Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Problem mit GVU/Bundespolizei- Trojaner

Problem mit GVU/Bundespolizei- Trojaner


Plagegeister aller Art und deren Bekämpfung: Problem mit GVU/Bundespolizei- Trojaner

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 2 von 2 1 2
Alt 09.07.2012, 20:41   #16
Brucess
 
Problem mit GVU/Bundespolizei- Trojaner - Standard

Problem mit GVU/Bundespolizei- Trojaner


Ich hab wieder das selbe problem, in nur etwas anderer Erscheinung.

Ich wüsste echt gerne wie ich das verhinders könnte.

Anbei den Log von otple

Code:
ATTFilter
OTL logfile created on: 7/9/2012 11:36:42 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Windows 7 Professional Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 200.20 Gb Total Space | 94.09 Gb Free Space | 47.00% Space Free | Partition Type: NTFS
Drive D: | 87.89 Gb Total Space | 87.80 Gb Free Space | 99.90% Space Free | Partition Type: NTFS
Drive E: | 1.88 Gb Total Space | 1.60 Gb Free Space | 85.00% Space Free | Partition Type: FAT
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012/07/07 09:53:10 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/05/15 06:26:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/05/08 16:06:06 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/05/08 16:06:06 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/02/20 17:22:32 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2009/12/23 17:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009/08/11 11:09:52 | 000,582,944 | ---- | M] (Broadcom Corporation.) [Auto] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009/07/13 21:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/05/03 09:05:04 | 000,031,248 | ---- | M] (Syntek America Inc.) [Auto] -- C:\Windows\System32\StkCSrv.exe -- (StkSSrv)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - File not found [Kernel | On_Demand] --  -- (catchme)
DRV - [2012/05/15 06:26:00 | 011,354,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012/05/08 16:06:06 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/05/08 16:06:06 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012/04/18 13:08:04 | 000,148,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2011/11/08 07:12:17 | 000,436,792 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2011/10/11 10:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011/01/25 06:17:30 | 000,489,464 | ---- | M] (ITETech                  ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AF15BDA.sys -- (AF15BDA)
DRV - [2010/11/20 17:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 17:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 17:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010/11/20 17:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 17:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 17:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 17:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010/11/20 17:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 17:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/06/17 10:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/01/13 11:36:40 | 006,755,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32) Intel(R)
DRV - [2009/07/13 18:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/07/13 18:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R)
DRV - [2009/07/03 05:29:10 | 001,436,560 | ---- | M] (Syntek) [Kernel | On_Demand] -- C:\Windows\System32\drivers\StkCMini.sys -- (StkCMini)
DRV - [2009/03/02 09:12:10 | 000,038,400 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto] -- C:\Windows\System32\drivers\DGIVECP.SYS -- (DgiVecp)
DRV - [2009/03/02 09:12:10 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\Simson_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\Simson_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BA C1 83 7A 32 56 CD 01  [binary data]
IE - HKU\Simson_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\Simson_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\Simson_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks=127.0.0.1:29873
 
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\System32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE:  File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/01/10 10:03:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/29 13:09:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/06/29 13:09:37 | 000,000,000 | ---D | M]
 
[2011/11/29 09:06:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/11/21 00:21:43 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/11/20 21:17:49 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/11/20 21:09:48 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/20 21:17:49 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011/11/20 21:17:49 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/11/20 21:17:49 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/11/20 21:17:49 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012/07/04 16:58:08 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKU\Simson_ON_C..\Run: [|D5FE5EEA-9C34-1C10-1AC4-2BB4C94BE63C}] C:\Users\Simson\AppData\Roaming\Ahzei\nefu.exe (Shuttle Inc.)
O4 - HKU\UpdatusUser_ON_C..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: Error locating startup folders.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\Simson_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/07/09 15:00:26 | 000,000,000 | ---D | C] -- C:\Users\Simson\AppData\Roaming\Ahzei
[2012/07/09 15:00:26 | 000,000,000 | ---D | C] -- C:\Users\Simson\AppData\Roaming\Agof
[2012/07/06 19:08:11 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2012/07/04 17:00:18 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/07/04 17:00:16 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/07/04 16:58:05 | 000,000,000 | ---D | C] -- C:\Users\Simson\AppData\Local\temp
[2012/07/04 16:51:53 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/07/04 16:51:53 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/07/04 16:51:53 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/07/04 16:51:45 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/07/04 16:51:30 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/07/04 16:49:26 | 004,571,247 | R--- | C] (Swearware) -- C:\Users\Simson\Desktop\ComboFix.exe
[2012/07/04 04:51:14 | 000,000,000 | ---D | C] -- C:\Users\Simson\AppData\Roaming\Malwarebytes
[2012/07/04 04:51:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/04 04:51:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/07/04 04:51:04 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/07/04 04:51:04 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/07/04 04:50:33 | 010,063,000 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Simson\Desktop\mbam-setup-1.61.0.1400.exe
[2012/07/04 01:14:58 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2012/07/04 01:14:54 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/06/29 13:09:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/06/29 13:09:18 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012/06/29 13:07:35 | 039,483,256 | ---- | C] (Apple Inc.) -- C:\Users\Simson\Desktop\QuickTimeInstaller.exe
[2012/06/23 05:51:11 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012/06/23 05:51:11 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012/06/23 05:51:02 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012/06/23 05:51:02 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012/06/23 05:51:02 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012/06/23 05:50:47 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012/06/23 05:50:47 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012/06/21 08:00:51 | 000,000,000 | ---D | C] -- C:\Users\Simson\Desktop\tl
[2012/06/14 10:43:10 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/06/14 10:43:09 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/06/14 10:43:09 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/06/14 10:43:09 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/06/14 10:43:08 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/06/14 10:43:08 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2012/06/14 10:43:08 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/06/14 10:43:07 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/06/14 08:53:52 | 002,343,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/06/14 08:53:52 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2012/06/14 08:53:52 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012/06/14 08:53:52 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2012/06/11 05:23:24 | 000,000,000 | ---D | C] -- C:\Users\Simson\Documents\Battlefield 2 Demo
[2012/06/11 05:10:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
[2011/11/05 11:39:05 | 000,121,344 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll
[1 C:\Users\Simson\Desktop\*.tmp files -> C:\Users\Simson\Desktop\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/07/09 15:01:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/09 15:01:36 | 2411,679,744 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/09 14:53:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/09 14:44:24 | 000,647,376 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/07/09 14:44:24 | 000,610,094 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/07/09 14:44:24 | 000,127,404 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/07/09 14:44:24 | 000,104,412 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/07/09 12:39:15 | 000,022,032 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/09 12:39:15 | 000,022,032 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/08 12:26:03 | 000,280,755 | ---- | M] () -- C:\Users\Simson\Documents\(ebook_-_PDF)_xxx.pdf
[2012/07/07 09:53:06 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/07/07 09:53:06 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/07/05 15:12:37 | 412,720,736 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/07/04 16:58:08 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/07/04 16:49:37 | 004,571,247 | R--- | M] (Swearware) -- C:\Users\Simson\Desktop\ComboFix.exe
[2012/07/04 04:51:05 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/04 04:50:33 | 010,063,000 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Simson\Desktop\mbam-setup-1.61.0.1400.exe
[2012/06/29 16:29:04 | 004,503,728 | ---- | M] () -- C:\ProgramData\l_u0_0.pad
[2012/06/29 13:09:27 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/06/29 13:07:45 | 039,483,256 | ---- | M] (Apple Inc.) -- C:\Users\Simson\Desktop\QuickTimeInstaller.exe
[2012/06/28 10:50:46 | 000,064,193 | ---- | M] () -- C:\Users\Simson\Desktop\Urlaubsantrag_einzeln.pdf
[2012/06/27 16:41:50 | 000,663,951 | ---- | M] () -- C:\Users\Simson\Desktop\Glaube und NW - Polkinghorne.pdf
[2012/06/20 05:03:42 | 000,020,500 | ---- | M] () -- C:\Users\Simson\Desktop\Leichtathletikmeldebogen_Lehramt__Bachelor_06.pdf
[2012/06/14 12:41:47 | 000,342,888 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/06/11 05:10:36 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
[1 C:\Users\Simson\Desktop\*.tmp files -> C:\Users\Simson\Desktop\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/07/08 12:26:03 | 000,280,755 | ---- | C] () -- C:\Users\Simson\Documents\(ebook_-_PDF)xxx.pdf
[2012/07/07 02:32:04 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/04 16:51:53 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/07/04 16:51:53 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/07/04 16:51:53 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/07/04 16:51:53 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/07/04 16:51:53 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/06/29 16:05:02 | 004,503,728 | ---- | C] () -- C:\ProgramData\l_u0_0.pad
[2012/06/28 10:50:46 | 000,064,193 | ---- | C] () -- C:\Users\Simson\Desktop\Urlaubsantrag_einzeln.pdf
[2012/06/27 16:41:50 | 000,663,951 | ---- | C] () -- C:\Users\Simson\Desktop\Glaube und NW - Polkinghorne.pdf
[2012/06/20 05:03:42 | 000,020,500 | ---- | C] () -- C:\Users\Simson\Desktop\Leichtathletikmeldebogen_Lehramt__Bachelor_06.pdf
[2012/05/15 16:02:24 | 000,000,032 | ---- | C] () -- C:\Users\Simson\AppData\Roaming\blckdom.res
[2012/04/01 14:32:32 | 000,088,592 | ---- | C] () -- C:\Windows\StkUnist.exe
[2012/04/01 14:32:31 | 000,197,648 | ---- | C] () -- C:\Windows\System32\drivers\StkCSF.sys
[2011/12/13 10:00:39 | 000,069,632 | ---- | C] () -- C:\Windows\RAUNINST.EXE
[2011/12/13 07:41:28 | 000,006,144 | ---- | C] () -- C:\Users\Simson\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/05 12:38:09 | 000,471,040 | ---- | C] () -- C:\Windows\ssndii.exe
[2011/11/05 12:08:26 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2011/11/05 11:39:07 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011/11/05 11:39:06 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011/11/05 11:39:05 | 002,600,448 | ---- | C] () -- C:\Windows\System32\x264vfw.dll
[2011/11/05 11:39:05 | 000,810,496 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/11/05 11:39:05 | 000,183,808 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/11/05 11:39:04 | 000,080,896 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011/04/11 21:30:05 | 000,647,376 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2011/04/11 21:30:05 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2011/04/11 21:30:05 | 000,127,404 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2011/04/11 21:30:05 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2010/11/20 17:29:26 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2010/11/20 17:29:24 | 000,252,928 | ---- | C] () -- C:\Windows\System32\DShowRdpFilter.dll
[2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 00:33:53 | 000,342,888 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,610,094 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,104,412 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2002/01/02 20:09:18 | 000,000,356 | ---- | C] () -- C:\Windows\System32\AF15IrTbl.bin
 
========== LOP Check ==========
 
[2012/05/15 16:02:28 | 000,000,000 | ---D | M] -- C:\Users\Simson\AppData\Roaming\08036
[2012/05/18 14:21:17 | 000,000,000 | ---D | M] -- C:\Users\Simson\AppData\Roaming\08037
[2012/05/21 05:28:48 | 000,000,000 | ---D | M] -- C:\Users\Simson\AppData\Roaming\08038
[2012/05/24 06:32:33 | 000,000,000 | ---D | M] -- C:\Users\Simson\AppData\Roaming\08039
[2012/05/25 04:17:17 | 000,000,000 | ---D | M] -- C:\Users\Simson\AppData\Roaming\08040
[2012/07/09 15:02:59 | 000,000,000 | ---D | M] -- C:\Users\Simson\AppData\Roaming\Agof
[2012/07/09 15:00:26 | 000,000,000 | ---D | M] -- C:\Users\Simson\AppData\Roaming\Ahzei
[2012/01/30 13:26:08 | 000,000,000 | ---D | M] -- C:\Users\Simson\AppData\Roaming\Ashampoo
[2011/12/16 11:30:20 | 000,000,000 | ---D | M] -- C:\Users\Simson\AppData\Roaming\Canneverbe Limited
[2011/12/05 07:48:11 | 000,000,000 | ---D | M] -- C:\Users\Simson\AppData\Roaming\CLeVer
[2012/05/15 16:02:17 | 000,000,000 | ---D | M] -- C:\Users\Simson\AppData\Roaming\kock
[2011/11/28 09:38:56 | 000,000,000 | ---D | M] -- C:\Users\Simson\AppData\Roaming\MediaMonkey
[2011/11/05 11:30:28 | 000,000,000 | ---D | M] -- C:\Users\Simson\AppData\Roaming\Opera
[2012/02/06 07:47:08 | 000,000,000 | ---D | M] -- C:\Users\Simson\AppData\Roaming\TerraTec
[2012/05/15 18:12:36 | 000,000,000 | ---D | M] -- C:\Users\Simson\AppData\Roaming\UAs
[2011/11/28 09:26:00 | 000,000,000 | ---D | M] -- C:\Users\Simson\AppData\Roaming\WindSolutions
[2012/05/15 18:13:28 | 000,000,000 | ---D | M] -- C:\Users\Simson\AppData\Roaming\xmldm
[2011/11/04 12:21:02 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2011/12/23 20:22:26 | 000,000,000 | ---D | M] -- C:\ProgramData\ashampoo
[2011/12/16 11:30:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Canneverbe Limited
[2011/11/06 07:10:48 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonBJ
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2011/11/04 12:21:02 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2011/11/04 12:21:02 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2011/11/28 09:31:50 | 000,000,000 | ---D | M] -- C:\ProgramData\MediaMonkey
[2011/11/05 12:21:21 | 000,000,000 | ---D | M] -- C:\ProgramData\SAMSUNG
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2011/11/04 12:21:02 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2012/02/06 07:48:12 | 000,000,000 | ---D | M] -- C:\ProgramData\TerraTec
[2011/11/04 12:21:02 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2011/11/28 09:25:58 | 000,000,000 | ---D | M] -- C:\ProgramData\WindSolutions
[2011/11/28 08:54:39 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/05/31 11:06:37 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
< End of report >
Geändert von Brucess (09.07.2012 um 21:03 Uhr)

Alt 10.07.2012, 10:49   #17
markusg
/// Malware-holic
 
Problem mit GVU/Bundespolizei- Trojaner - Standard

Problem mit GVU/Bundespolizei- Trojaner


wie gesagt, du nutzt auf dem pc keygens, deswegen nur hilfe beim formatieren und neu instalieren und absichern des pcs
sichere über die otl cd daten, dann erkläre ich dir wie man formatiert und das system absichert
__________________

__________________
Alt 10.07.2012, 21:13   #18
Brucess
 
Problem mit GVU/Bundespolizei- Trojaner - Standard

Problem mit GVU/Bundespolizei- Trojaner


Danke das du mir doch noch helfen möchtest(PN).



(Den Keygen hab Ich nicht mehr und hatte ihn auch nicht genutzt)
__________________
Alt 11.07.2012, 23:14   #19
markusg
/// Malware-holic
 
Problem mit GVU/Bundespolizei- Trojaner - Standard

Problem mit GVU/Bundespolizei- Trojaner


das hast du missverstanden, helfen werde ich dir beim formatieren bzw daten sichern
der pc muss neu aufgesetzt und dann abgesichert werden
1. Datenrettung:2. Formatieren, Windows neu instalieren:3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html
ich werde außerdem noch weitere punkte dazu posten.
4. alle Passwörter ändern!
5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen.
6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort
Seite 2 von 2 1 2

Themen zu Problem mit GVU/Bundespolizei- Trojaner
anleitung, bestimmte, einiger, formatiere, formatieren, forum, kaspersky, kommandozeile, laptop, meldungen, problem, rescue, scan, schonmal, schwarz, suche, troja, trojan.win32.swisyn.cfgg, trojane, trojaner, trojanern, virenscan, windows 7


« Verschlüsselungstrojaner 256 bit AES | Weiteres Opfer wie "Computer versendet Emails an gesamtes Adressbuch" »


Ähnliche Themen: Problem mit GVU/Bundespolizei- Trojaner


  1. Trojaner-Warnung/PC-Problem: Liegt es an der Hardware oder an einem Trojaner-Problem?
    Plagegeister aller Art und deren Bekämpfung - 17.03.2015 (7)
  2. Problem mit Bundespolizei Trojaner im Firefox
    Plagegeister aller Art und deren Bekämpfung - 07.11.2013 (1)
  3. 14.08. GVU Bundespolizei Trojaner
    Plagegeister aller Art und deren Bekämpfung - 27.09.2012 (4)
  4. Trojaner Bundespolizei
    Log-Analyse und Auswertung - 26.09.2012 (4)
  5. Bundespolizei Trojaner Problem nach Entfernung
    Plagegeister aller Art und deren Bekämpfung - 14.08.2012 (2)
  6. Laie mit großem Problem - "Bundespolizei - Ihr PC wurde gesperrt"
    Log-Analyse und Auswertung - 30.07.2012 (2)
  7. Trojaner Bundespolizei
    Log-Analyse und Auswertung - 16.06.2012 (1)
  8. Bundespolizei Trojaner Win 7 64 Bit
    Plagegeister aller Art und deren Bekämpfung - 30.04.2012 (3)
  9. Bundespolizei Trojaner
    Plagegeister aller Art und deren Bekämpfung - 11.04.2012 (23)
  10. Bundespolizei Trojaner
    Log-Analyse und Auswertung - 08.11.2011 (1)
  11. Bundespolizei Trojaner
    Log-Analyse und Auswertung - 07.11.2011 (5)
  12. Selbes Problem mit Bundespolizei Virus... (aber threads gelesen)
    Plagegeister aller Art und deren Bekämpfung - 08.09.2011 (3)
  13. Bundespolizei/Ucash-Problem
    Log-Analyse und Auswertung - 31.08.2011 (1)
  14. Problem mit Bundespolizei-Scareware!!!
    Log-Analyse und Auswertung - 20.07.2011 (13)
  15. Problem nach Youtube besuch Warnung bundespolizei system wurde gesperrt
    Log-Analyse und Auswertung - 17.07.2011 (1)
  16. gleiches Problem wie http://www.trojaner-board.de/99057-das-system-hat-ein-problem-mit-einem-oder-me
    Plagegeister aller Art und deren Bekämpfung - 26.05.2011 (1)
  17. Bundespolizei Trojaner
    Plagegeister aller Art und deren Bekämpfung - 30.04.2011 (7)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Problem mit GVU/Bundespolizei- Trojaner - Ich hab wieder das selbe problem, in nur etwas anderer Erscheinung. Ich wüsste echt gerne wie ich das verhinders könnte. Anbei den Log von otple Code: Alles auswählen Aufklappen ATTFilter - Problem mit GVU/Bundespolizei- Trojaner...
Archiv
Du betrachtest: Problem mit GVU/Bundespolizei- Trojaner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131