpyKiller log6-11-048434.txt
C:\Program Files\SpyKiller\SpyKiller log6-3-0574519.txt
C:\Program Files\SpyKiller\SpyKiller log6-6-05144737.txt
C:\Program Files\SpyKiller\SpyKiller log7-1-058815.txt
C:\Program Files\SpyKiller\SpyKiller log7-7-0410146.txt
C:\Program Files\SpyKiller\SpyKiller log7-7-04151027.txt
C:\Program Files\SpyKiller\SpyKiller log7-8-0662147.txt
C:\Program Files\SpyKiller\SpyKiller log7-9-04133220.txt
C:\Program Files\SpyKiller\SpyKiller log8-11-04115138.txt
C:\Program Files\SpyKiller\SpyKiller log8-11-04663.txt
C:\Program Files\SpyKiller\SpyKiller log8-11-049459.txt
C:\Program Files\SpyKiller\SpyKiller log8-2-05163136.txt
C:\Program Files\SpyKiller\SpyKiller log8-2-0591220.txt
C:\Program Files\SpyKiller\SpyKiller log8-4-0620320.txt
C:\Program Files\SpyKiller\SpyKiller log8-7-042206.txt
C:\Program Files\SpyKiller\SpyKiller log8-7-069820.txt
C:\Program Files\SpyKiller\SpyKiller log8-8-0554327.txt
C:\Program Files\SpyKiller\SpyKiller log8-8-0621140.txt
C:\Program Files\SpyKiller\SpyKiller log8-8-0661229.txt
C:\Program Files\SpyKiller\SpyKiller log8-9-0441941.txt
C:\Program Files\SpyKiller\SpyKiller log9-11-04194342.txt
C:\Program Files\SpyKiller\SpyKiller log9-11-0555223.txt
C:\Program Files\SpyKiller\SpyKiller log9-12-04205954.txt
C:\Program Files\SpyKiller\SpyKiller log9-5-0583830.txt
C:\Program Files\SpyKiller\SpyKiller log9-7-0415310.txt
C:\Program Files\SpyKiller\SpyKiller log9-8-0663451.txt
C:\Program Files\SpyKiller\spyList
C:\Program Files\SpyKiller\Thumbs.db
C:\Program Files\SpyKiller\version.txt
C:\WINDOWS\cpbrkpie.ocx
F:\Backup_docs.bkf
F:\WINDOWS\cpbrkpie.ocx

.
((((((((((((((((((((((((( Files Created from 2008-03-14 to 2008-04-14 )))))))))))))))))))))))))))))))
.

2008-04-13 15:13 . 2008-04-13 15:13 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-04-13 15:13 . 2008-04-13 15:13 <DIR> d-------- C:\WINDOWS\LastGood
2008-04-13 15:13 . 2008-04-13 15:13 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-04-13 10:48 . 2008-04-13 10:48 <DIR> d-------- C:\Program Files\Adobe Media Player
2008-04-13 10:47 . 2008-04-13 10:47 <DIR> d-------- C:\Program Files\Common Files\Adobe AIR
2008-04-13 10:39 . 2008-04-13 10:58 <DIR> d-------- C:\Documents and Settings\David\.SunDownloadManager
2008-04-12 21:58 . 2008-04-12 21:58 <DIR> d-------- C:\Program Files\Trend Micro
2008-04-12 21:55 . 2008-04-12 21:55 <DIR> d-------- C:\Deckard
2008-03-28 23:37 . 2008-03-28 23:37 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2008-03-28 23:37 . 2008-03-28 23:37 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-14 02:18 --------- d-----w C:\Program Files\Quicken
2008-04-13 17:49 --------- d-----w C:\Program Files\Common Files\Adobe
2008-04-11 17:27 --------- d-----w C:\Program Files\QuickTime
2008-03-30 22:28 --------- d-----w C:\Documents and Settings\David\Application Data\U3
2008-03-14 04:01 --------- d-----w C:\Program Files\iTunes
2008-03-14 04:01 --------- d-----w C:\Program Files\iPod
2008-03-08 01:27 --------- d-----w C:\Documents and Settings\David\Application Data\Move Networks
2008-03-08 00:56 557,056 ----a-w C:\Documents and Settings\David\GoToAssist_phone__317_en.exe
2008-01-18 14:22 164 ----a-w C:\install.dat
2006-05-17 02:43 10,240 --sha-w C:\Program Files\Thumbs.db
2002-09-11 14:26 63,730 -c--a-w C:\Program Files\viewsonicinstruct_xp.pdf
2001-11-23 19:08 712,704 -c----w C:\WINDOWS\inf\OTHER\AUDIO3D.DLL
.

((((((((((((((((((((((((((((( snapshot@2008-04-13_ 9.21.07.87 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-09 10:20:43 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-13 18:06:48 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-13 17:50:46 295,606 ----a-r C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-A81200000003}\SC_Reader.exe
+ 2005-05-24 19:27:16 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2007-08-29 22:47:20 94,208 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2007-08-29 22:49:54 950,272 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
+ 2006-06-05 21:14:28 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcm80.dll
+ 2006-06-05 21:14:28 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcp80.dll
+ 2006-06-05 21:14:28 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56 15360]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2006-11-30 22:49 4662776]
"QuickenScheduledUpdates"="C:\Program Files\Quicken\bagent.exe" [2006-10-30 07:39 57344]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-10-28 16:25 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMixerTray"="C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-06-03 21:51 131072]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-08-11 01:07 188416]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"basicsmssmenu"="C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" [2007-10-09 17:21 169328]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-04 00:56 33280 C:\WINDOWS\system32\rundll32.exe]
"nwiz"="nwiz.exe" [2007-12-05 02:41 1626112 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="RUNDLL32.exe" [2004-08-04 00:56 33280 C:\WINDOWS\system32\rundll32.exe]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2006-10-13 21:44 95848]
"vptray"="C:\PROGRA~1\SYMANT~2\VPTray.exe" [2006-10-14 07:02 134856]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 13:10 267048]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 23:37 413696]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" [2008-01-04 21:56 5367664]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HOTSYNCSHORTCUTNAME.lnk - C:\Program Files\Palm\Hotsync.exe [2004-06-09 15:27:34 471040]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Symantec AntiVirus\\Rtvscan.exe"=
"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R2 Basics Service;Basics Service;"C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe" [2007-10-09 17:21]
R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 14:38]
S3 Winferno Subscription Service;Winferno Subscription Service;"C:\Program Files\Common Files\Winferno\WSS\WSS.exe" [2007-07-30 11:29]

.
Contents of the 'Scheduled Tasks' folder
"2008-04-11 02:21:04 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-04-13 18:07:08 C:\WINDOWS\Tasks\PCConfidential.job"
- C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
"2008-04-13 18:07:12 C:\WINDOWS\Tasks\WSSHelper.job"
- C:\Program Files\Common Files\Winferno\WSS\WSSHelper.exe
.
**************************************************************************

catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-14 03:14:56
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-04-14 3:16:55
ComboFix-quarantined-files.txt 2008-04-14 10:16:48
ComboFix2.txt 2008-04-13 18:18:32
Pre-Run: 165,817,962,496 bytes free
Post-Run: 165,778,452,480 bytes free
.
2008-04-13 18:05:36 --- E O F ---
dionneleep
Regular Member
 
Posts: 26
Joined: April 6th, 2008, 12:43 am

Re: Need help with rundll32.exe bad image issue please and thx

Unread postby dionneleep » April 14th, 2008, 10:30 am

Here is part 1 of the GetSystems info. I'm not sure how many posts it will take to get this on here.
GetSystemInfo version 3.0.0.5:
------------------------------
HARDWARE Information:
---------------------
Processor:
AMD Athlon(tm) XP 2500+ Unknown speed

Processors number:
1

BIOS:
Nvidia - 42302e31 Phoenix - AwardBIOS v6.00PG Phoenix - AwardBIOS v6.00PG o6N2U400-A Ver 1.0b 10/06/2003 BIOS Date: 10/06/03

System Date:
14/04/2008 (dd/mm/yyyy)

Total phisical memory:
511,496 Mb

Total virtual memory:
2047,896 Mb

Available phisical memory:
511,496 Mb

Available virtual memory:
1992,036 Mb

Hard drives:
Maxtor 6L200R0
Maxtor 92049U6

Logical disks structure:
a:\ REMOVABLE Full size - 0 Mb, Free size - 0 Mb, File system -
c:\ FIXED SYSTEM Full size - 194474 Mb, Free size - 158134 Mb, File system - NTFS
d:\ CDROM Full size - 194474 Mb, Free size - 158134 Mb, File system -
e:\ CDROM Full size - 194474 Mb, Free size - 158134 Mb, File system -
f:\ FIXED Full size - 19461 Mb, Free size - 2556 Mb, File system - NTFS
g:\ FIXED Full size - 476937 Mb, Free size - 444558 Mb, File system - NTFS
h:\ REMOVABLE Full size - 476937 Mb, Free size - 444558 Mb, File system -

Video adapters:
NVIDIA RIVA TNT2 Model 64/Model 64 Pro
DRIVER - System32\DRIVERS\nv4_mini.sys ("c:\windows\system32\drivers\nv4_mini.sys") File version = 6.14.11.6921, File size = 7435392, File modification date = 05/12/2007 09:41, File description = NVIDIA Compatible Windows 2000 Miniport Driver, Version 169.21 , Product Name = NVIDIA Compatible Windows 2000 Miniport Driver, Version 169.21 , Product version = 6.14.11.6921, Company name = NVIDIA Corporation ((C) NVIDIA Corporation. All rights reserved.) |2099581610|0x8c0456001b6900114bbb1c548bd8aaf5|
NVIDIA GeForce 6200
DRIVER - System32\DRIVERS\nv4_mini.sys ("c:\windows\system32\drivers\nv4_mini.sys") File version = 6.14.11.6921, File size = 7435392, File modification date = 05/12/2007 09:41, File description = NVIDIA Compatible Windows 2000 Miniport Driver, Version 169.21 , Product Name = NVIDIA Compatible Windows 2000 Miniport Driver, Version 169.21 , Product version = 6.14.11.6921, Company name = NVIDIA Corporation ((C) NVIDIA Corporation. All rights reserved.) |2099581610|0x8c0456001b6900114bbb1c548bd8aaf5|
NVIDIA GeForce4 MX 440 (Microsoft Corporation)
DRIVER - System32\DRIVERS\nv4_mini.sys ("c:\windows\system32\drivers\nv4_mini.sys") File version = 6.14.11.6921, File size = 7435392, File modification date = 05/12/2007 09:41, File description = NVIDIA Compatible Windows 2000 Miniport Driver, Version 169.21 , Product Name = NVIDIA Compatible Windows 2000 Miniport Driver, Version 169.21 , Product version = 6.14.11.6921, Company name = NVIDIA Corporation ((C) NVIDIA Corporation. All rights reserved.) |2099581610|0x8c0456001b6900114bbb1c548bd8aaf5|

NetWork adapters:
NVIDIA nForce Networking Controller
DRIVER - System32\DRIVERS\NVENET.sys ("c:\windows\system32\drivers\nvenet.sys") File version = 4.14.01.0416, File size = 93764, File modification date = 29/01/2004 09:45, File description = NVIDIA nForce MCP Networking Driver., Product Name = NVENET, Product version = 4.14.01.0416, Company name = NVIDIA Corporation (Copyright © 2001-2002 NVIDIA Corporation) |2109994555|0x1cf77b30dee5c75dea1eee697281802c|

Modems:

Multimedia:
C-Media AC97 Audio Device
DRIVER - system32\drivers\cmuda.sys ("c:\windows\system32\drivers\cmuda.sys") File version = 5.12.01.0041.3 (39b), File size = 812416, File modification date = 08/01/2004 19:37, File description = C-Media Audio WDM Driver, Product Name = C-Media Audio Driver (WDM), Product version = 5.12.01.0041, Company name = C-Media Inc (Copyright (C) C-Media Inc. 1998-2003) |690775659|0xddcde8ced6e753f9ebbd07659f808d9d|
Microsoft Streaming Clock Proxy
DRIVER - system32\drivers\MSPCLOCK.sys ("c:\windows\system32\drivers\mspclock.sys") File version = 5.3.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 5376, File modification date = 04/08/2004 05:58, File description = MS Proxy Clock, Product Name = Microsoft(R) Windows(R) Operating System, Product version = 5.3.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1663050309|0x13e75fef9dfeb08eeded9d0246e1f448|
Microsoft Streaming Quality Manager Proxy
DRIVER - system32\drivers\MSPQM.sys ("c:\windows\system32\drivers\mspqm.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 4992, File modification date = 04/08/2004 05:58, File description = MS Proxy Quality Manager, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |879297618|0x1988a33ff19242576c3d0ef9ce785da7|
Microsoft Streaming Service Proxy
DRIVER - system32\drivers\MSKSSRV.sys ("c:\windows\system32\drivers\mskssrv.sys") File version = 5.3.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 7552, File modification date = 04/08/2004 05:58, File description = MS KS Server, Product Name = Microsoft(R) Windows(R) Operating System, Product version = 5.3.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |739428076|0xae431a8dd3c1d0d0610cdbac16057ad0|
Microsoft Kernel System Audio Device
DRIVER - system32\drivers\sysaudio.sys ("c:\windows\system32\drivers\sysaudio.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 60800, File modification date = 04/08/2004 06:15, File description = System Audio WDM Filter, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-200468949|0x650ad082d46bac0e64c9c0e0928492fd|
Microsoft Kernel DRM Audio Descrambler
DRIVER - system32\drivers\drmkaud.sys ("c:\windows\system32\drivers\drmkaud.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 2944, File modification date = 04/08/2004 06:07, File description = Microsoft Kernel DRM Audio Descrambler Filter, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1208245848|0x1ed4dbbae9f5d558dbba4cc450e3eb2e|
Microsoft Kernel Wave Audio Mixer
DRIVER - system32\drivers\kmixer.sys ("c:\windows\system32\drivers\kmixer.sys") File version = 5.1.2600.2929 (xpsp_sp2_gdr.060613-2359), File size = 172416, File modification date = 14/06/2006 08:47, File description = Kernel Mode Audio Mixer, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2929, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1442386742|0xba5deda4d934e6288c2f66caf58d2562|
Microsoft Kernel Acoustic Echo Canceller
DRIVER - system32\drivers\aec.sys ("c:\windows\system32\drivers\aec.sys") File version = 5.1.2601.2180, File size = 142464, File modification date = 15/02/2006 00:22, File description = Microsoft Acoustic Echo Canceller, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2601.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-404786700|0x1ee7b434ba961ef845de136224c30fec|
Microsoft Kernel GS Wavetable Synthesizer
DRIVER - system32\drivers\swmidi.sys ("c:\windows\system32\drivers\swmidi.sys") File version = 5.1.2600.0 (XPClient.010817-1148), File size = 54272, File modification date = 17/08/2001 21:00, File description = Microsoft GS Wavetable Synthesizer, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |983295529|0x94abc808fc4b6d7d2bbf42b85e25bb4d|
Microsoft Kernel DLS Synthesizer
DRIVER - system32\drivers\DMusic.sys ("c:\windows\system32\drivers\dmusic.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 52864, File modification date = 04/08/2004 06:07, File description = Microsoft Kernel DLS Synthesizer, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1792888132|0xa6f881284ac1150e37d9ae47ff601267|
Microsoft WINMM WDM Audio Compatibility Driver
DRIVER - system32\drivers\wdmaud.sys ("c:\windows\system32\drivers\wdmaud.sys") File version = 5.1.2600.2929 (xpsp_sp2_gdr.060613-2359), File size = 82944, File modification date = 14/06/2006 09:00, File description = MMSYSTEM Wave/Midi API mapper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2929, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-494542293|0xefd235ca22b57c81118c1aeb4798f1c1|
Microsoft Kernel Audio Splitter
DRIVER - system32\drivers\splitter.sys ("c:\windows\system32\drivers\splitter.sys") File version = 5.1.2600.2929 (xpsp_sp2_gdr.060613-2359), File size = 6400, File modification date = 14/06/2006 08:47, File description = Microsoft Kernel Audio Splitter, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2929, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1760326855|0x0ce218578fff5f4f7e4201539c45c78f|

Printers:
hp psc 2400 series - default printer
DRIVER - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\hpz2ku09.dll ("c:\windows\system32\spool\drivers\w32x86\3\hpz2ku09.dll") File version = 2.236.1.0, File size = 204800, File modification date = 11/08/2003 08:07, File description = HPDJ Driver, Product Name = HP DeskJet, Product version = 2.236.1.0, Company name = HP (Copyright (c) Hewlett-Packard Company 1999-2003) |-990697662|0xaac64cdb4d0e1a665f3cc69f1d7b4768|
Quicken PDF Printer
DRIVER - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\acpdf250.dll ("c:\windows\system32\spool\drivers\w32x86\3\acpdf250.dll") File version = 2.50, File size = 341149, File modification date = 14/02/2005 22:48, File description = Amyuni Document Converter, Product Name = Amyuni Document Converter, Product version = 2.50, Company name = AMYUNI Technologies http://www.amyuni.com (Copyright © 1999-2004, AMYUNI Technologies) |-1546915304|0xa0674644e21b70084446639ab30a8c88|
Microsoft Office Document Image Writer
DRIVER - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\mdigraph.dll ("c:\windows\system32\spool\drivers\w32x86\3\mdigraph.dll") File version = 11.3.1897.0, File size = 758784, File modification date = 19/06/2003 00:31, File description = Microsoft® Document Imaging, Product Name = Microsoft Office Document Imaging, Product version = 11.3.1897.0, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 2001-2003) |44298690|0x365d6248953729f90d8a0caeaedfcc7a|
hp psc 2400 series fax
DRIVER - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\hpz2ku09.dll ("c:\windows\system32\spool\drivers\w32x86\3\hpz2ku09.dll") File version = 2.236.1.0, File size = 204800, File modification date = 11/08/2003 08:07, File description = HPDJ Driver, Product Name = HP DeskJet, Product version = 2.236.1.0, Company name = HP (Copyright (c) Hewlett-Packard Company 1999-2003) |-990697662|0xaac64cdb4d0e1a665f3cc69f1d7b4768|

Removable devices:
Floppy disk drive
DRIVER - System32\DRIVERS\flpydisk.sys ("c:\windows\system32\drivers\flpydisk.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 20480, File modification date = 04/08/2004 05:59, File description = Floppy Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-410632913|0x0dd1de43115b93f4d85e889d7a86f548|
LG CD-ROM CRD-8480C
DRIVER - System32\DRIVERS\cdrom.sys ("c:\windows\system32\drivers\cdrom.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 49536, File modification date = 04/08/2004 05:59, File description = SCSI CD-ROM Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-638809301|0xaf9c19b3100fe010496b1a27181fbf72|
LITE-ON LTR-52246S
DRIVER - System32\DRIVERS\cdrom.sys ("c:\windows\system32\drivers\cdrom.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 49536, File modification date = 04/08/2004 05:59, File description = SCSI CD-ROM Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-638809301|0xaf9c19b3100fe010496b1a27181fbf72|
CD-ROM Drive
DRIVER - System32\DRIVERS\cdrom.sys ("c:\windows\system32\drivers\cdrom.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 49536, File modification date = 04/08/2004 05:59, File description = SCSI CD-ROM Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-638809301|0xaf9c19b3100fe010496b1a27181fbf72|

SOFTWARE Information:
---------------------
Operation system:
Microsoft Windows XP Professional Edition, 5.1.2600 Service Pack 2

Environment variables:
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\David\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.5.0_10\lib\ext\QTJava.zip
CLIENTNAME=Console
COLLECTIONID=COL5123
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=PEARLY
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HMSERVER=https://h30083.www3.hp.com/wuss/servlet/WUSSServlet
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\David
ITEMID=dj-17724-8
LANG=1033
LOGONSERVER=\\PEARLY
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
OSVER=winXPP
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\QuickTime\QTSystem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0a00
ProgramFiles=C:\Program Files
QTJAVA=C:\Program Files\Java\jre1.5.0_10\lib\ext\QTJava.zip
SESSIONID=1089242066370wuws04-l19ec4ed:fdb40207e7:3b57
SESSIONNAME=Console
SWUTVER=1.0.18.20030625
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\David\LOCALS~1\Temp
TIMEOUT=0
TMP=C:\DOCUME~1\David\LOCALS~1\Temp
TOOLPATH=/C:\Program%20Files\HP\HP%20Software%20Update\install.htm
UPDATEDIR=C:\DOCUME~1\David\LOCALS~1\Temp\rad7B25E.tmp
USERDOMAIN=PEARLY
USERNAME=David
USERPROFILE=C:\Documents and Settings\David
VERSION=3.0.1
windir=C:\WINDOWS

Installed network protocols:
---------clients---------
WebClient
DRIVER - %SystemRoot%\System32\svchost.exe -k LocalService ("C:\WINDOWS\system32\svchost.exe") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 14336, File modification date = 04/08/2004 07:56, File description = Generic Host Process for Win32 Services, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1487710196|0x8f078ae4ed187aaabc0a305146de6716|
Client for Microsoft Networks
DRIVER - %SystemRoot%\System32\svchost.exe -k netsvcs ("C:\WINDOWS\system32\svchost.exe") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 14336, File modification date = 04/08/2004 07:56, File description = Generic Host Process for Win32 Services, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1487710196|0x8f078ae4ed187aaabc0a305146de6716|
--------protocol---------
WINS Client(TCP/IP) Protocol
DRIVER - System32\DRIVERS\netbt.sys ("c:\windows\system32\drivers\netbt.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 162816, File modification date = 04/08/2004 06:14, File description = MBT Transport driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-659266086|0x0c80e410cd2f47134407ee7dd19cc86b|
Internet Protocol (TCP/IP)
DRIVER - System32\DRIVERS\tcpip.sys ("c:\windows\system32\drivers\tcpip.sys") File version = 5.1.2600.3244 (xpsp_sp2_gdr.071030-1259), File size = 360064, File modification date = 30/10/2007 17:20, File description = TCP/IP Protocol Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3244, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1685878368|0x90caff4b094573449a0872a0f919b178|
Point to Point Tunneling Protocol
Remote Access NDIS WAN Driver
DRIVER - System32\DRIVERS\ndiswan.sys ("c:\windows\system32\drivers\ndiswan.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 91776, File modification date = 04/08/2004 06:14, File description = MS PPP Framing Driver (Strong Encryption), Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1355719625|0x0b90e255a9490166ab368cd55a529893|
NDIS Usermode I/O Protocol
DRIVER - System32\DRIVERS\ndisuio.sys ("c:\windows\system32\drivers\ndisuio.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 12928, File modification date = 04/08/2004 06:03, File description = NDIS User mode I/O Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |897342069|0x34d6cd56409da9a7ed573e1c90a308bf|
Layer 2 Tunneling Protocol
Message-oriented TCP/IP Protocol (SMB session)
Point to Point Protocol Over Ethernet
DRIVER - System32\DRIVERS\raspppoe.sys ("c:\windows\system32\drivers\raspppoe.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 41472, File modification date = 04/08/2004 06:05, File description = RAS PPPoE mini-port/call-manager driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |312872443|0x7306eeed8895454cbed4669be9f79faa|
--------services---------
Application Layer Gateway
DRIVER - %SystemRoot%\System32\alg.exe ("C:\WINDOWS\system32\alg.exe") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 44544, File modification date = 04/08/2004 07:56, File description = Application Layer Gateway Service, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1195155919|0xf1958fbf86d5c004cf19a5951a9514b7|
Wireless Zero Configuration
DRIVER - %SystemRoot%\System32\svchost.exe -k netsvcs ("C:\WINDOWS\system32\svchost.exe") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 14336, File modification date = 04/08/2004 07:56, File description = Generic Host Process for Win32 Services, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1487710196|0x8f078ae4ed187aaabc0a305146de6716|
Generic Packet Classifier
DRIVER - System32\DRIVERS\msgpc.sys ("c:\windows\system32\drivers\msgpc.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 35072, File modification date = 04/08/2004 06:04, File description = MS General Packet Classifier, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-2000962340|0xc0f1d4a21de5a415df8170616703debf|
QoS RSVP
DRIVER - %SystemRoot%\System32\rsvp.exe ("C:\WINDOWS\system32\rsvp.exe") File version = 5.1.2600.0 (xpclient.010817-1148), File size = 132608, File modification date = 23/08/2001 12:00, File description = Microsoft RSVP, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1611436428|0x471b3f9741d762abe75e9deea4787e47|
QoS Packet Scheduler
DRIVER - System32\DRIVERS\psched.sys ("c:\windows\system32\drivers\psched.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 69120, File modification date = 04/08/2004 06:04, File description = MS QoS Packet Scheduler, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |382145767|0x48671f327553dcf1d27f6197f622a668|
Steelhead
DRIVER - %SystemRoot%\System32\svchost.exe -k netsvcs ("C:\WINDOWS\system32\svchost.exe") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 14336, File modification date = 04/08/2004 07:56, File description = Generic Host Process for Win32 Services, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1487710196|0x8f078ae4ed187aaabc0a305146de6716|
File and Printer Sharing for Microsoft Networks
DRIVER - %SystemRoot%\System32\svchost.exe -k netsvcs ("C:\WINDOWS\system32\svchost.exe") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 14336, File modification date = 04/08/2004 07:56, File description = Generic Host Process for Win32 Services, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1487710196|0x8f078ae4ed187aaabc0a305146de6716|
Dial-Up Client
NetBIOS Interface
DRIVER - System32\DRIVERS\netbios.sys ("c:\windows\system32\drivers\netbios.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 34560, File modification date = 04/08/2004 06:03, File description = NetBIOS interface driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |848815196|0x3a2aca8fc1d7786902ca434998d7ceb4|
Remote Access Connection Manager
DRIVER - %SystemRoot%\System32\svchost.exe -k netsvcs ("C:\WINDOWS\system32\svchost.exe") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 14336, File modification date = 04/08/2004 07:56, File description = Generic Host Process for Win32 Services, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1487710196|0x8f078ae4ed187aaabc0a305146de6716|
Dial-Up Server
-----------by type----------
MSAFD Tcpip [TCP/IP]
MSAFD Tcpip [UDP/IP]
MSAFD Tcpip [RAW/IP]
RSVP UDP Service Provider
RSVP TCP Service Provider
MSAFD NetBIOS [\Device\NetBT_Tcpip_{C5BA3165-392C-4C16-8D1A-CB72E3819C66}] SEQPACKET 0
MSAFD NetBIOS [\Device\NetBT_Tcpip_{C5BA3165-392C-4C16-8D1A-CB72E3819C66}] DATAGRAM 0
MSAFD NetBIOS [\Device\NetBT_Tcpip_{9B360ACF-6A43-45A4-BB87-72BA1439B3E2}] SEQPACKET 1
MSAFD NetBIOS [\Device\NetBT_Tcpip_{9B360ACF-6A43-45A4-BB87-72BA1439B3E2}] DATAGRAM 1
MSAFD NetBIOS [\Device\NetBT_Tcpip_{85A11439-1AB3-4A95-9E5B-05FC5EDF24CB}] SEQPACKET 2
MSAFD NetBIOS [\Device\NetBT_Tcpip_{85A11439-1AB3-4A95-9E5B-05FC5EDF24CB}] DATAGRAM 2

Installed applications/hotfixes:
Meeting Service Player
DEINSTALLATION: C:\WINDOWS\DOWNLO~1\atcliun.exe
Adobe Acrobat 4.0 4.0 (Adobe Systems, Inc.)
DEINSTALLATION: C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.dll"
Adobe AIR 1.0.4990 (Adobe Systems Inc.)
DEINSTALLATION: C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe Atmosphere Player for Acrobat and Adobe Reader
DEINSTALLATION: C:\WINDOWS\atmoUn.exe
Adobe Flash Player ActiveX 9.0.47.0 (Adobe Systems Incorporated)
DEINSTALLATION: C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
AnyDVD (SlySoft)
DEINSTALLATION: "C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD"
C-Media 3D Audio
DEINSTALLATION: C:\WINDOWS\CMIUnInstall.exe
Cake Mania (remove only)
DEINSTALLATION: "C:\Program Files\Yahoo! Games\Cake Mania\Uninstall.exe"
Canon Camera Access Library 8.1.1.17
DEINSTALLATION: "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini"
Canon Camera Window DC_DV 5 for ZoomBrowser EX 5.4.5.17
DEINSTALLATION: "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini"
Canon Camera Window DC_DV 6 for ZoomBrowser EX 6.2.0.8
DEINSTALLATION: "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"
Canon Camera Window MC 6 for ZoomBrowser EX 6.1.0.7
DEINSTALLATION: "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowMC\Uninst.ini"
Canon G.726 WMP-Decoder 1.0.1.3
DEINSTALLATION: "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\G726Decoder\G726DecUnInstall.ini"
Carrie the Caregiver (remove only)
DEINSTALLATION: "C:\Program Files\Yahoo! Games\Carrie the Caregiver\Uninstall.exe"
Ciao Bella (remove only)
DEINSTALLATION: "C:\Program Files\Yahoo! Games\Ciao Bella\Uninstall.exe"
CloneDVD2 (Elaborate Bytes)
DEINSTALLATION: "C:\Program Files\slysoft\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files\slysoft\CloneDVD2"
Adobe Media Player 1.0 (Adobe Systems Incorporated)
DEINSTALLATION: C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.amp 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Canon Camera Support Core Library 7.3.1.6
DEINSTALLATION: "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini"
Diner Dash (remove only)
DEINSTALLATION: "C:\Program Files\Yahoo! Games\Diner Dash\Uninstall.exe"
Drop
DEINSTALLATION: C:\PROGRA~1\eGames\Drop\UNWISE.EXE C:\PROGRA~1\eGames\Drop\INSTALL.LOG
Drop!
DEINSTALLATION: C:\PROGRA~1\eGames\Drop!\UNWISE.EXE C:\PROGRA~1\eGames\Drop!\INSTALL.LOG
Canon Utilities EOS Utility 1.0.3.17
DEINSTALLATION: "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini"
Freddi Fish's One-Stop Fun Shop
DEINSTALLATION: C:\WINDOWS\IsUninst.exe -fc:\hegames\FreddisFunShop\Uninst.isu
HijackThis 2.0.2 2.0.2 (TrendMicro)
DEINSTALLATION: "C:\DOCUME~1\David\LOCALS~1\Temp\Rar$EX06.922\HijackThis.exe" /uninstall
HP Photo & Imaging 3.1 3.1 (HP)
DEINSTALLATION: C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
Microsoft Internationalized Domain Names Mitigation APIs, installation data=20070307 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Windows Internet Explorer 7 20061107.210142, installation data=20070307 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\ie7\spuninst\spuninst.exe"
Drive Manager (English) 1.00.0012, installation data=20071202 (Seagate Technology)
DEINSTALLATION: "C:\Program Files\InstallShield Installation Information\{48B0F38D-1913-44F3-99AA-D4C55A2B038E}\setup.exe" -runfromtemp -l0x0409 -removeonly
iPod for Windows 2005-10-12 (English) 4.3.0, installation data=20051223 (Apple Computer, Inc.)
DEINSTALLATION: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{D9F4A9F8-92C5-4289-9D04-F0F8F02D580A} /l1033
JumpStart Advanced School Time
DEINSTALLATION: C:\Program Files\Common Files\Knowledge Adventure\Uninstall\JSSchoolTimeUn.exe
Kaspersky Online Scanner 5.0 (Kaspersky Lab)
DEINSTALLATION: C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
Windows XP Hotfix - KB834707 20040929.110854 (Microsoft Corporation)
DEINSTALLATION: C:\WINDOWS\$NtUninstallKB834707$\spuninst\spuninst.exe
Windows XP Hotfix - KB867282 20050127.090417 (Microsoft Corporation)
DEINSTALLATION: C:\WINDOWS\$NtUninstallKB867282$\spuninst\spuninst.exe
Microsoft Data Access Components KB870669 (Microsoft Corporation)
DEINSTALLATION: C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft Data Access Components KB870669 (Microsoft Corporation)
DEINSTALLATION: C:\WINDOWS\muninst.exe /d C:\WINDOWS\INF\KB870669.inf
Windows XP Hotfix - KB873333 20050114.005213 (Microsoft Corporation)
DEINSTALLATION: C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
Windows XP Hotfix - KB873339 20041117.092459 (Microsoft Corporation)
DEINSTALLATION: C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Security Update for Windows XP (KB883939) 1, installation data=20050618 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB883939$\spuninst\spuninst.exe"
Windows XP Hotfix - KB885250 20050118.202711 (Microsoft Corporation)
DEINSTALLATION: C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
Windows XP Hotfix - KB885835 20041027.181713 (Microsoft Corporation)
DEINSTALLATION: C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Windows XP Hotfix - KB885836 20041028.173203 (Microsoft Corporation)
DEINSTALLATION: C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Windows XP Hotfix - KB886185 20041021.090540 (Microsoft Corporation)
DEINSTALLATION: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Windows XP Hotfix - KB887472 20041014.162858 (Microsoft Corporation)
DEINSTALLATION: C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Windows XP Hotfix - KB887742 20041103.095002 (Microsoft Corporation)
DEINSTALLATION: C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
Windows XP Hotfix - KB888113 20041116.131036 (Microsoft Corporation)
DEINSTALLATION: C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
Windows XP Hotfix - KB888302 20041207.111426 (Microsoft Corporation)
DEINSTALLATION: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Security Update for Windows XP (KB890046) 1, installation data=20050618 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Windows XP Hotfix - KB890047 20041221.124506 (Microsoft Corporation)
DEINSTALLATION: C:\WINDOWS\$NtUninstallKB890047$\spuninst\spuninst.exe
Windows XP Hotfix - KB890175 20041201.233338 (Microsoft Corporation)
DEINSTALLATION: C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
Windows XP Hotfix - KB890859 1, installation data=20050412 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Windows XP Hotfix - KB890923 1, installation data=20050412 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB890923$\spuninst\spuninst.exe"
Windows XP Hotfix - KB891781 20050110.165439 (Microsoft Corporation)
DEINSTALLATION: C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Windows Genuine Advantage Validation Tool (KB892130), installation data=20070628 (Microsoft Corporation)
DEINSTALLATION:
Windows XP Hotfix - KB893066 1, installation data=20050412 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
Windows XP Hotfix - KB893086 1, installation data=20050412 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst.exe"
Security Update for Windows XP (KB893756) 1, installation data=20050812 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803) 3.1 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$MSI31Uninstall_KB893803$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803) 3.1 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Update for Windows XP (KB894391) 1, installation data=20050812 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896358) 1, installation data=20050618 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896422) 1, installation data=20050618 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896423) 1, installation data=20050812 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896424) 1, installation data=20051109 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896428) 1, installation data=20050618 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896688) 1, installation data=20051022 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB896688$\spuninst\spuninst.exe"
Update for Windows XP (KB896727) 1, installation data=20050812 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe"
Update for Windows XP (KB898461) 1, installation data=20050628 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899587) 1, installation data=20050812 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899588) 1, installation data=20050812 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB899588$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899589) 1, installation data=20051022 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899591) 1, installation data=20050812 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Update for Windows XP (KB900485) 2, installation data=20060426 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Security Update for Windows XP (KB900725) 1, installation data=20051022 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901017) 1, installation data=20051022 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901190) 1, installation data=20060215 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901214) 1, installation data=20050713 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Security Update for Windows XP (KB902400) 1, installation data=20051022 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Security Update for Windows XP (KB903235) 1, installation data=20050713 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe"
Security Update for Windows XP (KB904706) 1, installation data=20051022 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Update for Windows XP (KB904942) 2, installation data=20070307 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905414) 1, installation data=20051022 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905749) 1, installation data=20051022 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905915) 1, installation data=20051214 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe"
Security Update for Windows XP (KB908519) 1, installation data=20060111 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Security Update for Windows XP (KB908531) 1, installation data=20060413 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Update for Windows XP (KB910437) 1, installation data=20051214 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911280) 1, installation data=20060615 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911562) 1, installation data=20060413 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB911564), installation data=20060215 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB911565), installation data=20060215 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911567) 1, installation data=20060413 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911927) 1, installation data=20060215 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Security Update for Windows XP (KB912812) 1, installation data=20060413 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
Security Update for Windows XP (KB912919) 1, installation data=20060105 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Security Update for Windows XP (KB913446) 1, installation data=20060218 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
Security Update for Windows XP (KB913580) 1, installation data=20060512 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Security Update for Windows XP (KB914388) 1, installation data=20060712 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Security Update for Windows XP (KB914389) 1, installation data=20060615 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB914440) 12, installation data=20070307 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915865) 10, installation data=20070307 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
Security Update for Windows XP (KB916281) 1, installation data=20060615 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
Update for Windows XP (KB916595) 1, installation data=20060712 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Security Update for Windows XP (KB917159) 1, installation data=20060712 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
Security Update for Windows XP (KB917344) 1, installation data=20060615 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Security Update for Windows XP (KB917422) 1, installation data=20060813 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB917734), installation data=20060615 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB917953) 1, installation data=20060615 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Security Update for Windows XP (KB918118) 1, installation data=20070214 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Security Update for Windows XP (KB918439) 1, installation data=20060615 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Security Update for Windows XP (KB918899) 1, installation data=20060813 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
Security Update for Windows XP (KB919007) 1, installation data=20060913 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920213) 1, installation data=20061118 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920214) 1, installation data=20060813 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920670) 1, installation data=20060813 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920683) 1, installation data=20060813 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920685) 1, installation data=20060913 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Update for Windows XP (KB920872) 1, installation data=20060913 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Security Update for Windows XP (KB921398) 1, installation data=20060813 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
Security Update for Windows XP (KB921503) 1, installation data=20070815 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
Security Update for Windows XP (KB921883) 1, installation data=20060809 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
Update for Windows XP (KB922582) 1, installation data=20060913 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Security Update for Windows XP (KB922616) 1, installation data=20060813 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
Security Update for Windows XP (KB922760) 1, installation data=20061118 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB922819) 1, installation data=20061012 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923191) 1, installation data=20061012 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923414) 1, installation data=20061012 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923689), installation data=20061217 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923694) 1, installation data=20061217 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923980) 1, installation data=20061118 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924191) 1, installation data=20061012 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924270) 1, installation data=20061118 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924496) 1, installation data=20061012 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924667) 1, installation data=20070214 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Security Update for Windows Media Player 6.4 (KB925398), installation data=20061217 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
Security Update for Windows XP (KB925454) 1, installation data=20061217 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe"
Security Update for Windows XP (KB925486) 1, installation data=20060927 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
Security Update for Windows XP (KB925902) 1, installation data=20070404 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB926239) 2, installation data=20070304 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
Security Update for Windows XP (KB926255) 1, installation data=20061217 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Security Update for Windows XP (KB926436) 1, installation data=20070214 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Security Update for Windows XP (KB927779) 1, installation data=20070214 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Security Update for Windows XP (KB927802) 1, installation data=20070214 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Update for Windows XP (KB927891) 3, installation data=20070522 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Security Update for Windows XP (KB928090) 1, installation data=20070307 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB928090) 20070117.120000, installation data=20070307 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Security Update for Windows XP (KB928255) 1, installation data=20070214 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Security Update for Windows XP (KB928843) 1, installation data=20070214 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Security Update for Windows XP (KB929123) 1, installation data=20070613 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Update for Windows XP (KB929338) 1, installation data=20070314 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
Hotfix for Windows Media Format 11 SDK (KB929399), installation data=20070314 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB929969) 20061222.120000, installation data=20070307 (Microsoft Corporation)
DEINSTALLATION:
Security Update for Windows XP (KB930178) 1, installation data=20070411 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Update for Windows XP (KB930916) 1, installation data=20070510 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Security Update for Windows XP (KB931261) 1, installation data=20070411 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB931768) 1, installation data=20070510 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Security Update for Windows XP (KB931784) 1, installation data=20070411 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Update for Windows XP (KB931836) 1, installation data=20070214 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
Security Update for CAPICOM (KB931906) 2.1.0.2 (Microsoft Corporation)
DEINSTALLATION: MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows XP (KB932168) 1, installation data=20070411 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Update for Windows XP (KB933360) 1, installation data=20070829 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB933566) 1, installation data=20070613 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Security Update for Windows XP (KB933729) 1, installation data=20071011 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Security Update for Windows XP (KB935839) 1, installation data=20070613 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB935840) 1, installation data=20070613 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Security Update for Windows XP (KB936021) 1, installation data=20070815 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782), installation data=20070815 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB937143) 1, installation data=20070815 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Security Update for Windows XP (KB937894) 1, installation data=20071212 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB937894$\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127) 1, installation data=20070815 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Update for Windows XP (KB938828) 1, installation data=20070815 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938829) 1, installation data=20070815 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB939653) 1, installation data=20071011 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683), installation data=20070831 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941202) 1, installation data=20071011 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941568) 1, installation data=20071212 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569), installation data=20071212 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941644) 1, installation data=20080109 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941693) 1, installation data=20080409 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615) 1, installation data=20071212 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Update for Windows XP (KB942763) 1, installation data=20071212 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Security Update for Windows XP (KB943055) 1, installation data=20080213 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Security Update for Windows XP (KB943460) 1, installation data=20071114 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Security Update for Windows XP (KB943485) 1, installation data=20080109 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533) 1, installation data=20080213 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows XP (KB944653) 1, installation data=20071212 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Security Update for Windows XP (KB945553) 1, installation data=20080409 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946026) 1, installation data=20080213 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Hotfix for Windows Internet Explorer 7 (KB947864) 1, installation data=20080409 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Security Update for Windows XP (KB948590) 1, installation data=20080409 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
Security Update for Windows XP (KB948881) 1, installation data=20080409 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
LiveUpdate 3.2 (Symantec Corporation) 3.2.0.24 (Symantec Corporation)
DEINSTALLATION: "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Luxor (remove only)
DEINSTALLATION: "C:\Program Files\MumboJumbo\Luxor\uninstall.exe"
Luxor Amun Rising (remove only)
DEINSTALLATION: "C:\Program Files\MumboJumbo\Luxor Amun Rising\uninstall.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)
DEINSTALLATION: "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Macromedia Shockwave Player 10.1.0.11 (Macromedia, Inc.)
DEINSTALLATION: C:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~2\Install.log
Microsoft .NET Framework 1.1
DEINSTALLATION: msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Canon MovieEdit Task for ZoomBrowser EX 2.2.0.13
DEINSTALLATION: "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\MVWUninst.ini"
Microsoft Compression Client Pack 1.0 for Windows XP 1, installation data=20070304 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs, installation data=20070307 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
NVIDIA Drivers
DEINSTALLATION: C:\WINDOWS\system32\NVUNINST.EXE UninstallGUI
Penguin Puzzle
DEINSTALLATION: C:\PROGRA~1\eGames\PENGUI~1\UNWISE.EXE C:\PROGRA~1\eGames\PENGUI~1\INSTALL.LOG
Canon Utilities PhotoStitch 3.1.17.41
DEINSTALLATION: "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini"
Canon RAW Image Task for ZoomBrowser EX 2.3.0.11
DEINSTALLATION: "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini"
Canon RemoteCapture Task for ZoomBrowser EX 1.5.0.5
DEINSTALLATION: "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"
Sandlot Games Client Services (Sandlot Games)
DEINSTALLATION: "C:\Program Files\Common Files\Sandlot Shared\unins000.exe"
Shockwave
DEINSTALLATION: C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Shockwave Director 10.1
DEINSTALLATION: RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\\INF\\swdir.inf,DefaultUninstall,5
Super Collapse! 3 (GameHouse, Inc.)
DEINSTALLATION: C:\PROGRA~1\MUMBOJ~1\SUPERC~1\UNWISE.EXE /U C:\PROGRA~1\MUMBOJ~1\SUPERC~1\INSTALL.LOG
Ultimate Mahjongg 10 10.0 (ValuSoft)
DEINSTALLATION: C:\PROGRA~1\ValuSoft\ULTIMA~1\UNWISE.EXE C:\PROGRA~1\ValuSoft\ULTIMA~1\INSTALL.LOG
Viewpoint Manager (Remove Only)
DEINSTALLATION: C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgrInstaller.exe /u /k
Viewpoint Toolbar
DEINSTALLATION: C:\Program Files\Viewpoint\Viewpoint Toolbar\3.8.0\Uninstaller.exe /u /k /url "http://www.viewpoint.com/pub/uninstallcompleted.html"
Microsoft Web Publishing Wizard 1.52
DEINSTALLATION: RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie4x86.inf,WebPostUninstall
Windows Genuine Advantage Validation Tool (KB892130) 1.7.0036.0 (Microsoft Corporation)
Windows Genuine Advantage Notifications (KB905474) 1.7.0018.7, installation data=20071215 (Microsoft Corporation)
DEINSTALLATION:
Windows Media Format 11 runtime
DEINSTALLATION: "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 11
DEINSTALLATION: "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows XP Service Pack 2 20040803.231319 (Microsoft Corporation)
DEINSTALLATION: C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe
WinRAR archiver
DEINSTALLATION: C:\Program Files\WinRAR\uninstall.exe
Windows Media Format 11 runtime, installation data=20070304 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11, installation data=20070304 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Microsoft User-Mode Driver Framework Feature Pack 1.0, installation data=20070304 (Microsoft Corporation)
DEINSTALLATION: "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Yahoo! Toolbar
DEINSTALLATION: C:\PROGRA~1\Yahoo!\Common\unyt.exe
Yahoo! extras
DEINSTALLATION: C:\PROGRA~1\Yahoo!\Common\unyext.exe
Yahoo! Internet Mail
DEINSTALLATION: C:\WINDOWS\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\ymmapi.dll
Yahoo! Messenger
DEINSTALLATION: C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Toolbar
Yahoo! Install Manager
DEINSTALLATION: C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Canon Utilities ZoomBrowser EX 5.6.0.27
DEINSTALLATION: "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini"
Adobe AIR (English) 1.0.8.4990, installation data=20080413 (Adobe Systems Inc.)
DEINSTALLATION: MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
AiO_Scan (English) 5.31.1.27, installation data=20040615 (Hewlett-Packard)
MSXML 6.0 Parser (KB933579) (English) 6.10.1200.0, installation data=20071203 (Microsoft Corporation)
DEINSTALLATION: MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Security Update for CAPICOM (KB931906) (English) 2.1.0.2, installation data=20071011 (Microsoft Corporation)
DEINSTALLATION: MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
QuickTime (English) 7.4.5.67, installation data=20080411 (Apple Inc.)
DEINSTALLATION: MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
Overland (English) 1.76.0, installation data=20040615 (Hewlett-Packard)
Adobe Media Player (English) 0.0.0, installation data=20080413 (Adobe Systems Incorporated)
DEINSTALLATION: MsiExec.exe /I{1EBB57D4-63FF-87CC-A0F0-D73982CF6008}
Quicken 2006 (English) 15.1.3.1, installation data=20060128 (Intuit)
DEINSTALLATION: MsiExec.exe /X{2818095F-FB6C-42C8-827E-0A406CC9AFF5}
Memories Disc Creator 2.0 (English) 2.0.481.1611, installation data=20040715 (Memories Disc Creator 2.0)
DEINSTALLATION: MsiExec.exe /X{2E132061-C78A-48D4-A899-1D13B9D189FA}
DocProc (English) 3.1.0.0, installation data=20040615 (Hewlett-Packard)
OLYMPUS CAMEDIA Master 4.0
DEINSTALLATION: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{30BB4D60-81DB-11D5-BB77-00400536ABAC}\Setup.exe"
WebFldrs XP (English) 9.50.5318, installation data=20040611 (Microsoft Corporation)
MSXML 4.0 SP2 (KB927978) (English) 4.20.9841.0, installation data=20061118 (Microsoft Corporation)
DEINSTALLATION: MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
Disney's Mahjongg 1.0
DEINSTALLATION: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{37933094-157A-4FA5-9564-F350DEEBA5B2}\setup.exe" -l0x9 Disney's Mahjongg
HPSystemDiagnostics (English) 1.5.0.0, installation data=20040615 (Your Company Name)
Microsoft Windows Journal Viewer (English) 1.5.2315.3, installation data=20040702 (Microsoft)
DEINSTALLATION: MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}
Apple Mobile Device Support (English) 1.1.4.7, installation data=20080313 (Apple Inc.)
DEINSTALLATION: MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Drive Manager (English) 1.00.0012, installation data=20071202 (Seagate Technology)
DEINSTALLATION: MsiExec.exe /I{48B0F38D-1913-44F3-99AA-D4C55A2B038E}
Adobe® Photoshop® Album Starter Edition 3.0 (English) 3.00.000, installation data=20060327 (Adobe Systems, Inc.)
DEINSTALLATION: MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
SkinsHP1 (English) 5.31.0.147, installation data=20040615 (Hewlett-Packard)
ACDSee 5.0 PowerPack (English) 5.0.0, installation data=20040814 (ACD Systems Ltd)
DEINSTALLATION: MsiExec.exe /I{5058B085-AA79-41E5-A726-681B4C4B846E}
Readme (English) 5.31.1.27, installation data=20040615 (Hewlett-Packard)
QuickProjects (English) 5.31.0.147, installation data=20040615 (Hewlett-Packard)
Windows Genuine Advantage v1.3.0254.0 (English) 1.3.0254.0, installation data=20050918 (Microsoft)
DEINSTALLATION: MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
2400_2500Help (English) 5.31.1.27, installation data=20040615 ( Hewlett-Packard)
Symantec AntiVirus (English) 10.2.224.0, installation data=20080113 (Symantec Corporation)
DEINSTALLATION: MsiExec.exe /I{6C28BDA4-6D99-4DD0-9F22-6A90A445E982}
InstantShare (English) 3.1.0.13, installation data=20040615 (Hewlett-Packard)
overland (English) 2.1.5, installation data=20040716 (HP)
DEINSTALLATION: MsiExec.exe /I{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}
Spy Sweeper 5.5, installation data=20080118 (Webroot Software, Inc.)
DEINSTALLATION: "C:\Program Files\Webroot\Spy Sweeper\unins000.exe"
iTunes (English) 7.6.1.9, installation data=20080313 (Apple Inc.)
DEINSTALLATION: MsiExec.exe /I{80FD852F-5AAC-4129-B931-06AAFFA43138}
Director (English) 5.31.0.154, installation data=20040615 (Hewlett-Packard)
Nero 7 Demo (English) 7.00.1461, installation data=20060520 (Nero AG)
DEINSTALLATION: MsiExec.exe /I{84B2CF01-194D-2284-B313-F2E0D78D1033}
QFolder (English) 1.00.0000, installation data=20040615 (Hewlett-Packard)
Microsoft Office Professional Edition 2003 (English) 11.0.5614.0, installation data=20080409 (Microsoft Corporation)
DEINSTALLATION: MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Office OneNote 2003 (English) 11.0.8173.0, installation data=20080312 (Microsoft Corporation)
DEINSTALLATION: MsiExec.exe /I{90A10409-6000-11D3-8CFE-0150048383C9}
HP Software Update (English) 3.0.1.24, installation data=20040715 (HEWLET~1|Hewlett-Packard)
DEINSTALLATION: MsiExec.exe /X{936C42D0-8CEE-4BDF-B8CE-C4BDC93C6CF8}
Scan (English) 3.1.0.0, installation data=20040615 (Hewlett-Packard)
23_24_2500Tour (English) 5.31.1.27, installation data=20040615 ( Hewlett-Packard)
2400 (English) 5.31.1.27, installation data=20040615 (Hewlett-Packard)
hpmdtab (English) 2.0.470.1598, installation data=20040615 (Hewlett-Packard)
Palm (English) 4.1.0420, installation data=20071202 (Palm, Inc.)
DEINSTALLATION: MsiExec.exe /X{A005B38F-D5AB-4E35-93DD-9886E449FAF1}
CreativeProjects (English) 5.31.0.150, installation data=20040615 (Hewlett-Packard)
Adobe Reader 8.1.2 (English) 8.1.2, installation data=20080413 (Adobe Systems Incorporated)
DEINSTALLATION: MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
RealOptimizer ACD plug-in (English) 1.8, installation data=20040814 (Realview 3D B.V.)
DEINSTALLATION: MsiExec.exe /X{B3C125F4-D272-494C-B55F-7D74763056B0}
ViewSonic Monitor Drivers
DEINSTALLATION: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B4FEA924-630D-11D4-B78E-005004566E4D}\Setup.exe" -l0x9
Apple Software Update (English) 2.0.2.92, installation data=20070916 (Apple Inc.)
DEINSTALLATION: MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
Fax (English) 5.31.1.27, installation data=20040615 (Hewlett-Packard)
MSXML 4.0 SP2 (KB936181) (English) 4.20.9848.0, installation data=20070814 (Microsoft Corporation)
DEINSTALLATION: MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
AiOSoftware (English) 5.31.1.27, installation data=20040615 (Hewlett-Packard)
PhotoGallery (English) 5.31.0.158, installation data=20040615 (Hewlett-Packard)
LEGO My Style Preschool
DEINSTALLATION: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CA4E4163-4CE3-11D4-9532-005004039EB0}\setup.exe"
Microsoft .NET Framework 1.1 (English) 1.1.4322, installation data=20070710 (Microsoft)
DEINSTALLATION: MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
TrayApp (English) 5.31.0.147, installation data=20040615 (Hewlett-Packard)
PrintScreen (English) 5.31.0.147, installation data=20040615 (Hewlett-Packard)
Copy (English) 5.31.0.150, installation data=20040615 (Hewlett-Packard)
SkinsHP2 (English) 5.31.0.147, installation data=20040615 (Hewlett-Packard)
NvMixer
DEINSTALLATION: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D7A6C517-11F2-419F-B5BB-27772B939698}\Setup.exe" -uninstall
iPod for Windows 2005-10-12 (English) 4.3.0, installation data=20051223 (Apple Computer, Inc.)
Unload (English) 3.1.0, installation data=20040615 (Hewlett-Packard)
AIOMinimal (English) 5.31.1.27, installation data=20040615 (Hewlett-Packard)
HP PSC & OfficeJet 3.0 3.0 (HP)
DEINSTALLATION: "C:\Program Files\HP\Digital Imaging\{F38FA38A-7E5A-4209-88ED-4DE21CD20EEF}\setup\hpzscr01.exe" -datfile hposcr03.dat
2400_2500trb (English) 5.31.1.27, installation data=20040615 ( Hewlett-Packard)
WebReg (English) 5.31.0.147, installation data=20040615 (Hewlett-Packard)
HighMAT Extension to Microsoft Windows XP CD Writing Wizard (English) 1.1.1905.1, installation data=20040611 (Microsoft Corporation)
DEINSTALLATION: MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
dionneleep
Regular Member
 
Posts: 26
Joined: April 6th, 2008, 12:43 am

Re: Need help with rundll32.exe bad image issue please and thx

Unread postby dionneleep » April 14th, 2008, 10:32 am

Part 2

Runned drivers:
system32\drivers\aec.sys - stopped (demand) ("c:\windows\system32\drivers\aec.sys") File version = 5.1.2601.2180, File size = 142464, File modification date = 15/02/2006 00:22, File description = Microsoft Acoustic Echo Canceller, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2601.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-404786700|0x1ee7b434ba961ef845de136224c30fec|
system32\DRIVERS\asyncmac.sys - stopped (demand) ("c:\windows\system32\drivers\asyncmac.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 14336, File modification date = 04/08/2004 06:05, File description = MS Remote Access serial network driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2010232658|0x02000abf34af4c218c35d257024807d6|
System32\DRIVERS\atmarpc.sys - stopped (demand) ("c:\windows\system32\drivers\atmarpc.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 59904, File modification date = 04/08/2004 05:58, File description = IP/ATM Arp Client, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-535154941|0xec88da854ab7d7752ec8be11a741bb7f|
\??\C:\DOCUME~1\David\LOCALS~1\Temp\catchme.sys - stopped (demand)
System32\drivers\dmboot.sys - stopped (disabled) ("c:\windows\system32\drivers\dmboot.sys") File version = 2600.2180.503.0, File size = 799744, File modification date = 04/08/2004 06:07, File description = NT Disk Manager Startup Driver, Product Name = VERITAS® NT Disk Manager, Product version = 1.0, Company name = Microsoft Corp., Veritas Software (Copyright © 1985-2000 Microsoft Corporation. All rights reserved. Portions Copyright © 1997-2000 Veritas Software. All rights reserved.) |-956170070|0xc0fbb516e06e243f0cf31f597e7ebf7d|
system32\drivers\DMusic.sys - stopped (demand) ("c:\windows\system32\drivers\dmusic.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 52864, File modification date = 04/08/2004 06:07, File description = Microsoft Kernel DLS Synthesizer, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1792888132|0xa6f881284ac1150e37d9ae47ff601267|
system32\drivers\drmkaud.sys - stopped (demand) ("c:\windows\system32\drivers\drmkaud.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 2944, File modification date = 04/08/2004 06:07, File description = Microsoft Kernel DRM Audio Descrambler Filter, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1208245848|0x1ed4dbbae9f5d558dbba4cc450e3eb2e|
System32\DRIVERS\hidusb.sys - stopped (demand) ("c:\windows\system32\drivers\hidusb.sys") File version = 5.1.2600.0 (XPClient.010817-1148), File size = 9600, File modification date = 17/08/2001 21:02, File description = USB Miniport Driver for Input Devices, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-274505967|0x1de6783b918f540149aa69943bdfeba8|
system32\drivers\InCDFs.sys - stopped (disabled)
system32\drivers\InCDPass.sys - stopped (system)
system32\drivers\InCDRm.sys - stopped (system)
system32\drivers\ip6fw.sys - stopped (demand) ("c:\windows\system32\drivers\ip6fw.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 29056, File modification date = 04/08/2004 06:00, File description = IPv6 Windows Firewall Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |297779162|0x4448006b6bc60e6c027932cfc38d6855|
System32\DRIVERS\ipfltdrv.sys - stopped (demand) ("c:\windows\system32\drivers\ipfltdrv.sys") File version = 5.1.2600.0 (xpclient.010817-1148), File size = 32896, File modification date = 23/08/2001 12:00, File description = IP FILTER DRIVER, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-29657591|0x731f22ba402ee4b62748adaf6363c182|
System32\DRIVERS\ipinip.sys - stopped (demand) ("c:\windows\system32\drivers\ipinip.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 20992, File modification date = 04/08/2004 06:04, File description = IP in IP Encapsulation Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |937293986|0xe1ec7f5da720b640cd8fb8424f1b14bb|
System32\DRIVERS\irenum.sys - stopped (demand) ("c:\windows\system32\drivers\irenum.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 11264, File modification date = 04/08/2004 06:00, File description = Infra-Red Bus Enumerator, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1677945049|0x50708daa1b1cbb7d6ac1cf8f56a24410|
System32\DRIVERS\mouhid.sys - stopped (demand) ("c:\windows\system32\drivers\mouhid.sys") File version = 5.1.2600.0 (XPClient.010817-1148), File size = 12160, File modification date = 17/08/2001 20:48, File description = HID Mouse Filter Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1273853103|0xb1c303e17fb9d46e87a98e4ba6769685|
system32\drivers\MSKSSRV.sys - stopped (demand) ("c:\windows\system32\drivers\mskssrv.sys") File version = 5.3.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 7552, File modification date = 04/08/2004 05:58, File description = MS KS Server, Product Name = Microsoft(R) Windows(R) Operating System, Product version = 5.3.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |739428076|0xae431a8dd3c1d0d0610cdbac16057ad0|
system32\drivers\MSPCLOCK.sys - stopped (demand) ("c:\windows\system32\drivers\mspclock.sys") File version = 5.3.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 5376, File modification date = 04/08/2004 05:58, File description = MS Proxy Clock, Product Name = Microsoft(R) Windows(R) Operating System, Product version = 5.3.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1663050309|0x13e75fef9dfeb08eeded9d0246e1f448|
system32\drivers\MSPQM.sys - stopped (demand) ("c:\windows\system32\drivers\mspqm.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 4992, File modification date = 04/08/2004 05:58, File description = MS Proxy Quality Manager, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |879297618|0x1988a33ff19242576c3d0ef9ce785da7|
System32\DRIVERS\nv4.sys - stopped (demand) ("c:\windows\system32\drivers\nv4.sys") File version = 5.01.2001.1240 (ReleasedBinaries.010717-0141) , File size = 731648, File modification date = 17/08/2001 12:50, File description = NVIDIA Compatible Windows XP Miniport Driver, Version 12.40.20 , Product Name = NVIDIA Compatible Windows XP Miniport Driver, Version 12.40.20 , Product version = 5.01.2001.1240, Company name = NVIDIA Corporation (Copyright © NVIDIA Corp. 1996-2001) |-51987096|0x4d31783965b0b7ced7db3f4ee14cf260|
System32\DRIVERS\nwlnkflt.sys - stopped (demand) ("c:\windows\system32\drivers\nwlnkflt.sys") File version = 5.1.2600.0 (xpclient.010817-1148), File size = 12416, File modification date = 23/08/2001 12:00, File description = NWLINK2 Traffic Filter Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-648744816|0xb305f3fad35083837ef46a0bbce2fc57|
System32\DRIVERS\nwlnkfwd.sys - stopped (demand) ("c:\windows\system32\drivers\nwlnkfwd.sys") File version = 5.1.2600.0 (xpclient.010817-1148), File size = 32512, File modification date = 23/08/2001 12:00, File description = NWLINK2 Forwarder Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-333389975|0xc99b3415198d1aab7227f2c88fd664b9|
system32\drivers\PalmUSBD.sys - stopped (demand) ("c:\windows\system32\drivers\palmusbd.sys") File version = 6, 0, 1, 0, File size = 16694, File modification date = 02/12/2007 18:18, File description = USB Driver for Palm OS Handheld Devices, Product Name = HotSync® Manager, Product version = 6, 0, 1, 0, Company name = PalmSource, Inc. (Copyright © 2004 PalmSource, Inc.) |594008604|0x240c0d4049a833b16b63b636acf01672|
System32\DRIVERS\processr.sys - stopped (system) ("c:\windows\system32\drivers\processr.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 35328, File modification date = 04/08/2004 05:59, File description = Processor Device Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |575826396|0x0d97d88720a4087ec93af7dbb303b30a|
System32\DRIVERS\secdrv.sys - stopped (demand) ("c:\windows\system32\drivers\secdrv.sys") File version = 4.03.086, File size = 20480, File modification date = 13/11/2007 10:25, File description = Macrovision SECURITY Driver, Product Name = Macrovision SECURITY Driver, Product version = SECURITY Driver 4.03.086 2006/09/13, Company name = Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. (© 2006 Macrovision Corporation ) |996139603|0x90a3935d05b494a5a39d37e71f09a677|
system32\drivers\splitter.sys - stopped (demand) ("c:\windows\system32\drivers\splitter.sys") File version = 5.1.2600.2929 (xpsp_sp2_gdr.060613-2359), File size = 6400, File modification date = 14/06/2006 08:47, File description = Microsoft Kernel Audio Splitter, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2929, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1760326855|0x0ce218578fff5f4f7e4201539c45c78f|
System32\Drivers\SRTSPL.SYS - stopped (demand) ("c:\windows\system32\drivers\srtspl.sys") File version = 10.1.0.13, File size = 275064, File modification date = 12/10/2006 04:29, File description = Symantec AutoProtect, Product Name = AutoProtect, Product version = 10.1, Company name = Symantec Corporation (Copyright (c) 2006 Symantec Corporation) |-288966618|0xf1eb4f77241ddf0bc11f5d638402a788|
system32\drivers\swmidi.sys - stopped (demand) ("c:\windows\system32\drivers\swmidi.sys") File version = 5.1.2600.0 (XPClient.010817-1148), File size = 54272, File modification date = 17/08/2001 21:00, File description = Microsoft GS Wavetable Synthesizer, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |983295529|0x94abc808fc4b6d7d2bbf42b85e25bb4d|
system32\DRIVERS\WudfPf.sys - stopped (demand) ("c:\windows\system32\drivers\wudfpf.sys") File version = 6.0.5716.32 (winmain(wmbla).060928-1756), File size = 77568, File modification date = 29/09/2006 02:55, File description = Windows Driver Foundation - User-mode Driver Framework Platform Driver, Product Name = Microsoft® Windows® Operating System, Product version = 6.0.5716.32, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1155706075|0xf15feafffbb3644ccc80c5da584e6311|
system32\DRIVERS\wudfrd.sys - stopped (demand) ("c:\windows\system32\drivers\wudfrd.sys") File version = 6.0.5716.32 (winmain(wmbla).060928-1756), File size = 82944, File modification date = 29/09/2006 03:00, File description = Windows Driver Foundation - User-mode Driver Framework Reflector, Product Name = Microsoft® Windows® Operating System, Product version = 6.0.5716.32, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1087850528|0x28b524262bce6de1f7ef9f510ba3985b|
\WINDOWS\system32\ntoskrnl.exe ("c:\windows\system32\ntoskrnl.exe") File version = 5.1.2600.3093 (xpsp_sp2_gdr.070227-2254), File size = 2180352, File modification date = 28/02/2007 09:10, File description = NT Kernel & System, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3093, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1332865800|0x582a8dbaa58c3b1f176eb2817daee77c|
\WINDOWS\system32\hal.dll ("c:\windows\system32\hal.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 131968, File modification date = 04/08/2004 05:59, File description = Hardware Abstraction Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1651667779|0xf9a0f579fc18036ffdd9e26e0d268ccd|
\WINDOWS\system32\KDCOM.DLL ("c:\windows\system32\kdcom.dll") File version = 5.1.2600.0 (xpclient.010817-1148), File size = 7040, File modification date = 23/08/2001 12:00, File description = Kernel Debugger HW Extension DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |662002680|0x945fbb881ae927a44dfd96440f2f4f44|
\WINDOWS\system32\BOOTVID.dll ("c:\windows\system32\bootvid.dll") File version = 5.1.2600.0 (xpclient.010817-1148), File size = 12288, File modification date = 23/08/2001 12:00, File description = VGA Boot Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-890525799|0xcc306bf581446d5e443eae5b3bb900f0|
ACPI.sys ("c:\windows\system32\drivers\acpi.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 187776, File modification date = 04/08/2004 06:07, File description = ACPI Driver for NT, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1119506361|0xa10c7534f7223f4a73a948967d00e69b|
\WINDOWS\System32\DRIVERS\WMILIB.SYS ("c:\windows\system32\drivers\wmilib.sys") File version = 5.1.2600.0 (XPClient.010817-1148), File size = 4352, File modification date = 23/08/2001 12:00, File description = WMILIB WMI support library Dll, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-328804909|0x2f31b7f954bed437f2c75026c65caf7b|
pci.sys ("c:\windows\system32\drivers\pci.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 68224, File modification date = 04/08/2004 06:07, File description = NT Plug and Play PCI Enumerator, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1114918132|0x8086d9979234b603ad5bc2f5d890b234|
isapnp.sys ("c:\windows\system32\drivers\isapnp.sys") File version = 5.1.2600.0 (xpclient.010817-1148), File size = 35840, File modification date = 23/08/2001 12:00, File description = PNP ISA Bus Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |278338458|0xe504f706ccb699c2596e9a3da1596e87|
SSHRMD.SYS ("c:\windows\system32\drivers\sshrmd.sys") File version = 3.5.6.114, File size = 21872, File modification date = 05/01/2008 04:34, File description = Spy Sweeper Mini Driver, Product Name = Spy Sweeper SDK, Product version = 3.5.6.114, Company name = Webroot Software Inc (http://www.webroot.com) (Copyright (C) 2004-2007 Webroot Software, All Rights Reserved.) |982060342|0x4d0e7a4befad963d3aecfac12fdeff16|
SSFS0BB9.SYS ("c:\windows\system32\drivers\ssfs0bb9.sys") File version = 3.5.6.114, File size = 20336, File modification date = 05/01/2008 04:34, File description = Spy Sweeper FileSystem Filter Driver, Product Name = Spy Sweeper SDK, Product version = 3.5.6.114, Company name = Webroot Software Inc (http://www.webroot.com) (Copyright (C) 2004-2007 Webroot Software, All Rights Reserved.) |973941964|0xd3ad8d2e550b262694b024d1eb1efffc|
SSIDRV.SYS ("c:\windows\system32\drivers\ssidrv.sys") File version = 3.5.6.114, File size = 163696, File modification date = 05/01/2008 04:34, File description = Spy Sweeper Interdiction Driver, Product Name = Spy Sweeper SDK, Product version = 3.5.6.114, Company name = Webroot Software Inc (http://www.webroot.com) (Copyright (C) 2004-2007 Webroot Software, All Rights Reserved.) |895146212|0x43eeddc9b9b8accdb4a914ba893c73de|
\WINDOWS\SYSTEM32\Drivers\NDIS.SYS ("c:\windows\system32\drivers\ndis.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 182912, File modification date = 04/08/2004 06:14, File description = NDIS 5.1 wrapper driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |489683314|0x558635d3af1c7546d26067d5d9b6959e|
\WINDOWS\SYSTEM32\Drivers\TDI.SYS ("c:\windows\system32\drivers\tdi.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18560, File modification date = 04/08/2004 06:07, File description = TDI Wrapper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-750746922|0x6891b74ab9a016064e82a419388d0601|
pciide.sys ("c:\windows\system32\drivers\pciide.sys") File version = 5.1.2600.0 (XPClient.010817-1148), File size = 3328, File modification date = 17/08/2001 20:51, File description = Generic PCI IDE Bus Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-294303239|0xccf5f451bb1a5a2a522a76e670000ff0|
\WINDOWS\System32\DRIVERS\PCIIDEX.SYS ("c:\windows\system32\drivers\pciidex.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 25088, File modification date = 04/08/2004 05:59, File description = PCI IDE Bus Driver Extension, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-898173944|0x520b91ab011456b940d9b05fc91108ff|
MountMgr.sys ("c:\windows\system32\drivers\mountmgr.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 42240, File modification date = 04/08/2004 05:58, File description = Mount Manager, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1645669973|0x65653f3b4477f3c63e68a9659f85ee2e|
ftdisk.sys ("c:\windows\system32\drivers\ftdisk.sys") File version = 5.1.2600.0 (XPClient.010817-1148), File size = 125056, File modification date = 23/08/2001 12:00, File description = FT Disk Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1052792436|0x6ac26732762483366c3969c9e4d2259d|
dmload.sys ("c:\windows\system32\drivers\dmload.sys") File version = 2600.0.503.0, File size = 5888, File modification date = 23/08/2001 12:00, File description = NT Disk Manager Startup Driver, Product Name = Logical Disk Manager for Windows NT, Product version = 1.0, Company name = Microsoft Corp., Veritas Software. (Copyright© 1985-2000 Microsoft Corporation. All rights reserved. Portions Copyright © 1997-2000 Veritas Software. All rights reserved.) |-1400014670|0xe9317282a63ca4d188c0df5e09c6ac5f|
dmio.sys ("c:\windows\system32\drivers\dmio.sys") File version = 2600.2180.503.0, File size = 153344, File modification date = 04/08/2004 06:07, File description = NT Disk Manager I/O Driver, Product Name = VERITAS® NT Disk Manager, Product version = 1.0, Company name = Microsoft Corp., Veritas Software (Copyright © 1985-2000 Microsoft Corporation. All rights reserved. Portions Copyright © 1997-2000 Veritas Software. All rights reserved.) |-86245373|0xf5e7b358a732d09f4bcf2824b88b9e28|
PartMgr.sys ("c:\windows\system32\drivers\partmgr.sys") File version = 5.1.2600.0 (XPClient.010817-1148), File size = 18688, File modification date = 23/08/2001 12:00, File description = Partition Manager, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1387024081|0x3334430c29dc338092f79c38ef7b4cd0|
VolSnap.sys ("c:\windows\system32\drivers\volsnap.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 52352, File modification date = 04/08/2004 06:00, File description = Volume Shadow Copy Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-678741347|0xee4660083deba849ff6c485d944b379b|
atapi.sys ("c:\windows\system32\drivers\atapi.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 95360, File modification date = 04/08/2004 05:59, File description = IDE/ATAPI Port Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-860662352|0xcdfe4411a69c224bd1d11b2da92dac51|
nvatabus.sys ("c:\windows\system32\drivers\nvatabus.sys") File version = 5.10.2600.0446 built by: WinDDK, File size = 79360, File modification date = 03/06/2004 18:40, File description = NVIDIA® nForce(TM) IDE Performance Driver, Product Name = NVIDIA nForce(TM) IDE Driver, Product version = 5.10.2600.0446, Company name = NVIDIA Corporation (Copyright(C) 2001-2004 NVIDIA Corporation) |631213291|0x46deed4c6c5fa765f9a2c723be60348d|
disk.sys ("c:\windows\system32\drivers\disk.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 36352, File modification date = 04/08/2004 05:59, File description = PnP Disk Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1592272948|0x00ca44e4534865f8a3b64f7c0984bff0|
\WINDOWS\System32\DRIVERS\CLASSPNP.SYS ("c:\windows\system32\drivers\classpnp.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 49664, File modification date = 04/08/2004 06:14, File description = SCSI Class System Dll, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1925477481|0xd86173b401470f06d9810f7962969ddf|
fltmgr.sys ("c:\windows\system32\drivers\fltmgr.sys") File version = 5.1.2600.2978 (xpsp_sp2_gdr.060821-0039), File size = 128896, File modification date = 21/08/2006 09:14, File description = Microsoft Filesystem Filter Manager, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2978, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1604428629|0x3d234fb6d6ee875eb009864a299bea29|
sr.sys ("c:\windows\system32\drivers\sr.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 73472, File modification date = 04/08/2004 06:06, File description = System Restore Filesystem Filter Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2044192124|0xe41b6d037d6cd08461470af04500dc24|
KSecDD.sys ("c:\windows\system32\drivers\ksecdd.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 92032, File modification date = 04/08/2004 05:59, File description = Kernel Security Support Provider Interface, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1324865035|0xeb7ffe87fd367ea8fca0506f74a87fbb|
Ntfs.sys ("c:\windows\system32\drivers\ntfs.sys") File version = 5.1.2600.3081 (xpsp_sp2_gdr.070209-0028), File size = 574464, File modification date = 09/02/2007 11:10, File description = NT File System Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3081, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1214373707|0x19a811ef5f1ed5c926a028ce107ff1af|
nv_agp.sys ("c:\windows\system32\drivers\nv_agp.sys") File version = 4.12.01.0436, File size = 21760, File modification date = 02/04/2004 23:40, File description = NVIDIA nForce AGP Filter, Product Name = NVIDIA nForce AGP Filter, Product version = 4.12.01.0436, Company name = NVIDIA Corporation (Copyright © 2001-2002 NVIDIA Corporation) |777210715|0x3194e2f6c9000c39dcf9d0580754f714|
Mup.sys ("c:\windows\system32\drivers\mup.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 107904, File modification date = 04/08/2004 06:15, File description = Multiple UNC Provider driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1853925969|0x82035e0f41c2dd05ae41d27fe6cf7de1|
\SystemRoot\System32\DRIVERS\amdk7.sys ("C:\WINDOWS\system32\drivers\amdk7.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 37376, File modification date = 04/08/2004 05:59, File description = Processor Device Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1728342827|0x680ad1c1bb16239e28d8f33a54a7a3c7|
\SystemRoot\System32\DRIVERS\usbohci.sys ("C:\WINDOWS\system32\drivers\usbohci.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 17024, File modification date = 04/08/2004 06:08, File description = OHCI USB Miniport Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |774845502|0xbdfe799a8531bad8a5a985821fe78760|
\SystemRoot\System32\DRIVERS\USBPORT.SYS ("C:\WINDOWS\system32\drivers\usbport.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 142976, File modification date = 04/08/2004 06:08, File description = USB 1.1 & 2.0 Port Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1940235777|0x2034ca78f9c6e787b4b76d81ac888351|
\SystemRoot\System32\DRIVERS\usbehci.sys ("C:\WINDOWS\system32\drivers\usbehci.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 26624, File modification date = 04/08/2004 06:08, File description = EHCI eUSB Miniport Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1050382340|0x15e993ba2f6946b2bfbbfcd30398621e|
\SystemRoot\System32\DRIVERS\NVENET.sys ("C:\WINDOWS\system32\drivers\nvenet.sys") File version = 4.14.01.0416, File size = 93764, File modification date = 29/01/2004 09:45, File description = NVIDIA nForce MCP Networking Driver., Product Name = NVENET, Product version = 4.14.01.0416, Company name = NVIDIA Corporation (Copyright © 2001-2002 NVIDIA Corporation) |2109994555|0x1cf77b30dee5c75dea1eee697281802c|
\SystemRoot\system32\drivers\cmuda.sys ("C:\WINDOWS\system32\drivers\cmuda.sys") File version = 5.12.01.0041.3 (39b), File size = 812416, File modification date = 08/01/2004 19:37, File description = C-Media Audio WDM Driver, Product Name = C-Media Audio Driver (WDM), Product version = 5.12.01.0041, Company name = C-Media Inc (Copyright (C) C-Media Inc. 1998-2003) |690775659|0xddcde8ced6e753f9ebbd07659f808d9d|
\SystemRoot\system32\drivers\portcls.sys ("C:\WINDOWS\system32\drivers\portcls.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 145792, File modification date = 04/08/2004 06:15, File description = Port Class (Class Driver for Port/Miniport Devices), Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2134342417|0x5b0f00e43a7094c0b7e433cb42c79164|
\SystemRoot\system32\drivers\drmk.sys ("C:\WINDOWS\system32\drivers\drmk.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 60288, File modification date = 04/08/2004 06:07, File description = Microsoft Kernel DRM Descrambler Filter, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1594474973|0xff86422268de771d571e123eb7092c6a|
\SystemRoot\system32\drivers\ks.sys ("C:\WINDOWS\system32\drivers\ks.sys") File version = 5.3.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 140928, File modification date = 04/08/2004 06:15, File description = Kernel CSA Library, Product Name = Microsoft(R) Windows(R) Operating System, Product version = 5.3.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2104684906|0xb9540e258f952650de8dec68719a5c97|
\SystemRoot\System32\Drivers\ElbyDelay.sys ("C:\WINDOWS\system32\drivers\elbydelay.sys") File version = 5, 1, 0, 0, File size = 4608, File modification date = 12/04/2005 08:41, File description = Elby Delay Lower Filter Driver, Product Name = CDRTools, Product version = 5, 1, 0, 0, Company name = Elaborate Bytes AG (Copyright (C) 2003, 2005 Elaborate Bytes AG) |1797795400|0xdf9957db3bfe5136aad3c2c101806c98|
\SystemRoot\System32\Drivers\AnyDVD.sys ("C:\WINDOWS\system32\drivers\anydvd.sys") File version = 5.9.6.0, File size = 19200, File modification date = 27/04/2006 23:16, File description = AnyDVD Filter Driver, Product Name = AnyDVD, Product version = 5.9.6.0, Company name = SlySoft, Inc. (Copyright 2002 - 2006 SlySoft, Inc.) |64869567|0xc0016174b3a4a2e93948f0741e02db39|
\SystemRoot\System32\Drivers\AFS2K.SYS ("C:\WINDOWS\system32\drivers\afs2k.sys") File version = 3.1.20.1064, File size = 43672, File modification date = 15/07/2004 21:51, File description = Audio File System, Product Name = AFS, Product version = 3.1.20.7(1064), Company name = Oak Technology Inc. (Copyright (C) Oak Technology Inc.) |-2061990887|0xc685cc27a2e637f0dcb5a45e67cc6f74|
\SystemRoot\System32\DRIVERS\cdrom.sys ("C:\WINDOWS\system32\drivers\cdrom.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 49536, File modification date = 04/08/2004 05:59, File description = SCSI CD-ROM Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-638809301|0xaf9c19b3100fe010496b1a27181fbf72|
\SystemRoot\System32\Drivers\GEARAspiWDM.sys ("C:\WINDOWS\system32\drivers\gearaspiwdm.sys") File version = 2.0.6.1, File size = 15664, File modification date = 19/09/2006 23:44, File description = CD/DVD Class Filter Driver, Product Name = GEAR.wrks, Product version = 8.xx, Company name = GEAR Software Inc. (Copyright (c) GEAR Software Inc. 2006) |379936196|0x4ac51459805264affd5f6fdfb9d9235f|
\SystemRoot\System32\DRIVERS\imapi.sys ("C:\WINDOWS\system32\drivers\imapi.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 41856, File modification date = 04/08/2004 06:00, File description = IMAPI Kernel Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1643155798|0xf8aa320c6a0409c0380e5d8a99d76ec6|
\SystemRoot\System32\DRIVERS\redbook.sys ("C:\WINDOWS\system32\drivers\redbook.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 57472, File modification date = 04/08/2004 05:59, File description = Redbook Audio Filter Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1962183915|0xb31b4588e4086d8d84adbf9845c2402b|
\SystemRoot\System32\DRIVERS\nv4_mini.sys ("C:\WINDOWS\system32\drivers\nv4_mini.sys") File version = 6.14.11.6921, File size = 7435392, File modification date = 05/12/2007 09:41, File description = NVIDIA Compatible Windows 2000 Miniport Driver, Version 169.21 , Product Name = NVIDIA Compatible Windows 2000 Miniport Driver, Version 169.21 , Product version = 6.14.11.6921, Company name = NVIDIA Corporation ((C) NVIDIA Corporation. All rights reserved.) |2099581610|0x8c0456001b6900114bbb1c548bd8aaf5|
\SystemRoot\System32\DRIVERS\VIDEOPRT.SYS ("C:\WINDOWS\system32\drivers\videoprt.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 79744, File modification date = 04/08/2004 06:07, File description = Video Port Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1505993728|0xd5a9d123f5ed7c9965a481bd20cf66d8|
\SystemRoot\System32\DRIVERS\fdc.sys ("C:\WINDOWS\system32\drivers\fdc.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 27392, File modification date = 04/08/2004 05:59, File description = Floppy Disk Controller Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1722417023|0xced2e8396a8838e59d8fd529c680e02c|
\SystemRoot\System32\DRIVERS\serial.sys ("C:\WINDOWS\system32\drivers\serial.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 64896, File modification date = 04/08/2004 06:15, File description = Serial Device Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1933655007|0xcd9404d115a00d249f70a371b46d5a26|
\SystemRoot\System32\DRIVERS\serenum.sys ("C:\WINDOWS\system32\drivers\serenum.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 15488, File modification date = 04/08/2004 05:59, File description = Serial Port Enumerator, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1254725935|0xa2d868aeeff612e70e213c451a70cafb|
\SystemRoot\System32\DRIVERS\parport.sys ("C:\WINDOWS\system32\drivers\parport.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 80128, File modification date = 04/08/2004 05:59, File description = Parallel Port Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1673780773|0x29744eb4ce659dfe3b4122deb45bc478|
\SystemRoot\System32\DRIVERS\i8042prt.sys ("C:\WINDOWS\system32\drivers\i8042prt.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 52736, File modification date = 04/08/2004 06:14, File description = i8042 Port Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1545438551|0x5502b58eef7486ee6f93f3f164dcb808|
\SystemRoot\System32\DRIVERS\mouclass.sys ("C:\WINDOWS\system32\drivers\mouclass.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 23040, File modification date = 04/08/2004 05:58, File description = Mouse Class Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1849522429|0x34e1f0031153e491910e12551400192c|
\SystemRoot\System32\Drivers\sskbfd.sys ("C:\WINDOWS\system32\drivers\sskbfd.sys") File version = 3.5.6.114, File size = 23920, File modification date = 05/01/2008 04:34, File description = Spy Sweeper Keyboard Filter Driver, Product Name = Spy Sweeper SDK, Product version = 3.5.6.114, Company name = Webroot Software Inc (http://www.webroot.com) (Copyright (C) 2004-2007 Webroot Software, All Rights Reserved.) |-332402400|0x8564bc9598be1705477b7fa61d657c2b|
\SystemRoot\System32\DRIVERS\kbdclass.sys ("C:\WINDOWS\system32\drivers\kbdclass.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 24576, File modification date = 04/08/2004 05:58, File description = Keyboard Class Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1817745478|0xebdee8a2ee5393890a1acee971c4c246|
\SystemRoot\System32\DRIVERS\audstub.sys ("C:\WINDOWS\system32\drivers\audstub.sys") File version = 5.1.2600.0 (XPClient.010817-1148), File size = 3072, File modification date = 17/08/2001 13:59, File description = AudStub Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |573187298|0xd9f724aa26c010a217c97606b160ed68|
\SystemRoot\System32\DRIVERS\rasl2tp.sys ("C:\WINDOWS\system32\drivers\rasl2tp.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 51328, File modification date = 04/08/2004 06:14, File description = RAS L2TP mini-port/call-manager driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1392089970|0x98faeb4a4dcf812ba1c6fca4aa3e115c|
\SystemRoot\System32\DRIVERS\ndistapi.sys ("C:\WINDOWS\system32\drivers\ndistapi.sys") File version = 5.1.2600.0 (xpclient.010817-1148), File size = 9600, File modification date = 23/08/2001 12:00, File description = NDIS 3.0 connection wrapper driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-908384129|0x08d43bbdacdf23f34d79e44ed35c1b4c|
\SystemRoot\System32\DRIVERS\ndiswan.sys ("c:\windows\system32\drivers\ndiswan.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 91776, File modification date = 04/08/2004 06:14, File description = MS PPP Framing Driver (Strong Encryption), Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1355719625|0x0b90e255a9490166ab368cd55a529893|
\SystemRoot\System32\DRIVERS\raspppoe.sys ("C:\WINDOWS\system32\drivers\raspppoe.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 41472, File modification date = 04/08/2004 06:05, File description = RAS PPPoE mini-port/call-manager driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |312872443|0x7306eeed8895454cbed4669be9f79faa|
\SystemRoot\System32\DRIVERS\raspptp.sys ("C:\WINDOWS\system32\drivers\raspptp.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 48384, File modification date = 04/08/2004 06:14, File description = Peer-to-Peer Tunneling Protocol, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1199848284|0x1c5cc65aac0783c344f16353e60b72ac|
\SystemRoot\System32\DRIVERS\psched.sys ("C:\WINDOWS\system32\drivers\psched.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 69120, File modification date = 04/08/2004 06:04, File description = MS QoS Packet Scheduler, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |382145767|0x48671f327553dcf1d27f6197f622a668|
\SystemRoot\System32\DRIVERS\msgpc.sys ("C:\WINDOWS\system32\drivers\msgpc.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 35072, File modification date = 04/08/2004 06:04, File description = MS General Packet Classifier, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-2000962340|0xc0f1d4a21de5a415df8170616703debf|
\SystemRoot\System32\DRIVERS\ptilink.sys ("C:\WINDOWS\system32\drivers\ptilink.sys") File version = 1.10 (XPClient.010817-1148), File size = 17792, File modification date = 23/08/2001 12:00, File description = Parallel Technologies DirectParallel IO Library, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Parallel Technologies, Inc. (Copyright (C) Parallel Technologies 1995-1997) |-1511820162|0x80d317bd1c3dbc5d4fe7b1678c60cadd|
\SystemRoot\System32\DRIVERS\raspti.sys ("C:\WINDOWS\system32\drivers\raspti.sys") File version = 5.1.2600.0 (xpclient.010817-1148), File size = 16512, File modification date = 23/08/2001 12:00, File description = PTI DirectParallel(R) mini-port/call-manager driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2079207492|0xfdbb1d60066fcfbb7452fd8f9829b242|
\SystemRoot\System32\DRIVERS\rdpdr.sys ("C:\WINDOWS\system32\drivers\rdpdr.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 196864, File modification date = 04/08/2004 06:01, File description = Microsoft RDP Device redirector, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1380747095|0xa2cae2c60bc37e0751ef9dda7ceaf4ad|
\SystemRoot\System32\DRIVERS\termdd.sys ("C:\WINDOWS\system32\drivers\termdd.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 40840, File modification date = 04/08/2004 08:01, File description = Terminal Server Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1755977943|0xa540a99c281d933f3d69d55e48727f47|
\SystemRoot\System32\DRIVERS\swenum.sys ("C:\WINDOWS\system32\drivers\swenum.sys") File version = 5.3.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 4352, File modification date = 04/08/2004 05:58, File description = Plug and Play Software Device Enumerator, Product Name = Microsoft(R) Windows(R) Operating System, Product version = 5.3.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |578912181|0x03c1bae4766e2450219d20b993d6e046|
\SystemRoot\System32\DRIVERS\update.sys ("C:\WINDOWS\system32\drivers\update.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 209408, File modification date = 04/08/2004 05:58, File description = Update Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1865716387|0xaff2e5045961bbc0a602bb6f95eb1345|
\SystemRoot\System32\DRIVERS\mssmbios.sys ("C:\WINDOWS\system32\drivers\mssmbios.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 15488, File modification date = 04/08/2004 06:07, File description = System Management BIOS Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1493310399|0x469541f8bfd2b32659d5d463a6714bce|
\SystemRoot\System32\Drivers\NDProxy.SYS ("C:\WINDOWS\system32\drivers\ndproxy.sys") File version = 5.1.2600.0 (xpclient.010817-1148), File size = 38016, File modification date = 23/08/2001 12:00, File description = NDIS Proxy, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |438037699|0x59fc3fb44d2669bc144fd87826bb571f|
\SystemRoot\System32\DRIVERS\usbhub.sys ("C:\WINDOWS\system32\drivers\usbhub.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 57600, File modification date = 04/08/2004 06:08, File description = Default Hub Driver for USB, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-794068232|0xc72f40947f92cea56a8fb532edf025f1|
\SystemRoot\System32\DRIVERS\USBD.SYS ("C:\WINDOWS\system32\drivers\usbd.sys") File version = 5.1.2600.0 (XPClient.010817-1148), File size = 4736, File modification date = 23/08/2001 12:00, File description = Universal Serial Bus Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-371157248|0x596eb39b50d6ebd9b734dc4ae0544693|
\SystemRoot\System32\DRIVERS\flpydisk.sys ("C:\WINDOWS\system32\drivers\flpydisk.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 20480, File modification date = 04/08/2004 05:59, File description = Floppy Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-410632913|0x0dd1de43115b93f4d85e889d7a86f548|
\SystemRoot\System32\Drivers\SRTSP.SYS ("C:\WINDOWS\system32\drivers\srtsp.sys") File version = 10.1.0.13, File size = 245368, File modification date = 12/10/2006 04:29, File description = Symantec AutoProtect, Product Name = AutoProtect, Product version = 10.1, Company name = Symantec Corporation (Copyright (c) 2006 Symantec Corporation) |-705019530|0x8b938345e1d2e49465cc9c11ae410438|
\SystemRoot\System32\Drivers\SRTSPX.SYS ("C:\WINDOWS\system32\drivers\srtspx.sys") File version = 10.1.0.13, File size = 24184, File modification date = 12/10/2006 04:29, File description = Symantec AutoProtect, Product Name = AutoProtect, Product version = 10.1, Company name = Symantec Corporation (Copyright (c) 2006 Symantec Corporation) |-230107590|0xbe24052f4173bb6fe5badc032b6bc978|
\SystemRoot\System32\DRIVERS\usbccgp.sys ("C:\WINDOWS\system32\drivers\usbccgp.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 31616, File modification date = 04/08/2004 06:08, File description = USB Common Class Generic Parent Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1471695688|0xbffd9f120cc63bcbaa3d840f3eef9f79|
\SystemRoot\System32\DRIVERS\USBSTOR.SYS ("C:\WINDOWS\system32\drivers\usbstor.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 26496, File modification date = 04/08/2004 06:08, File description = USB Mass Storage Class Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-991755877|0x6cd7b22193718f1d17a47a1cd6d37e75|
\SystemRoot\System32\DRIVERS\usbscan.sys ("C:\WINDOWS\system32\drivers\usbscan.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 15104, File modification date = 04/08/2004 05:58, File description = USB Scanner Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1455440447|0xa6bc71402f4f7dd5b77fd7f4a8ddba85|
\SystemRoot\System32\DRIVERS\usbprint.sys ("C:\WINDOWS\system32\drivers\usbprint.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 25856, File modification date = 04/08/2004 06:01, File description = USB Printer driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1452370578|0xa42369b7cd8886cd7c70f33da6fcbcf5|
\SystemRoot\System32\DRIVERS\HPZius12.sys ("C:\WINDOWS\system32\drivers\hpzius12.sys") File version = 7, 0, 0, 0, File size = 21488, File modification date = 11/08/2003 08:07, File description = 1284.4<->Usb Datalink Driver (Windows 2000), Product Name = HP Dot4Usb Windows 2000, Product version = 7, 0, 0, 0, Company name = HP (Copyright © 1998, 1999 Hewlett-Packard Company) |-48397605|0x29559db25258b60510a60c4e470fce32|
\SystemRoot\System32\DRIVERS\HPZid412.sys ("C:\WINDOWS\system32\drivers\hpzid412.sys") File version = 7, 0, 0, 0, File size = 51056, File modification date = 11/08/2003 08:07, File description = IEEE-1284.4-1999 Driver (Windows 2000), Product Name = HP Dot4 Windows 2000, Product version = 7, 0, 0, 0, Company name = HP (Copyright © 1998, 1999 Hewlett-Packard Company) |1026806485|0x287a63bd8509bd78e7978823b38afa81|
\SystemRoot\System32\Drivers\Fs_Rec.SYS ("C:\WINDOWS\system32\drivers\fs_rec.sys") File version = 5.1.2600.0 (xpclient.010817-1148), File size = 7936, File modification date = 23/08/2001 12:00, File description = File System Recognizer Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |244257554|0x3e1e2bd4f39b0e2b7dc4f4d2bcc2779a|
\SystemRoot\System32\Drivers\Null.SYS ("C:\WINDOWS\system32\drivers\null.sys") File version = 5.1.2600.0 (XPClient.010817-1148), File size = 2944, File modification date = 23/08/2001 12:00, File description = NULL Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-575384021|0x73c1e1f395918bc2c6dd67af7591a3ad|
\SystemRoot\System32\Drivers\Beep.SYS ("C:\WINDOWS\system32\drivers\beep.sys") File version = 5.1.2600.0 (XPClient.010817-1148), File size = 4224, File modification date = 23/08/2001 12:00, File description = BEEP Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1769750770|0xda1f27d85e0d1525f6621372e7b685e9|
\SystemRoot\System32\drivers\vga.sys ("C:\WINDOWS\system32\drivers\vga.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 20992, File modification date = 04/08/2004 06:07, File description = VGA/Super VGA Video Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1257874530|0x8a60edd72b4ea5aea8202daf0e427925|
\SystemRoot\System32\Drivers\mnmdd.SYS ("C:\WINDOWS\system32\drivers\mnmdd.sys") File version = 5.1.2600.0 (XPClient.010817-1148), File size = 4224, File modification date = 23/08/2001 12:00, File description = Frame buffer simulator, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1594636198|0x4ae068242760a1fb6e1a44bf4e16afa6|
\SystemRoot\System32\DRIVERS\RDPCDD.sys ("C:\WINDOWS\system32\drivers\rdpcdd.sys") File version = 5.1.2600.0 (xpclient.010817-1148), File size = 4224, File modification date = 23/08/2001 12:00, File description = RDP Miniport, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1195321852|0x4912d5b403614ce99c28420f75353332|
\SystemRoot\System32\Drivers\Msfs.SYS ("C:\WINDOWS\system32\drivers\msfs.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19072, File modification date = 04/08/2004 06:00, File description = Mailslot driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1211014042|0x561b3a4333ca2dbdba28b5b956822519|
\SystemRoot\System32\Drivers\Npfs.SYS ("C:\WINDOWS\system32\drivers\npfs.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 30848, File modification date = 04/08/2004 06:00, File description = NPFS Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1063322756|0x4f601bcb8f64ea3ac0994f98fed03f8e|
\SystemRoot\System32\DRIVERS\rasacd.sys ("C:\WINDOWS\system32\drivers\rasacd.sys") File version = 5.1.2600.0 (xpclient.010817-1148), File size = 8832, File modification date = 23/08/2001 12:00, File description = RAS Automatic Connection Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1458701829|0xfe0d99d6f31e4fad8159f690d68ded9c|
\SystemRoot\System32\DRIVERS\ipsec.sys ("C:\WINDOWS\system32\drivers\ipsec.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 74752, File modification date = 04/08/2004 06:14, File description = IPSec Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |363987355|0x64537aa5c003a6afeee1df819062d0d1|
\SystemRoot\System32\DRIVERS\tcpip.sys ("C:\WINDOWS\system32\drivers\tcpip.sys") File version = 5.1.2600.3244 (xpsp_sp2_gdr.071030-1259), File size = 360064, File modification date = 30/10/2007 17:20, File description = TCP/IP Protocol Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3244, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1685878368|0x90caff4b094573449a0872a0f919b178|
\SystemRoot\System32\Drivers\SYMTDI.SYS ("C:\WINDOWS\system32\drivers\symtdi.sys") File version = 7.1.0.17, File size = 185744, File modification date = 13/10/2006 04:00, File description = Network Dispatch Driver, Product Name = Symantec Security Drivers, Product version = 7.1, Company name = Symantec Corporation (Copyright 2002 - 2006 Symantec Corporation) |1442012837|0x169cc67cc03c1c7195787c49d200e232|
\SystemRoot\System32\DRIVERS\ipnat.sys ("C:\WINDOWS\system32\drivers\ipnat.sys") File version = 5.1.2600.2524 (xpsp_sp2_gdr.040919-1056), File size = 134912, File modification date = 29/09/2004 22:28, File description = IP Network Address Translator, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2524, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1847019817|0xe2168cbc7098ffe963c6f23f472a3593|
\SystemRoot\System32\DRIVERS\wanarp.sys ("C:\WINDOWS\system32\drivers\wanarp.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 34560, File modification date = 04/08/2004 06:04, File description = MS Remote Access and Routing ARP Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1295838718|0x984ef0b9788abf89974cfed4bfbaacbc|
\??\C:\Program Files\Symantec\SYMEVENT.SYS ("\\?\c:\program files\symantec\symevent.sys") File version = 12.2.0.3, File size = 110256, File modification date = 10/10/2006 02:47, File description = Symantec Event Library, Product Name = SYMEVENT, Product version = 12.2.0.3, Company name = Symantec Corporation (Copyright (C) Symantec Corporation 1992-2006) |1741943033|0xd430a5fa6a82d0b53db969067535c92b|
\SystemRoot\System32\DRIVERS\netbt.sys ("C:\WINDOWS\system32\drivers\netbt.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 162816, File modification date = 04/08/2004 06:14, File description = MBT Transport driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-659266086|0x0c80e410cd2f47134407ee7dd19cc86b|
\SystemRoot\System32\drivers\afd.sys ("C:\WINDOWS\system32\drivers\afd.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 138496, File modification date = 04/08/2004 06:14, File description = Ancillary Function Driver for WinSock, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-877682539|0x5ac495f4cb807b2b98ad2ad591e6d92e|
\SystemRoot\System32\DRIVERS\netbios.sys ("c:\windows\system32\drivers\netbios.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 34560, File modification date = 04/08/2004 06:03, File description = NetBIOS interface driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |848815196|0x3a2aca8fc1d7786902ca434998d7ceb4|
\??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys ("\\?\c:\program files\common files\symantec shared\spbbc\spbbcdrv.sys") File version = 3.1.0.12, File size = 406672, File modification date = 06/10/2006 22:26, File description = SPBBC Driver, Product Name = SPBBC, Product version = 3.1.0.12, Company name = Symantec Corporation (Copyright (c) 2004, 2005 Symantec Corporation. All rights reserved.) |-815008985|0x905782bcf15b6e5af9905b77923c7fa2|
\SystemRoot\System32\DRIVERS\rdbss.sys ("C:\WINDOWS\system32\drivers\rdbss.sys") File version = 5.1.2600.2902 (xpsp_sp2_gdr.060505-0036), File size = 174592, File modification date = 05/05/2006 09:47, File description = Redirected Drive Buffering SubSystem Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2902, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1908954063|0x03b965b1ca47f6ef60eb5e51cb50e0af|
\SystemRoot\System32\DRIVERS\mrxsmb.sys ("C:\WINDOWS\system32\drivers\mrxsmb.sys") File version = 5.1.2600.2902 (xpsp_sp2_gdr.060505-0036), File size = 453120, File modification date = 05/05/2006 09:41, File description = Windows NT SMB Minirdr, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2902, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1106113486|0x025af03ce51645c62f3b6907a7e2be5e|
\SystemRoot\System32\Drivers\Fips.SYS ("C:\WINDOWS\system32\drivers\fips.sys") File version = 5.1.2600.0 (xpclient.010817-1148), File size = 34944, File modification date = 23/08/2001 12:00, File description = FIPS Crypto Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1962882402|0xe153ab8a11de5452bcf5ac7652dbf3ed|
\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys ("\\?\c:\program files\common files\symantec shared\eengine\eectrl.sys") File version = 107.4.1.2, File size = 385072, File modification date = 18/01/2008 09:00, File description = Symantec Eraser Control Driver, Product Name = ERASER ENGINE, Product version = 107.4.1.2, Company name = Symantec Corporation (Copyright (c) 2000-2007 Symantec Corporation. All rights reserved.) |1020285442|0xe89cc1363cb7f5320ae3b41c1333d0c3|
\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys ("\\?\c:\program files\common files\symantec shared\eengine\eraserutilrebootdrv.sys") File version = 107.4.1.2, File size = 109616, File modification date = 18/01/2008 09:00, File description = Symantec Eraser Utility Driver, Product Name = ERASER ENGINE, Product version = 107.4.1.2, Company name = Symantec Corporation (Copyright (c) 2000-2007 Symantec Corporation. All rights reserved.) |-377064504|0xe7d1a496c71cd56bdd97f32c9141a03b|
\SystemRoot\System32\Drivers\Cdfs.SYS ("C:\WINDOWS\system32\drivers\cdfs.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 63744, File modification date = 04/08/2004 06:14, File description = CD-ROM File System Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1135615718|0xcd7d5152df32b47f4e36f710b35aae02|
\SystemRoot\System32\DRIVERS\HPZipr12.sys ("C:\WINDOWS\system32\drivers\hpzipr12.sys") File version = 7, 0, 0, 0, File size = 16496, File modification date = 11/08/2003 08:07, File description = IEEE-1284.4-1999 Print Class Driver, Product Name = HP Dot4Print, Product version = 7, 0, 0, 0, Company name = HP (Copyright © 1998, 1999 Hewlett-Packard Company) |-330366588|0x0b4fda2657c3e0315eaa57f9c6d4fd1f|
\SystemRoot\System32\Drivers\dump_nvatabus.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys ("C:\WINDOWS\system32\win32k.sys") File version = 5.1.2600.3335 (xpsp_sp2_gdr.080319-1240), File size = 1845248, File modification date = 19/03/2008 09:47, File description = Multi-User Win32 Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3335, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1497438035|0xe0f718290d19531fd10328efb09808ec|
\SystemRoot\System32\drivers\Dxapi.sys ("C:\WINDOWS\system32\drivers\dxapi.sys") File version = 5.1.2600.0 (xpclient.010817-1148), File size = 10496, File modification date = 23/08/2001 12:00, File description = DirectX API Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |741880105|0xfe97d0343acfdebdd578fc67cc91fa87|
\SystemRoot\System32\watchdog.sys ("C:\WINDOWS\system32\watchdog.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 17664, File modification date = 04/08/2004 06:07, File description = Watchdog Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |369096975|0xc9bf2f12c4e6c12f8a85fba4b6bc6208|
\SystemRoot\System32\drivers\dxg.sys ("C:\WINDOWS\system32\drivers\dxg.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 71040, File modification date = 04/08/2004 06:00, File description = DirectX Graphics Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-389278401|0xd3dac8432110aad0b02a58b4459ab835|
\SystemRoot\System32\drivers\dxgthk.sys ("C:\WINDOWS\system32\drivers\dxgthk.sys") File version = 5.1.2600.0 (xpclient.010817-1148), File size = 3328, File modification date = 23/08/2001 12:00, File description = DirectX Graphics Driver Thunk, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1288314594|0xa73f5d6705b1d820c19b18782e176efd|
\SystemRoot\System32\nv4_disp.dll ("C:\WINDOWS\system32\nv4_disp.dll") File version = 6.14.11.6921, File size = 5773568, File modification date = 05/12/2007 09:41, File description = NVIDIA Compatible Windows 2000 Display driver, Version 169.21 , Product Name = NVIDIA Compatible Windows 2000 Display driver, Version 169.21 , Product version = 6.14.11.6921, Company name = NVIDIA Corporation ((C) NVIDIA Corporation. All rights reserved.) |-836028097|0x30549728c49127c67a264bbc9f67d7e7|
\SystemRoot\System32\DRIVERS\ndisuio.sys ("c:\windows\system32\drivers\ndisuio.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 12928, File modification date = 04/08/2004 06:03, File description = NDIS User mode I/O Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |897342069|0x34d6cd56409da9a7ed573e1c90a308bf|
\SystemRoot\system32\drivers\wdmaud.sys ("C:\WINDOWS\system32\drivers\wdmaud.sys") File version = 5.1.2600.2929 (xpsp_sp2_gdr.060613-2359), File size = 82944, File modification date = 14/06/2006 09:00, File description = MMSYSTEM Wave/Midi API mapper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2929, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-494542293|0xefd235ca22b57c81118c1aeb4798f1c1|
\SystemRoot\system32\drivers\sysaudio.sys ("C:\WINDOWS\system32\drivers\sysaudio.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 60800, File modification date = 04/08/2004 06:15, File description = System Audio WDM Filter, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-200468949|0x650ad082d46bac0e64c9c0e0928492fd|
\SystemRoot\System32\DRIVERS\mrxdav.sys ("C:\WINDOWS\system32\drivers\mrxdav.sys") File version = 5.1.2600.3276 (xpsp_sp2_gdr.071218-1250), File size = 179584, File modification date = 18/12/2007 09:51, File description = Windows NT WebDav Minirdr, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3276, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1007520542|0x29414447eb5bde2f8397dc965dbb3156|
\SystemRoot\System32\Drivers\ParVdm.SYS ("C:\WINDOWS\system32\drivers\parvdm.sys") File version = 5.1.2600.0 (XPClient.010817-1148), File size = 6784, File modification date = 23/08/2001 12:00, File description = VDM Parallel Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-977764727|0x70e98b3fd8e963a6a46a2e6247e0bea1|
\SystemRoot\System32\Drivers\ElbyCDIO.sys ("C:\WINDOWS\system32\drivers\elbycdio.sys") File version = 6, 0, 0, 0, File size = 8064, File modification date = 22/04/2006 01:44, File description = ElbyCD Windows NT/2000/XP I/O driver, Product Name = CDRTools, Product version = 6, 0, 0, 0, Company name = Elaborate Bytes AG (Copyright (C) 2000 - 2006 Elaborate Bytes AG) |-1594981475|0xfa13264eea448b2e1b3a844ae4f75c7a|
\SystemRoot\System32\Drivers\SYMREDRV.SYS ("C:\WINDOWS\system32\drivers\symredrv.sys") File version = 7.1.0.17, File size = 26384, File modification date = 13/10/2006 04:00, File description = Redirector Filter Driver, Product Name = Symantec Security Drivers, Product version = 7.1, Company name = Symantec Corporation (Copyright 2002 - 2006 Symantec Corporation) |-1935574144|0x90a15cd58994ceaf7697f03ab4b304a0|
\SystemRoot\System32\Drivers\HTTP.sys ("C:\WINDOWS\system32\drivers\http.sys") File version = 5.1.2600.2869 (xpsp_sp2_gdr.060316-1512), File size = 262784, File modification date = 17/03/2006 00:33, File description = HTTP Protocol Stack, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2869, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-397551174|0xcb77bb47e67e84deb17ba29632501730|
\SystemRoot\System32\ATMFD.DLL ("C:\WINDOWS\system32\atmfd.dll") File version = 5.1 Build 226, File size = 285696, File modification date = 04/08/2004 07:55, File description = Windows NT OpenType/Type 1 Font Driver, Product Name = Adobe Type Manager, Product version = 5.1 Build 226, Company name = Adobe Systems Incorporated (©1983-1990, 1993-2004 Adobe Systems Inc.) |-1371818425|0xfb6359fe8864d0ce06b79cd33d188411|
\SystemRoot\System32\DRIVERS\srv.sys ("C:\WINDOWS\system32\drivers\srv.sys") File version = 5.1.2600.2974 (xpsp_sp2_gdr.060814-0101), File size = 332928, File modification date = 14/08/2006 10:34, File description = Server driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2974, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |725189275|0xea554a3ffc3f536fe8320eb38f5e4843|
\SystemRoot\System32\Drivers\TDTCP.SYS ("C:\WINDOWS\system32\drivers\tdtcp.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 21896, File modification date = 04/08/2004 08:01, File description = TCP Transport Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-288755483|0xed0580af02502d00ad8c4c066b156be9|
\SystemRoot\System32\Drivers\RDPWD.SYS ("C:\WINDOWS\system32\drivers\rdpwd.sys") File version = 5.1.2600.2695 (xpsp_sp2_gdr.050609-1528), File size = 139528, File modification date = 10/06/2005 04:09, File description = RDP Terminal Stack Driver (US/Canada Only, Not for Export), Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2695, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |989001686|0xb54cd38a9ebfbf2b3561426e3fe26f62|
\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20080413.003\NAVEX15.SYS ("\\?\c:\progra~1\common~1\symant~1\virusd~1\20080413.003\navex15.sys") File version = 20071.4.3.10, File size = 895408, File modification date = 05/03/2008 09:00, File description = AV Engine, Product Name = Symantec Antivirus Engine, Product version = 20071.4.3.10, Company name = Symantec Corporation (Copyright (C) 1991-2007 Symantec Corporation.) |541100695|0xd79498c50b79550704c91f1d70528f11|
\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20080413.003\NAVENG.SYS ("\\?\c:\progra~1\common~1\symant~1\virusd~1\20080413.003\naveng.sys") File version = 20071.4.3.10, File size = 82256, File modification date = 05/03/2008 09:00, File description = AV Engine, Product Name = Symantec Antivirus Engine, Product version = 20071.4.3.10, Company name = Symantec Corporation (Copyright (C) 1991-2007 Symantec Corporation.) |1393245733|0x69974d54db3ae9b63d6c721705f36bbc|
\SystemRoot\system32\drivers\kmixer.sys ("C:\WINDOWS\system32\drivers\kmixer.sys") File version = 5.1.2600.2929 (xpsp_sp2_gdr.060613-2359), File size = 172416, File modification date = 14/06/2006 08:47, File description = Kernel Mode Audio Mixer, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2929, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1442386742|0xba5deda4d934e6288c2f66caf58d2562|
\SystemRoot\System32\Drivers\Fastfat.SYS ("C:\WINDOWS\system32\drivers\fastfat.sys") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 143360, File modification date = 04/08/2004 06:14, File description = Fast FAT File System Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2107818381|0x3117f595e9615e04f05a54fc15a03b20|
\WINDOWS\system32\ntdll.dll ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|

Runned processes/modules:

PROCESS System, PID = 4, USER = , Command Line =

PROCESS smss, PID = 584, USER = NT AUTHORITY\SYSTEM (Group - BUILTIN\Administrators, Everyone, NT AUTHORITY\Authenticated Users), Command Line =
\SystemRoot\System32\smss.exe, MID = 48580000, ("C:\WINDOWS\system32\smss.exe") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 50688, File modification date = 04/08/2004 07:56, File description = Windows NT Session Manager, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |817111745|0xbd7fb0957c716f1a60333aee04de2178|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|

PROCESS csrss, PID = 644, USER = NT AUTHORITY\SYSTEM (Group - BUILTIN\Administrators, Everyone, NT AUTHORITY\Authenticated Users), Command Line = C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
"c:\windows\system32\csrss.exe" File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 6144, File modification date = 04/08/2004 07:56, File description = Client Server Runtime Process, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |245744048|0xf12b178b1678d778cfd3ff1fc38c71fb|
"c:\windows\system32\basesrv.dll" File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 52736, File modification date = 04/08/2004 07:56, File description = Windows NT BASE API Server DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1849774386|0x00ef9c3af83edbaf18ca7a2837750117|
\??\C:\WINDOWS\system32\csrss.exe, MID = 4a680000, ("\\?\c:\windows\system32\csrss.exe") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 6144, File modification date = 04/08/2004 07:56, File description = Client Server Runtime Process, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |245744048|0xf12b178b1678d778cfd3ff1fc38c71fb|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|
C:\WINDOWS\system32\CSRSRV.dll, MID = 75b40000, ("c:\windows\system32\csrsrv.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 32768, File modification date = 04/08/2004 07:56, File description = Client Server Runtime Process, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |759531333|0xd06eaa8b23bc1f671b11d18cfea65115|
C:\WINDOWS\system32\basesrv.dll, MID = 75b50000, ("c:\windows\system32\basesrv.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 52736, File modification date = 04/08/2004 07:56, File description = Windows NT BASE API Server DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1849774386|0x00ef9c3af83edbaf18ca7a2837750117|
C:\WINDOWS\system32\winsrv.dll, MID = 75b60000, ("c:\windows\system32\winsrv.dll") File version = 5.1.2600.3103 (xpsp_sp2_gdr.070316-1309), File size = 292864, File modification date = 17/03/2007 13:43, File description = Windows Server DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3103, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1414980961|0x3d21b3be0c5768e76fd9780e9cf9e07c|
C:\WINDOWS\system32\GDI32.dll, MID = 77f10000, ("c:\windows\system32\gdi32.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 282624, File modification date = 20/02/2008 06:51, File description = GDI Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |404757280|0x011fc443e31e3d51b238564bc499b9b1|
C:\WINDOWS\system32\KERNEL32.dll, MID = 7c800000, ("c:\windows\system32\kernel32.dll") File version = 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301), File size = 984576, File modification date = 16/04/2007 15:52, File description = Windows NT BASE API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3119, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751812395|0xa01f9ca902a88f7ced06884174d6419d|
C:\WINDOWS\system32\USER32.dll, MID = 7e410000, ("c:\windows\system32\user32.dll") File version = 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), File size = 577536, File modification date = 08/03/2007 15:36, File description = Windows XP USER API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3099, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-550357050|0xb409909f6e2e8a7067076ed748abf1e7|
C:\WINDOWS\system32\sxs.dll, MID = 75e90000, ("c:\windows\system32\sxs.dll") File version = 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414), File size = 713216, File modification date = 19/10/2006 13:56, File description = Fusion 2.5, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3019, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |641248419|0x0ff9fa27706fbe9048990c108c0d62f0|
C:\WINDOWS\system32\ADVAPI32.dll, MID = 77dd0000, ("c:\windows\system32\advapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 616960, File modification date = 04/08/2004 07:56, File description = Advanced Windows 32 Base API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1585065738|0x1aff244ca134956c54474f4e2433e4ce|
C:\WINDOWS\system32\RPCRT4.dll, MID = 77e70000, ("c:\windows\system32\rpcrt4.dll") File version = 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052), File size = 582656, File modification date = 09/07/2007 13:16, File description = Remote Procedure Call Runtime, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3173, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |862413953|0xec9d7fd24172c1879e7673f654e55cec|

PROCESS winlogon, PID = 668, USER = NT AUTHORITY\SYSTEM (Group - BUILTIN\Administrators, Everyone, NT AUTHORITY\Authenticated Users), Command Line = winlogon.exe
"c:\windows\system32\winlogon.exe" File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 502272, File modification date = 04/08/2004 07:56, File description = Windows NT Logon Application, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1678319778|0x01c3346c241652f43aed8e2149881bfe|
\??\C:\WINDOWS\system32\winlogon.exe, MID = 1000000, ("\\?\c:\windows\system32\winlogon.exe") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 502272, File modification date = 04/08/2004 07:56, File description = Windows NT Logon Application, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1678319778|0x01c3346c241652f43aed8e2149881bfe|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|
C:\WINDOWS\system32\kernel32.dll, MID = 7c800000, ("c:\windows\system32\kernel32.dll") File version = 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301), File size = 984576, File modification date = 16/04/2007 15:52, File description = Windows NT BASE API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3119, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751812395|0xa01f9ca902a88f7ced06884174d6419d|
C:\WINDOWS\system32\ADVAPI32.dll, MID = 77dd0000, ("c:\windows\system32\advapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 616960, File modification date = 04/08/2004 07:56, File description = Advanced Windows 32 Base API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1585065738|0x1aff244ca134956c54474f4e2433e4ce|
C:\WINDOWS\system32\RPCRT4.dll, MID = 77e70000, ("c:\windows\system32\rpcrt4.dll") File version = 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052), File size = 582656, File modification date = 09/07/2007 13:16, File description = Remote Procedure Call Runtime, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3173, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |862413953|0xec9d7fd24172c1879e7673f654e55cec|
C:\WINDOWS\system32\AUTHZ.dll, MID = 776c0000, ("c:\windows\system32\authz.dll") File version = 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519), File size = 56832, File modification date = 02/03/2005 18:09, File description = Authorization Framework, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2622, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1099216452|0x5c3df25926729ebeef5cc7ff1933b360|
C:\WINDOWS\system32\msvcrt.dll, MID = 77c10000, ("c:\windows\system32\msvcrt.dll") File version = 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 343040, File modification date = 04/08/2004 07:56, File description = Windows NT CRT DLL, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1385742533|0xb0fefa816d61ec66aa765ddf534eab5e|
C:\WINDOWS\system32\CRYPT32.dll, MID = 77a80000, ("c:\windows\system32\crypt32.dll") File version = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 597504, File modification date = 04/08/2004 07:56, File description = Crypto API32, Product Name = Microsoft® Windows® Operating System, Product version = 5.131.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1759588438|0xefc958396a7a7ef7e6d4a52b97512e18|
C:\WINDOWS\system32\USER32.dll, MID = 7e410000, ("c:\windows\system32\user32.dll") File version = 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), File size = 577536, File modification date = 08/03/2007 15:36, File description = Windows XP USER API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3099, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-550357050|0xb409909f6e2e8a7067076ed748abf1e7|
C:\WINDOWS\system32\GDI32.dll, MID = 77f10000, ("c:\windows\system32\gdi32.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 282624, File modification date = 20/02/2008 06:51, File description = GDI Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |404757280|0x011fc443e31e3d51b238564bc499b9b1|
C:\WINDOWS\system32\MSASN1.dll, MID = 77b20000, ("c:\windows\system32\msasn1.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 57344, File modification date = 04/08/2004 07:56, File description = ASN.1 Runtime APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-720210377|0x3cd1ce106ca2a9b4cc626d7df03fbd6f|
C:\WINDOWS\system32\NDdeApi.dll, MID = 75940000, ("c:\windows\system32\nddeapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 17920, File modification date = 04/08/2004 07:56, File description = Network DDE Share Management APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1420028051|0x458ab591e8cf240cc105a23671f2c3d6|
C:\WINDOWS\system32\PROFMAP.dll, MID = 75930000, ("c:\windows\system32\profmap.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 27648, File modification date = 04/08/2004 07:56, File description = Userenv, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |992606182|0xfe4f71711cf5c17ade5e506348132d24|
C:\WINDOWS\system32\NETAPI32.dll, MID = 5b860000, ("c:\windows\system32\netapi32.dll") File version = 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), File size = 332288, File modification date = 17/08/2006 12:28, File description = Net Win32 API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2976, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |640979505|0x35a4c61b5a9ae04e73843fb21f9a1137|
C:\WINDOWS\system32\USERENV.dll, MID = 769c0000, ("c:\windows\system32\userenv.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 723456, File modification date = 04/08/2004 07:56, File description = Userenv, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-59535776|0x2b9b56a89a8a42e917511972a6db36e3|
C:\WINDOWS\system32\PSAPI.DLL, MID = 76bf0000, ("c:\windows\system32\psapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 23040, File modification date = 04/08/2004 07:56, File description = Process Status Helper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1750840696|0x96e48c7eb9089d1dbf6f85ca11b264df|
C:\WINDOWS\system32\REGAPI.dll, MID = 76bc0000, ("c:\windows\system32\regapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 49664, File modification date = 04/08/2004 07:56, File description = Registry Configuration APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1894453914|0x899ed710fdc37eb7d0115c2932c2b1eb|
C:\WINDOWS\system32\Secur32.dll, MID = 77fe0000, ("c:\windows\system32\secur32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 55808, File modification date = 04/08/2004 07:56, File description = Security Support Provider Interface, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1513275479|0x81459cb8e975003ad28b8abb8dfa8329|
C:\WINDOWS\system32\SETUPAPI.dll, MID = 77920000, ("c:\windows\system32\setupapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 983552, File modification date = 04/08/2004 07:56, File description = Windows Setup API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |598744909|0x7808313cbc634ee08346d5ddfef1cc5f|
C:\WINDOWS\system32\VERSION.dll, MID = 77c00000, ("c:\windows\system32\version.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18944, File modification date = 04/08/2004 07:56, File description = Version Checking and File Installation Libraries, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-807126597|0xd38408967be738d0c1b47005bce8ceeb|
C:\WINDOWS\system32\WINSTA.dll, MID = 76360000, ("c:\windows\system32\winsta.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 53760, File modification date = 04/08/2004 07:56, File description = Winstation Library, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1778901481|0x7bc4ba4c33adf3ef5cd370d99bc60b04|
C:\WINDOWS\system32\WINTRUST.dll, MID = 76c30000, ("c:\windows\system32\wintrust.dll") File version = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 176640, File modification date = 04/08/2004 07:56, File description = Microsoft Trust Verification APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.131.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1999501123|0xb015a20c60d2a751777a9c8207a7ba82|
C:\WINDOWS\system32\IMAGEHLP.dll, MID = 76c90000, ("c:\windows\system32\imagehlp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 144384, File modification date = 04/08/2004 07:56, File description = Windows NT Image Helper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1900703932|0x5afce94e8286b2f57a04da37f01bf21a|
C:\WINDOWS\system32\WS2_32.dll, MID = 71ab0000, ("c:\windows\system32\ws2_32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 82944, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1757885354|0x2ed0b7f12a60f90092081c50fa0ec2b2|
C:\WINDOWS\system32\WS2HELP.dll, MID = 71aa0000, ("c:\windows\system32\ws2help.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-170042698|0x9beacb911ca61e5881102188ab7fb431|
C:\WINDOWS\system32\IMM32.DLL, MID = 76390000, ("c:\windows\system32\imm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 110080, File modification date = 04/08/2004 07:56, File description = Windows XP IMM32 API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-43671331|0x87ca7ce6469577f059297b9d6556d66d|
C:\WINDOWS\system32\MSGINA.dll, MID = 75970000, ("c:\windows\system32\msgina.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 994304, File modification date = 04/08/2004 07:56, File description = Windows NT Logon GINA DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1272425533|0xa29af639aa180cc68c59242a10e1d3b1|
C:\WINDOWS\system32\SHELL32.dll, MID = 7c9c0000, ("c:\windows\system32\shell32.dll") File version = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245), File size = 8460288, File modification date = 26/10/2007 03:34, File description = Windows Shell Common Dll, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3241, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1265059713|0x3be4c2e84d99889685fe2b68e5fa2a9d|
C:\WINDOWS\system32\SHLWAPI.dll, MID = 77f60000, ("c:\windows\system32\shlwapi.dll") File version = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040), File size = 474112, File modification date = 04/01/2007 14:05, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3059, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |360429776|0x7ffe0d795f7138a5487fc90a8ec121e1|
C:\WINDOWS\system32\COMCTL32.dll, MID = 5d090000, ("c:\windows\system32\comctl32.dll") File version = 5.82 (xpsp.060825-0040), File size = 617472, File modification date = 25/08/2006 15:45, File description = Common Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |590308980|0xb0124cb21d28b1c9f678b566b6b57d92|
C:\WINDOWS\system32\ODBC32.dll, MID = 74320000, ("c:\windows\system32\odbc32.dll") File version = 3.525.1117.0 (xpsp_sp2_rtm.040803-2158), File size = 249856, File modification date = 04/08/2004 07:56, File description = Microsoft Data Access - ODBC Driver Manager, Product Name = Microsoft Data Access Components, Product version = 3.525.1117.0, Company name = Microsoft Corporation (Copyright (C) Microsoft Corporation 1990-2000) |-1658495452|0xf79d7d98cd764499eccbaaf3f800d349|
C:\WINDOWS\system32\comdlg32.dll, MID = 763b0000, ("c:\windows\system32\comdlg32.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 276992, File modification date = 04/08/2004 07:56, File description = Common Dialogs DLL, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-699718646|0x1edb1bb89d021955e6f7265911175b8d|
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll, MID = 773d0000, ("c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll") File version = 6.0 (xpsp.060825-0040), File size = 1054208, File modification date = 25/08/2006 15:45, File description = User Experience Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1490442124|0xc4e80875c1cf1222fc5efd0314ae5c01|
C:\WINDOWS\system32\odbcint.dll, MID = 20000000, ("c:\windows\system32\odbcint.dll") File version = 3.525.1117.0 (xpsp_sp2_rtm.040803-2158), File size = 94208, File modification date = 04/08/2004 07:56, File description = Microsoft Data Access - ODBC Resources, Product Name = Microsoft Data Access Components, Product version = 3.525.1117.0, Company name = Microsoft Corporation (Copyright (C) Microsoft Corporation 1990-2000) |1827200383|0xc237fb08f52f27823c4e4e6705ecd196|
C:\WINDOWS\system32\SHSVCS.dll, MID = 776e0000, ("c:\windows\system32\shsvcs.dll") File version = 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316), File size = 134656, File modification date = 19/12/2006 21:52, File description = Windows Shell Services Dll, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3051, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1044733352|0x6815def9b810aefac107eeaf72da6f82|
C:\WINDOWS\system32\sfc.dll, MID = 76bb0000, ("c:\windows\system32\sfc.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 5120, File modification date = 04/08/2004 07:56, File description = Windows File Protection, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1292590664|0xe8a12a12ea9088b4327d49edca3add3e|
C:\WINDOWS\system32\sfc_os.dll, MID = 76c60000, ("c:\windows\system32\sfc_os.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 140288, File modification date = 04/08/2004 07:56, File description = Windows File Protection, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |988450403|0x9858cc4d73a4ccf2f852fae07c11a0b5|
C:\WINDOWS\system32\ole32.dll, MID = 774e0000, ("c:\windows\system32\ole32.dll") File version = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), File size = 1285120, File modification date = 26/07/2005 04:39, File description = Microsoft OLE for Windows, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2726, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1389208961|0xab8231d13692ac5088eb9c226b0c0576|
C:\WINDOWS\system32\Apphelp.dll, MID = 77b40000, ("c:\windows\system32\apphelp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 126976, File modification date = 04/08/2004 07:56, File description = Application Compatibility Client Library, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1990618285|0xeca24ab73fcffa754d4070cdb03529e3|
C:\WINDOWS\system32\msctfime.ime, MID = 755c0000, ("c:\windows\system32\msctfime.ime") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 177152, File modification date = 04/08/2004 07:56, File description = Microsoft Text Frame Work Service IME, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1785802648|0xd87041eaa67eca4394f6d5d09c0c2885|
C:\WINDOWS\system32\sxs.dll, MID = 75e90000, ("c:\windows\system32\sxs.dll") File version = 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414), File size = 713216, File modification date = 19/10/2006 13:56, File description = Fusion 2.5, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3019, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |641248419|0x0ff9fa27706fbe9048990c108c0d62f0|
C:\WINDOWS\system32\WINSCARD.DLL, MID = 723d0000, ("c:\windows\system32\winscard.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 99328, File modification date = 04/08/2004 07:56, File description = Microsoft Smart Card API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |261861770|0x7bcb23fa39ce266af4347a6beab60f8c|
C:\WINDOWS\system32\WTSAPI32.dll, MID = 76f50000, ("c:\windows\system32\wtsapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18432, File modification date = 04/08/2004 07:56, File description = Windows Terminal Server SDK APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-593757918|0x67f2d109ab373feceb819f420db11f03|
C:\WINDOWS\system32\WINMM.dll, MID = 76b40000, ("c:\windows\system32\winmm.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 176128, File modification date = 04/08/2004 07:56, File description = MCI API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |305547002|0x90fdaa22f38d9e911f91fa3b8a1f7e5d|
C:\WINDOWS\system32\uxtheme.dll, MID = 5ad70000, ("c:\windows\system32\uxtheme.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 218624, File modification date = 04/08/2004 07:56, File description = Microsoft UxTheme Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1521061666|0x2cde496666a975a2ce8f969f3042c8db|
C:\WINDOWS\system32\cscdll.dll, MID = 76600000, ("c:\windows\system32\cscdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 101888, File modification date = 04/08/2004 07:56, File description = Offline Network Agent, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-247978472|0x587729679b4fe04ce06a5c61d6c56dcd|
C:\WINDOWS\system32\WlNotify.dll, MID = 75950000, ("c:\windows\system32\wlnotify.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 92672, File modification date = 04/08/2004 07:56, File description = Common DLL to receive Winlogon notifications, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-235581390|0xa599e5e366c1408e48aa5d37882d4e3e|
C:\WINDOWS\system32\WINSPOOL.DRV, MID = 73000000, ("c:\windows\system32\winspool.drv") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 146432, File modification date = 04/08/2004 07:56, File description = Windows Spooler Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |511192227|0x777eb29d0135d81ad9828a2b05443496|
C:\WINDOWS\system32\MPR.dll, MID = 71b20000, ("c:\windows\system32\mpr.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 59904, File modification date = 04/08/2004 07:56, File description = Multiple Provider Router DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1996326639|0x2cfe80aa3428c09e6de67fac50da65cf|
C:\WINDOWS\system32\rsaenh.dll, MID = ffd0000, ("c:\windows\system32\rsaenh.dll") File version = 5.1.2600.2161 (xpsp.040706-1629), File size = 152576, File modification date = 04/08/2004 05:31, File description = Microsoft Enhanced Cryptographic Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2161, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1510428990|0x26acbd865f8cff730f1791c4d0854352|
C:\WINDOWS\system32\WgaLogon.dll, MID = 1820000, ("c:\windows\system32\wgalogon.dll") File version = 1.7.0018.7, File size = 236928, File modification date = 10/04/2007 22:00, File description = Windows Genuine Advantage Notification, Product Name = Windows Genuine Advantage, Product version = 1.7.0018.7, Company name = Microsoft Corporation (© 1995-2007 Microsoft Corporation) |-413801287|0xb69ebbb72ef2d15084c8b10ba4593ad6|
C:\WINDOWS\system32\OLEAUT32.dll, MID = 77120000, ("c:\windows\system32\oleaut32.dll") File version = 5.1.2600.3266, File size = 550912, File modification date = 04/12/2007 18:38, File description = (null), Product Name = (null), Product version = 5.1.2600.3266, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-2001.) |409301632|0x0144abc4c4a624b583d432ee478a711c|
C:\WINDOWS\system32\NTMARTA.DLL, MID = 77690000, ("c:\windows\system32\ntmarta.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 118784, File modification date = 04/08/2004 07:56, File description = Windows NT MARTA provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1318044394|0xdaa91b358e685fc6cca9aca72be6fe85|
C:\WINDOWS\system32\WLDAP32.dll, MID = 76f60000, ("c:\windows\system32\wldap32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 172032, File modification date = 04/08/2004 07:56, File description = Win32 LDAP API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1605268905|0x10f36fa092d7a309a0647fcdc764ae6c|
C:\WINDOWS\system32\SAMLIB.dll, MID = 71bf0000, ("c:\windows\system32\samlib.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 64000, File modification date = 04/08/2004 07:56, File description = SAM Library DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1039413179|0xebe12f403fde45e7312e7bf764bfb6c6|
C:\WINDOWS\system32\CLBCATQ.DLL, MID = 76fd0000, ("c:\windows\system32\clbcatq.dll") File version = 2001.12.4414.308, File size = 498688, File modification date = 26/07/2005 04:39, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |-1645411569|0xec8a848fc4f17f3b3d9da4a0c43fb930|
C:\WINDOWS\system32\COMRes.dll, MID = 77050000, ("c:\windows\system32\comres.dll") File version = 2001.12.4414.258, File size = 792064, File modification date = 04/08/2004 07:56, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |1511175330|0x6728270cb7dbb776ed086f5ac4c82310|
C:\WINDOWS\system32\WRLogonNTF.dll, MID = 1100000, ("c:\windows\system32\wrlogonntf.dll") File version = 3,5,6,114, File size = 219504, File modification date = 05/01/2008 04:34, File description = Spy Sweeper Engine, Product Name = Spy Sweeper SDK, Product version = 3, 5, Company name = Webroot Software, Inc. (Copyright (C) 2002 - 2007, All Rights Reserved.) |-1468008272|0x9ba2293efc229743d76bf7637e07df44|
C:\WINDOWS\system32\msv1_0.dll, MID = 77c70000, ("c:\windows\system32\msv1_0.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 129536, File modification date = 04/08/2004 07:56, File description = Microsoft Authentication Package v1.0, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1862327760|0x77c41f9146450c89534704a75836ce56|
C:\WINDOWS\system32\iphlpapi.dll, MID = 76d60000, ("c:\windows\system32\iphlpapi.dll") File version = 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), File size = 94720, File modification date = 19/05/2006 12:59, File description = IP Helper API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2912, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |858262452|0x011eacf9153ef90e6cbce2987acae411|
C:\WINDOWS\system32\cscui.dll, MID = 77a20000, ("c:\windows\system32\cscui.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 326656, File modification date = 04/08/2004 07:56, File description = Client Side Caching UI, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1505085259|0x51230212ae7f8159a90f06a7ea30dd8a|
C:\WINDOWS\system32\MPRAPI.dll, MID = 76d40000, ("c:\windows\system32\mprapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 87040, File modification date = 04/08/2004 07:56, File description = Windows NT MP Router Administration DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-773549397|0x9f78f329b1858e845087b923b4dba0f3|
C:\WINDOWS\system32\ACTIVEDS.dll, MID = 77cc0000, ("c:\windows\system32\activeds.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 194048, File modification date = 04/08/2004 07:56, File description = ADs Router Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1367841023|0x875d770f477e0ae0088be1810d537b23|
C:\WINDOWS\system32\adsldpc.dll, MID = 76e10000, ("c:\windows\system32\adsldpc.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 143360, File modification date = 04/08/2004 07:56, File description = ADs LDAP Provider C DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-407021944|0x12a581ca44e53b09d24c5b94f252c78d|
C:\WINDOWS\system32\ATL.DLL, MID = 76b20000, ("c:\windows\system32\atl.dll") File version = 3.05.2284, File size = 58880, File modification date = 04/08/2004 07:56, File description = ATL Module for Windows XP (Unicode), Product Name = Microsoft (R) Visual C++, Product version = 6.05.2284, Company name = Microsoft Corporation (Copyright © Microsoft Corp.) |-391632475|0x2d40edb9bf811590dad7406dec67b926|
C:\WINDOWS\system32\rtutils.dll, MID = 76e80000, ("c:\windows\system32\rtutils.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 44032, File modification date = 04/08/2004 07:56, File description = Routing Utilities, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1152776202|0x2030fa027e7c3e0a145649c03171457b|
C:\WINDOWS\system32\xpsp2res.dll, MID = 1870000, ("c:\windows\system32\xpsp2res.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 2897920, File modification date = 04/08/2004 07:56, File description = Service Pack 2 Messages, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |649549229|0x1320aea7057a26a671d9548cc7bebda5|
C:\WINDOWS\system32\wdmaud.drv, MID = 72d20000, ("c:\windows\system32\wdmaud.drv") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 23552, File modification date = 04/08/2004 07:56, File description = WDM Audio driver mapper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1741781778|0xd6a8dc8c374eea24744f2d4e87ca0e7e|
C:\WINDOWS\system32\msacm32.drv, MID = 72d10000, ("c:\windows\system32\msacm32.drv") File version = 5.1.2600.0 (xpclient.010817-1148), File size = 20480, File modification date = 23/08/2001 12:00, File description = Microsoft Sound Mapper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-717198418|0x9a3bd5f55aadff859539142f6328a66e|
C:\WINDOWS\system32\MSACM32.dll, MID = 77be0000, ("c:\windows\system32\msacm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 71680, File modification date = 04/08/2004 07:56, File description = Microsoft ACM Audio Filter, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1780582686|0x975d12353b1d525c0f3444c447fb3b9a|
C:\WINDOWS\system32\midimap.dll, MID = 77bd0000, ("c:\windows\system32\midimap.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18944, File modification date = 04/08/2004 07:56, File description = Microsoft MIDI Mapper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1345016450|0x3b4702155bb2ae9dc00c06a68834bdfa|

PROCESS services, PID = 712, USER = NT AUTHORITY\SYSTEM (Group - BUILTIN\Administrators, Everyone, NT AUTHORITY\Authenticated Users), Command Line = C:\WINDOWS\system32\services.exe
"c:\windows\system32\services.exe" File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 108032, File modification date = 04/08/2004 07:56, File description = Services and Controller app, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |5046930|0xc6ce6eec82f187615d1002bb3bb50ed4|
C:\WINDOWS\system32\services.exe, MID = 1000000, ("c:\windows\system32\services.exe") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 108032, File modification date = 04/08/2004 07:56, File description = Services and Controller app, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |5046930|0xc6ce6eec82f187615d1002bb3bb50ed4|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|
C:\WINDOWS\system32\kernel32.dll, MID = 7c800000, ("c:\windows\system32\kernel32.dll") File version = 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301), File size = 984576, File modification date = 16/04/2007 15:52, File description = Windows NT BASE API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3119, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751812395|0xa01f9ca902a88f7ced06884174d6419d|
C:\WINDOWS\system32\msvcrt.dll, MID = 77c10000, ("c:\windows\system32\msvcrt.dll") File version = 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 343040, File modification date = 04/08/2004 07:56, File description = Windows NT CRT DLL, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1385742533|0xb0fefa816d61ec66aa765ddf534eab5e|
C:\WINDOWS\system32\ADVAPI32.dll, MID = 77dd0000, ("c:\windows\system32\advapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 616960, File modification date = 04/08/2004 07:56, File description = Advanced Windows 32 Base API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1585065738|0x1aff244ca134956c54474f4e2433e4ce|
C:\WINDOWS\system32\RPCRT4.dll, MID = 77e70000, ("c:\windows\system32\rpcrt4.dll") File version = 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052), File size = 582656, File modification date = 09/07/2007 13:16, File description = Remote Procedure Call Runtime, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3173, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |862413953|0xec9d7fd24172c1879e7673f654e55cec|
C:\WINDOWS\system32\USER32.dll, MID = 7e410000, ("c:\windows\system32\user32.dll") File version = 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), File size = 577536, File modification date = 08/03/2007 15:36, File description = Windows XP USER API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3099, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-550357050|0xb409909f6e2e8a7067076ed748abf1e7|
C:\WINDOWS\system32\GDI32.dll, MID = 77f10000, ("c:\windows\system32\gdi32.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 282624, File modification date = 20/02/2008 06:51, File description = GDI Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |404757280|0x011fc443e31e3d51b238564bc499b9b1|
C:\WINDOWS\system32\USERENV.dll, MID = 769c0000, ("c:\windows\system32\userenv.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 723456, File modification date = 04/08/2004 07:56, File description = Userenv, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-59535776|0x2b9b56a89a8a42e917511972a6db36e3|
C:\WINDOWS\system32\SCESRV.dll, MID = 758e0000, ("c:\windows\system32\scesrv.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 313856, File modification date = 04/08/2004 07:56, File description = Windows Security Configuration Editor Engine, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1368365877|0x9a42c1f3154545a4d32e5043038b01fa|
C:\WINDOWS\system32\AUTHZ.dll, MID = 776c0000, ("c:\windows\system32\authz.dll") File version = 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519), File size = 56832, File modification date = 02/03/2005 18:09, File description = Authorization Framework, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2622, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1099216452|0x5c3df25926729ebeef5cc7ff1933b360|
C:\WINDOWS\system32\umpnpmgr.dll, MID = 7dba0000, ("c:\windows\system32\umpnpmgr.dll") File version = 5.1.2600.2744 (xpsp_sp2_gdr.050822-1647), File size = 123392, File modification date = 23/08/2005 03:35, File description = User-mode Plug-and-Play Service, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2744, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |785546463|0x586211f4ff4bc49cc215c956919cd33b|
C:\WINDOWS\system32\WINSTA.dll, MID = 76360000, ("c:\windows\system32\winsta.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 53760, File modification date = 04/08/2004 07:56, File description = Winstation Library, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1778901481|0x7bc4ba4c33adf3ef5cd370d99bc60b04|
C:\WINDOWS\system32\NETAPI32.dll, MID = 5b860000, ("c:\windows\system32\netapi32.dll") File version = 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), File size = 332288, File modification date = 17/08/2006 12:28, File description = Net Win32 API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2976, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |640979505|0x35a4c61b5a9ae04e73843fb21f9a1137|
C:\WINDOWS\system32\NCObjAPI.DLL, MID = 5f770000, ("c:\windows\system32\ncobjapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 36352, File modification date = 04/08/2004 07:56, File description = , Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-915191360|0xda201a0a309b96381fd674d0fab5da86|
C:\WINDOWS\system32\MSVCP60.dll, MID = 76080000, ("c:\windows\system32\msvcp60.dll") File version = 6.02.3104.0, File size = 413696, File modification date = 04/08/2004 07:56, File description = Microsoft (R) C++ Runtime Library, Product Name = Microsoft (R) Visual C++, Product version = 6.02.3104.0, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1998) |-817830461|0x1f57eb5b92b2ac7f9d71a77d184d8c13|
C:\WINDOWS\system32\ShimEng.dll, MID = 5cb70000, ("c:\windows\system32\shimeng.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 65536, File modification date = 04/08/2004 07:56, File description = Shim Engine DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1268187735|0x43da983415ea533f9e667fdb415f4655|
C:\WINDOWS\AppPatch\AcAdProc.dll, MID = 47260000, ("c:\windows\apppatch\acadproc.dll") File version = 5.1.2600.3008 (xpsp.061004-0027), File size = 39424, File modification date = 04/10/2006 14:05, File description = Windows Compatibility DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3008, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1130364606|0x744ea281298317e91c3bea70bf3843d4|
C:\WINDOWS\system32\IMM32.DLL, MID = 76390000, ("c:\windows\system32\imm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 110080, File modification date = 04/08/2004 07:56, File description = Windows XP IMM32 API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-43671331|0x87ca7ce6469577f059297b9d6556d66d|
C:\WINDOWS\system32\secur32.dll, MID = 77fe0000, ("c:\windows\system32\secur32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 55808, File modification date = 04/08/2004 07:56, File description = Security Support Provider Interface, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1513275479|0x81459cb8e975003ad28b8abb8dfa8329|
C:\WINDOWS\system32\Apphelp.dll, MID = 77b40000, ("c:\windows\system32\apphelp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 126976, File modification date = 04/08/2004 07:56, File description = Application Compatibility Client Library, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1990618285|0xeca24ab73fcffa754d4070cdb03529e3|
C:\WINDOWS\system32\VERSION.dll, MID = 77c00000, ("c:\windows\system32\version.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18944, File modification date = 04/08/2004 07:56, File description = Version Checking and File Installation Libraries, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-807126597|0xd38408967be738d0c1b47005bce8ceeb|
C:\WINDOWS\system32\eventlog.dll, MID = 77b70000, ("c:\windows\system32\eventlog.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 55808, File modification date = 04/08/2004 07:56, File description = Event Logging Service, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1163935374|0x82b24cb70e5944e6e34662205a2a5b78|
C:\WINDOWS\system32\WS2_32.dll, MID = 71ab0000, ("c:\windows\system32\ws2_32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 82944, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1757885354|0x2ed0b7f12a60f90092081c50fa0ec2b2|
C:\WINDOWS\system32\WS2HELP.dll, MID = 71aa0000, ("c:\windows\system32\ws2help.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-170042698|0x9beacb911ca61e5881102188ab7fb431|
C:\WINDOWS\system32\PSAPI.DLL, MID = 76bf0000, ("c:\windows\system32\psapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 23040, File modification date = 04/08/2004 07:56, File description = Process Status Helper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1750840696|0x96e48c7eb9089d1dbf6f85ca11b264df|
C:\WINDOWS\system32\wtsapi32.dll, MID = 76f50000, ("c:\windows\system32\wtsapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18432, File modification date = 04/08/2004 07:56, File description = Windows Terminal Server SDK APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-593757918|0x67f2d109ab373feceb819f420db11f03|

PROCESS lsass, PID = 724, USER = NT AUTHORITY\SYSTEM (Group - BUILTIN\Administrators, Everyone, NT AUTHORITY\Authenticated Users), Command Line = C:\WINDOWS\system32\lsass.exe
"c:\windows\system32\lsass.exe" File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 13312, File modification date = 04/08/2004 07:56, File description = LSA Shell (Export Version), Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1591658827|0x84885f9b82f4d55c6146ebf6065d75d2|
C:\WINDOWS\system32\lsass.exe, MID = 1000000, ("c:\windows\system32\lsass.exe") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 13312, File modification date = 04/08/2004 07:56, File description = LSA Shell (Export Version), Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1591658827|0x84885f9b82f4d55c6146ebf6065d75d2|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|
C:\WINDOWS\system32\kernel32.dll, MID = 7c800000, ("c:\windows\system32\kernel32.dll") File version = 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301), File size = 984576, File modification date = 16/04/2007 15:52, File description = Windows NT BASE API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3119, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751812395|0xa01f9ca902a88f7ced06884174d6419d|
C:\WINDOWS\system32\ADVAPI32.dll, MID = 77dd0000, ("c:\windows\system32\advapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 616960, File modification date = 04/08/2004 07:56, File description = Advanced Windows 32 Base API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1585065738|0x1aff244ca134956c54474f4e2433e4ce|
C:\WINDOWS\system32\RPCRT4.dll, MID = 77e70000, ("c:\windows\system32\rpcrt4.dll") File version = 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052), File size = 582656, File modification date = 09/07/2007 13:16, File description = Remote Procedure Call Runtime, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3173, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |862413953|0xec9d7fd24172c1879e7673f654e55cec|
C:\WINDOWS\system32\LSASRV.dll, MID = 75730000, ("c:\windows\system32\lsasrv.dll") File version = 5.1.2600.3249 (xpsp_sp2_gdr.071106-1716), File size = 721920, File modification date = 07/11/2007 09:26, File description = LSA Server DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3249, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1320885826|0xf1c69fd5009cd4219c8dca5df475d66b|
C:\WINDOWS\system32\MPR.dll, MID = 71b20000, ("c:\windows\system32\mpr.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 59904, File modification date = 04/08/2004 07:56, File description = Multiple Provider Router DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1996326639|0x2cfe80aa3428c09e6de67fac50da65cf|
C:\WINDOWS\system32\USER32.dll, MID = 7e410000, ("c:\windows\system32\user32.dll") File version = 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), File size = 577536, File modification date = 08/03/2007 15:36, File description = Windows XP USER API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3099, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-550357050|0xb409909f6e2e8a7067076ed748abf1e7|
C:\WINDOWS\system32\GDI32.dll, MID = 77f10000, ("c:\windows\system32\gdi32.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 282624, File modification date = 20/02/2008 06:51, File description = GDI Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |404757280|0x011fc443e31e3d51b238564bc499b9b1|
C:\WINDOWS\system32\MSASN1.dll, MID = 77b20000, ("c:\windows\system32\msasn1.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 57344, File modification date = 04/08/2004 07:56, File description = ASN.1 Runtime APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-720210377|0x3cd1ce106ca2a9b4cc626d7df03fbd6f|
C:\WINDOWS\system32\msvcrt.dll, MID = 77c10000, ("c:\windows\system32\msvcrt.dll") File version = 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 343040, File modification date = 04/08/2004 07:56, File description = Windows NT CRT DLL, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1385742533|0xb0fefa816d61ec66aa765ddf534eab5e|
C:\WINDOWS\system32\NETAPI32.dll, MID = 5b860000, ("c:\windows\system32\netapi32.dll") File version = 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), File size = 332288, File modification date = 17/08/2006 12:28, File description = Net Win32 API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2976, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |640979505|0x35a4c61b5a9ae04e73843fb21f9a1137|
C:\WINDOWS\system32\NTDSAPI.dll, MID = 767a0000, ("c:\windows\system32\ntdsapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 67072, File modification date = 04/08/2004 07:56, File description = NT5DS, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-639436442|0x6201bacf384292a5fe94ce73364ae53a|
C:\WINDOWS\system32\DNSAPI.dll, MID = 76f20000, ("c:\windows\system32\dnsapi.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 148992, File modification date = 20/02/2008 05:32, File description = DNS Client API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-373327215|0x4ff71085babae623f3fee11e1f86d9cd|
C:\WINDOWS\system32\WS2_32.dll, MID = 71ab0000, ("c:\windows\system32\ws2_32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 82944, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1757885354|0x2ed0b7f12a60f90092081c50fa0ec2b2|
C:\WINDOWS\system32\WS2HELP.dll, MID = 71aa0000, ("c:\windows\system32\ws2help.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-170042698|0x9beacb911ca61e5881102188ab7fb431|
C:\WINDOWS\system32\WLDAP32.dll, MID = 76f60000, ("c:\windows\system32\wldap32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 172032, File modification date = 04/08/2004 07:56, File description = Win32 LDAP API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1605268905|0x10f36fa092d7a309a0647fcdc764ae6c|
C:\WINDOWS\system32\Secur32.dll, MID = 77fe0000, ("c:\windows\system32\secur32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 55808, File modification date = 04/08/2004 07:56, File description = Security Support Provider Interface, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1513275479|0x81459cb8e975003ad28b8abb8dfa8329|
C:\WINDOWS\system32\SAMLIB.dll, MID = 71bf0000, ("c:\windows\system32\samlib.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 64000, File modification date = 04/08/2004 07:56, File description = SAM Library DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1039413179|0xebe12f403fde45e7312e7bf764bfb6c6|
C:\WINDOWS\system32\SAMSRV.dll, MID = 74440000, ("c:\windows\system32\samsrv.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 415744, File modification date = 04/08/2004 07:56, File description = SAM Server DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-482609018|0xe15154e7fda8a580a8f74c7cc16b1ffe|
C:\WINDOWS\system32\cryptdll.dll, MID = 76790000, ("c:\windows\system32\cryptdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 33280, File modification date = 04/08/2004 07:56, File description = Cryptography Manager, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-704933996|0xef5b64a9cd71ed27e837165c08da4cc1|
C:\WINDOWS\system32\ShimEng.dll, MID = 5cb70000, ("c:\windows\system32\shimeng.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 65536, File modification date = 04/08/2004 07:56, File description = Shim Engine DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1268187735|0x43da983415ea533f9e667fdb415f4655|
C:\WINDOWS\AppPatch\AcGenral.DLL, MID = 6f880000, ("c:\windows\apppatch\acgenral.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 1852416, File modification date = 04/08/2004 07:56, File description = Windows Compatibility DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1968887141|0xfb537f29a827d78f756154cf397a113f|
C:\WINDOWS\system32\WINMM.dll, MID = 76b40000, ("c:\windows\system32\winmm.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 176128, File modification date = 04/08/2004 07:56, File description = MCI API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |305547002|0x90fdaa22f38d9e911f91fa3b8a1f7e5d|
C:\WINDOWS\system32\ole32.dll, MID = 774e0000, ("c:\windows\system32\ole32.dll") File version = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), File size = 1285120, File modification date = 26/07/2005 04:39, File description = Microsoft OLE for Windows, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2726, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1389208961|0xab8231d13692ac5088eb9c226b0c0576|
C:\WINDOWS\system32\OLEAUT32.dll, MID = 77120000, ("c:\windows\system32\oleaut32.dll") File version = 5.1.2600.3266, File size = 550912, File modification date = 04/12/2007 18:38, File description = (null), Product Name = (null), Product version = 5.1.2600.3266, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-2001.) |409301632|0x0144abc4c4a624b583d432ee478a711c|
C:\WINDOWS\system32\MSACM32.dll, MID = 77be0000, ("c:\windows\system32\msacm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 71680, File modification date = 04/08/2004 07:56, File description = Microsoft ACM Audio Filter, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1780582686|0x975d12353b1d525c0f3444c447fb3b9a|
C:\WINDOWS\system32\VERSION.dll, MID = 77c00000, ("c:\windows\system32\version.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18944, File modification date = 04/08/2004 07:56, File description = Version Checking and File Installation Libraries, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-807126597|0xd38408967be738d0c1b47005bce8ceeb|
C:\WINDOWS\system32\SHELL32.dll, MID = 7c9c0000, ("c:\windows\system32\shell32.dll") File version = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245), File size = 8460288, File modification date = 26/10/2007 03:34, File description = Windows Shell Common Dll, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3241, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1265059713|0x3be4c2e84d99889685fe2b68e5fa2a9d|
C:\WINDOWS\system32\SHLWAPI.dll, MID = 77f60000, ("c:\windows\system32\shlwapi.dll") File version = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040), File size = 474112, File modification date = 04/01/2007 14:05, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3059, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |360429776|0x7ffe0d795f7138a5487fc90a8ec121e1|
C:\WINDOWS\system32\USERENV.dll, MID = 769c0000, ("c:\windows\system32\userenv.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 723456, File modification date = 04/08/2004 07:56, File description = Userenv, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-59535776|0x2b9b56a89a8a42e917511972a6db36e3|
C:\WINDOWS\system32\UxTheme.dll, MID = 5ad70000, ("c:\windows\system32\uxtheme.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 218624, File modification date = 04/08/2004 07:56, File description = Microsoft UxTheme Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1521061666|0x2cde496666a975a2ce8f969f3042c8db|
C:\WINDOWS\system32\IMM32.DLL, MID = 76390000, ("c:\windows\system32\imm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 110080, File modification date = 04/08/2004 07:56, File description = Windows XP IMM32 API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-43671331|0x87ca7ce6469577f059297b9d6556d66d|
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll, MID = 773d0000, ("c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll") File version = 6.0 (xpsp.060825-0040), File size = 1054208, File modification date = 25/08/2006 15:45, File description = User Experience Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1490442124|0xc4e80875c1cf1222fc5efd0314ae5c01|
C:\WINDOWS\system32\comctl32.dll, MID = 5d090000, ("c:\windows\system32\comctl32.dll") File version = 5.82 (xpsp.060825-0040), File size = 617472, File modification date = 25/08/2006 15:45, File description = Common Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |590308980|0xb0124cb21d28b1c9f678b566b6b57d92|
C:\WINDOWS\system32\msprivs.dll, MID = 20000000, ("c:\windows\system32\msprivs.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 48128, File modification date = 04/08/2004 07:56, File description = Microsoft Privilege Translations, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |358592028|0x6bec17053284e847cf1fbb8c9a181e1e|
C:\WINDOWS\system32\kerberos.dll, MID = 71cf0000, ("c:\windows\system32\kerberos.dll") File version = 5.1.2600.2698 (xpsp_sp2_gdr.050614-1522), File size = 295936, File modification date = 15/06/2005 17:49, File description = Kerberos Security Package, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2698, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |692991453|0xfc3bcbef084377fb3ab43e0e2ff812cb|
C:\WINDOWS\system32\msv1_0.dll, MID = 77c70000, ("c:\windows\system32\msv1_0.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 129536, File modification date = 04/08/2004 07:56, File description = Microsoft Authentication Package v1.0, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1862327760|0x77c41f9146450c89534704a75836ce56|
C:\WINDOWS\system32\iphlpapi.dll, MID = 76d60000, ("c:\windows\system32\iphlpapi.dll") File version = 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), File size = 94720, File modification date = 19/05/2006 12:59, File description = IP Helper API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2912, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |858262452|0x011eacf9153ef90e6cbce2987acae411|
C:\WINDOWS\system32\netlogon.dll, MID = 744b0000, ("c:\windows\system32\netlogon.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 407040, File modification date = 04/08/2004 07:56, File description = Net Logon Services DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |613748669|0x96353fcecba774bb8da74a1c6507015a|
C:\WINDOWS\system32\w32time.dll, MID = 767c0000, ("c:\windows\system32\w32time.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 174592, File modification date = 04/08/2004 07:56, File description = Windows Time Service, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |128142632|0x2b281958f5d0cf99ed626e3ef39d5c8d|
C:\WINDOWS\system32\MSVCP60.dll, MID = 76080000, ("c:\windows\system32\msvcp60.dll") File version = 6.02.3104.0, File size = 413696, File modification date = 04/08/2004 07:56, File description = Microsoft (R) C++ Runtime Library, Product Name = Microsoft (R) Visual C++, Product version = 6.02.3104.0, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1998) |-817830461|0x1f57eb5b92b2ac7f9d71a77d184d8c13|
C:\WINDOWS\system32\schannel.dll, MID = 767f0000, ("c:\windows\system32\schannel.dll") File version = 5.1.2600.3126 (xpsp_sp2_gdr.070425-0226), File size = 144896, File modification date = 25/04/2007 14:21, File description = TLS / SSL Security Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3126, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-925933115|0x532ea80e9f5452928f8426653215be29|
C:\WINDOWS\system32\CRYPT32.dll, MID = 77a80000, ("c:\windows\system32\crypt32.dll") File version = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 597504, File modification date = 04/08/2004 07:56, File description = Crypto API32, Product Name = Microsoft® Windows® Operating System, Product version = 5.131.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1759588438|0xefc958396a7a7ef7e6d4a52b97512e18|
C:\WINDOWS\system32\wdigest.dll, MID = 74380000, ("c:\windows\system32\wdigest.dll") File version = 5.1.2600.2874 (xpsp_sp2_gdr.060323-1516), File size = 49152, File modification date = 24/03/2006 04:37, File description = Microsoft Digest Access, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2874, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |96214812|0xc43d8f6ff8ac074ccd9b34b781e23e86|
C:\WINDOWS\system32\rsaenh.dll, MID = ffd0000, ("c:\windows\system32\rsaenh.dll") File version = 5.1.2600.2161 (xpsp.040706-1629), File size = 152576, File modification date = 04/08/2004 05:31, File description = Microsoft Enhanced Cryptographic Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2161, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1510428990|0x26acbd865f8cff730f1791c4d0854352|
C:\WINDOWS\system32\scecli.dll, MID = 74410000, ("c:\windows\system32\scecli.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 180224, File modification date = 04/08/2004 07:56, File description = Windows Security Configuration Editor Client Engine, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-739716039|0x0f78e27f563f2aaf74b91a49e2abf19a|
C:\WINDOWS\system32\SETUPAPI.dll, MID = 77920000, ("c:\windows\system32\setupapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 983552, File modification date = 04/08/2004 07:56, File description = Windows Setup API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |598744909|0x7808313cbc634ee08346d5ddfef1cc5f|
C:\WINDOWS\system32\ipsecsvc.dll, MID = 743e0000, ("c:\windows\system32\ipsecsvc.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 182784, File modification date = 04/08/2004 07:56, File description = Windows IPSec SPD Server DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-836538909|0xd1e299962b5956005113ec4ab1e0d9b7|
C:\WINDOWS\system32\AUTHZ.dll, MID = 776c0000, ("c:\windows\system32\authz.dll") File version = 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519), File size = 56832, File modification date = 02/03/2005 18:09, File description = Authorization Framework, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2622, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1099216452|0x5c3df25926729ebeef5cc7ff1933b360|
C:\WINDOWS\system32\oakley.DLL, MID = 75d90000, ("c:\windows\system32\oakley.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 266752, File modification date = 04/08/2004 07:56, File description = Oakley Key Manager, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1678464623|0xa76128be63eea6a3af521a0576d3ebf7|
C:\WINDOWS\system32\WINIPSEC.DLL, MID = 74370000, ("c:\windows\system32\winipsec.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 32768, File modification date = 04/08/2004 07:56, File description = Windows IPSec SPD Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-30270437|0x2b2f31e3f2ce3723c1b0f3700c8be28b|
C:\WINDOWS\system32\pstorsvc.dll, MID = 743a0000, ("c:\windows\system32\pstorsvc.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 34304, File modification date = 04/08/2004 07:56, File description = Protected storage server, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |134640984|0x306b30a036db25fcb76b507fede07d58|
C:\WINDOWS\system32\mswsock.dll, MID = 71a50000, ("c:\windows\system32\mswsock.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 245248, File modification date = 04/08/2004 07:56, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-500132976|0x4e74af063c3271fbea20dd940cfd1184|
C:\WINDOWS\system32\hnetcfg.dll, MID = 662b0000, ("c:\windows\system32\hnetcfg.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 344064, File modification date = 04/08/2004 07:56, File description = Home Networking Configuration Manager, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1827756751|0x765b30c776a1780b46b479fe614f707c|
C:\WINDOWS\System32\wshtcpip.dll, MID = 71a90000, ("c:\windows\system32\wshtcpip.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Sockets Helper DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1198735131|0xa7f95a53ee055115df03588997a47d4d|
C:\WINDOWS\system32\psbase.dll, MID = 743c0000, ("c:\windows\system32\psbase.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 96768, File modification date = 04/08/2004 07:56, File description = Protected Storage default provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2075664134|0x4d3ccdf22d2b4bae229ba73b81d13e26|
C:\WINDOWS\system32\dssenh.dll, MID = 68100000, ("c:\windows\system32\dssenh.dll") File version = 5.1.2600.2133 (xpsp.040514-1639), File size = 137216, File modification date = 04/08/2004 05:31, File description = Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2133, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2063081844|0xcacd2c63a79268d131ea37e85524cc44|

PROCESS svchost, PID = 892, USER = NT AUTHORITY\SYSTEM (Group - BUILTIN\Administrators, Everyone, NT AUTHORITY\Authenticated Users), Command Line = C:\WINDOWS\system32\svchost -k DcomLaunch
"C:\WINDOWS\system32\svchost.exe" File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 14336, File modification date = 04/08/2004 07:56, File description = Generic Host Process for Win32 Services, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1487710196|0x8f078ae4ed187aaabc0a305146de6716|
C:\WINDOWS\system32\svchost.exe, MID = 1000000, ("C:\WINDOWS\system32\svchost.exe") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 14336, File modification date = 04/08/2004 07:56, File description = Generic Host Process for Win32 Services, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1487710196|0x8f078ae4ed187aaabc0a305146de6716|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|
C:\WINDOWS\system32\kernel32.dll, MID = 7c800000, ("c:\windows\system32\kernel32.dll") File version = 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301), File size = 984576, File modification date = 16/04/2007 15:52, File description = Windows NT BASE API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3119, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751812395|0xa01f9ca902a88f7ced06884174d6419d|
C:\WINDOWS\system32\ADVAPI32.dll, MID = 77dd0000, ("c:\windows\system32\advapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 616960, File modification date = 04/08/2004 07:56, File description = Advanced Windows 32 Base API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1585065738|0x1aff244ca134956c54474f4e2433e4ce|
C:\WINDOWS\system32\RPCRT4.dll, MID = 77e70000, ("c:\windows\system32\rpcrt4.dll") File version = 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052), File size = 582656, File modification date = 09/07/2007 13:16, File description = Remote Procedure Call Runtime, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3173, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |862413953|0xec9d7fd24172c1879e7673f654e55cec|
C:\WINDOWS\system32\ShimEng.dll, MID = 5cb70000, ("c:\windows\system32\shimeng.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 65536, File modification date = 04/08/2004 07:56, File description = Shim Engine DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1268187735|0x43da983415ea533f9e667fdb415f4655|
C:\WINDOWS\AppPatch\AcGenral.DLL, MID = 6f880000, ("c:\windows\apppatch\acgenral.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 1852416, File modification date = 04/08/2004 07:56, File description = Windows Compatibility DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1968887141|0xfb537f29a827d78f756154cf397a113f|
C:\WINDOWS\system32\USER32.dll, MID = 7e410000, ("c:\windows\system32\user32.dll") File version = 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), File size = 577536, File modification date = 08/03/2007 15:36, File description = Windows XP USER API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3099, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-550357050|0xb409909f6e2e8a7067076ed748abf1e7|
C:\WINDOWS\system32\GDI32.dll, MID = 77f10000, ("c:\windows\system32\gdi32.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 282624, File modification date = 20/02/2008 06:51, File description = GDI Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |404757280|0x011fc443e31e3d51b238564bc499b9b1|
C:\WINDOWS\system32\WINMM.dll, MID = 76b40000, ("c:\windows\system32\winmm.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 176128, File modification date = 04/08/2004 07:56, File description = MCI API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |305547002|0x90fdaa22f38d9e911f91fa3b8a1f7e5d|
C:\WINDOWS\system32\ole32.dll, MID = 774e0000, ("c:\windows\system32\ole32.dll") File version = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), File size = 1285120, File modification date = 26/07/2005 04:39, File description = Microsoft OLE for Windows, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2726, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1389208961|0xab8231d13692ac5088eb9c226b0c0576|
C:\WINDOWS\system32\msvcrt.dll, MID = 77c10000, ("c:\windows\system32\msvcrt.dll") File version = 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 343040, File modification date = 04/08/2004 07:56, File description = Windows NT CRT DLL, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1385742533|0xb0fefa816d61ec66aa765ddf534eab5e|
C:\WINDOWS\system32\OLEAUT32.dll, MID = 77120000, ("c:\windows\system32\oleaut32.dll") File version = 5.1.2600.3266, File size = 550912, File modification date = 04/12/2007 18:38, File description = (null), Product Name = (null), Product version = 5.1.2600.3266, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-2001.) |409301632|0x0144abc4c4a624b583d432ee478a711c|
C:\WINDOWS\system32\MSACM32.dll, MID = 77be0000, ("c:\windows\system32\msacm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 71680, File modification date = 04/08/2004 07:56, File description = Microsoft ACM Audio Filter, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1780582686|0x975d12353b1d525c0f3444c447fb3b9a|
C:\WINDOWS\system32\VERSION.dll, MID = 77c00000, ("c:\windows\system32\version.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18944, File modification date = 04/08/2004 07:56, File description = Version Checking and File Installation Libraries, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-807126597|0xd38408967be738d0c1b47005bce8ceeb|
C:\WINDOWS\system32\SHELL32.dll, MID = 7c9c0000, ("c:\windows\system32\shell32.dll") File version = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245), File size = 8460288, File modification date = 26/10/2007 03:34, File description = Windows Shell Common Dll, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3241, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1265059713|0x3be4c2e84d99889685fe2b68e5fa2a9d|
C:\WINDOWS\system32\SHLWAPI.dll, MID = 77f60000, ("c:\windows\system32\shlwapi.dll") File version = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040), File size = 474112, File modification date = 04/01/2007 14:05, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3059, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |360429776|0x7ffe0d795f7138a5487fc90a8ec121e1|
C:\WINDOWS\system32\USERENV.dll, MID = 769c0000, ("c:\windows\system32\userenv.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 723456, File modification date = 04/08/2004 07:56, File description = Userenv, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-59535776|0x2b9b56a89a8a42e917511972a6db36e3|
C:\WINDOWS\system32\UxTheme.dll, MID = 5ad70000, ("c:\windows\system32\uxtheme.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 218624, File modification date = 04/08/2004 07:56, File description = Microsoft UxTheme Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1521061666|0x2cde496666a975a2ce8f969f3042c8db|
C:\WINDOWS\system32\IMM32.DLL, MID = 76390000, ("c:\windows\system32\imm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 110080, File modification date = 04/08/2004 07:56, File description = Windows XP IMM32 API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-43671331|0x87ca7ce6469577f059297b9d6556d66d|
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll, MID = 773d0000, ("c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll") File version = 6.0 (xpsp.060825-0040), File size = 1054208, File modification date = 25/08/2006 15:45, File description = User Experience Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1490442124|0xc4e80875c1cf1222fc5efd0314ae5c01|
C:\WINDOWS\system32\comctl32.dll, MID = 5d090000, ("c:\windows\system32\comctl32.dll") File version = 5.82 (xpsp.060825-0040), File size = 617472, File modification date = 25/08/2006 15:45, File description = Common Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |590308980|0xb0124cb21d28b1c9f678b566b6b57d92|
C:\WINDOWS\system32\NTMARTA.DLL, MID = 77690000, ("c:\windows\system32\ntmarta.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 118784, File modification date = 04/08/2004 07:56, File description = Windows NT MARTA provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1318044394|0xdaa91b358e685fc6cca9aca72be6fe85|
C:\WINDOWS\system32\WLDAP32.dll, MID = 76f60000, ("c:\windows\system32\wldap32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 172032, File modification date = 04/08/2004 07:56, File description = Win32 LDAP API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1605268905|0x10f36fa092d7a309a0647fcdc764ae6c|
C:\WINDOWS\system32\SAMLIB.dll, MID = 71bf0000, ("c:\windows\system32\samlib.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 64000, File modification date = 04/08/2004 07:56, File description = SAM Library DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1039413179|0xebe12f403fde45e7312e7bf764bfb6c6|
c:\windows\system32\rpcss.dll, MID = 76a80000, ("c:\windows\system32\rpcss.dll") File version = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), File size = 397824, File modification date = 26/07/2005 04:39, File description = Distributed COM Services, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2726, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |686546307|0xce94a2bd25e3e9f4d46a7373ff455c6d|
c:\windows\system32\Secur32.dll, MID = 77fe0000, ("c:\windows\system32\secur32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 55808, File modification date = 04/08/2004 07:56, File description = Security Support Provider Interface, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1513275479|0x81459cb8e975003ad28b8abb8dfa8329|
c:\windows\system32\WS2_32.dll, MID = 71ab0000, ("c:\windows\system32\ws2_32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 82944, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1757885354|0x2ed0b7f12a60f90092081c50fa0ec2b2|
c:\windows\system32\WS2HELP.dll, MID = 71aa0000, ("c:\windows\system32\ws2help.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-170042698|0x9beacb911ca61e5881102188ab7fb431|
C:\WINDOWS\system32\xpsp2res.dll, MID = 20000000, ("c:\windows\system32\xpsp2res.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 2897920, File modification date = 04/08/2004 07:56, File description = Service Pack 2 Messages, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |649549229|0x1320aea7057a26a671d9548cc7bebda5|
C:\WINDOWS\system32\CLBCATQ.DLL, MID = 76fd0000, ("c:\windows\system32\clbcatq.dll") File version = 2001.12.4414.308, File size = 498688, File modification date = 26/07/2005 04:39, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |-1645411569|0xec8a848fc4f17f3b3d9da4a0c43fb930|
C:\WINDOWS\system32\COMRes.dll, MID = 77050000, ("c:\windows\system32\comres.dll") File version = 2001.12.4414.258, File size = 792064, File modification date = 04/08/2004 07:56, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |1511175330|0x6728270cb7dbb776ed086f5ac4c82310|
C:\WINDOWS\system32\Apphelp.dll, MID = 77b40000, ("c:\windows\system32\apphelp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 126976, File modification date = 04/08/2004 07:56, File description = Application Compatibility Client Library, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1990618285|0xeca24ab73fcffa754d4070cdb03529e3|
c:\windows\system32\termsrv.dll, MID = 760f0000, ("c:\windows\system32\termsrv.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 295424, File modification date = 04/08/2004 07:56, File description = Terminal Server Service, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |145607454|0xb60c877d16d9c880b952fda04adf16e6|
c:\windows\system32\ICAAPI.dll, MID = 74f70000, ("c:\windows\system32\icaapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 11264, File modification date = 04/08/2004 07:56, File description = DLL Interface to TermDD Device Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1323073775|0x37e7db460a5315e4609b212c6c014527|
c:\windows\system32\SETUPAPI.dll, MID = 77920000, ("c:\windows\system32\setupapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 983552, File modification date = 04/08/2004 07:56, File description = Windows Setup API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |598744909|0x7808313cbc634ee08346d5ddfef1cc5f|
C:\WINDOWS\system32\WINTRUST.dll, MID = 76c30000, ("c:\windows\system32\wintrust.dll") File version = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 176640, File modification date = 04/08/2004 07:56, File description = Microsoft Trust Verification APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.131.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1999501123|0xb015a20c60d2a751777a9c8207a7ba82|
C:\WINDOWS\system32\CRYPT32.dll, MID = 77a80000, ("c:\windows\system32\crypt32.dll") File version = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 597504, File modification date = 04/08/2004 07:56, File description = Crypto API32, Product Name = Microsoft® Windows® Operating System, Product version = 5.131.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1759588438|0xefc958396a7a7ef7e6d4a52b97512e18|
C:\WINDOWS\system32\MSASN1.dll, MID = 77b20000, ("c:\windows\system32\msasn1.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 57344, File modification date = 04/08/2004 07:56, File description = ASN.1 Runtime APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-720210377|0x3cd1ce106ca2a9b4cc626d7df03fbd6f|
C:\WINDOWS\system32\IMAGEHLP.dll, MID = 76c90000, ("c:\windows\system32\imagehlp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 144384, File modification date = 04/08/2004 07:56, File description = Windows NT Image Helper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1900703932|0x5afce94e8286b2f57a04da37f01bf21a|
c:\windows\system32\AUTHZ.dll, MID = 776c0000, ("c:\windows\system32\authz.dll") File version = 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519), File size = 56832, File modification date = 02/03/2005 18:09, File description = Authorization Framework, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2622, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1099216452|0x5c3df25926729ebeef5cc7ff1933b360|
c:\windows\system32\mstlsapi.dll, MID = 75110000, ("c:\windows\system32\mstlsapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 115712, File modification date = 04/08/2004 07:56, File description = Microsoft® Terminal Server Licensing, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1141956624|0xf5ee7cacd1784241f138a5e55b715897|
c:\windows\system32\ACTIVEDS.dll, MID = 77cc0000, ("c:\windows\system32\activeds.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 194048, File modification date = 04/08/2004 07:56, File description = ADs Router Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1367841023|0x875d770f477e0ae0088be1810d537b23|
c:\windows\system32\adsldpc.dll, MID = 76e10000, ("c:\windows\system32\adsldpc.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 143360, File modification date = 04/08/2004 07:56, File description = ADs LDAP Provider C DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-407021944|0x12a581ca44e53b09d24c5b94f252c78d|
C:\WINDOWS\system32\NETAPI32.dll, MID = 5b860000, ("c:\windows\system32\netapi32.dll") File version = 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), File size = 332288, File modification date = 17/08/2006 12:28, File description = Net Win32 API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2976, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |640979505|0x35a4c61b5a9ae04e73843fb21f9a1137|
c:\windows\system32\ATL.DLL, MID = 76b20000, ("c:\windows\system32\atl.dll") File version = 3.05.2284, File size = 58880, File modification date = 04/08/2004 07:56, File description = ATL Module for Windows XP (Unicode), Product Name = Microsoft (R) Visual C++, Product version = 6.05.2284, Company name = Microsoft Corporation (Copyright © Microsoft Corp.) |-391632475|0x2d40edb9bf811590dad7406dec67b926|
C:\WINDOWS\system32\REGAPI.dll, MID = 76bc0000, ("c:\windows\system32\regapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 49664, File modification date = 04/08/2004 07:56, File description = Registry Configuration APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1894453914|0x899ed710fdc37eb7d0115c2932c2b1eb|
C:\WINDOWS\system32\rsaenh.dll, MID = ffd0000, ("c:\windows\system32\rsaenh.dll") File version = 5.1.2600.2161 (xpsp.040706-1629), File size = 152576, File modification date = 04/08/2004 05:31, File description = Microsoft Enhanced Cryptographic Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2161, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1510428990|0x26acbd865f8cff730f1791c4d0854352|
C:\WINDOWS\system32\rdpwsx.dll, MID = 72460000, ("c:\windows\system32\rdpwsx.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 87176, File modification date = 04/08/2004 08:01, File description = RDP Extension DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1455256381|0x8487fcd4daba31132f317b03d168cabd|
C:\WINDOWS\system32\WINSPOOL.DRV, MID = 73000000, ("c:\windows\system32\winspool.drv") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 146432, File modification date = 04/08/2004 07:56, File description = Windows Spooler Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |511192227|0x777eb29d0135d81ad9828a2b05443496|

PROCESS svchost, PID = 964, USER = , Command Line = C:\WINDOWS\system32\svchost -k rpcss
"C:\WINDOWS\system32\svchost.exe" File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 14336, File modification date = 04/08/2004 07:56, File description = Generic Host Process for Win32 Services, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1487710196|0x8f078ae4ed187aaabc0a305146de6716|
"c:\windows\system32\rpcss.dll" File version = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), File size = 397824, File modification date = 26/07/2005 04:39, File description = Distributed COM Services, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2726, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |686546307|0xce94a2bd25e3e9f4d46a7373ff455c6d|
C:\WINDOWS\system32\svchost.exe, MID = 1000000, ("C:\WINDOWS\system32\svchost.exe") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 14336, File modification date = 04/08/2004 07:56, File description = Generic Host Process for Win32 Services, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1487710196|0x8f078ae4ed187aaabc0a305146de6716|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|
C:\WINDOWS\system32\kernel32.dll, MID = 7c800000, ("c:\windows\system32\kernel32.dll") File version = 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301), File size = 984576, File modification date = 16/04/2007 15:52, File description = Windows NT BASE API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3119, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751812395|0xa01f9ca902a88f7ced06884174d6419d|
C:\WINDOWS\system32\ADVAPI32.dll, MID = 77dd0000, ("c:\windows\system32\advapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 616960, File modification date = 04/08/2004 07:56, File description = Advanced Windows 32 Base API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1585065738|0x1aff244ca134956c54474f4e2433e4ce|
C:\WINDOWS\system32\RPCRT4.dll, MID = 77e70000, ("c:\windows\system32\rpcrt4.dll") File version = 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052), File size = 582656, File modification date = 09/07/2007 13:16, File description = Remote Procedure Call Runtime, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3173, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |862413953|0xec9d7fd24172c1879e7673f654e55cec|
C:\WINDOWS\system32\ShimEng.dll, MID = 5cb70000, ("c:\windows\system32\shimeng.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 65536, File modification date = 04/08/2004 07:56, File description = Shim Engine DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1268187735|0x43da983415ea533f9e667fdb415f4655|
C:\WINDOWS\AppPatch\AcGenral.DLL, MID = 6f880000, ("c:\windows\apppatch\acgenral.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 1852416, File modification date = 04/08/2004 07:56, File description = Windows Compatibility DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1968887141|0xfb537f29a827d78f756154cf397a113f|
C:\WINDOWS\system32\USER32.dll, MID = 7e410000, ("c:\windows\system32\user32.dll") File version = 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), File size = 577536, File modification date = 08/03/2007 15:36, File description = Windows XP USER API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3099, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-550357050|0xb409909f6e2e8a7067076ed748abf1e7|
C:\WINDOWS\system32\GDI32.dll, MID = 77f10000, ("c:\windows\system32\gdi32.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 282624, File modification date = 20/02/2008 06:51, File description = GDI Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |404757280|0x011fc443e31e3d51b238564bc499b9b1|
C:\WINDOWS\system32\WINMM.dll, MID = 76b40000, ("c:\windows\system32\winmm.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 176128, File modification date = 04/08/2004 07:56, File description = MCI API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |305547002|0x90fdaa22f38d9e911f91fa3b8a1f7e5d|
C:\WINDOWS\system32\ole32.dll, MID = 774e0000, ("c:\windows\system32\ole32.dll") File version = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), File size = 1285120, File modification date = 26/07/2005 04:39, File description = Microsoft OLE for Windows, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2726, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1389208961|0xab8231d13692ac5088eb9c226b0c0576|
C:\WINDOWS\system32\msvcrt.dll, MID = 77c10000, ("c:\windows\system32\msvcrt.dll") File version = 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 343040, File modification date = 04/08/2004 07:56, File description = Windows NT CRT DLL, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1385742533|0xb0fefa816d61ec66aa765ddf534eab5e|
C:\WINDOWS\system32\OLEAUT32.dll, MID = 77120000, ("c:\windows\system32\oleaut32.dll") File version = 5.1.2600.3266, File size = 550912, File modification date = 04/12/2007 18:38, File description = (null), Product Name = (null), Product version = 5.1.2600.3266, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-2001.) |409301632|0x0144abc4c4a624b583d432ee478a711c|
C:\WINDOWS\system32\MSACM32.dll, MID = 77be0000, ("c:\windows\system32\msacm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 71680, File modification date = 04/08/2004 07:56, File description = Microsoft ACM Audio Filter, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1780582686|0x975d12353b1d525c0f3444c447fb3b9a|
C:\WINDOWS\system32\VERSION.dll, MID = 77c00000, ("c:\windows\system32\version.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18944, File modification date = 04/08/2004 07:56, File description = Version Checking and File Installation Libraries, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-807126597|0xd38408967be738d0c1b47005bce8ceeb|
C:\WINDOWS\system32\SHELL32.dll, MID = 7c9c0000, ("c:\windows\system32\shell32.dll") File version = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245), File size = 8460288, File modification date = 26/10/2007 03:34, File description = Windows Shell Common Dll, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3241, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1265059713|0x3be4c2e84d99889685fe2b68e5fa2a9d|
C:\WINDOWS\system32\SHLWAPI.dll, MID = 77f60000, ("c:\windows\system32\shlwapi.dll") File version = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040), File size = 474112, File modification date = 04/01/2007 14:05, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3059, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |360429776|0x7ffe0d795f7138a5487fc90a8ec121e1|
C:\WINDOWS\system32\USERENV.dll, MID = 769c0000, ("c:\windows\system32\userenv.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 723456, File modification date = 04/08/2004 07:56, File description = Userenv, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-59535776|0x2b9b56a89a8a42e917511972a6db36e3|
C:\WINDOWS\system32\UxTheme.dll, MID = 5ad70000, ("c:\windows\system32\uxtheme.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 218624, File modification date = 04/08/2004 07:56, File description = Microsoft UxTheme Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1521061666|0x2cde496666a975a2ce8f969f3042c8db|
C:\WINDOWS\system32\IMM32.DLL, MID = 76390000, ("c:\windows\system32\imm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 110080, File modification date = 04/08/2004 07:56, File description = Windows XP IMM32 API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-43671331|0x87ca7ce6469577f059297b9d6556d66d|
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll, MID = 773d0000, ("c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll") File version = 6.0 (xpsp.060825-0040), File size = 1054208, File modification date = 25/08/2006 15:45, File description = User Experience Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1490442124|0xc4e80875c1cf1222fc5efd0314ae5c01|
C:\WINDOWS\system32\comctl32.dll, MID = 5d090000, ("c:\windows\system32\comctl32.dll") File version = 5.82 (xpsp.060825-0040), File size = 617472, File modification date = 25/08/2006 15:45, File description = Common Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |590308980|0xb0124cb21d28b1c9f678b566b6b57d92|
c:\windows\system32\rpcss.dll, MID = 76a80000, ("c:\windows\system32\rpcss.dll") File version = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), File size = 397824, File modification date = 26/07/2005 04:39, File description = Distributed COM Services, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2726, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |686546307|0xce94a2bd25e3e9f4d46a7373ff455c6d|
c:\windows\system32\Secur32.dll, MID = 77fe0000, ("c:\windows\system32\secur32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 55808, File modification date = 04/08/2004 07:56, File description = Security Support Provider Interface, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1513275479|0x81459cb8e975003ad28b8abb8dfa8329|
c:\windows\system32\WS2_32.dll, MID = 71ab0000, ("c:\windows\system32\ws2_32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 82944, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1757885354|0x2ed0b7f12a60f90092081c50fa0ec2b2|
c:\windows\system32\WS2HELP.dll, MID = 71aa0000, ("c:\windows\system32\ws2help.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-170042698|0x9beacb911ca61e5881102188ab7fb431|
C:\WINDOWS\system32\xpsp2res.dll, MID = 20000000, ("c:\windows\system32\xpsp2res.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 2897920, File modification date = 04/08/2004 07:56, File description = Service Pack 2 Messages, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |649549229|0x1320aea7057a26a671d9548cc7bebda5|
C:\WINDOWS\system32\rsaenh.dll, MID = ffd0000, ("c:\windows\system32\rsaenh.dll") File version = 5.1.2600.2161 (xpsp.040706-1629), File size = 152576, File modification date = 04/08/2004 05:31, File description = Microsoft Enhanced Cryptographic Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2161, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1510428990|0x26acbd865f8cff730f1791c4d0854352|
C:\WINDOWS\system32\mswsock.dll, MID = 71a50000, ("c:\windows\system32\mswsock.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 245248, File modification date = 04/08/2004 07:56, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-500132976|0x4e74af063c3271fbea20dd940cfd1184|
C:\WINDOWS\system32\hnetcfg.dll, MID = 662b0000, ("c:\windows\system32\hnetcfg.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 344064, File modification date = 04/08/2004 07:56, File description = Home Networking Configuration Manager, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1827756751|0x765b30c776a1780b46b479fe614f707c|
C:\WINDOWS\System32\wshtcpip.dll, MID = 71a90000, ("c:\windows\system32\wshtcpip.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Sockets Helper DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1198735131|0xa7f95a53ee055115df03588997a47d4d|
C:\WINDOWS\system32\DNSAPI.dll, MID = 76f20000, ("c:\windows\system32\dnsapi.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 148992, File modification date = 20/02/2008 05:32, File description = DNS Client API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-373327215|0x4ff71085babae623f3fee11e1f86d9cd|
C:\WINDOWS\system32\iphlpapi.dll, MID = 76d60000, ("c:\windows\system32\iphlpapi.dll") File version = 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), File size = 94720, File modification date = 19/05/2006 12:59, File description = IP Helper API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2912, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |858262452|0x011eacf9153ef90e6cbce2987acae411|
C:\WINDOWS\System32\winrnr.dll, MID = 76fb0000, ("c:\windows\system32\winrnr.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 16896, File modification date = 04/08/2004 07:56, File description = LDAP RnR Provider DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-199904513|0x2c8fdb176f22629ea5342db474fac391|
C:\WINDOWS\system32\WLDAP32.dll, MID = 76f60000, ("c:\windows\system32\wldap32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 172032, File modification date = 04/08/2004 07:56, File description = Win32 LDAP API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1605268905|0x10f36fa092d7a309a0647fcdc764ae6c|
C:\WINDOWS\system32\rasadhlp.dll, MID = 76fc0000, ("c:\windows\system32\rasadhlp.dll") File version = 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020), File size = 8192, File modification date = 26/06/2006 17:37, File description = Remote Access AutoDial Helper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2938, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-27266821|0x5f098bd2ae6b03044b085decffdf91ec|
C:\WINDOWS\system32\CLBCATQ.DLL, MID = 76fd0000, ("c:\windows\system32\clbcatq.dll") File version = 2001.12.4414.308, File size = 498688, File modification date = 26/07/2005 04:39, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |-1645411569|0xec8a848fc4f17f3b3d9da4a0c43fb930|
C:\WINDOWS\system32\COMRes.dll, MID = 77050000, ("c:\windows\system32\comres.dll") File version = 2001.12.4414.258, File size = 792064, File modification date = 04/08/2004 07:56, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |1511175330|0x6728270cb7dbb776ed086f5ac4c82310|
C:\WINDOWS\system32\msi.dll, MID = 7d1e0000, ("c:\windows\system32\msi.dll") File version = 3.1.4000.4039, File size = 2854400, File modification date = 18/04/2007 16:12, File description = Windows Installer, Product Name = Windows Installer - Unicode, Product version = 3.1.4000.4039, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |362880996|0x892f4bc54d486feb4df03e4e2ecb14e0|

PROCESS svchost, PID = 1060, USER = NT AUTHORITY\SYSTEM (Group - BUILTIN\Administrators, Everyone, NT AUTHORITY\Authenticated Users), Command Line = C:\WINDOWS\System32\svchost.exe -k netsvcs
"C:\WINDOWS\system32\svchost.exe" File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 14336, File modification date = 04/08/2004 07:56, File description = Generic Host Process for Win32 Services, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1487710196|0x8f078ae4ed187aaabc0a305146de6716|
C:\WINDOWS\System32\svchost.exe, MID = 1000000, ("C:\WINDOWS\system32\svchost.exe") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 14336, File modification date = 04/08/2004 07:56, File description = Generic Host Process for Win32 Services, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1487710196|0x8f078ae4ed187aaabc0a305146de6716|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|
C:\WINDOWS\system32\kernel32.dll, MID = 7c800000, ("c:\windows\system32\kernel32.dll") File version = 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301), File size = 984576, File modification date = 16/04/2007 15:52, File description = Windows NT BASE API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3119, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751812395|0xa01f9ca902a88f7ced06884174d6419d|
C:\WINDOWS\system32\ADVAPI32.dll, MID = 77dd0000, ("c:\windows\system32\advapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 616960, File modification date = 04/08/2004 07:56, File description = Advanced Windows 32 Base API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1585065738|0x1aff244ca134956c54474f4e2433e4ce|
C:\WINDOWS\system32\RPCRT4.dll, MID = 77e70000, ("c:\windows\system32\rpcrt4.dll") File version = 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052), File size = 582656, File modification date = 09/07/2007 13:16, File description = Remote Procedure Call Runtime, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3173, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |862413953|0xec9d7fd24172c1879e7673f654e55cec|
C:\WINDOWS\System32\ShimEng.dll, MID = 5cb70000, ("c:\windows\system32\shimeng.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 65536, File modification date = 04/08/2004 07:56, File description = Shim Engine DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1268187735|0x43da983415ea533f9e667fdb415f4655|
C:\WINDOWS\AppPatch\AcGenral.DLL, MID = 6f880000, ("c:\windows\apppatch\acgenral.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 1852416, File modification date = 04/08/2004 07:56, File description = Windows Compatibility DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1968887141|0xfb537f29a827d78f756154cf397a113f|
C:\WINDOWS\system32\USER32.dll, MID = 7e410000, ("c:\windows\system32\user32.dll") File version = 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), File size = 577536, File modification date = 08/03/2007 15:36, File description = Windows XP USER API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3099, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-550357050|0xb409909f6e2e8a7067076ed748abf1e7|
C:\WINDOWS\system32\GDI32.dll, MID = 77f10000, ("c:\windows\system32\gdi32.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 282624, File modification date = 20/02/2008 06:51, File description = GDI Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |404757280|0x011fc443e31e3d51b238564bc499b9b1|
C:\WINDOWS\System32\WINMM.dll, MID = 76b40000, ("c:\windows\system32\winmm.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 176128, File modification date = 04/08/2004 07:56, File description = MCI API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |305547002|0x90fdaa22f38d9e911f91fa3b8a1f7e5d|
C:\WINDOWS\system32\ole32.dll, MID = 774e0000, ("c:\windows\system32\ole32.dll") File version = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), File size = 1285120, File modification date = 26/07/2005 04:39, File description = Microsoft OLE for Windows, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2726, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1389208961|0xab8231d13692ac5088eb9c226b0c0576|
C:\WINDOWS\system32\msvcrt.dll, MID = 77c10000, ("c:\windows\system32\msvcrt.dll") File version = 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 343040, File modification date = 04/08/2004 07:56, File description = Windows NT CRT DLL, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1385742533|0xb0fefa816d61ec66aa765ddf534eab5e|
C:\WINDOWS\system32\OLEAUT32.dll, MID = 77120000, ("c:\windows\system32\oleaut32.dll") File version = 5.1.2600.3266, File size = 550912, File modification date = 04/12/2007 18:38, File description = (null), Product Name = (null), Product version = 5.1.2600.3266, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-2001.) |409301632|0x0144abc4c4a624b583d432ee478a711c|
C:\WINDOWS\System32\MSACM32.dll, MID = 77be0000, ("c:\windows\system32\msacm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 71680, File modification date = 04/08/2004 07:56, File description = Microsoft ACM Audio Filter, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1780582686|0x975d12353b1d525c0f3444c447fb3b9a|
C:\WINDOWS\system32\VERSION.dll, MID = 77c00000, ("c:\windows\system32\version.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18944, File modification date = 04/08/2004 07:56, File description = Version Checking and File Installation Libraries, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-807126597|0xd38408967be738d0c1b47005bce8ceeb|
C:\WINDOWS\system32\SHELL32.dll, MID = 7c9c0000, ("c:\windows\system32\shell32.dll") File version = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245), File size = 8460288, File modification date = 26/10/2007 03:34, File description = Windows Shell Common Dll, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3241, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1265059713|0x3be4c2e84d99889685fe2b68e5fa2a9d|
C:\WINDOWS\system32\SHLWAPI.dll, MID = 77f60000, ("c:\windows\system32\shlwapi.dll") File version = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040), File size = 474112, File modification date = 04/01/2007 14:05, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3059, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |360429776|0x7ffe0d795f7138a5487fc90a8ec121e1|
C:\WINDOWS\system32\USERENV.dll, MID = 769c0000, ("c:\windows\system32\userenv.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 723456, File modification date = 04/08/2004 07:56, File description = Userenv, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-59535776|0x2b9b56a89a8a42e917511972a6db36e3|
C:\WINDOWS\System32\UxTheme.dll, MID = 5ad70000, ("c:\windows\system32\uxtheme.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 218624, File modification date = 04/08/2004 07:56, File description = Microsoft UxTheme Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1521061666|0x2cde496666a975a2ce8f969f3042c8db|
C:\WINDOWS\system32\IMM32.DLL, MID = 76390000, ("c:\windows\system32\imm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 110080, File modification date = 04/08/2004 07:56, File description = Windows XP IMM32 API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-43671331|0x87ca7ce6469577f059297b9d6556d66d|
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll, MID = 773d0000, ("c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll") File version = 6.0 (xpsp.060825-0040), File size = 1054208, File modification date = 25/08/2006 15:45, File description = User Experience Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1490442124|0xc4e80875c1cf1222fc5efd0314ae5c01|
C:\WINDOWS\system32\comctl32.dll, MID = 5d090000, ("c:\windows\system32\comctl32.dll") File version = 5.82 (xpsp.060825-0040), File size = 617472, File modification date = 25/08/2006 15:45, File description = Common Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |590308980|0xb0124cb21d28b1c9f678b566b6b57d92|
C:\WINDOWS\System32\NTMARTA.DLL, MID = 77690000, ("c:\windows\system32\ntmarta.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 118784, File modification date = 04/08/2004 07:56, File description = Windows NT MARTA provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1318044394|0xdaa91b358e685fc6cca9aca72be6fe85|
C:\WINDOWS\system32\WLDAP32.dll, MID = 76f60000, ("c:\windows\system32\wldap32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 172032, File modification date = 04/08/2004 07:56, File description = Win32 LDAP API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1605268905|0x10f36fa092d7a309a0647fcdc764ae6c|
C:\WINDOWS\System32\SAMLIB.dll, MID = 71bf0000, ("c:\windows\system32\samlib.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 64000, File modification date = 04/08/2004 07:56, File description = SAM Library DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1039413179|0xebe12f403fde45e7312e7bf764bfb6c6|
C:\WINDOWS\System32\xpsp2res.dll, MID = 20000000, ("c:\windows\system32\xpsp2res.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 2897920, File modification date = 04/08/2004 07:56, File description = Service Pack 2 Messages, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |649549229|0x1320aea7057a26a671d9548cc7bebda5|
c:\windows\system32\shsvcs.dll, MID = 776e0000, ("c:\windows\system32\shsvcs.dll") File version = 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316), File size = 134656, File modification date = 19/12/2006 21:52, File description = Windows Shell Services Dll, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3051, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1044733352|0x6815def9b810aefac107eeaf72da6f82|
C:\WINDOWS\System32\WINSTA.dll, MID = 76360000, ("c:\windows\system32\winsta.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 53760, File modification date = 04/08/2004 07:56, File description = Winstation Library, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1778901481|0x7bc4ba4c33adf3ef5cd370d99bc60b04|
C:\WINDOWS\system32\NETAPI32.dll, MID = 5b860000, ("c:\windows\system32\netapi32.dll") File version = 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), File size = 332288, File modification date = 17/08/2006 12:28, File description = Net Win32 API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2976, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |640979505|0x35a4c61b5a9ae04e73843fb21f9a1137|
c:\windows\system32\dhcpcsvc.dll, MID = 76d80000, ("c:\windows\system32\dhcpcsvc.dll") File version = 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), File size = 111616, File modification date = 19/05/2006 12:59, File description = DHCP Client Service, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2912, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-631723705|0xef545e1a4b043da4c84e230dd471c55f|
c:\windows\system32\DNSAPI.dll, MID = 76f20000, ("c:\windows\system32\dnsapi.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 148992, File modification date = 20/02/2008 05:32, File description = DNS Client API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-373327215|0x4ff71085babae623f3fee11e1f86d9cd|
c:\windows\system32\WS2_32.dll, MID = 71ab0000, ("c:\windows\system32\ws2_32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 82944, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1757885354|0x2ed0b7f12a60f90092081c50fa0ec2b2|
c:\windows\system32\WS2HELP.dll, MID = 71aa0000, ("c:\windows\system32\ws2help.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-170042698|0x9beacb911ca61e5881102188ab7fb431|
c:\windows\system32\iphlpapi.dll, MID = 76d60000, ("c:\windows\system32\iphlpapi.dll") File version = 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), File size = 94720, File modification date = 19/05/2006 12:59, File description = IP Helper API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2912, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |858262452|0x011eacf9153ef90e6cbce2987acae411|
c:\windows\system32\Secur32.dll, MID = 77fe0000, ("c:\windows\system32\secur32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 55808, File modification date = 04/08/2004 07:56, File description = Security Support Provider Interface, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1513275479|0x81459cb8e975003ad28b8abb8dfa8329|
C:\WINDOWS\System32\rsaenh.dll, MID = ffd0000, ("c:\windows\system32\rsaenh.dll") File version = 5.1.2600.2161 (xpsp.040706-1629), File size = 152576, File modification date = 04/08/2004 05:31, File description = Microsoft Enhanced Cryptographic Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2161, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1510428990|0x26acbd865f8cff730f1791c4d0854352|
C:\WINDOWS\system32\mswsock.dll, MID = 71a50000, ("c:\windows\system32\mswsock.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 245248, File modification date = 04/08/2004 07:56, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-500132976|0x4e74af063c3271fbea20dd940cfd1184|
c:\windows\system32\wzcsvc.dll, MID = 77620000, ("c:\windows\system32\wzcsvc.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 359936, File modification date = 04/08/2004 07:56, File description = Wireless Zero Configuration Service, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |938831974|0x5a91e6feab9f901302fa7ff768c0120f|
c:\windows\system32\rtutils.dll, MID = 76e80000, ("c:\windows\system32\rtutils.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 44032, File modification date = 04/08/2004 07:56, File description = Routing Utilities, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1152776202|0x2030fa027e7c3e0a145649c03171457b|
c:\windows\system32\WMI.dll, MID = 76d30000, ("c:\windows\system32\wmi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 5632, File modification date = 04/08/2004 07:56, File description = WMI DC and DP functionality, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-951655164|0xe682696d7f982494a8cfc80c5b59d422|
C:\WINDOWS\system32\CRYPT32.dll, MID = 77a80000, ("c:\windows\system32\crypt32.dll") File version = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 597504, File modification date = 04/08/2004 07:56, File description = Crypto API32, Product Name = Microsoft® Windows® Operating System, Product version = 5.131.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1759588438|0xefc958396a7a7ef7e6d4a52b97512e18|
C:\WINDOWS\system32\MSASN1.dll, MID = 77b20000, ("c:\windows\system32\msasn1.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 57344, File modification date = 04/08/2004 07:56, File description = ASN.1 Runtime APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-720210377|0x3cd1ce106ca2a9b4cc626d7df03fbd6f|
c:\windows\system32\WTSAPI32.dll, MID = 76f50000, ("c:\windows\system32\wtsapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18432, File modification date = 04/08/2004 07:56, File description = Windows Terminal Server SDK APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-593757918|0x67f2d109ab373feceb819f420db11f03|
c:\windows\system32\ESENT.dll, MID = 606b0000, ("c:\windows\system32\esent.dll") File version = 5.1.2600.2780 (xpsp_sp2_gdr.051019-1518), File size = 1082368, File modification date = 20/10/2005 22:20, File description = Server Database Storage Engine, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2780, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1261604804|0x50de118da580208b914b40dd47c90d52|
c:\windows\system32\ATL.DLL, MID = 76b20000, ("c:\windows\system32\atl.dll") File version = 3.05.2284, File size = 58880, File modification date = 04/08/2004 07:56, File description = ATL Module for Windows XP (Unicode), Product Name = Microsoft (R) Visual C++, Product version = 6.05.2284, Company name = Microsoft Corporation (Copyright © Microsoft Corp.) |-391632475|0x2d40edb9bf811590dad7406dec67b926|
C:\WINDOWS\System32\hnetcfg.dll, MID = 662b0000, ("c:\windows\system32\hnetcfg.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 344064, File modification date = 04/08/2004 07:56, File description = Home Networking Configuration Manager, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1827756751|0x765b30c776a1780b46b479fe614f707c|
C:\WINDOWS\System32\wshtcpip.dll, MID = 71a90000, ("c:\windows\system32\wshtcpip.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Sockets Helper DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1198735131|0xa7f95a53ee055115df03588997a47d4d|
C:\WINDOWS\System32\rastls.dll, MID = 76b70000, ("c:\windows\system32\rastls.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 112128, File modification date = 04/08/2004 07:56, File description = Remote Access PPP EAP-TLS, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1879357242|0xadeac063a3757e8fbc242bb4414d632b|
C:\WINDOWS\system32\CRYPTUI.dll, MID = 754d0000, ("c:\windows\system32\cryptui.dll") File version = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 512512, File modification date = 04/08/2004 07:56, File description = Microsoft Trust UI Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.131.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-766179891|0x4ac302bf714dc163e685d0a187a36d0f|
C:\WINDOWS\system32\WINTRUST.dll, MID = 76c30000, ("c:\windows\system32\wintrust.dll") File version = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 176640, File modification date = 04/08/2004 07:56, File description = Microsoft Trust Verification APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.131.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1999501123|0xb015a20c60d2a751777a9c8207a7ba82|
C:\WINDOWS\system32\IMAGEHLP.dll, MID = 76c90000, ("c:\windows\system32\imagehlp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 144384, File modification date = 04/08/2004 07:56, File description = Windows NT Image Helper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1900703932|0x5afce94e8286b2f57a04da37f01bf21a|
C:\WINDOWS\system32\WININET.dll, MID = 42c10000, ("c:\windows\system32\wininet.dll") File version = 7.00.6000.16640 (vista_gdr.080213-1606), File size = 826368, File modification date = 01/03/2008 13:06, File description = Internet Extensions for Win32, Product Name = Windows® Internet Explorer, Product version = 7.00.6000.16640, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1720921237|0xad21461aef8244edec2ef18e55e1dcf3|
C:\WINDOWS\system32\Normaliz.dll, MID = c50000, ("c:\windows\system32\normaliz.dll") File version = 6.0.5441.0 (winmain(wmbla).060628-1735), File size = 23552, File modification date = 29/06/2006 16:05, File description = Unicode Normalization DLL, Product Name = Microsoft® Windows® Operating System, Product version = 6.0.5441.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-2140978042|0x10753a3adc3e39a3b10cc3f08e98e6b4|
C:\WINDOWS\system32\iertutil.dll, MID = 42990000, ("c:\windows\system32\iertutil.dll") File version = 7.00.6000.16640 (vista_gdr.080213-1606), File size = 267776, File modification date = 01/03/2008 13:06, File description = Run time utility for Internet Explorer, Product Name = Windows® Internet Explorer, Product version = 7.00.6000.16640, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1890308121|0x4926de4ab9c86e8b295e7e6797b97782|
C:\WINDOWS\System32\MPRAPI.dll, MID = 76d40000, ("c:\windows\system32\mprapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 87040, File modification date = 04/08/2004 07:56, File description = Windows NT MP Router Administration DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-773549397|0x9f78f329b1858e845087b923b4dba0f3|
C:\WINDOWS\System32\ACTIVEDS.dll, MID = 77cc0000, ("c:\windows\system32\activeds.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 194048, File modification date = 04/08/2004 07:56, File description = ADs Router Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1367841023|0x875d770f477e0ae0088be1810d537b23|
C:\WINDOWS\System32\adsldpc.dll, MID = 76e10000, ("c:\windows\system32\adsldpc.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 143360, File modification date = 04/08/2004 07:56, File description = ADs LDAP Provider C DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-407021944|0x12a581ca44e53b09d24c5b94f252c78d|
C:\WINDOWS\System32\SETUPAPI.dll, MID = 77920000, ("c:\windows\system32\setupapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 983552, File modification date = 04/08/2004 07:56, File description = Windows Setup API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |598744909|0x7808313cbc634ee08346d5ddfef1cc5f|
C:\WINDOWS\System32\RASAPI32.dll, MID = 76ee0000, ("c:\windows\system32\rasapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 236544, File modification date = 04/08/2004 07:56, File description = Remote Access API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1254576566|0xcd1f7ed9842138beadf9ecbf37818bef|
C:\WINDOWS\System32\rasman.dll, MID = 76e90000, ("c:\windows\system32\rasman.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 61440, File modification date = 04/08/2004 07:56, File description = Remote Access Connection Manager, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2077112344|0x30e244a707e6ce0a4b099cd6384ec6ca|
C:\WINDOWS\System32\TAPI32.dll, MID = 76eb0000, ("c:\windows\system32\tapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 181760, File modification date = 04/08/2004 07:56, File description = Microsoft® Windows(TM) Telephony API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1409471214|0x6307a1b82f6ca87d7e0cdf49e6e7bc00|
C:\WINDOWS\System32\SCHANNEL.dll, MID = 767f0000, ("c:\windows\system32\schannel.dll") File version = 5.1.2600.3126 (xpsp_sp2_gdr.070425-0226), File size = 144896, File modification date = 25/04/2007 14:21, File description = TLS / SSL Security Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3126, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-925933115|0x532ea80e9f5452928f8426653215be29|
C:\WINDOWS\System32\WinSCard.dll, MID = 723d0000, ("c:\windows\system32\winscard.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 99328, File modification date = 04/08/2004 07:56, File description = Microsoft Smart Card API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |261861770|0x7bcb23fa39ce266af4347a6beab60f8c|
C:\WINDOWS\System32\raschap.dll, MID = 76bd0000, ("c:\windows\system32\raschap.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 69632, File modification date = 04/08/2004 07:56, File description = Remote Access PPP CHAP, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-829354522|0x1b0f0fc350c77b62a4b927810e53b2bf|
C:\WINDOWS\system32\msv1_0.dll, MID = 77c70000, ("c:\windows\system32\msv1_0.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 129536, File modification date = 04/08/2004 07:56, File description = Microsoft Authentication Package v1.0, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1862327760|0x77c41f9146450c89534704a75836ce56|
C:\WINDOWS\System32\CLBCATQ.DLL, MID = 76fd0000, ("c:\windows\system32\clbcatq.dll") File version = 2001.12.4414.308, File size = 498688, File modification date = 26/07/2005 04:39, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |-1645411569|0xec8a848fc4f17f3b3d9da4a0c43fb930|
C:\WINDOWS\System32\COMRes.dll, MID = 77050000, ("c:\windows\system32\comres.dll") File version = 2001.12.4414.258, File size = 792064, File modification date = 04/08/2004 07:56, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |1511175330|0x6728270cb7dbb776ed086f5ac4c82310|
c:\windows\system32\schedsvc.dll, MID = 77300000, ("c:\windows\system32\schedsvc.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 190976, File modification date = 04/08/2004 07:56, File description = Task Scheduler Engine, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |714719441|0x92360854316611f6cc471612213c3d92|
c:\windows\system32\NTDSAPI.dll, MID = 767a0000, ("c:\windows\system32\ntdsapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 67072, File modification date = 04/08/2004 07:56, File description = NT5DS, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-639436442|0x6201bacf384292a5fe94ce73364ae53a|
C:\WINDOWS\System32\MSIDLE.DLL, MID = 74f50000, ("c:\windows\system32\msidle.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 6656, File modification date = 04/08/2004 07:56, File description = User Idle Monitor, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1108824771|0x249817f51c84d283e96e6b2580d21ffd|
c:\windows\system32\audiosrv.dll, MID = 708b0000, ("c:\windows\system32\audiosrv.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 42496, File modification date = 04/08/2004 07:56, File description = Windows Audio Service, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |471518947|0xdb66db626e4882ebef55f136f12c1829|
c:\windows\system32\wkssvc.dll, MID = 76e40000, ("c:\windows\system32\wkssvc.dll") File version = 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), File size = 132096, File modification date = 17/08/2006 12:28, File description = Workstation Service DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2976, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1801413526|0x3cd291a2c4909088b3d1e98ded73d4b2|
C:\WINDOWS\system32\Apphelp.dll, MID = 77b40000, ("c:\windows\system32\apphelp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 126976, File modification date = 04/08/2004 07:56, File description = Application Compatibility Client Library, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1990618285|0xeca24ab73fcffa754d4070cdb03529e3|
c:\windows\system32\cryptsvc.dll, MID = 76ce0000, ("c:\windows\system32\cryptsvc.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 60416, File modification date = 04/08/2004 07:56, File description = Cryptographic Services, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1153323222|0x10654f9ddcea9c46cfb77554231be73b|
c:\windows\system32\certcli.dll, MID = 77b90000, ("c:\windows\system32\certcli.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 194560, File modification date = 04/08/2004 07:56, File description = Microsoft® Certificate Services Client, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-325993606|0xad44c5bc21213f394f6afcb55cc39293|
c:\windows\pchealth\helpctr\binaries\pchsvc.dll, MID = 74f40000, ("c:\windows\pchealth\helpctr\binaries\pchsvc.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 38912, File modification date = 04/08/2004 07:56, File description = Microsoft PCHealth Service Holder, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |911271299|0x8827911a8c37e40c027cbfc88e69d967|
c:\windows\system32\es.dll, MID = 77710000, ("c:\windows\system32\es.dll") File version = 2001.12.4414.308, File size = 243200, File modification date = 26/07/2005 04:39, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |-1557828603|0x34bbd9acc1538818f2c878898c64e793|
c:\windows\system32\ersvc.dll, MID = 74f80000, ("c:\windows\system32\ersvc.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 23040, File modification date = 04/08/2004 07:56, File description = Windows Error Reporting Service, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1636360801|0x67dff7bbbd0e80aab7b3cf061448db8a|
c:\windows\system32\dmserver.dll, MID = 74f90000, ("c:\windows\system32\dmserver.dll") File version = 2600.2180.503.0, File size = 23552, File modification date = 04/08/2004 07:56, File description = Logical Disk Manager service dll, Product Name = Logical Disk Manager for Windows NT, Product version = 1.0, Company name = Microsoft Corp. (Copyright© 1985-2000 Microsoft Corp. All rights reserved.) |2105044408|0x1639d9964c9e1b2ecca95c8217d3e70d|
c:\windows\system32\netman.dll, MID = 77d00000, ("c:\windows\system32\netman.dll") File version = 5.1.2600.2743 (xpsp_sp2_gdr.050819-1525), File size = 197632, File modification date = 22/08/2005 18:29, File description = Network Connections Manager, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2743, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1232749318|0x36739b39267914ba69ad0610a0299732|
c:\windows\system32\netshell.dll, MID = 76400000, ("c:\windows\system32\netshell.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 1708032, File modification date = 04/08/2004 07:56, File description = Network Connections Shell, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1386605063|0xbf52a4d4eb4cfb3109667e429b93e21a|
c:\windows\system32\credui.dll, MID = 76c00000, ("c:\windows\system32\credui.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 163840, File modification date = 04/08/2004 07:56, File description = Credential Manager User Interface, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1059992429|0x1ecb753d7ceec8f5a94c9781ca64ec44|
c:\windows\system32\WZCSAPI.DLL, MID = 73030000, ("c:\windows\system32\wzcsapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 51712, File modification date = 04/08/2004 07:56, File description = Wireless Zero Configuration service API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-401053696|0x9a9bbc71d0ebcd400a33abcd5f0ab39c|
c:\windows\system32\srvsvc.dll, MID = 75090000, ("c:\windows\system32\srvsvc.dll") File version = 5.1.2600.2577 (xpsp_sp2_gdr.041130-1729), File size = 96768, File modification date = 07/12/2004 19:32, File description = Server Service DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2577, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-917184272|0x0cb3af149a0bac0836022ca307c7a0f8|
c:\windows\system32\srsvc.dll, MID = 751a0000, ("c:\windows\system32\srsvc.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 170496, File modification date = 04/08/2004 07:56, File description = System Restore Service, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |78040135|0x92bdf74f12d6cbec43c94d4b7f804838|
c:\windows\system32\POWRPROF.dll, MID = 74ad0000, ("c:\windows\system32\powrprof.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 17408, File modification date = 04/08/2004 07:56, File description = Power Profile Helper DLL, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |527595151|0x1b5f6923abb450692e9fe0672c897aed|
c:\windows\system32\sens.dll, MID = 722d0000, ("c:\windows\system32\sens.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 38912, File modification date = 04/08/2004 07:56, File description = System Event Notification Service (SENS), Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-352171950|0xdfd9870cf39c791d86c4c209da9fa919|
c:\windows\system32\seclogon.dll, MID = 73d20000, ("c:\windows\system32\seclogon.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18944, File modification date = 04/08/2004 07:56, File description = Secondary Logon Service DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-838640252|0xb1e0ce09895376871746f36dc5773b4f|
c:\windows\system32\trkwks.dll, MID = 75070000, ("c:\windows\system32\trkwks.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 90624, File modification date = 04/08/2004 07:56, File description = Distributed Link Tracking Client, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-772844414|0x6d9ac544b30f96c57f8206566c1fb6a1|
c:\windows\system32\w32time.dll, MID = 767c0000, ("c:\windows\system32\w32time.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 174592, File modification date = 04/08/2004 07:56, File description = Windows Time Service, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |128142632|0x2b281958f5d0cf99ed626e3ef39d5c8d|
c:\windows\system32\MSVCP60.dll, MID = 76080000, ("c:\windows\system32\msvcp60.dll") File version = 6.02.3104.0, File size = 413696, File modification date = 04/08/2004 07:56, File description = Microsoft (R) C++ Runtime Library, Product Name = Microsoft (R) Visual C++, Product version = 6.02.3104.0, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1998) |-817830461|0x1f57eb5b92b2ac7f9d71a77d184d8c13|
c:\windows\system32\wbem\wmisvc.dll, MID = 59490000, ("c:\windows\system32\wbem\wmisvc.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 144896, File modification date = 04/08/2004 07:56, File description = WMI, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-321655979|0xf399242a80c4066fd155efa4cf96658e|
C:\WINDOWS\system32\VSSAPI.DLL, MID = 753e0000, ("c:\windows\system32\vssapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 430592, File modification date = 04/08/2004 07:56, File description = Microsoft® Volume Shadow Copy Requestor/Writer Services API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1264742043|0x79dabb124d00adf19852ae879c201890|
c:\windows\system32\browser.dll, MID = 76da0000, ("c:\windows\system32\browser.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 77312, File modification date = 04/08/2004 07:56, File description = Computer Browser Service DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |770530977|0xe3cfccdda4edd1d0dc9168b2e18f27b8|
c:\windows\system32\wuauserv.dll, MID = 50000000, ("c:\windows\system32\wuauserv.dll") File version = 5.4.3790.2180 (xpsp_sp2_rtm.040803-2158), File size = 6656, File modification date = 04/08/2004 07:56, File description = Windows Update AutoUpdate Service, Product Name = Microsoft® Windows® Operating System, Product version = 5.4.3790.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1985845592|0x13d72740963cba12d9ff76a7f218bcd8|
C:\WINDOWS\System32\SXS.DLL, MID = 75e90000, ("c:\windows\system32\sxs.dll") File version = 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414), File size = 713216, File modification date = 19/10/2006 13:56, File description = Fusion 2.5, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3019, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |641248419|0x0ff9fa27706fbe9048990c108c0d62f0|
C:\WINDOWS\system32\wuaueng.dll, MID = 50040000, ("c:\windows\system32\wuaueng.dll") File version = 7.0.6000.381 (winmain(wmbla).070730-1740), File size = 1712984, File modification date = 31/07/2007 02:19, File description = Windows Update Agent, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.6000.381, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |567071557|0x3eec20e41f5f331b94002970ceaec92f|
C:\WINDOWS\System32\WINSPOOL.DRV, MID = 73000000, ("c:\windows\system32\winspool.drv") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 146432, File modification date = 04/08/2004 07:56, File description = Windows Spooler Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |511192227|0x777eb29d0135d81ad9828a2b05443496|
C:\WINDOWS\System32\WINHTTP.dll, MID = 4d4f0000, ("c:\windows\system32\winhttp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 351232, File modification date = 04/08/2004 07:56, File description = Windows HTTP Services, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2081758494|0xea82a55f22654fbedcbd82d2d4305b45|
C:\WINDOWS\System32\Cabinet.dll, MID = 75150000, ("c:\windows\system32\cabinet.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 59904, File modification date = 04/08/2004 07:56, File description = Microsoft® Cabinet File API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1838055233|0x08f0190ae201ec331b4ca3b0fa2d2cce|
C:\WINDOWS\System32\mspatcha.dll, MID = 600a0000, ("c:\windows\system32\mspatcha.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 30208, File modification date = 04/08/2004 07:56, File description = Microsoft(R) Patch Engine, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-401244576|0x633c197292b4051d986903827de561a3|
c:\windows\system32\wscsvc.dll, MID = 4c0a0000, ("c:\windows\system32\wscsvc.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 81408, File modification date = 04/08/2004 07:56, File description = Windows Security Center Service, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-702637642|0x4d59daa66c60858cdf4f67a900f42d4a|
c:\windows\system32\msi.dll, MID = 7d1e0000, ("c:\windows\system32\msi.dll") File version = 3.1.4000.4039, File size = 2854400, File modification date = 18/04/2007 16:12, File description = Windows Installer, Product Name = Windows Installer - Unicode, Product version = 3.1.4000.4039, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |362880996|0x892f4bc54d486feb4df03e4e2ecb14e0|
c:\windows\system32\ipnathlp.dll, MID = 66460000, ("c:\windows\system32\ipnathlp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 331264, File modification date = 04/08/2004 07:56, File description = Microsoft NAT Helper Components, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-2067359104|0x36cc8c01b5e50163037bef56cb96deff|
c:\windows\system32\AUTHZ.dll, MID = 776c0000, ("c:\windows\system32\authz.dll") File version = 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519), File size = 56832, File modification date = 02/03/2005 18:09, File description = Authorization Framework, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2622, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1099216452|0x5c3df25926729ebeef5cc7ff1933b360|
C:\WINDOWS\system32\comsvcs.dll, MID = 76620000, ("c:\windows\system32\comsvcs.dll") File version = 2001.12.4414.308, File size = 1267200, File modification date = 26/07/2005 04:39, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |2039284327|0x75deb92422d955373825a11f9f74ec6a|
C:\WINDOWS\system32\colbact.DLL, MID = 75130000, ("c:\windows\system32\colbact.dll") File version = 2001.12.4414.308, File size = 60416, File modification date = 26/07/2005 04:39, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |-1992842684|0x01a04fb59e76697c9171b6327274d371|
C:\WINDOWS\system32\MTXCLU.DLL, MID = 750f0000, ("c:\windows\system32\mtxclu.dll") File version = 2001.12.4414.311, File size = 66560, File modification date = 01/03/2006 19:42, File description = MS DTC amd MTS clustering support DLL, Product Name = COM Services, Product version = 03.01.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1998) |-343134517|0x16a389d6ded58ba583694f825a1821a2|
C:\WINDOWS\system32\WSOCK32.dll, MID = 71ad0000, ("c:\windows\system32\wsock32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 22528, File modification date = 04/08/2004 07:56, File description = Windows Socket 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1850821242|0x53af9f2b2ce4b6eff41c70417359d010|
C:\WINDOWS\System32\CLUSAPI.DLL, MID = 76d10000, ("c:\windows\system32\clusapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 57856, File modification date = 04/08/2004 07:56, File description = Cluster API Library, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |501671602|0x98c1ff6676e02d43da208802286a6ee7|
C:\WINDOWS\System32\RESUTILS.DLL, MID = 750b0000, ("c:\windows\system32\resutils.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 58880, File modification date = 04/08/2004 07:56, File description = Microsoft Cluster Resource Utility DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |98660624|0x2738c8a33ff07dd3c99c7c8f0a85da72|
C:\WINDOWS\System32\wbem\wbemcomn.dll, MID = 75290000, ("c:\windows\system32\wbem\wbemcomn.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 214528, File modification date = 04/08/2004 07:56, File description = WMI, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-522981804|0x4e39c36213e95fb971a61a247bde2f61|
C:\WINDOWS\system32\wbem\wbemcore.dll, MID = 762c0000, ("c:\windows\system32\wbem\wbemcore.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 530944, File modification date = 04/08/2004 07:56, File description = WMI, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1631910627|0x36360b625d7290bba2cd03ad4975e1bc|
C:\WINDOWS\system32\wbem\esscli.dll, MID = 75310000, ("c:\windows\system32\wbem\esscli.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 247808, File modification date = 04/08/2004 07:56, File description = WMI, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |539660949|0xde578e4e6844954823fc7688625f00c8|
C:\WINDOWS\system32\wbem\FastProx.dll, MID = 75690000, ("c:\windows\system32\wbem\fastprox.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 472064, File modification date = 04/08/2004 07:56, File description = WMI, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1676948429|0xc28500101bc66fdabd830f8de51a59a0|
C:\WINDOWS\System32\sfc.dll, MID = 76bb0000, ("c:\windows\system32\sfc.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 5120, File modification date = 04/08/2004 07:56, File description = Windows File Protection, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1292590664|0xe8a12a12ea9088b4327d49edca3add3e|
C:\WINDOWS\System32\sfc_os.dll, MID = 76c60000, ("c:\windows\system32\sfc_os.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 140288, File modification date = 04/08/2004 07:56, File description = Windows File Protection, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |988450403|0x9858cc4d73a4ccf2f852fae07c11a0b5|
C:\WINDOWS\System32\wbem\wbemsvc.dll, MID = 74ed0000, ("c:\windows\system32\wbem\wbemsvc.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 43520, File modification date = 04/08/2004 07:56, File description = WMI, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-374954112|0x7d676ac8cc19341117c77c261647ba07|
C:\WINDOWS\System32\wbem\wmiutils.dll, MID = 75020000, ("c:\windows\system32\wbem\wmiutils.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 95232, File modification date = 04/08/2004 07:56, File description = WMI, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |739392676|0x0a1161db4fccf7821736c70d70a0f5a3|
c:\windows\system32\tapisrv.dll, MID = 733e0000, ("c:\windows\system32\tapisrv.dll") File version = 5.1.2600.2716 (xpsp_sp2_gdr.050707-1657), File size = 249344, File modification date = 08/07/2005 16:27, File description = Microsoft® Windows(TM) Telephony Server, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2716, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1707389153|0xfb78839b36025aa286a51289ed28b73e|
c:\windows\system32\PSAPI.DLL, MID = 76bf0000, ("c:\windows\system32\psapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 23040, File modification date = 04/08/2004 07:56, File description = Process Status Helper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1750840696|0x96e48c7eb9089d1dbf6f85ca11b264df|
C:\WINDOWS\System32\wbem\repdrvfs.dll, MID = 75200000, ("c:\windows\system32\wbem\repdrvfs.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 177152, File modification date = 04/08/2004 07:56, File description = WMI, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1576144344|0x9a66728efe501d855d0ffe3de023ce32|
c:\windows\system32\rasmans.dll, MID = 7df30000, ("c:\windows\system32\rasmans.dll") File version = 5.1.2600.2908 (xpsp_sp2_gdr.060513-0343), File size = 181248, File modification date = 14/05/2006 08:44, File description = Remote Access Connection Manager, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2908, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-610577170|0xd4bd2eeab07fef323f0a0ceecc954f51|
c:\windows\system32\WINIPSEC.DLL, MID = 74370000, ("c:\windows\system32\winipsec.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 32768, File modification date = 04/08/2004 07:56, File description = Windows IPSec SPD Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-30270437|0x2b2f31e3f2ce3723c1b0f3700c8be28b|
c:\windows\system32\netcfgx.dll, MID = 755f0000, ("c:\windows\system32\netcfgx.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 622080, File modification date = 04/08/2004 07:56, File description = Network Configuration Objects, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1745547453|0xe3ae8dc04643850d2dfd431443558b28|
C:\WINDOWS\System32\wbem\wmiprvsd.dll, MID = 597f0000, ("c:\windows\system32\wbem\wmiprvsd.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 437248, File modification date = 04/08/2004 07:56, File description = WMI, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |325484190|0x1f080ccc567d222a2dcb7cc285c6a7ad|
C:\WINDOWS\system32\NCObjAPI.DLL, MID = 5f770000, ("c:\windows\system32\ncobjapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 36352, File modification date = 04/08/2004 07:56, File description = , Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-915191360|0xda201a0a309b96381fd674d0fab5da86|
C:\WINDOWS\System32\rasadhlp.dll, MID = 76fc0000, ("c:\windows\system32\rasadhlp.dll") File version = 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020), File size = 8192, File modification date = 26/06/2006 17:37, File description = Remote Access AutoDial Helper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2938, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-27266821|0x5f098bd2ae6b03044b085decffdf91ec|
C:\WINDOWS\System32\wbem\wbemess.dll, MID = 75390000, ("c:\windows\system32\wbem\wbemess.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 273920, File modification date = 04/08/2004 07:56, File description = WMI, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-563919561|0x6708e1ddf12cab2d5b5a2b66b76e0038|
C:\WINDOWS\System32\rastapi.dll, MID = 75880000, ("c:\windows\system32\rastapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 58880, File modification date = 04/08/2004 07:56, File description = Remote Access TAPI Compliance Layer, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |31789499|0x1d536bebc30dd8d0d3b6ff3b0cd2d32b|
C:\WINDOWS\System32\unimdm.tsp, MID = 57cc0000, ("c:\windows\system32\unimdm.tsp") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 206848, File modification date = 04/08/2004 07:56, File description = Unimodem 5 Service Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1535711707|0x1dfd6e8da0fe2d14a5fa12cfcfb162c1|
C:\WINDOWS\System32\uniplat.dll, MID = 72000000, ("c:\windows\system32\uniplat.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 13824, File modification date = 04/08/2004 07:56, File description = Unimodem AT Mini Driver Platform Driver for Windows NT, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1806265221|0x3ab4213bf48f9062e087b909832aa8e6|
C:\WINDOWS\System32\wbem\ncprov.dll, MID = 5f740000, ("c:\windows\system32\wbem\ncprov.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 47104, File modification date = 04/08/2004 07:56, File description = Non-COM WMI Event Provision APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |27196605|0x6ae613fff9f9dfee552652662bfabe41|
C:\WINDOWS\System32\kmddsp.tsp, MID = 57d40000, ("c:\windows\system32\kmddsp.tsp") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 33280, File modification date = 04/08/2004 07:56, File description = TAPI Kernel-Mode Service Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (Copyright © Microsoft Corporation 1995. All Rights Reserved.) |689957928|0x7735385c0fa821961f9a1eba94f2ac98|
C:\WINDOWS\System32\ndptsp.tsp, MID = 57d20000, ("c:\windows\system32\ndptsp.tsp") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 56832, File modification date = 04/08/2004 07:56, File description = NDIS Proxy TAPI Service Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (Copyright © Microsoft Corporation 1997. All Rights Reserved.) |-947607951|0x37d7005a87f6405dea87f50098ce03f7|
C:\WINDOWS\System32\ipconf.tsp, MID = 57d50000, ("c:\windows\system32\ipconf.tsp") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 17408, File modification date = 04/08/2004 07:56, File description = Microsoft Multicast Conference TAPI Service Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-191157075|0xa4c40af21bf9f90e08a3c1dd0dc79e0b|
C:\WINDOWS\System32\h323.tsp, MID = 57d70000, ("c:\windows\system32\h323.tsp") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 265728, File modification date = 04/08/2004 07:56, File description = Microsoft H.323 Telephony Service Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1668944654|0x49361f295df887ac32cd660ca94acaa5|
C:\WINDOWS\System32\hidphone.tsp, MID = 57d60000, ("c:\windows\system32\hidphone.tsp") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 29696, File modification date = 04/08/2004 07:56, File description = Microsoft HID Phone TSP, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1883600809|0x83168270f2e73a20e981b0f38a34958f|
C:\WINDOWS\System32\HID.DLL, MID = 688f0000, ("c:\windows\system32\hid.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 20992, File modification date = 04/08/2004 07:56, File description = Hid User Library, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1594497444|0x18afee0ede045b6255408d634372dc29|
C:\WINDOWS\System32\rasppp.dll, MID = 72240000, ("c:\windows\system32\rasppp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 206336, File modification date = 04/08/2004 07:56, File description = Remote Access PPP, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-450248824|0x04ecec0447f79419ad25227205b8277d|
C:\WINDOWS\System32\ntlsapi.dll, MID = 724b0000, ("c:\windows\system32\ntlsapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 8192, File modification date = 04/08/2004 07:56, File description = Microsoft® License Server Interface DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1782037238|0xc5ef2a4f6cb968b3119b43f43c64a1a6|
C:\WINDOWS\system32\kerberos.dll, MID = 71cf0000, ("c:\windows\system32\kerberos.dll") File version = 5.1.2600.2698 (xpsp_sp2_gdr.050614-1522), File size = 295936, File modification date = 15/06/2005 17:49, File description = Kerberos Security Package, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2698, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |692991453|0xfc3bcbef084377fb3ab43e0e2ff812cb|
C:\WINDOWS\System32\cryptdll.dll, MID = 76790000, ("c:\windows\system32\cryptdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 33280, File modification date = 04/08/2004 07:56, File description = Cryptography Manager, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-704933996|0xef5b64a9cd71ed27e837165c08da4cc1|
C:\WINDOWS\System32\upnp.dll, MID = 76de0000, ("c:\windows\system32\upnp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 132608, File modification date = 04/08/2004 07:56, File description = Universal Plug and Play API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-2057732901|0x339089d6c3fc3bc5ced8d9049c4d2101|
C:\WINDOWS\System32\SSDPAPI.dll, MID = 74f00000, ("c:\windows\system32\ssdpapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 34816, File modification date = 04/08/2004 07:56, File description = SSDP Client API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1898439142|0x5b8dfa748fa4845bc04445a30126f2e9|
C:\WINDOWS\System32\RASDLG.dll, MID = 768d0000, ("c:\windows\system32\rasdlg.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 657920, File modification date = 04/08/2004 07:56, File description = Remote Access Common Dialog API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1680251131|0xba5d5fd3cca6f64a429e2e0e1a1a0917|
C:\WINDOWS\system32\msxml3.dll, MID = 74980000, ("c:\windows\system32\msxml3.dll") File version = 8.90.1101.0, File size = 1104896, File modification date = 26/06/2007 06:08, File description = MSXML 3.0 SP9, Product Name = Microsoft(R) MSXML 3.0 SP9, Product version = 8.90.1101.0, Company name = Microsoft Corporation (Copyright (C) Microsoft Corporation. 1981-2007) |-719437539|0x0b13288e7d79dae8d99dac8f08a77372|
C:\WINDOWS\system32\wups2.dll, MID = 50e60000, ("c:\windows\system32\wups2.dll") File version = 7.0.6000.381 (winmain(wmbla).070730-1740), File size = 43352, File modification date = 31/07/2007 02:19, File description = Windows Update client proxy stub 2, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.6000.381, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |760780347|0xceb1bd87fbcb5984bdf7dc0991a060b5|
C:\WINDOWS\System32\winrnr.dll, MID = 76fb0000, ("c:\windows\system32\winrnr.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 16896, File modification date = 04/08/2004 07:56, File description = LDAP RnR Provider DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-199904513|0x2c8fdb176f22629ea5342db474fac391|
C:\WINDOWS\System32\dssenh.dll, MID = 68100000, ("c:\windows\system32\dssenh.dll") File version = 5.1.2600.2133 (xpsp.040514-1639), File size = 137216, File modification date = 04/08/2004 05:31, File description = Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2133, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2063081844|0xcacd2c63a79268d131ea37e85524cc44|
c:\windows\system32\qmgr.dll, MID = 5b9f0000, ("c:\windows\system32\qmgr.dll") File version = 6.6.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 382464, File modification date = 04/08/2004 07:56, File description = Background Intelligent Transfer Service, Product Name = Microsoft® Windows® Operating System, Product version = 6.6.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1641338516|0x2c69ec7e5a311334d10dd95f338fccea|
C:\WINDOWS\system32\MPR.dll, MID = 71b20000, ("c:\windows\system32\mpr.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 59904, File modification date = 04/08/2004 07:56, File description = Multiple Provider Router DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1996326639|0x2cfe80aa3428c09e6de67fac50da65cf|
c:\windows\system32\SHFOLDER.dll, MID = 76780000, ("c:\windows\system32\shfolder.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 25088, File modification date = 04/08/2004 07:56, File description = Shell Folder Service, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |784816171|0x7c8f371c924daa376217e553378275ba|
C:\WINDOWS\system32\advpack.dll, MID = 42ec0000, ("c:\windows\system32\advpack.dll") File version = 7.00.6000.16640 (vista_gdr.080213-1606), File size = 124928, File modification date = 01/03/2008 13:06, File description = ADVPACK, Product Name = Windows® Internet Explorer, Product version = 7.00.6000.16640, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |243163959|0x39446ad104248d5258d8a1cbbb08cb63|
C:\WINDOWS\System32\wbem\wbemcons.dll, MID = 73d30000, ("c:\windows\system32\wbem\wbemcons.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 71680, File modification date = 04/08/2004 07:56, File description = WMI Standard Event Consumers, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1186528821|0xd18d28cef9fea09359c7de7be3669f66|

PROCESS svchost, PID = 1156, USER = , Command Line = C:\WINDOWS\System32\svchost.exe -k NetworkService
"C:\WINDOWS\system32\svchost.exe" File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 14336, File modification date = 04/08/2004 07:56, File description = Generic Host Process for Win32 Services, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1487710196|0x8f078ae4ed187aaabc0a305146de6716|
C:\WINDOWS\System32\svchost.exe, MID = 1000000, ("C:\WINDOWS\system32\svchost.exe") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 14336, File modification date = 04/08/2004 07:56, File description = Generic Host Process for Win32 Services, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1487710196|0x8f078ae4ed187aaabc0a305146de6716|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|
C:\WINDOWS\system32\kernel32.dll, MID = 7c800000, ("c:\windows\system32\kernel32.dll") File version = 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301), File size = 984576, File modification date = 16/04/2007 15:52, File description = Windows NT BASE API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3119, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751812395|0xa01f9ca902a88f7ced06884174d6419d|
C:\WINDOWS\system32\ADVAPI32.dll, MID = 77dd0000, ("c:\windows\system32\advapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 616960, File modification date = 04/08/2004 07:56, File description = Advanced Windows 32 Base API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1585065738|0x1aff244ca134956c54474f4e2433e4ce|
C:\WINDOWS\system32\RPCRT4.dll, MID = 77e70000, ("c:\windows\system32\rpcrt4.dll") File version = 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052), File size = 582656, File modification date = 09/07/2007 13:16, File description = Remote Procedure Call Runtime, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3173, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |862413953|0xec9d7fd24172c1879e7673f654e55cec|
C:\WINDOWS\System32\ShimEng.dll, MID = 5cb70000, ("c:\windows\system32\shimeng.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 65536, File modification date = 04/08/2004 07:56, File description = Shim Engine DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1268187735|0x43da983415ea533f9e667fdb415f4655|
C:\WINDOWS\AppPatch\AcGenral.DLL, MID = 6f880000, ("c:\windows\apppatch\acgenral.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 1852416, File modification date = 04/08/2004 07:56, File description = Windows Compatibility DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1968887141|0xfb537f29a827d78f756154cf397a113f|
C:\WINDOWS\system32\USER32.dll, MID = 7e410000, ("c:\windows\system32\user32.dll") File version = 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), File size = 577536, File modification date = 08/03/2007 15:36, File description = Windows XP USER API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3099, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-550357050|0xb409909f6e2e8a7067076ed748abf1e7|
C:\WINDOWS\system32\GDI32.dll, MID = 77f10000, ("c:\windows\system32\gdi32.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 282624, File modification date = 20/02/2008 06:51, File description = GDI Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |404757280|0x011fc443e31e3d51b238564bc499b9b1|
C:\WINDOWS\System32\WINMM.dll, MID = 76b40000, ("c:\windows\system32\winmm.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 176128, File modification date = 04/08/2004 07:56, File description = MCI API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |305547002|0x90fdaa22f38d9e911f91fa3b8a1f7e5d|
C:\WINDOWS\system32\ole32.dll, MID = 774e0000, ("c:\windows\system32\ole32.dll") File version = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), File size = 1285120, File modification date = 26/07/2005 04:39, File description = Microsoft OLE for Windows, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2726, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1389208961|0xab8231d13692ac5088eb9c226b0c0576|
C:\WINDOWS\system32\msvcrt.dll, MID = 77c10000, ("c:\windows\system32\msvcrt.dll") File version = 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 343040, File modification date = 04/08/2004 07:56, File description = Windows NT CRT DLL, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1385742533|0xb0fefa816d61ec66aa765ddf534eab5e|
C:\WINDOWS\system32\OLEAUT32.dll, MID = 77120000, ("c:\windows\system32\oleaut32.dll") File version = 5.1.2600.3266, File size = 550912, File modification date = 04/12/2007 18:38, File description = (null), Product Name = (null), Product version = 5.1.2600.3266, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-2001.) |409301632|0x0144abc4c4a624b583d432ee478a711c|
C:\WINDOWS\System32\MSACM32.dll, MID = 77be0000, ("c:\windows\system32\msacm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 71680, File modification date = 04/08/2004 07:56, File description = Microsoft ACM Audio Filter, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1780582686|0x975d12353b1d525c0f3444c447fb3b9a|
C:\WINDOWS\system32\VERSION.dll, MID = 77c00000, ("c:\windows\system32\version.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18944, File modification date = 04/08/2004 07:56, File description = Version Checking and File Installation Libraries, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-807126597|0xd38408967be738d0c1b47005bce8ceeb|
C:\WINDOWS\system32\SHELL32.dll, MID = 7c9c0000, ("c:\windows\system32\shell32.dll") File version = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245), File size = 8460288, File modification date = 26/10/2007 03:34, File description = Windows Shell Common Dll, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3241, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1265059713|0x3be4c2e84d99889685fe2b68e5fa2a9d|
C:\WINDOWS\system32\SHLWAPI.dll, MID = 77f60000, ("c:\windows\system32\shlwapi.dll") File version = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040), File size = 474112, File modification date = 04/01/2007 14:05, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3059, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |360429776|0x7ffe0d795f7138a5487fc90a8ec121e1|
C:\WINDOWS\system32\USERENV.dll, MID = 769c0000, ("c:\windows\system32\userenv.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 723456, File modification date = 04/08/2004 07:56, File description = Userenv, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-59535776|0x2b9b56a89a8a42e917511972a6db36e3|
C:\WINDOWS\System32\UxTheme.dll, MID = 5ad70000, ("c:\windows\system32\uxtheme.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 218624, File modification date = 04/08/2004 07:56, File description = Microsoft UxTheme Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1521061666|0x2cde496666a975a2ce8f969f3042c8db|
C:\WINDOWS\system32\IMM32.DLL, MID = 76390000, ("c:\windows\system32\imm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 110080, File modification date = 04/08/2004 07:56, File description = Windows XP IMM32 API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-43671331|0x87ca7ce6469577f059297b9d6556d66d|
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll, MID = 773d0000, ("c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll") File version = 6.0 (xpsp.060825-0040), File size = 1054208, File modification date = 25/08/2006 15:45, File description = User Experience Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1490442124|0xc4e80875c1cf1222fc5efd0314ae5c01|
C:\WINDOWS\system32\comctl32.dll, MID = 5d090000, ("c:\windows\system32\comctl32.dll") File version = 5.82 (xpsp.060825-0040), File size = 617472, File modification date = 25/08/2006 15:45, File description = Common Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |590308980|0xb0124cb21d28b1c9f678b566b6b57d92|
c:\windows\system32\dnsrslvr.dll, MID = 76770000, ("c:\windows\system32\dnsrslvr.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 45568, File modification date = 20/02/2008 05:32, File description = DNS Caching Resolver Service, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |701181423|0xaac8ffbfd61e784fa3bac851d4a0bd5f|
c:\windows\system32\DNSAPI.dll, MID = 76f20000, ("c:\windows\system32\dnsapi.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 148992, File modification date = 20/02/2008 05:32, File description = DNS Client API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-373327215|0x4ff71085babae623f3fee11e1f86d9cd|
c:\windows\system32\WS2_32.dll, MID = 71ab0000, ("c:\windows\system32\ws2_32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 82944, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1757885354|0x2ed0b7f12a60f90092081c50fa0ec2b2|
c:\windows\system32\WS2HELP.dll, MID = 71aa0000, ("c:\windows\system32\ws2help.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-170042698|0x9beacb911ca61e5881102188ab7fb431|
c:\windows\system32\iphlpapi.dll, MID = 76d60000, ("c:\windows\system32\iphlpapi.dll") File version = 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), File size = 94720, File modification date = 19/05/2006 12:59, File description = IP Helper API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2912, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |858262452|0x011eacf9153ef90e6cbce2987acae411|
C:\WINDOWS\System32\rsaenh.dll, MID = ffd0000, ("c:\windows\system32\rsaenh.dll") File version = 5.1.2600.2161 (xpsp.040706-1629), File size = 152576, File modification date = 04/08/2004 05:31, File description = Microsoft Enhanced Cryptographic Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2161, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1510428990|0x26acbd865f8cff730f1791c4d0854352|
C:\WINDOWS\system32\mswsock.dll, MID = 71a50000, ("c:\windows\system32\mswsock.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 245248, File modification date = 04/08/2004 07:56, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-500132976|0x4e74af063c3271fbea20dd940cfd1184|
C:\WINDOWS\System32\hnetcfg.dll, MID = 662b0000, ("c:\windows\system32\hnetcfg.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 344064, File modification date = 04/08/2004 07:56, File description = Home Networking Configuration Manager, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1827756751|0x765b30c776a1780b46b479fe614f707c|
C:\WINDOWS\System32\wshtcpip.dll, MID = 71a90000, ("c:\windows\system32\wshtcpip.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Sockets Helper DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1198735131|0xa7f95a53ee055115df03588997a47d4d|

PROCESS svchost, PID = 1212, USER = , Command Line = C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe, MID = 1000000, ("C:\WINDOWS\system32\svchost.exe") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 14336, File modification date = 04/08/2004 07:56, File description = Generic Host Process for Win32 Services, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1487710196|0x8f078ae4ed187aaabc0a305146de6716|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|
C:\WINDOWS\system32\kernel32.dll, MID = 7c800000, ("c:\windows\system32\kernel32.dll") File version = 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301), File size = 984576, File modification date = 16/04/2007 15:52, File description = Windows NT BASE API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3119, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751812395|0xa01f9ca902a88f7ced06884174d6419d|
C:\WINDOWS\system32\ADVAPI32.dll, MID = 77dd0000, ("c:\windows\system32\advapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 616960, File modification date = 04/08/2004 07:56, File description = Advanced Windows 32 Base API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1585065738|0x1aff244ca134956c54474f4e2433e4ce|
C:\WINDOWS\system32\RPCRT4.dll, MID = 77e70000, ("c:\windows\system32\rpcrt4.dll") File version = 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052), File size = 582656, File modification date = 09/07/2007 13:16, File description = Remote Procedure Call Runtime, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3173, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |862413953|0xec9d7fd24172c1879e7673f654e55cec|
C:\WINDOWS\system32\ShimEng.dll, MID = 5cb70000, ("c:\windows\system32\shimeng.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 65536, File modification date = 04/08/2004 07:56, File description = Shim Engine DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1268187735|0x43da983415ea533f9e667fdb415f4655|
C:\WINDOWS\AppPatch\AcGenral.DLL, MID = 6f880000, ("c:\windows\apppatch\acgenral.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 1852416, File modification date = 04/08/2004 07:56, File description = Windows Compatibility DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1968887141|0xfb537f29a827d78f756154cf397a113f|
C:\WINDOWS\system32\USER32.dll, MID = 7e410000, ("c:\windows\system32\user32.dll") File version = 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), File size = 577536, File modification date = 08/03/2007 15:36, File description = Windows XP USER API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3099, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-550357050|0xb409909f6e2e8a7067076ed748abf1e7|
C:\WINDOWS\system32\GDI32.dll, MID = 77f10000, ("c:\windows\system32\gdi32.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 282624, File modification date = 20/02/2008 06:51, File description = GDI Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |404757280|0x011fc443e31e3d51b238564bc499b9b1|
C:\WINDOWS\system32\WINMM.dll, MID = 76b40000, ("c:\windows\system32\winmm.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 176128, File modification date = 04/08/2004 07:56, File description = MCI API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |305547002|0x90fdaa22f38d9e911f91fa3b8a1f7e5d|
C:\WINDOWS\system32\ole32.dll, MID = 774e0000, ("c:\windows\system32\ole32.dll") File version = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), File size = 1285120, File modification date = 26/07/2005 04:39, File description = Microsoft OLE for Windows, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2726, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1389208961|0xab8231d13692ac5088eb9c226b0c0576|
C:\WINDOWS\system32\msvcrt.dll, MID = 77c10000, ("c:\windows\system32\msvcrt.dll") File version = 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 343040, File modification date = 04/08/2004 07:56, File description = Windows NT CRT DLL, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1385742533|0xb0fefa816d61ec66aa765ddf534eab5e|
C:\WINDOWS\system32\OLEAUT32.dll, MID = 77120000, ("c:\windows\system32\oleaut32.dll") File version = 5.1.2600.3266, File size = 550912, File modification date = 04/12/2007 18:38, File description = (null), Product Name = (null), Product version = 5.1.2600.3266, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-2001.) |409301632|0x0144abc4c4a624b583d432ee478a711c|
C:\WINDOWS\system32\MSACM32.dll, MID = 77be0000, ("c:\windows\system32\msacm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 71680, File modification date = 04/08/2004 07:56, File description = Microsoft ACM Audio Filter, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1780582686|0x975d12353b1d525c0f3444c447fb3b9a|
C:\WINDOWS\system32\VERSION.dll, MID = 77c00000, ("c:\windows\system32\version.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18944, File modification date = 04/08/2004 07:56, File description = Version Checking and File Installation Libraries, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-807126597|0xd38408967be738d0c1b47005bce8ceeb|
C:\WINDOWS\system32\SHELL32.dll, MID = 7c9c0000, ("c:\windows\system32\shell32.dll") File version = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245), File size = 8460288, File modification date = 26/10/2007 03:34, File description = Windows Shell Common Dll, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3241, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1265059713|0x3be4c2e84d99889685fe2b68e5fa2a9d|
C:\WINDOWS\system32\SHLWAPI.dll, MID = 77f60000, ("c:\windows\system32\shlwapi.dll") File version = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040), File size = 474112, File modification date = 04/01/2007 14:05, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3059, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |360429776|0x7ffe0d795f7138a5487fc90a8ec121e1|
C:\WINDOWS\system32\USERENV.dll, MID = 769c0000, ("c:\windows\system32\userenv.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 723456, File modification date = 04/08/2004 07:56, File description = Userenv, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-59535776|0x2b9b56a89a8a42e917511972a6db36e3|
C:\WINDOWS\system32\UxTheme.dll, MID = 5ad70000, ("c:\windows\system32\uxtheme.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 218624, File modification date = 04/08/2004 07:56, File description = Microsoft UxTheme Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1521061666|0x2cde496666a975a2ce8f969f3042c8db|
C:\WINDOWS\system32\IMM32.DLL, MID = 76390000, ("c:\windows\system32\imm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 110080, File modification date = 04/08/2004 07:56, File description = Windows XP IMM32 API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-43671331|0x87ca7ce6469577f059297b9d6556d66d|
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll, MID = 773d0000, ("c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll") File version = 6.0 (xpsp.060825-0040), File size = 1054208, File modification date = 25/08/2006 15:45, File description = User Experience Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1490442124|0xc4e80875c1cf1222fc5efd0314ae5c01|
C:\WINDOWS\system32\comctl32.dll, MID = 5d090000, ("c:\windows\system32\comctl32.dll") File version = 5.82 (xpsp.060825-0040), File size = 617472, File modification date = 25/08/2006 15:45, File description = Common Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |590308980|0xb0124cb21d28b1c9f678b566b6b57d92|
C:\WINDOWS\system32\NTMARTA.DLL, MID = 77690000, ("c:\windows\system32\ntmarta.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 118784, File modification date = 04/08/2004 07:56, File description = Windows NT MARTA provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1318044394|0xdaa91b358e685fc6cca9aca72be6fe85|
C:\WINDOWS\system32\WLDAP32.dll, MID = 76f60000, ("c:\windows\system32\wldap32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 172032, File modification date = 04/08/2004 07:56, File description = Win32 LDAP API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1605268905|0x10f36fa092d7a309a0647fcdc764ae6c|
C:\WINDOWS\system32\SAMLIB.dll, MID = 71bf0000, ("c:\windows\system32\samlib.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 64000, File modification date = 04/08/2004 07:56, File description = SAM Library DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1039413179|0xebe12f403fde45e7312e7bf764bfb6c6|
C:\WINDOWS\system32\xpsp2res.dll, MID = 20000000, ("c:\windows\system32\xpsp2res.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 2897920, File modification date = 04/08/2004 07:56, File description = Service Pack 2 Messages, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |649549229|0x1320aea7057a26a671d9548cc7bebda5|
c:\windows\system32\lmhsvc.dll, MID = 74c40000, ("c:\windows\system32\lmhsvc.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 13824, File modification date = 04/08/2004 07:56, File description = TCPIP NetBios Transport Services DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1734033683|0xb3eff6d938c572e90a07b3d87a3c7657|
c:\windows\system32\iphlpapi.dll, MID = 76d60000, ("c:\windows\system32\iphlpapi.dll") File version = 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), File size = 94720, File modification date = 19/05/2006 12:59, File description = IP Helper API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2912, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |858262452|0x011eacf9153ef90e6cbce2987acae411|
c:\windows\system32\WS2_32.dll, MID = 71ab0000, ("c:\windows\system32\ws2_32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 82944, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1757885354|0x2ed0b7f12a60f90092081c50fa0ec2b2|
c:\windows\system32\WS2HELP.dll, MID = 71aa0000, ("c:\windows\system32\ws2help.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-170042698|0x9beacb911ca61e5881102188ab7fb431|
c:\windows\system32\webclnt.dll, MID = 5a6e0000, ("c:\windows\system32\webclnt.dll") File version = 5.1.2600.2821 (xpsp_sp2_gdr.060103-1536), File size = 68096, File modification date = 04/01/2006 03:35, File description = Web DAV Service DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2821, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-131692731|0x265f534ef76832435afbf771ec97176d|
C:\WINDOWS\system32\WININET.dll, MID = 42c10000, ("c:\windows\system32\wininet.dll") File version = 7.00.6000.16640 (vista_gdr.080213-1606), File size = 826368, File modification date = 01/03/2008 13:06, File description = Internet Extensions for Win32, Product Name = Windows® Internet Explorer, Product version = 7.00.6000.16640, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1720921237|0xad21461aef8244edec2ef18e55e1dcf3|
C:\WINDOWS\system32\Normaliz.dll, MID = 6f0000, ("c:\windows\system32\normaliz.dll") File version = 6.0.5441.0 (winmain(wmbla).060628-1735), File size = 23552, File modification date = 29/06/2006 16:05, File description = Unicode Normalization DLL, Product Name = Microsoft® Windows® Operating System, Product version = 6.0.5441.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-2140978042|0x10753a3adc3e39a3b10cc3f08e98e6b4|
C:\WINDOWS\system32\iertutil.dll, MID = 42990000, ("c:\windows\system32\iertutil.dll") File version = 7.00.6000.16640 (vista_gdr.080213-1606), File size = 267776, File modification date = 01/03/2008 13:06, File description = Run time utility for Internet Explorer, Product Name = Windows® Internet Explorer, Product version = 7.00.6000.16640, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1890308121|0x4926de4ab9c86e8b295e7e6797b97782|
C:\WINDOWS\system32\Secur32.dll, MID = 77fe0000, ("c:\windows\system32\secur32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 55808, File modification date = 04/08/2004 07:56, File description = Security Support Provider Interface, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1513275479|0x81459cb8e975003ad28b8abb8dfa8329|
c:\windows\system32\regsvc.dll, MID = 76af0000, ("c:\windows\system32\regsvc.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 59904, File modification date = 04/08/2004 07:56, File description = Remote Registry Service, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1428290017|0x3151427db7d87107d1c5be58fac53960|
c:\windows\system32\ssdpsrv.dll, MID = 765e0000, ("c:\windows\system32\ssdpsrv.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 71680, File modification date = 04/08/2004 07:56, File description = SSDP Service DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-267417640|0x4b8d61792f7175bed48859cc18ce4e38|
C:\WINDOWS\system32\hnetcfg.dll, MID = 662b0000, ("c:\windows\system32\hnetcfg.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 344064, File modification date = 04/08/2004 07:56, File description = Home Networking Configuration Manager, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1827756751|0x765b30c776a1780b46b479fe614f707c|
C:\WINDOWS\system32\CLBCATQ.DLL, MID = 76fd0000, ("c:\windows\system32\clbcatq.dll") File version = 2001.12.4414.308, File size = 498688, File modification date = 26/07/2005 04:39, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |-1645411569|0xec8a848fc4f17f3b3d9da4a0c43fb930|
C:\WINDOWS\system32\COMRes.dll, MID = 77050000, ("c:\windows\system32\comres.dll") File version = 2001.12.4414.258, File size = 792064, File modification date = 04/08/2004 07:56, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |1511175330|0x6728270cb7dbb776ed086f5ac4c82310|
C:\WINDOWS\system32\mswsock.dll, MID = 71a50000, ("c:\windows\system32\mswsock.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 245248, File modification date = 04/08/2004 07:56, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-500132976|0x4e74af063c3271fbea20dd940cfd1184|
C:\WINDOWS\System32\wshtcpip.dll, MID = 71a90000, ("c:\windows\system32\wshtcpip.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Sockets Helper DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1198735131|0xa7f95a53ee055115df03588997a47d4d|

PROCESS ccSvcHst, PID = 1320, USER = , Command Line = c:\windows\system32\svchost.exe -k localservice
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe, MID = 400000, ("c:\program files\common files\symantec shared\ccsvchst.exe") File version = 106.1.0.17, File size = 107624, File modification date = 14/10/2006 04:44, File description = Symantec Service Framework, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |-300402366|0xadf6c0aa0bb213e93c147cf09335dc31|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|
C:\WINDOWS\system32\kernel32.dll, MID = 7c800000, ("c:\windows\system32\kernel32.dll") File version = 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301), File size = 984576, File modification date = 16/04/2007 15:52, File description = Windows NT BASE API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3119, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751812395|0xa01f9ca902a88f7ced06884174d6419d|
C:\WINDOWS\system32\ole32.dll, MID = 774e0000, ("c:\windows\system32\ole32.dll") File version = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), File size = 1285120, File modification date = 26/07/2005 04:39, File description = Microsoft OLE for Windows, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2726, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1389208961|0xab8231d13692ac5088eb9c226b0c0576|
C:\WINDOWS\system32\ADVAPI32.dll, MID = 77dd0000, ("c:\windows\system32\advapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 616960, File modification date = 04/08/2004 07:56, File description = Advanced Windows 32 Base API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1585065738|0x1aff244ca134956c54474f4e2433e4ce|
C:\WINDOWS\system32\RPCRT4.dll, MID = 77e70000, ("c:\windows\system32\rpcrt4.dll") File version = 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052), File size = 582656, File modification date = 09/07/2007 13:16, File description = Remote Procedure Call Runtime, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3173, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |862413953|0xec9d7fd24172c1879e7673f654e55cec|
C:\WINDOWS\system32\GDI32.dll, MID = 77f10000, ("c:\windows\system32\gdi32.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 282624, File modification date = 20/02/2008 06:51, File description = GDI Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |404757280|0x011fc443e31e3d51b238564bc499b9b1|
C:\WINDOWS\system32\USER32.dll, MID = 7e410000, ("c:\windows\system32\user32.dll") File version = 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), File size = 577536, File modification date = 08/03/2007 15:36, File description = Windows XP USER API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3099, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-550357050|0xb409909f6e2e8a7067076ed748abf1e7|
C:\WINDOWS\system32\msvcrt.dll, MID = 77c10000, ("c:\windows\system32\msvcrt.dll") File version = 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 343040, File modification date = 04/08/2004 07:56, File description = Windows NT CRT DLL, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1385742533|0xb0fefa816d61ec66aa765ddf534eab5e|
C:\WINDOWS\system32\MSVCP71.dll, MID = 7c3a0000, ("c:\windows\system32\msvcp71.dll") File version = 7.10.3077.0, File size = 499712, File modification date = 19/03/2003 03:14, File description = Microsoft® C++ Runtime Library, Product Name = Microsoft® Visual Studio .NET, Product version = 7.10.3077.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1513820628|0x561fa2abb31dfa8fab762145f81667c2|
C:\WINDOWS\system32\MSVCR71.dll, MID = 7c340000, ("c:\windows\system32\msvcr71.dll") File version = 7.10.3052.4, File size = 348160, File modification date = 21/02/2003 11:42, File description = Microsoft® C Runtime Library, Product Name = Microsoft® Visual Studio .NET, Product version = 7.10.3052.4, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |894841200|0x86f1895ae8c5e8b17d99ece768a70732|
C:\Program Files\Common Files\Symantec Shared\ccL60U.dll, MID = 6ae70000, ("c:\program files\common files\symantec shared\ccl60u.dll") File version = 106.1.0.17, File size = 532584, File modification date = 14/10/2006 04:55, File description = Symantec Library, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |-870783237|0x6a8c0e3e30e271c8be790c13df720572|
C:\WINDOWS\system32\OLEAUT32.dll, MID = 77120000, ("c:\windows\system32\oleaut32.dll") File version = 5.1.2600.3266, File size = 550912, File modification date = 04/12/2007 18:38, File description = (null), Product Name = (null), Product version = 5.1.2600.3266, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-2001.) |409301632|0x0144abc4c4a624b583d432ee478a711c|
C:\WINDOWS\system32\IMM32.DLL, MID = 76390000, ("c:\windows\system32\imm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 110080, File modification date = 04/08/2004 07:56, File description = Windows XP IMM32 API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-43671331|0x87ca7ce6469577f059297b9d6556d66d|
C:\WINDOWS\system32\ws2_32.dll, MID = 71ab0000, ("c:\windows\system32\ws2_32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 82944, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1757885354|0x2ed0b7f12a60f90092081c50fa0ec2b2|
C:\WINDOWS\system32\WS2HELP.dll, MID = 71aa0000, ("c:\windows\system32\ws2help.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-170042698|0x9beacb911ca61e5881102188ab7fb431|
C:\WINDOWS\system32\DBGHELP.DLL, MID = 59a60000, ("c:\windows\system32\dbghelp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 640000, File modification date = 04/08/2004 07:56, File description = Windows Image Helper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1813430808|0x6479a184873f7ca797ff0375d711e9a6|
C:\WINDOWS\system32\VERSION.dll, MID = 77c00000, ("c:\windows\system32\version.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18944, File modification date = 04/08/2004 07:56, File description = Version Checking and File Installation Libraries, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-807126597|0xd38408967be738d0c1b47005bce8ceeb|
C:\WINDOWS\system32\xpsp2res.dll, MID = 20000000, ("c:\windows\system32\xpsp2res.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 2897920, File modification date = 04/08/2004 07:56, File description = Service Pack 2 Messages, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |649549229|0x1320aea7057a26a671d9548cc7bebda5|
C:\WINDOWS\system32\SHLWAPI.dll, MID = 77f60000, ("c:\windows\system32\shlwapi.dll") File version = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040), File size = 474112, File modification date = 04/01/2007 14:05, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3059, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |360429776|0x7ffe0d795f7138a5487fc90a8ec121e1|
C:\WINDOWS\system32\USERENV.dll, MID = 769c0000, ("c:\windows\system32\userenv.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 723456, File modification date = 04/08/2004 07:56, File description = Userenv, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-59535776|0x2b9b56a89a8a42e917511972a6db36e3|
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll, MID = 773d0000, ("c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll") File version = 6.0 (xpsp.060825-0040), File size = 1054208, File modification date = 25/08/2006 15:45, File description = User Experience Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1490442124|0xc4e80875c1cf1222fc5efd0314ae5c01|
C:\WINDOWS\system32\Crypt32.dll, MID = 77a80000, ("c:\windows\system32\crypt32.dll") File version = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 597504, File modification date = 04/08/2004 07:56, File description = Crypto API32, Product Name = Microsoft® Windows® Operating System, Product version = 5.131.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1759588438|0xefc958396a7a7ef7e6d4a52b97512e18|
C:\WINDOWS\system32\MSASN1.dll, MID = 77b20000, ("c:\windows\system32\msasn1.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 57344, File modification date = 04/08/2004 07:56, File description = ASN.1 Runtime APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-720210377|0x3cd1ce106ca2a9b4cc626d7df03fbd6f|
C:\WINDOWS\system32\WinTrust.dll, MID = 76c30000, ("c:\windows\system32\wintrust.dll") File version = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 176640, File modification date = 04/08/2004 07:56, File description = Microsoft Trust Verification APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.131.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1999501123|0xb015a20c60d2a751777a9c8207a7ba82|
C:\WINDOWS\system32\IMAGEHLP.dll, MID = 76c90000, ("c:\windows\system32\imagehlp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 144384, File modification date = 04/08/2004 07:56, File description = Windows NT Image Helper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1900703932|0x5afce94e8286b2f57a04da37f01bf21a|
C:\WINDOWS\system32\rsaenh.dll, MID = ffd0000, ("c:\windows\system32\rsaenh.dll") File version = 5.1.2600.2161 (xpsp.040706-1629), File size = 152576, File modification date = 04/08/2004 05:31, File description = Microsoft Enhanced Cryptographic Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2161, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1510428990|0x26acbd865f8cff730f1791c4d0854352|
C:\WINDOWS\system32\uxtheme.dll, MID = 5ad70000, ("c:\windows\system32\uxtheme.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 218624, File modification date = 04/08/2004 07:56, File description = Microsoft UxTheme Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1521061666|0x2cde496666a975a2ce8f969f3042c8db|
C:\WINDOWS\system32\secur32.dll, MID = 77fe0000, ("c:\windows\system32\secur32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 55808, File modification date = 04/08/2004 07:56, File description = Security Support Provider Interface, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1513275479|0x81459cb8e975003ad28b8abb8dfa8329|
C:\WINDOWS\system32\netapi32.dll, MID = 5b860000, ("c:\windows\system32\netapi32.dll") File version = 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), File size = 332288, File modification date = 17/08/2006 12:28, File description = Net Win32 API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2976, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |640979505|0x35a4c61b5a9ae04e73843fb21f9a1137|
C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll, MID = 6b770000, ("c:\program files\common files\symantec shared\ccvrtrst.dll") File version = 106.1.0.17, File size = 128616, File modification date = 14/10/2006 04:44, File description = Symantec Trust Validation Engine, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |1494585096|0x93a994b0d92a26b31aa1a8016b0004ca|
C:\WINDOWS\system32\SETUPAPI.dll, MID = 77920000, ("c:\windows\system32\setupapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 983552, File modification date = 04/08/2004 07:56, File description = Windows Setup API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |598744909|0x7808313cbc634ee08346d5ddfef1cc5f|
C:\WINDOWS\system32\WSOCK32.dll, MID = 71ad0000, ("c:\windows\system32\wsock32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 22528, File modification date = 04/08/2004 07:56, File description = Windows Socket 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1850821242|0x53af9f2b2ce4b6eff41c70417359d010|
C:\Program Files\Common Files\Symantec Shared\ccSvc.dll, MID = 6b4f0000, ("c:\program files\common files\symantec shared\ccsvc.dll") File version = 106.1.0.17, File size = 296552, File modification date = 14/10/2006 04:44, File description = Symantec ccService Engine, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |1853844957|0x3dce6109ce5ca8524e0b8a0aecd422b1|
C:\Program Files\Common Files\Symantec Shared\ccSet.dll, MID = 6b470000, ("c:\program files\common files\symantec shared\ccset.dll") File version = 106.1.0.17, File size = 145000, File modification date = 14/10/2006 04:44, File description = Symantec Settings Manager Engine, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |922419611|0x279c459873b13f88fa0c358802420c2f|
C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETPLG.DLL, MID = 6b4b0000, ("c:\program files\common files\symantec shared\ccsetplg.dll") File version = 106.1.0.17, File size = 210536, File modification date = 14/10/2006 04:44, File description = Symantec Settings Manager Service, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |-1868257899|0xb32932eafa6b220852115f69170dbc6f|
C:\PROGRA~1\COMMON~1\SYMANT~1\SNDSVC.DLL, MID = 6f640000, ("c:\program files\common files\symantec shared\sndsvc.dll") File version = 7.1.0.17, File size = 214160, File modification date = 13/10/2006 04:01, File description = Symantec Network Service Plugin, Product Name = Symantec Security Drivers, Product version = 7.1, Company name = Symantec Corporation (Copyright 2002 - 2006 Symantec Corporation) |-226917182|0x7f1c83262a38bd7eaad65d00e59dfbaf|
C:\WINDOWS\system32\iphlpapi.dll, MID = 76d60000, ("c:\windows\system32\iphlpapi.dll") File version = 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), File size = 94720, File modification date = 19/05/2006 12:59, File description = IP Helper API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2912, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |858262452|0x011eacf9153ef90e6cbce2987acae411|
C:\WINDOWS\system32\SHELL32.dll, MID = 7c9c0000, ("c:\windows\system32\shell32.dll") File version = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245), File size = 8460288, File modification date = 26/10/2007 03:34, File description = Windows Shell Common Dll, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3241, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1265059713|0x3be4c2e84d99889685fe2b68e5fa2a9d|
C:\Program Files\Common Files\Symantec Shared\ccL60.dll, MID = 6aa00000, ("c:\program files\common files\symantec shared\ccl60.dll") File version = 106.1.0.17, File size = 423016, File modification date = 14/10/2006 04:55, File description = Symantec Library, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |-1770514684|0x4692ed4cbc710cb0351b378525307bfe|
C:\WINDOWS\system32\RASAPI32.DLL, MID = 76ee0000, ("c:\windows\system32\rasapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 236544, File modification date = 04/08/2004 07:56, File description = Remote Access API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1254576566|0xcd1f7ed9842138beadf9ecbf37818bef|
C:\WINDOWS\system32\rasman.dll, MID = 76e90000, ("c:\windows\system32\rasman.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 61440, File modification date = 04/08/2004 07:56, File description = Remote Access Connection Manager, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2077112344|0x30e244a707e6ce0a4b099cd6384ec6ca|
C:\WINDOWS\system32\TAPI32.dll, MID = 76eb0000, ("c:\windows\system32\tapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 181760, File modification date = 04/08/2004 07:56, File description = Microsoft® Windows(TM) Telephony API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1409471214|0x6307a1b82f6ca87d7e0cdf49e6e7bc00|
C:\WINDOWS\system32\rtutils.dll, MID = 76e80000, ("c:\windows\system32\rtutils.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 44032, File modification date = 04/08/2004 07:56, File description = Routing Utilities, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1152776202|0x2030fa027e7c3e0a145649c03171457b|
C:\WINDOWS\system32\WINMM.dll, MID = 76b40000, ("c:\windows\system32\winmm.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 176128, File modification date = 04/08/2004 07:56, File description = MCI API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |305547002|0x90fdaa22f38d9e911f91fa3b8a1f7e5d|
C:\WINDOWS\system32\mswsock.dll, MID = 71a50000, ("c:\windows\system32\mswsock.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 245248, File modification date = 04/08/2004 07:56, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-500132976|0x4e74af063c3271fbea20dd940cfd1184|
C:\WINDOWS\system32\hnetcfg.dll, MID = 662b0000, ("c:\windows\system32\hnetcfg.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 344064, File modification date = 04/08/2004 07:56, File description = Home Networking Configuration Manager, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1827756751|0x765b30c776a1780b46b479fe614f707c|
C:\WINDOWS\System32\wshtcpip.dll, MID = 71a90000, ("c:\windows\system32\wshtcpip.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Sockets Helper DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1198735131|0xa7f95a53ee055115df03588997a47d4d|
C:\WINDOWS\system32\netman.dll, MID = 77d00000, ("c:\windows\system32\netman.dll") File version = 5.1.2600.2743 (xpsp_sp2_gdr.050819-1525), File size = 197632, File modification date = 22/08/2005 18:29, File description = Network Connections Manager, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2743, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1232749318|0x36739b39267914ba69ad0610a0299732|
C:\WINDOWS\system32\MPRAPI.dll, MID = 76d40000, ("c:\windows\system32\mprapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 87040, File modification date = 04/08/2004 07:56, File description = Windows NT MP Router Administration DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-773549397|0x9f78f329b1858e845087b923b4dba0f3|
C:\WINDOWS\system32\ACTIVEDS.dll, MID = 77cc0000, ("c:\windows\system32\activeds.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 194048, File modification date = 04/08/2004 07:56, File description = ADs Router Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1367841023|0x875d770f477e0ae0088be1810d537b23|
C:\WINDOWS\system32\adsldpc.dll, MID = 76e10000, ("c:\windows\system32\adsldpc.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 143360, File modification date = 04/08/2004 07:56, File description = ADs LDAP Provider C DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-407021944|0x12a581ca44e53b09d24c5b94f252c78d|
C:\WINDOWS\system32\WLDAP32.dll, MID = 76f60000, ("c:\windows\system32\wldap32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 172032, File modification date = 04/08/2004 07:56, File description = Win32 LDAP API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1605268905|0x10f36fa092d7a309a0647fcdc764ae6c|
C:\WINDOWS\system32\ATL.DLL, MID = 76b20000, ("c:\windows\system32\atl.dll") File version = 3.05.2284, File size = 58880, File modification date = 04/08/2004 07:56, File description = ATL Module for Windows XP (Unicode), Product Name = Microsoft (R) Visual C++, Product version = 6.05.2284, Company name = Microsoft Corporation (Copyright © Microsoft Corp.) |-391632475|0x2d40edb9bf811590dad7406dec67b926|
C:\WINDOWS\system32\SAMLIB.dll, MID = 71bf0000, ("c:\windows\system32\samlib.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 64000, File modification date = 04/08/2004 07:56, File description = SAM Library DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1039413179|0xebe12f403fde45e7312e7bf764bfb6c6|
C:\WINDOWS\system32\netshell.dll, MID = 76400000, ("c:\windows\system32\netshell.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 1708032, File modification date = 04/08/2004 07:56, File description = Network Connections Shell, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1386605063|0xbf52a4d4eb4cfb3109667e429b93e21a|
C:\WINDOWS\system32\credui.dll, MID = 76c00000, ("c:\windows\system32\credui.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 163840, File modification date = 04/08/2004 07:56, File description = Credential Manager User Interface, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1059992429|0x1ecb753d7ceec8f5a94c9781ca64ec44|
C:\WINDOWS\system32\WININET.dll, MID = 42c10000, ("c:\windows\system32\wininet.dll") File version = 7.00.6000.16640 (vista_gdr.080213-1606), File size = 826368, File modification date = 01/03/2008 13:06, File description = Internet Extensions for Win32, Product Name = Windows® Internet Explorer, Product version = 7.00.6000.16640, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1720921237|0xad21461aef8244edec2ef18e55e1dcf3|
C:\WINDOWS\system32\Normaliz.dll, MID = b40000, ("c:\windows\system32\normaliz.dll") File version = 6.0.5441.0 (winmain(wmbla).060628-1735), File size = 23552, File modification date = 29/06/2006 16:05, File description = Unicode Normalization DLL, Product Name = Microsoft® Windows® Operating System, Product version = 6.0.5441.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-2140978042|0x10753a3adc3e39a3b10cc3f08e98e6b4|
C:\WINDOWS\system32\iertutil.dll, MID = 42990000, ("c:\windows\system32\iertutil.dll") File version = 7.00.6000.16640 (vista_gdr.080213-1606), File size = 267776, File modification date = 01/03/2008 13:06, File description = Run time utility for Internet Explorer, Product Name = Windows® Internet Explorer, Product version = 7.00.6000.16640, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1890308121|0x4926de4ab9c86e8b295e7e6797b97782|
C:\WINDOWS\system32\WZCSAPI.DLL, MID = 73030000, ("c:\windows\system32\wzcsapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 51712, File modification date = 04/08/2004 07:56, File description = Wireless Zero Configuration service API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-401053696|0x9a9bbc71d0ebcd400a33abcd5f0ab39c|
C:\WINDOWS\system32\WZCSvc.DLL, MID = 77620000, ("c:\windows\system32\wzcsvc.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 359936, File modification date = 04/08/2004 07:56, File description = Wireless Zero Configuration Service, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |938831974|0x5a91e6feab9f901302fa7ff768c0120f|
C:\WINDOWS\system32\WMI.dll, MID = 76d30000, ("c:\windows\system32\wmi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 5632, File modification date = 04/08/2004 07:56, File description = WMI DC and DP functionality, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-951655164|0xe682696d7f982494a8cfc80c5b59d422|
C:\WINDOWS\system32\DHCPCSVC.DLL, MID = 76d80000, ("c:\windows\system32\dhcpcsvc.dll") File version = 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), File size = 111616, File modification date = 19/05/2006 12:59, File description = DHCP Client Service, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2912, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-631723705|0xef545e1a4b043da4c84e230dd471c55f|
C:\WINDOWS\system32\DNSAPI.dll, MID = 76f20000, ("c:\windows\system32\dnsapi.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 148992, File modification date = 20/02/2008 05:32, File description = DNS Client API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-373327215|0x4ff71085babae623f3fee11e1f86d9cd|
C:\WINDOWS\system32\WTSAPI32.dll, MID = 76f50000, ("c:\windows\system32\wtsapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18432, File modification date = 04/08/2004 07:56, File description = Windows Terminal Server SDK APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-593757918|0x67f2d109ab373feceb819f420db11f03|
C:\WINDOWS\system32\WINSTA.dll, MID = 76360000, ("c:\windows\system32\winsta.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 53760, File modification date = 04/08/2004 07:56, File description = Winstation Library, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1778901481|0x7bc4ba4c33adf3ef5cd370d99bc60b04|
C:\WINDOWS\system32\ESENT.dll, MID = 606b0000, ("c:\windows\system32\esent.dll") File version = 5.1.2600.2780 (xpsp_sp2_gdr.051019-1518), File size = 1082368, File modification date = 20/10/2005 22:20, File description = Server Database Storage Engine, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2780, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1261604804|0x50de118da580208b914b40dd47c90d52|
C:\PROGRA~1\COMMON~1\SYMANT~1\CCEVTPLG.DLL, MID = 6ae10000, ("c:\program files\common files\symantec shared\ccevtplg.dll") File version = 106.1.0.17, File size = 267368, File modification date = 14/10/2006 04:44, File description = Symantec Event Manager Service, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |-869997173|0x35e9e52b4e31adc8073f6a5ffac59c18|
C:\Program Files\Common Files\Symantec Shared\ccEvtCli.dll, MID = 6ad60000, ("c:\program files\common files\symantec shared\ccevtcli.dll") File version = 106.1.0.17, File size = 206440, File modification date = 14/10/2006 04:44, File description = Symantec Event Manager Client Side Interface, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |-1341575089|0x57b5e9f9e601d03ac9824ddc8e4876f8|
C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEVT.DLL, MID = 69500000, ("c:\program files\common files\symantec shared\spbbc\spbbcevt.dll") File version = 3.1.0.17, File size = 1537624, File modification date = 14/10/2006 04:38, File description = SPBBC Events, Product Name = SPBBC, Product version = 3.1.0.17, Company name = Symantec Corporation (Copyright (c) 2004, 2005 Symantec Corporation. All rights reserved.) |-1042221886|0x144c5798b97d261c2517534f69b9f903|
C:\WINDOWS\system32\CLBCATQ.DLL, MID = 76fd0000, ("c:\windows\system32\clbcatq.dll") File version = 2001.12.4414.308, File size = 498688, File modification date = 26/07/2005 04:39, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |-1645411569|0xec8a848fc4f17f3b3d9da4a0c43fb930|
C:\WINDOWS\system32\COMRes.dll, MID = 77050000, ("c:\windows\system32\comres.dll") File version = 2001.12.4414.258, File size = 792064, File modification date = 04/08/2004 07:56, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |1511175330|0x6728270cb7dbb776ed086f5ac4c82310|
C:\WINDOWS\system32\msi.dll, MID = 7d1e0000, ("c:\windows\system32\msi.dll") File version = 3.1.4000.4039, File size = 2854400, File modification date = 18/04/2007 16:12, File description = Windows Installer, Product Name = Windows Installer - Unicode, Product version = 3.1.4000.4039, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |362880996|0x892f4bc54d486feb4df03e4e2ecb14e0|
C:\PROGRA~1\COMMON~1\SYMANT~1\SRTSP\SRTSP32.DLL, MID = 6f9d0000, ("c:\program files\common files\symantec shared\srtsp\srtsp32.dll") File version = 10.1.0.13, File size = 743032, File modification date = 12/10/2006 04:29, File description = Symantec AutoProtect, Product Name = AutoProtect, Product version = 10.1, Company name = Symantec Corporation (Copyright (c) 2006 Symantec Corporation) |-196204172|0xc12b45771a8b2824c3079b628eec2fb6|
C:\Program Files\Common Files\Symantec Shared\ccProSub.dll, MID = 6b300000, ("c:\program files\common files\symantec shared\ccprosub.dll") File version = 106.1.0.17, File size = 63080, File modification date = 14/10/2006 04:44, File description = Symantec Proxy Factory, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |1315369879|0x139cbd03e8cffdb9d2595f4dd385fb6b|
C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL, MID = 6b4a0000, ("c:\program files\common files\symantec shared\ccsetevt.dll") File version = 106.1.0.17, File size = 71272, File modification date = 14/10/2006 04:44, File description = Symantec Settings Manager Event Factory, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |-334570153|0xd94505b0e7911d40133e544f7736efff|
C:\WINDOWS\system32\ATL71.DLL, MID = 7c120000, ("c:\windows\system32\atl71.dll") File version = 7.10.3077.0, File size = 89088, File modification date = 19/03/2003 02:05, File description = ATL Module for Windows (Unicode), Product Name = Microsoft® Visual Studio .NET, Product version = 7.10.3077.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-2076175466|0x8f2097e8b174f38178570c611464935f|
C:\Program Files\Common Files\Symantec Shared\SPBBC\bbRGen.dll, MID = 69680000, ("c:\program files\common files\symantec shared\spbbc\bbrgen.dll") File version = 3.1.0.17, File size = 456280, File modification date = 14/10/2006 04:38, File description = Rule Preprocessor, Product Name = SPBBC, Product version = 3.1.0.17, Company name = Symantec Corporation (Copyright (c) 2004, 2005 Symantec Corporation. All rights reserved.) |-985248446|0x68dc918886eade94cfb9cea381858030|

PROCESS spoolsv, PID = 1868, USER = NT AUTHORITY\SYSTEM (Group - BUILTIN\Administrators, Everyone, NT AUTHORITY\Authenticated Users), Command Line = C:\WINDOWS\system32\spoolsv.exe
"c:\windows\system32\spoolsv.exe" File version = 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519), File size = 57856, File modification date = 10/06/2005 23:53, File description = Spooler SubSystem App, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2696, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1443528303|0xda81ec57acd4cdc3d4c51cf3d409af9f|
C:\WINDOWS\system32\spoolsv.exe, MID = 1000000, ("c:\windows\system32\spoolsv.exe") File version = 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519), File size = 57856, File modification date = 10/06/2005 23:53, File description = Spooler SubSystem App, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2696, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1443528303|0xda81ec57acd4cdc3d4c51cf3d409af9f|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|
C:\WINDOWS\system32\kernel32.dll, MID = 7c800000, ("c:\windows\system32\kernel32.dll") File version = 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301), File size = 984576, File modification date = 16/04/2007 15:52, File description = Windows NT BASE API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3119, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751812395|0xa01f9ca902a88f7ced06884174d6419d|
C:\WINDOWS\system32\ADVAPI32.dll, MID = 77dd0000, ("c:\windows\system32\advapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 616960, File modification date = 04/08/2004 07:56, File description = Advanced Windows 32 Base API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1585065738|0x1aff244ca134956c54474f4e2433e4ce|
C:\WINDOWS\system32\RPCRT4.dll, MID = 77e70000, ("c:\windows\system32\rpcrt4.dll") File version = 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052), File size = 582656, File modification date = 09/07/2007 13:16, File description = Remote Procedure Call Runtime, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3173, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |862413953|0xec9d7fd24172c1879e7673f654e55cec|
C:\WINDOWS\system32\GDI32.dll, MID = 77f10000, ("c:\windows\system32\gdi32.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 282624, File modification date = 20/02/2008 06:51, File description = GDI Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |404757280|0x011fc443e31e3d51b238564bc499b9b1|
C:\WINDOWS\system32\USER32.dll, MID = 7e410000, ("c:\windows\system32\user32.dll") File version = 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), File size = 577536, File modification date = 08/03/2007 15:36, File description = Windows XP USER API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3099, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-550357050|0xb409909f6e2e8a7067076ed748abf1e7|
C:\WINDOWS\system32\msvcrt.dll, MID = 77c10000, ("c:\windows\system32\msvcrt.dll") File version = 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 343040, File modification date = 04/08/2004 07:56, File description = Windows NT CRT DLL, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1385742533|0xb0fefa816d61ec66aa765ddf534eab5e|
C:\WINDOWS\system32\ShimEng.dll, MID = 5cb70000, ("c:\windows\system32\shimeng.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 65536, File modification date = 04/08/2004 07:56, File description = Shim Engine DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1268187735|0x43da983415ea533f9e667fdb415f4655|
C:\WINDOWS\AppPatch\AcGenral.DLL, MID = 6f880000, ("c:\windows\apppatch\acgenral.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 1852416, File modification date = 04/08/2004 07:56, File description = Windows Compatibility DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1968887141|0xfb537f29a827d78f756154cf397a113f|
C:\WINDOWS\system32\WINMM.dll, MID = 76b40000, ("c:\windows\system32\winmm.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 176128, File modification date = 04/08/2004 07:56, File description = MCI API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |305547002|0x90fdaa22f38d9e911f91fa3b8a1f7e5d|
C:\WINDOWS\system32\ole32.dll, MID = 774e0000, ("c:\windows\system32\ole32.dll") File version = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), File size = 1285120, File modification date = 26/07/2005 04:39, File description = Microsoft OLE for Windows, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2726, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1389208961|0xab8231d13692ac5088eb9c226b0c0576|
C:\WINDOWS\system32\OLEAUT32.dll, MID = 77120000, ("c:\windows\system32\oleaut32.dll") File version = 5.1.2600.3266, File size = 550912, File modification date = 04/12/2007 18:38, File description = (null), Product Name = (null), Product version = 5.1.2600.3266, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-2001.) |409301632|0x0144abc4c4a624b583d432ee478a711c|
C:\WINDOWS\system32\MSACM32.dll, MID = 77be0000, ("c:\windows\system32\msacm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 71680, File modification date = 04/08/2004 07:56, File description = Microsoft ACM Audio Filter, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1780582686|0x975d12353b1d525c0f3444c447fb3b9a|
C:\WINDOWS\system32\VERSION.dll, MID = 77c00000, ("c:\windows\system32\version.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18944, File modification date = 04/08/2004 07:56, File description = Version Checking and File Installation Libraries, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-807126597|0xd38408967be738d0c1b47005bce8ceeb|
C:\WINDOWS\system32\SHELL32.dll, MID = 7c9c0000, ("c:\windows\system32\shell32.dll") File version = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245), File size = 8460288, File modification date = 26/10/2007 03:34, File description = Windows Shell Common Dll, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3241, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1265059713|0x3be4c2e84d99889685fe2b68e5fa2a9d|
C:\WINDOWS\system32\SHLWAPI.dll, MID = 77f60000, ("c:\windows\system32\shlwapi.dll") File version = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040), File size = 474112, File modification date = 04/01/2007 14:05, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3059, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |360429776|0x7ffe0d795f7138a5487fc90a8ec121e1|
C:\WINDOWS\system32\USERENV.dll, MID = 769c0000, ("c:\windows\system32\userenv.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 723456, File modification date = 04/08/2004 07:56, File description = Userenv, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-59535776|0x2b9b56a89a8a42e917511972a6db36e3|
C:\WINDOWS\system32\UxTheme.dll, MID = 5ad70000, ("c:\windows\system32\uxtheme.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 218624, File modification date = 04/08/2004 07:56, File description = Microsoft UxTheme Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1521061666|0x2cde496666a975a2ce8f969f3042c8db|
C:\WINDOWS\system32\IMM32.DLL, MID = 76390000, ("c:\windows\system32\imm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 110080, File modification date = 04/08/2004 07:56, File description = Windows XP IMM32 API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-43671331|0x87ca7ce6469577f059297b9d6556d66d|
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll, MID = 773d0000, ("c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll") File version = 6.0 (xpsp.060825-0040), File size = 1054208, File modification date = 25/08/2006 15:45, File description = User Experience Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1490442124|0xc4e80875c1cf1222fc5efd0314ae5c01|
C:\WINDOWS\system32\comctl32.dll, MID = 5d090000, ("c:\windows\system32\comctl32.dll") File version = 5.82 (xpsp.060825-0040), File size = 617472, File modification date = 25/08/2006 15:45, File description = Common Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |590308980|0xb0124cb21d28b1c9f678b566b6b57d92|
C:\WINDOWS\system32\SPOOLSS.DLL, MID = 742e0000, ("c:\windows\system32\spoolss.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 74752, File modification date = 04/08/2004 07:56, File description = Spooler SubSystem DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |659700329|0x87b85bc1e1f6e0228876204a20a9c24c|
C:\WINDOWS\system32\WS2_32.dll, MID = 71ab0000, ("c:\windows\system32\ws2_32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 82944, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1757885354|0x2ed0b7f12a60f90092081c50fa0ec2b2|
C:\WINDOWS\system32\WS2HELP.dll, MID = 71aa0000, ("c:\windows\system32\ws2help.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-170042698|0x9beacb911ca61e5881102188ab7fb431|
C:\WINDOWS\system32\DNSAPI.dll, MID = 76f20000, ("c:\windows\system32\dnsapi.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 148992, File modification date = 20/02/2008 05:32, File description = DNS Client API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-373327215|0x4ff71085babae623f3fee11e1f86d9cd|
C:\WINDOWS\system32\rasadhlp.dll, MID = 76fc0000, ("c:\windows\system32\rasadhlp.dll") File version = 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020), File size = 8192, File modification date = 26/06/2006 17:37, File description = Remote Access AutoDial Helper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2938, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-27266821|0x5f098bd2ae6b03044b085decffdf91ec|
C:\WINDOWS\system32\localspl.dll, MID = 75bb0000, ("c:\windows\system32\localspl.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 341504, File modification date = 04/08/2004 07:56, File description = Local Spooler DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-498909370|0x71d3d970127d939a4bb062b5040b6eba|
C:\WINDOWS\system32\Secur32.dll, MID = 77fe0000, ("c:\windows\system32\secur32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 55808, File modification date = 04/08/2004 07:56, File description = Security Support Provider Interface, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1513275479|0x81459cb8e975003ad28b8abb8dfa8329|
C:\WINDOWS\system32\sfc_os.dll, MID = 76c60000, ("c:\windows\system32\sfc_os.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 140288, File modification date = 04/08/2004 07:56, File description = Windows File Protection, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |988450403|0x9858cc4d73a4ccf2f852fae07c11a0b5|
C:\WINDOWS\system32\WINTRUST.dll, MID = 76c30000, ("c:\windows\system32\wintrust.dll") File version = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 176640, File modification date = 04/08/2004 07:56, File description = Microsoft Trust Verification APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.131.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1999501123|0xb015a20c60d2a751777a9c8207a7ba82|
C:\WINDOWS\system32\CRYPT32.dll, MID = 77a80000, ("c:\windows\system32\crypt32.dll") File version = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 597504, File modification date = 04/08/2004 07:56, File description = Crypto API32, Product Name = Microsoft® Windows® Operating System, Product version = 5.131.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1759588438|0xefc958396a7a7ef7e6d4a52b97512e18|
C:\WINDOWS\system32\MSASN1.dll, MID = 77b20000, ("c:\windows\system32\msasn1.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 57344, File modification date = 04/08/2004 07:56, File description = ASN.1 Runtime APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-720210377|0x3cd1ce106ca2a9b4cc626d7df03fbd6f|
C:\WINDOWS\system32\IMAGEHLP.dll, MID = 76c90000, ("c:\windows\system32\imagehlp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 144384, File modification date = 04/08/2004 07:56, File description = Windows NT Image Helper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1900703932|0x5afce94e8286b2f57a04da37f01bf21a|
C:\WINDOWS\system32\winspool.drv, MID = 73000000, ("c:\windows\system32\winspool.drv") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 146432, File modification date = 04/08/2004 07:56, File description = Windows Spooler Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |511192227|0x777eb29d0135d81ad9828a2b05443496|
C:\WINDOWS\system32\netapi32.dll, MID = 5b860000, ("c:\windows\system32\netapi32.dll") File version = 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), File size = 332288, File modification date = 17/08/2006 12:28, File description = Net Win32 API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2976, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |640979505|0x35a4c61b5a9ae04e73843fb21f9a1137|
C:\WINDOWS\system32\cnbjmon.dll, MID = 742a0000, ("c:\windows\system32\cnbjmon.dll") File version = 5.1.2600.2082 (xpsp(skatari).040213-0952), File size = 47104, File modification date = 04/08/2004 07:56, File description = Langage Monitor for Canon Bubble-Jet Printer, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2082, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1793216002|0x7105749e78925fdffd078dd54a8c2b70|
C:\WINDOWS\system32\hpzlnt09.dll, MID = 10000000, ("c:\windows\system32\hpzlnt09.dll") File version = 2.236.1.0, File size = 147512, File modification date = 11/08/2003 08:07, File description = , Product Name = HP DeskJet, Product version = 2.236.1.0, Company name = HP (Copyright (c) Hewlett-Packard Company 1999-2003) |-1940855270|0xc961e52188d0abbe018e0b4a9c97eb73|
C:\WINDOWS\system32\mdimon.dll, MID = d10000, ("c:\windows\system32\mdimon.dll") File version = 11.3.1897.0, File size = 17920, File modification date = 19/06/2003 00:31, File description = Microsoft® Document Imaging, Product Name = Microsoft Office Document Imaging, Product version = 11.3.1897.0, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 2001-2003) |-2083428410|0xcf0376023360aadd55c89ba50564afdc|
C:\WINDOWS\system32\msi.dll, MID = 7d1e0000, ("c:\windows\system32\msi.dll") File version = 3.1.4000.4039, File size = 2854400, File modification date = 18/04/2007 16:12, File description = Windows Installer, Product Name = Windows Installer - Unicode, Product version = 3.1.4000.4039, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |362880996|0x892f4bc54d486feb4df03e4e2ecb14e0|
C:\WINDOWS\system32\pjlmon.dll, MID = 74280000, ("c:\windows\system32\pjlmon.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 15360, File modification date = 04/08/2004 07:56, File description = PJL Language monitor, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-324975081|0xc44bc10ba73575c91ff50cdaf4d8e370|
C:\WINDOWS\system32\tcpmon.dll, MID = 72400000, ("c:\windows\system32\tcpmon.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 45568, File modification date = 04/08/2004 07:56, File description = Standard TCP/IP Port Monitor DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1646584842|0xa3f853629f7f2537157ea6ea9857ea56|
C:\WINDOWS\system32\usbmon.dll, MID = 723f0000, ("c:\windows\system32\usbmon.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 16896, File modification date = 04/08/2004 07:56, File description = Standard Dynamic Printing Port Monitor DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-371775716|0x242d07d7fc72ad897944bff932d57c3c|
C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll, MID = d60000, ("c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll") File version = 11.3.1897.0, File size = 18944, File modification date = 19/06/2003 00:31, File description = Microsoft® Document Imaging, Product Name = Microsoft Office Document Imaging, Product version = 11.3.1897.0, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 2001-2003) |-1464179435|0x58e13a2292839321d3cdc918d5a4f5ae|
C:\WINDOWS\System32\mswsock.dll, MID = 71a50000, ("c:\windows\system32\mswsock.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 245248, File modification date = 04/08/2004 07:56, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-500132976|0x4e74af063c3271fbea20dd940cfd1184|
C:\WINDOWS\System32\winrnr.dll, MID = 76fb0000, ("c:\windows\system32\winrnr.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 16896, File modification date = 04/08/2004 07:56, File description = LDAP RnR Provider DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-199904513|0x2c8fdb176f22629ea5342db474fac391|
C:\WINDOWS\system32\WLDAP32.dll, MID = 76f60000, ("c:\windows\system32\wldap32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 172032, File modification date = 04/08/2004 07:56, File description = Win32 LDAP API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1605268905|0x10f36fa092d7a309a0647fcdc764ae6c|
C:\WINDOWS\system32\win32spl.dll, MID = 75c10000, ("c:\windows\system32\win32spl.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 101888, File modification date = 04/08/2004 07:56, File description = 32-bit Spooler API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-477995715|0xa1c10f87248529173f39f4b4734df14b|
C:\WINDOWS\system32\NETRAP.dll, MID = 71c80000, ("c:\windows\system32\netrap.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 12288, File modification date = 04/08/2004 07:56, File description = Net Remote Admin Protocol DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |405208238|0x84a5644ae4731202a4a02e6342d29ba6|
C:\WINDOWS\system32\NTDSAPI.dll, MID = 767a0000, ("c:\windows\system32\ntdsapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 67072, File modification date = 04/08/2004 07:56, File description = NT5DS, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-639436442|0x6201bacf384292a5fe94ce73364ae53a|
C:\WINDOWS\system32\CLBCATQ.DLL, MID = 76fd0000, ("c:\windows\system32\clbcatq.dll") File version = 2001.12.4414.308, File size = 498688, File modification date = 26/07/2005 04:39, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |-1645411569|0xec8a848fc4f17f3b3d9da4a0c43fb930|
C:\WINDOWS\system32\COMRes.dll, MID = 77050000, ("c:\windows\system32\comres.dll") File version = 2001.12.4414.258, File size = 792064, File modification date = 04/08/2004 07:56, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |1511175330|0x6728270cb7dbb776ed086f5ac4c82310|
C:\WINDOWS\system32\inetpp.dll, MID = 74300000, ("c:\windows\system32\inetpp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 75264, File modification date = 04/08/2004 07:56, File description = Internet Print Provider DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1456061940|0xf14a6bd840e4d7cd4c0535cb3cef2887|
C:\WINDOWS\system32\xpsp2res.dll, MID = 20000000, ("c:\windows\system32\xpsp2res.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 2897920, File modification date = 04/08/2004 07:56, File description = Service Pack 2 Messages, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |649549229|0x1320aea7057a26a671d9548cc7bebda5|

PROCESS explorer, PID = 2000, USER = PEARLY\David (Group - PEARLY\None, Everyone, BUILTIN\Administrators, BUILTIN\Users, NT AUTHORITY\INTERACTIVE, NT AUTHORITY\Authenticated Users, LOCAL), Command Line = C:\WINDOWS\Explorer.EXE
"c:\windows\explorer.exe" File version = 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234), File size = 1033216, File modification date = 13/06/2007 10:23, File description = Windows Explorer, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3156, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |242902971|0x97bd6515465659ff8f3b7be375b2ea87|
C:\WINDOWS\Explorer.EXE, MID = 1000000, ("c:\windows\explorer.exe") File version = 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234), File size = 1033216, File modification date = 13/06/2007 10:23, File description = Windows Explorer, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3156, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |242902971|0x97bd6515465659ff8f3b7be375b2ea87|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|
C:\WINDOWS\system32\kernel32.dll, MID = 7c800000, ("c:\windows\system32\kernel32.dll") File version = 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301), File size = 984576, File modification date = 16/04/2007 15:52, File description = Windows NT BASE API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3119, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751812395|0xa01f9ca902a88f7ced06884174d6419d|
C:\WINDOWS\system32\ADVAPI32.dll, MID = 77dd0000, ("c:\windows\system32\advapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 616960, File modification date = 04/08/2004 07:56, File description = Advanced Windows 32 Base API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1585065738|0x1aff244ca134956c54474f4e2433e4ce|
C:\WINDOWS\system32\RPCRT4.dll, MID = 77e70000, ("c:\windows\system32\rpcrt4.dll") File version = 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052), File size = 582656, File modification date = 09/07/2007 13:16, File description = Remote Procedure Call Runtime, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3173, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |862413953|0xec9d7fd24172c1879e7673f654e55cec|
C:\WINDOWS\system32\BROWSEUI.dll, MID = 75f80000, ("c:\windows\system32\browseui.dll") File version = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040), File size = 1022976, File modification date = 04/01/2007 14:05, File description = Shell Browser UI Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3059, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |299555704|0x765faaf3eead18a47811ab23dbe4c095|
C:\WINDOWS\system32\GDI32.dll, MID = 77f10000, ("c:\windows\system32\gdi32.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 282624, File modification date = 20/02/2008 06:51, File description = GDI Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |404757280|0x011fc443e31e3d51b238564bc499b9b1|
C:\WINDOWS\system32\USER32.dll, MID = 7e410000, ("c:\windows\system32\user32.dll") File version = 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), File size = 577536, File modification date = 08/03/2007 15:36, File description = Windows XP USER API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3099, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-550357050|0xb409909f6e2e8a7067076ed748abf1e7|
C:\WINDOWS\system32\msvcrt.dll, MID = 77c10000, ("c:\windows\system32\msvcrt.dll") File version = 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 343040, File modification date = 04/08/2004 07:56, File description = Windows NT CRT DLL, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1385742533|0xb0fefa816d61ec66aa765ddf534eab5e|
C:\WINDOWS\system32\ole32.dll, MID = 774e0000, ("c:\windows\system32\ole32.dll") File version = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), File size = 1285120, File modification date = 26/07/2005 04:39, File description = Microsoft OLE for Windows, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2726, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1389208961|0xab8231d13692ac5088eb9c226b0c0576|
C:\WINDOWS\system32\SHLWAPI.dll, MID = 77f60000, ("c:\windows\system32\shlwapi.dll") File version = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040), File size = 474112, File modification date = 04/01/2007 14:05, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3059, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |360429776|0x7ffe0d795f7138a5487fc90a8ec121e1|
C:\WINDOWS\system32\OLEAUT32.dll, MID = 77120000, ("c:\windows\system32\oleaut32.dll") File version = 5.1.2600.3266, File size = 550912, File modification date = 04/12/2007 18:38, File description = (null), Product Name = (null), Product version = 5.1.2600.3266, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-2001.) |409301632|0x0144abc4c4a624b583d432ee478a711c|
C:\WINDOWS\system32\SHDOCVW.dll, MID = 7e290000, ("c:\windows\system32\shdocvw.dll") File version = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040), File size = 1498112, File modification date = 04/01/2007 14:05, File description = Shell Doc Object and Control Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3059, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1233039122|0x2039074b74116904fd2d46110c1dfe8b|
C:\WINDOWS\system32\CRYPT32.dll, MID = 77a80000, ("c:\windows\system32\crypt32.dll") File version = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 597504, File modification date = 04/08/2004 07:56, File description = Crypto API32, Product Name = Microsoft® Windows® Operating System, Product version = 5.131.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1759588438|0xefc958396a7a7ef7e6d4a52b97512e18|
C:\WINDOWS\system32\MSASN1.dll, MID = 77b20000, ("c:\windows\system32\msasn1.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 57344, File modification date = 04/08/2004 07:56, File description = ASN.1 Runtime APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-720210377|0x3cd1ce106ca2a9b4cc626d7df03fbd6f|
C:\WINDOWS\system32\CRYPTUI.dll, MID = 754d0000, ("c:\windows\system32\cryptui.dll") File version = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 512512, File modification date = 04/08/2004 07:56, File description = Microsoft Trust UI Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.131.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-766179891|0x4ac302bf714dc163e685d0a187a36d0f|
C:\WINDOWS\system32\WINTRUST.dll, MID = 76c30000, ("c:\windows\system32\wintrust.dll") File version = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 176640, File modification date = 04/08/2004 07:56, File description = Microsoft Trust Verification APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.131.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1999501123|0xb015a20c60d2a751777a9c8207a7ba82|
C:\WINDOWS\system32\IMAGEHLP.dll, MID = 76c90000, ("c:\windows\system32\imagehlp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 144384, File modification date = 04/08/2004 07:56, File description = Windows NT Image Helper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1900703932|0x5afce94e8286b2f57a04da37f01bf21a|
C:\WINDOWS\system32\NETAPI32.dll, MID = 5b860000, ("c:\windows\system32\netapi32.dll") File version = 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), File size = 332288, File modification date = 17/08/2006 12:28, File description = Net Win32 API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2976, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |640979505|0x35a4c61b5a9ae04e73843fb21f9a1137|
C:\WINDOWS\system32\WININET.dll, MID = 42c10000, ("c:\windows\system32\wininet.dll") File version = 7.00.6000.16640 (vista_gdr.080213-1606), File size = 826368, File modification date = 01/03/2008 13:06, File description = Internet Extensions for Win32, Product Name = Windows® Internet Explorer, Product version = 7.00.6000.16640, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1720921237|0xad21461aef8244edec2ef18e55e1dcf3|
C:\WINDOWS\system32\Normaliz.dll, MID = 400000, ("c:\windows\system32\normaliz.dll") File version = 6.0.5441.0 (winmain(wmbla).060628-1735), File size = 23552, File modification date = 29/06/2006 16:05, File description = Unicode Normalization DLL, Product Name = Microsoft® Windows® Operating System, Product version = 6.0.5441.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-2140978042|0x10753a3adc3e39a3b10cc3f08e98e6b4|
C:\WINDOWS\system32\iertutil.dll, MID = 42990000, ("c:\windows\system32\iertutil.dll") File version = 7.00.6000.16640 (vista_gdr.080213-1606), File size = 267776, File modification date = 01/03/2008 13:06, File description = Run time utility for Internet Explorer, Product Name = Windows® Internet Explorer, Product version = 7.00.6000.16640, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1890308121|0x4926de4ab9c86e8b295e7e6797b97782|
C:\WINDOWS\system32\WLDAP32.dll, MID = 76f60000, ("c:\windows\system32\wldap32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 172032, File modification date = 04/08/2004 07:56, File description = Win32 LDAP API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1605268905|0x10f36fa092d7a309a0647fcdc764ae6c|
C:\WINDOWS\system32\VERSION.dll, MID = 77c00000, ("c:\windows\system32\version.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18944, File modification date = 04/08/2004 07:56, File description = Version Checking and File Installation Libraries, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-807126597|0xd38408967be738d0c1b47005bce8ceeb|
C:\WINDOWS\system32\SHELL32.dll, MID = 7c9c0000, ("c:\windows\system32\shell32.dll") File version = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245), File size = 8460288, File modification date = 26/10/2007 03:34, File description = Windows Shell Common Dll, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3241, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1265059713|0x3be4c2e84d99889685fe2b68e5fa2a9d|
C:\WINDOWS\system32\UxTheme.dll, MID = 5ad70000, ("c:\windows\system32\uxtheme.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 218624, File modification date = 04/08/2004 07:56, File description = Microsoft UxTheme Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1521061666|0x2cde496666a975a2ce8f969f3042c8db|
C:\WINDOWS\system32\ShimEng.dll, MID = 5cb70000, ("c:\windows\system32\shimeng.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 65536, File modification date = 04/08/2004 07:56, File description = Shim Engine DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1268187735|0x43da983415ea533f9e667fdb415f4655|
C:\WINDOWS\AppPatch\AcGenral.DLL, MID = 6f880000, ("c:\windows\apppatch\acgenral.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 1852416, File modification date = 04/08/2004 07:56, File description = Windows Compatibility DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1968887141|0xfb537f29a827d78f756154cf397a113f|
C:\WINDOWS\system32\WINMM.dll, MID = 76b40000, ("c:\windows\system32\winmm.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 176128, File modification date = 04/08/2004 07:56, File description = MCI API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |305547002|0x90fdaa22f38d9e911f91fa3b8a1f7e5d|
C:\WINDOWS\system32\MSACM32.dll, MID = 77be0000, ("c:\windows\system32\msacm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 71680, File modification date = 04/08/2004 07:56, File description = Microsoft ACM Audio Filter, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1780582686|0x975d12353b1d525c0f3444c447fb3b9a|
C:\WINDOWS\system32\USERENV.dll, MID = 769c0000, ("c:\windows\system32\userenv.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 723456, File modification date = 04/08/2004 07:56, File description = Userenv, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-59535776|0x2b9b56a89a8a42e917511972a6db36e3|
C:\WINDOWS\system32\IMM32.DLL, MID = 76390000, ("c:\windows\system32\imm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 110080, File modification date = 04/08/2004 07:56, File description = Windows XP IMM32 API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-43671331|0x87ca7ce6469577f059297b9d6556d66d|
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll, MID = 773d0000, ("c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll") File version = 6.0 (xpsp.060825-0040), File size = 1054208, File modification date = 25/08/2006 15:45, File description = User Experience Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1490442124|0xc4e80875c1cf1222fc5efd0314ae5c01|
C:\WINDOWS\system32\comctl32.dll, MID = 5d090000, ("c:\windows\system32\comctl32.dll") File version = 5.82 (xpsp.060825-0040), File size = 617472, File modification date = 25/08/2006 15:45, File description = Common Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |590308980|0xb0124cb21d28b1c9f678b566b6b57d92|
C:\WINDOWS\system32\msctfime.ime, MID = 755c0000, ("c:\windows\system32\msctfime.ime") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 177152, File modification date = 04/08/2004 07:56, File description = Microsoft Text Frame Work Service IME, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1785802648|0xd87041eaa67eca4394f6d5d09c0c2885|
C:\WINDOWS\system32\appHelp.dll, MID = 77b40000, ("c:\windows\system32\apphelp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 126976, File modification date = 04/08/2004 07:56, File description = Application Compatibility Client Library, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1990618285|0xeca24ab73fcffa754d4070cdb03529e3|
C:\WINDOWS\system32\CLBCATQ.DLL, MID = 76fd0000, ("c:\windows\system32\clbcatq.dll") File version = 2001.12.4414.308, File size = 498688, File modification date = 26/07/2005 04:39, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |-1645411569|0xec8a848fc4f17f3b3d9da4a0c43fb930|
C:\WINDOWS\system32\COMRes.dll, MID = 77050000, ("c:\windows\system32\comres.dll") File version = 2001.12.4414.258, File size = 792064, File modification date = 04/08/2004 07:56, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |1511175330|0x6728270cb7dbb776ed086f5ac4c82310|
C:\WINDOWS\System32\cscui.dll, MID = 77a20000, ("c:\windows\system32\cscui.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 326656, File modification date = 04/08/2004 07:56, File description = Client Side Caching UI, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1505085259|0x51230212ae7f8159a90f06a7ea30dd8a|
C:\WINDOWS\System32\CSCDLL.dll, MID = 76600000, ("c:\windows\system32\cscdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 101888, File modification date = 04/08/2004 07:56, File description = Offline Network Agent, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-247978472|0x587729679b4fe04ce06a5c61d6c56dcd|
C:\WINDOWS\System32\themeui.dll, MID = 5ba60000, ("c:\windows\system32\themeui.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 385536, File modification date = 04/08/2004 07:56, File description = Windows Theme API, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2118249419|0xe6796d51ced309e46d29c0b787735615|
C:\WINDOWS\System32\Secur32.dll, MID = 77fe0000, ("c:\windows\system32\secur32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 55808, File modification date = 04/08/2004 07:56, File description = Security Support Provider Interface, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1513275479|0x81459cb8e975003ad28b8abb8dfa8329|
C:\WINDOWS\System32\MSIMG32.dll, MID = 76380000, ("c:\windows\system32\msimg32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 4608, File modification date = 04/08/2004 07:56, File description = GDIEXT Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1563741244|0xb5331f2b6f37c66c29c847f3b94ff900|
C:\WINDOWS\system32\xpsp2res.dll, MID = 20000000, ("c:\windows\system32\xpsp2res.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 2897920, File modification date = 04/08/2004 07:56, File description = Service Pack 2 Messages, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |649549229|0x1320aea7057a26a671d9548cc7bebda5|
C:\WINDOWS\system32\actxprxy.dll, MID = 71d40000, ("c:\windows\system32\actxprxy.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 101888, File modification date = 04/08/2004 07:56, File description = ActiveX Interface Marshaling Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1615437978|0x13510490bea0997db625daa0178cbfca|
C:\WINDOWS\system32\LINKINFO.dll, MID = 76980000, ("c:\windows\system32\linkinfo.dll") File version = 5.1.2600.2751 (xpsp_sp2_gdr.050831-1520), File size = 19968, File modification date = 01/09/2005 01:41, File description = Windows Volume Tracking, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2751, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-838685458|0xa1a688ee56cf3bbd24edeb815d48e9ba|
C:\WINDOWS\system32\ntshrui.dll, MID = 76990000, ("c:\windows\system32\ntshrui.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 143872, File modification date = 04/08/2004 07:56, File description = Shell extensions for sharing, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1618858951|0x385e9aec6e100dbebee5bd1f27a55e1d|
C:\WINDOWS\system32\ATL.DLL, MID = 76b20000, ("c:\windows\system32\atl.dll") File version = 3.05.2284, File size = 58880, File modification date = 04/08/2004 07:56, File description = ATL Module for Windows XP (Unicode), Product Name = Microsoft (R) Visual C++, Product version = 6.05.2284, Company name = Microsoft Corporation (Copyright © Microsoft Corp.) |-391632475|0x2d40edb9bf811590dad7406dec67b926|
C:\WINDOWS\system32\urlmon.dll, MID = 42cf0000, ("c:\windows\system32\urlmon.dll") File version = 7.00.6000.16640 (vista_gdr.080213-1606), File size = 1159680, File modification date = 01/03/2008 13:06, File description = OLE32 Extensions for Win32, Product Name = Windows® Internet Explorer, Product version = 7.00.6000.16640, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |488660913|0x2616f6a2eaf515fe7b95b29f77604e5b|
C:\WINDOWS\system32\ieframe.dll, MID = 42ef0000, ("c:\windows\system32\ieframe.dll") File version = 7.00.6000.16640 (vista_gdr.080213-1606), File size = 6066176, File modification date = 01/03/2008 13:06, File description = Internet Explorer, Product Name = Windows® Internet Explorer, Product version = 7.00.6000.16640, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1925263702|0x18e53441e472067344da71fa3298d841|
C:\WINDOWS\system32\PSAPI.DLL, MID = 76bf0000, ("c:\windows\system32\psapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 23040, File modification date = 04/08/2004 07:56, File description = Process Status Helper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1750840696|0x96e48c7eb9089d1dbf6f85ca11b264df|
C:\WINDOWS\system32\mshtml.dll, MID = 435d0000, ("c:\windows\system32\mshtml.dll") File version = 7.00.6000.16640 (vista_gdr.080213-1606), File size = 3591680, File modification date = 02/03/2008 01:36, File description = Microsoft (R) HTML Viewer, Product Name = Windows® Internet Explorer, Product version = 7.00.6000.16640, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1047900433|0xab2c88167d78d71d93558acecb24cc7a|
C:\WINDOWS\system32\msls31.dll, MID = 746c0000, ("c:\windows\system32\msls31.dll") File version = 3.10.349.0, File size = 156160, File modification date = 14/08/2007 02:54, File description = Microsoft Line Services library file, Product Name = Microsoft® Line Services, Product version = 3.10, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1996-1999) |-625197327|0x87b27e19dc5b4f8f3fef061a155977b9|
C:\WINDOWS\system32\ws2_32.dll, MID = 71ab0000, ("c:\windows\system32\ws2_32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 82944, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1757885354|0x2ed0b7f12a60f90092081c50fa0ec2b2|
C:\WINDOWS\system32\WS2HELP.dll, MID = 71aa0000, ("c:\windows\system32\ws2help.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-170042698|0x9beacb911ca61e5881102188ab7fb431|
C:\WINDOWS\system32\RASAPI32.dll, MID = 76ee0000, ("c:\windows\system32\rasapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 236544, File modification date = 04/08/2004 07:56, File description = Remote Access API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1254576566|0xcd1f7ed9842138beadf9ecbf37818bef|
C:\WINDOWS\system32\rasman.dll, MID = 76e90000, ("c:\windows\system32\rasman.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 61440, File modification date = 04/08/2004 07:56, File description = Remote Access Connection Manager, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2077112344|0x30e244a707e6ce0a4b099cd6384ec6ca|
C:\WINDOWS\system32\TAPI32.dll, MID = 76eb0000, ("c:\windows\system32\tapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 181760, File modification date = 04/08/2004 07:56, File description = Microsoft® Windows(TM) Telephony API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1409471214|0x6307a1b82f6ca87d7e0cdf49e6e7bc00|
C:\WINDOWS\system32\rtutils.dll, MID = 76e80000, ("c:\windows\system32\rtutils.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 44032, File modification date = 04/08/2004 07:56, File description = Routing Utilities, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1152776202|0x2030fa027e7c3e0a145649c03171457b|
C:\WINDOWS\system32\msi.dll, MID = 7d1e0000, ("c:\windows\system32\msi.dll") File version = 3.1.4000.4039, File size = 2854400, File modification date = 18/04/2007 16:12, File description = Windows Installer, Product Name = Windows Installer - Unicode, Product version = 3.1.4000.4039, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |362880996|0x892f4bc54d486feb4df03e4e2ecb14e0|
C:\WINDOWS\system32\MLANG.dll, MID = 75cf0000, ("c:\windows\system32\mlang.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 586240, File modification date = 04/08/2004 07:56, File description = Multi Language Support DLL, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1631415716|0x0346da24de3c85909717d5997510a31f|
C:\WINDOWS\system32\rsaenh.dll, MID = ffd0000, ("c:\windows\system32\rsaenh.dll") File version = 5.1.2600.2161 (xpsp.040706-1629), File size = 152576, File modification date = 04/08/2004 05:31, File description = Microsoft Enhanced Cryptographic Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2161, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1510428990|0x26acbd865f8cff730f1791c4d0854352|
C:\WINDOWS\system32\MSCTF.dll, MID = 74720000, ("c:\windows\system32\msctf.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 294400, File modification date = 04/08/2004 07:56, File description = MSCTF Server DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1143806381|0x2b6d3630eb32b562e6763370ce35d730|
C:\WINDOWS\system32\MPR.dll, MID = 71b20000, ("c:\windows\system32\mpr.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 59904, File modification date = 04/08/2004 07:56, File description = Multiple Provider Router DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1996326639|0x2cfe80aa3428c09e6de67fac50da65cf|
C:\WINDOWS\System32\drprov.dll, MID = 75f60000, ("c:\windows\system32\drprov.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 14336, File modification date = 04/08/2004 07:56, File description = Microsoft Terminal Server Network Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |452848875|0xc39cd25443cccdd121bf1f807564dcfa|
C:\WINDOWS\System32\ntlanman.dll, MID = 71c10000, ("c:\windows\system32\ntlanman.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 43520, File modification date = 04/08/2004 07:56, File description = Microsoft® Lan Manager, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-491278372|0x6539ced6e5ab5684aa09e6b0abbf4124|
C:\WINDOWS\System32\NETUI0.dll, MID = 71cd0000, ("c:\windows\system32\netui0.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 80896, File modification date = 04/08/2004 07:56, File description = NT LM UI Common Code - GUI Classes, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |463692081|0x01520b46830c8178e1b2c05a4f3f6c16|
C:\WINDOWS\System32\NETUI1.dll, MID = 71c90000, ("c:\windows\system32\netui1.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 245760, File modification date = 04/08/2004 07:56, File description = NT LM UI Common Code - Networking classes, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |121686482|0x88b918e7fb3b09595dd8a0fd09a35b8f|
C:\WINDOWS\System32\NETRAP.dll, MID = 71c80000, ("c:\windows\system32\netrap.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 12288, File modification date = 04/08/2004 07:56, File description = Net Remote Admin Protocol DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |405208238|0x84a5644ae4731202a4a02e6342d29ba6|
C:\WINDOWS\System32\SAMLIB.dll, MID = 71bf0000, ("c:\windows\system32\samlib.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 64000, File modification date = 04/08/2004 07:56, File description = SAM Library DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1039413179|0xebe12f403fde45e7312e7bf764bfb6c6|
C:\WINDOWS\System32\davclnt.dll, MID = 75f70000, ("c:\windows\system32\davclnt.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 24576, File modification date = 04/08/2004 07:56, File description = Web DAV Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1504877942|0x716a078b2fc6cc0bb3030b2559ec143f|
C:\WINDOWS\system32\msv1_0.dll, MID = 77c70000, ("c:\windows\system32\msv1_0.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 129536, File modification date = 04/08/2004 07:56, File description = Microsoft Authentication Package v1.0, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1862327760|0x77c41f9146450c89534704a75836ce56|
C:\WINDOWS\system32\iphlpapi.dll, MID = 76d60000, ("c:\windows\system32\iphlpapi.dll") File version = 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), File size = 94720, File modification date = 19/05/2006 12:59, File description = IP Helper API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2912, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |858262452|0x011eacf9153ef90e6cbce2987acae411|
C:\WINDOWS\system32\sensapi.dll, MID = 722b0000, ("c:\windows\system32\sensapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 6656, File modification date = 04/08/2004 07:56, File description = SENS Connectivity API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1458440296|0x6e205319848b8af2a0da52b8d63db91e|
C:\WINDOWS\system32\WINSTA.dll, MID = 76360000, ("c:\windows\system32\winsta.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 53760, File modification date = 04/08/2004 07:56, File description = Winstation Library, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1778901481|0x7bc4ba4c33adf3ef5cd370d99bc60b04|
C:\WINDOWS\system32\webcheck.dll, MID = 42e40000, ("c:\windows\system32\webcheck.dll") File version = 7.00.6000.16640 (vista_gdr.080213-1606), File size = 233472, File modification date = 01/03/2008 13:06, File description = Web Site Monitor, Product Name = Windows® Internet Explorer, Product version = 7.00.6000.16640, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1231680059|0xf8412fb61b2b81e73774da4cefdebc45|
C:\WINDOWS\system32\SETUPAPI.dll, MID = 77920000, ("c:\windows\system32\setupapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 983552, File modification date = 04/08/2004 07:56, File description = Windows Setup API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |598744909|0x7808313cbc634ee08346d5ddfef1cc5f|
C:\WINDOWS\System32\stobject.dll, MID = 76280000, ("c:\windows\system32\stobject.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 121856, File modification date = 04/08/2004 07:56, File description = Systray shell service object, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1336078033|0x297101a925ecffdcdf7f6341ffbb6c1a|
C:\WINDOWS\System32\BatMeter.dll, MID = 74af0000, ("c:\windows\system32\batmeter.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 28672, File modification date = 04/08/2004 07:56, File description = Battery Meter Helper DLL, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1717708582|0x4e6eeea8eb9302d604603d4758c05e75|
C:\WINDOWS\System32\POWRPROF.dll, MID = 74ad0000, ("c:\windows\system32\powrprof.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 17408, File modification date = 04/08/2004 07:56, File description = Power Profile Helper DLL, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |527595151|0x1b5f6923abb450692e9fe0672c897aed|
C:\WINDOWS\System32\WTSAPI32.dll, MID = 76f50000, ("c:\windows\system32\wtsapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18432, File modification date = 04/08/2004 07:56, File description = Windows Terminal Server SDK APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-593757918|0x67f2d109ab373feceb819f420db11f03|
C:\WINDOWS\system32\WPDShServiceObj.dll, MID = 164a0000, ("c:\windows\system32\wpdshserviceobj.dll") File version = 5.2.5721.5145 (WMP_11.061018-2006), File size = 133632, File modification date = 19/10/2006 05:47, File description = Windows Portable Device Shell Service Object, Product Name = Microsoft® Windows® Operating System, Product version = 5.2.5721.5145, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1538728806|0x045e228f71c31901084b64be59093499|
C:\WINDOWS\system32\WINHTTP.dll, MID = 4d4f0000, ("c:\windows\system32\winhttp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 351232, File modification date = 04/08/2004 07:56, File description = Windows HTTP Services, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2081758494|0xea82a55f22654fbedcbd82d2d4305b45|
C:\WINDOWS\system32\PortableDeviceTypes.dll, MID = 109c0000, ("c:\windows\system32\portabledevicetypes.dll") File version = 5.2.5721.5145 (WMP_11.061018-2006), File size = 166912, File modification date = 19/10/2006 05:47, File description = Windows Portable Device (Parameter) Types Component, Product Name = Microsoft® Windows® Operating System, Product version = 5.2.5721.5145, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |186518969|0x22358578cb321f3325496a3723029409|
C:\WINDOWS\system32\PortableDeviceApi.dll, MID = 10930000, ("c:\windows\system32\portabledeviceapi.dll") File version = 5.2.5721.5145 (WMP_11.061018-2006), File size = 284160, File modification date = 19/10/2006 05:47, File description = Windows Portable Device API Components, Product Name = Microsoft® Windows® Operating System, Product version = 5.2.5721.5145, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-387235283|0x9d45b2201d0ecf9f42136c7b99deb8b2|
C:\WINDOWS\system32\wdmaud.drv, MID = 72d20000, ("c:\windows\system32\wdmaud.drv") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 23552, File modification date = 04/08/2004 07:56, File description = WDM Audio driver mapper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1741781778|0xd6a8dc8c374eea24744f2d4e87ca0e7e|
C:\WINDOWS\System32\msimtf.dll, MID = 746f0000, ("c:\windows\system32\msimtf.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 159232, File modification date = 04/08/2004 07:56, File description = Active IMM Server DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1729130752|0xd3ad4f21dd60b4b9bfeb415564a6c308|
C:\WINDOWS\system32\msacm32.drv, MID = 72d10000, ("c:\windows\system32\msacm32.drv") File version = 5.1.2600.0 (xpclient.010817-1148), File size = 20480, File modification date = 23/08/2001 12:00, File description = Microsoft Sound Mapper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-717198418|0x9a3bd5f55aadff859539142f6328a66e|
C:\WINDOWS\system32\midimap.dll, MID = 77bd0000, ("c:\windows\system32\midimap.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18944, File modification date = 04/08/2004 07:56, File description = Microsoft MIDI Mapper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1345016450|0x3b4702155bb2ae9dc00c06a68834bdfa|
C:\WINDOWS\system32\NETSHELL.dll, MID = 76400000, ("c:\windows\system32\netshell.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 1708032, File modification date = 04/08/2004 07:56, File description = Network Connections Shell, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1386605063|0xbf52a4d4eb4cfb3109667e429b93e21a|
C:\WINDOWS\system32\credui.dll, MID = 76c00000, ("c:\windows\system32\credui.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 163840, File modification date = 04/08/2004 07:56, File description = Credential Manager User Interface, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1059992429|0x1ecb753d7ceec8f5a94c9781ca64ec44|
C:\WINDOWS\system32\SXS.DLL, MID = 75e90000, ("c:\windows\system32\sxs.dll") File version = 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414), File size = 713216, File modification date = 19/10/2006 13:56, File description = Fusion 2.5, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3019, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |641248419|0x0ff9fa27706fbe9048990c108c0d62f0|

PROCESS hpztsb09, PID = 452, USER = PEARLY\David (Group - PEARLY\None, Everyone, BUILTIN\Administrators, BUILTIN\Users, NT AUTHORITY\INTERACTIVE, NT AUTHORITY\Authenticated Users, LOCAL), Command Line = "C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe"
"c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" File version = 2.236.1.0, File size = 188416, File modification date = 11/08/2003 08:07, File description = , Product Name = HP DeskJet, Product version = 2.236.1.0, Company name = HP (Copyright (c) Hewlett-Packard Company 1999-2003) |-1293341539|0xc2617f4999e0fcd05b2f8cfca06d979b|
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe, MID = 400000, ("c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe") File version = 2.236.1.0, File size = 188416, File modification date = 11/08/2003 08:07, File description = , Product Name = HP DeskJet, Product version = 2.236.1.0, Company name = HP (Copyright (c) Hewlett-Packard Company 1999-2003) |-1293341539|0xc2617f4999e0fcd05b2f8cfca06d979b|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|
C:\WINDOWS\system32\kernel32.dll, MID = 7c800000, ("c:\windows\system32\kernel32.dll") File version = 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301), File size = 984576, File modification date = 16/04/2007 15:52, File description = Windows NT BASE API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3119, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751812395|0xa01f9ca902a88f7ced06884174d6419d|
C:\WINDOWS\system32\USER32.dll, MID = 7e410000, ("c:\windows\system32\user32.dll") File version = 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), File size = 577536, File modification date = 08/03/2007 15:36, File description = Windows XP USER API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3099, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-550357050|0xb409909f6e2e8a7067076ed748abf1e7|
C:\WINDOWS\system32\GDI32.dll, MID = 77f10000, ("c:\windows\system32\gdi32.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 282624, File modification date = 20/02/2008 06:51, File description = GDI Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |404757280|0x011fc443e31e3d51b238564bc499b9b1|
C:\WINDOWS\system32\WINSPOOL.DRV, MID = 73000000, ("c:\windows\system32\winspool.drv") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 146432, File modification date = 04/08/2004 07:56, File description = Windows Spooler Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |511192227|0x777eb29d0135d81ad9828a2b05443496|
C:\WINDOWS\system32\msvcrt.dll, MID = 77c10000, ("c:\windows\system32\msvcrt.dll") File version = 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 343040, File modification date = 04/08/2004 07:56, File description = Windows NT CRT DLL, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1385742533|0xb0fefa816d61ec66aa765ddf534eab5e|
C:\WINDOWS\system32\RPCRT4.dll, MID = 77e70000, ("c:\windows\system32\rpcrt4.dll") File version = 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052), File size = 582656, File modification date = 09/07/2007 13:16, File description = Remote Procedure Call Runtime, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3173, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |862413953|0xec9d7fd24172c1879e7673f654e55cec|
C:\WINDOWS\system32\ADVAPI32.dll, MID = 77dd0000, ("c:\windows\system32\advapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 616960, File modification date = 04/08/2004 07:56, File description = Advanced Windows 32 Base API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1585065738|0x1aff244ca134956c54474f4e2433e4ce|
C:\WINDOWS\system32\SHELL32.dll, MID = 7c9c0000, ("c:\windows\system32\shell32.dll") File version = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245), File size = 8460288, File modification date = 26/10/2007 03:34, File description = Windows Shell Common Dll, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3241, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1265059713|0x3be4c2e84d99889685fe2b68e5fa2a9d|
C:\WINDOWS\system32\SHLWAPI.dll, MID = 77f60000, ("c:\windows\system32\shlwapi.dll") File version = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040), File size = 474112, File modification date = 04/01/2007 14:05, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3059, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |360429776|0x7ffe0d795f7138a5487fc90a8ec121e1|
C:\WINDOWS\system32\COMCTL32.dll, MID = 5d090000, ("c:\windows\system32\comctl32.dll") File version = 5.82 (xpsp.060825-0040), File size = 617472, File modification date = 25/08/2006 15:45, File description = Common Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |590308980|0xb0124cb21d28b1c9f678b566b6b57d92|
C:\WINDOWS\system32\IMM32.DLL, MID = 76390000, ("c:\windows\system32\imm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 110080, File modification date = 04/08/2004 07:56, File description = Windows XP IMM32 API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-43671331|0x87ca7ce6469577f059297b9d6556d66d|
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll, MID = 773d0000, ("c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll") File version = 6.0 (xpsp.060825-0040), File size = 1054208, File modification date = 25/08/2006 15:45, File description = User Experience Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1490442124|0xc4e80875c1cf1222fc5efd0314ae5c01|
C:\WINDOWS\system32\uxtheme.dll, MID = 5ad70000, ("c:\windows\system32\uxtheme.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 218624, File modification date = 04/08/2004 07:56, File description = Microsoft UxTheme Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1521061666|0x2cde496666a975a2ce8f969f3042c8db|
C:\WINDOWS\system32\spool\drivers\w32x86\3\HPZR3209.dll, MID = 10000000, ("c:\windows\system32\spool\drivers\w32x86\3\hpzr3209.dll") File version = 2.236.1.0, File size = 9707520, File modification date = 11/08/2003 08:07, File description = Driver UI dll, Product Name = Driver UI dlll, Product version = 2.236.1.0, Company name = HP (Copyright (c) Hewlett-Packard Company 1999-2003) |587735120|0xd1df1b8e6c6c433d4ea21d210075816a|
C:\WINDOWS\system32\MSCTF.dll, MID = 74720000, ("c:\windows\system32\msctf.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 294400, File modification date = 04/08/2004 07:56, File description = MSCTF Server DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1143806381|0x2b6d3630eb32b562e6763370ce35d730|
C:\WINDOWS\system32\msctfime.ime, MID = 755c0000, ("c:\windows\system32\msctfime.ime") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 177152, File modification date = 04/08/2004 07:56, File description = Microsoft Text Frame Work Service IME, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1785802648|0xd87041eaa67eca4394f6d5d09c0c2885|
C:\WINDOWS\system32\ole32.dll, MID = 774e0000, ("c:\windows\system32\ole32.dll") File version = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), File size = 1285120, File modification date = 26/07/2005 04:39, File description = Microsoft OLE for Windows, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2726, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1389208961|0xab8231d13692ac5088eb9c226b0c0576|

PROCESS AppleMobileDeviceService, PID = 460, USER = NT AUTHORITY\SYSTEM (Group - BUILTIN\Administrators, Everyone, NT AUTHORITY\Authenticated Users), Command Line = "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
"c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" File version = 1, 14, 0, 0, File size = 110592, File modification date = 06/09/2007 20:28, File description = Apple Mobile Device Service, Product Name = Apple Mobile Device Service, Product version = 1, 14, 0, 0, Company name = Apple, Inc. (Copyright 2007 Apple, Inc. All Rights Reserved.) |1478646368|0x3a4982df893f198a2dfbccd4ce10f93a|
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe, MID = 400000, ("c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe") File version = 1, 14, 0, 0, File size = 110592, File modification date = 06/09/2007 20:28, File description = Apple Mobile Device Service, Product Name = Apple Mobile Device Service, Product version = 1, 14, 0, 0, Company name = Apple, Inc. (Copyright 2007 Apple, Inc. All Rights Reserved.) |1478646368|0x3a4982df893f198a2dfbccd4ce10f93a|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|
C:\WINDOWS\system32\kernel32.dll, MID = 7c800000, ("c:\windows\system32\kernel32.dll") File version = 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301), File size = 984576, File modification date = 16/04/2007 15:52, File description = Windows NT BASE API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3119, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751812395|0xa01f9ca902a88f7ced06884174d6419d|
C:\WINDOWS\system32\WSOCK32.dll, MID = 71ad0000, ("c:\windows\system32\wsock32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 22528, File modification date = 04/08/2004 07:56, File description = Windows Socket 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1850821242|0x53af9f2b2ce4b6eff41c70417359d010|
C:\WINDOWS\system32\WS2_32.dll, MID = 71ab0000, ("c:\windows\system32\ws2_32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 82944, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1757885354|0x2ed0b7f12a60f90092081c50fa0ec2b2|
C:\WINDOWS\system32\msvcrt.dll, MID = 77c10000, ("c:\windows\system32\msvcrt.dll") File version = 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 343040, File modification date = 04/08/2004 07:56, File description = Windows NT CRT DLL, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1385742533|0xb0fefa816d61ec66aa765ddf534eab5e|
C:\WINDOWS\system32\WS2HELP.dll, MID = 71aa0000, ("c:\windows\system32\ws2help.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-170042698|0x9beacb911ca61e5881102188ab7fb431|
C:\WINDOWS\system32\ADVAPI32.dll, MID = 77dd0000, ("c:\windows\system32\advapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 616960, File modification date = 04/08/2004 07:56, File description = Advanced Windows 32 Base API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1585065738|0x1aff244ca134956c54474f4e2433e4ce|
C:\WINDOWS\system32\RPCRT4.dll, MID = 77e70000, ("c:\windows\system32\rpcrt4.dll") File version = 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052), File size = 582656, File modification date = 09/07/2007 13:16, File description = Remote Procedure Call Runtime, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3173, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |862413953|0xec9d7fd24172c1879e7673f654e55cec|
C:\WINDOWS\system32\SETUPAPI.dll, MID = 77920000, ("c:\windows\system32\setupapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 983552, File modification date = 04/08/2004 07:56, File description = Windows Setup API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |598744909|0x7808313cbc634ee08346d5ddfef1cc5f|
C:\WINDOWS\system32\GDI32.dll, MID = 77f10000, ("c:\windows\system32\gdi32.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 282624, File modification date = 20/02/2008 06:51, File description = GDI Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |404757280|0x011fc443e31e3d51b238564bc499b9b1|
C:\WINDOWS\system32\USER32.dll, MID = 7e410000, ("c:\windows\system32\user32.dll") File version = 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), File size = 577536, File modification date = 08/03/2007 15:36, File description = Windows XP USER API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3099, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-550357050|0xb409909f6e2e8a7067076ed748abf1e7|
C:\WINDOWS\system32\IMM32.DLL, MID = 76390000, ("c:\windows\system32\imm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 110080, File modification date = 04/08/2004 07:56, File description = Windows XP IMM32 API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-43671331|0x87ca7ce6469577f059297b9d6556d66d|
C:\WINDOWS\system32\mswsock.dll, MID = 71a50000, ("c:\windows\system32\mswsock.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 245248, File modification date = 04/08/2004 07:56, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-500132976|0x4e74af063c3271fbea20dd940cfd1184|
C:\WINDOWS\system32\hnetcfg.dll, MID = 662b0000, ("c:\windows\system32\hnetcfg.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 344064, File modification date = 04/08/2004 07:56, File description = Home Networking Configuration Manager, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1827756751|0x765b30c776a1780b46b479fe614f707c|
C:\WINDOWS\System32\wshtcpip.dll, MID = 71a90000, ("c:\windows\system32\wshtcpip.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Sockets Helper DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1198735131|0xa7f95a53ee055115df03588997a47d4d|
C:\WINDOWS\system32\WINTRUST.dll, MID = 76c30000, ("c:\windows\system32\wintrust.dll") File version = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 176640, File modification date = 04/08/2004 07:56, File description = Microsoft Trust Verification APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.131.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1999501123|0xb015a20c60d2a751777a9c8207a7ba82|
C:\WINDOWS\system32\CRYPT32.dll, MID = 77a80000, ("c:\windows\system32\crypt32.dll") File version = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 597504, File modification date = 04/08/2004 07:56, File description = Crypto API32, Product Name = Microsoft® Windows® Operating System, Product version = 5.131.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1759588438|0xefc958396a7a7ef7e6d4a52b97512e18|
C:\WINDOWS\system32\MSASN1.dll, MID = 77b20000, ("c:\windows\system32\msasn1.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 57344, File modification date = 04/08/2004 07:56, File description = ASN.1 Runtime APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-720210377|0x3cd1ce106ca2a9b4cc626d7df03fbd6f|
C:\WINDOWS\system32\IMAGEHLP.dll, MID = 76c90000, ("c:\windows\system32\imagehlp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 144384, File modification date = 04/08/2004 07:56, File description = Windows NT Image Helper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1900703932|0x5afce94e8286b2f57a04da37f01bf21a|

PROCESS MaxMenuMgrBasics, PID = 368, USER = PEARLY\David (Group - PEARLY\None, Everyone, BUILTIN\Administrators, BUILTIN\Users, NT AUTHORITY\INTERACTIVE, NT AUTHORITY\Authenticated Users, LOCAL), Command Line = "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe"
"c:\program files\seagate\basics\basics status\maxmenumgrbasics.exe" File version = 2, 2, 0, 6, File size = 169328, File modification date = 10/10/2007 00:21, File description = Maxtor Status Icon, Product Name = MSS & OneTouch Application, Product version = 2, 2, 0, 6, Company name = Maxtor Corporation (Copyright © 2005-2006) |-1329340668|0x66b4203cf0b4929e9f0d349c83897c25|
C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe, MID = 400000, ("c:\program files\seagate\basics\basics status\maxmenumgrbasics.exe") File version = 2, 2, 0, 6, File size = 169328, File modification date = 10/10/2007 00:21, File description = Maxtor Status Icon, Product Name = MSS & OneTouch Application, Product version = 2, 2, 0, 6, Company name = Maxtor Corporation (Copyright © 2005-2006) |-1329340668|0x66b4203cf0b4929e9f0d349c83897c25|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|
C:\WINDOWS\system32\kernel32.dll, MID = 7c800000, ("c:\windows\system32\kernel32.dll") File version = 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301), File size = 984576, File modification date = 16/04/2007 15:52, File description = Windows NT BASE API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3119, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751812395|0xa01f9ca902a88f7ced06884174d6419d|
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL, MID = 782e0000, ("c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll") File version = 8.00.50727.762, File size = 1093120, File modification date = 02/12/2006 08:25, File description = MFCDLL Shared Library - Retail Version, Product Name = Microsoft® Visual Studio® 2005, Product version = 8.00.50727.762, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1248146505|0xccc2e312486ae6b80970211da472268b|
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll, MID = 78130000, ("c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll") File version = 8.00.50727.762, File size = 626688, File modification date = 02/12/2006 05:54, File description = Microsoft® C Runtime Library, Product Name = Microsoft® Visual Studio® 2005, Product version = 8.00.50727.762, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |412186895|0xe4fece18310e23b1d8fee993e35e7a6f|
C:\WINDOWS\system32\msvcrt.dll, MID = 77c10000, ("c:\windows\system32\msvcrt.dll") File version = 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 343040, File modification date = 04/08/2004 07:56, File description = Windows NT CRT DLL, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1385742533|0xb0fefa816d61ec66aa765ddf534eab5e|
C:\WINDOWS\system32\GDI32.dll, MID = 77f10000, ("c:\windows\system32\gdi32.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 282624, File modification date = 20/02/2008 06:51, File description = GDI Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |404757280|0x011fc443e31e3d51b238564bc499b9b1|
C:\WINDOWS\system32\USER32.dll, MID = 7e410000, ("c:\windows\system32\user32.dll") File version = 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), File size = 577536, File modification date = 08/03/2007 15:36, File description = Windows XP USER API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3099, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-550357050|0xb409909f6e2e8a7067076ed748abf1e7|
C:\WINDOWS\system32\SHLWAPI.dll, MID = 77f60000, ("c:\windows\system32\shlwapi.dll") File version = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040), File size = 474112, File modification date = 04/01/2007 14:05, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3059, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |360429776|0x7ffe0d795f7138a5487fc90a8ec121e1|
C:\WINDOWS\system32\ADVAPI32.dll, MID = 77dd0000, ("c:\windows\system32\advapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 616960, File modification date = 04/08/2004 07:56, File description = Advanced Windows 32 Base API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1585065738|0x1aff244ca134956c54474f4e2433e4ce|
C:\WINDOWS\system32\RPCRT4.dll, MID = 77e70000, ("c:\windows\system32\rpcrt4.dll") File version = 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052), File size = 582656, File modification date = 09/07/2007 13:16, File description = Remote Procedure Call Runtime, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3173, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |862413953|0xec9d7fd24172c1879e7673f654e55cec|
C:\WINDOWS\system32\SHELL32.dll, MID = 7c9c0000, ("c:\windows\system32\shell32.dll") File version = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245), File size = 8460288, File modification date = 26/10/2007 03:34, File description = Windows Shell Common Dll, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3241, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1265059713|0x3be4c2e84d99889685fe2b68e5fa2a9d|
C:\WINDOWS\system32\COMCTL32.dll, MID = 5d090000, ("c:\windows\system32\comctl32.dll") File version = 5.82 (xpsp.060825-0040), File size = 617472, File modification date = 25/08/2006 15:45, File description = Common Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |590308980|0xb0124cb21d28b1c9f678b566b6b57d92|
C:\WINDOWS\system32\IMM32.DLL, MID = 76390000, ("c:\windows\system32\imm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 110080, File modification date = 04/08/2004 07:56, File description = Windows XP IMM32 API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-43671331|0x87ca7ce6469577f059297b9d6556d66d|
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80ENU.DLL, MID = 5d360000, ("c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80enu.dll") File version = 8.00.50727.762, File size = 57344, File modification date = 02/12/2006 08:08, File description = MFC Language Specific Resources, Product Name = Microsoft® Visual Studio® 2005, Product version = 8.00.50727.762, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1068939988|0x9090454e6772f7cfbce240bf4dc5f7e8|
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll, MID = 773d0000, ("c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll") File version = 6.0 (xpsp.060825-0040), File size = 1054208, File modification date = 25/08/2006 15:45, File description = User Experience Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1490442124|0xc4e80875c1cf1222fc5efd0314ae5c01|
C:\WINDOWS\system32\uxtheme.dll, MID = 5ad70000, ("c:\windows\system32\uxtheme.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 218624, File modification date = 04/08/2004 07:56, File description = Microsoft UxTheme Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1521061666|0x2cde496666a975a2ce8f969f3042c8db|
C:\WINDOWS\system32\msctfime.ime, MID = 755c0000, ("c:\windows\system32\msctfime.ime") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 177152, File modification date = 04/08/2004 07:56, File description = Microsoft Text Frame Work Service IME, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1785802648|0xd87041eaa67eca4394f6d5d09c0c2885|
C:\WINDOWS\system32\ole32.dll, MID = 774e0000, ("c:\windows\system32\ole32.dll") File version = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), File size = 1285120, File modification date = 26/07/2005 04:39, File description = Microsoft OLE for Windows, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2726, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1389208961|0xab8231d13692ac5088eb9c226b0c0576|
c:\program files\seagate\basics\basics status\basicsmenu.dll, MID = 10000000, ("c:\program files\seagate\basics\basics status\basicsmenu.dll") File version = 1.0.0.8, File size = 75112, File modification date = 10/10/2007 00:21, File description = FreeAgent Menu, Product Name = FreeAgent™, Product version = 1.0.0.8, Company name = Seagate LLC (Seagate LLC. All rights reserved.) |733057548|0x0b7274ba63be33acf0670ef6d701bc0c|
C:\WINDOWS\system32\WINMM.dll, MID = 76b40000, ("c:\windows\system32\winmm.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 176128, File modification date = 04/08/2004 07:56, File description = MCI API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |305547002|0x90fdaa22f38d9e911f91fa3b8a1f7e5d|
C:\WINDOWS\system32\MSCTF.dll, MID = 74720000, ("c:\windows\system32\msctf.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 294400, File modification date = 04/08/2004 07:56, File description = MSCTF Server DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1143806381|0x2b6d3630eb32b562e6763370ce35d730|
C:\WINDOWS\system32\OLEAUT32.DLL, MID = 77120000, ("c:\windows\system32\oleaut32.dll") File version = 5.1.2600.3266, File size = 550912, File modification date = 04/12/2007 18:38, File description = (null), Product Name = (null), Product version = 5.1.2600.3266, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-2001.) |409301632|0x0144abc4c4a624b583d432ee478a711c|

PROCESS SyncServicesBasics, PID = 568, USER = NT AUTHORITY\SYSTEM (Group - BUILTIN\Administrators, Everyone, NT AUTHORITY\Authenticated Users), Command Line = "C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe"
"c:\program files\seagate\basics\service\syncservicesbasics.exe" File version = 4, 0, 3, 1, File size = 124280, File modification date = 10/10/2007 00:21, File description = Sync Windows Services, Product Name = Sync, Product version = 4, 0, 0, 1, Company name = Seagate Technology LLC (Copyright (C) 2007 Seagate Technology LLC) |373527822|0x55fed228fe147ecb9c47a1c55388896e|
C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe, MID = 400000, ("c:\program files\seagate\basics\service\syncservicesbasics.exe") File version = 4, 0, 3, 1, File size = 124280, File modification date = 10/10/2007 00:21, File description = Sync Windows Services, Product Name = Sync, Product version = 4, 0, 0, 1, Company name = Seagate Technology LLC (Copyright (C) 2007 Seagate Technology LLC) |373527822|0x55fed228fe147ecb9c47a1c55388896e|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|
C:\WINDOWS\system32\kernel32.dll, MID = 7c800000, ("c:\windows\system32\kernel32.dll") File version = 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301), File size = 984576, File modification date = 16/04/2007 15:52, File description = Windows NT BASE API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3119, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751812395|0xa01f9ca902a88f7ced06884174d6419d|
C:\WINDOWS\system32\iphlpapi.dll, MID = 76d60000, ("c:\windows\system32\iphlpapi.dll") File version = 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), File size = 94720, File modification date = 19/05/2006 12:59, File description = IP Helper API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2912, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |858262452|0x011eacf9153ef90e6cbce2987acae411|
C:\WINDOWS\system32\ADVAPI32.dll, MID = 77dd0000, ("c:\windows\system32\advapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 616960, File modification date = 04/08/2004 07:56, File description = Advanced Windows 32 Base API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1585065738|0x1aff244ca134956c54474f4e2433e4ce|
C:\WINDOWS\system32\RPCRT4.dll, MID = 77e70000, ("c:\windows\system32\rpcrt4.dll") File version = 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052), File size = 582656, File modification date = 09/07/2007 13:16, File description = Remote Procedure Call Runtime, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3173, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |862413953|0xec9d7fd24172c1879e7673f654e55cec|
C:\WINDOWS\system32\msvcrt.dll, MID = 77c10000, ("c:\windows\system32\msvcrt.dll") File version = 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 343040, File modification date = 04/08/2004 07:56, File description = Windows NT CRT DLL, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1385742533|0xb0fefa816d61ec66aa765ddf534eab5e|
C:\WINDOWS\system32\USER32.dll, MID = 7e410000, ("c:\windows\system32\user32.dll") File version = 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), File size = 577536, File modification date = 08/03/2007 15:36, File description = Windows XP USER API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3099, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-550357050|0xb409909f6e2e8a7067076ed748abf1e7|
C:\WINDOWS\system32\GDI32.dll, MID = 77f10000, ("c:\windows\system32\gdi32.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 282624, File modification date = 20/02/2008 06:51, File description = GDI Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |404757280|0x011fc443e31e3d51b238564bc499b9b1|
C:\WINDOWS\system32\WS2_32.dll, MID = 71ab0000, ("c:\windows\system32\ws2_32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 82944, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1757885354|0x2ed0b7f12a60f90092081c50fa0ec2b2|
C:\WINDOWS\system32\WS2HELP.dll, MID = 71aa0000, ("c:\windows\system32\ws2help.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-170042698|0x9beacb911ca61e5881102188ab7fb431|
C:\WINDOWS\system32\USERENV.dll, MID = 769c0000, ("c:\windows\system32\userenv.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 723456, File modification date = 04/08/2004 07:56, File description = Userenv, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-59535776|0x2b9b56a89a8a42e917511972a6db36e3|
C:\WINDOWS\system32\WTSAPI32.dll, MID = 76f50000, ("c:\windows\system32\wtsapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18432, File modification date = 04/08/2004 07:56, File description = Windows Terminal Server SDK APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-593757918|0x67f2d109ab373feceb819f420db11f03|
C:\WINDOWS\system32\WINSTA.dll, MID = 76360000, ("c:\windows\system32\winsta.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 53760, File modification date = 04/08/2004 07:56, File description = Winstation Library, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1778901481|0x7bc4ba4c33adf3ef5cd370d99bc60b04|
C:\WINDOWS\system32\NETAPI32.dll, MID = 5b860000, ("c:\windows\system32\netapi32.dll") File version = 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), File size = 332288, File modification date = 17/08/2006 12:28, File description = Net Win32 API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2976, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |640979505|0x35a4c61b5a9ae04e73843fb21f9a1137|
C:\Program Files\Seagate\Basics\Service\BSCDRVIFNT.dll, MID = 20000000, ("c:\program files\seagate\basics\service\bscdrvifnt.dll") File version = 4, 0, 4, 5, File size = 107880, File modification date = 10/10/2007 00:21, File description = DRVIFXX DLL, Product Name = Seagate External Drive Interface, Product version = 4, 0, 4, 5, Company name = Seagate Technology LLC (Copyright (C) 2002-2006 Seagate) |-1485342164|0x99d71644b823772551d75739f7022886|
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL, MID = 782e0000, ("c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll") File version = 8.00.50727.762, File size = 1093120, File modification date = 02/12/2006 08:25, File description = MFCDLL Shared Library - Retail Version, Product Name = Microsoft® Visual Studio® 2005, Product version = 8.00.50727.762, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1248146505|0xccc2e312486ae6b80970211da472268b|
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll, MID = 78130000, ("c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll") File version = 8.00.50727.762, File size = 626688, File modification date = 02/12/2006 05:54, File description = Microsoft® C Runtime Library, Product Name = Microsoft® Visual Studio® 2005, Product version = 8.00.50727.762, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |412186895|0xe4fece18310e23b1d8fee993e35e7a6f|
C:\WINDOWS\system32\SHLWAPI.dll, MID = 77f60000, ("c:\windows\system32\shlwapi.dll") File version = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040), File size = 474112, File modification date = 04/01/2007 14:05, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3059, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |360429776|0x7ffe0d795f7138a5487fc90a8ec121e1|
C:\WINDOWS\system32\SHELL32.dll, MID = 7c9c0000, ("c:\windows\system32\shell32.dll") File version = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245), File size = 8460288, File modification date = 26/10/2007 03:34, File description = Windows Shell Common Dll, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3241, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1265059713|0x3be4c2e84d99889685fe2b68e5fa2a9d|
C:\WINDOWS\system32\ole32.dll, MID = 774e0000, ("c:\windows\system32\ole32.dll") File version = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), File size = 1285120, File modification date = 26/07/2005 04:39, File description = Microsoft OLE for Windows, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2726, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1389208961|0xab8231d13692ac5088eb9c226b0c0576|
C:\WINDOWS\system32\IMM32.DLL, MID = 76390000, ("c:\windows\system32\imm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 110080, File modification date = 04/08/2004 07:56, File description = Windows XP IMM32 API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-43671331|0x87ca7ce6469577f059297b9d6556d66d|
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80ENU.DLL, MID = 5d360000, ("c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80enu.dll") File version = 8.00.50727.762, File size = 57344, File modification date = 02/12/2006 08:08, File description = MFC Language Specific Resources, Product Name = Microsoft® Visual Studio® 2005, Product version = 8.00.50727.762, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1068939988|0x9090454e6772f7cfbce240bf4dc5f7e8|
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll, MID = 773d0000, ("c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll") File version = 6.0 (xpsp.060825-0040), File size = 1054208, File modification date = 25/08/2006 15:45, File description = User Experience Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1490442124|0xc4e80875c1cf1222fc5efd0314ae5c01|
C:\WINDOWS\system32\comctl32.dll, MID = 5d090000, ("c:\windows\system32\comctl32.dll") File version = 5.82 (xpsp.060825-0040), File size = 617472, File modification date = 25/08/2006 15:45, File description = Common Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |590308980|0xb0124cb21d28b1c9f678b566b6b57d92|

PROCESS rundll32, PID = 636, USER = PEARLY\David (Group - PEARLY\None, Everyone, BUILTIN\Administrators, BUILTIN\Users, NT AUTHORITY\INTERACTIVE, NT AUTHORITY\Authenticated Users, LOCAL), Command Line = "C:\WINDOWS\system32\RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
"c:\windows\system32\rundll32.exe" File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 33280, File modification date = 04/08/2004 07:56, File description = Run a DLL as an App, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1698072840|0xda285490bbd8a1d0ce6623577d5ba1ff|
"c:\windows\system32\nvmctray.dll" File version = 6.14.11.6921, File size = 81920, File modification date = 05/12/2007 09:41, File description = NVIDIA Media Center Library, Product Name = NVIDIA Media Center Library, Product version = 6.14.11.6921, Company name = NVIDIA Corporation ((C) NVIDIA Corporation. All rights reserved.) |1134351482|0xec979882a9bf2b9a74693f3bf6db3eaa|
C:\WINDOWS\system32\RUNDLL32.EXE, MID = 1000000, ("c:\windows\system32\rundll32.exe") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 33280, File modification date = 04/08/2004 07:56, File description = Run a DLL as an App, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1698072840|0xda285490bbd8a1d0ce6623577d5ba1ff|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|
C:\WINDOWS\system32\kernel32.dll, MID = 7c800000, ("c:\windows\system32\kernel32.dll") File version = 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301), File size = 984576, File modification date = 16/04/2007 15:52, File description = Windows NT BASE API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3119, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751812395|0xa01f9ca902a88f7ced06884174d6419d|
C:\WINDOWS\system32\msvcrt.dll, MID = 77c10000, ("c:\windows\system32\msvcrt.dll") File version = 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 343040, File modification date = 04/08/2004 07:56, File description = Windows NT CRT DLL, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1385742533|0xb0fefa816d61ec66aa765ddf534eab5e|
C:\WINDOWS\system32\GDI32.dll, MID = 77f10000, ("c:\windows\system32\gdi32.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 282624, File modification date = 20/02/2008 06:51, File description = GDI Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |404757280|0x011fc443e31e3d51b238564bc499b9b1|
C:\WINDOWS\system32\USER32.dll, MID = 7e410000, ("c:\windows\system32\user32.dll") File version = 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), File size = 577536, File modification date = 08/03/2007 15:36, File description = Windows XP USER API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3099, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-550357050|0xb409909f6e2e8a7067076ed748abf1e7|
C:\WINDOWS\system32\IMAGEHLP.dll, MID = 76c90000, ("c:\windows\system32\imagehlp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 144384, File modification date = 04/08/2004 07:56, File description = Windows NT Image Helper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1900703932|0x5afce94e8286b2f57a04da37f01bf21a|
C:\WINDOWS\system32\ShimEng.dll, MID = 5cb70000, ("c:\windows\system32\shimeng.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 65536, File modification date = 04/08/2004 07:56, File description = Shim Engine DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1268187735|0x43da983415ea533f9e667fdb415f4655|
C:\WINDOWS\AppPatch\AcGenral.DLL, MID = 6f880000, ("c:\windows\apppatch\acgenral.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 1852416, File modification date = 04/08/2004 07:56, File description = Windows Compatibility DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1968887141|0xfb537f29a827d78f756154cf397a113f|
C:\WINDOWS\system32\ADVAPI32.dll, MID = 77dd0000, ("c:\windows\system32\advapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 616960, File modification date = 04/08/2004 07:56, File description = Advanced Windows 32 Base API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1585065738|0x1aff244ca134956c54474f4e2433e4ce|
C:\WINDOWS\system32\RPCRT4.dll, MID = 77e70000, ("c:\windows\system32\rpcrt4.dll") File version = 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052), File size = 582656, File modification date = 09/07/2007 13:16, File description = Remote Procedure Call Runtime, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3173, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |862413953|0xec9d7fd24172c1879e7673f654e55cec|
C:\WINDOWS\system32\WINMM.dll, MID = 76b40000, ("c:\windows\system32\winmm.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 176128, File modification date = 04/08/2004 07:56, File description = MCI API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |305547002|0x90fdaa22f38d9e911f91fa3b8a1f7e5d|
C:\WINDOWS\system32\ole32.dll, MID = 774e0000, ("c:\windows\system32\ole32.dll") File version = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), File size = 1285120, File modification date = 26/07/2005 04:39, File description = Microsoft OLE for Windows, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2726, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1389208961|0xab8231d13692ac5088eb9c226b0c0576|
C:\WINDOWS\system32\OLEAUT32.dll, MID = 77120000, ("c:\windows\system32\oleaut32.dll") File version = 5.1.2600.3266, File size = 550912, File modification date = 04/12/2007 18:38, File description = (null), Product Name = (null), Product version = 5.1.2600.3266, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-2001.) |409301632|0x0144abc4c4a624b583d432ee478a711c|
C:\WINDOWS\system32\MSACM32.dll, MID = 77be0000, ("c:\windows\system32\msacm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 71680, File modification date = 04/08/2004 07:56, File description = Microsoft ACM Audio Filter, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1780582686|0x975d12353b1d525c0f3444c447fb3b9a|
C:\WINDOWS\system32\VERSION.dll, MID = 77c00000, ("c:\windows\system32\version.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18944, File modification date = 04/08/2004 07:56, File description = Version Checking and File Installation Libraries, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-807126597|0xd38408967be738d0c1b47005bce8ceeb|
C:\WINDOWS\system32\SHELL32.dll, MID = 7c9c0000, ("c:\windows\system32\shell32.dll") File version = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245), File size = 8460288, File modification date = 26/10/2007 03:34, File description = Windows Shell Common Dll, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3241, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1265059713|0x3be4c2e84d99889685fe2b68e5fa2a9d|
C:\WINDOWS\system32\SHLWAPI.dll, MID = 77f60000, ("c:\windows\system32\shlwapi.dll") File version = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040), File size = 474112, File modification date = 04/01/2007 14:05, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3059, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |360429776|0x7ffe0d795f7138a5487fc90a8ec121e1|
C:\WINDOWS\system32\USERENV.dll, MID = 769c0000, ("c:\windows\system32\userenv.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 723456, File modification date = 04/08/2004 07:56, File description = Userenv, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-59535776|0x2b9b56a89a8a42e917511972a6db36e3|
C:\WINDOWS\system32\UxTheme.dll, MID = 5ad70000, ("c:\windows\system32\uxtheme.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 218624, File modification date = 04/08/2004 07:56, File description = Microsoft UxTheme Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1521061666|0x2cde496666a975a2ce8f969f3042c8db|
C:\WINDOWS\system32\IMM32.DLL, MID = 76390000, ("c:\windows\system32\imm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 110080, File modification date = 04/08/2004 07:56, File description = Windows XP IMM32 API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-43671331|0x87ca7ce6469577f059297b9d6556d66d|
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll, MID = 773d0000, ("c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll") File version = 6.0 (xpsp.060825-0040), File size = 1054208, File modification date = 25/08/2006 15:45, File description = User Experience Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1490442124|0xc4e80875c1cf1222fc5efd0314ae5c01|
C:\WINDOWS\system32\comctl32.dll, MID = 5d090000, ("c:\windows\system32\comctl32.dll") File version = 5.82 (xpsp.060825-0040), File size = 617472, File modification date = 25/08/2006 15:45, File description = Common Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |590308980|0xb0124cb21d28b1c9f678b566b6b57d92|
C:\WINDOWS\system32\NvMcTray.dll, MID = 10000000, ("c:\windows\system32\nvmctray.dll") File version = 6.14.11.6921, File size = 81920, File modification date = 05/12/2007 09:41, File description = NVIDIA Media Center Library, Product Name = NVIDIA Media Center Library, Product version = 6.14.11.6921, Company name = NVIDIA Corporation ((C) NVIDIA Corporation. All rights reserved.) |1134351482|0xec979882a9bf2b9a74693f3bf6db3eaa|
C:\WINDOWS\system32\nvapi.dll, MID = 9f0000, ("c:\windows\system32\nvapi.dll") File version = 6.14.11.6921, File size = 385024, File modification date = 05/12/2007 09:41, File description = NVIDIA NVAPI Library, Version 169.21 , Product Name = NVIDIA Windows drivers, Product version = 6.14.11.6921, Company name = NVIDIA Corporation ((C) NVIDIA Corporation. All rights reserved.) |543410616|0xc1467115c021f17ec3d93ae98f7159b3|
C:\WINDOWS\system32\SETUPAPI.dll, MID = 77920000, ("c:\windows\system32\setupapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 983552, File modification date = 04/08/2004 07:56, File description = Windows Setup API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |598744909|0x7808313cbc634ee08346d5ddfef1cc5f|
C:\WINDOWS\system32\MSCTF.dll, MID = 74720000, ("c:\windows\system32\msctf.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 294400, File modification date = 04/08/2004 07:56, File description = MSCTF Server DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1143806381|0x2b6d3630eb32b562e6763370ce35d730|
C:\WINDOWS\system32\msctfime.ime, MID = 755c0000, ("c:\windows\system32\msctfime.ime") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 177152, File modification date = 04/08/2004 07:56, File description = Microsoft Text Frame Work Service IME, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1785802648|0xd87041eaa67eca4394f6d5d09c0c2885|

PROCESS ccApp, PID = 632, USER = , Command Line = "c:\windows\system32\rundll32.exe" c:\windows\system32\nvmctray.dll,nvtaskbarinit
"c:\windows\system32\rundll32.exe" File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 33280, File modification date = 04/08/2004 07:56, File description = Run a DLL as an App, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1698072840|0xda285490bbd8a1d0ce6623577d5ba1ff|
"c:\windows\system32\nvmctray.dll" File version = 6.14.11.6921, File size = 81920, File modification date = 05/12/2007 09:41, File description = NVIDIA Media Center Library, Product Name = NVIDIA Media Center Library, Product version = 6.14.11.6921, Company name = NVIDIA Corporation ((C) NVIDIA Corporation. All rights reserved.) |1134351482|0xec979882a9bf2b9a74693f3bf6db3eaa|
C:\Program Files\Common Files\Symantec Shared\ccApp.exe, MID = 400000, ("c:\program files\common files\symantec shared\ccapp.exe") File version = 106.1.0.17, File size = 95848, File modification date = 14/10/2006 04:44, File description = Symantec User Session, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |1693511614|0x6901fa14065b0f845465e7936db5a908|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|
C:\WINDOWS\system32\kernel32.dll, MID = 7c800000, ("c:\windows\system32\kernel32.dll") File version = 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301), File size = 984576, File modification date = 16/04/2007 15:52, File description = Windows NT BASE API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3119, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751812395|0xa01f9ca902a88f7ced06884174d6419d|
C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\COMCTL32.dll, MID = 773d0000, ("c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll") File version = 6.0 (xpsp.060825-0040), File size = 1054208, File modification date = 25/08/2006 15:45, File description = User Experience Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1490442124|0xc4e80875c1cf1222fc5efd0314ae5c01|
C:\WINDOWS\system32\msvcrt.dll, MID = 77c10000, ("c:\windows\system32\msvcrt.dll") File version = 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 343040, File modification date = 04/08/2004 07:56, File description = Windows NT CRT DLL, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1385742533|0xb0fefa816d61ec66aa765ddf534eab5e|
C:\WINDOWS\system32\ADVAPI32.dll, MID = 77dd0000, ("c:\windows\system32\advapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 616960, File modification date = 04/08/2004 07:56, File description = Advanced Windows 32 Base API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1585065738|0x1aff244ca134956c54474f4e2433e4ce|
C:\WINDOWS\system32\RPCRT4.dll, MID = 77e70000, ("c:\windows\system32\rpcrt4.dll") File version = 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052), File size = 582656, File modification date = 09/07/2007 13:16, File description = Remote Procedure Call Runtime, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3173, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |862413953|0xec9d7fd24172c1879e7673f654e55cec|
C:\WINDOWS\system32\GDI32.dll, MID = 77f10000, ("c:\windows\system32\gdi32.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 282624, File modification date = 20/02/2008 06:51, File description = GDI Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |404757280|0x011fc443e31e3d51b238564bc499b9b1|
C:\WINDOWS\system32\USER32.dll, MID = 7e410000, ("c:\windows\system32\user32.dll") File version = 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), File size = 577536, File modification date = 08/03/2007 15:36, File description = Windows XP USER API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3099, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-550357050|0xb409909f6e2e8a7067076ed748abf1e7|
C:\WINDOWS\system32\SHLWAPI.dll, MID = 77f60000, ("c:\windows\system32\shlwapi.dll") File version = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040), File size = 474112, File modification date = 04/01/2007 14:05, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3059, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |360429776|0x7ffe0d795f7138a5487fc90a8ec121e1|
C:\WINDOWS\system32\ole32.dll, MID = 774e0000, ("c:\windows\system32\ole32.dll") File version = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), File size = 1285120, File modification date = 26/07/2005 04:39, File description = Microsoft OLE for Windows, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2726, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1389208961|0xab8231d13692ac5088eb9c226b0c0576|
C:\WINDOWS\system32\MSVCP71.dll, MID = 7c3a0000, ("c:\windows\system32\msvcp71.dll") File version = 7.10.3077.0, File size = 499712, File modification date = 19/03/2003 03:14, File description = Microsoft® C++ Runtime Library, Product Name = Microsoft® Visual Studio .NET, Product version = 7.10.3077.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1513820628|0x561fa2abb31dfa8fab762145f81667c2|
C:\WINDOWS\system32\MSVCR71.dll, MID = 7c340000, ("c:\windows\system32\msvcr71.dll") File version = 7.10.3052.4, File size = 348160, File modification date = 21/02/2003 11:42, File description = Microsoft® C Runtime Library, Product Name = Microsoft® Visual Studio .NET, Product version = 7.10.3052.4, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |894841200|0x86f1895ae8c5e8b17d99ece768a70732|
C:\Program Files\Common Files\Symantec Shared\ccL60U.dll, MID = 6ae70000, ("c:\program files\common files\symantec shared\ccl60u.dll") File version = 106.1.0.17, File size = 532584, File modification date = 14/10/2006 04:55, File description = Symantec Library, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |-870783237|0x6a8c0e3e30e271c8be790c13df720572|
C:\WINDOWS\system32\OLEAUT32.dll, MID = 77120000, ("c:\windows\system32\oleaut32.dll") File version = 5.1.2600.3266, File size = 550912, File modification date = 04/12/2007 18:38, File description = (null), Product Name = (null), Product version = 5.1.2600.3266, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-2001.) |409301632|0x0144abc4c4a624b583d432ee478a711c|
C:\WINDOWS\system32\IMM32.DLL, MID = 76390000, ("c:\windows\system32\imm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 110080, File modification date = 04/08/2004 07:56, File description = Windows XP IMM32 API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-43671331|0x87ca7ce6469577f059297b9d6556d66d|
C:\WINDOWS\system32\ws2_32.dll, MID = 71ab0000, ("c:\windows\system32\ws2_32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 82944, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1757885354|0x2ed0b7f12a60f90092081c50fa0ec2b2|
C:\WINDOWS\system32\WS2HELP.dll, MID = 71aa0000, ("c:\windows\system32\ws2help.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-170042698|0x9beacb911ca61e5881102188ab7fb431|
C:\WINDOWS\system32\DBGHELP.DLL, MID = 59a60000, ("c:\windows\system32\dbghelp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 640000, File modification date = 04/08/2004 07:56, File description = Windows Image Helper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1813430808|0x6479a184873f7ca797ff0375d711e9a6|
C:\WINDOWS\system32\VERSION.dll, MID = 77c00000, ("c:\windows\system32\version.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18944, File modification date = 04/08/2004 07:56, File description = Version Checking and File Installation Libraries, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-807126597|0xd38408967be738d0c1b47005bce8ceeb|
C:\WINDOWS\system32\uxtheme.dll, MID = 5ad70000, ("c:\windows\system32\uxtheme.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 218624, File modification date = 04/08/2004 07:56, File description = Microsoft UxTheme Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1521061666|0x2cde496666a975a2ce8f969f3042c8db|
C:\WINDOWS\system32\msctfime.ime, MID = 755c0000, ("c:\windows\system32\msctfime.ime") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 177152, File modification date = 04/08/2004 07:56, File description = Microsoft Text Frame Work Service IME, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1785802648|0xd87041eaa67eca4394f6d5d09c0c2885|
C:\WINDOWS\system32\SymNeti.dll, MID = 6f6b0000, ("c:\windows\system32\symneti.dll") File version = 7.1.0.17, File size = 614544, File modification date = 13/10/2006 04:01, File description = Symantec Network Driver Interface, Product Name = Symantec Security Drivers, Product version = 7.1, Company name = Symantec Corporation (Copyright 2002 - 2006 Symantec Corporation) |1579679931|0x436fb2f9b4dc6cabae03e418e03f1faf|
C:\WINDOWS\system32\iphlpapi.dll, MID = 76d60000, ("c:\windows\system32\iphlpapi.dll") File version = 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), File size = 94720, File modification date = 19/05/2006 12:59, File description = IP Helper API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2912, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |858262452|0x011eacf9153ef90e6cbce2987acae411|
C:\WINDOWS\system32\USERENV.dll, MID = 769c0000, ("c:\windows\system32\userenv.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 723456, File modification date = 04/08/2004 07:56, File description = Userenv, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-59535776|0x2b9b56a89a8a42e917511972a6db36e3|
C:\WINDOWS\system32\SETUPAPI.dll, MID = 77920000, ("c:\windows\system32\setupapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 983552, File modification date = 04/08/2004 07:56, File description = Windows Setup API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |598744909|0x7808313cbc634ee08346d5ddfef1cc5f|
C:\WINDOWS\system32\WSOCK32.dll, MID = 71ad0000, ("c:\windows\system32\wsock32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 22528, File modification date = 04/08/2004 07:56, File description = Windows Socket 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1850821242|0x53af9f2b2ce4b6eff41c70417359d010|
C:\WINDOWS\system32\SHELL32.dll, MID = 7c9c0000, ("c:\windows\system32\shell32.dll") File version = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245), File size = 8460288, File modification date = 26/10/2007 03:34, File description = Windows Shell Common Dll, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3241, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1265059713|0x3be4c2e84d99889685fe2b68e5fa2a9d|
C:\WINDOWS\system32\Crypt32.dll, MID = 77a80000, ("c:\windows\system32\crypt32.dll") File version = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 597504, File modification date = 04/08/2004 07:56, File description = Crypto API32, Product Name = Microsoft® Windows® Operating System, Product version = 5.131.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1759588438|0xefc958396a7a7ef7e6d4a52b97512e18|
C:\WINDOWS\system32\MSASN1.dll, MID = 77b20000, ("c:\windows\system32\msasn1.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 57344, File modification date = 04/08/2004 07:56, File description = ASN.1 Runtime APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-720210377|0x3cd1ce106ca2a9b4cc626d7df03fbd6f|
C:\WINDOWS\system32\WinTrust.dll, MID = 76c30000, ("c:\windows\system32\wintrust.dll") File version = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 176640, File modification date = 04/08/2004 07:56, File description = Microsoft Trust Verification APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.131.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1999501123|0xb015a20c60d2a751777a9c8207a7ba82|
C:\WINDOWS\system32\IMAGEHLP.dll, MID = 76c90000, ("c:\windows\system32\imagehlp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 144384, File modification date = 04/08/2004 07:56, File description = Windows NT Image Helper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1900703932|0x5afce94e8286b2f57a04da37f01bf21a|
C:\WINDOWS\system32\rsaenh.dll, MID = ffd0000, ("c:\windows\system32\rsaenh.dll") File version = 5.1.2600.2161 (xpsp.040706-1629), File size = 152576, File modification date = 04/08/2004 05:31, File description = Microsoft Enhanced Cryptographic Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2161, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1510428990|0x26acbd865f8cff730f1791c4d0854352|
C:\WINDOWS\system32\xpsp2res.dll, MID = 20000000, ("c:\windows\system32\xpsp2res.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 2897920, File modification date = 04/08/2004 07:56, File description = Service Pack 2 Messages, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |649549229|0x1320aea7057a26a671d9548cc7bebda5|
C:\WINDOWS\system32\secur32.dll, MID = 77fe0000, ("c:\windows\system32\secur32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 55808, File modification date = 04/08/2004 07:56, File description = Security Support Provider Interface, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1513275479|0x81459cb8e975003ad28b8abb8dfa8329|
C:\WINDOWS\system32\netapi32.dll, MID = 5b860000, ("c:\windows\system32\netapi32.dll") File version = 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), File size = 332288, File modification date = 17/08/2006 12:28, File description = Net Win32 API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2976, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |640979505|0x35a4c61b5a9ae04e73843fb21f9a1137|
C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll, MID = 6b770000, ("c:\program files\common files\symantec shared\ccvrtrst.dll") File version = 106.1.0.17, File size = 128616, File modification date = 14/10/2006 04:44, File description = Symantec Trust Validation Engine, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |1494585096|0x93a994b0d92a26b31aa1a8016b0004ca|
C:\Program Files\Common Files\Symantec Shared\ccSvc.dll, MID = 6b4f0000, ("c:\program files\common files\symantec shared\ccsvc.dll") File version = 106.1.0.17, File size = 296552, File modification date = 14/10/2006 04:44, File description = Symantec ccService Engine, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |1853844957|0x3dce6109ce5ca8524e0b8a0aecd422b1|
C:\Program Files\Common Files\Symantec Shared\ccSet.dll, MID = 6b470000, ("c:\program files\common files\symantec shared\ccset.dll") File version = 106.1.0.17, File size = 145000, File modification date = 14/10/2006 04:44, File description = Symantec Settings Manager Engine, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |922419611|0x279c459873b13f88fa0c358802420c2f|
C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL, MID = 6ac20000, ("c:\program files\common files\symantec shared\ccalert.dll") File version = 106.1.0.17, File size = 263784, File modification date = 14/10/2006 04:43, File description = Symantec Alert and Notification, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |1348849723|0xc72f4a897f5fe38d573ce80dbcac35b3|
C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL, MID = 6acb0000, ("c:\program files\common files\symantec shared\ccemlpxy.dll") File version = 106.1.0.17, File size = 345704, File modification date = 14/10/2006 04:43, File description = Symantec Email Proxy, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |-1447062611|0xe431a42e729dc928d08a9fdb4738ff1d|
C:\WINDOWS\system32\MSWSOCK.dll, MID = 71a50000, ("c:\windows\system32\mswsock.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 245248, File modification date = 04/08/2004 07:56, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-500132976|0x4e74af063c3271fbea20dd940cfd1184|
C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll, MID = 6b4a0000, ("c:\program files\common files\symantec shared\ccsetevt.dll") File version = 106.1.0.17, File size = 71272, File modification date = 14/10/2006 04:44, File description = Symantec Settings Manager Event Factory, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |-334570153|0xd94505b0e7911d40133e544f7736efff|
C:\WINDOWS\system32\ATL71.DLL, MID = 7c120000, ("c:\windows\system32\atl71.dll") File version = 7.10.3077.0, File size = 89088, File modification date = 19/03/2003 02:05, File description = ATL Module for Windows (Unicode), Product Name = Microsoft® Visual Studio .NET, Product version = 7.10.3077.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-2076175466|0x8f2097e8b174f38178570c611464935f|
C:\Program Files\Common Files\Symantec Shared\ccProSub.dll, MID = 6b300000, ("c:\program files\common files\symantec shared\ccprosub.dll") File version = 106.1.0.17, File size = 63080, File modification date = 14/10/2006 04:44, File description = Symantec Proxy Factory, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |1315369879|0x139cbd03e8cffdb9d2595f4dd385fb6b|
C:\WINDOWS\system32\CLBCATQ.DLL, MID = 76fd0000, ("c:\windows\system32\clbcatq.dll") File version = 2001.12.4414.308, File size = 498688, File modification date = 26/07/2005 04:39, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |-1645411569|0xec8a848fc4f17f3b3d9da4a0c43fb930|
C:\WINDOWS\system32\COMRes.dll, MID = 77050000, ("c:\windows\system32\comres.dll") File version = 2001.12.4414.258, File size = 792064, File modification date = 04/08/2004 07:56, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |1511175330|0x6728270cb7dbb776ed086f5ac4c82310|
C:\WINDOWS\system32\msi.dll, MID = 7d1e0000, ("c:\windows\system32\msi.dll") File version = 3.1.4000.4039, File size = 2854400, File modification date = 18/04/2007 16:12, File description = Windows Installer, Product Name = Windows Installer - Unicode, Product version = 3.1.4000.4039, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |362880996|0x892f4bc54d486feb4df03e4e2ecb14e0|
C:\PROGRA~1\COMMON~1\SYMANT~1\ccEvtCli.dll, MID = 6ad60000, ("c:\program files\common files\symantec shared\ccevtcli.dll") File version = 106.1.0.17, File size = 206440, File modification date = 14/10/2006 04:44, File description = Symantec Event Manager Client Side Interface, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |-1341575089|0x57b5e9f9e601d03ac9824ddc8e4876f8|
C:\PROGRA~1\COMMON~1\SYMANT~1\rcEmlPxy.dll, MID = 6b8f0000, ("c:\program files\common files\symantec shared\rcemlpxy.dll") File version = 106.1.0.17, File size = 13928, File modification date = 14/10/2006 04:44, File description = Symantec Email Proxy Resources, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |63744964|0xa1aa13b609972c2ce842c2a60014ca9c|
C:\WINDOWS\system32\SymRedir.dll, MID = 6f760000, ("c:\windows\system32\symredir.dll") File version = 7.1.0.17, File size = 242320, File modification date = 13/10/2006 04:01, File description = Redirector Interface DLL, Product Name = Symantec Security Drivers, Product version = 7.1, Company name = Symantec Corporation (Copyright 2002 - 2006 Symantec Corporation) |35298181|0x7e626f111c3e0b1d7b37a9d0177c8a47|
C:\Program Files\Symantec AntiVirus\SavEmail.dll, MID = 65dc0000, ("c:\program files\symantec antivirus\savemail.dll") File version = 10.2.0.224, File size = 30408, File modification date = 14/10/2006 14:02, File description = Symantec AntiVirus, Product Name = Symantec AntiVirus, Product version = 10.2.0.224, Company name = Symantec Corporation (Copyright 1991 - 2006 Symantec Corporation. All rights reserved.) |2095858528|0x66e98a34847cd9164cb2ad5fe0335f42|
C:\WINDOWS\system32\MSCTF.dll, MID = 74720000, ("c:\windows\system32\msctf.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 294400, File modification date = 04/08/2004 07:56, File description = MSCTF Server DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1143806381|0x2b6d3630eb32b562e6763370ce35d730|
C:\WINDOWS\system32\hnetcfg.dll, MID = 662b0000, ("c:\windows\system32\hnetcfg.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 344064, File modification date = 04/08/2004 07:56, File description = Home Networking Configuration Manager, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1827756751|0x765b30c776a1780b46b479fe614f707c|
C:\WINDOWS\System32\wshtcpip.dll, MID = 71a90000, ("c:\windows\system32\wshtcpip.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Sockets Helper DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1198735131|0xa7f95a53ee055115df03588997a47d4d|

PROCESS VPTray, PID = 1008, USER = , Command Line = "c:\windows\system32\rundll32.exe" c:\windows\system32\nvmctray.dll,nvtaskbarinit
"c:\windows\system32\rundll32.exe" File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 33280, File modification date = 04/08/2004 07:56, File description = Run a DLL as an App, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1698072840|0xda285490bbd8a1d0ce6623577d5ba1ff|
"c:\windows\system32\nvmctray.dll" File version = 6.14.11.6921, File size = 81920, File modification date = 05/12/2007 09:41, File description = NVIDIA Media Center Library, Product Name = NVIDIA Media Center Library, Product version = 6.14.11.6921, Company name = NVIDIA Corporation ((C) NVIDIA Corporation. All rights reserved.) |1134351482|0xec979882a9bf2b9a74693f3bf6db3eaa|
C:\PROGRA~1\SYMANT~2\VPTray.exe, MID = 400000, ("c:\program files\symantec antivirus\vptray.exe") File version = 10.2.0.224, File size = 134856, File modification date = 14/10/2006 14:02, File description = Symantec AntiVirus, Product Name = Symantec AntiVirus, Product version = 10.2.0.224, Company name = Symantec Corporation (Copyright 1991 - 2006 Symantec Corporation. All rights reserved.) |-1292707182|0xcb39ff6e60a7b3ef4917b1e3b8c69aac|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|
C:\WINDOWS\system32\kernel32.dll, MID = 7c800000, ("c:\windows\system32\kernel32.dll") File version = 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301), File size = 984576, File modification date = 16/04/2007 15:52, File description = Windows NT BASE API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3119, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751812395|0xa01f9ca902a88f7ced06884174d6419d|
C:\WINDOWS\system32\USER32.dll, MID = 7e410000, ("c:\windows\system32\user32.dll") File version = 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), File size = 577536, File modification date = 08/03/2007 15:36, File description = Windows XP USER API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3099, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-550357050|0xb409909f6e2e8a7067076ed748abf1e7|
C:\WINDOWS\system32\GDI32.dll, MID = 77f10000, ("c:\windows\system32\gdi32.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 282624, File modification date = 20/02/2008 06:51, File description = GDI Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |404757280|0x011fc443e31e3d51b238564bc499b9b1|
C:\WINDOWS\system32\ADVAPI32.dll, MID = 77dd0000, ("c:\windows\system32\advapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 616960, File modification date = 04/08/2004 07:56, File description = Advanced Windows 32 Base API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1585065738|0x1aff244ca134956c54474f4e2433e4ce|
C:\WINDOWS\system32\RPCRT4.dll, MID = 77e70000, ("c:\windows\system32\rpcrt4.dll") File version = 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052), File size = 582656, File modification date = 09/07/2007 13:16, File description = Remote Procedure Call Runtime, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3173, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |862413953|0xec9d7fd24172c1879e7673f654e55cec|
C:\WINDOWS\system32\SHELL32.dll, MID = 7c9c0000, ("c:\windows\system32\shell32.dll") File version = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245), File size = 8460288, File modification date = 26/10/2007 03:34, File description = Windows Shell Common Dll, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3241, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1265059713|0x3be4c2e84d99889685fe2b68e5fa2a9d|
C:\WINDOWS\system32\msvcrt.dll, MID = 77c10000, ("c:\windows\system32\msvcrt.dll") File version = 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 343040, File modification date = 04/08/2004 07:56, File description = Windows NT CRT DLL, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1385742533|0xb0fefa816d61ec66aa765ddf534eab5e|
C:\WINDOWS\system32\SHLWAPI.dll, MID = 77f60000, ("c:\windows\system32\shlwapi.dll") File version = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040), File size = 474112, File modification date = 04/01/2007 14:05, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3059, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |360429776|0x7ffe0d795f7138a5487fc90a8ec121e1|
C:\WINDOWS\system32\ole32.dll, MID = 774e0000, ("c:\windows\system32\ole32.dll") File version = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), File size = 1285120, File modification date = 26/07/2005 04:39, File description = Microsoft OLE for Windows, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2726, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1389208961|0xab8231d13692ac5088eb9c226b0c0576|
C:\WINDOWS\system32\OLEAUT32.dll, MID = 77120000, ("c:\windows\system32\oleaut32.dll") File version = 5.1.2600.3266, File size = 550912, File modification date = 04/12/2007 18:38, File description = (null), Product Name = (null), Product version = 5.1.2600.3266, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-2001.) |409301632|0x0144abc4c4a624b583d432ee478a711c|
C:\WINDOWS\system32\MSVCP71.dll, MID = 7c3a0000, ("c:\windows\system32\msvcp71.dll") File version = 7.10.3077.0, File size = 499712, File modification date = 19/03/2003 03:14, File description = Microsoft® C++ Runtime Library, Product Name = Microsoft® Visual Studio .NET, Product version = 7.10.3077.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1513820628|0x561fa2abb31dfa8fab762145f81667c2|
C:\WINDOWS\system32\MSVCR71.dll, MID = 7c340000, ("c:\windows\system32\msvcr71.dll") File version = 7.10.3052.4, File size = 348160, File modification date = 21/02/2003 11:42, File description = Microsoft® C Runtime Library, Product Name = Microsoft® Visual Studio .NET, Product version = 7.10.3052.4, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |894841200|0x86f1895ae8c5e8b17d99ece768a70732|
C:\WINDOWS\system32\PSAPI.DLL, MID = 76bf0000, ("c:\windows\system32\psapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 23040, File modification date = 04/08/2004 07:56, File description = Process Status Helper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1750840696|0x96e48c7eb9089d1dbf6f85ca11b264df|
C:\WINDOWS\system32\IMM32.DLL, MID = 76390000, ("c:\windows\system32\imm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 110080, File modification date = 04/08/2004 07:56, File description = Windows XP IMM32 API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-43671331|0x87ca7ce6469577f059297b9d6556d66d|
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll, MID = 773d0000, ("c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll") File version = 6.0 (xpsp.060825-0040), File size = 1054208, File modification date = 25/08/2006 15:45, File description = User Experience Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1490442124|0xc4e80875c1cf1222fc5efd0314ae5c01|
C:\Program Files\Common Files\Symantec Shared\ccL60.dll, MID = 6aa00000, ("c:\program files\common files\symantec shared\ccl60.dll") File version = 106.1.0.17, File size = 423016, File modification date = 14/10/2006 04:55, File description = Symantec Library, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |-1770514684|0x4692ed4cbc710cb0351b378525307bfe|
C:\WINDOWS\system32\ws2_32.dll, MID = 71ab0000, ("c:\windows\system32\ws2_32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 82944, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1757885354|0x2ed0b7f12a60f90092081c50fa0ec2b2|
C:\WINDOWS\system32\WS2HELP.dll, MID = 71aa0000, ("c:\windows\system32\ws2help.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-170042698|0x9beacb911ca61e5881102188ab7fb431|
C:\WINDOWS\system32\Secur32.dll, MID = 77fe0000, ("c:\windows\system32\secur32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 55808, File modification date = 04/08/2004 07:56, File description = Security Support Provider Interface, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1513275479|0x81459cb8e975003ad28b8abb8dfa8329|
C:\WINDOWS\system32\uxtheme.dll, MID = 5ad70000, ("c:\windows\system32\uxtheme.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 218624, File modification date = 04/08/2004 07:56, File description = Microsoft UxTheme Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1521061666|0x2cde496666a975a2ce8f969f3042c8db|
C:\Program Files\Common Files\Symantec Shared\SRTSP\SRTSP32.DLL, MID = 6f9d0000, ("c:\program files\common files\symantec shared\srtsp\srtsp32.dll") File version = 10.1.0.13, File size = 743032, File modification date = 12/10/2006 04:29, File description = Symantec AutoProtect, Product Name = AutoProtect, Product version = 10.1, Company name = Symantec Corporation (Copyright (c) 2006 Symantec Corporation) |-196204172|0xc12b45771a8b2824c3079b628eec2fb6|
C:\WINDOWS\system32\CLBCATQ.DLL, MID = 76fd0000, ("c:\windows\system32\clbcatq.dll") File version = 2001.12.4414.308, File size = 498688, File modification date = 26/07/2005 04:39, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |-1645411569|0xec8a848fc4f17f3b3d9da4a0c43fb930|
C:\WINDOWS\system32\COMRes.dll, MID = 77050000, ("c:\windows\system32\comres.dll") File version = 2001.12.4414.258, File size = 792064, File modification date = 04/08/2004 07:56, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |1511175330|0x6728270cb7dbb776ed086f5ac4c82310|
C:\WINDOWS\system32\VERSION.dll, MID = 77c00000, ("c:\windows\system32\version.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18944, File modification date = 04/08/2004 07:56, File description = Version Checking and File Installation Libraries, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-807126597|0xd38408967be738d0c1b47005bce8ceeb|
C:\WINDOWS\system32\xpsp2res.dll, MID = 20000000, ("c:\windows\system32\xpsp2res.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 2897920, File modification date = 04/08/2004 07:56, File description = Service Pack 2 Messages, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |649549229|0x1320aea7057a26a671d9548cc7bebda5|
C:\WINDOWS\system32\msctfime.ime, MID = 755c0000, ("c:\windows\system32\msctfime.ime") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 177152, File modification date = 04/08/2004 07:56, File description = Microsoft Text Frame Work Service IME, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1785802648|0xd87041eaa67eca4394f6d5d09c0c2885|
C:\Program Files\Common Files\Symantec Shared\ccL60U.dll, MID = 6ae70000, ("c:\program files\common files\symantec shared\ccl60u.dll") File version = 106.1.0.17, File size = 532584, File modification date = 14/10/2006 04:55, File description = Symantec Library, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |-870783237|0x6a8c0e3e30e271c8be790c13df720572|
C:\WINDOWS\system32\Crypt32.dll, MID = 77a80000, ("c:\windows\system32\crypt32.dll") File version = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 597504, File modification date = 04/08/2004 07:56, File description = Crypto API32, Product Name = Microsoft® Windows® Operating System, Product version = 5.131.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1759588438|0xefc958396a7a7ef7e6d4a52b97512e18|
C:\WINDOWS\system32\MSASN1.dll, MID = 77b20000, ("c:\windows\system32\msasn1.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 57344, File modification date = 04/08/2004 07:56, File description = ASN.1 Runtime APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-720210377|0x3cd1ce106ca2a9b4cc626d7df03fbd6f|
C:\WINDOWS\system32\WinTrust.dll, MID = 76c30000, ("c:\windows\system32\wintrust.dll") File version = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 176640, File modification date = 04/08/2004 07:56, File description = Microsoft Trust Verification APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.131.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1999501123|0xb015a20c60d2a751777a9c8207a7ba82|
C:\WINDOWS\system32\IMAGEHLP.dll, MID = 76c90000, ("c:\windows\system32\imagehlp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 144384, File modification date = 04/08/2004 07:56, File description = Windows NT Image Helper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1900703932|0x5afce94e8286b2f57a04da37f01bf21a|
C:\WINDOWS\system32\rsaenh.dll, MID = ffd0000, ("c:\windows\system32\rsaenh.dll") File version = 5.1.2600.2161 (xpsp.040706-1629), File size = 152576, File modification date = 04/08/2004 05:31, File description = Microsoft Enhanced Cryptographic Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2161, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1510428990|0x26acbd865f8cff730f1791c4d0854352|
C:\WINDOWS\system32\userenv.dll, MID = 769c0000, ("c:\windows\system32\userenv.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 723456, File modification date = 04/08/2004 07:56, File description = Userenv, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-59535776|0x2b9b56a89a8a42e917511972a6db36e3|
C:\WINDOWS\system32\netapi32.dll, MID = 5b860000, ("c:\windows\system32\netapi32.dll") File version = 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), File size = 332288, File modification date = 17/08/2006 12:28, File description = Net Win32 API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2976, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |640979505|0x35a4c61b5a9ae04e73843fb21f9a1137|
C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll, MID = 6b4a0000, ("c:\program files\common files\symantec shared\ccsetevt.dll") File version = 106.1.0.17, File size = 71272, File modification date = 14/10/2006 04:44, File description = Symantec Settings Manager Event Factory, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |-334570153|0xd94505b0e7911d40133e544f7736efff|
C:\WINDOWS\system32\ATL71.DLL, MID = 7c120000, ("c:\windows\system32\atl71.dll") File version = 7.10.3077.0, File size = 89088, File modification date = 19/03/2003 02:05, File description = ATL Module for Windows (Unicode), Product Name = Microsoft® Visual Studio .NET, Product version = 7.10.3077.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-2076175466|0x8f2097e8b174f38178570c611464935f|
C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll, MID = 6b770000, ("c:\program files\common files\symantec shared\ccvrtrst.dll") File version = 106.1.0.17, File size = 128616, File modification date = 14/10/2006 04:44, File description = Symantec Trust Validation Engine, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |1494585096|0x93a994b0d92a26b31aa1a8016b0004ca|
C:\WINDOWS\system32\SETUPAPI.dll, MID = 77920000, ("c:\windows\system32\setupapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 983552, File modification date = 04/08/2004 07:56, File description = Windows Setup API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |598744909|0x7808313cbc634ee08346d5ddfef1cc5f|
C:\WINDOWS\system32\WSOCK32.dll, MID = 71ad0000, ("c:\windows\system32\wsock32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 22528, File modification date = 04/08/2004 07:56, File description = Windows Socket 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1850821242|0x53af9f2b2ce4b6eff41c70417359d010|
C:\Program Files\Common Files\Symantec Shared\ccProSub.dll, MID = 6b300000, ("c:\program files\common files\symantec shared\ccprosub.dll") File version = 106.1.0.17, File size = 63080, File modification date = 14/10/2006 04:44, File description = Symantec Proxy Factory, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |1315369879|0x139cbd03e8cffdb9d2595f4dd385fb6b|
C:\WINDOWS\system32\msi.dll, MID = 7d1e0000, ("c:\windows\system32\msi.dll") File version = 3.1.4000.4039, File size = 2854400, File modification date = 18/04/2007 16:12, File description = Windows Installer, Product Name = Windows Installer - Unicode, Product version = 3.1.4000.4039, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |362880996|0x892f4bc54d486feb4df03e4e2ecb14e0|
C:\PROGRA~1\COMMON~1\SYMANT~1\ccEvtCli.dll, MID = 6ad60000, ("c:\program files\common files\symantec shared\ccevtcli.dll") File version = 106.1.0.17, File size = 206440, File modification date = 14/10/2006 04:44, File description = Symantec Event Manager Client Side Interface, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |-1341575089|0x57b5e9f9e601d03ac9824ddc8e4876f8|
C:\Program Files\Common Files\Symantec Shared\ccSvc.dll, MID = 6b4f0000, ("c:\program files\common files\symantec shared\ccsvc.dll") File version = 106.1.0.17, File size = 296552, File modification date = 14/10/2006 04:44, File description = Symantec ccService Engine, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |1853844957|0x3dce6109ce5ca8524e0b8a0aecd422b1|
C:\Program Files\Common Files\Symantec Shared\ccAlert.dll, MID = 6ac20000, ("c:\program files\common files\symantec shared\ccalert.dll") File version = 106.1.0.17, File size = 263784, File modification date = 14/10/2006 04:43, File description = Symantec Alert and Notification, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |1348849723|0xc72f4a897f5fe38d573ce80dbcac35b3|
C:\Program Files\Symantec AntiVirus\Cliproxy.dll, MID = 65fa0000, ("c:\program files\symantec antivirus\cliproxy.dll") File version = 10.2.0.224, File size = 357576, File modification date = 14/10/2006 14:02, File description = Symantec AntiVirus, Product Name = Symantec AntiVirus, Product version = 10.2.0.224, Company name = Symantec Corporation (Copyright 1991 - 2006 Symantec Corporation. All rights reserved.) |774838048|0x05bf89478de407aecbeed25c1b587218|
C:\WINDOWS\system32\MPR.dll, MID = 71b20000, ("c:\windows\system32\mpr.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 59904, File modification date = 04/08/2004 07:56, File description = Multiple Provider Router DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1996326639|0x2cfe80aa3428c09e6de67fac50da65cf|
C:\Program Files\Symantec AntiVirus\NAVNTUTL.DLL, MID = 65ee0000, ("c:\program files\symantec antivirus\navntutl.dll") File version = 10.2.0.224, File size = 54472, File modification date = 14/10/2006 14:02, File description = Symantec AntiVirus, Product Name = Symantec AntiVirus, Product version = 10.2.0.224, Company name = Symantec Corporation (Copyright 1991 - 2006 Symantec Corporation. All rights reserved.) |-1292028347|0xafcbe3665359be853d81de1dfffa902b|
C:\Program Files\Common Files\Symantec Shared\ccSet.dll, MID = 6b470000, ("c:\program files\common files\symantec shared\ccset.dll") File version = 106.1.0.17, File size = 145000, File modification date = 14/10/2006 04:44, File description = Symantec Settings Manager Engine, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |922419611|0x279c459873b13f88fa0c358802420c2f|
C:\WINDOWS\system32\SXS.DLL, MID = 75e90000, ("c:\windows\system32\sxs.dll") File version = 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414), File size = 713216, File modification date = 19/10/2006 13:56, File description = Fusion 2.5, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3019, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |641248419|0x0ff9fa27706fbe9048990c108c0d62f0|
c:\program files\common files\symantec shared\ssc\ScsComms.dll, MID = 65a40000, ("c:\program files\common files\symantec shared\ssc\scscomms.dll") File version = 10.2.0.224, File size = 1030344, File modification date = 14/10/2006 14:03, File description = Symantec Client Security Management Communications, Product Name = Symantec AntiVirus, Product version = 10.2.0.224, Company name = Symantec Corporation (Copyright 1991 - 2006 Symantec Corporation. All rights reserved.) |944673408|0xaa75e52dfe09bd6bed90c26c7e2ea84e|
C:\WINDOWS\system32\nts.dll, MID = 50250000, ("c:\windows\system32\nts.dll") File version = 6.12.0.142 E, File size = 83752, File modification date = 17/03/2006 13:35, File description = NTS, Product Name = Intel Common Base Agent, Product version = 6.12.0.142, Company name = LANDesk Software Ltd. (Copyright © 1997-2004 LANDesk Software Ltd.) |836621743|0x08bcc1705dae063011be66f18071538a|
C:\WINDOWS\system32\MSWSOCK.dll, MID = 71a50000, ("c:\windows\system32\mswsock.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 245248, File modification date = 04/08/2004 07:56, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-500132976|0x4e74af063c3271fbea20dd940cfd1184|
C:\WINDOWS\system32\cba.dll, MID = 501e0000, ("c:\windows\system32\cba.dll") File version = 6.12.0.142 E, File size = 34600, File modification date = 17/03/2006 13:35, File description = CBA Interface Library, Product Name = Intel Common Base Agent, Product version = 6.12.0.142, Company name = LANDesk Software Ltd. (Copyright © 1997-2004 LANDesk Software Ltd.) |1523263708|0xab21e78633191cbc0f80eecf6f7a40c8|
C:\WINDOWS\system32\MsgSys.dll, MID = 50240000, ("c:\windows\system32\msgsys.dll") File version = 6.12.0.142 E, File size = 46896, File modification date = 17/03/2006 13:35, File description = CBA -- Message System Library, Product Name = Intel Common Base Agent, Product version = 6.12.0.142, Company name = LANDesk Software Ltd. (Copyright © 1997-2004 LANDesk Software Ltd.) |-560893072|0xc4c9018343e87c057af106f4357113f6|
C:\WINDOWS\system32\PDS.DLL, MID = 50270000, ("c:\windows\system32\pds.dll") File version = 6.12.0.142 E, File size = 83752, File modification date = 17/03/2006 13:35, File description = PDS API, Product Name = Intel Common Base Agent, Product version = 6.12.0.142, Company name = LANDesk Software Ltd. (Copyright © 1997-2004 LANDesk Software Ltd.) |1003701011|0x76b7adfbb6d94ae44db699344c32880a|
C:\WINDOWS\system32\MSCTF.dll, MID = 74720000, ("c:\windows\system32\msctf.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 294400, File modification date = 04/08/2004 07:56, File description = MSCTF Server DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1143806381|0x2b6d3630eb32b562e6763370ce35d730|
C:\WINDOWS\system32\Apphelp.dll, MID = 77b40000, ("c:\windows\system32\apphelp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 126976, File modification date = 04/08/2004 07:56, File description = Application Compatibility Client Library, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1990618285|0xeca24ab73fcffa754d4070cdb03529e3|

PROCESS iTunesHelper, PID = 1016, USER = PEARLY\David (Group - PEARLY\None, Everyone, BUILTIN\Administrators, BUILTIN\Users, NT AUTHORITY\INTERACTIVE, NT AUTHORITY\Authenticated Users, LOCAL), Command Line = "C:\Program Files\iTunes\iTunesHelper.exe"
"c:\program files\itunes\ituneshelper.exe" File version = 7.6.1.9, File size = 267048, File modification date = 19/02/2008 20:10, File description = iTunesHelper Module, Product Name = iTunes, Product version = 7.6.1.9, Company name = Apple Inc. (© 2003-2008 Apple Inc. All Rights Reserved.) |1247549313|0x6f6493a929bc9b5762035940e825b840|
C:\Program Files\iTunes\iTunesHelper.exe, MID = 400000, ("c:\program files\itunes\ituneshelper.exe") File version = 7.6.1.9, File size = 267048, File modification date = 19/02/2008 20:10, File description = iTunesHelper Module, Product Name = iTunes, Product version = 7.6.1.9, Company name = Apple Inc. (© 2003-2008 Apple Inc. All Rights Reserved.) |1247549313|0x6f6493a929bc9b5762035940e825b840|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|
C:\WINDOWS\system32\kernel32.dll, MID = 7c800000, ("c:\windows\system32\kernel32.dll") File version = 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301), File size = 984576, File modification date = 16/04/2007 15:52, File description = Windows NT BASE API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3119, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751812395|0xa01f9ca902a88f7ced06884174d6419d|
C:\WINDOWS\system32\VERSION.dll, MID = 77c00000, ("c:\windows\system32\version.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18944, File modification date = 04/08/2004 07:56, File description = Version Checking and File Installation Libraries, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-807126597|0xd38408967be738d0c1b47005bce8ceeb|
C:\WINDOWS\system32\WININET.dll, MID = 42c10000, ("c:\windows\system32\wininet.dll") File version = 7.00.6000.16640 (vista_gdr.080213-1606), File size = 826368, File modification date = 01/03/2008 13:06, File description = Internet Extensions for Win32, Product Name = Windows® Internet Explorer, Product version = 7.00.6000.16640, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1720921237|0xad21461aef8244edec2ef18e55e1dcf3|
C:\WINDOWS\system32\msvcrt.dll, MID = 77c10000, ("c:\windows\system32\msvcrt.dll") File version = 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 343040, File modification date = 04/08/2004 07:56, File description = Windows NT CRT DLL, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1385742533|0xb0fefa816d61ec66aa765ddf534eab5e|
C:\WINDOWS\system32\SHLWAPI.dll, MID = 77f60000, ("c:\windows\system32\shlwapi.dll") File version = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040), File size = 474112, File modification date = 04/01/2007 14:05, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3059, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |360429776|0x7ffe0d795f7138a5487fc90a8ec121e1|
C:\WINDOWS\system32\ADVAPI32.dll, MID = 77dd0000, ("c:\windows\system32\advapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 616960, File modification date = 04/08/2004 07:56, File description = Advanced Windows 32 Base API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1585065738|0x1aff244ca134956c54474f4e2433e4ce|
C:\WINDOWS\system32\RPCRT4.dll, MID = 77e70000, ("c:\windows\system32\rpcrt4.dll") File version = 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052), File size = 582656, File modification date = 09/07/2007 13:16, File description = Remote Procedure Call Runtime, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3173, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |862413953|0xec9d7fd24172c1879e7673f654e55cec|
C:\WINDOWS\system32\GDI32.dll, MID = 77f10000, ("c:\windows\system32\gdi32.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 282624, File modification date = 20/02/2008 06:51, File description = GDI Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |404757280|0x011fc443e31e3d51b238564bc499b9b1|
C:\WINDOWS\system32\USER32.dll, MID = 7e410000, ("c:\windows\system32\user32.dll") File version = 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), File size = 577536, File modification date = 08/03/2007 15:36, File description = Windows XP USER API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3099, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-550357050|0xb409909f6e2e8a7067076ed748abf1e7|
C:\WINDOWS\system32\Normaliz.dll, MID = 330000, ("c:\windows\system32\normaliz.dll") File version = 6.0.5441.0 (winmain(wmbla).060628-1735), File size = 23552, File modification date = 29/06/2006 16:05, File description = Unicode Normalization DLL, Product Name = Microsoft® Windows® Operating System, Product version = 6.0.5441.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-2140978042|0x10753a3adc3e39a3b10cc3f08e98e6b4|
C:\WINDOWS\system32\iertutil.dll, MID = 42990000, ("c:\windows\system32\iertutil.dll") File version = 7.00.6000.16640 (vista_gdr.080213-1606), File size = 267776, File modification date = 01/03/2008 13:06, File description = Run time utility for Internet Explorer, Product Name = Windows® Internet Explorer, Product version = 7.00.6000.16640, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1890308121|0x4926de4ab9c86e8b295e7e6797b97782|
C:\WINDOWS\system32\ole32.dll, MID = 774e0000, ("c:\windows\system32\ole32.dll") File version = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), File size = 1285120, File modification date = 26/07/2005 04:39, File description = Microsoft OLE for Windows, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2726, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1389208961|0xab8231d13692ac5088eb9c226b0c0576|
C:\WINDOWS\system32\OLEAUT32.dll, MID = 77120000, ("c:\windows\system32\oleaut32.dll") File version = 5.1.2600.3266, File size = 550912, File modification date = 04/12/2007 18:38, File description = (null), Product Name = (null), Product version = 5.1.2600.3266, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-2001.) |409301632|0x0144abc4c4a624b583d432ee478a711c|
C:\WINDOWS\system32\IMM32.DLL, MID = 76390000, ("c:\windows\system32\imm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 110080, File modification date = 04/08/2004 07:56, File description = Windows XP IMM32 API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-43671331|0x87ca7ce6469577f059297b9d6556d66d|
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll, MID = 773d0000, ("c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll") File version = 6.0 (xpsp.060825-0040), File size = 1054208, File modification date = 25/08/2006 15:45, File description = User Experience Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1490442124|0xc4e80875c1cf1222fc5efd0314ae5c01|
C:\WINDOWS\system32\uxtheme.dll, MID = 5ad70000, ("c:\windows\system32\uxtheme.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 218624, File modification date = 04/08/2004 07:56, File description = Microsoft UxTheme Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1521061666|0x2cde496666a975a2ce8f969f3042c8db|
C:\WINDOWS\system32\Secur32.dll, MID = 77fe0000, ("c:\windows\system32\secur32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 55808, File modification date = 04/08/2004 07:56, File description = Security Support Provider Interface, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1513275479|0x81459cb8e975003ad28b8abb8dfa8329|
C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.DLL, MID = 10000000, ("c:\program files\itunes\ituneshelper.resources\en.lproj\ituneshelperlocalized.dll") File version = 7.6.1.9, File size = 43520, File modification date = 19/02/2008 20:10, File description = iTunesHelper Resource Library, Product Name = iTunes, Product version = 7.6.1.9, Company name = Apple Inc. (© 2003-2008 Apple Inc. All Rights Reserved.) |1543596942|0xa4c892d1098a05f475e8d88c41a20baa|
C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL, MID = d50000, ("c:\program files\itunes\ituneshelper.resources\ituneshelper.dll") File version = 7.6.1.9, File size = 42496, File modification date = 19/02/2008 20:10, File description = iTunesHelper Resource Library, Product Name = iTunes, Product version = 7.6.1.9, Company name = Apple Inc. (© 2003-2008 Apple Inc. All Rights Reserved.) |-1526700898|0x218ac54c394c7943993ae39ac49abe02|
C:\WINDOWS\system32\msctfime.ime, MID = 755c0000, ("c:\windows\system32\msctfime.ime") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 177152, File modification date = 04/08/2004 07:56, File description = Microsoft Text Frame Work Service IME, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1785802648|0xd87041eaa67eca4394f6d5d09c0c2885|
C:\Program Files\QuickTime\QTSystem\QuickTime.qts, MID = 66800000, ("c:\program files\quicktime\qtsystem\quicktime.qts") File version = 7.4.5, File size = 16994304, File modification date = 29/03/2008 06:37, File description = QuickTime, Product Name = QuickTime, Product version = QuickTime 7.4.5, Company name = Apple Inc. (Copyright Apple Inc. 1989-2008) |1744379566|0x8fdded9036e5848fb9dfdb013b6ba763|
C:\WINDOWS\system32\WINMM.dll, MID = 76b40000, ("c:\windows\system32\winmm.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 176128, File modification date = 04/08/2004 07:56, File description = MCI API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |305547002|0x90fdaa22f38d9e911f91fa3b8a1f7e5d|
C:\WINDOWS\system32\WS2_32.dll, MID = 71ab0000, ("c:\windows\system32\ws2_32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 82944, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1757885354|0x2ed0b7f12a60f90092081c50fa0ec2b2|
C:\WINDOWS\system32\WS2HELP.dll, MID = 71aa0000, ("c:\windows\system32\ws2help.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-170042698|0x9beacb911ca61e5881102188ab7fb431|
C:\WINDOWS\system32\comdlg32.dll, MID = 763b0000, ("c:\windows\system32\comdlg32.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 276992, File modification date = 04/08/2004 07:56, File description = Common Dialogs DLL, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-699718646|0x1edb1bb89d021955e6f7265911175b8d|
C:\WINDOWS\system32\COMCTL32.dll, MID = 5d090000, ("c:\windows\system32\comctl32.dll") File version = 5.82 (xpsp.060825-0040), File size = 617472, File modification date = 25/08/2006 15:45, File description = Common Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |590308980|0xb0124cb21d28b1c9f678b566b6b57d92|
C:\WINDOWS\system32\SHELL32.dll, MID = 7c9c0000, ("c:\windows\system32\shell32.dll") File version = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245), File size = 8460288, File modification date = 26/10/2007 03:34, File description = Windows Shell Common Dll, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3241, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1265059713|0x3be4c2e84d99889685fe2b68e5fa2a9d|
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll, MID = 4ec50000, ("c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll") File version = 5.1.3102.2180 (xpsp_sp2_rtm.040803-2158), File size = 1712128, File modification date = 04/08/2004 07:56, File description = Microsoft GDI+, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.3102.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-778140727|0x78bdc89c5d9e206209bec5a5a73f91f7|
C:\WINDOWS\system32\DSOUND.dll, MID = 73f10000, ("c:\windows\system32\dsound.dll") File version = 5.3.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 367616, File modification date = 04/08/2004 07:56, File description = DirectSound, Product Name = Microsoft(R) Windows(R) Operating System, Product version = 5.3.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-252725886|0x55e148c01296696588eafa425782c3e8|
C:\WINDOWS\system32\ddraw.dll, MID = 73760000, ("c:\windows\system32\ddraw.dll") File version = 5.03.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 266240, File modification date = 04/08/2004 07:56, File description = Microsoft DirectDraw, Product Name = Microsoft® Windows® Operating System, Product version = 5.03.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-2100808811|0x7ed462f353b3d915a418a689fa881f96|
C:\WINDOWS\system32\DCIMAN32.dll, MID = 73bc0000, ("c:\windows\system32\dciman32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 8704, File modification date = 04/08/2004 07:56, File description = DCI Manager, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1968337953|0xd0933c7b9763098b16e6bb0b823ae844|
C:\WINDOWS\system32\MSCTF.dll, MID = 74720000, ("c:\windows\system32\msctf.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 294400, File modification date = 04/08/2004 07:56, File description = MSCTF Server DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1143806381|0x2b6d3630eb32b562e6763370ce35d730|
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll, MID = 1580000, ("c:\program files\common files\apple\mobile device support\bin\itunesmobiledevice.dll") File version = 7, 6, 120, 1, File size = 1110016, File modification date = 18/02/2008 18:17, File description = iTunesMobileDevice, Product Name = iTunesMobileDevice, Product version = 7, 6, 120, 1, Company name = Apple Inc. (Copyright (C) 2007) |166073414|0x2a2920d0ef665a6cce0da9c9aac85777|
C:\WINDOWS\system32\WSOCK32.dll, MID = 71ad0000, ("c:\windows\system32\wsock32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 22528, File modification date = 04/08/2004 07:56, File description = Windows Socket 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1850821242|0x53af9f2b2ce4b6eff41c70417359d010|
C:\WINDOWS\system32\SETUPAPI.dll, MID = 77920000, ("c:\windows\system32\setupapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 983552, File modification date = 04/08/2004 07:56, File description = Windows Setup API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |598744909|0x7808313cbc634ee08346d5ddfef1cc5f|
C:\WINDOWS\system32\mswsock.dll, MID = 71a50000, ("c:\windows\system32\mswsock.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 245248, File modification date = 04/08/2004 07:56, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-500132976|0x4e74af063c3271fbea20dd940cfd1184|
C:\WINDOWS\system32\hnetcfg.dll, MID = 662b0000, ("c:\windows\system32\hnetcfg.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 344064, File modification date = 04/08/2004 07:56, File description = Home Networking Configuration Manager, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1827756751|0x765b30c776a1780b46b479fe614f707c|
C:\WINDOWS\System32\wshtcpip.dll, MID = 71a90000, ("c:\windows\system32\wshtcpip.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Sockets Helper DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1198735131|0xa7f95a53ee055115df03588997a47d4d|
C:\WINDOWS\system32\Wtsapi32.dll, MID = 76f50000, ("c:\windows\system32\wtsapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18432, File modification date = 04/08/2004 07:56, File description = Windows Terminal Server SDK APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-593757918|0x67f2d109ab373feceb819f420db11f03|
C:\WINDOWS\system32\WINSTA.dll, MID = 76360000, ("c:\windows\system32\winsta.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 53760, File modification date = 04/08/2004 07:56, File description = Winstation Library, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1778901481|0x7bc4ba4c33adf3ef5cd370d99bc60b04|
C:\WINDOWS\system32\NETAPI32.dll, MID = 5b860000, ("c:\windows\system32\netapi32.dll") File version = 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), File size = 332288, File modification date = 17/08/2006 12:28, File description = Net Win32 API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2976, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |640979505|0x35a4c61b5a9ae04e73843fb21f9a1137|
C:\WINDOWS\system32\WINTRUST.dll, MID = 76c30000, ("c:\windows\system32\wintrust.dll") File version = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 176640, File modification date = 04/08/2004 07:56, File description = Microsoft Trust Verification APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.131.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1999501123|0xb015a20c60d2a751777a9c8207a7ba82|
C:\WINDOWS\system32\CRYPT32.dll, MID = 77a80000, ("c:\windows\system32\crypt32.dll") File version = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 597504, File modification date = 04/08/2004 07:56, File description = Crypto API32, Product Name = Microsoft® Windows® Operating System, Product version = 5.131.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1759588438|0xefc958396a7a7ef7e6d4a52b97512e18|
C:\WINDOWS\system32\MSASN1.dll, MID = 77b20000, ("c:\windows\system32\msasn1.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 57344, File modification date = 04/08/2004 07:56, File description = ASN.1 Runtime APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-720210377|0x3cd1ce106ca2a9b4cc626d7df03fbd6f|
C:\WINDOWS\system32\IMAGEHLP.dll, MID = 76c90000, ("c:\windows\system32\imagehlp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 144384, File modification date = 04/08/2004 07:56, File description = Windows NT Image Helper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1900703932|0x5afce94e8286b2f57a04da37f01bf21a|
C:\WINDOWS\system32\CLBCATQ.DLL, MID = 76fd0000, ("c:\windows\system32\clbcatq.dll") File version = 2001.12.4414.308, File size = 498688, File modification date = 26/07/2005 04:39, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |-1645411569|0xec8a848fc4f17f3b3d9da4a0c43fb930|
C:\WINDOWS\system32\COMRes.dll, MID = 77050000, ("c:\windows\system32\comres.dll") File version = 2001.12.4414.258, File size = 792064, File modification date = 04/08/2004 07:56, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |1511175330|0x6728270cb7dbb776ed086f5ac4c82310|
C:\WINDOWS\system32\xpsp2res.dll, MID = 20000000, ("c:\windows\system32\xpsp2res.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 2897920, File modification date = 04/08/2004 07:56, File description = Service Pack 2 Messages, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |649549229|0x1320aea7057a26a671d9548cc7bebda5|
C:\WINDOWS\system32\msi.dll, MID = 7d1e0000, ("c:\windows\system32\msi.dll") File version = 3.1.4000.4039, File size = 2854400, File modification date = 18/04/2007 16:12, File description = Windows Installer, Product Name = Windows Installer - Unicode, Product version = 3.1.4000.4039, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |362880996|0x892f4bc54d486feb4df03e4e2ecb14e0|
C:\WINDOWS\system32\SXS.DLL, MID = 75e90000, ("c:\windows\system32\sxs.dll") File version = 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414), File size = 713216, File modification date = 19/10/2006 13:56, File description = Fusion 2.5, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3019, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |641248419|0x0ff9fa27706fbe9048990c108c0d62f0|

PROCESS reader_sl, PID = 1048, USER = PEARLY\David (Group - PEARLY\None, Everyone, BUILTIN\Administrators, BUILTIN\Users, NT AUTHORITY\INTERACTIVE, NT AUTHORITY\Authenticated Users, LOCAL), Command Line = "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"c:\program files\adobe\reader 8.0\reader\reader_sl.exe" File version = 8.0.0.0, File size = 39792, File modification date = 12/01/2008 05:16, File description = Adobe Acrobat SpeedLauncher, Product Name = Adobe Acrobat, Product version = 8.0.0.0, Company name = Adobe Systems Incorporated (Copyright Adobe Systems Incorporated 2004) |-1126810773|0x8b9145d229d4e89d15acb820d4a3a90f|
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe, MID = 400000, ("c:\program files\adobe\reader 8.0\reader\reader_sl.exe") File version = 8.0.0.0, File size = 39792, File modification date = 12/01/2008 05:16, File description = Adobe Acrobat SpeedLauncher, Product Name = Adobe Acrobat, Product version = 8.0.0.0, Company name = Adobe Systems Incorporated (Copyright Adobe Systems Incorporated 2004) |-1126810773|0x8b9145d229d4e89d15acb820d4a3a90f|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|
C:\WINDOWS\system32\kernel32.dll, MID = 7c800000, ("c:\windows\system32\kernel32.dll") File version = 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301), File size = 984576, File modification date = 16/04/2007 15:52, File description = Windows NT BASE API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3119, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751812395|0xa01f9ca902a88f7ced06884174d6419d|
C:\WINDOWS\system32\USER32.dll, MID = 7e410000, ("c:\windows\system32\user32.dll") File version = 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), File size = 577536, File modification date = 08/03/2007 15:36, File description = Windows XP USER API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3099, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-550357050|0xb409909f6e2e8a7067076ed748abf1e7|
C:\WINDOWS\system32\GDI32.dll, MID = 77f10000, ("c:\windows\system32\gdi32.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 282624, File modification date = 20/02/2008 06:51, File description = GDI Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |404757280|0x011fc443e31e3d51b238564bc499b9b1|
C:\WINDOWS\system32\ADVAPI32.dll, MID = 77dd0000, ("c:\windows\system32\advapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 616960, File modification date = 04/08/2004 07:56, File description = Advanced Windows 32 Base API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1585065738|0x1aff244ca134956c54474f4e2433e4ce|
C:\WINDOWS\system32\RPCRT4.dll, MID = 77e70000, ("c:\windows\system32\rpcrt4.dll") File version = 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052), File size = 582656, File modification date = 09/07/2007 13:16, File description = Remote Procedure Call Runtime, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3173, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |862413953|0xec9d7fd24172c1879e7673f654e55cec|
C:\WINDOWS\system32\SHELL32.dll, MID = 7c9c0000, ("c:\windows\system32\shell32.dll") File version = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245), File size = 8460288, File modification date = 26/10/2007 03:34, File description = Windows Shell Common Dll, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3241, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1265059713|0x3be4c2e84d99889685fe2b68e5fa2a9d|
C:\WINDOWS\system32\msvcrt.dll, MID = 77c10000, ("c:\windows\system32\msvcrt.dll") File version = 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 343040, File modification date = 04/08/2004 07:56, File description = Windows NT CRT DLL, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1385742533|0xb0fefa816d61ec66aa765ddf534eab5e|
C:\WINDOWS\system32\SHLWAPI.dll, MID = 77f60000, ("c:\windows\system32\shlwapi.dll") File version = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040), File size = 474112, File modification date = 04/01/2007 14:05, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3059, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |360429776|0x7ffe0d795f7138a5487fc90a8ec121e1|
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll, MID = 7c420000, ("c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll") File version = 8.00.50727.762, File size = 548864, File modification date = 02/12/2006 05:54, File description = Microsoft® C++ Runtime Library, Product Name = Microsoft® Visual Studio® 2005, Product version = 8.00.50727.762, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1359536405|0x4c8a880eabc0b4d462cc4b2472116ea1|
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll, MID = 78130000, ("c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll") File version = 8.00.50727.762, File size = 626688, File modification date = 02/12/2006 05:54, File description = Microsoft® C Runtime Library, Product Name = Microsoft® Visual Studio® 2005, Product version = 8.00.50727.762, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |412186895|0xe4fece18310e23b1d8fee993e35e7a6f|
C:\WINDOWS\system32\IMM32.DLL, MID = 76390000, ("c:\windows\system32\imm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 110080, File modification date = 04/08/2004 07:56, File description = Windows XP IMM32 API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-43671331|0x87ca7ce6469577f059297b9d6556d66d|
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll, MID = 773d0000, ("c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll") File version = 6.0 (xpsp.060825-0040), File size = 1054208, File modification date = 25/08/2006 15:45, File description = User Experience Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1490442124|0xc4e80875c1cf1222fc5efd0314ae5c01|
C:\WINDOWS\system32\comctl32.dll, MID = 5d090000, ("c:\windows\system32\comctl32.dll") File version = 5.82 (xpsp.060825-0040), File size = 617472, File modification date = 25/08/2006 15:45, File description = Common Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |590308980|0xb0124cb21d28b1c9f678b566b6b57d92|
C:\WINDOWS\system32\uxtheme.dll, MID = 5ad70000, ("c:\windows\system32\uxtheme.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 218624, File modification date = 04/08/2004 07:56, File description = Microsoft UxTheme Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1521061666|0x2cde496666a975a2ce8f969f3042c8db|
C:\WINDOWS\system32\msctfime.ime, MID = 755c0000, ("c:\windows\system32\msctfime.ime") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 177152, File modification date = 04/08/2004 07:56, File description = Microsoft Text Frame Work Service IME, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1785802648|0xd87041eaa67eca4394f6d5d09c0c2885|
C:\WINDOWS\system32\ole32.dll, MID = 774e0000, ("c:\windows\system32\ole32.dll") File version = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), File size = 1285120, File modification date = 26/07/2005 04:39, File description = Microsoft OLE for Windows, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2726, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1389208961|0xab8231d13692ac5088eb9c226b0c0576|
C:\WINDOWS\system32\MSCTF.dll, MID = 74720000, ("c:\windows\system32\msctf.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 294400, File modification date = 04/08/2004 07:56, File description = MSCTF Server DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1143806381|0x2b6d3630eb32b562e6763370ce35d730|

PROCESS SpySweeperUI, PID = 1208, USER = PEARLY\David (Group - PEARLY\None, Everyone, BUILTIN\Administrators, BUILTIN\Users, NT AUTHORITY\INTERACTIVE, NT AUTHORITY\Authenticated Users, LOCAL), Command Line = "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
"c:\program files\webroot\spy sweeper\spysweeperui.exe" File version = 5,5,7,124, File size = 5367664, File modification date = 05/01/2008 04:56, File description = Spy Sweeper Client Executable, Product Name = Spy Sweeper, Product version = 5, 5, Company name = Webroot Software, Inc. (Copyright (C) 2002 - 2007, All Rights Reserved.) |1327618229|0x2b0b8c29092fb420826f5a8fd02dc081|
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe, MID = 400000, ("c:\program files\webroot\spy sweeper\spysweeperui.exe") File version = 5,5,7,124, File size = 5367664, File modification date = 05/01/2008 04:56, File description = Spy Sweeper Client Executable, Product Name = Spy Sweeper, Product version = 5, 5, Company name = Webroot Software, Inc. (Copyright (C) 2002 - 2007, All Rights Reserved.) |1327618229|0x2b0b8c29092fb420826f5a8fd02dc081|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|
C:\WINDOWS\system32\kernel32.dll, MID = 7c800000, ("c:\windows\system32\kernel32.dll") File version = 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301), File size = 984576, File modification date = 16/04/2007 15:52, File description = Windows NT BASE API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3119, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751812395|0xa01f9ca902a88f7ced06884174d6419d|
C:\WINDOWS\system32\oleaut32.dll, MID = 77120000, ("c:\windows\system32\oleaut32.dll") File version = 5.1.2600.3266, File size = 550912, File modification date = 04/12/2007 18:38, File description = (null), Product Name = (null), Product version = 5.1.2600.3266, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-2001.) |409301632|0x0144abc4c4a624b583d432ee478a711c|
C:\WINDOWS\system32\ADVAPI32.dll, MID = 77dd0000, ("c:\windows\system32\advapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 616960, File modification date = 04/08/2004 07:56, File description = Advanced Windows 32 Base API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1585065738|0x1aff244ca134956c54474f4e2433e4ce|
C:\WINDOWS\system32\RPCRT4.dll, MID = 77e70000, ("c:\windows\system32\rpcrt4.dll") File version = 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052), File size = 582656, File modification date = 09/07/2007 13:16, File description = Remote Procedure Call Runtime, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3173, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |862413953|0xec9d7fd24172c1879e7673f654e55cec|
C:\WINDOWS\system32\GDI32.dll, MID = 77f10000, ("c:\windows\system32\gdi32.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 282624, File modification date = 20/02/2008 06:51, File description = GDI Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |404757280|0x011fc443e31e3d51b238564bc499b9b1|
C:\WINDOWS\system32\USER32.dll, MID = 7e410000, ("c:\windows\system32\user32.dll") File version = 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), File size = 577536, File modification date = 08/03/2007 15:36, File description = Windows XP USER API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3099, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-550357050|0xb409909f6e2e8a7067076ed748abf1e7|
C:\WINDOWS\system32\msvcrt.dll, MID = 77c10000, ("c:\windows\system32\msvcrt.dll") File version = 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 343040, File modification date = 04/08/2004 07:56, File description = Windows NT CRT DLL, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1385742533|0xb0fefa816d61ec66aa765ddf534eab5e|
C:\WINDOWS\system32\ole32.dll, MID = 774e0000, ("c:\windows\system32\ole32.dll") File version = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), File size = 1285120, File modification date = 26/07/2005 04:39, File description = Microsoft OLE for Windows, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2726, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1389208961|0xab8231d13692ac5088eb9c226b0c0576|
C:\WINDOWS\system32\version.dll, MID = 77c00000, ("c:\windows\system32\version.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18944, File modification date = 04/08/2004 07:56, File description = Version Checking and File Installation Libraries, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-807126597|0xd38408967be738d0c1b47005bce8ceeb|
C:\WINDOWS\system32\mpr.dll, MID = 71b20000, ("c:\windows\system32\mpr.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 59904, File modification date = 04/08/2004 07:56, File description = Multiple Provider Router DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1996326639|0x2cfe80aa3428c09e6de67fac50da65cf|
C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll, MID = 773d0000, ("c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll") File version = 6.0 (xpsp.060825-0040), File size = 1054208, File modification date = 25/08/2006 15:45, File description = User Experience Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1490442124|0xc4e80875c1cf1222fc5efd0314ae5c01|
C:\WINDOWS\system32\SHLWAPI.dll, MID = 77f60000, ("c:\windows\system32\shlwapi.dll") File version = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040), File size = 474112, File modification date = 04/01/2007 14:05, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3059, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |360429776|0x7ffe0d795f7138a5487fc90a8ec121e1|
C:\WINDOWS\system32\wininet.dll, MID = 42c10000, ("c:\windows\system32\wininet.dll") File version = 7.00.6000.16640 (vista_gdr.080213-1606), File size = 826368, File modification date = 01/03/2008 13:06, File description = Internet Extensions for Win32, Product Name = Windows® Internet Explorer, Product version = 7.00.6000.16640, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1720921237|0xad21461aef8244edec2ef18e55e1dcf3|
C:\WINDOWS\system32\Normaliz.dll, MID = 330000, ("c:\windows\system32\normaliz.dll") File version = 6.0.5441.0 (winmain(wmbla).060628-1735), File size = 23552, File modification date = 29/06/2006 16:05, File description = Unicode Normalization DLL, Product Name = Microsoft® Windows® Operating System, Product version = 6.0.5441.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-2140978042|0x10753a3adc3e39a3b10cc3f08e98e6b4|
C:\WINDOWS\system32\iertutil.dll, MID = 42990000, ("c:\windows\system32\iertutil.dll") File version = 7.00.6000.16640 (vista_gdr.080213-1606), File size = 267776, File modification date = 01/03/2008 13:06, File description = Run time utility for Internet Explorer, Product Name = Windows® Internet Explorer, Product version = 7.00.6000.16640, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1890308121|0x4926de4ab9c86e8b295e7e6797b97782|
C:\WINDOWS\system32\shell32.dll, MID = 7c9c0000, ("c:\windows\system32\shell32.dll") File version = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245), File size = 8460288, File modification date = 26/10/2007 03:34, File description = Windows Shell Common Dll, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3241, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1265059713|0x3be4c2e84d99889685fe2b68e5fa2a9d|
C:\WINDOWS\system32\comdlg32.dll, MID = 763b0000, ("c:\windows\system32\comdlg32.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 276992, File modification date = 04/08/2004 07:56, File description = Common Dialogs DLL, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-699718646|0x1edb1bb89d021955e6f7265911175b8d|
C:\WINDOWS\system32\wsock32.dll, MID = 71ad0000, ("c:\windows\system32\wsock32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 22528, File modification date = 04/08/2004 07:56, File description = Windows Socket 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1850821242|0x53af9f2b2ce4b6eff41c70417359d010|
C:\WINDOWS\system32\WS2_32.dll, MID = 71ab0000, ("c:\windows\system32\ws2_32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 82944, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1757885354|0x2ed0b7f12a60f90092081c50fa0ec2b2|
C:\WINDOWS\system32\WS2HELP.dll, MID = 71aa0000, ("c:\windows\system32\ws2help.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-170042698|0x9beacb911ca61e5881102188ab7fb431|
C:\WINDOWS\system32\imm32.dll, MID = 76390000, ("c:\windows\system32\imm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 110080, File modification date = 04/08/2004 07:56, File description = Windows XP IMM32 API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-43671331|0x87ca7ce6469577f059297b9d6556d66d|
C:\WINDOWS\system32\winspool.drv, MID = 73000000, ("c:\windows\system32\winspool.drv") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 146432, File modification date = 04/08/2004 07:56, File description = Windows Spooler Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |511192227|0x777eb29d0135d81ad9828a2b05443496|
C:\WINDOWS\system32\winmm.dll, MID = 76b40000, ("c:\windows\system32\winmm.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 176128, File modification date = 04/08/2004 07:56, File description = MCI API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |305547002|0x90fdaa22f38d9e911f91fa3b8a1f7e5d|
C:\Program Files\Webroot\Spy Sweeper\wrid.dll, MID = 340000, ("c:\program files\webroot\spy sweeper\wrid.dll") File version = (null), File size = 250736, File modification date = 05/01/2008 04:34, File description = (null), Product Name = (null), Product version = (null), Company name = (null) |-1517665391|0x4b030e252f78262944e067f741fb65bb|
C:\WINDOWS\system32\uxtheme.dll, MID = 5ad70000, ("c:\windows\system32\uxtheme.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 218624, File modification date = 04/08/2004 07:56, File description = Microsoft UxTheme Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1521061666|0x2cde496666a975a2ce8f969f3042c8db|
C:\WINDOWS\system32\MSCTF.dll, MID = 74720000, ("c:\windows\system32\msctf.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 294400, File modification date = 04/08/2004 07:56, File description = MSCTF Server DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1143806381|0x2b6d3630eb32b562e6763370ce35d730|
C:\WINDOWS\system32\msctfime.ime, MID = 755c0000, ("c:\windows\system32\msctfime.ime") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 177152, File modification date = 04/08/2004 07:56, File description = Microsoft Text Frame Work Service IME, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1785802648|0xd87041eaa67eca4394f6d5d09c0c2885|
C:\WINDOWS\system32\PSAPI.dll, MID = 76bf0000, ("c:\windows\system32\psapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 23040, File modification date = 04/08/2004 07:56, File description = Process Status Helper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1750840696|0x96e48c7eb9089d1dbf6f85ca11b264df|
C:\WINDOWS\system32\SETUPAPI.dll, MID = 77920000, ("c:\windows\system32\setupapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 983552, File modification date = 04/08/2004 07:56, File description = Windows Setup API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |598744909|0x7808313cbc634ee08346d5ddfef1cc5f|
C:\WINDOWS\system32\msimg32.dll, MID = 76380000, ("c:\windows\system32\msimg32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 4608, File modification date = 04/08/2004 07:56, File description = GDIEXT Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1563741244|0xb5331f2b6f37c66c29c847f3b94ff900|
C:\WINDOWS\system32\tapi32.dll, MID = 76eb0000, ("c:\windows\system32\tapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 181760, File modification date = 04/08/2004 07:56, File description = Microsoft® Windows(TM) Telephony API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1409471214|0x6307a1b82f6ca87d7e0cdf49e6e7bc00|
C:\WINDOWS\system32\rtutils.dll, MID = 76e80000, ("c:\windows\system32\rtutils.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 44032, File modification date = 04/08/2004 07:56, File description = Routing Utilities, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1152776202|0x2030fa027e7c3e0a145649c03171457b|
C:\WINDOWS\System32\hhctrl.ocx, MID = 2b80000, ("c:\windows\system32\hhctrl.ocx") File version = 5.2.3790.2847 (srv03_sp1_gdr.061210-2319), File size = 546304, File modification date = 23/01/2007 19:29, File description = Microsoft® HTML Help Control, Product Name = HTML Help, Product version = 5.2.3790.2847, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |910522947|0x2ced9ba7bd7401736125a1313169fbc0|
C:\WINDOWS\system32\crypt32.dll, MID = 77a80000, ("c:\windows\system32\crypt32.dll") File version = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 597504, File modification date = 04/08/2004 07:56, File description = Crypto API32, Product Name = Microsoft® Windows® Operating System, Product version = 5.131.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1759588438|0xefc958396a7a7ef7e6d4a52b97512e18|
C:\WINDOWS\system32\MSASN1.dll, MID = 77b20000, ("c:\windows\system32\msasn1.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 57344, File modification date = 04/08/2004 07:56, File description = ASN.1 Runtime APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-720210377|0x3cd1ce106ca2a9b4cc626d7df03fbd6f|
C:\WINDOWS\system32\olepro32.dll, MID = 5edd0000, ("c:\windows\system32\olepro32.dll") File version = 5.1.2600.2180, File size = 83456, File modification date = 04/08/2004 07:56, File description = (null), Product Name = (null), Product version = 5.1.2600.2180, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-2001.) |-576261811|0xb48d3193dd1474dcbcc32bf4779ac698|
C:\WINDOWS\system32\appHelp.dll, MID = 77b40000, ("c:\windows\system32\apphelp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 126976, File modification date = 04/08/2004 07:56, File description = Application Compatibility Client Library, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1990618285|0xeca24ab73fcffa754d4070cdb03529e3|
C:\WINDOWS\system32\CLBCATQ.DLL, MID = 76fd0000, ("c:\windows\system32\clbcatq.dll") File version = 2001.12.4414.308, File size = 498688, File modification date = 26/07/2005 04:39, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |-1645411569|0xec8a848fc4f17f3b3d9da4a0c43fb930|
C:\WINDOWS\system32\COMRes.dll, MID = 77050000, ("c:\windows\system32\comres.dll") File version = 2001.12.4414.258, File size = 792064, File modification date = 04/08/2004 07:56, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |1511175330|0x6728270cb7dbb776ed086f5ac4c82310|
C:\WINDOWS\System32\cscui.dll, MID = 77a20000, ("c:\windows\system32\cscui.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 326656, File modification date = 04/08/2004 07:56, File description = Client Side Caching UI, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1505085259|0x51230212ae7f8159a90f06a7ea30dd8a|
C:\WINDOWS\System32\CSCDLL.dll, MID = 76600000, ("c:\windows\system32\cscdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 101888, File modification date = 04/08/2004 07:56, File description = Offline Network Agent, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-247978472|0x587729679b4fe04ce06a5c61d6c56dcd|
C:\Program Files\Webroot\Spy Sweeper\language.dll, MID = 2f20000, ("c:\program files\webroot\spy sweeper\language.dll") File version = 5,5,7,124, File size = 529776, File modification date = 05/01/2008 04:57, File description = Spy Sweeper Client Executable, Product Name = Spy Sweeper, Product version = 5, 5, Company name = Webroot Software, Inc. (Copyright (C) 2002 - 2007, All Rights Reserved.) |1177793185|0x31a7c5dd260e8d886785c52970827346|
C:\WINDOWS\system32\SXS.DLL, MID = 75e90000, ("c:\windows\system32\sxs.dll") File version = 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414), File size = 713216, File modification date = 19/10/2006 13:56, File description = Fusion 2.5, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3019, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |641248419|0x0ff9fa27706fbe9048990c108c0d62f0|
C:\WINDOWS\system32\xpsp2res.dll, MID = 20000000, ("c:\windows\system32\xpsp2res.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 2897920, File modification date = 04/08/2004 07:56, File description = Service Pack 2 Messages, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |649549229|0x1320aea7057a26a671d9548cc7bebda5|
C:\WINDOWS\system32\msi.dll, MID = 7d1e0000, ("c:\windows\system32\msi.dll") File version = 3.1.4000.4039, File size = 2854400, File modification date = 18/04/2007 16:12, File description = Windows Installer, Product Name = Windows Installer - Unicode, Product version = 3.1.4000.4039, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |362880996|0x892f4bc54d486feb4df03e4e2ecb14e0|
C:\WINDOWS\System32\wbem\fastprox.dll, MID = 75690000, ("c:\windows\system32\wbem\fastprox.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 472064, File modification date = 04/08/2004 07:56, File description = WMI, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1676948429|0xc28500101bc66fdabd830f8de51a59a0|
C:\WINDOWS\system32\MSVCP60.dll, MID = 76080000, ("c:\windows\system32\msvcp60.dll") File version = 6.02.3104.0, File size = 413696, File modification date = 04/08/2004 07:56, File description = Microsoft (R) C++ Runtime Library, Product Name = Microsoft (R) Visual C++, Product version = 6.02.3104.0, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1998) |-817830461|0x1f57eb5b92b2ac7f9d71a77d184d8c13|
C:\WINDOWS\System32\wbem\wbemcomn.dll, MID = 75290000, ("c:\windows\system32\wbem\wbemcomn.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 214528, File modification date = 04/08/2004 07:56, File description = WMI, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-522981804|0x4e39c36213e95fb971a61a247bde2f61|
C:\WINDOWS\system32\NTDSAPI.dll, MID = 767a0000, ("c:\windows\system32\ntdsapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 67072, File modification date = 04/08/2004 07:56, File description = NT5DS, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-639436442|0x6201bacf384292a5fe94ce73364ae53a|
C:\WINDOWS\system32\DNSAPI.dll, MID = 76f20000, ("c:\windows\system32\dnsapi.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 148992, File modification date = 20/02/2008 05:32, File description = DNS Client API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-373327215|0x4ff71085babae623f3fee11e1f86d9cd|
C:\WINDOWS\system32\WLDAP32.dll, MID = 76f60000, ("c:\windows\system32\wldap32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 172032, File modification date = 04/08/2004 07:56, File description = Win32 LDAP API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1605268905|0x10f36fa092d7a309a0647fcdc764ae6c|
C:\WINDOWS\system32\NETAPI32.dll, MID = 5b860000, ("c:\windows\system32\netapi32.dll") File version = 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), File size = 332288, File modification date = 17/08/2006 12:28, File description = Net Win32 API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2976, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |640979505|0x35a4c61b5a9ae04e73843fb21f9a1137|
C:\WINDOWS\system32\Secur32.dll, MID = 77fe0000, ("c:\windows\system32\secur32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 55808, File modification date = 04/08/2004 07:56, File description = Security Support Provider Interface, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1513275479|0x81459cb8e975003ad28b8abb8dfa8329|
C:\WINDOWS\system32\RASAPI32.dll, MID = 76ee0000, ("c:\windows\system32\rasapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 236544, File modification date = 04/08/2004 07:56, File description = Remote Access API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1254576566|0xcd1f7ed9842138beadf9ecbf37818bef|
C:\WINDOWS\system32\rasman.dll, MID = 76e90000, ("c:\windows\system32\rasman.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 61440, File modification date = 04/08/2004 07:56, File description = Remote Access Connection Manager, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2077112344|0x30e244a707e6ce0a4b099cd6384ec6ca|
C:\WINDOWS\system32\msv1_0.dll, MID = 77c70000, ("c:\windows\system32\msv1_0.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 129536, File modification date = 04/08/2004 07:56, File description = Microsoft Authentication Package v1.0, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1862327760|0x77c41f9146450c89534704a75836ce56|
C:\WINDOWS\system32\iphlpapi.dll, MID = 76d60000, ("c:\windows\system32\iphlpapi.dll") File version = 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), File size = 94720, File modification date = 19/05/2006 12:59, File description = IP Helper API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2912, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |858262452|0x011eacf9153ef90e6cbce2987acae411|
C:\WINDOWS\system32\USERENV.dll, MID = 769c0000, ("c:\windows\system32\userenv.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 723456, File modification date = 04/08/2004 07:56, File description = Userenv, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-59535776|0x2b9b56a89a8a42e917511972a6db36e3|
C:\WINDOWS\system32\sensapi.dll, MID = 722b0000, ("c:\windows\system32\sensapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 6656, File modification date = 04/08/2004 07:56, File description = SENS Connectivity API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1458440296|0x6e205319848b8af2a0da52b8d63db91e|
C:\WINDOWS\system32\mswsock.dll, MID = 71a50000, ("c:\windows\system32\mswsock.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 245248, File modification date = 04/08/2004 07:56, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-500132976|0x4e74af063c3271fbea20dd940cfd1184|
C:\WINDOWS\system32\hnetcfg.dll, MID = 662b0000, ("c:\windows\system32\hnetcfg.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 344064, File modification date = 04/08/2004 07:56, File description = Home Networking Configuration Manager, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1827756751|0x765b30c776a1780b46b479fe614f707c|
C:\WINDOWS\System32\wshtcpip.dll, MID = 71a90000, ("c:\windows\system32\wshtcpip.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Sockets Helper DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1198735131|0xa7f95a53ee055115df03588997a47d4d|
C:\WINDOWS\System32\winrnr.dll, MID = 76fb0000, ("c:\windows\system32\winrnr.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 16896, File modification date = 04/08/2004 07:56, File description = LDAP RnR Provider DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-199904513|0x2c8fdb176f22629ea5342db474fac391|
C:\WINDOWS\system32\rasadhlp.dll, MID = 76fc0000, ("c:\windows\system32\rasadhlp.dll") File version = 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020), File size = 8192, File modification date = 26/06/2006 17:37, File description = Remote Access AutoDial Helper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2938, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-27266821|0x5f098bd2ae6b03044b085decffdf91ec|
c:\WINDOWS\system32\msxml4.dll, MID = 69b10000, ("c:\windows\system32\msxml4.dll") File version = 4.20.9848.0, File size = 1275392, File modification date = 08/05/2007 22:03, File description = MSXML 4.0 SP 2, Product Name = Microsoft(R) MSXML 4.0 SP 2, Product version = 4.20.9848.0, Company name = Microsoft Corporation (Copyright (C) Microsoft Corporation. 1981-2002) |-974396841|0x17a9f3bb60c391c7446e8e03aa3553e6|
C:\WINDOWS\System32\mstask.dll, MID = 75830000, ("c:\windows\system32\mstask.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 274944, File modification date = 04/08/2004 07:56, File description = Task Scheduler interface DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1505009865|0xdad1cef1b77539b4ef734a1041cf95ed|
dionneleep
Regular Member
 
Posts: 26
Joined: April 6th, 2008, 12:43 am

Re: Need help with rundll32.exe bad image issue please and thx

Unread postby dionneleep » April 14th, 2008, 10:45 am

Part 3

PROCESS ctfmon, PID = 1244, USER = PEARLY\David (Group - PEARLY\None, Everyone, BUILTIN\Administrators, BUILTIN\Users, NT AUTHORITY\INTERACTIVE, NT AUTHORITY\Authenticated Users, LOCAL), Command Line = "C:\WINDOWS\system32\ctfmon.exe"
"c:\windows\system32\ctfmon.exe" File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 15360, File modification date = 04/08/2004 07:56, File description = CTF Loader, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |585915158|0x24232996a38c0b0cf151c2140ae29fc8|
C:\WINDOWS\system32\ctfmon.exe, MID = 400000, ("c:\windows\system32\ctfmon.exe") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 15360, File modification date = 04/08/2004 07:56, File description = CTF Loader, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |585915158|0x24232996a38c0b0cf151c2140ae29fc8|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|
C:\WINDOWS\system32\kernel32.dll, MID = 7c800000, ("c:\windows\system32\kernel32.dll") File version = 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301), File size = 984576, File modification date = 16/04/2007 15:52, File description = Windows NT BASE API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3119, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751812395|0xa01f9ca902a88f7ced06884174d6419d|
C:\WINDOWS\system32\msvcrt.dll, MID = 77c10000, ("c:\windows\system32\msvcrt.dll") File version = 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 343040, File modification date = 04/08/2004 07:56, File description = Windows NT CRT DLL, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1385742533|0xb0fefa816d61ec66aa765ddf534eab5e|
C:\WINDOWS\system32\ADVAPI32.dll, MID = 77dd0000, ("c:\windows\system32\advapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 616960, File modification date = 04/08/2004 07:56, File description = Advanced Windows 32 Base API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1585065738|0x1aff244ca134956c54474f4e2433e4ce|
C:\WINDOWS\system32\RPCRT4.dll, MID = 77e70000, ("c:\windows\system32\rpcrt4.dll") File version = 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052), File size = 582656, File modification date = 09/07/2007 13:16, File description = Remote Procedure Call Runtime, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3173, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |862413953|0xec9d7fd24172c1879e7673f654e55cec|
C:\WINDOWS\system32\USER32.dll, MID = 7e410000, ("c:\windows\system32\user32.dll") File version = 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), File size = 577536, File modification date = 08/03/2007 15:36, File description = Windows XP USER API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3099, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-550357050|0xb409909f6e2e8a7067076ed748abf1e7|
C:\WINDOWS\system32\GDI32.dll, MID = 77f10000, ("c:\windows\system32\gdi32.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 282624, File modification date = 20/02/2008 06:51, File description = GDI Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |404757280|0x011fc443e31e3d51b238564bc499b9b1|
C:\WINDOWS\system32\MSCTF.dll, MID = 74720000, ("c:\windows\system32\msctf.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 294400, File modification date = 04/08/2004 07:56, File description = MSCTF Server DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1143806381|0x2b6d3630eb32b562e6763370ce35d730|
C:\WINDOWS\system32\MSUTB.dll, MID = 5fc10000, ("c:\windows\system32\msutb.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 195072, File modification date = 04/08/2004 07:56, File description = MSUTB Server DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |809817074|0x9eea0ca999a33c9d2eabe82e4c624cc3|
C:\WINDOWS\system32\ShimEng.dll, MID = 5cb70000, ("c:\windows\system32\shimeng.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 65536, File modification date = 04/08/2004 07:56, File description = Shim Engine DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1268187735|0x43da983415ea533f9e667fdb415f4655|
C:\WINDOWS\AppPatch\AcGenral.DLL, MID = 6f880000, ("c:\windows\apppatch\acgenral.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 1852416, File modification date = 04/08/2004 07:56, File description = Windows Compatibility DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1968887141|0xfb537f29a827d78f756154cf397a113f|
C:\WINDOWS\system32\WINMM.dll, MID = 76b40000, ("c:\windows\system32\winmm.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 176128, File modification date = 04/08/2004 07:56, File description = MCI API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |305547002|0x90fdaa22f38d9e911f91fa3b8a1f7e5d|
C:\WINDOWS\system32\ole32.dll, MID = 774e0000, ("c:\windows\system32\ole32.dll") File version = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), File size = 1285120, File modification date = 26/07/2005 04:39, File description = Microsoft OLE for Windows, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2726, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1389208961|0xab8231d13692ac5088eb9c226b0c0576|
C:\WINDOWS\system32\OLEAUT32.dll, MID = 77120000, ("c:\windows\system32\oleaut32.dll") File version = 5.1.2600.3266, File size = 550912, File modification date = 04/12/2007 18:38, File description = (null), Product Name = (null), Product version = 5.1.2600.3266, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-2001.) |409301632|0x0144abc4c4a624b583d432ee478a711c|
C:\WINDOWS\system32\MSACM32.dll, MID = 77be0000, ("c:\windows\system32\msacm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 71680, File modification date = 04/08/2004 07:56, File description = Microsoft ACM Audio Filter, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1780582686|0x975d12353b1d525c0f3444c447fb3b9a|
C:\WINDOWS\system32\VERSION.dll, MID = 77c00000, ("c:\windows\system32\version.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18944, File modification date = 04/08/2004 07:56, File description = Version Checking and File Installation Libraries, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-807126597|0xd38408967be738d0c1b47005bce8ceeb|
C:\WINDOWS\system32\SHELL32.dll, MID = 7c9c0000, ("c:\windows\system32\shell32.dll") File version = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245), File size = 8460288, File modification date = 26/10/2007 03:34, File description = Windows Shell Common Dll, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3241, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1265059713|0x3be4c2e84d99889685fe2b68e5fa2a9d|
C:\WINDOWS\system32\SHLWAPI.dll, MID = 77f60000, ("c:\windows\system32\shlwapi.dll") File version = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040), File size = 474112, File modification date = 04/01/2007 14:05, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3059, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |360429776|0x7ffe0d795f7138a5487fc90a8ec121e1|
C:\WINDOWS\system32\USERENV.dll, MID = 769c0000, ("c:\windows\system32\userenv.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 723456, File modification date = 04/08/2004 07:56, File description = Userenv, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-59535776|0x2b9b56a89a8a42e917511972a6db36e3|
C:\WINDOWS\system32\UxTheme.dll, MID = 5ad70000, ("c:\windows\system32\uxtheme.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 218624, File modification date = 04/08/2004 07:56, File description = Microsoft UxTheme Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1521061666|0x2cde496666a975a2ce8f969f3042c8db|
C:\WINDOWS\system32\IMM32.DLL, MID = 76390000, ("c:\windows\system32\imm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 110080, File modification date = 04/08/2004 07:56, File description = Windows XP IMM32 API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-43671331|0x87ca7ce6469577f059297b9d6556d66d|
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll, MID = 773d0000, ("c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll") File version = 6.0 (xpsp.060825-0040), File size = 1054208, File modification date = 25/08/2006 15:45, File description = User Experience Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1490442124|0xc4e80875c1cf1222fc5efd0314ae5c01|
C:\WINDOWS\system32\msctfime.ime, MID = 755c0000, ("c:\windows\system32\msctfime.ime") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 177152, File modification date = 04/08/2004 07:56, File description = Microsoft Text Frame Work Service IME, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1785802648|0xd87041eaa67eca4394f6d5d09c0c2885|

PROCESS NMBgMonitor, PID = 1456, USER = PEARLY\David (Group - PEARLY\None, Everyone, BUILTIN\Administrators, BUILTIN\Users, NT AUTHORITY\INTERACTIVE, NT AUTHORITY\Authenticated Users, LOCAL), Command Line = "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
"c:\program files\common files\ahead\lib\nmbgmonitor.exe" File version = 1, 0, 1, 5, File size = 94208, File modification date = 28/10/2005 23:25, File description = Nero Home, Product Name = Nero Home, Product version = 1, 0, 1, 5, Company name = Nero AG (Copyright (c) 1995-2005 Nero AG and its licensors) |1736402008|0x15a1a88d97d440c735058ccf3f74a6ee|
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe, MID = 400000, ("c:\program files\common files\ahead\lib\nmbgmonitor.exe") File version = 1, 0, 1, 5, File size = 94208, File modification date = 28/10/2005 23:25, File description = Nero Home, Product Name = Nero Home, Product version = 1, 0, 1, 5, Company name = Nero AG (Copyright (c) 1995-2005 Nero AG and its licensors) |1736402008|0x15a1a88d97d440c735058ccf3f74a6ee|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|
C:\WINDOWS\system32\kernel32.dll, MID = 7c800000, ("c:\windows\system32\kernel32.dll") File version = 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301), File size = 984576, File modification date = 16/04/2007 15:52, File description = Windows NT BASE API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3119, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751812395|0xa01f9ca902a88f7ced06884174d6419d|
C:\WINDOWS\system32\USER32.dll, MID = 7e410000, ("c:\windows\system32\user32.dll") File version = 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), File size = 577536, File modification date = 08/03/2007 15:36, File description = Windows XP USER API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3099, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-550357050|0xb409909f6e2e8a7067076ed748abf1e7|
C:\WINDOWS\system32\GDI32.dll, MID = 77f10000, ("c:\windows\system32\gdi32.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 282624, File modification date = 20/02/2008 06:51, File description = GDI Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |404757280|0x011fc443e31e3d51b238564bc499b9b1|
C:\WINDOWS\system32\ADVAPI32.dll, MID = 77dd0000, ("c:\windows\system32\advapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 616960, File modification date = 04/08/2004 07:56, File description = Advanced Windows 32 Base API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1585065738|0x1aff244ca134956c54474f4e2433e4ce|
C:\WINDOWS\system32\RPCRT4.dll, MID = 77e70000, ("c:\windows\system32\rpcrt4.dll") File version = 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052), File size = 582656, File modification date = 09/07/2007 13:16, File description = Remote Procedure Call Runtime, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3173, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |862413953|0xec9d7fd24172c1879e7673f654e55cec|
C:\WINDOWS\system32\ole32.dll, MID = 774e0000, ("c:\windows\system32\ole32.dll") File version = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), File size = 1285120, File modification date = 26/07/2005 04:39, File description = Microsoft OLE for Windows, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2726, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1389208961|0xab8231d13692ac5088eb9c226b0c0576|
C:\WINDOWS\system32\msvcrt.dll, MID = 77c10000, ("c:\windows\system32\msvcrt.dll") File version = 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 343040, File modification date = 04/08/2004 07:56, File description = Windows NT CRT DLL, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1385742533|0xb0fefa816d61ec66aa765ddf534eab5e|
C:\WINDOWS\system32\OLEAUT32.dll, MID = 77120000, ("c:\windows\system32\oleaut32.dll") File version = 5.1.2600.3266, File size = 550912, File modification date = 04/12/2007 18:38, File description = (null), Product Name = (null), Product version = 5.1.2600.3266, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-2001.) |409301632|0x0144abc4c4a624b583d432ee478a711c|
C:\WINDOWS\system32\SHLWAPI.dll, MID = 77f60000, ("c:\windows\system32\shlwapi.dll") File version = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040), File size = 474112, File modification date = 04/01/2007 14:05, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3059, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |360429776|0x7ffe0d795f7138a5487fc90a8ec121e1|
C:\Program Files\Common Files\Ahead\lib\MSVCP71.dll, MID = 7c3a0000, ("c:\program files\common files\ahead\lib\msvcp71.dll") File version = 7.10.3077.0, File size = 499712, File modification date = 19/03/2003 13:14, File description = Microsoft® C++ Runtime Library, Product Name = Microsoft® Visual Studio .NET, Product version = 7.10.3077.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1513820628|0x561fa2abb31dfa8fab762145f81667c2|
C:\Program Files\Common Files\Ahead\lib\MSVCR71.dll, MID = 7c340000, ("c:\program files\common files\ahead\lib\msvcr71.dll") File version = 7.10.3052.4, File size = 348160, File modification date = 21/02/2003 21:42, File description = Microsoft® C Runtime Library, Product Name = Microsoft® Visual Studio .NET, Product version = 7.10.3052.4, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |894841200|0x86f1895ae8c5e8b17d99ece768a70732|
C:\WINDOWS\system32\IMM32.DLL, MID = 76390000, ("c:\windows\system32\imm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 110080, File modification date = 04/08/2004 07:56, File description = Windows XP IMM32 API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-43671331|0x87ca7ce6469577f059297b9d6556d66d|
C:\WINDOWS\system32\uxtheme.dll, MID = 5ad70000, ("c:\windows\system32\uxtheme.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 218624, File modification date = 04/08/2004 07:56, File description = Microsoft UxTheme Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1521061666|0x2cde496666a975a2ce8f969f3042c8db|
C:\WINDOWS\system32\MSCTF.dll, MID = 74720000, ("c:\windows\system32\msctf.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 294400, File modification date = 04/08/2004 07:56, File description = MSCTF Server DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1143806381|0x2b6d3630eb32b562e6763370ce35d730|
C:\WINDOWS\system32\CLBCATQ.DLL, MID = 76fd0000, ("c:\windows\system32\clbcatq.dll") File version = 2001.12.4414.308, File size = 498688, File modification date = 26/07/2005 04:39, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |-1645411569|0xec8a848fc4f17f3b3d9da4a0c43fb930|
C:\WINDOWS\system32\COMRes.dll, MID = 77050000, ("c:\windows\system32\comres.dll") File version = 2001.12.4414.258, File size = 792064, File modification date = 04/08/2004 07:56, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |1511175330|0x6728270cb7dbb776ed086f5ac4c82310|
C:\WINDOWS\system32\VERSION.dll, MID = 77c00000, ("c:\windows\system32\version.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18944, File modification date = 04/08/2004 07:56, File description = Version Checking and File Installation Libraries, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-807126597|0xd38408967be738d0c1b47005bce8ceeb|
C:\WINDOWS\system32\xpsp2res.dll, MID = 20000000, ("c:\windows\system32\xpsp2res.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 2897920, File modification date = 04/08/2004 07:56, File description = Service Pack 2 Messages, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |649549229|0x1320aea7057a26a671d9548cc7bebda5|
C:\WINDOWS\system32\msctfime.ime, MID = 755c0000, ("c:\windows\system32\msctfime.ime") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 177152, File modification date = 04/08/2004 07:56, File description = Microsoft Text Frame Work Service IME, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1785802648|0xd87041eaa67eca4394f6d5d09c0c2885|
C:\Program Files\Common Files\Ahead\lib\NMIndexStoreSvrPS.dll, MID = 10000000, ("c:\program files\common files\ahead\lib\nmindexstoresvrps.dll") File version = 1, 0, 1, 5, File size = 12288, File modification date = 28/10/2005 23:26, File description = Nero Home, Product Name = Nero Home, Product version = 1, 0, 1, 5, Company name = Nero AG (Copyright (c) 1995-2005 Nero AG and its licensors) |-45448174|0xe37e5981fb304d12d30985a588ac5959|
C:\Program Files\Common Files\Ahead\lib\NMDataServices.dll, MID = f30000, ("c:\program files\common files\ahead\lib\nmdataservices.dll") File version = 1, 0, 1, 5, File size = 774144, File modification date = 28/10/2005 23:12, File description = Nero Home, Product Name = Nero Home, Product version = 1, 0, 1, 5, Company name = Nero AG (Copyright (c) 1995-2005 Nero AG and its licensors) |-880486745|0x06279a5653b0047b8cc57c39ed2ee56b|
C:\WINDOWS\system32\WININET.dll, MID = 42c10000, ("c:\windows\system32\wininet.dll") File version = 7.00.6000.16640 (vista_gdr.080213-1606), File size = 826368, File modification date = 01/03/2008 13:06, File description = Internet Extensions for Win32, Product Name = Windows® Internet Explorer, Product version = 7.00.6000.16640, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1720921237|0xad21461aef8244edec2ef18e55e1dcf3|
C:\WINDOWS\system32\Normaliz.dll, MID = ff0000, ("c:\windows\system32\normaliz.dll") File version = 6.0.5441.0 (winmain(wmbla).060628-1735), File size = 23552, File modification date = 29/06/2006 16:05, File description = Unicode Normalization DLL, Product Name = Microsoft® Windows® Operating System, Product version = 6.0.5441.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-2140978042|0x10753a3adc3e39a3b10cc3f08e98e6b4|
C:\WINDOWS\system32\iertutil.dll, MID = 42990000, ("c:\windows\system32\iertutil.dll") File version = 7.00.6000.16640 (vista_gdr.080213-1606), File size = 267776, File modification date = 01/03/2008 13:06, File description = Run time utility for Internet Explorer, Product Name = Windows® Internet Explorer, Product version = 7.00.6000.16640, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1890308121|0x4926de4ab9c86e8b295e7e6797b97782|
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll, MID = 4ec50000, ("c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll") File version = 5.1.3102.2180 (xpsp_sp2_rtm.040803-2158), File size = 1712128, File modification date = 04/08/2004 07:56, File description = Microsoft GDI+, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.3102.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-778140727|0x78bdc89c5d9e206209bec5a5a73f91f7|
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll, MID = 773d0000, ("c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll") File version = 6.0 (xpsp.060825-0040), File size = 1054208, File modification date = 25/08/2006 15:45, File description = User Experience Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1490442124|0xc4e80875c1cf1222fc5efd0314ae5c01|

PROCESS DefWatch, PID = 1516, USER = , Command Line = "c:\program files\common files\ahead\lib\nmbgmonitor.exe"
"c:\program files\common files\ahead\lib\nmbgmonitor.exe" File version = 1, 0, 1, 5, File size = 94208, File modification date = 28/10/2005 23:25, File description = Nero Home, Product Name = Nero Home, Product version = 1, 0, 1, 5, Company name = Nero AG (Copyright (c) 1995-2005 Nero AG and its licensors) |1736402008|0x15a1a88d97d440c735058ccf3f74a6ee|
C:\Program Files\Symantec AntiVirus\DefWatch.exe, MID = 400000, ("c:\program files\symantec antivirus\defwatch.exe") File version = 10.2.0.224, File size = 30920, File modification date = 14/10/2006 14:02, File description = Virus Definition Daemon, Product Name = Symantec AntiVirus, Product version = 10.2.0.224, Company name = Symantec Corporation (Copyright 1998 - 2006 Symantec Corporation. All rights reserved.) |1228575013|0x9865f004933a57d73153efe94376d03b|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|
C:\WINDOWS\system32\kernel32.dll, MID = 7c800000, ("c:\windows\system32\kernel32.dll") File version = 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301), File size = 984576, File modification date = 16/04/2007 15:52, File description = Windows NT BASE API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3119, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751812395|0xa01f9ca902a88f7ced06884174d6419d|
C:\WINDOWS\system32\USER32.dll, MID = 7e410000, ("c:\windows\system32\user32.dll") File version = 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), File size = 577536, File modification date = 08/03/2007 15:36, File description = Windows XP USER API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3099, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-550357050|0xb409909f6e2e8a7067076ed748abf1e7|
C:\WINDOWS\system32\GDI32.dll, MID = 77f10000, ("c:\windows\system32\gdi32.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 282624, File modification date = 20/02/2008 06:51, File description = GDI Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |404757280|0x011fc443e31e3d51b238564bc499b9b1|
C:\WINDOWS\system32\ADVAPI32.dll, MID = 77dd0000, ("c:\windows\system32\advapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 616960, File modification date = 04/08/2004 07:56, File description = Advanced Windows 32 Base API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1585065738|0x1aff244ca134956c54474f4e2433e4ce|
C:\WINDOWS\system32\RPCRT4.dll, MID = 77e70000, ("c:\windows\system32\rpcrt4.dll") File version = 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052), File size = 582656, File modification date = 09/07/2007 13:16, File description = Remote Procedure Call Runtime, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3173, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |862413953|0xec9d7fd24172c1879e7673f654e55cec|
C:\WINDOWS\system32\SHELL32.dll, MID = 7c9c0000, ("c:\windows\system32\shell32.dll") File version = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245), File size = 8460288, File modification date = 26/10/2007 03:34, File description = Windows Shell Common Dll, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3241, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1265059713|0x3be4c2e84d99889685fe2b68e5fa2a9d|
C:\WINDOWS\system32\msvcrt.dll, MID = 77c10000, ("c:\windows\system32\msvcrt.dll") File version = 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 343040, File modification date = 04/08/2004 07:56, File description = Windows NT CRT DLL, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1385742533|0xb0fefa816d61ec66aa765ddf534eab5e|
C:\WINDOWS\system32\SHLWAPI.dll, MID = 77f60000, ("c:\windows\system32\shlwapi.dll") File version = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040), File size = 474112, File modification date = 04/01/2007 14:05, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3059, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |360429776|0x7ffe0d795f7138a5487fc90a8ec121e1|
C:\WINDOWS\system32\ole32.dll, MID = 774e0000, ("c:\windows\system32\ole32.dll") File version = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), File size = 1285120, File modification date = 26/07/2005 04:39, File description = Microsoft OLE for Windows, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2726, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1389208961|0xab8231d13692ac5088eb9c226b0c0576|
C:\WINDOWS\system32\MSVCP71.dll, MID = 7c3a0000, ("c:\windows\system32\msvcp71.dll") File version = 7.10.3077.0, File size = 499712, File modification date = 19/03/2003 03:14, File description = Microsoft® C++ Runtime Library, Product Name = Microsoft® Visual Studio .NET, Product version = 7.10.3077.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1513820628|0x561fa2abb31dfa8fab762145f81667c2|
C:\WINDOWS\system32\MSVCR71.dll, MID = 7c340000, ("c:\windows\system32\msvcr71.dll") File version = 7.10.3052.4, File size = 348160, File modification date = 21/02/2003 11:42, File description = Microsoft® C Runtime Library, Product Name = Microsoft® Visual Studio .NET, Product version = 7.10.3052.4, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |894841200|0x86f1895ae8c5e8b17d99ece768a70732|
C:\WINDOWS\system32\IMM32.DLL, MID = 76390000, ("c:\windows\system32\imm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 110080, File modification date = 04/08/2004 07:56, File description = Windows XP IMM32 API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-43671331|0x87ca7ce6469577f059297b9d6556d66d|
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll, MID = 773d0000, ("c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll") File version = 6.0 (xpsp.060825-0040), File size = 1054208, File modification date = 25/08/2006 15:45, File description = User Experience Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1490442124|0xc4e80875c1cf1222fc5efd0314ae5c01|
C:\WINDOWS\system32\uxtheme.dll, MID = 5ad70000, ("c:\windows\system32\uxtheme.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 218624, File modification date = 04/08/2004 07:56, File description = Microsoft UxTheme Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1521061666|0x2cde496666a975a2ce8f969f3042c8db|
C:\Program Files\Common Files\Symantec Shared\ccL60.dll, MID = 6aa00000, ("c:\program files\common files\symantec shared\ccl60.dll") File version = 106.1.0.17, File size = 423016, File modification date = 14/10/2006 04:55, File description = Symantec Library, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |-1770514684|0x4692ed4cbc710cb0351b378525307bfe|
C:\WINDOWS\system32\OLEAUT32.dll, MID = 77120000, ("c:\windows\system32\oleaut32.dll") File version = 5.1.2600.3266, File size = 550912, File modification date = 04/12/2007 18:38, File description = (null), Product Name = (null), Product version = 5.1.2600.3266, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-2001.) |409301632|0x0144abc4c4a624b583d432ee478a711c|
C:\WINDOWS\system32\ws2_32.dll, MID = 71ab0000, ("c:\windows\system32\ws2_32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 82944, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1757885354|0x2ed0b7f12a60f90092081c50fa0ec2b2|
C:\WINDOWS\system32\WS2HELP.dll, MID = 71aa0000, ("c:\windows\system32\ws2help.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-170042698|0x9beacb911ca61e5881102188ab7fb431|
C:\WINDOWS\system32\rsaenh.dll, MID = ffd0000, ("c:\windows\system32\rsaenh.dll") File version = 5.1.2600.2161 (xpsp.040706-1629), File size = 152576, File modification date = 04/08/2004 05:31, File description = Microsoft Enhanced Cryptographic Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2161, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1510428990|0x26acbd865f8cff730f1791c4d0854352|
C:\WINDOWS\system32\xpsp2res.dll, MID = 20000000, ("c:\windows\system32\xpsp2res.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 2897920, File modification date = 04/08/2004 07:56, File description = Service Pack 2 Messages, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |649549229|0x1320aea7057a26a671d9548cc7bebda5|
C:\WINDOWS\system32\userenv.dll, MID = 769c0000, ("c:\windows\system32\userenv.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 723456, File modification date = 04/08/2004 07:56, File description = Userenv, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-59535776|0x2b9b56a89a8a42e917511972a6db36e3|
C:\WINDOWS\system32\VERSION.dll, MID = 77c00000, ("c:\windows\system32\version.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18944, File modification date = 04/08/2004 07:56, File description = Version Checking and File Installation Libraries, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-807126597|0xd38408967be738d0c1b47005bce8ceeb|
C:\WINDOWS\system32\secur32.dll, MID = 77fe0000, ("c:\windows\system32\secur32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 55808, File modification date = 04/08/2004 07:56, File description = Security Support Provider Interface, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1513275479|0x81459cb8e975003ad28b8abb8dfa8329|
C:\WINDOWS\system32\netapi32.dll, MID = 5b860000, ("c:\windows\system32\netapi32.dll") File version = 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), File size = 332288, File modification date = 17/08/2006 12:28, File description = Net Win32 API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2976, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |640979505|0x35a4c61b5a9ae04e73843fb21f9a1137|

PROCESS Hotsync, PID = 1664, USER = PEARLY\David (Group - PEARLY\None, Everyone, BUILTIN\Administrators, BUILTIN\Users, NT AUTHORITY\INTERACTIVE, NT AUTHORITY\Authenticated Users, LOCAL), Command Line = "C:\Program Files\Palm\Hotsync.exe" -logon
"c:\program files\palm\hotsync.exe" File version = 6.0.1, File size = 471040, File modification date = 09/06/2004 22:27, File description = HotSync® Manager Application, Product Name = HotSync® Manager, Product version = 6.0.1, Company name = PalmSource, Inc (Copyright © 1995-2004 PalmSource Inc.) |328159221|0xf8fb2ca91f25d3eaa2cae2f0b55fec54|
C:\Program Files\Palm\Hotsync.exe, MID = 400000, ("c:\program files\palm\hotsync.exe") File version = 6.0.1, File size = 471040, File modification date = 09/06/2004 22:27, File description = HotSync® Manager Application, Product Name = HotSync® Manager, Product version = 6.0.1, Company name = PalmSource, Inc (Copyright © 1995-2004 PalmSource Inc.) |328159221|0xf8fb2ca91f25d3eaa2cae2f0b55fec54|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|
C:\WINDOWS\system32\kernel32.dll, MID = 7c800000, ("c:\windows\system32\kernel32.dll") File version = 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301), File size = 984576, File modification date = 16/04/2007 15:52, File description = Windows NT BASE API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3119, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751812395|0xa01f9ca902a88f7ced06884174d6419d|
C:\Program Files\Palm\CiAPI.dll, MID = 67a50000, ("c:\program files\palm\ciapi.dll") File version = 6.0.1, File size = 69632, File modification date = 09/06/2004 22:27, File description = CiApi, Product Name = Palm CDK, Product version = 6.0.1, Company name = PalmSource, Inc (Copyright © 1995-2004 PalmSource Inc.) |-448511382|0x7a3c8c8096be9e42785f7d387bdd9521|
C:\WINDOWS\system32\USER32.dll, MID = 7e410000, ("c:\windows\system32\user32.dll") File version = 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), File size = 577536, File modification date = 08/03/2007 15:36, File description = Windows XP USER API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3099, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-550357050|0xb409909f6e2e8a7067076ed748abf1e7|
C:\WINDOWS\system32\GDI32.dll, MID = 77f10000, ("c:\windows\system32\gdi32.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 282624, File modification date = 20/02/2008 06:51, File description = GDI Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |404757280|0x011fc443e31e3d51b238564bc499b9b1|
C:\Program Files\Palm\VFSAPI.dll, MID = 66f90000, ("c:\program files\palm\vfsapi.dll") File version = 6.0.1, File size = 180224, File modification date = 09/06/2004 22:27, File description = VFSAPI module, Product Name = HotSync(R) Manager, Palm OS Desktop, Product version = 6.0.1, Company name = PalmSource, Inc (Copyright © 1995-2004 PalmSource Inc.) |-1178758698|0x64c504b674d7d177e73097855c93c617|
C:\Program Files\Palm\CMDS21.dll, MID = 67a20000, ("c:\program files\palm\cmds21.dll") File version = 6.0.1, File size = 151552, File modification date = 09/06/2004 22:27, File description = HotSync(R) Module, Product Name = HotSync(R) Manager, Palm OS Desktop, Product version = 6.0.1, Company name = PalmSource, Inc (Copyright © 1995-2004 PalmSource Inc.) |-1328159329|0x562af577b0c79abeeba77545decbc58c|
C:\Program Files\Palm\HSLOG20.dll, MID = 67520000, ("c:\program files\palm\hslog20.dll") File version = 6.0.1, File size = 122880, File modification date = 09/06/2004 22:27, File description = HotSync(R) Log Module, Product Name = HotSync(R) Manager, Palm OS Desktop, Product version = 6.0.1, Company name = PalmSource, Inc (Copyright © 1995-2004 PalmSource Inc.) |-308549408|0xd0471c1a3a61ae7bfea6104ec776e7f8|
C:\Program Files\Palm\PalmCmn.dll, MID = 66bf0000, ("c:\program files\palm\palmcmn.dll") File version = 6.0.1, File size = 249856, File modification date = 09/06/2004 22:27, File description = Palm Shared Library, Product Name = HotSync(R) Manager, Palm OS Desktop, Product version = 6.0.1, Company name = PalmSource, Inc (Copyright © 1995-2004 PalmSource Inc.) |-1048955247|0x051b5fc501e7bdb0a470d288df4212bc|
C:\WINDOWS\system32\ADVAPI32.dll, MID = 77dd0000, ("c:\windows\system32\advapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 616960, File modification date = 04/08/2004 07:56, File description = Advanced Windows 32 Base API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1585065738|0x1aff244ca134956c54474f4e2433e4ce|
C:\WINDOWS\system32\RPCRT4.dll, MID = 77e70000, ("c:\windows\system32\rpcrt4.dll") File version = 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052), File size = 582656, File modification date = 09/07/2007 13:16, File description = Remote Procedure Call Runtime, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3173, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |862413953|0xec9d7fd24172c1879e7673f654e55cec|
C:\Program Files\Palm\CONDMGR.dll, MID = 66a10000, ("c:\program files\palm\condmgr.dll") File version = 6.0.2, File size = 176128, File modification date = 01/02/2007 06:13, File description = Palm Shared Library, Product Name = HotSync(R) Manager, Palm OS Desktop, Product version = 6.0.1, Company name = PalmSource, Inc (Copyright © 1995-2004 PalmSource Inc.) |932841703|0x528c038cad02061102d7812c088fdd4a|
C:\WINDOWS\system32\SHELL32.dll, MID = 7c9c0000, ("c:\windows\system32\shell32.dll") File version = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245), File size = 8460288, File modification date = 26/10/2007 03:34, File description = Windows Shell Common Dll, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3241, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1265059713|0x3be4c2e84d99889685fe2b68e5fa2a9d|
C:\WINDOWS\system32\msvcrt.dll, MID = 77c10000, ("c:\windows\system32\msvcrt.dll") File version = 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 343040, File modification date = 04/08/2004 07:56, File description = Windows NT CRT DLL, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1385742533|0xb0fefa816d61ec66aa765ddf534eab5e|
C:\WINDOWS\system32\SHLWAPI.dll, MID = 77f60000, ("c:\windows\system32\shlwapi.dll") File version = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040), File size = 474112, File modification date = 04/01/2007 14:05, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3059, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |360429776|0x7ffe0d795f7138a5487fc90a8ec121e1|
C:\WINDOWS\system32\ole32.dll, MID = 774e0000, ("c:\windows\system32\ole32.dll") File version = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), File size = 1285120, File modification date = 26/07/2005 04:39, File description = Microsoft OLE for Windows, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2726, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1389208961|0xab8231d13692ac5088eb9c226b0c0576|
C:\WINDOWS\system32\WS2_32.dll, MID = 71ab0000, ("c:\windows\system32\ws2_32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 82944, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1757885354|0x2ed0b7f12a60f90092081c50fa0ec2b2|
C:\WINDOWS\system32\WS2HELP.dll, MID = 71aa0000, ("c:\windows\system32\ws2help.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-170042698|0x9beacb911ca61e5881102188ab7fb431|
C:\Program Files\Palm\SYNC20.dll, MID = 671e0000, ("c:\program files\palm\sync20.dll") File version = 6.0.1, File size = 299008, File modification date = 09/06/2004 22:27, File description = HotSync(R) Module, Product Name = HotSync(R) Manager, Product version = 6.0.1, Company name = PalmSource, Inc (Copyright © 1995-2004 PalmSource Inc.) |1936072014|0x6376e22d42dd83817578172888ea287c|
C:\Program Files\Palm\UserData.dll, MID = 669e0000, ("c:\program files\palm\userdata.dll") File version = 6.0.1, File size = 139264, File modification date = 09/06/2004 22:27, File description = Palm OS Desktop Shared Library, Product Name = HotSync® Manager, Palm OS Desktop, Product version = 6.0.1, Company name = PalmSource, Inc (Copyright © 1995-2004 PalmSource, Inc.) |2144400525|0xd7c3b51dfb6a6984e2bf8ce580be5b66|
C:\WINDOWS\system32\WINSPOOL.DRV, MID = 73000000, ("c:\windows\system32\winspool.drv") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 146432, File modification date = 04/08/2004 07:56, File description = Windows Spooler Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |511192227|0x777eb29d0135d81ad9828a2b05443496|
C:\WINDOWS\system32\OLEAUT32.dll, MID = 77120000, ("c:\windows\system32\oleaut32.dll") File version = 5.1.2600.3266, File size = 550912, File modification date = 04/12/2007 18:38, File description = (null), Product Name = (null), Product version = 5.1.2600.3266, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-2001.) |409301632|0x0144abc4c4a624b583d432ee478a711c|
C:\WINDOWS\system32\COMCTL32.dll, MID = 5d090000, ("c:\windows\system32\comctl32.dll") File version = 5.82 (xpsp.060825-0040), File size = 617472, File modification date = 25/08/2006 15:45, File description = Common Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |590308980|0xb0124cb21d28b1c9f678b566b6b57d92|
C:\WINDOWS\system32\OLEACC.dll, MID = 74c80000, ("c:\windows\system32\oleacc.dll") File version = 4.2.5406.0 (xpclient.010817-1148), File size = 163328, File modification date = 23/08/2001 12:00, File description = Active Accessibility Core Component, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1578518791|0x5f2dbe3cb563741c8084657bf956ce64|
C:\WINDOWS\system32\MSVCP60.dll, MID = 76080000, ("c:\windows\system32\msvcp60.dll") File version = 6.02.3104.0, File size = 413696, File modification date = 04/08/2004 07:56, File description = Microsoft (R) C++ Runtime Library, Product Name = Microsoft (R) Visual C++, Product version = 6.02.3104.0, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1998) |-817830461|0x1f57eb5b92b2ac7f9d71a77d184d8c13|
C:\Program Files\Palm\INSTAIDE.dll, MID = 66ae0000, ("c:\program files\palm\instaide.dll") File version = 6.0.1, File size = 167936, File modification date = 09/06/2004 22:27, File description = Palm OS Desktop Shared Library, Product Name = HotSync(R) Manager, Palm OS Desktop, Product version = 6.0.1, Company name = PalmSource, Inc (Copyright © 1995-2004 PalmSource Inc.) |-2119418169|0xbf5e62a75cb79228733d4b2697615860|
C:\Program Files\Palm\i18nNoMFC.dll, MID = 66b10000, ("c:\program files\palm\i18nnomfc.dll") File version = 6.0.1, File size = 17408, File modification date = 09/06/2004 22:27, File description = Palm Desktop Shared Library, Product Name = Palm Desktop, Product version = 6.0.1, Company name = PalmSource, Inc (Copyright © 1995-2004 PalmSource Inc.) |-252981495|0x749c8c2a737a32bc24782964e9974a84|
C:\Program Files\Palm\MSVCR71.dll, MID = 7c340000, ("c:\program files\palm\msvcr71.dll") File version = 7.10.3052.4, File size = 348160, File modification date = 21/02/2003 12:42, File description = Microsoft® C Runtime Library, Product Name = Microsoft® Visual Studio .NET, Product version = 7.10.3052.4, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |894841200|0x86f1895ae8c5e8b17d99ece768a70732|
C:\Program Files\Palm\MSVCP71.dll, MID = 7c3a0000, ("c:\program files\palm\msvcp71.dll") File version = 7.10.3077.0, File size = 499712, File modification date = 19/03/2003 04:14, File description = Microsoft® C++ Runtime Library, Product Name = Microsoft® Visual Studio .NET, Product version = 7.10.3077.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1513820628|0x561fa2abb31dfa8fab762145f81667c2|
C:\WINDOWS\system32\IMM32.DLL, MID = 76390000, ("c:\windows\system32\imm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 110080, File modification date = 04/08/2004 07:56, File description = Windows XP IMM32 API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-43671331|0x87ca7ce6469577f059297b9d6556d66d|
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll, MID = 773d0000, ("c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll") File version = 6.0 (xpsp.060825-0040), File size = 1054208, File modification date = 25/08/2006 15:45, File description = User Experience Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1490442124|0xc4e80875c1cf1222fc5efd0314ae5c01|
C:\WINDOWS\system32\uxtheme.dll, MID = 5ad70000, ("c:\windows\system32\uxtheme.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 218624, File modification date = 04/08/2004 07:56, File description = Microsoft UxTheme Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1521061666|0x2cde496666a975a2ce8f969f3042c8db|
C:\WINDOWS\system32\MSCTF.dll, MID = 74720000, ("c:\windows\system32\msctf.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 294400, File modification date = 04/08/2004 07:56, File description = MSCTF Server DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1143806381|0x2b6d3630eb32b562e6763370ce35d730|
C:\WINDOWS\system32\CLBCATQ.DLL, MID = 76fd0000, ("c:\windows\system32\clbcatq.dll") File version = 2001.12.4414.308, File size = 498688, File modification date = 26/07/2005 04:39, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |-1645411569|0xec8a848fc4f17f3b3d9da4a0c43fb930|
C:\WINDOWS\system32\COMRes.dll, MID = 77050000, ("c:\windows\system32\comres.dll") File version = 2001.12.4414.258, File size = 792064, File modification date = 04/08/2004 07:56, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |1511175330|0x6728270cb7dbb776ed086f5ac4c82310|
C:\WINDOWS\system32\VERSION.dll, MID = 77c00000, ("c:\windows\system32\version.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18944, File modification date = 04/08/2004 07:56, File description = Version Checking and File Installation Libraries, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-807126597|0xd38408967be738d0c1b47005bce8ceeb|
C:\WINDOWS\system32\SETUPAPI.dll, MID = 77920000, ("c:\windows\system32\setupapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 983552, File modification date = 04/08/2004 07:56, File description = Windows Setup API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |598744909|0x7808313cbc634ee08346d5ddfef1cc5f|
C:\WINDOWS\system32\LINKINFO.dll, MID = 76980000, ("c:\windows\system32\linkinfo.dll") File version = 5.1.2600.2751 (xpsp_sp2_gdr.050831-1520), File size = 19968, File modification date = 01/09/2005 01:41, File description = Windows Volume Tracking, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2751, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-838685458|0xa1a688ee56cf3bbd24edeb815d48e9ba|
C:\WINDOWS\system32\ntshrui.dll, MID = 76990000, ("c:\windows\system32\ntshrui.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 143872, File modification date = 04/08/2004 07:56, File description = Shell extensions for sharing, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1618858951|0x385e9aec6e100dbebee5bd1f27a55e1d|
C:\WINDOWS\system32\ATL.DLL, MID = 76b20000, ("c:\windows\system32\atl.dll") File version = 3.05.2284, File size = 58880, File modification date = 04/08/2004 07:56, File description = ATL Module for Windows XP (Unicode), Product Name = Microsoft (R) Visual C++, Product version = 6.05.2284, Company name = Microsoft Corporation (Copyright © Microsoft Corp.) |-391632475|0x2d40edb9bf811590dad7406dec67b926|
C:\WINDOWS\system32\NETAPI32.dll, MID = 5b860000, ("c:\windows\system32\netapi32.dll") File version = 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), File size = 332288, File modification date = 17/08/2006 12:28, File description = Net Win32 API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2976, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |640979505|0x35a4c61b5a9ae04e73843fb21f9a1137|
C:\WINDOWS\system32\USERENV.dll, MID = 769c0000, ("c:\windows\system32\userenv.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 723456, File modification date = 04/08/2004 07:56, File description = Userenv, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-59535776|0x2b9b56a89a8a42e917511972a6db36e3|
C:\Program Files\Palm\SHW32.DLL, MID = a930000, ("c:\program files\palm\shw32.dll") File version = 6.02.29, File size = 118800, File modification date = 01/02/2007 06:13, File description = Memory Management Library for Win32, Product Name = SmartHeap, Product version = 6.02, Company name = MicroQuill Software Publishing, Inc. (Copyright © 1991-2001 Compuware Corp.) |2008627066|0x614804e6b611acfef5555492ea756caa|
C:\Program Files\Palm\USBTransport.dll, MID = 669c0000, ("c:\program files\palm\usbtransport.dll") File version = 6.0.1, File size = 28672, File modification date = 09/06/2004 22:27, File description = USB Transport Module, Product Name = HotSync(R) Manager, Product version = 6.0.1, Company name = PalmSource, Inc (Copyright © 1995-2004 PalmSource Inc.) |-846634954|0xd301abdc8ad61034e6dc3ed1c86d437b|
C:\WINDOWS\system32\USBPort.dll, MID = 10000000, ("c:\windows\system32\usbport.dll") File version = 6.0.1, File size = 53248, File modification date = 09/06/2004 22:27, File description = USB Port Module, Product Name = HotSync® Manager, Product version = 6.0.1, Company name = PalmSource, Inc (Copyright © 1995-2004 PalmSource Inc.) |902893038|0x106be998a091f9faadb687ad5e57c736|
C:\WINDOWS\system32\msctfime.ime, MID = 755c0000, ("c:\windows\system32\msctfime.ime") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 177152, File modification date = 04/08/2004 07:56, File description = Microsoft Text Frame Work Service IME, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1785802648|0xd87041eaa67eca4394f6d5d09c0c2885|
C:\WINDOWS\system32\wtsapi32.dll, MID = 76f50000, ("c:\windows\system32\wtsapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18432, File modification date = 04/08/2004 07:56, File description = Windows Terminal Server SDK APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-593757918|0x67f2d109ab373feceb819f420db11f03|
C:\WINDOWS\system32\WINSTA.dll, MID = 76360000, ("c:\windows\system32\winsta.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 53760, File modification date = 04/08/2004 07:56, File description = Winstation Library, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1778901481|0x7bc4ba4c33adf3ef5cd370d99bc60b04|

PROCESS nvsvc32, PID = 1864, USER = NT AUTHORITY\SYSTEM (Group - BUILTIN\Administrators, Everyone, NT AUTHORITY\Authenticated Users), Command Line = C:\WINDOWS\system32\nvsvc32.exe
"c:\windows\system32\nvsvc32.exe" File version = 6.14.11.6921, File size = 155716, File modification date = 05/12/2007 09:41, File description = NVIDIA Driver Helper Service, Version 169.21, Product Name = NVIDIA Driver Helper Service, Version 169.21, Product version = 6.14.11.6921, Company name = NVIDIA Corporation ((C) NVIDIA Corporation. All rights reserved.) |-1966732041|0x472a00d2183c9e5edb3e076272741812|
C:\WINDOWS\system32\nvsvc32.exe, MID = 400000, ("c:\windows\system32\nvsvc32.exe") File version = 6.14.11.6921, File size = 155716, File modification date = 05/12/2007 09:41, File description = NVIDIA Driver Helper Service, Version 169.21, Product Name = NVIDIA Driver Helper Service, Version 169.21, Product version = 6.14.11.6921, Company name = NVIDIA Corporation ((C) NVIDIA Corporation. All rights reserved.) |-1966732041|0x472a00d2183c9e5edb3e076272741812|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|
C:\WINDOWS\system32\kernel32.dll, MID = 7c800000, ("c:\windows\system32\kernel32.dll") File version = 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301), File size = 984576, File modification date = 16/04/2007 15:52, File description = Windows NT BASE API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3119, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751812395|0xa01f9ca902a88f7ced06884174d6419d|
C:\WINDOWS\system32\USER32.dll, MID = 7e410000, ("c:\windows\system32\user32.dll") File version = 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), File size = 577536, File modification date = 08/03/2007 15:36, File description = Windows XP USER API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3099, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-550357050|0xb409909f6e2e8a7067076ed748abf1e7|
C:\WINDOWS\system32\GDI32.dll, MID = 77f10000, ("c:\windows\system32\gdi32.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 282624, File modification date = 20/02/2008 06:51, File description = GDI Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |404757280|0x011fc443e31e3d51b238564bc499b9b1|
C:\WINDOWS\system32\ADVAPI32.dll, MID = 77dd0000, ("c:\windows\system32\advapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 616960, File modification date = 04/08/2004 07:56, File description = Advanced Windows 32 Base API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1585065738|0x1aff244ca134956c54474f4e2433e4ce|
C:\WINDOWS\system32\RPCRT4.dll, MID = 77e70000, ("c:\windows\system32\rpcrt4.dll") File version = 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052), File size = 582656, File modification date = 09/07/2007 13:16, File description = Remote Procedure Call Runtime, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3173, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |862413953|0xec9d7fd24172c1879e7673f654e55cec|
C:\WINDOWS\system32\USERENV.dll, MID = 769c0000, ("c:\windows\system32\userenv.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 723456, File modification date = 04/08/2004 07:56, File description = Userenv, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-59535776|0x2b9b56a89a8a42e917511972a6db36e3|
C:\WINDOWS\system32\msvcrt.dll, MID = 77c10000, ("c:\windows\system32\msvcrt.dll") File version = 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 343040, File modification date = 04/08/2004 07:56, File description = Windows NT CRT DLL, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1385742533|0xb0fefa816d61ec66aa765ddf534eab5e|
C:\WINDOWS\system32\POWRPROF.dll, MID = 74ad0000, ("c:\windows\system32\powrprof.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 17408, File modification date = 04/08/2004 07:56, File description = Power Profile Helper DLL, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |527595151|0x1b5f6923abb450692e9fe0672c897aed|
C:\WINDOWS\system32\IMM32.DLL, MID = 76390000, ("c:\windows\system32\imm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 110080, File modification date = 04/08/2004 07:56, File description = Windows XP IMM32 API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-43671331|0x87ca7ce6469577f059297b9d6556d66d|
C:\WINDOWS\system32\wtsapi32.dll, MID = 76f50000, ("c:\windows\system32\wtsapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18432, File modification date = 04/08/2004 07:56, File description = Windows Terminal Server SDK APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-593757918|0x67f2d109ab373feceb819f420db11f03|
C:\WINDOWS\system32\WINSTA.dll, MID = 76360000, ("c:\windows\system32\winsta.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 53760, File modification date = 04/08/2004 07:56, File description = Winstation Library, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1778901481|0x7bc4ba4c33adf3ef5cd370d99bc60b04|
C:\WINDOWS\system32\NETAPI32.dll, MID = 5b860000, ("c:\windows\system32\netapi32.dll") File version = 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), File size = 332288, File modification date = 17/08/2006 12:28, File description = Net Win32 API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2976, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |640979505|0x35a4c61b5a9ae04e73843fb21f9a1137|
C:\WINDOWS\system32\SHELL32.dll, MID = 7c9c0000, ("c:\windows\system32\shell32.dll") File version = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245), File size = 8460288, File modification date = 26/10/2007 03:34, File description = Windows Shell Common Dll, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3241, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1265059713|0x3be4c2e84d99889685fe2b68e5fa2a9d|
C:\WINDOWS\system32\SHLWAPI.dll, MID = 77f60000, ("c:\windows\system32\shlwapi.dll") File version = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040), File size = 474112, File modification date = 04/01/2007 14:05, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3059, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |360429776|0x7ffe0d795f7138a5487fc90a8ec121e1|
C:\WINDOWS\system32\ole32.dll, MID = 774e0000, ("c:\windows\system32\ole32.dll") File version = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), File size = 1285120, File modification date = 26/07/2005 04:39, File description = Microsoft OLE for Windows, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2726, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1389208961|0xab8231d13692ac5088eb9c226b0c0576|
C:\WINDOWS\system32\COMCTL32.dll, MID = 5d090000, ("c:\windows\system32\comctl32.dll") File version = 5.82 (xpsp.060825-0040), File size = 617472, File modification date = 25/08/2006 15:45, File description = Common Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |590308980|0xb0124cb21d28b1c9f678b566b6b57d92|
C:\WINDOWS\system32\OLEAUT32.dll, MID = 77120000, ("c:\windows\system32\oleaut32.dll") File version = 5.1.2600.3266, File size = 550912, File modification date = 04/12/2007 18:38, File description = (null), Product Name = (null), Product version = 5.1.2600.3266, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-2001.) |409301632|0x0144abc4c4a624b583d432ee478a711c|
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll, MID = 773d0000, ("c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll") File version = 6.0 (xpsp.060825-0040), File size = 1054208, File modification date = 25/08/2006 15:45, File description = User Experience Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1490442124|0xc4e80875c1cf1222fc5efd0314ae5c01|
C:\WINDOWS\system32\nvapi.dll, MID = 7e0000, ("c:\windows\system32\nvapi.dll") File version = 6.14.11.6921, File size = 385024, File modification date = 05/12/2007 09:41, File description = NVIDIA NVAPI Library, Version 169.21 , Product Name = NVIDIA Windows drivers, Product version = 6.14.11.6921, Company name = NVIDIA Corporation ((C) NVIDIA Corporation. All rights reserved.) |543410616|0xc1467115c021f17ec3d93ae98f7159b3|
C:\WINDOWS\system32\SETUPAPI.dll, MID = 77920000, ("c:\windows\system32\setupapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 983552, File modification date = 04/08/2004 07:56, File description = Windows Setup API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |598744909|0x7808313cbc634ee08346d5ddfef1cc5f|
C:\WINDOWS\system32\uxtheme.dll, MID = 5ad70000, ("c:\windows\system32\uxtheme.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 218624, File modification date = 04/08/2004 07:56, File description = Microsoft UxTheme Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1521061666|0x2cde496666a975a2ce8f969f3042c8db|
C:\WINDOWS\system32\msctfime.ime, MID = 755c0000, ("c:\windows\system32\msctfime.ime") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 177152, File modification date = 04/08/2004 07:56, File description = Microsoft Text Frame Work Service IME, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1785802648|0xd87041eaa67eca4394f6d5d09c0c2885|
C:\WINDOWS\system32\WINTRUST.dll, MID = 76c30000, ("c:\windows\system32\wintrust.dll") File version = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 176640, File modification date = 04/08/2004 07:56, File description = Microsoft Trust Verification APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.131.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1999501123|0xb015a20c60d2a751777a9c8207a7ba82|
C:\WINDOWS\system32\CRYPT32.dll, MID = 77a80000, ("c:\windows\system32\crypt32.dll") File version = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 597504, File modification date = 04/08/2004 07:56, File description = Crypto API32, Product Name = Microsoft® Windows® Operating System, Product version = 5.131.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1759588438|0xefc958396a7a7ef7e6d4a52b97512e18|
C:\WINDOWS\system32\MSASN1.dll, MID = 77b20000, ("c:\windows\system32\msasn1.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 57344, File modification date = 04/08/2004 07:56, File description = ASN.1 Runtime APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-720210377|0x3cd1ce106ca2a9b4cc626d7df03fbd6f|
C:\WINDOWS\system32\IMAGEHLP.dll, MID = 76c90000, ("c:\windows\system32\imagehlp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 144384, File modification date = 04/08/2004 07:56, File description = Windows NT Image Helper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1900703932|0x5afce94e8286b2f57a04da37f01bf21a|
C:\WINDOWS\system32\secur32.dll, MID = 77fe0000, ("c:\windows\system32\secur32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 55808, File modification date = 04/08/2004 07:56, File description = Security Support Provider Interface, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1513275479|0x81459cb8e975003ad28b8abb8dfa8329|
C:\WINDOWS\system32\msv1_0.dll, MID = 77c70000, ("c:\windows\system32\msv1_0.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 129536, File modification date = 04/08/2004 07:56, File description = Microsoft Authentication Package v1.0, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1862327760|0x77c41f9146450c89534704a75836ce56|
C:\WINDOWS\system32\WS2_32.dll, MID = 71ab0000, ("c:\windows\system32\ws2_32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 82944, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1757885354|0x2ed0b7f12a60f90092081c50fa0ec2b2|
C:\WINDOWS\system32\WS2HELP.dll, MID = 71aa0000, ("c:\windows\system32\ws2help.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-170042698|0x9beacb911ca61e5881102188ab7fb431|
C:\WINDOWS\system32\iphlpapi.dll, MID = 76d60000, ("c:\windows\system32\iphlpapi.dll") File version = 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), File size = 94720, File modification date = 19/05/2006 12:59, File description = IP Helper API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2912, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |858262452|0x011eacf9153ef90e6cbce2987acae411|
C:\WINDOWS\system32\Apphelp.dll, MID = 77b40000, ("c:\windows\system32\apphelp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 126976, File modification date = 04/08/2004 07:56, File description = Application Compatibility Client Library, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1990618285|0xeca24ab73fcffa754d4070cdb03529e3|
C:\WINDOWS\system32\VERSION.dll, MID = 77c00000, ("c:\windows\system32\version.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18944, File modification date = 04/08/2004 07:56, File description = Version Checking and File Installation Libraries, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-807126597|0xd38408967be738d0c1b47005bce8ceeb|
C:\WINDOWS\system32\NTMARTA.DLL, MID = 77690000, ("c:\windows\system32\ntmarta.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 118784, File modification date = 04/08/2004 07:56, File description = Windows NT MARTA provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1318044394|0xdaa91b358e685fc6cca9aca72be6fe85|
C:\WINDOWS\system32\WLDAP32.dll, MID = 76f60000, ("c:\windows\system32\wldap32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 172032, File modification date = 04/08/2004 07:56, File description = Win32 LDAP API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1605268905|0x10f36fa092d7a309a0647fcdc764ae6c|
C:\WINDOWS\system32\SAMLIB.dll, MID = 71bf0000, ("c:\windows\system32\samlib.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 64000, File modification date = 04/08/2004 07:56, File description = SAM Library DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1039413179|0xebe12f403fde45e7312e7bf764bfb6c6|

PROCESS svchost, PID = 1928, USER = NT AUTHORITY\SYSTEM (Group - BUILTIN\Administrators, Everyone, NT AUTHORITY\Authenticated Users), Command Line = C:\WINDOWS\System32\svchost.exe -k imgsvc
"C:\WINDOWS\system32\svchost.exe" File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 14336, File modification date = 04/08/2004 07:56, File description = Generic Host Process for Win32 Services, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1487710196|0x8f078ae4ed187aaabc0a305146de6716|
C:\WINDOWS\System32\svchost.exe, MID = 1000000, ("C:\WINDOWS\system32\svchost.exe") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 14336, File modification date = 04/08/2004 07:56, File description = Generic Host Process for Win32 Services, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1487710196|0x8f078ae4ed187aaabc0a305146de6716|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|
C:\WINDOWS\system32\kernel32.dll, MID = 7c800000, ("c:\windows\system32\kernel32.dll") File version = 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301), File size = 984576, File modification date = 16/04/2007 15:52, File description = Windows NT BASE API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3119, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751812395|0xa01f9ca902a88f7ced06884174d6419d|
C:\WINDOWS\system32\ADVAPI32.dll, MID = 77dd0000, ("c:\windows\system32\advapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 616960, File modification date = 04/08/2004 07:56, File description = Advanced Windows 32 Base API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1585065738|0x1aff244ca134956c54474f4e2433e4ce|
C:\WINDOWS\system32\RPCRT4.dll, MID = 77e70000, ("c:\windows\system32\rpcrt4.dll") File version = 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052), File size = 582656, File modification date = 09/07/2007 13:16, File description = Remote Procedure Call Runtime, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3173, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |862413953|0xec9d7fd24172c1879e7673f654e55cec|
C:\WINDOWS\System32\ShimEng.dll, MID = 5cb70000, ("c:\windows\system32\shimeng.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 65536, File modification date = 04/08/2004 07:56, File description = Shim Engine DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1268187735|0x43da983415ea533f9e667fdb415f4655|
C:\WINDOWS\AppPatch\AcGenral.DLL, MID = 6f880000, ("c:\windows\apppatch\acgenral.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 1852416, File modification date = 04/08/2004 07:56, File description = Windows Compatibility DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1968887141|0xfb537f29a827d78f756154cf397a113f|
C:\WINDOWS\system32\USER32.dll, MID = 7e410000, ("c:\windows\system32\user32.dll") File version = 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), File size = 577536, File modification date = 08/03/2007 15:36, File description = Windows XP USER API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3099, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-550357050|0xb409909f6e2e8a7067076ed748abf1e7|
C:\WINDOWS\system32\GDI32.dll, MID = 77f10000, ("c:\windows\system32\gdi32.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 282624, File modification date = 20/02/2008 06:51, File description = GDI Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |404757280|0x011fc443e31e3d51b238564bc499b9b1|
C:\WINDOWS\System32\WINMM.dll, MID = 76b40000, ("c:\windows\system32\winmm.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 176128, File modification date = 04/08/2004 07:56, File description = MCI API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |305547002|0x90fdaa22f38d9e911f91fa3b8a1f7e5d|
C:\WINDOWS\system32\ole32.dll, MID = 774e0000, ("c:\windows\system32\ole32.dll") File version = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), File size = 1285120, File modification date = 26/07/2005 04:39, File description = Microsoft OLE for Windows, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2726, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1389208961|0xab8231d13692ac5088eb9c226b0c0576|
C:\WINDOWS\system32\msvcrt.dll, MID = 77c10000, ("c:\windows\system32\msvcrt.dll") File version = 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 343040, File modification date = 04/08/2004 07:56, File description = Windows NT CRT DLL, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1385742533|0xb0fefa816d61ec66aa765ddf534eab5e|
C:\WINDOWS\system32\OLEAUT32.dll, MID = 77120000, ("c:\windows\system32\oleaut32.dll") File version = 5.1.2600.3266, File size = 550912, File modification date = 04/12/2007 18:38, File description = (null), Product Name = (null), Product version = 5.1.2600.3266, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-2001.) |409301632|0x0144abc4c4a624b583d432ee478a711c|
C:\WINDOWS\System32\MSACM32.dll, MID = 77be0000, ("c:\windows\system32\msacm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 71680, File modification date = 04/08/2004 07:56, File description = Microsoft ACM Audio Filter, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1780582686|0x975d12353b1d525c0f3444c447fb3b9a|
C:\WINDOWS\system32\VERSION.dll, MID = 77c00000, ("c:\windows\system32\version.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18944, File modification date = 04/08/2004 07:56, File description = Version Checking and File Installation Libraries, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-807126597|0xd38408967be738d0c1b47005bce8ceeb|
C:\WINDOWS\system32\SHELL32.dll, MID = 7c9c0000, ("c:\windows\system32\shell32.dll") File version = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245), File size = 8460288, File modification date = 26/10/2007 03:34, File description = Windows Shell Common Dll, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3241, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1265059713|0x3be4c2e84d99889685fe2b68e5fa2a9d|
C:\WINDOWS\system32\SHLWAPI.dll, MID = 77f60000, ("c:\windows\system32\shlwapi.dll") File version = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040), File size = 474112, File modification date = 04/01/2007 14:05, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3059, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |360429776|0x7ffe0d795f7138a5487fc90a8ec121e1|
C:\WINDOWS\system32\USERENV.dll, MID = 769c0000, ("c:\windows\system32\userenv.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 723456, File modification date = 04/08/2004 07:56, File description = Userenv, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-59535776|0x2b9b56a89a8a42e917511972a6db36e3|
C:\WINDOWS\System32\UxTheme.dll, MID = 5ad70000, ("c:\windows\system32\uxtheme.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 218624, File modification date = 04/08/2004 07:56, File description = Microsoft UxTheme Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1521061666|0x2cde496666a975a2ce8f969f3042c8db|
C:\WINDOWS\system32\IMM32.DLL, MID = 76390000, ("c:\windows\system32\imm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 110080, File modification date = 04/08/2004 07:56, File description = Windows XP IMM32 API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-43671331|0x87ca7ce6469577f059297b9d6556d66d|
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll, MID = 773d0000, ("c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll") File version = 6.0 (xpsp.060825-0040), File size = 1054208, File modification date = 25/08/2006 15:45, File description = User Experience Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1490442124|0xc4e80875c1cf1222fc5efd0314ae5c01|
C:\WINDOWS\system32\comctl32.dll, MID = 5d090000, ("c:\windows\system32\comctl32.dll") File version = 5.82 (xpsp.060825-0040), File size = 617472, File modification date = 25/08/2006 15:45, File description = Common Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |590308980|0xb0124cb21d28b1c9f678b566b6b57d92|
c:\windows\system32\wiaservc.dll, MID = 75aa0000, ("c:\windows\system32\wiaservc.dll") File version = 5.1.2600.3051 (xpsp_sp2_gdr.061219-0316), File size = 333824, File modification date = 19/12/2006 18:16, File description = Still Image Devices Service, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3051, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1399556731|0xb6763f8534ac547cf1af98afdff2edc8|
c:\windows\system32\CFGMGR32.dll, MID = 74ae0000, ("c:\windows\system32\cfgmgr32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 16896, File modification date = 04/08/2004 07:56, File description = Configuration Manager Forwarder DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1107122561|0x0fcb11b39af688035e1cde754684ee5c|
C:\WINDOWS\System32\setupapi.dll, MID = 77920000, ("c:\windows\system32\setupapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 983552, File modification date = 04/08/2004 07:56, File description = Windows Setup API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |598744909|0x7808313cbc634ee08346d5ddfef1cc5f|
c:\windows\system32\mscms.dll, MID = 73b30000, ("c:\windows\system32\mscms.dll") File version = 5.1.2600.2709 (xpsp_sp2_gdr.050628-1518), File size = 74240, File modification date = 29/06/2005 01:46, File description = Microsoft Color Matching System DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2709, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-326630528|0xe68621d5621e56b2c78e9c680eaf4a5b|
c:\windows\system32\WINSPOOL.DRV, MID = 73000000, ("c:\windows\system32\winspool.drv") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 146432, File modification date = 04/08/2004 07:56, File description = Windows Spooler Driver, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |511192227|0x777eb29d0135d81ad9828a2b05443496|
c:\windows\system32\WINSTA.dll, MID = 76360000, ("c:\windows\system32\winsta.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 53760, File modification date = 04/08/2004 07:56, File description = Winstation Library, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1778901481|0x7bc4ba4c33adf3ef5cd370d99bc60b04|
C:\WINDOWS\system32\NETAPI32.dll, MID = 5b860000, ("c:\windows\system32\netapi32.dll") File version = 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), File size = 332288, File modification date = 17/08/2006 12:28, File description = Net Win32 API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2976, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |640979505|0x35a4c61b5a9ae04e73843fb21f9a1137|
C:\WINDOWS\System32\xpsp2res.dll, MID = 20000000, ("c:\windows\system32\xpsp2res.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 2897920, File modification date = 04/08/2004 07:56, File description = Service Pack 2 Messages, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |649549229|0x1320aea7057a26a671d9548cc7bebda5|
C:\WINDOWS\System32\CLBCATQ.DLL, MID = 76fd0000, ("c:\windows\system32\clbcatq.dll") File version = 2001.12.4414.308, File size = 498688, File modification date = 26/07/2005 04:39, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |-1645411569|0xec8a848fc4f17f3b3d9da4a0c43fb930|
C:\WINDOWS\System32\COMRes.dll, MID = 77050000, ("c:\windows\system32\comres.dll") File version = 2001.12.4414.258, File size = 792064, File modification date = 04/08/2004 07:56, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |1511175330|0x6728270cb7dbb776ed086f5ac4c82310|
C:\WINDOWS\system32\WINTRUST.dll, MID = 76c30000, ("c:\windows\system32\wintrust.dll") File version = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 176640, File modification date = 04/08/2004 07:56, File description = Microsoft Trust Verification APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.131.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1999501123|0xb015a20c60d2a751777a9c8207a7ba82|
C:\WINDOWS\system32\CRYPT32.dll, MID = 77a80000, ("c:\windows\system32\crypt32.dll") File version = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 597504, File modification date = 04/08/2004 07:56, File description = Crypto API32, Product Name = Microsoft® Windows® Operating System, Product version = 5.131.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1759588438|0xefc958396a7a7ef7e6d4a52b97512e18|
C:\WINDOWS\system32\MSASN1.dll, MID = 77b20000, ("c:\windows\system32\msasn1.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 57344, File modification date = 04/08/2004 07:56, File description = ASN.1 Runtime APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-720210377|0x3cd1ce106ca2a9b4cc626d7df03fbd6f|
C:\WINDOWS\system32\IMAGEHLP.dll, MID = 76c90000, ("c:\windows\system32\imagehlp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 144384, File modification date = 04/08/2004 07:56, File description = Windows NT Image Helper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1900703932|0x5afce94e8286b2f57a04da37f01bf21a|
C:\WINDOWS\system32\hpgwiamd.dll, MID = 10000000, ("c:\windows\system32\hpgwiamd.dll") File version = 3.2.2.483, File size = 274432, File modification date = 11/08/2003 08:07, File description = Hewlett-Packard WIA minidriver., Product Name = hpgwiamd.dll, Product version = 3.0.0.483, Company name = Hewlett-Packard (© Copyright 2000-2001 Hewlett-Packard Company) |-344491597|0x996d08d05bbcdbfd4426af1d0bc82687|
C:\WINDOWS\system32\hpotscl.dll, MID = 950000, ("c:\windows\system32\hpotscl.dll") File version = 1, 0, 0,484, File size = 565248, File modification date = 11/08/2003 08:07, File description = hpotscl Module, Product Name = hpotscl Module, Product version = 3.1.0.484, Company name = (Copyright 2001) |1128693814|0x5c4642cafc688b7b8637a528c15d1a76|
C:\WINDOWS\system32\WS2_32.dll, MID = 71ab0000, ("c:\windows\system32\ws2_32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 82944, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1757885354|0x2ed0b7f12a60f90092081c50fa0ec2b2|
C:\WINDOWS\system32\WS2HELP.dll, MID = 71aa0000, ("c:\windows\system32\ws2help.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-170042698|0x9beacb911ca61e5881102188ab7fb431|
C:\WINDOWS\system32\actxprxy.dll, MID = 71d40000, ("c:\windows\system32\actxprxy.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 101888, File modification date = 04/08/2004 07:56, File description = ActiveX Interface Marshaling Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1615437978|0x13510490bea0997db625daa0178cbfca|
C:\WINDOWS\System32\sti.dll, MID = 73ba0000, ("c:\windows\system32\sti.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 67584, File modification date = 04/08/2004 07:56, File description = Still Image Devices client DLL , Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1091788398|0xf6719362645c184049b2180110f0253f|

PROCESS Rtvscan, PID = 648, USER = , Command Line = c:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Symantec AntiVirus\Rtvscan.exe, MID = 400000, ("c:\program files\symantec antivirus\rtvscan.exe") File version = 10.2.0.224, File size = 1956552, File modification date = 14/10/2006 14:02, File description = Symantec AntiVirus, Product Name = Symantec AntiVirus, Product version = 10.2.0.224, Company name = Symantec Corporation (Copyright 1991 - 2006 Symantec Corporation. All rights reserved.) |526744613|0x3ce76938766fb2e1694957c138ddd1ca|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|
C:\WINDOWS\system32\kernel32.dll, MID = 7c800000, ("c:\windows\system32\kernel32.dll") File version = 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301), File size = 984576, File modification date = 16/04/2007 15:52, File description = Windows NT BASE API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3119, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751812395|0xa01f9ca902a88f7ced06884174d6419d|
C:\WINDOWS\system32\urlmon.dll, MID = 42cf0000, ("c:\windows\system32\urlmon.dll") File version = 7.00.6000.16640 (vista_gdr.080213-1606), File size = 1159680, File modification date = 01/03/2008 13:06, File description = OLE32 Extensions for Win32, Product Name = Windows® Internet Explorer, Product version = 7.00.6000.16640, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |488660913|0x2616f6a2eaf515fe7b95b29f77604e5b|
C:\WINDOWS\system32\msvcrt.dll, MID = 77c10000, ("c:\windows\system32\msvcrt.dll") File version = 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 343040, File modification date = 04/08/2004 07:56, File description = Windows NT CRT DLL, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1385742533|0xb0fefa816d61ec66aa765ddf534eab5e|
C:\WINDOWS\system32\ole32.dll, MID = 774e0000, ("c:\windows\system32\ole32.dll") File version = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), File size = 1285120, File modification date = 26/07/2005 04:39, File description = Microsoft OLE for Windows, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2726, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1389208961|0xab8231d13692ac5088eb9c226b0c0576|
C:\WINDOWS\system32\ADVAPI32.dll, MID = 77dd0000, ("c:\windows\system32\advapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 616960, File modification date = 04/08/2004 07:56, File description = Advanced Windows 32 Base API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1585065738|0x1aff244ca134956c54474f4e2433e4ce|
C:\WINDOWS\system32\RPCRT4.dll, MID = 77e70000, ("c:\windows\system32\rpcrt4.dll") File version = 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052), File size = 582656, File modification date = 09/07/2007 13:16, File description = Remote Procedure Call Runtime, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3173, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |862413953|0xec9d7fd24172c1879e7673f654e55cec|
C:\WINDOWS\system32\GDI32.dll, MID = 77f10000, ("c:\windows\system32\gdi32.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 282624, File modification date = 20/02/2008 06:51, File description = GDI Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |404757280|0x011fc443e31e3d51b238564bc499b9b1|
C:\WINDOWS\system32\USER32.dll, MID = 7e410000, ("c:\windows\system32\user32.dll") File version = 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), File size = 577536, File modification date = 08/03/2007 15:36, File description = Windows XP USER API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3099, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-550357050|0xb409909f6e2e8a7067076ed748abf1e7|
C:\WINDOWS\system32\OLEAUT32.dll, MID = 77120000, ("c:\windows\system32\oleaut32.dll") File version = 5.1.2600.3266, File size = 550912, File modification date = 04/12/2007 18:38, File description = (null), Product Name = (null), Product version = 5.1.2600.3266, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-2001.) |409301632|0x0144abc4c4a624b583d432ee478a711c|
C:\WINDOWS\system32\SHLWAPI.dll, MID = 77f60000, ("c:\windows\system32\shlwapi.dll") File version = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040), File size = 474112, File modification date = 04/01/2007 14:05, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3059, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |360429776|0x7ffe0d795f7138a5487fc90a8ec121e1|
C:\WINDOWS\system32\iertutil.dll, MID = 42990000, ("c:\windows\system32\iertutil.dll") File version = 7.00.6000.16640 (vista_gdr.080213-1606), File size = 267776, File modification date = 01/03/2008 13:06, File description = Run time utility for Internet Explorer, Product Name = Windows® Internet Explorer, Product version = 7.00.6000.16640, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1890308121|0x4926de4ab9c86e8b295e7e6797b97782|
C:\WINDOWS\system32\MSVCP71.dll, MID = 7c3a0000, ("c:\windows\system32\msvcp71.dll") File version = 7.10.3077.0, File size = 499712, File modification date = 19/03/2003 03:14, File description = Microsoft® C++ Runtime Library, Product Name = Microsoft® Visual Studio .NET, Product version = 7.10.3077.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1513820628|0x561fa2abb31dfa8fab762145f81667c2|
C:\WINDOWS\system32\MSVCR71.dll, MID = 7c340000, ("c:\windows\system32\msvcr71.dll") File version = 7.10.3052.4, File size = 348160, File modification date = 21/02/2003 11:42, File description = Microsoft® C Runtime Library, Product Name = Microsoft® Visual Studio .NET, Product version = 7.10.3052.4, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |894841200|0x86f1895ae8c5e8b17d99ece768a70732|
C:\WINDOWS\system32\VERSION.dll, MID = 77c00000, ("c:\windows\system32\version.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18944, File modification date = 04/08/2004 07:56, File description = Version Checking and File Installation Libraries, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-807126597|0xd38408967be738d0c1b47005bce8ceeb|
C:\WINDOWS\system32\CBA.DLL, MID = 501e0000, ("c:\windows\system32\cba.dll") File version = 6.12.0.142 E, File size = 34600, File modification date = 17/03/2006 13:35, File description = CBA Interface Library, Product Name = Intel Common Base Agent, Product version = 6.12.0.142, Company name = LANDesk Software Ltd. (Copyright © 1997-2004 LANDesk Software Ltd.) |1523263708|0xab21e78633191cbc0f80eecf6f7a40c8|
C:\WINDOWS\system32\MsgSys.dll, MID = 50240000, ("c:\windows\system32\msgsys.dll") File version = 6.12.0.142 E, File size = 46896, File modification date = 17/03/2006 13:35, File description = CBA -- Message System Library, Product Name = Intel Common Base Agent, Product version = 6.12.0.142, Company name = LANDesk Software Ltd. (Copyright © 1997-2004 LANDesk Software Ltd.) |-560893072|0xc4c9018343e87c057af106f4357113f6|
C:\WINDOWS\system32\NTS.dll, MID = 50250000, ("c:\windows\system32\nts.dll") File version = 6.12.0.142 E, File size = 83752, File modification date = 17/03/2006 13:35, File description = NTS, Product Name = Intel Common Base Agent, Product version = 6.12.0.142, Company name = LANDesk Software Ltd. (Copyright © 1997-2004 LANDesk Software Ltd.) |836621743|0x08bcc1705dae063011be66f18071538a|
C:\WINDOWS\system32\WSOCK32.dll, MID = 71ad0000, ("c:\windows\system32\wsock32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 22528, File modification date = 04/08/2004 07:56, File description = Windows Socket 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1850821242|0x53af9f2b2ce4b6eff41c70417359d010|
C:\WINDOWS\system32\WS2_32.dll, MID = 71ab0000, ("c:\windows\system32\ws2_32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 82944, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1757885354|0x2ed0b7f12a60f90092081c50fa0ec2b2|
C:\WINDOWS\system32\WS2HELP.dll, MID = 71aa0000, ("c:\windows\system32\ws2help.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-170042698|0x9beacb911ca61e5881102188ab7fb431|
C:\WINDOWS\system32\MSWSOCK.dll, MID = 71a50000, ("c:\windows\system32\mswsock.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 245248, File modification date = 04/08/2004 07:56, File description = Microsoft Windows Sockets 2.0 Service Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-500132976|0x4e74af063c3271fbea20dd940cfd1184|
C:\WINDOWS\system32\NETAPI32.dll, MID = 5b860000, ("c:\windows\system32\netapi32.dll") File version = 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), File size = 332288, File modification date = 17/08/2006 12:28, File description = Net Win32 API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2976, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |640979505|0x35a4c61b5a9ae04e73843fb21f9a1137|
C:\WINDOWS\system32\PDS.DLL, MID = 50270000, ("c:\windows\system32\pds.dll") File version = 6.12.0.142 E, File size = 83752, File modification date = 17/03/2006 13:35, File description = PDS API, Product Name = Intel Common Base Agent, Product version = 6.12.0.142, Company name = LANDesk Software Ltd. (Copyright © 1997-2004 LANDesk Software Ltd.) |1003701011|0x76b7adfbb6d94ae44db699344c32880a|
C:\WINDOWS\system32\MPR.dll, MID = 71b20000, ("c:\windows\system32\mpr.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 59904, File modification date = 04/08/2004 07:56, File description = Multiple Provider Router DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1996326639|0x2cfe80aa3428c09e6de67fac50da65cf|
C:\Program Files\Symantec AntiVirus\NAVLU.dll, MID = 65ef0000, ("c:\program files\symantec antivirus\navlu.dll") File version = 10.2.0.224, File size = 52424, File modification date = 14/10/2006 14:02, File description = Symantec AntiVirus, Product Name = Symantec AntiVirus, Product version = 10.2.0.224, Company name = Symantec Corporation (Copyright 1991 - 2006 Symantec Corporation. All rights reserved.) |572376330|0xbece1d3cb0e8b142a3274bf2645e46f6|
C:\WINDOWS\system32\MFC71.DLL, MID = 7c140000, ("c:\windows\system32\mfc71.dll") File version = 7.10.3077.0, File size = 1060864, File modification date = 19/03/2003 04:20, File description = MFCDLL Shared Library - Retail Version, Product Name = Microsoft® Visual Studio .NET, Product version = 7.10.3077.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751878168|0xf35a584e947a5b401feb0fe01db4a0d7|
C:\WINDOWS\system32\SHELL32.dll, MID = 7c9c0000, ("c:\windows\system32\shell32.dll") File version = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245), File size = 8460288, File modification date = 26/10/2007 03:34, File description = Windows Shell Common Dll, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3241, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1265059713|0x3be4c2e84d99889685fe2b68e5fa2a9d|
C:\WINDOWS\system32\PSAPI.DLL, MID = 76bf0000, ("c:\windows\system32\psapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 23040, File modification date = 04/08/2004 07:56, File description = Process Status Helper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1750840696|0x96e48c7eb9089d1dbf6f85ca11b264df|
C:\WINDOWS\system32\USERENV.dll, MID = 769c0000, ("c:\windows\system32\userenv.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 723456, File modification date = 04/08/2004 07:56, File description = Userenv, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-59535776|0x2b9b56a89a8a42e917511972a6db36e3|
C:\WINDOWS\system32\iphlpapi.dll, MID = 76d60000, ("c:\windows\system32\iphlpapi.dll") File version = 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), File size = 94720, File modification date = 19/05/2006 12:59, File description = IP Helper API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2912, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |858262452|0x011eacf9153ef90e6cbce2987acae411|
C:\WINDOWS\system32\ACTIVEDS.dll, MID = 77cc0000, ("c:\windows\system32\activeds.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 194048, File modification date = 04/08/2004 07:56, File description = ADs Router Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1367841023|0x875d770f477e0ae0088be1810d537b23|
C:\WINDOWS\system32\adsldpc.dll, MID = 76e10000, ("c:\windows\system32\adsldpc.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 143360, File modification date = 04/08/2004 07:56, File description = ADs LDAP Provider C DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-407021944|0x12a581ca44e53b09d24c5b94f252c78d|
C:\WINDOWS\system32\WLDAP32.dll, MID = 76f60000, ("c:\windows\system32\wldap32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 172032, File modification date = 04/08/2004 07:56, File description = Win32 LDAP API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1605268905|0x10f36fa092d7a309a0647fcdc764ae6c|
C:\WINDOWS\system32\ATL.DLL, MID = 76b20000, ("c:\windows\system32\atl.dll") File version = 3.05.2284, File size = 58880, File modification date = 04/08/2004 07:56, File description = ATL Module for Windows XP (Unicode), Product Name = Microsoft (R) Visual C++, Product version = 6.05.2284, Company name = Microsoft Corporation (Copyright © Microsoft Corp.) |-391632475|0x2d40edb9bf811590dad7406dec67b926|
C:\WINDOWS\system32\Secur32.dll, MID = 77fe0000, ("c:\windows\system32\secur32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 55808, File modification date = 04/08/2004 07:56, File description = Security Support Provider Interface, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1513275479|0x81459cb8e975003ad28b8abb8dfa8329|
C:\WINDOWS\system32\WTSAPI32.dll, MID = 76f50000, ("c:\windows\system32\wtsapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18432, File modification date = 04/08/2004 07:56, File description = Windows Terminal Server SDK APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-593757918|0x67f2d109ab373feceb819f420db11f03|
C:\WINDOWS\system32\WINSTA.dll, MID = 76360000, ("c:\windows\system32\winsta.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 53760, File modification date = 04/08/2004 07:56, File description = Winstation Library, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1778901481|0x7bc4ba4c33adf3ef5cd370d99bc60b04|
C:\WINDOWS\system32\IMM32.DLL, MID = 76390000, ("c:\windows\system32\imm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 110080, File modification date = 04/08/2004 07:56, File description = Windows XP IMM32 API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-43671331|0x87ca7ce6469577f059297b9d6556d66d|
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll, MID = 773d0000, ("c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll") File version = 6.0 (xpsp.060825-0040), File size = 1054208, File modification date = 25/08/2006 15:45, File description = User Experience Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1490442124|0xc4e80875c1cf1222fc5efd0314ae5c01|
C:\WINDOWS\system32\MFC71ENU.DLL, MID = 5d360000, ("c:\windows\system32\mfc71enu.dll") File version = 7.10.3077.0, File size = 57344, File modification date = 19/03/2003 03:44, File description = MFC Language Specific Resources, Product Name = Microsoft® Visual Studio .NET, Product version = 7.10.3077.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |797837115|0xbaf751e7061ff626aa60f56d1d5d1fdc|
C:\Program Files\Common Files\Symantec Shared\ccL60.dll, MID = 6aa00000, ("c:\program files\common files\symantec shared\ccl60.dll") File version = 106.1.0.17, File size = 423016, File modification date = 14/10/2006 04:55, File description = Symantec Library, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |-1770514684|0x4692ed4cbc710cb0351b378525307bfe|
C:\WINDOWS\system32\xpsp2res.dll, MID = 20000000, ("c:\windows\system32\xpsp2res.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 2897920, File modification date = 04/08/2004 07:56, File description = Service Pack 2 Messages, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |649549229|0x1320aea7057a26a671d9548cc7bebda5|
C:\WINDOWS\system32\CLBCATQ.DLL, MID = 76fd0000, ("c:\windows\system32\clbcatq.dll") File version = 2001.12.4414.308, File size = 498688, File modification date = 26/07/2005 04:39, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |-1645411569|0xec8a848fc4f17f3b3d9da4a0c43fb930|
C:\WINDOWS\system32\COMRes.dll, MID = 77050000, ("c:\windows\system32\comres.dll") File version = 2001.12.4414.258, File size = 792064, File modification date = 04/08/2004 07:56, File description = (null), Product Name = COM Services, Product version = 03.00.00.4414, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1995-1999) |1511175330|0x6728270cb7dbb776ed086f5ac4c82310|
C:\WINDOWS\system32\msi.dll, MID = 7d1e0000, ("c:\windows\system32\msi.dll") File version = 3.1.4000.4039, File size = 2854400, File modification date = 18/04/2007 16:12, File description = Windows Installer, Product Name = Windows Installer - Unicode, Product version = 3.1.4000.4039, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |362880996|0x892f4bc54d486feb4df03e4e2ecb14e0|
C:\Program Files\Symantec AntiVirus\NAVNTUTL.DLL, MID = 65ee0000, ("c:\program files\symantec antivirus\navntutl.dll") File version = 10.2.0.224, File size = 54472, File modification date = 14/10/2006 14:02, File description = Symantec AntiVirus, Product Name = Symantec AntiVirus, Product version = 10.2.0.224, Company name = Symantec Corporation (Copyright 1991 - 2006 Symantec Corporation. All rights reserved.) |-1292028347|0xafcbe3665359be853d81de1dfffa902b|
C:\WINDOWS\system32\SFC.DLL, MID = 76bb0000, ("c:\windows\system32\sfc.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 5120, File modification date = 04/08/2004 07:56, File description = Windows File Protection, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1292590664|0xe8a12a12ea9088b4327d49edca3add3e|
C:\WINDOWS\system32\sfc_os.dll, MID = 76c60000, ("c:\windows\system32\sfc_os.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 140288, File modification date = 04/08/2004 07:56, File description = Windows File Protection, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |988450403|0x9858cc4d73a4ccf2f852fae07c11a0b5|
C:\WINDOWS\system32\WINTRUST.dll, MID = 76c30000, ("c:\windows\system32\wintrust.dll") File version = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 176640, File modification date = 04/08/2004 07:56, File description = Microsoft Trust Verification APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.131.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1999501123|0xb015a20c60d2a751777a9c8207a7ba82|
C:\WINDOWS\system32\CRYPT32.dll, MID = 77a80000, ("c:\windows\system32\crypt32.dll") File version = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 597504, File modification date = 04/08/2004 07:56, File description = Crypto API32, Product Name = Microsoft® Windows® Operating System, Product version = 5.131.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1759588438|0xefc958396a7a7ef7e6d4a52b97512e18|
C:\WINDOWS\system32\MSASN1.dll, MID = 77b20000, ("c:\windows\system32\msasn1.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 57344, File modification date = 04/08/2004 07:56, File description = ASN.1 Runtime APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-720210377|0x3cd1ce106ca2a9b4cc626d7df03fbd6f|
C:\WINDOWS\system32\IMAGEHLP.dll, MID = 76c90000, ("c:\windows\system32\imagehlp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 144384, File modification date = 04/08/2004 07:56, File description = Windows NT Image Helper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1900703932|0x5afce94e8286b2f57a04da37f01bf21a|
C:\WINDOWS\System32\wbem\wbemprox.dll, MID = 74ef0000, ("c:\windows\system32\wbem\wbemprox.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18944, File modification date = 04/08/2004 07:56, File description = WMI, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |2052606251|0x851547797c2a7f8a04841644c471a567|
C:\WINDOWS\System32\wbem\wbemcomn.dll, MID = 75290000, ("c:\windows\system32\wbem\wbemcomn.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 214528, File modification date = 04/08/2004 07:56, File description = WMI, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-522981804|0x4e39c36213e95fb971a61a247bde2f61|
C:\WINDOWS\system32\SXS.DLL, MID = 75e90000, ("c:\windows\system32\sxs.dll") File version = 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414), File size = 713216, File modification date = 19/10/2006 13:56, File description = Fusion 2.5, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3019, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |641248419|0x0ff9fa27706fbe9048990c108c0d62f0|
C:\WINDOWS\system32\msv1_0.dll, MID = 77c70000, ("c:\windows\system32\msv1_0.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 129536, File modification date = 04/08/2004 07:56, File description = Microsoft Authentication Package v1.0, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1862327760|0x77c41f9146450c89534704a75836ce56|
C:\WINDOWS\System32\wbem\wbemsvc.dll, MID = 74ed0000, ("c:\windows\system32\wbem\wbemsvc.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 43520, File modification date = 04/08/2004 07:56, File description = WMI, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-374954112|0x7d676ac8cc19341117c77c261647ba07|
C:\WINDOWS\System32\wbem\fastprox.dll, MID = 75690000, ("c:\windows\system32\wbem\fastprox.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 472064, File modification date = 04/08/2004 07:56, File description = WMI, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1676948429|0xc28500101bc66fdabd830f8de51a59a0|
C:\WINDOWS\system32\MSVCP60.dll, MID = 76080000, ("c:\windows\system32\msvcp60.dll") File version = 6.02.3104.0, File size = 413696, File modification date = 04/08/2004 07:56, File description = Microsoft (R) C++ Runtime Library, Product Name = Microsoft (R) Visual C++, Product version = 6.02.3104.0, Company name = Microsoft Corporation (Copyright (C) Microsoft Corp. 1981-1998) |-817830461|0x1f57eb5b92b2ac7f9d71a77d184d8c13|
C:\WINDOWS\system32\NTDSAPI.dll, MID = 767a0000, ("c:\windows\system32\ntdsapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 67072, File modification date = 04/08/2004 07:56, File description = NT5DS, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-639436442|0x6201bacf384292a5fe94ce73364ae53a|
C:\WINDOWS\system32\DNSAPI.dll, MID = 76f20000, ("c:\windows\system32\dnsapi.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 148992, File modification date = 20/02/2008 05:32, File description = DNS Client API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-373327215|0x4ff71085babae623f3fee11e1f86d9cd|
C:\WINDOWS\system32\rsaenh.dll, MID = ffd0000, ("c:\windows\system32\rsaenh.dll") File version = 5.1.2600.2161 (xpsp.040706-1629), File size = 152576, File modification date = 04/08/2004 05:31, File description = Microsoft Enhanced Cryptographic Provider, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2161, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1510428990|0x26acbd865f8cff730f1791c4d0854352|
C:\WINDOWS\system32\uxtheme.dll, MID = 5ad70000, ("c:\windows\system32\uxtheme.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 218624, File modification date = 04/08/2004 07:56, File description = Microsoft UxTheme Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1521061666|0x2cde496666a975a2ce8f969f3042c8db|
C:\WINDOWS\system32\shfolder.dll, MID = 76780000, ("c:\windows\system32\shfolder.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 25088, File modification date = 04/08/2004 07:56, File description = Shell Folder Service, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |784816171|0x7c8f371c924daa376217e553378275ba|
c:\program files\common files\symantec shared\ssc\ScsComms.dll, MID = 65a40000, ("c:\program files\common files\symantec shared\ssc\scscomms.dll") File version = 10.2.0.224, File size = 1030344, File modification date = 14/10/2006 14:03, File description = Symantec Client Security Management Communications, Product Name = Symantec AntiVirus, Product version = 10.2.0.224, Company name = Symantec Corporation (Copyright 1991 - 2006 Symantec Corporation. All rights reserved.) |944673408|0xaa75e52dfe09bd6bed90c26c7e2ea84e|
C:\Program Files\Symantec AntiVirus\I2ldvp3.dll, MID = 65f50000, ("c:\program files\symantec antivirus\i2ldvp3.dll") File version = 10.2.0.224, File size = 138952, File modification date = 14/10/2006 14:02, File description = Symantec AntiVirus, Product Name = Symantec AntiVirus, Product version = 10.2.0.224, Company name = Symantec Corporation (Copyright 1991 - 2006 Symantec Corporation. All rights reserved.) |-1975341932|0x7de755cd4de25839d049a53938443b1f|
C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll, MID = 6b770000, ("c:\program files\common files\symantec shared\ccvrtrst.dll") File version = 106.1.0.17, File size = 128616, File modification date = 14/10/2006 04:44, File description = Symantec Trust Validation Engine, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |1494585096|0x93a994b0d92a26b31aa1a8016b0004ca|
C:\Program Files\Common Files\Symantec Shared\ccL60U.dll, MID = 6ae70000, ("c:\program files\common files\symantec shared\ccl60u.dll") File version = 106.1.0.17, File size = 532584, File modification date = 14/10/2006 04:55, File description = Symantec Library, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |-870783237|0x6a8c0e3e30e271c8be790c13df720572|
C:\WINDOWS\system32\SETUPAPI.dll, MID = 77920000, ("c:\windows\system32\setupapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 983552, File modification date = 04/08/2004 07:56, File description = Windows Setup API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |598744909|0x7808313cbc634ee08346d5ddfef1cc5f|
C:\Program Files\Common Files\Symantec Shared\ccDec.dll, MID = 6ac90000, ("c:\program files\common files\symantec shared\ccdec.dll") File version = 106.1.0.17, File size = 132712, File modification date = 14/10/2006 04:43, File description = Symantec Decomposer Engine, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |1038426320|0xcae5378dc561d65588cf89868d0e4433|
C:\Program Files\Common Files\Symantec Shared\Decomposers\decsdk.dll, MID = 69890000, ("c:\program files\common files\symantec shared\decomposers\decsdk.dll") File version = 3.02.14.12, File size = 63128, File modification date = 14/04/2006 21:17, File description = File Decomposer Component, Product Name = File Decomposer, Product version = 3.02.14.12, Company name = Symantec Corporation (Copyright 2001 Symantec Corporation.) |2039316393|0x95cc19fafd7e11e4cf541f7e6e96e6ca|
C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2.dll, MID = 69ae0000, ("c:\program files\common files\symantec shared\decomposers\dec2.dll") File version = 3.02.14.12, File size = 91800, File modification date = 14/04/2006 21:17, File description = File Decomposer Component, Product Name = File Decomposer, Product version = 3.02.14.12, Company name = Symantec Corporation (Copyright 2001 Symantec Corporation.) |2129297122|0x6c8ba448e07ba2556e3ab1fbf580f39c|
C:\WINDOWS\system32\WININET.dll, MID = 42c10000, ("c:\windows\system32\wininet.dll") File version = 7.00.6000.16640 (vista_gdr.080213-1606), File size = 826368, File modification date = 01/03/2008 13:06, File description = Internet Extensions for Win32, Product Name = Windows® Internet Explorer, Product version = 7.00.6000.16640, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1720921237|0xad21461aef8244edec2ef18e55e1dcf3|
C:\WINDOWS\system32\Normaliz.dll, MID = 12a0000, ("c:\windows\system32\normaliz.dll") File version = 6.0.5441.0 (winmain(wmbla).060628-1735), File size = 23552, File modification date = 29/06/2006 16:05, File description = Unicode Normalization DLL, Product Name = Microsoft® Windows® Operating System, Product version = 6.0.5441.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-2140978042|0x10753a3adc3e39a3b10cc3f08e98e6b4|
C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ID.dll, MID = 69a10000, ("c:\program files\common files\symantec shared\decomposers\dec2id.dll") File version = 3.02.14.12, File size = 59032, File modification date = 14/04/2006 21:17, File description = File Decomposer Component, Product Name = File Decomposer, Product version = 3.02.14.12, Company name = Symantec Corporation (Copyright 2001 Symantec Corporation.) |554654921|0x24847bf62900628a84c732661a3d4e1f|
C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Zip.dll, MID = 698a0000, ("c:\program files\common files\symantec shared\decomposers\dec2zip.dll") File version = 3.02.14.12, File size = 243352, File modification date = 14/04/2006 21:17, File description = File Decomposer Component, Product Name = File Decomposer, Product version = 3.02.14.12, Company name = Symantec Corporation (Copyright 2001 Symantec Corporation.) |1299968833|0x33327d81146989ff2648a36b22c0d1ab|
C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2SS.dll, MID = 69950000, ("c:\program files\common files\symantec shared\decomposers\dec2ss.dll") File version = 3.02.14.12, File size = 95896, File modification date = 14/04/2006 21:17, File description = File Decomposer Component, Product Name = File Decomposer, Product version = 3.02.14.12, Company name = Symantec Corporation (Copyright 2001 Symantec Corporation.) |1501564218|0x6387d6d25931f41e02dd7da789e9f75c|
C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2GZIP.dll, MID = 69a20000, ("c:\program files\common files\symantec shared\decomposers\dec2gzip.dll") File version = 3.02.14.12, File size = 99992, File modification date = 14/04/2006 21:17, File description = File Decomposer Component, Product Name = File Decomposer, Product version = 3.02.14.12, Company name = Symantec Corporation (Copyright 2001 Symantec Corporation.) |740352770|0xb44a523e82340dbe8b054e8aa564ac87|
C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2CAB.dll, MID = 69a80000, ("c:\program files\common files\symantec shared\decomposers\dec2cab.dll") File version = 3.02.14.12, File size = 79512, File modification date = 14/04/2006 21:17, File description = File Decomposer Component, Product Name = File Decomposer, Product version = 3.02.14.12, Company name = Symantec Corporation (Copyright 2001 Symantec Corporation.) |829735125|0x747aef6069c859b0f0c17a89ded7f131|
C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LHA.dll, MID = 699f0000, ("c:\program files\common files\symantec shared\decomposers\dec2lha.dll") File version = 3.02.14.12, File size = 95896, File modification date = 14/04/2006 21:17, File description = File Decomposer Component, Product Name = File Decomposer, Product version = 3.02.14.12, Company name = Symantec Corporation (Copyright 2001 Symantec Corporation.) |1520374538|0xb39a0b0d813290a3426cbe9992dce094|
C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ARJ.dll, MID = 69ab0000, ("c:\program files\common files\symantec shared\decomposers\dec2arj.dll") File version = 3.02.14.12, File size = 67224, File modification date = 14/04/2006 21:17, File description = File Decomposer Component, Product Name = File Decomposer, Product version = 3.02.14.12, Company name = Symantec Corporation (Copyright 2001 Symantec Corporation.) |1001206709|0xe0b5f807724822d109aa75e6664ec8ae|
C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TNEF.dll, MID = 698e0000, ("c:\program files\common files\symantec shared\decomposers\dec2tnef.dll") File version = 3.02.14.12, File size = 91800, File modification date = 14/04/2006 21:17, File description = File Decomposer Component, Product Name = File Decomposer, Product version = 3.02.14.12, Company name = Symantec Corporation (Copyright 2001 Symantec Corporation.) |-749588305|0x167bce4527c381b1963d54b6f5872a29|
C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LZ.dll, MID = 699e0000, ("c:\program files\common files\symantec shared\decomposers\dec2lz.dll") File version = 3.02.14.12, File size = 63128, File modification date = 14/04/2006 21:17, File description = File Decomposer Component, Product Name = File Decomposer, Product version = 3.02.14.12, Company name = Symantec Corporation (Copyright 2001 Symantec Corporation.) |-138331937|0x54afd13b875087f4c9a845341f999811|
C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2AMG.dll, MID = 69ac0000, ("c:\program files\common files\symantec shared\decomposers\dec2amg.dll") File version = 3.02.14.12, File size = 120472, File modification date = 14/04/2006 21:17, File description = File Decomposer Component, Product Name = File Decomposer, Product version = 3.02.14.12, Company name = Symantec Corporation (Copyright 2001 Symantec Corporation.) |-1650599314|0xe8237b71f5ea82ff56b7cb539c14d200|
C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RAR.dll, MID = 69990000, ("c:\program files\common files\symantec shared\decomposers\dec2rar.dll") File version = 3.02.14.12, File size = 140952, File modification date = 14/04/2006 21:17, File description = File Decomposer Component, Product Name = File Decomposer, Product version = 3.02.14.12, Company name = Symantec Corporation (Copyright 2001 Symantec Corporation.) |-1056176535|0xc796e68c0ee027e5ce2019a62428f92c|
C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TAR.dll, MID = 69940000, ("c:\program files\common files\symantec shared\decomposers\dec2tar.dll") File version = 3.02.14.12, File size = 67224, File modification date = 14/04/2006 21:17, File description = File Decomposer Component, Product Name = File Decomposer, Product version = 3.02.14.12, Company name = Symantec Corporation (Copyright 2001 Symantec Corporation.) |-315526363|0x51ef645643e991bbf976009cdd0cedba|
C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RTF.dll, MID = 69970000, ("c:\program files\common files\symantec shared\decomposers\dec2rtf.dll") File version = 3.02.14.12, File size = 83608, File modification date = 14/04/2006 21:17, File description = File Decomposer Component, Product Name = File Decomposer, Product version = 3.02.14.12, Company name = Symantec Corporation (Copyright 2001 Symantec Corporation.) |1332633455|0xa08217a5c0dc2599adcccd04657d38d6|
C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Text.dll, MID = 69900000, ("c:\program files\common files\symantec shared\decomposers\dec2text.dll") File version = 3.02.14.12, File size = 247448, File modification date = 14/04/2006 21:17, File description = File Decomposer Component, Product Name = File Decomposer, Product version = 3.02.14.12, Company name = Symantec Corporation (Copyright 2001 Symantec Corporation.) |-1562151131|0x41cccaff9a9aa11d2c1fc8a1f8210ee6|
C:\Program Files\Common Files\Symantec Shared\ccScan.dll, MID = 6b310000, ("c:\program files\common files\symantec shared\ccscan.dll") File version = 106.1.0.17, File size = 252520, File modification date = 14/10/2006 04:44, File description = Symantec Scan Engine, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |-518095214|0x7424b487d2027291b7afbecccd85733d|
C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL, MID = 69000000, ("c:\program files\common files\symantec shared\ecmldr32.dll") File version = 61.3.0.17, File size = 43176, File modification date = 09/08/2006 01:16, File description = Symantec Engine Common Object Model Loader, Product Name = ECOM Loader, Product version = 61.3.0.17, Company name = Symantec Corporation (Copyright (C) 1991-2006 Symantec Corporation.) |-1963472233|0x25d7a040a493ab91052f9170d4db80d4|
C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20080413.003\ccEraser.dll, MID = 6d300000, ("c:\program files\common files\symantec shared\virusdefs\20080413.003\cceraser.dll") File version = 107.4.1.2, File size = 2561072, File modification date = 18/01/2008 09:00, File description = Symantec Eraser Engine, Product Name = ERASER ENGINE, Product version = 107.4.1.2, Company name = Symantec Corporation (Copyright (c) 2000-2007 Symantec Corporation. All rights reserved.) |-786408633|0xede4ee1f3f84923db6c5a117ddb9ab89|
C:\WINDOWS\System32\winrnr.dll, MID = 76fb0000, ("c:\windows\system32\winrnr.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 16896, File modification date = 04/08/2004 07:56, File description = LDAP RnR Provider DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-199904513|0x2c8fdb176f22629ea5342db474fac391|
C:\WINDOWS\system32\rasadhlp.dll, MID = 76fc0000, ("c:\windows\system32\rasadhlp.dll") File version = 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020), File size = 8192, File modification date = 26/06/2006 17:37, File description = Remote Access AutoDial Helper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2938, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-27266821|0x5f098bd2ae6b03044b085decffdf91ec|
C:\WINDOWS\system32\hnetcfg.dll, MID = 662b0000, ("c:\windows\system32\hnetcfg.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 344064, File modification date = 04/08/2004 07:56, File description = Home Networking Configuration Manager, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1827756751|0x765b30c776a1780b46b479fe614f707c|
C:\WINDOWS\System32\wshtcpip.dll, MID = 71a90000, ("c:\windows\system32\wshtcpip.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Sockets Helper DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1198735131|0xa7f95a53ee055115df03588997a47d4d|
C:\Program Files\Symantec AntiVirus\DefUtDCD.dll, MID = 2260000, ("c:\program files\symantec antivirus\defutdcd.dll") File version = 3.2.10.0, File size = 636592, File modification date = 15/07/2006 01:39, File description = Symantec Definition Utilities, Product Name = Symantec Definition Utilities, Product version = 3.2.10.0, Company name = Symantec Corporation (Copyright (C) 2006, Symantec Corporation) |-802987826|0x7df281b808b9eee4761b2babea0d9995|
C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20080413.003\ecmsvr32.dll, MID = 69040000, ("c:\program files\common files\symantec shared\virusdefs\20080413.003\ecmsvr32.dll") File version = 71.4.0.15, File size = 284016, File modification date = 15/01/2008 09:00, File description = Symantec Engine Common Object Model Server, Product Name = ECOM Server, Product version = 71.4.0.15, Company name = Symantec Corporation (Copyright (C) 1991-2006 Symantec Corporation.) |1397811993|0x2da3b48e5160436df1c61683f03791da|
C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20080413.003\NAVEX32a.DLL, MID = 69100000, ("c:\program files\common files\symantec shared\virusdefs\20080413.003\navex32a.dll") File version = 20071.4.3.10, File size = 943472, File modification date = 05/03/2008 09:00, File description = AV Engine, Product Name = Symantec Antivirus Engine, Product version = 20071.4.3.10, Company name = Symantec Corporation (Copyright (C) 1991-2007 Symantec Corporation.) |1678015844|0xcd15dab7fa0729240fe69f66ef6baf7d|
C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20080413.003\NAVENG32.DLL, MID = 692c0000, ("c:\program files\common files\symantec shared\virusdefs\20080413.003\naveng32.dll") File version = 20071.4.3.10, File size = 128368, File modification date = 05/03/2008 09:00, File description = AV Engine, Product Name = Symantec Antivirus Engine, Product version = 20071.4.3.10, Company name = Symantec Corporation (Copyright (C) 1991-2007 Symantec Corporation.) |-1878244157|0xe4a8246045bc60a769b49cfd6c944af2|
C:\Program Files\Common Files\Symantec Shared\SRTSP\SRTSP32.DLL, MID = 6f9d0000, ("c:\program files\common files\symantec shared\srtsp\srtsp32.dll") File version = 10.1.0.13, File size = 743032, File modification date = 12/10/2006 04:29, File description = Symantec AutoProtect, Product Name = AutoProtect, Product version = 10.1, Company name = Symantec Corporation (Copyright (c) 2006 Symantec Corporation) |-196204172|0xc12b45771a8b2824c3079b628eec2fb6|
C:\Program Files\Common Files\Symantec Shared\ccProSub.dll, MID = 6b300000, ("c:\program files\common files\symantec shared\ccprosub.dll") File version = 106.1.0.17, File size = 63080, File modification date = 14/10/2006 04:44, File description = Symantec Proxy Factory, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |1315369879|0x139cbd03e8cffdb9d2595f4dd385fb6b|
C:\PROGRA~1\COMMON~1\SYMANT~1\ccEvtCli.dll, MID = 6ad60000, ("c:\program files\common files\symantec shared\ccevtcli.dll") File version = 106.1.0.17, File size = 206440, File modification date = 14/10/2006 04:44, File description = Symantec Event Manager Client Side Interface, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |-1341575089|0x57b5e9f9e601d03ac9824ddc8e4876f8|
C:\Program Files\Common Files\Symantec Shared\ccSvc.dll, MID = 6b4f0000, ("c:\program files\common files\symantec shared\ccsvc.dll") File version = 106.1.0.17, File size = 296552, File modification date = 14/10/2006 04:44, File description = Symantec ccService Engine, Product Name = Symantec Security Technologies, Product version = 106.1.0.17, Company name = Symantec Corporation (Copyright (c) 2000-2006 Symantec Corporation. All rights reserved.) |1853844957|0x3dce6109ce5ca8524e0b8a0aecd422b1|
C:\Program Files\Symantec AntiVirus\IMail.dll, MID = 65f00000, ("c:\program files\symantec antivirus\imail.dll") File version = 10.2.0.224, File size = 291016, File modification date = 14/10/2006 14:02, File description = Symantec AntiVirus, Product Name = Symantec AntiVirus, Product version = 10.2.0.224, Company name = Symantec Corporation (Copyright 1991 - 2006 Symantec Corporation. All rights reserved.) |-1088749352|0x07bf569d4087526259465e27cc918871|
C:\Program Files\Symantec AntiVirus\NotesExt.dll, MID = 65eb0000, ("c:\program files\symantec antivirus\notesext.dll") File version = 10.2.0.224, File size = 36552, File modification date = 14/10/2006 14:02, File description = Symantec AntiVirus, Product Name = Symantec AntiVirus, Product version = 10.2.0.224, Company name = Symantec Corporation (Copyright 1991 - 2006 Symantec Corporation. All rights reserved.) |-1102254935|0x3a99096a1c344e71c3770412316705b6|
C:\Program Files\Symantec AntiVirus\vpmsece4.dll, MID = 65940000, ("c:\program files\symantec antivirus\vpmsece4.dll") File version = 10.2.0.224, File size = 68296, File modification date = 14/10/2006 14:03, File description = Symantec AntiVirus, Product Name = Symantec AntiVirus, Product version = 10.2.0.224, Company name = Symantec Corporation (Copyright 1991 - 2006 Symantec Corporation. All rights reserved.) |-1282271071|0x72ca059f9d100991641d2b0ccc16c32c|
C:\Program Files\Symantec AntiVirus\SymProtectStorage.dll, MID = 659d0000, ("c:\program files\symantec antivirus\symprotectstorage.dll") File version = 10.2.0.224, File size = 269512, File modification date = 14/10/2006 14:03, File description = Symantec AntiVirus, Product Name = Symantec AntiVirus, Product version = 10.2.0.224, Company name = Symantec Corporation (Copyright 1991 - 2006 Symantec Corporation. All rights reserved.) |1243557187|0xaa018fe8dcdad637fc33876d5cc13bfc|
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCEvt.dll, MID = 69500000, ("c:\program files\common files\symantec shared\spbbc\spbbcevt.dll") File version = 3.1.0.17, File size = 1537624, File modification date = 14/10/2006 04:38, File description = SPBBC Events, Product Name = SPBBC, Product version = 3.1.0.17, Company name = Symantec Corporation (Copyright (c) 2004, 2005 Symantec Corporation. All rights reserved.) |-1042221886|0x144c5798b97d261c2517534f69b9f903|

PROCESS ViewpointService, PID = 2072, USER = NT AUTHORITY\SYSTEM (Group - BUILTIN\Administrators, Everyone, NT AUTHORITY\Authenticated Users), Command Line = "C:\Program Files\Viewpoint\Common\ViewpointService.exe"
"c:\program files\viewpoint\common\viewpointservice.exe" File version = 2, 0, 0, 54, File size = 24652, File modification date = 04/01/2007 21:38, File description = ViewMgr, Product Name = Viewpoint Manager, Product version = 2, 0, 0, 54, Company name = Viewpoint Corporation (Copyright © 2004) |2005964741|0x5f974fde801c73952770736becde11e7|
C:\Program Files\Viewpoint\Common\ViewpointService.exe, MID = 400000, ("c:\program files\viewpoint\common\viewpointservice.exe") File version = 2, 0, 0, 54, File size = 24652, File modification date = 04/01/2007 21:38, File description = ViewMgr, Product Name = Viewpoint Manager, Product version = 2, 0, 0, 54, Company name = Viewpoint Corporation (Copyright © 2004) |2005964741|0x5f974fde801c73952770736becde11e7|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|
C:\WINDOWS\system32\kernel32.dll, MID = 7c800000, ("c:\windows\system32\kernel32.dll") File version = 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301), File size = 984576, File modification date = 16/04/2007 15:52, File description = Windows NT BASE API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3119, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751812395|0xa01f9ca902a88f7ced06884174d6419d|
C:\WINDOWS\system32\USER32.dll, MID = 7e410000, ("c:\windows\system32\user32.dll") File version = 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), File size = 577536, File modification date = 08/03/2007 15:36, File description = Windows XP USER API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3099, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-550357050|0xb409909f6e2e8a7067076ed748abf1e7|
C:\WINDOWS\system32\GDI32.dll, MID = 77f10000, ("c:\windows\system32\gdi32.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 282624, File modification date = 20/02/2008 06:51, File description = GDI Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |404757280|0x011fc443e31e3d51b238564bc499b9b1|
C:\WINDOWS\system32\ADVAPI32.dll, MID = 77dd0000, ("c:\windows\system32\advapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 616960, File modification date = 04/08/2004 07:56, File description = Advanced Windows 32 Base API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1585065738|0x1aff244ca134956c54474f4e2433e4ce|
C:\WINDOWS\system32\RPCRT4.dll, MID = 77e70000, ("c:\windows\system32\rpcrt4.dll") File version = 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052), File size = 582656, File modification date = 09/07/2007 13:16, File description = Remote Procedure Call Runtime, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3173, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |862413953|0xec9d7fd24172c1879e7673f654e55cec|
C:\WINDOWS\system32\SHELL32.dll, MID = 7c9c0000, ("c:\windows\system32\shell32.dll") File version = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245), File size = 8460288, File modification date = 26/10/2007 03:34, File description = Windows Shell Common Dll, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3241, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1265059713|0x3be4c2e84d99889685fe2b68e5fa2a9d|
C:\WINDOWS\system32\msvcrt.dll, MID = 77c10000, ("c:\windows\system32\msvcrt.dll") File version = 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 343040, File modification date = 04/08/2004 07:56, File description = Windows NT CRT DLL, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1385742533|0xb0fefa816d61ec66aa765ddf534eab5e|
C:\WINDOWS\system32\SHLWAPI.dll, MID = 77f60000, ("c:\windows\system32\shlwapi.dll") File version = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040), File size = 474112, File modification date = 04/01/2007 14:05, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3059, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |360429776|0x7ffe0d795f7138a5487fc90a8ec121e1|
C:\WINDOWS\system32\ole32.dll, MID = 774e0000, ("c:\windows\system32\ole32.dll") File version = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), File size = 1285120, File modification date = 26/07/2005 04:39, File description = Microsoft OLE for Windows, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2726, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1389208961|0xab8231d13692ac5088eb9c226b0c0576|
C:\WINDOWS\system32\OLEAUT32.dll, MID = 77120000, ("c:\windows\system32\oleaut32.dll") File version = 5.1.2600.3266, File size = 550912, File modification date = 04/12/2007 18:38, File description = (null), Product Name = (null), Product version = 5.1.2600.3266, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-2001.) |409301632|0x0144abc4c4a624b583d432ee478a711c|
C:\WINDOWS\system32\ATL.DLL, MID = 76b20000, ("c:\windows\system32\atl.dll") File version = 3.05.2284, File size = 58880, File modification date = 04/08/2004 07:56, File description = ATL Module for Windows XP (Unicode), Product Name = Microsoft (R) Visual C++, Product version = 6.05.2284, Company name = Microsoft Corporation (Copyright © Microsoft Corp.) |-391632475|0x2d40edb9bf811590dad7406dec67b926|
C:\WINDOWS\system32\IMM32.DLL, MID = 76390000, ("c:\windows\system32\imm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 110080, File modification date = 04/08/2004 07:56, File description = Windows XP IMM32 API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-43671331|0x87ca7ce6469577f059297b9d6556d66d|
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll, MID = 773d0000, ("c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll") File version = 6.0 (xpsp.060825-0040), File size = 1054208, File modification date = 25/08/2006 15:45, File description = User Experience Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1490442124|0xc4e80875c1cf1222fc5efd0314ae5c01|
C:\WINDOWS\system32\comctl32.dll, MID = 5d090000, ("c:\windows\system32\comctl32.dll") File version = 5.82 (xpsp.060825-0040), File size = 617472, File modification date = 25/08/2006 15:45, File description = Common Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |590308980|0xb0124cb21d28b1c9f678b566b6b57d92|
C:\WINDOWS\system32\uxtheme.dll, MID = 5ad70000, ("c:\windows\system32\uxtheme.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 218624, File modification date = 04/08/2004 07:56, File description = Microsoft UxTheme Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1521061666|0x2cde496666a975a2ce8f969f3042c8db|
C:\WINDOWS\system32\xpsp2res.dll, MID = 20000000, ("c:\windows\system32\xpsp2res.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 2897920, File modification date = 04/08/2004 07:56, File description = Service Pack 2 Messages, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |649549229|0x1320aea7057a26a671d9548cc7bebda5|
C:\WINDOWS\system32\Apphelp.dll, MID = 77b40000, ("c:\windows\system32\apphelp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 126976, File modification date = 04/08/2004 07:56, File description = Application Compatibility Client Library, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1990618285|0xeca24ab73fcffa754d4070cdb03529e3|

PROCESS SpySweeper, PID = 2220, USER = NT AUTHORITY\SYSTEM (Group - BUILTIN\Administrators, Everyone, NT AUTHORITY\Authenticated Users), Command Line = "c:\program files\viewpoint\common\viewpointservice.exe"
"c:\program files\viewpoint\common\viewpointservice.exe" File version = 2, 0, 0, 54, File size = 24652, File modification date = 04/01/2007 21:38, File description = ViewMgr, Product Name = Viewpoint Manager, Product version = 2, 0, 0, 54, Company name = Viewpoint Corporation (Copyright © 2004) |2005964741|0x5f974fde801c73952770736becde11e7|
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe, MID = 400000, ("c:\program files\webroot\spy sweeper\spysweeper.exe") File version = 3,5,6,114, File size = 3572592, File modification date = 05/01/2008 04:56, File description = Spy Sweeper Engine, Product Name = Spy Sweeper SDK, Product version = 3, 5, Company name = Webroot Software, Inc. (Copyright (C) 2002 - 2007, All Rights Reserved.) |569351305|0x36de9bb8535a25a35f1bd034b9235a44|
C:\WINDOWS\system32\ntdll.dll, MID = 7c900000, ("c:\windows\system32\ntdll.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 708096, File modification date = 04/08/2004 07:56, File description = NT Layer DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1515912336|0xbb5cbffc096497506167bce1d9690ef2|
C:\WINDOWS\system32\kernel32.dll, MID = 7c800000, ("c:\windows\system32\kernel32.dll") File version = 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301), File size = 984576, File modification date = 16/04/2007 15:52, File description = Windows NT BASE API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3119, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |751812395|0xa01f9ca902a88f7ced06884174d6419d|
C:\WINDOWS\system32\oleaut32.dll, MID = 77120000, ("c:\windows\system32\oleaut32.dll") File version = 5.1.2600.3266, File size = 550912, File modification date = 04/12/2007 18:38, File description = (null), Product Name = (null), Product version = 5.1.2600.3266, Company name = Microsoft Corporation (Copyright © Microsoft Corp. 1993-2001.) |409301632|0x0144abc4c4a624b583d432ee478a711c|
C:\WINDOWS\system32\ADVAPI32.dll, MID = 77dd0000, ("c:\windows\system32\advapi32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 616960, File modification date = 04/08/2004 07:56, File description = Advanced Windows 32 Base API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1585065738|0x1aff244ca134956c54474f4e2433e4ce|
C:\WINDOWS\system32\RPCRT4.dll, MID = 77e70000, ("c:\windows\system32\rpcrt4.dll") File version = 5.1.2600.3173 (xpsp_sp2_qfe.070709-0052), File size = 582656, File modification date = 09/07/2007 13:16, File description = Remote Procedure Call Runtime, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3173, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |862413953|0xec9d7fd24172c1879e7673f654e55cec|
C:\WINDOWS\system32\GDI32.dll, MID = 77f10000, ("c:\windows\system32\gdi32.dll") File version = 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), File size = 282624, File modification date = 20/02/2008 06:51, File description = GDI Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3316, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |404757280|0x011fc443e31e3d51b238564bc499b9b1|
C:\WINDOWS\system32\USER32.dll, MID = 7e410000, ("c:\windows\system32\user32.dll") File version = 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), File size = 577536, File modification date = 08/03/2007 15:36, File description = Windows XP USER API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.3099, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-550357050|0xb409909f6e2e8a7067076ed748abf1e7|
C:\WINDOWS\system32\msvcrt.dll, MID = 77c10000, ("c:\windows\system32\msvcrt.dll") File version = 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 343040, File modification date = 04/08/2004 07:56, File description = Windows NT CRT DLL, Product Name = Microsoft® Windows® Operating System, Product version = 7.0.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1385742533|0xb0fefa816d61ec66aa765ddf534eab5e|
C:\WINDOWS\system32\ole32.dll, MID = 774e0000, ("c:\windows\system32\ole32.dll") File version = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), File size = 1285120, File modification date = 26/07/2005 04:39, File description = Microsoft OLE for Windows, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2726, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1389208961|0xab8231d13692ac5088eb9c226b0c0576|
C:\WINDOWS\system32\version.dll, MID = 77c00000, ("c:\windows\system32\version.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 18944, File modification date = 04/08/2004 07:56, File description = Version Checking and File Installation Libraries, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-807126597|0xd38408967be738d0c1b47005bce8ceeb|
C:\WINDOWS\system32\mpr.dll, MID = 71b20000, ("c:\windows\system32\mpr.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 59904, File modification date = 04/08/2004 07:56, File description = Multiple Provider Router DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1996326639|0x2cfe80aa3428c09e6de67fac50da65cf|
C:\WINDOWS\system32\comctl32.dll, MID = 5d090000, ("c:\windows\system32\comctl32.dll") File version = 5.82 (xpsp.060825-0040), File size = 617472, File modification date = 25/08/2006 15:45, File description = Common Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |590308980|0xb0124cb21d28b1c9f678b566b6b57d92|
C:\WINDOWS\system32\wininet.dll, MID = 42c10000, ("c:\windows\system32\wininet.dll") File version = 7.00.6000.16640 (vista_gdr.080213-1606), File size = 826368, File modification date = 01/03/2008 13:06, File description = Internet Extensions for Win32, Product Name = Windows® Internet Explorer, Product version = 7.00.6000.16640, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1720921237|0xad21461aef8244edec2ef18e55e1dcf3|
C:\WINDOWS\system32\SHLWAPI.dll, MID = 77f60000, ("c:\windows\system32\shlwapi.dll") File version = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040), File size = 474112, File modification date = 04/01/2007 14:05, File description = Shell Light-weight Utility Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3059, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |360429776|0x7ffe0d795f7138a5487fc90a8ec121e1|
C:\WINDOWS\system32\Normaliz.dll, MID = 330000, ("c:\windows\system32\normaliz.dll") File version = 6.0.5441.0 (winmain(wmbla).060628-1735), File size = 23552, File modification date = 29/06/2006 16:05, File description = Unicode Normalization DLL, Product Name = Microsoft® Windows® Operating System, Product version = 6.0.5441.0, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-2140978042|0x10753a3adc3e39a3b10cc3f08e98e6b4|
C:\WINDOWS\system32\iertutil.dll, MID = 42990000, ("c:\windows\system32\iertutil.dll") File version = 7.00.6000.16640 (vista_gdr.080213-1606), File size = 267776, File modification date = 01/03/2008 13:06, File description = Run time utility for Internet Explorer, Product Name = Windows® Internet Explorer, Product version = 7.00.6000.16640, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1890308121|0x4926de4ab9c86e8b295e7e6797b97782|
C:\WINDOWS\system32\shell32.dll, MID = 7c9c0000, ("c:\windows\system32\shell32.dll") File version = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245), File size = 8460288, File modification date = 26/10/2007 03:34, File description = Windows Shell Common Dll, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.3241, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1265059713|0x3be4c2e84d99889685fe2b68e5fa2a9d|
C:\WINDOWS\system32\comdlg32.dll, MID = 763b0000, ("c:\windows\system32\comdlg32.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 276992, File modification date = 04/08/2004 07:56, File description = Common Dialogs DLL, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-699718646|0x1edb1bb89d021955e6f7265911175b8d|
C:\WINDOWS\system32\wsock32.dll, MID = 71ad0000, ("c:\windows\system32\wsock32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 22528, File modification date = 04/08/2004 07:56, File description = Windows Socket 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1850821242|0x53af9f2b2ce4b6eff41c70417359d010|
C:\WINDOWS\system32\WS2_32.dll, MID = 71ab0000, ("c:\windows\system32\ws2_32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 82944, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 32-Bit DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1757885354|0x2ed0b7f12a60f90092081c50fa0ec2b2|
C:\WINDOWS\system32\WS2HELP.dll, MID = 71aa0000, ("c:\windows\system32\ws2help.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 19968, File modification date = 04/08/2004 07:56, File description = Windows Socket 2.0 Helper for Windows NT, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-170042698|0x9beacb911ca61e5881102188ab7fb431|
C:\WINDOWS\system32\IMAGEHLP.DLL, MID = 76c90000, ("c:\windows\system32\imagehlp.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 144384, File modification date = 04/08/2004 07:56, File description = Windows NT Image Helper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1900703932|0x5afce94e8286b2f57a04da37f01bf21a|
C:\WINDOWS\system32\winmm.dll, MID = 76b40000, ("c:\windows\system32\winmm.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 176128, File modification date = 04/08/2004 07:56, File description = MCI API DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |305547002|0x90fdaa22f38d9e911f91fa3b8a1f7e5d|
C:\WINDOWS\system32\crypt32.dll, MID = 77a80000, ("c:\windows\system32\crypt32.dll") File version = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 597504, File modification date = 04/08/2004 07:56, File description = Crypto API32, Product Name = Microsoft® Windows® Operating System, Product version = 5.131.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1759588438|0xefc958396a7a7ef7e6d4a52b97512e18|
C:\WINDOWS\system32\MSASN1.dll, MID = 77b20000, ("c:\windows\system32\msasn1.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 57344, File modification date = 04/08/2004 07:56, File description = ASN.1 Runtime APIs, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-720210377|0x3cd1ce106ca2a9b4cc626d7df03fbd6f|
C:\WINDOWS\system32\iphlpapi.dll, MID = 76d60000, ("c:\windows\system32\iphlpapi.dll") File version = 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), File size = 94720, File modification date = 19/05/2006 12:59, File description = IP Helper API, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2912, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |858262452|0x011eacf9153ef90e6cbce2987acae411|
C:\WINDOWS\system32\IMM32.DLL, MID = 76390000, ("c:\windows\system32\imm32.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 110080, File modification date = 04/08/2004 07:56, File description = Windows XP IMM32 API Client DLL, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-43671331|0x87ca7ce6469577f059297b9d6556d66d|
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll, MID = 773d0000, ("c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll") File version = 6.0 (xpsp.060825-0040), File size = 1054208, File modification date = 25/08/2006 15:45, File description = User Experience Controls Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2982, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1490442124|0xc4e80875c1cf1222fc5efd0314ae5c01|
C:\WINDOWS\system32\uxtheme.dll, MID = 5ad70000, ("c:\windows\system32\uxtheme.dll") File version = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), File size = 218624, File modification date = 04/08/2004 07:56, File description = Microsoft UxTheme Library, Product Name = Microsoft® Windows® Operating System, Product version = 6.00.2900.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |1521061666|0x2cde496666a975a2ce8f969f3042c8db|
C:\Program Files\Webroot\Spy Sweeper\pcre.dll, MID = 10000000, ("c:\program files\webroot\spy sweeper\pcre.dll") File version = 6.1.0.0, File size = 312688, File modification date = 05/01/2008 04:34, File description = PCRE DLL for Delphi, Product Name = DPCRE 6.1, Product version = 6, 1, 0, 0, Company name = RenatoMancuso.com |531800164|0x6d4f6e95fcc92dcf1fb9d0ab2a0890ff|
C:\WINDOWS\system32\PSAPI.dll, MID = 76bf0000, ("c:\windows\system32\psapi.dll") File version = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), File size = 23040, File modification date = 04/08/2004 07:56, File description = Process Status Helper, Product Name = Microsoft® Windows® Operating System, Product version = 5.1.2600.2180, Company name = Microsoft Corporation (© Microsoft Corporation. All rights reserved.) |-1750840696|0x96e48c7eb9089d1dbf6f85ca11b264df|
C:\WINDO