5769 now gives Unknown Shell Execute hook

O

OldBoy

....\WINDOWS\system32\shell32.dll
On XP PRO UK and XP Home NL

OldBoy

Detailed File Analysis
Display name: Microsoft Windows Shell Common Dll
Name: shell32.dll
Description: Windows Shell Common Dll
Publisher: Microsoft Corporation
Path: D:\WINDOWS\system32\shell32.dll
Version: 6.0.2900.2763
Size: 8450560 bytes
Copyright: © Microsoft Corporation. All rights reserved.
MD5: c1bcfec67e712b6a00ad00adfcbfd02e
This file is a registered COM object
[snip]
 
G

Guest

With 5769 I do not get that message.
XP NL Home

Detailed File Analysis
Display name: Besturingssysteem Microsoft® Windows®
Name: shell32.dll
Description: Gemeenschappelijk DLL-bestand van Windows Shell
Publisher: Microsoft Corporation
Path: C:\WINDOWS\system32\shell32.dll
Version: 6.0.2900.2763
Size: 8497664 bytes
Copyright: © Microsoft Corporation. Alle rechten voorbehouden.

MD5: acc828009b4c2b14f7662c9a0d372459

This file is a registered COM object
 
G

Guest

Sorry my mistake, I thought that your message was shown in the scan report.
However I see now the same message in
Tools>Advanced Tools>System Explorers>Shell Execute Hooks

JohanL49 said:
With 5769 I do not get that message.
XP NL Home

Detailed File Analysis
Display name: Besturingssysteem Microsoft® Windows®
Name: shell32.dll
Description: Gemeenschappelijk DLL-bestand van Windows Shell
Publisher: Microsoft Corporation
Path: C:\WINDOWS\system32\shell32.dll
Version: 6.0.2900.2763
Size: 8497664 bytes
Copyright: © Microsoft Corporation. Alle rechten voorbehouden.

MD5: acc828009b4c2b14f7662c9a0d372459

This file is a registered COM object


OldBoy said:
....\WINDOWS\system32\shell32.dll
On XP PRO UK and XP Home NL

OldBoy

Detailed File Analysis
Display name: Microsoft Windows Shell Common Dll
Name: shell32.dll
Description: Windows Shell Common Dll
Publisher: Microsoft Corporation
Path: D:\WINDOWS\system32\shell32.dll
Version: 6.0.2900.2763
Size: 8450560 bytes
Copyright: © Microsoft Corporation. All rights reserved.
MD5: c1bcfec67e712b6a00ad00adfcbfd02e
This file is a registered COM object
[snip]
 
B

Bill Sanderson

Is this the definitions, or perhaps one of the recent security patches
replacing the file?
 
G

Guest

I wouldn't woory about it since the file is related to XP SP2. Go to
c:\windows\system32, right-click on the dll file, and select Properties. Now
click on the Version tab and go through the list to see all the details about
the file. I have the same file on my system. It was installed when I
updated from SP1 to SP2.

There are many items that are unknown to MSAS, but this is to be expected
since it's a beta app and some files are newer than the definition files.

Alan
 
O

OldBoy

I did not see the "Unknown" before 5769.
This version of shell32.dll was put on my system on 09/23/05 thus not part
of SP2.

OldBoy
Bill Sanderson said:
Is this the definitions, or perhaps one of the recent security patches
replacing the file?
--

OldBoy said:
...\WINDOWS\system32\shell32.dll
On XP PRO UK and XP Home NL

OldBoy

Detailed File Analysis
Display name: Microsoft Windows Shell Common Dll
Name: shell32.dll
Description: Windows Shell Common Dll
Publisher: Microsoft Corporation
Path: D:\WINDOWS\system32\shell32.dll
Version: 6.0.2900.2763
Size: 8450560 bytes
Copyright: © Microsoft Corporation. All rights reserved.
MD5: c1bcfec67e712b6a00ad00adfcbfd02e
This file is a registered COM object
[snip]
 
G

Guest

Hello ,

the same for activex
i have set a post in "spyware signatures" the 10/9/2005 under activex

benoit
 
B

Bill Sanderson

Well - I've got it too!
I sent it to Spynet for analysis. If everybody does that, perhaps they will
analyze it?

--

OldBoy said:
I did not see the "Unknown" before 5769.
This version of shell32.dll was put on my system on 09/23/05 thus not part
of SP2.

OldBoy
Bill Sanderson said:
Is this the definitions, or perhaps one of the recent security patches
replacing the file?
--

OldBoy said:
...\WINDOWS\system32\shell32.dll
On XP PRO UK and XP Home NL

OldBoy

Detailed File Analysis
Display name: Microsoft Windows Shell Common Dll
Name: shell32.dll
Description: Windows Shell Common Dll
Publisher: Microsoft Corporation
Path: D:\WINDOWS\system32\shell32.dll
Version: 6.0.2900.2763
Size: 8450560 bytes
Copyright: © Microsoft Corporation. All rights reserved.
MD5: c1bcfec67e712b6a00ad00adfcbfd02e
This file is a registered COM object
[snip]
 
G

Greg Campbell

It was updated in one of the Security Updates this month. Most likely KB900725.
 
O

OldBoy

Thanks!

OldBoy
JohanL49 said:
With 5771 it is "Known".

OldBoy said:
....\WINDOWS\system32\shell32.dll
On XP PRO UK and XP Home NL

OldBoy

Detailed File Analysis
Display name: Microsoft Windows Shell Common Dll
Name: shell32.dll
Description: Windows Shell Common Dll
Publisher: Microsoft Corporation
Path: D:\WINDOWS\system32\shell32.dll
Version: 6.0.2900.2763
Size: 8450560 bytes
Copyright: © Microsoft Corporation. All rights reserved.
MD5: c1bcfec67e712b6a00ad00adfcbfd02e
This file is a registered COM object
[snip]
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top