Welcome to Tech Support Forum home to more then 136,000 problems solved. Issues have included: Spyware, Malware, Virus Issues, Windows, Microsoft, Linux, Networking, Security, Hardware, and Gaming Getting your problem solved is as easy as:
1. Registering for a free account
2. Asking your question
3. Receiving an answer

Registered members:
* Get free support
* Communicate privately with other members (PM).
* Removal of this message
* See fewer ads.
* And much more..

 


Want to know how to post a question? click here Having problems with spyware and pop-ups? First Steps
Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Resolved HJT Threads
Reload this Page Error messages involving svchost
User Name
Password
Site Map Register Donate Rules Blogs Mark Forums Read


Resolved HJT Threads Resolved spyware and popup issues.

 
 
LinkBack Thread Tools
Old 11-05-2008, 09:00 PM   #1 (permalink)
Registered User
 
Join Date: Nov 2008
Posts: 2
OS: xp


Error messages involving svchost
Dear computer experts

Since I did a partition of my C: and D: drives, I have been getting:
a. an error message every time I start my computer stating:
SVChost.exe Application error:
The instruction at "0x00401000" referenced memory at "0x00401000". The memory could not be "written".
b. from time to time, I get the following error message which usually must be clicked many many times in order to go away. I did not write down exactly what it says, but it is similar to the one in "a" above only with the number 0x12149fce and a bunch of zeros.
c. my wireless router stopped working periodically
d. I can nolonger log directly from Messenger into my inbox in Hotmail. That started as the same time as the other errors.

I am running XP and my drives' sizes are:
C: 17,0 GB (11,1 GB used)
D: 55,4 GB (27,8 GB used)

Oh yes, and after the latter mentioned error message I get following:
Data execution prevention - Microsoft Windows
To help protect your computer, Windows has closed this program. Name: Generic Host Process for Win32 services.

I sincerely hope you guys can help me with these issues.


Thank you

Steffen
My Log:

Logfile of random's system information tool 1.04 (written by random/random)
Run by Steffen at 2008-11-05 23:38:33
Microsoft Windows XP Professional Service Pack 3
System drive C: has 889 MB (5%) free of 17 GB
Total RAM: 1014 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:38:42, on 05-11-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Philips Webcam\Monitor.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
C:\WINDOWS\TEMP\FF5727.EXE
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Steffen\Desktop\RSIT.exe
C:\Program Files\trend micro\Steffen.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Banco do Brasil S.A. - {546D0BB7-6894-48D2-89EB-DFABF5E4EC7D} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.4.24.0\gears.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Monitor.lnk = C:\Program Files\Philips Webcam\Monitor.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.4.24.0\gears.dll
O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.4.24.0\gears.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://www.ling.unt.edu/~montler/wfplayer/tdserver.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD44/JSCDL/...ws-i586-jc.cab
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://udstedelse.certifikat.tdc.dk...dccsp-0506.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate1c90f6fc09e4b2) (gupdate1c90f6fc09e4b2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: OfficeScanNT Personal Firewall (OfcPfwSvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: OfficeScanNT Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 9273 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-07-23 1410344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{546D0BB7-6894-48D2-89EB-DFABF5E4EC7D}]
GbiehObj Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-09 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Hjælp til tilmelding til Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-08-09 2411584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}]
Google Gears Helper - C:\Program Files\Google\Google Gears\Internet Explorer\0.4.24.0\gears.dll [2008-10-08 1560576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-08-09 2411584]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"OfficeScanNT Monitor"=C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe [2005-03-15 335872]
"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2007-10-08 995328]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2007-10-08 1101824]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-03-30 138008]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-03-30 162584]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-03-30 138008]
"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [2007-05-10 405504]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-09 144784]
"UserFaultCheck"=C:\WINDOWS\system32\dumprep 0 -u []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe [2005-10-28 94208]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe [2008-08-09 171448]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Monitor.lnk - C:\Program Files\Philips Webcam\Monitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-03-30 204800]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati7mvxx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ati7mvxx.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======List of files/folders created in the last 3 months======

2008-11-05 23:38:33 ----D---- C:\rsit
2008-11-05 23:18:31 ----A---- C:\WINDOWS\gmer.ini
2008-11-05 23:18:29 ----A---- C:\WINDOWS\gmer_uninstall.cmd
2008-11-05 23:18:29 ----A---- C:\WINDOWS\gmer.dll
2008-11-05 23:18:28 ----A---- C:\WINDOWS\gmer.exe
2008-11-01 09:34:38 ----D---- C:\Toolbox
2008-10-27 08:18:21 ----D---- C:\Toolbox_3
2008-10-24 08:50:08 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-10-23 22:25:16 ----A---- C:\WINDOWS\system32\PQ_DEBUG.TXT
2008-10-23 22:17:19 ----N---- C:\WINDOWS\system32\XMNT2001.EXE
2008-10-23 22:17:05 ----D---- C:\Program Files\PowerQuest
2008-10-23 11:52:36 ----D---- C:\Program Files\Windows Live Safety Center
2008-10-22 19:25:00 ----D---- C:\Program Files\hijackthis
2008-10-22 16:08:50 ----SHD---- C:\Config.Msi
2008-10-22 14:50:11 ----D---- C:\Program Files\Windows Live Toolbar
2008-10-22 14:46:03 ----D---- C:\Program Files\Windows Live
2008-10-22 08:23:49 ----D---- C:\WINDOWS\system32\appmgmt
2008-10-20 08:41:04 ----D---- C:\WINDOWS\Minidump
2008-10-15 18:38:25 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-15 18:38:19 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-15 18:38:12 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-15 18:35:37 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-15 18:35:22 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-15 18:34:56 ----A---- C:\WINDOWS\system32\MRT.INI
2008-10-14 22:03:03 ----D---- C:\Program Files\Audacity
2008-10-11 11:50:25 ----D---- C:\Toolbox2
2008-10-11 11:47:44 ----D---- C:\Toolbox 1
2008-10-11 0802 ----D---- C:\Documents and Settings\Steffen\Application Data\Cryptomathic
2008-10-11 08:05:30 ----D---- C:\Program Files\TDC
2008-10-11 08:05:21 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-10-05 10:57:06 ----A---- C:\WINDOWS\Dext2001.ini
2008-10-05 10:56:57 ----D---- C:\Program Files\Philips Webcam
2008-10-04 16:20:29 ----D---- C:\Netgear
2008-10-04 15:57:01 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2008-09-22 09:01:13 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-09-15 11:50:18 ----D---- C:\Program Files\SIL
2008-09-15 11:46:17 ----A---- C:\WINDOWS\shoebox.ini
2008-09-15 11:41:39 ----D---- C:\Program Files\Toolbox
2008-09-01 10:28:52 ----D---- C:\Program Files\Merriam-Webster
2008-08-31 21:11:50 ----A---- C:\WINDOWS\NeroDigital.ini
2008-08-27 13:21:27 ----D---- C:\Documents and Settings\Steffen\Application Data\Help
2008-08-13 08:45:52 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-08-13 08:45:48 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-08-13 08:45:43 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-08-13 08:45:39 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-08-13 08:44:27 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-08-13 08:44:21 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-08-13 08:43:43 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-08-13 02:07:47 ----D---- C:\Documents and Settings\Steffen\Application Data\skypePM
2008-08-13 0223 ----D---- C:\Documents and Settings\Steffen\Application Data\Skype
2008-08-13 0205 ----D---- C:\Program Files\Skype
2008-08-13 0205 ----D---- C:\Program Files\Common Files\Skype
2008-08-13 0200 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2008-08-10 03:50:08 ----D---- C:\Documents and Settings\Steffen\Application Data\Macromedia
2008-08-10 03:46:25 ----A---- C:\WINDOWS\system32\muweb.dll
2008-08-10 03:46:25 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-08-10 03:46:24 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-08-09 12:09:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-08-09 11:57:59 ----D---- C:\Documents and Settings\Steffen\Application Data\Real
2008-08-09 11:22:02 ----D---- C:\Documents and Settings\Steffen\Application Data\Adobe
2008-08-09 10:22:58 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-08-09 10:22:43 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-08-09 10:08:05 ----D---- C:\WINDOWS\Sun
2008-08-09 10:08:05 ----D---- C:\Documents and Settings\Steffen\Application Data\Sun
2008-08-09 10:07:50 ----D---- C:\Program Files\Sun
2008-08-09 10:07:38 ----A---- C:\WINDOWS\system32\javaws.exe
2008-08-09 10:07:38 ----A---- C:\WINDOWS\system32\javaw.exe
2008-08-09 10:07:38 ----A---- C:\WINDOWS\system32\java.exe
2008-08-09 10:07:04 ----D---- C:\Program Files\Java
2008-08-09 1007 ----D---- C:\Program Files\Common Files\Java
2008-08-09 10:04:07 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-08-09 10:03:53 ----D---- C:\Program Files\Common Files\Adobe
2008-08-09 10:03:53 ----D---- C:\Program Files\Adobe
2008-08-09 10:01:17 ----D---- C:\Documents and Settings\Steffen\Application Data\Google
2008-08-09 10:00:48 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2008-08-09 10:00:43 ----D---- C:\Program Files\Google
2008-08-09 10:00:28 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2008-08-09 10:00:27 ----D---- C:\Program Files\NOS
2008-08-09 05:30:13 ----A---- C:\WINDOWS\ModemLog_Conexant HDA D110 MDC V.92 Modem.txt
2008-08-09 04:22:34 ----D---- C:\WINDOWS\ie7updates
2008-08-09 04:21:43 ----A---- C:\WINDOWS\system32\MRT.exe
2008-08-09 04:08:05 ----D---- C:\WINDOWS\Prefetch
2008-08-09 04:04:49 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-08-09 04:04:43 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-08-09 04:04:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-08-09 04:04:31 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-08-09 03:59:44 ----D---- C:\WINDOWS\system32\scripting
2008-08-09 03:59:43 ----D---- C:\WINDOWS\system32\en
2008-08-09 03:59:43 ----D---- C:\WINDOWS\l2schemas
2008-08-09 03:59:42 ----D---- C:\WINDOWS\system32\bits
2008-08-09 03:55:01 ----D---- C:\WINDOWS\ServicePackFiles
2008-08-09 03:52:28 ----D---- C:\WINDOWS\network diagnostic
2008-08-09 03:47:12 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-08-09 03:39:32 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-08-09 03:39:30 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-08-09 03:39:28 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-08-09 03:39:28 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-08-09 03:39:25 ----N---- C:\WINDOWS\system32\verclsid.exe
2008-08-09 03:39:20 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-08-09 03:39:20 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-08-09 03:39:11 ----N---- C:\WINDOWS\system32\spupdwxp.exe
2008-08-09 03:39:10 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2008-08-09 03:39:08 ----N---- C:\WINDOWS\system32\slserv.exe
2008-08-09 03:39:08 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-08-09 03:39:08 ----N---- C:\WINDOWS\system32\slgen.dll
2008-08-09 03:39:08 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-08-09 03:39:08 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-08-09 03:39:08 ----N---- C:\WINDOWS\slrundll.exe
2008-08-09 03:39:05 ----N---- C:\WINDOWS\system32\setupn.exe
2008-08-09 03:39:02 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-08-09 03:39:00 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-08-09 03:38:59 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-08-09 03:38:58 ----N---- C:\WINDOWS\system32\qutil.dll
2008-08-09 03:38:57 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-08-09 03:38:57 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-08-09 03:38:57 ----N---- C:\WINDOWS\system32\qagent.dll
2008-08-09 03:38:55 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-08-09 03:38:52 ----N---- C:\WINDOWS\system32\onex.dll
2008-08-09 03:38:48 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2008-08-09 03:38:40 ----N---- C:\WINDOWS\system32\napstat.exe
2008-08-09 03:38:40 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-08-09 03:38:40 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-08-09 03:38:40 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-08-09 03:38:39 ----A---- C:\WINDOWS\system32\msxml6r.dll
2008-08-09 03:38:36 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-08-09 03:38:36 ----N---- C:\WINDOWS\system32\mssha.dll
2008-08-09 03:38:21 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-08-09 03:38:21 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-08-09 03:38:21 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-08-09 03:38:20 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-08-09 03:38:10 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-08-09 03:38:10 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-08-09 03:38:09 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-08-09 03:38:09 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-08-09 03:38:09 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-08-09 03:38:09 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-08-09 03:38:00 ----N---- C:\WINDOWS\system32\smtpapi.dll
2008-08-09 03:37:59 ----N---- C:\WINDOWS\system32\rwnh.dll
2008-08-09 03:37:56 ----N---- C:\WINDOWS\system32\comsdupd.exe
2008-08-09 03:37:52 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-08-09 03:37:47 ----A---- C:\WINDOWS\003002_.tmp
2008-08-09 03:37:46 ----N---- C:\WINDOWS\system32\faxpatch.exe
2008-08-09 03:37:45 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-08-09 03:37:45 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-08-09 03:37:45 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-08-09 03:37:45 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-08-09 03:37:45 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-08-09 03:37:45 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-08-09 03:37:45 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-08-09 03:37:45 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-08-09 03:37:43 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-08-09 03:37:43 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-08-09 03:37:43 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-08-09 03:37:43 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-08-09 03:37:43 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-08-09 03:37:43 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-08-09 03:37:43 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-08-09 03:37:42 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-08-09 03:37:42 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-08-09 03:37:42 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-08-09 03:37:40 ----N---- C:\WINDOWS\system32\credssp.dll
2008-08-09 03:37:36 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-08-09 03:37:36 ----N---- C:\WINDOWS\system32\azroles.dll
2008-08-09 03:37:35 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2008-08-09 03:37:35 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-08-09 03:37:34 ----N---- C:\WINDOWS\system32\ati3duag.dll
2008-08-09 03:37:34 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-08-09 03:37:34 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-08-09 03:37:34 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2008-08-09 03:37:34 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2008-08-09 03:37:28 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-08-09 03:25:35 ----D---- C:\WINDOWS\WBEM
2008-08-09 03:25:34 ----D---- C:\WINDOWS\system32\en-US
2008-08-09 03:23:59 ----HDC---- C:\WINDOWS\ie7
2008-08-09 03:23:42 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-08-09 03:23:22 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-08-09 03:22:50 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2008-08-09 03:22:42 ----A---- C:\WINDOWS\system32\xmllite.dll
2008-08-09 02:59:40 ----SHD---- C:\RECYCLER
2008-08-09 02:50:31 ----A---- C:\WINDOWS\IE4 Error Log.txt
2008-08-09 02:47:43 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2008-08-09 02:45:31 ----D---- C:\Documents and Settings\Steffen\Application Data\OfficeUpdate12
2008-08-09 02:45:01 ----D---- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-08-09 02:42:54 ----A---- C:\WINDOWS\ODBC.INI
2008-08-09 02:42:47 ----A---- C:\WINDOWS\system32\mdimon.dll
2008-08-09 02:40:33 ----D---- C:\Program Files\Common Files\DESIGNER
2008-08-09 02:40:30 ----D---- C:\Program Files\Microsoft Works
2008-08-09 02:40:22 ----D---- C:\Program Files\Microsoft Visual Studio
2008-08-09 02:40:10 ----D---- C:\WINDOWS\SHELLNEW
2008-08-09 02:39:04 ----D---- C:\Program Files\Microsoft.NET
2008-08-09 02:39:04 ----D---- C:\Program Files\Microsoft Office
2008-08-09 02:39:00 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-08-09 02:34:14 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2008-08-09 02:34:06 ----HDC---- C:\WINDOWS\$NtUninstallKB908250$
2008-08-09 02:33:51 ----HDC---- C:\WINDOWS\$NtUninstallKB951698_0$
2008-08-09 02:33:46 ----D---- C:\Program Files\MSXML 6.0
2008-08-09 02:33:37 ----HDC---- C:\WINDOWS\$NtUninstallKB942763$
2008-08-09 02:33:21 ----HDC---- C:\WINDOWS\$NtUninstallKB913800$
2008-08-09 02:32:22 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-08-09 02:32:09 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2008-08-09 02:31:55 ----HDC---- C:\WINDOWS\$NtUninstallKB950759$
2008-08-09 02:31:47 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2008-08-09 02:31:36 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2008-08-09 02:31:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2008-08-09 02:31:13 ----HDC---- C:\WINDOWS\$NtUninstallKB930494$
2008-08-09 02:30:53 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$
2008-08-09 02:30:33 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP10$
2008-08-09 02:24:57 ----D---- C:\Documents and Settings\Steffen\Application Data\Ahead
2008-08-09 02:23:58 ----D---- C:\Program Files\Nero
2008-08-09 02:23:58 ----D---- C:\Program Files\Common Files\Ahead
2008-08-09 02:22:31 ----N---- C:\WINDOWS\system32\tzchange.exe
2008-08-09 02:22:30 ----N---- C:\WINDOWS\kb913800.exe
2008-08-09 02:20:48 ----D---- C:\WINDOWS\system32\PreInstall
2008-08-09 02:20:47 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-08-09 02:20:46 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-08-08 14:14:51 ----D---- C:\Documents and Settings\Steffen\Application Data\vlc
2008-08-08 14:14:26 ----D---- C:\Program Files\VideoLAN
2008-08-08 14:13:02 ----D---- C:\WINDOWS\system32\QuickTime
2008-08-08 14:13:01 ----D---- C:\Documents and Settings\All Users\Application Data\QuickTime
2008-08-08 14:12:53 ----D---- C:\Program Files\K-Lite Codec Pack
2008-08-08 13:48:26 ----A---- C:\WINDOWS\stsystra.exe
2008-08-08 13:48:15 ----D---- C:\Program Files\SigmaTel
2008-08-08 13:48:15 ----A---- C:\WINDOWS\system32\st325602.dll
2008-08-08 13:48:14 ----HD---- C:\Program Files\InstallShield Installation Information
2008-08-08 13:47:50 ----A---- C:\WINDOWS\system32\h323log.txt
2008-08-08 13:45:14 ----A---- C:\WINDOWS\system32\usbui.dll
2008-08-08 13:44:37 ----A---- C:\WINDOWS\system32\stlang.dll
2008-08-08 13:44:08 ----A---- C:\WINDOWS\imsins.BAK
2008-08-08 13:44:05 ----SHD---- C:\WINDOWS\Installer
2008-08-08 13:44:05 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-08-08 13:44:04 ----D---- C:\Program Files\Common Files\ODBC
2008-08-08 13:44:04 ----A---- C:\WINDOWS\ODBCINST.INI
2008-08-08 13:44:00 ----RD---- C:\Program Files
2008-08-08 13:44:00 ----D---- C:\Program Files\Common Files\SpeechEngines
2008-08-08 13:44:00 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-08-08 13:44:00 ----D---- C:\Program Files\Common Files
2008-08-08 13:43:57 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2008-08-08 13:43:57 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2008-08-08 13:43:57 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2008-08-08 13:43:55 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2008-08-08 13:43:55 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2008-08-08 13:43:55 ----RA---- C:\WINDOWS\system32\kbdur.dll
2008-08-08 13:43:55 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2008-08-08 13:43:55 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2008-08-08 13:43:55 ----RA---- C:\WINDOWS\system32\kbdru.dll
2008-08-08 13:43:55 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2008-08-08 13:43:55 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2008-08-08 13:43:55 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2008-08-08 13:43:55 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2008-08-08 13:43:55 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2008-08-08 13:43:55 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2008-08-08 13:43:53 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2008-08-08 13:43:53 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2008-08-08 13:43:53 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2008-08-08 13:43:53 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2008-08-08 13:43:53 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2008-08-08 13:43:53 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2008-08-08 13:43:53 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2008-08-08 13:43:51 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2008-08-08 13:43:51 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2008-08-08 13:43:51 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2008-08-08 13:43:51 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2008-08-08 13:43:51 ----RA---- C:\WINDOWS\system32\kbdest.dll
2008-08-08 13:43:50 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2008-08-08 13:43:50 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2008-08-08 13:43:50 ----RA---- C:\WINDOWS\system32\kbdro.dll
2008-08-08 13:43:50 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2008-08-08 13:43:49 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2008-08-08 13:43:49 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2008-08-08 13:43:49 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2008-08-08 13:43:49 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2008-08-08 13:43:49 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2008-08-08 13:43:49 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2008-08-08 13:43:49 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2008-08-08 13:43:49 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2008-08-08 13:43:49 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2008-08-08 13:43:47 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-08-08 13:43:47 ----A---- C:\WINDOWS\system32\irclass.dll
2008-08-08 13:43:47 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2008-08-08 13:43:47 ----A---- C:\WINDOWS\system32\dgsetup.dll
2008-08-08 13:43:47 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2008-08-08 13:43:46 ----D---- C:\Program Files\DIFX
2008-08-08 13:43:45 ----A---- C:\WINDOWS\TASKMAN.EXE
2008-08-08 13:43:44 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2008-08-08 13:43:44 ----A---- C:\WINDOWS\system32\batt.dll
2008-08-08 13:43:44 ----A---- C:\WINDOWS\notepad.exe
2008-08-08 13:43:43 ----A---- C:\WINDOWS\system32\storprop.dll
2008-08-08 13:43:40 ----A---- C:\WINDOWS\system32\snymsico.dll
2008-08-08 13:43:40 ----A---- C:\WINDOWS\system32\rixdicon.dll
2008-08-08 13:43:34 ----RA---- C:\WINDOWS\SET2E.tmp
2008-08-08 13:43:34 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2008-08-08 13:43:33 ----RA---- C:\WINDOWS\SET2D.tmp
2008-08-08 13:43:30 ----RA---- C:\WINDOWS\SET8.tmp
2008-08-08 13:43:27 ----RA---- C:\WINDOWS\SET4.tmp
2008-08-08 13:43:26 ----RA---- C:\WINDOWS\SET3.tmp
2008-08-08 13:43:21 ----D---- C:\WINDOWS\system32\CatRoot2
2008-08-08 13:43:21 ----D---- C:\WINDOWS\system32\CatRoot
2008-08-08 13:43:15 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-08-08 13:42:52 ----A---- C:\WINDOWS\setuplog.txt
2008-08-08 13:42:49 ----D---- C:\Documents and Settings
2008-08-08 13:42:48 ----SHD---- C:\System Volume Information
2008-08-08 13:41:47 ----SH---- C:\boot.ini
2008-08-08 13:33:36 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-08-08 13:33:36 ----RSD---- C:\WINDOWS\Fonts
2008-08-08 13:33:36 ----RD---- C:\WINDOWS\Web
2008-08-08 13:33:36 ----HD---- C:\WINDOWS\inf
2008-08-08 13:33:36 ----D---- C:\WINDOWS\WinSxS
2008-08-08 13:33:36 ----D---- C:\WINDOWS\twain_32
2008-08-08 13:33:36 ----D---- C:\WINDOWS\Temp
2008-08-08 13:33:36 ----D---- C:\WINDOWS\system32\wins
2008-08-08 13:33:36 ----D---- C:\WINDOWS\system32\wbem
2008-08-08 13:33:36 ----D---- C:\WINDOWS\system32\usmt
2008-08-08 13:33:36 ----D---- C:\WINDOWS\system32\spool
2008-08-08 13:33:36 ----D---- C:\WINDOWS\system32\ShellExt
2008-08-08 13:33:36 ----D---- C:\WINDOWS\system32\Setup
2008-08-08 13:33:36 ----D---- C:\WINDOWS\system32\ras
2008-08-08 13:33:36 ----D---- C:\WINDOWS\system32\oobe
2008-08-08 13:33:36 ----D---- C:\WINDOWS\system32\npp
2008-08-08 13:33:36 ----D---- C:\WINDOWS\system32\mui
2008-08-08 13:33:36 ----D---- C:\WINDOWS\system32\inetsrv
2008-08-08 13:33:36 ----D---- C:\WINDOWS\system32\IME
2008-08-08 13:33:36 ----D---- C:\WINDOWS\system32\icsxml
2008-08-08 13:33:36 ----D---- C:\WINDOWS\system32\ias
2008-08-08 13:33:36 ----D---- C:\WINDOWS\system32\export
2008-08-08 13:33:36 ----D---- C:\WINDOWS\system32\drivers
2008-08-08 13:33:36 ----D---- C:\WINDOWS\system32\dhcp
2008-08-08 13:33:36 ----D---- C:\WINDOWS\system32\config
2008-08-08 13:33:36 ----D---- C:\WINDOWS\system32\3com_dmi
2008-08-08 13:33:36 ----D---- C:\WINDOWS\system32\3076
2008-08-08 13:33:36 ----D---- C:\WINDOWS\system32\2052
2008-08-08 13:33:36 ----D---- C:\WINDOWS\system32\1054
2008-08-08 13:33:36 ----D---- C:\WINDOWS\system32\1042
2008-08-08 13:33:36 ----D---- C:\WINDOWS\system32\1041
2008-08-08 13:33:36 ----D---- C:\WINDOWS\system32\1037
2008-08-08 13:33:36 ----D---- C:\WINDOWS\system32\1033
2008-08-08 13:33:36 ----D---- C:\WINDOWS\system32\1031
2008-08-08 13:33:36 ----D---- C:\WINDOWS\system32\1028
2008-08-08 13:33:36 ----D---- C:\WINDOWS\system32\1025
2008-08-08 13:33:36 ----D---- C:\WINDOWS\system32
2008-08-08 13:33:36 ----D---- C:\WINDOWS\system
2008-08-08 13:33:36 ----D---- C:\WINDOWS\security
2008-08-08 13:33:36 ----D---- C:\WINDOWS\Resources
2008-08-08 13:33:36 ----D---- C:\WINDOWS\repair
2008-08-08 13:33:36 ----D---- C:\WINDOWS\Provisioning
2008-08-08 13:33:36 ----D---- C:\WINDOWS\PeerNet
2008-08-08 13:33:36 ----D---- C:\WINDOWS\pchealth
2008-08-08 13:33:36 ----D---- C:\WINDOWS\mui
2008-08-08 13:33:36 ----D---- C:\WINDOWS\msapps
2008-08-08 13:33:36 ----D---- C:\WINDOWS\msagent
2008-08-08 13:33:36 ----D---- C:\WINDOWS\Media
2008-08-08 13:33:36 ----D---- C:\WINDOWS\java
2008-08-08 13:33:36 ----D---- C:\WINDOWS\ime
2008-08-08 13:33:36 ----D---- C:\WINDOWS\Help
2008-08-08 13:33:36 ----D---- C:\WINDOWS\ehome
2008-08-08 13:33:36 ----D---- C:\WINDOWS\Driver Cache
2008-08-08 13:33:36 ----D---- C:\WINDOWS\dell
2008-08-08 13:33:36 ----D---- C:\WINDOWS\Debug
2008-08-08 13:33:36 ----D---- C:\WINDOWS\Cursors
2008-08-08 13:33:36 ----D---- C:\WINDOWS\Connection Wizard
2008-08-08 13:33:36 ----D---- C:\WINDOWS\Config
2008-08-08 13:33:36 ----D---- C:\WINDOWS\AppPatch
2008-08-08 13:33:36 ----D---- C:\WINDOWS\addins
2008-08-08 13:33:36 ----D---- C:\WINDOWS
2008-08-08 13:26:15 ----D---- C:\Program Files\IDT
2008-08-08 13:26:12 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-08-08 13:25:34 ----D---- C:\Program Files\CONEXANT
2008-08-08 13:25:13 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2008-08-08 13:24:53 ----A---- C:\WINDOWS\system32\Uci32103.dll
2008-08-08 13:24:53 ----A---- C:\WINDOWS\system32\mdmxsdk.dll
2008-08-08 13:17:02 ----A---- C:\WINDOWS\system32\igfxres.dll
2008-08-08 13:13:34 ----A---- C:\WINDOWS\system32\igfxzoom.exe
2008-08-08 13:13:34 ----A---- C:\WINDOWS\system32\igfxress.dll
2008-08-08 13:13:34 ----A---- C:\WINDOWS\system32\hkcmd.exe
2008-08-08 13:13:34 ----A---- C:\WINDOWS\system32\hccutils.dll
2008-08-08 13:13:33 ----D---- C:\WINDOWS\system32\Lang
2008-08-08 13:13:33 ----A---- C:\WINDOWS\system32\igxprd32.dll
2008-08-08 13:13:33 ----A---- C:\WINDOWS\system32\igxpgd32.dll
2008-08-08 13:13:33 ----A---- C:\WINDOWS\system32\igxpdx32.dll
2008-08-08 13:13:33 ----A---- C:\WINDOWS\system32\igxpdv32.dll
2008-08-08 13:13:33 ----A---- C:\WINDOWS\system32\iglicd32.dll
2008-08-08 13:13:33 ----A---- C:\WINDOWS\system32\igldev32.dll
2008-08-08 13:13:33 ----A---- C:\WINDOWS\system32\igfxtray.exe
2008-08-08 13:13:33 ----A---- C:\WINDOWS\system32\igfxsrvc.exe
2008-08-08 13:13:33 ----A---- C:\WINDOWS\system32\igfxsrvc.dll
2008-08-08 13:13:33 ----A---- C:\WINDOWS\system32\igfxpph.dll
2008-08-08 13:13:33 ----A---- C:\WINDOWS\system32\igfxpers.exe
2008-08-08 13:13:33 ----A---- C:\WINDOWS\system32\igfxext.exe
2008-08-08 13:13:33 ----A---- C:\WINDOWS\system32\igfxexps.dll
2008-08-08 13:13:33 ----A---- C:\WINDOWS\system32\igfxdo.dll
2008-08-08 13:13:33 ----A---- C:\WINDOWS\system32\igfxdev.dll
2008-08-08 13:13:33 ----A---- C:\WINDOWS\system32\igfxCoIn_v4814.dll
2008-08-08 13:13:33 ----A---- C:\WINDOWS\system32\igfxcfg.exe
2008-08-08 13:13:33 ----A---- C:\WINDOWS\system32\difxapi.dll
2008-08-08 13:13:32 ----A---- C:\WINDOWS\system32\igxpun.exe
2008-08-08 13:13:28 ----D---- C:\Intel
2008-08-08 13:05:13 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-08-08 13:04:25 ----D---- C:\Program Files\Broadcom
2008-08-08 13:02:48 ----D---- C:\WINDOWS\system32\vmm32
2008-08-08 13:02:47 ----D---- C:\Program Files\Dell
2008-08-08 13:02:28 ----D---- C:\Program Files\Common Files\InstallShield
2008-08-08 12:27:49 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-08-08 12:26:45 ----D---- C:\Documents and Settings\Steffen\Application Data\Intel
2008-08-08 12:26:43 ----A---- C:\WINDOWS\system32\results.txt
2008-08-08 12:26:39 ----A---- C:\WINDOWS\system32\AegisI5Installer.exe
2008-08-08 12:26:15 ----D---- C:\Documents and Settings\All Users\Application Data\Intel
2008-08-08 12:25:54 ----A---- C:\WINDOWS\system32\NETw4r32.dll
2008-08-08 12:25:54 ----A---- C:\WINDOWS\system32\NETw4c32.dll
2008-08-08 12:25:53 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-08-08 12:25:50 ----D---- C:\Program Files\Intel
2008-08-08 12:23:37 ----A---- C:\WINDOWS\IsUninst.exe
2008-08-08 12:23:25 ----D---- C:\Temp
2008-08-08 12:23:20 ----D---- C:\Program Files\Trend Micro
2008-08-08 12:22:21 ----D---- C:\Documents and Settings\Steffen\Application Data\Identities
2008-08-08 12:22:16 ----HD---- C:\Program Files\Uninstall Information
2008-08-08 12:19:13 ----D---- C:\WINDOWS\RegisteredPackages
2008-08-08 12:17:36 ----HDC---- C:\WINDOWS\$NtUninstallKB900325$
2008-08-08 12:17:15 ----HDC---- C:\WINDOWS\$NtUninstallKB902841$
2008-08-08 12:17:02 ----HDC---- C:\WINDOWS\$NtUninstallKB888795$
2008-08-08 12:16:52 ----HDC---- C:\WINDOWS\$NtUninstallKB899510$
2008-08-08 12:16:37 ----HDC---- C:\WINDOWS\$NtUninstallKB912812$
2008-08-08 12:16:28 ----HDC---- C:\WINDOWS\$NtUninstallKB899337$
2008-08-08 12:16:18 ----HDC---- C:\WINDOWS\$NtUninstallKB895961$
2008-08-08 12:16:10 ----HDC---- C:\WINDOWS\$NtUninstallKB891593$
2008-08-08 12:15:50 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-08-08 12:15:48 ----HDC---- C:\WINDOWS\$NtUninstallKB903157$
2008-08-08 12:13:27 ----D---- C:\WINDOWS\system32\URTTemp
2008-08-08 12:12:58 ----D---- C:\Program Files\RGB
2008-08-08 12:10:45 ----D---- C:\Program Files\GemMaster
2008-08-08 12:05:24 ----ASH---- C:\Documents and Settings\Steffen\Application Data\desktop.ini
2008-08-08 12:05:23 ----SD---- C:\Documents and Settings\Steffen\Application Data\Microsoft
2008-08-08 12:04:36 ----D---- C:\WINDOWS\SoftwareDistribution
2008-08-08 12:04:31 ----SD---- C:\WINDOWS\system32\Microsoft
2008-08-08 12:04:31 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-08-08 12:00:13 ----D---- C:\WINDOWS\system32\xircom
2008-08-08 12:00:13 ----D---- C:\Program Files\xerox
2008-08-08 12:00:13 ----D---- C:\Program Files\microsoft frontpage
2008-08-08 11:59:03 ----D---- C:\DELL
2008-08-08 11:58:51 ----HD---- C:\WINDOWS\$hf_mig$
2008-08-08 11:58:50 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2008-08-08 11:58:28 ----A---- C:\WINDOWS\control.ini
2008-08-08 11:58:28 ----A---- C:\AUTOEXEC.BAT
2008-08-08 11:58:16 ----A---- C:\WINDOWS\OEWABLog.txt
2008-08-08 11:58:10 ----A---- C:\WINDOWS\system32\mapi32.dll
2008-08-08 11:56:51 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-08-08 11:56:51 ----RD---- C:\WINDOWS\Offline Web Pages
2008-08-08 11:56:51 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-08-08 11:56:45 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-08-08 11:56:39 ----HD---- C:\Program Files\WindowsUpdate
2008-08-08 11:56:15 ----D---- C:\WINDOWS\system32\DirectX
2008-08-08 11:55:52 ----A---- C:\WINDOWS\system32\atrace.dll
2008-08-08 11:55:49 ----A---- C:\WINDOWS\system32\desktop.ini
2008-08-08 11:55:49 ----A---- C:\WINDOWS\desktop.ini
2008-08-08 11:55:42 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2008-08-08 11:55:41 ----A---- C:\WINDOWS\system32\acctres.dll
2008-08-08 11:55:40 ----D---- C:\Program Files\Common Files\Services
2008-08-08 11:55:38 ----SD---- C:\WINDOWS\Tasks
2008-08-08 11:55:38 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-08-08 11:55:37 ----D---- C:\Program Files\Common Files\MSSoap
2008-08-08 11:55:32 ----D---- C:\WINDOWS\srchasst
2008-08-08 11:55:31 ----D---- C:\WINDOWS\system32\Macromed
2008-08-08 11:55:28 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-08-08 11:55:27 ----A---- C:\WINDOWS\system32\wups.dll
2008-08-08 11:55:27 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-08-08 11:55:27 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-08-08 11:55:27 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-08-08 11:55:27 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-08-08 11:55:27 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-08-08 11:55:27 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-08-08 11:55:26 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-08-08 11:55:26 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-08-08 11:55:26 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-08-08 11:55:26 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-08-08 11:55:26 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-08-08 11:55:17 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-08-08 11:55:17 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-08-08 11:55:17 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-08-08 11:55:17 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-08-08 11:55:12 ----A---- C:\WINDOWS\system32\fltmc.exe
2008-08-08 11:55:12 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-08-08 11:55:11 ----D---- C:\WINDOWS\system32\Restore
2008-08-08 11:55:11 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-08-08 11:55:11 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-08-08 11:55:11 ----A---- C:\WINDOWS\system32\srclient.dll
2008-08-08 11:55:11 ----A---- C:\WINDOWS\system32\ils.dll
2008-08-08 11:55:10 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-08-08 11:55:10 ----A---- C:\WINDOWS\system32\msconf.dll
2008-08-08 11:55:10 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-08-08 11:55:10 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-08-08 11:55:10 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-08-08 11:55:07 ----D---- C:\Program Files\NetMeeting
2008-08-08 11:55:07 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-08-08 11:55:07 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-08-08 11:55:06 ----A---- C:\WINDOWS\system32\inetres.dll
2008-08-08 11:55:06 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-08-08 11:55:03 ----D---- C:\Program Files\Outlook Express
2008-08-08 11:55:03 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-08-08 11:55:03 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-08-08 11:55:03 ----A---- C:\WINDOWS\system32\mstask.dll
2008-08-08 11:55:02 ----A---- C:\WINDOWS\system32\isign32.dll
2008-08-08 11:55:02 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-08-08 11:55:02 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-08-08 11:55:02 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-08-08 11:54:56 ----D---- C:\Program Files\Common Files\System
2008-08-08 11:54:50 ----D---- C:\Program Files\Internet Explorer
2008-08-08 11:54:11 ----RSD---- C:\WINDOWS\assembly
2008-08-08 11:53:35 ----D---- C:\Program Files\ComPlus Applications
2008-08-08 11:53:33 ----A---- C:\WINDOWS\vbaddin.ini
2008-08-08 11:53:33 ----A---- C:\WINDOWS\vb.ini
2008-08-08 11:53:27 ----D---- C:\WINDOWS\Registration
2008-08-08 11:53:17 ----D---- C:\Program Files\Online Services
2008-08-08 11:52:55 ----D---- C:\WINDOWS\Microsoft.NET
2008-08-08 11:52:49 ----D---- C:\Program Files\Windows Media Player
2008-08-08 11:52:20 ----D---- C:\Program Files\Windows Plus
2008-08-08 11:52:05 ----A---- C:\WINDOWS\system32\mhn.dll
2008-08-08 11:52:05 ----A---- C:\WINDOWS\system32\igdetect.dll
2008-08-08 11:52:00 ----D---- C:\Program Files\Movie Maker
2008-08-08 11:50:19 ----D---- C:\Program Files\Messenger
2008-08-08 11:50:16 ----D---- C:\Program Files\MSN Gaming Zone
2008-08-08 11:50:15 ----A---- C:\WINDOWS\system32\write.exe
2008-08-08 11:50:07 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-08-08 11:50:06 ----A---- C:\WINDOWS\system32\winchat.exe
2008-08-08 11:50:06 ----A---- C:\WINDOWS\system32\hticons.dll
2008-08-08 11:50:06 ----A---- C:\WINDOWS\system32\avwav.dll
2008-08-08 11:50:06 ----A---- C:\WINDOWS\system32\avtapi.dll
2008-08-08 11:50:06 ----A---- C:\WINDOWS\system32\avmeter.dll
2008-08-08 11:49:59 ----A---- C:\WINDOWS\system32\getuname.dll
2008-08-08 11:49:59 ----A---- C:\WINDOWS\system32\charmap.exe
2008-08-08 11:49:58 ----A---- C:\WINDOWS\system32\winmine.exe
2008-08-08 11:49:58 ----A---- C:\WINDOWS\system32\sol.exe
2008-08-08 11:49:58 ----A---- C:\WINDOWS\system32\mshearts.exe
2008-08-08 11:49:58 ----A---- C:\WINDOWS\system32\calc.exe
2008-08-08 11:49:57 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-08-08 11:49:57 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-08-08 11:49:57 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-08-08 11:49:57 ----A---- C:\WINDOWS\system32\tskill.exe
2008-08-08 11:49:57 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-08-08 11:49:57 ----A---- C:\WINDOWS\system32\tscon.exe
2008-08-08 11:49:57 ----A---- C:\WINDOWS\system32\shadow.exe
2008-08-08 11:49:57 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-08-08 11:49:57 ----A---- C:\WINDOWS\system32\reset.exe
2008-08-08 11:49:57 ----A---- C:\WINDOWS\system32\freecell.exe
2008-08-08 11:49:56 ----A---- C:\WINDOWS\system32\regini.exe
2008-08-08 11:49:56 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-08-08 11:49:56 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-08-08 11:49:56 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-08-08 11:49:56 ----A---- C:\WINDOWS\system32\msg.exe
2008-08-08 11:49:56 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-08-08 11:49:56 ----A---- C:\WINDOWS\system32\logoff.exe
2008-08-08 11:49:56 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-08-08 11:49:55 ----A---- C:\WINDOWS\system32\stclient.dll
2008-08-08 11:49:55 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-08-08 11:49:55 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-08-08 11:49:55 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-08-08 11:49:55 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-08-08 11:49:55 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-08-08 11:49:55 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-08-08 11:49:54 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-08-08 11:49:49 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-08-08 11:49:31 ----D---- C:\Program Files\MSN
2008-08-08 11:49:30 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-08-08 11:49:30 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-08-08 11:49:30 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-08-08 11:49:29 ----D---- C:\Program Files\Windows NT
2008-08-08 11:49:29 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-08-08 11:49:29 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-08-08 11:49:29 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-08-08 11:49:28 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-08-08 11:49:28 ----A---- C:\WINDOWS\system32\spider.exe
2008-08-08 11:49:27 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-08-08 11:49:27 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-08-08 11:49:27 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-08-08 11:49:27 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-08-08 11:49:27 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-08-08 11:49:27 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-08-08 11:49:27 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-08-08 11:49:26 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2008-08-08 11:49:26 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-08-08 11:49:26 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-08-08 11:49:26 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-08-08 11:49:26 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-08-08 11:49:26 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-08-08 11:49:26 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-08-08 11:49:26 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-08-08 11:49:25 ----D---- C:\WINDOWS\system32\MsDtc
2008-08-08 11:49:25 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-08-08 11:49:25 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-08-08 11:49:25 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-08-08 11:49:25 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-08-08 11:49:24 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-08-08 11:49:24 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-08-08 11:49:24 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-08-08 11:49:23 ----D---- C:\WINDOWS\system32\Com
2008-08-08 11:49:23 ----A---- C:\WINDOWS\system32\colbact.dll
2008-08-08 11:49:23 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-08-08 11:49:23 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-08-08 11:49:23 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-08-08 11:49:23 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-08-08 11:49:22 ----A---- C:\WINDOWS\system32\comuid.dll
2008-08-08 11:49:22 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-08-08 11:49:22 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-08-08 11:49:15 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-08-08 11:49:15 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-08-08 11:49:15 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-08-08 11:49:14 ----A---- C:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 3 months======

2008-10-28 10:29:30 ----A---- C:\WINDOWS\win.ini
2008-10-15 11:34:24 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-03 12:41:15 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-08-27 03:24:32 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-08-26 02:24:31 ----A---- C:\WINDOWS\system32\wininet.dll
2008-08-26 02:24:31 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-08-26 02:24:31 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-08-26 02:24:30 ----A---- C:\WINDOWS\system32\url.dll
2008-08-26 02:24:30 ----A---- C:\WINDOWS\system32\pngfilt.dll
2008-08-26 02:24:30 ----A---- C:\WINDOWS\system32\occache.dll
2008-08-26 02:24:30 ----A---- C:\WINDOWS\system32\mstime.dll
2008-08-26 02:24:30 ----A---- C:\WINDOWS\system32\msrating.dll
2008-08-26 02:24:30 ----A---- C:\WINDOWS\system32\mshtmled.dll
2008-08-26 02:24:30 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2008-08-26 02:24:30 ----A---- C:\WINDOWS\system32\msfeeds.dll
2008-08-26 02:24:30 ----A---- C:\WINDOWS\system32\jsproxy.dll
2008-08-26 02:24:29 ----A---- C:\WINDOWS\system32\iertutil.dll
2008-08-26 02:24:29 ----A---- C:\WINDOWS\system32\iernonce.dll
2008-08-26 02:24:29 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2008-08-26 02:24:28 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2008-08-26 02:24:28 ----A---- C:\WINDOWS\system32\ieaksie.dll
2008-08-26 02:24:28 ----A---- C:\WINDOWS\system32\ieakeng.dll
2008-08-26 02:24:28 ----A---- C:\WINDOWS\system32\icardie.dll
2008-08-26 02:24:28 ----A---- C:\WINDOWS\system32\extmgr.dll
2008-08-26 02:24:28 ----A---- C:\WINDOWS\system32\dxtrans.dll
2008-08-26 02:24:28 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2008-08-26 02:24:28 ----A---- C:\WINDOWS\system32\advpack.dll
2008-08-25 03:38:00 ----A---- C:\WINDOWS\system32\ieudinit.exe
2008-08-25 03:37:59 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2008-08-23 00:54:51 ----A---- C:\WINDOWS\system32\ieakui.dll
2008-08-14 05:09:26 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 04:33:16 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2008-08-08 13:43:59 ----N---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2001-08-10 3252]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-08-08 21361]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-04 12544]
R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2006-11-14 32256]
R2 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2006-11-14 43520]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2006-11-14 37376]
R2 s24trans;WLAN-transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-08-27 12288]
R2 TmFilter;Trend Micro Filter; \??\C:\Program Files\Trend Micro\OfficeScan Client\TmXPFlt.sys []
R2 TmPreFilter;Trend Micro PreFilter; \??\C:\Program Files\Trend Micro\OfficeScan Client\TmPreFlt.sys []
R2 VSApiNt;Trend Micro VSAPI NT; \??\C:\Program Files\Trend Micro\OfficeScan Client\VSApiNt.sys []
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2006-08-17 44544]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys [2005-11-30 936960]
R3 HSXHWAZL;HSXHWAZL; C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys [2005-11-30 192512]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-03-30 5704672]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NETw4x32;Intel(R) Wireless WiFi Link Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-09-25 2236032]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2007-05-10 1222840]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys [2005-11-30 669696]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S1 OMCI;OMCI; \??\C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS []
S3 BVRPMPR5;BVRPMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\drivers\BVRPMPR5.SYS []
S3 Ca2001v;CA2001 WebCam Driver; C:\WINDOWS\System32\Drivers\Ca2001v.sys [2008-02-19 2333568]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-11-05 85969]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-09 11008]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS []
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2005-10-11 237568]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-10-08 794624]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 ntrtscan;OfficeScanNT RealTime Scan; C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe [2005-03-15 487424]
R2 OfcPfwSvc;OfficeScanNT Personal Firewall; C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe [2005-03-15 229456]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-10-08 483328]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-10-08 1183744]
R2 tmlisten;OfficeScanNT Listener; C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe [2005-03-15 589912]
R2 WLANKEEPER;Intel(R) PROSet/Wireless SSO Service; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2007-10-08 356352]
R3 usnjsvc;Læsetjeneste til USN-poster for delemapper i Messenger; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S2 gupdate1c90f6fc09e4b2;Google Update Service (gupdate1c90f6fc09e4b2); C:\Program Files\Google\Update\GoogleUpdate.exe [2008-09-05 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-14 32768]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-09 138168]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-08-03 38912]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------
Attached Files
File Type: txt Gmer.txt (40.1 KB, 0 views)
File Type: txt info.txt (10.1 KB, 0 views)
2sectomeltdown is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Sponsored Links
Old 12-07-2008, 02:18 PM   #2 (permalink)
Analyst, Security Team
 
Billy O'Neal's Avatar
 
Join Date: Aug 2008
Location: Northfield, Ohio, United States
Posts: 1,643
OS: XPSP3, Vista Ultimate SP1, Ubuntu Server


Re: Error messages involving svchost
Hello, 2sectomeltdown
Welcome to TSF

My name is Billy O'Neal and I will be helping you. (Billy or Bill is fine, if you like.)
Please give me some time to look over your computer's log(s).
Please take note of the following:
  • In the meantime, please refrain from making any changes to your computer.
  • Also, even if things appear to be running better, there is no guarantee that everything is finished. Please continue to check this forum post in order to ensure we get your system completely clean. We do not want to clean you part-way up, only to have the system re-infect itself. :)
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.
  • Finally, please reply using the button in the lower left hand corner of your screen.
  • Old topics are closed after 3 days with no reply, and working topics are closed after 5 days. If for any reason you cannot complete instructions within that time, that's fine, just put a post here so that I know you're still here. We get a lot of people who simply leave, and if there is no contact for that amount of time I will have to assume you have "vanished" .
We need to run a Scan with DDS
  1. Please download DDS, and save it to your desktop, from one of the following mirrors:
  2. Disable any type of "Script Blockers" or "Script Protection" installed on your system.
  3. Double click on your desktop.
  4. If prompted by any script blocking tools, please allow any actions taken by DDS.
  5. When prompted to preform an Optional Scan, please select
  6. Two reports will open. Please reply with the generated reports:
    • DDS.txt <-- Copy and paste into your next post
    • Attach.txt <-- Attach to your next post

We need to scan for rootkits with GMER
  1. Please download gmer.zip and save to your desktop.
  2. Unzip/extract the file to its own folder. (Click here for information on how to do this if not sure. Win 2000 users click here.)
  3. When you have done this, disconnect from the Internet and close all running programs.
    Note: There is a small chance this application may crash your computer so save any work you have open.
  4. Double-click on Gmer.exe to start the program.
  5. Allow the gmer.sys driver to load if asked.
  6. If it gives you a warning at program start about rootkit activity and asks if you want to run a scan...click NO.
  7. Click on "Settings", then check the first five settings:
    • System Protection and Tracing
    • Processes
    • Save created processes to the log
    • Drivers
    • Save loaded drivers to the log
  8. You will be prompted to restart your computer. Please do so.
  9. Run Gmer again and click on the Rootkit tab.
  10. Look at the right hand side (under Files) and uncheck all drives with the exception of your C drive.
  11. Make sure all other boxes on the right of the screen are checked, EXCEPT for "Show All".
    Important! Please do not select the "Show all" checkbox during the scan.
  12. Click on the "Scan" and wait for the scan to finish.
    • Note: Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan.
  13. When completed, click on the Copy button and right-click on your Desktop, choose "New" > Text document. Once the file is created, open it and right-click again and choose Paste or Ctrl+V. Save the file as gmer.txt and copy the information in your next reply.
  14. Note: If you have any problems, try running GMER in Safe Mode

In your next reply, please include the following:
  • DDS.txt
  • Attach.txt
  • GMER's Log


Billy3
__________________
If I fail to reply for more than 24 hours, please feel free to send me a PM. Don't want you to be overlooked

Not problems like "What is beauty".. 'cause that would fall under the purview of your conundrums of philosophy.....
Billy O'Neal is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 12-07-2008, 04:15 PM   #3 (permalink)
Registered User
 
Join Date: Nov 2008
Posts: 2
OS: xp


Re: Error messages involving svchost
Hi Billy

I appreciate your help but I have solved the problem in the mean while.

Best regards
2sectomeltdown is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
 

« Previous Thread | Next Thread »

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -7. The time now is 12:53 AM.

Contact Us - Tech Support Forum - Archive - Privacy Statement - Top


Copyright 2001 - 2009, Tech Support Forum
Home Tips Plus | Outdoor Basecamp | Automotive Support Forum

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84